FB pixel

GAO finds fed agencies ignorant about basic police biometric programs

GAO finds fed agencies ignorant about basic police biometric programs
 

It is hard not to picture a genie that has escaped its lamp after reading a new government accountability report about the use of facial recognition systems by U.S. federal agencies.

The Governmental Accountability Office has found lax oversight by the leaders of some federal agencies using biometrics for law enforcement. Managers of that subset generally do not track some basic information like which systems are being used by their employees, according to a new GAO report.

The GAO is a non-partisan watchdog agency set up by Congress to monitor the executive branch of the U.S. government.

In this case, investigators sent surveys about the use of facial recognition applications to 42 federal agencies that have law enforcement officers.

They wanted to know which agencies used the systems and, of those that did make use of them, which owned their tools, and which used tools created by non-federal organizations including states and private companies. Last, GAO investigators wanted to know what activities facial recognition systems supported.

(Agencies had the ability to withhold any information that managers felt was too sensitive for public consumption.)

The GAO has recommended agencies that it deemed soft on monitoring the technology’s use make supervision a priority. They also should assess the risks of using someone else’s face biometric technology.

Twenty of the 42 agencies said they either own the technology they deploy or use technology owned by entities other than the federal government.

Some the 20 would surprise few: the Bureau of Alcohol, Tobacco, Firearms and Explosives; the FBI and the Secret Service. Others would not be so obvious: the U.S. Fish and Wildlife Service; the U.S. Park Police and NASA.

Among the roles supported by face biometrics were criminal investigations, surveillance and remote ID verification in response to COVID restrictions, according to Gretta Goodwin, a member of the GAO’s Homeland Security and Justice team.

Fourteen agencies said they have searched pictures as part of criminal investigations. Six of the 14 said they used facial recognition on images taken of “unrest, riots, or protests” after the May 2020 death of George Floyd.

Three said they used the tool to identify people involved what appears to be criminal acts during the January 6 insurrection. Goodwin said it is possible that more federal agencies might be involved in analyzing images from that event, too.

Those three known participants were the Capitol Police, Customs and Border Protection and the Bureau of Diplomatic Security, which is part of the State Department.

All of the 14 said that staff use facial biometric systems owned by entities other than the federal government, according to Goodwin, who spoke on the GAO’s Watchdog Report podcast.

But only one of those agencies knew what those systems were.

“When we asked one of the agencies about its use of non-federal systems,” said Goodwin, “officials told us that they had to poll their employees because the information was not maintained by the agency.”

Among other things, managers of the other 13 do not necessarily have adequate risk-management practices because they may not know how secure, accurate or private the systems are. That could mean that federal policies on those critical data points are not being followed.

There also is the possibility, especially with non-federal systems, that government officials themselves are not following privacy policies or laws, she said. It would be more difficult to monitor and audit actions taken on systems owned by other entities.

Ignorance and opaqueness cannot build public trust, and could lead to growing resistance to facial recognition tools.

The National Institute of Standards and Technology is moving in the opposite direction, broadly opening discussions on how to increase trust.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

EU watchdog rules airport biometrics must be passenger-controlled to comply with GDPR

The use of facial recognition to streamline air passenger’s travel journeys only complies with Europe’s data protection regulations in certain…

 

NZ’s biometric code of practice could worsen privacy: Business group

New Zealand is working on creating a biometrics Code of Practice as the country introduces more facial recognition applications. A…

 

Demonstrating value, integrated payments among key digital ID building blocks

Estonia has achieved an enviable level of user-centricity with its national digital identity system through careful legislation and fostering collaboration…

 

Strata Identity launches uninterrupted identity services product

There are a few things that can be more annoying than your office computer logging you out of applications because…

 

Digital identities shaking up identity verification industry: Regula

The arrival of digital identities is shaking up how companies operate and verify identities. Regula has published a survey with…

 

Digital ID for air travel is DPI that could lift Africa’s economy, HID argues

As the African continent experiences economic growth and increasing global integration, the potential for enhancing air travel through improved digital…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events