HRW calls for public biometric surveillance system changes in Russia and Argentina
Expansions of facial recognition systems are continuing around the globe, but some governments may not be following best practices and ethical implementation guidelines, such as are expressed in Biometrics Institute’s recently-announced Three Laws of Biometrics. Human Rights Watch is calling out the opacity of Russian law enforcement’s use of facial recognition, and the inclusion of children in an Argentinian database, while a city in India is doubling an already-extensive CCTV network. The Institute’s first law is that policy must be proportionate and include human rights, ethics and privacy considerations. The second requires accountability, and the third is that limitations, vulnerabilities and risks must be addressed.
The expansion of facial biometrics on public surveillance systems in Moscow and to other cities in Russia is being challenged at the European Court of Human Rights, according to Human Rights Watch (HRW).
The court has already ruled that the legal framework for Russia’s surveillance system “does not provide for adequate and effective guarantees against arbitrariness and the risk of abuse.”
The challenge is being mounted by Russian human rights lawyers’ network Agora, who say there is no judicial or public oversight of Russia’s surveillance systems, including facial recognition. While Russia has rules to protect the use of personal data by private companies, law enforcement agencies are largely exempt. Law enforcement procedures for biometrics processing are “faulty and not open to public scrutiny,” HRW writes, thus avoiding the Biometrics Institute’s second law.
“The authorities’ intention to expand the use of invasive technology across the country causes serious concern over the potential threat to privacy,” said Hugh Williamson, Europe and Central Asia director at Human Rights Watch. “Russia’s track record of rights violations means that the authorities should be prepared to answer tough questions to prove they are not are undermining people’s rights by pretending to protect public safety.”
Further, HRW says there is a pattern of data breaches related to the integration of facial recognition software in Moscow, and a lack of public scrutiny and accountability around the systems. The organization reviews past incidents of data leaks, and a criminal case recently opened against two law enforcement officials for allegedly selling facial recognition data. HRW also notes the recent dismissal of a suit challenging the use of face biometrics in the arrest of a protestor, on grounds that Moscow’s IT Department is exempt from laws relating to biometric data, and the data is not personal data anyway.
Williamson suggests that instead of expanding the system, Russia should suspend the use of facial recognition across the country.
The biometric technology for the CCTV system in Moscow is provided by NtechLab, the CEO of which pointed out to Biometric Update in a late-2019 interview that the debate around facial recognition is “overheated,” as smartphones provide authorities with much more personal information with less oversight than video feeds.
Letter to Argentina Mayor
NtechLab also provides its facial recognition to Buenos Aires for its public surveillance system, through local partner Danaide S.A. HRW writes in a letter to Buenos Aires Mayor Horacio Rodríguez Larreta that the images of children in some subway stations in the city are being used in ways that violate human rights.
Argentina’s Justice and Human Rights Ministry maintains the CONARC (Consulta Nacional de Rebeldías y Capturas) biometric database, which includes images of children, but the use of facial recognition on children has a relatively high risk of false matches, HRW writes.
At least 166 were included in the system between May of 2017 and May of 2020, many for theft.
The CONARC database contains obvious errors and inconsistencies, however, HRW alleges. The UN Special Rapporteur on the right to privacy warned last year that CONARC was violating children’s rights. Buenos Aires’s Ministry of Justice and Security, however, contends that the system does not include the records of any minors.
HRW refers to research by the U.S. National Institute of Standards and Technology (NIST), which shows algorithms from NtechLab, like most if not all facial recognition technologies, has higher error rates for children than adults. The government of Buenos Aires did not request any tests or checks by Danaide S.A. to mitigate the system’s effect on children, as the Biometrics Institute’s third law appears to demand.
These error rates are likely to increase, HRW says, in public deployments as compared to NIST lab testing.
The organization wants Buenos Aires to stop using its facial recognition system for fugitives, and the Ministry of Justice and Human Rights to remove all individuals under the age of 18 from the publicly available version of the CONARC database.
Hyderabad plans to add 500K cameras
The government surveillance camera system in Hyderabad, India is set to double in cameras to roughly one million, reports Coda.
Authorities say the system will cover most of the city, including malls, parks and public hospitals.
Coda quoted local rights activists concerned about the privacy impact of the system’s expansion. One of them claimed the biggest problem is the lack of legislation around surveillance systems, suggesting “There is virtually no oversight or procedure on the police accessing or using CCTV footage.” Those concerns are only exacerbated by the planned launch of a national law enforcement biometric facial recognition system.
The local government took down signs warning people that “Big Boss is watching you” last year following a public outcry.