Recently-released documents show that the FBI has been working since late 2011 with four states—Michigan, Hawaii, Maryland, and possibly Oregon—to ramp up the Next Generation Identification (NGI) Facial Recognition Program. When the program is fully deployed in 2014, the FBI expects its facial recognition database will contain at least 12 million “searchable frontal photos.” (p. 6)
The documents, which the National Day Laborer Organizing Network (NDLON) obtained from a recent meeting of the FBI’s Criminal Justice Information Services (CJIS) Advisory Policy Board,1 shed new light on the FBI’s plans for NGI—the Bureau’s massive biometrics database that combines fingerprints, iris scans, palm prints, facial recognition and extensive biographical data collected from over 100 million Americans.
The Advisory Board documents show that FBI’s database of facial images will provide search results automatically (the system won’t need to rely on a human to check the results before forwarding them to the state or local agency) and that the FBI is developing “Universal Face Workstation software” to allow states that don’t have their own “Face/Photo search capabilities” to search through the FBI’s images.
After we read through the Advisory Board documents, we quickly sent Open Records requests to several of the states involved in the pilot program.
The documents we received from Maryland and Hawaii further flesh out the story. For example, the Memorandum of Understanding (MOU) between Hawaii and the FBI shows that the government is building NGI to “permit photo submissions independent of arrests.”
This is a problem because, the FBI has stated it wants to use its facial recognition system to “identify subjects in public datasets” and “conduct automated surveillance at lookout locations” (p.5).
This suggests the FBI wants to be able to search and identify people in photos of crowds and in pictures posted on social media sites—even if the people in those photos haven’t been arrested for or even suspected of a crime. The FBI may also want to incorporate those crowd or social media photos into its face recognition database.
And an MOU between Maryland and the FBI will allow Maryland to submit photos in bulk to the database—something that Maryland described in an email as a “photo data dump.” This kind of an agreement could be used in the future to incorporate the same kind of facial identifying information already collected by 32 of 50 state DMVs solely to prevent fraud and identity theft.
The Advisory Board documents contain other concerning information. For example, one document discusses the FBI’s plans to combine civil and criminal biometrics records by giving them a single searchable “master name” or unique identifying number. As we’ve noted, criminal and civil records have always been kept separate in the past. While this may be a function of the differences in how each type of print is collected and stored, it has effectively meant that civil prints—collected for employment verification, for background checks, for federal jobs, and even to become a lawyer in California—have not been automatically searched every time criminal prints are checked against the database. That will all change once FBI implements its unique identity system. Although FBI states that “the criminal and civil files will remain logically separated…[to] ensure that retained civil submissions remain untainted by criminal submissions” it’s hard to see how this is functionally true, given that civil files will be searched at the same time as criminal files.
Another document discusses the federal government’s extensive biometrics sharing relationships with other countries. It notes that the FBI’s Global Initiatives Unit has already collected over 990,000 records from foreign partners, with over 600,000 of those coming from Afghanistan. The FBI already has information sharing relationships with 77 countries, (p.2), but CJIS is now trying to partner with “Visa Waiver Program countries” like Ireland, Spain and Australia to allow automatic access to each other’s biometric databases on a “hit/no hit basis.” This kind of access has already been set up to connect the German and US biometric databases.2
And finally, as NDLON has discussed in greater detail, the documents show just how far the FBI and DHS partnership has progressed to maximize datasharing as part of the Secure Communities program. For example, NDLON notes that FBI has mobile devices that permit searches of the entire IDENT database in the field. These mobile devices may subject individuals to immigration background checks without ever being arrested or booked.
The FBI has not updated the Privacy Impact Assessment (PIA) for its photo database since 2008—well before signing MOUs with the states to share face recognition data and before the development and deployment of NGI’s facial recognition capabilities. As EFF recently testified during a Senate Subcommittee hearing on facial recognition, Americans should be very concerned about the government’s plans to build up its facial recognition capabilities:
Facial recognition takes the risks inherent in other biometrics to a new level…[it] allows for covert, remote, and mass capture and identification of images, and the photos that may end up in a database include not just a person’s face but also what she is wearing, what she might be carrying, and who she is associated with.
Without an updated PIA, it is impossible to tell exactly how the FBI plans to acquire and use facial recognition data now and in the future. However, given the information in these new documents and the FBI’s broad goals for face recognition data, the time is right for laws that limit face recognition data collection.
To see all the documents, go to our landing page for NGI and click on “Documents” in the middle toolbar.
Jennifer Lynch is a staff attorney with the Electronic Frontier Foundation and works on open government, transparency and privacy issues as part of EFF’s FOIA Litigation for Accountable Government (FLAG) Project.