US law enforcement biometrics systems face upgrade opportunity, challenges
Recent policy moves by the Executive Branch of America’s government have opened up an opportunity for biometrics capabilities, some of which are ancient by industry standards, to be finally upgraded, experts said during the ‘Facing the Future: Biometrics for Law Enforcement’ webinar, sponsored by Intel and Red Hat. The discussion, while referring regularly to police biometrics, was often more generally about the adoption of biometrics by government agencies.
Moderated by GovExec Media President Constance Sayers, the panel included RedHat Law Enforcement Solution Advisor Brian Buzzell, GAO Director of Information Technology and Cybersecurity Kevin Walsh, and Marios Savvides, a professor of AI and computer engineering at Carnegie Mellon University and Director of its CyLab Biometrics Center.
They began by discussing the recent Executive Order from the Biden White House, which was seen as a positive step towards addressing some of the challenges faced by government agencies. The policy items may help, but the funding associated with the EO may help more.
Walsh notes some of the government’s oldest systems are related to biometric management, pointing out that DHS’ main biometric system, IDENT, is 27 years old.
IDENT modernization: “They’ve re-baselined it multiple times, they’ve had two schedule breaches and a cost breach, it’s taken a lot of effort to get that done, and they need it.”
Savvides says that the pandemic highlighted problems with legacy facial recognition technologies in deployment, but that with work on occluded faces predating COVID-19, the many false negative matches caused by masks are not present in cutting-edge face biometric systems. He further suggests that the importance of anti-spoofing has been highlighted by tele-working and associated authentication challenges.
Walsh notes that the America Cares Act also released funds for agency biometrics adoption, making the adoption of biometrics by government agencies more realistic than it has been in the recent past.
Buzzell says many conversations at government about biometrics have started with back end systems, such as data centers. The second step being taken now is wondering how to use biometrics for field use. That involves working out “state and local relationships when it comes to doing investigations (with) biometric information,” and issues of trust and public safety. Agencies still need to figure out what those interactions look like.
Biometrics opportunity abounds
Sayers asked where the projected $100 billion market for biometrics will come from.
Savvides’ first answer is edge processing: “It’s not just biometrics, it’s sort of the whole smart city, smart IoT, smart everything,” he says. “Your home knows who you are, your car knows who you are.”
Edge biometrics remove concerns around cloud data storage, and avoid some of the stigma around the technology which Savvides attributes to Hollywood representations. Law enforcement needs to educate employees and the public around how facial recognition actually used, he says. He explained lead generation with facial recognition, and pointed out that not only does the public need to understand how the practice actually works; so too do police setting up new systems.
If law enforcement biometrics systems always have a human in loop and are not blindly trusted, he believes it would prevent the high-profile mistaken arrests which have invoked fear and inspired opposition.
Walsh then asked: How do we assure proper police use?
Savvides offers no easy answer, but stated his support for clear mandates.
Another opportunity comes from increasing interest in multimodal biometrics, which Buzzell points out will require biometric systems to scale further.
“I think that’s the key; how can you make biometrics effortless,” Savvides says, noting that everyone likes to talk to a computer, but if asked to register their biometrics, many people “freak out,” even though what is actually happening has barely changed at all.
Protecting people’s privacy is a matter of anonymization, encryption, and firewalling data between agencies, Walsh says, while Savvides points out that blurring all faces from a photo or video depends on using an effective face detector.
Buzzell’s advice for gov agencies starting out is to start small and with an open, flexible system.
The panelists discussed the Federal Information Technology Acquisition Reform Act (FITARA) and scorecards, and the fact that many CIOs in government do not report to top officials at their agencies, which has historically made upgrading federal IT systems difficult. This is because federal IT departments were set up for records management, which did not require them to have extensive dialogue with agency leadership.
Walsh cautions those starting out not to “reinvent the wheel,” noting many agencies will be further along, and can help them make decisions at the beginning of the process.
As agencies upgrade, Buzzell warns of the need to manage data as it is pushed to the edge, to manage expectations, and enforce security and compliance policies.
Ultimately, the private sector should help agencies understand what they need to perform their duties, and Savvides identified a role for academia within PPPs, providing innovative technologies to system integrators to adapt for government and law enforcement use.