Oversight

FBI lax on facial recognition privacy, watchdog says

monitor faces 

The FBI has been slow to issue privacy assessments of a facial-recognition system, and did not have a good grasp of how accurate it was before deploying it, according to a new Government Accountability Office report. The report raises fresh concerns about a technology that has been integral to law enforcement investigations.

"The timely publishing of [privacy impact assessments] would provide the public with greater assurance that the FBI is evaluating risks to privacy when implementing systems," the report states.

The report focuses on the Next Generation Identification-Interstate Photo System, a facial recognition service that provides access to a database containing over 30 million photos. The FBI and some state and local law enforcement authorities use NGI-IPS to identify unknown persons.

While the FBI issued a privacy impact assessment for NGI-IPS in 2008, before the system was operational, the bureau failed to update that assessment in a timely manner after the system underwent thorough changes, according to the watchdog.

Further, although NGI-IPS has been in place since 2011, the Justice Department did not publish a records notice detailing the FBI's facial recognition capabilities until last month, according to GAO. The dearth of information kept the public in the dark about the bureau's capabilities.

The report came at the request of Sen. Al Franken (D-Minn.), who expressed concerned at its findings.

The report "reveals that the FBI's use of facial recognition technology is far greater than had previously been understood," Franken said in a statement. "This is especially concerning because the report shows that the FBI hasn't done enough to audit its own use of facial recognition technology…nor has it taken adequate steps to ensure the technology's accuracy."

Though facial recognition technology has become more accurate in the last few years, GAO faults the FBI for doing limited testing before deploying NGI-IPS, and not determining how often the system committed errors.

"FBI officials stated that they do not know, and have not tested, the detection rate for candidate list sizes smaller than 50," the report says. 

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.