US feds say right words about updating biometrics policy, but might just be talk
The U.S. Homeland Security Department has agreed with four biometrics-related recommendations made by an inspector general. The inspector general’s advice is to centralize and update how DHS uses biometrics and plans for new development.
However, there is a difference between agreeing with the recommendations and implementing them, especially when some of the points made by the IG are not new.
(Another report to DHS, about biometrics privacy shortcomings, was published September 13.)
DHS’ inspector general delivered an audit memo earlier this month critical of the department’s policy and plans office. Strategic, implementation and integration plans and collaborative policy initiatives are lacking. Some guides have been sitting unchanged for eight years.
The four recommendations, though sizeable in scope, are clear enough.
First, the IG told undersecretary for the Strategy, Policy and Plans Office Robert Silvers he should update and finalize DHS’ overarching strategic plan for biometrics.
It is this one that has stood still since 2015. The framework doesn’t “accurately reflect the current state of biometrics across the department.” Although the memo does not put that situation in context, it is unlikely that it reflects the state of biometrics anywhere else, either.
DHS officials has agreed to update its strategic biometrics framework every five years. The IG judged this as being responsive, but said the matter remains open until a five-year plan materializes.
Then, the department’s fill-in undersecretary for management Randolph Alles should do the same for its biometrics road map.
The watchdog agency also wants attention given to how the management office monitors any progress made in meeting biometrics-implementation goals.
Officials with the management office said they will create “component-specific implementation plans” to support the strategic framework, which the IG also called responsive to the recommendation. Likewise, it will remain an open item until proven otherwise.
Third, and perhaps most important of the four for anyone wary of how government biometrics might be used, the IG wants Strategic, Policy and Plans officials to create a DHS-wide policy on the acceptable collection and use of all biometrics.
Here, too, the IG feels DHS is responding to recommendations in pleading to consolidate all relevant policies involving collection and use of biometrics.
Last, the management office should make sure a transition plan is in place for integrating the government’s Entry-Exit biometrics program still being completed. Entry-Exit needs to integrate with the Biometric ID Management Office’s Homeland Advanced Recognition Technology program.
The management office promised to “coordinate efforts to develop” such a plan. The IG gave the response a thumb’s up as well, with the caveat that it has to be more than lip service.