Stringent biometrics laws advance in Maryland, balance between bans and oversight urged
Legislators in Maryland voted to pass a regulatory law which strictly limits the use of genealogy websites in criminal investigations within the state due to privacy violation and data usage concerns.
The bill was approved by the State House with amendments suggested by the Senate with a 136-1 vote, and is expected to be signed into law by the Governor.
The capture of the Golden State Killer, who was identified using information from family tree searches in 2018, influenced police usage of DNA databases, however this has prompted use of personal information for unintended purposes.
The Maryland law, due to come into effect on October 1st 2021, will mean that State police can only search the DNA databases of popular genealogy websites in investigations of serious violent crimes, and only with the permission of a judge, having exhausted their other investigative methods.
Lawmakers should be cautious about total bans over DNA data and facial recognition uses, suggests Baltimore Sun Editorial Board, instead the technology should be regulated by both the federal and local government so that data cannot be used indiscriminately. Law enforcement agencies should be able to use the necessary tools needed to catch criminals, but these methods should not infringe on citizens’ rights. Furthermore, it is important that racial disparities are prevented within the U.S. criminal justice system, especially since the DNA of African-Americans disproportionately fills government databases.
Some lawmakers clearly disagree with the point about biometrics bans.
In Baltimore, City Council voted 13-2 to approve a ban on facial recognition which the Security Industry Association says is the most extreme measure taken by a local jurisdiction on personal and business applications of the technology. The SIA is urging the mayor to reject the bill.
The SIA notes that the two dissenting councillors cited facial recognition applications for fighting fraud in financial transactions and for hotel industry measures for detecting human trafficking as reasons the ban should not be approved.
The Baltimore legislation temporarily bans facial recognition technology at all city departments, except the police department (which is run by the State), pending an audit of how it is used. Some on the committee want to go further with the regulation, citing the reported inaccuracies of facial analysis technology for different ethnicities.
Last week, Senator Jeff Merkley (D-OR) announced a reintroduction of the Facial Recognition and Biometric Technology Moratorium act, to establish a federal moratorium until critical safeguards are put in place to prevent bias. Concerns around biometrics and other sensitive data usage within law enforcement have been continually expressed, especially where cases of improper use have been brought to attention.
Daniel Castro, VP at the Information Technology and Innovation Foundation in Washington DC echoes SIA, saying that more important than enacting bans is enacting oversight, transparency, and accountability in U.S. police departments. Bans like that in King County, Washington, he says, are largely based on studies from several years ago with limited value, and in the case of ACLU tests, with unknown methodology, because despite being asked, the group will not make it public.
In support of a ban is Access Now, which is campaigning to ban biometric mass surveillance “and discriminatory targeted surveillance” with an open letter that has been signed by over 175 civil society organizations, activists and technologists.
The Sun Board suggests that instances be created where these technologies could be used; for example, requiring consent to use personal data only for specified purposes, and only when other methods have been exhausted. Facial recognition’s potential as a police tool is yet to be fully understood, therefore users should proceed with caution, keeping in mind bias issues and oversight.