Oversight

FBI lax on facial recognition privacy, watchdog says

monitor faces 

The FBI has been slow to issue privacy assessments of a facial-recognition system, and did not have a good grasp of how accurate it was before deploying it, according to a new Government Accountability Office report. The report raises fresh concerns about a technology that has been integral to law enforcement investigations.

"The timely publishing of [privacy impact assessments] would provide the public with greater assurance that the FBI is evaluating risks to privacy when implementing systems," the report states.

The report focuses on the Next Generation Identification-Interstate Photo System, a facial recognition service that provides access to a database containing over 30 million photos. The FBI and some state and local law enforcement authorities use NGI-IPS to identify unknown persons.

While the FBI issued a privacy impact assessment for NGI-IPS in 2008, before the system was operational, the bureau failed to update that assessment in a timely manner after the system underwent thorough changes, according to the watchdog.

Further, although NGI-IPS has been in place since 2011, the Justice Department did not publish a records notice detailing the FBI's facial recognition capabilities until last month, according to GAO. The dearth of information kept the public in the dark about the bureau's capabilities.

The report came at the request of Sen. Al Franken (D-Minn.), who expressed concerned at its findings.

The report "reveals that the FBI's use of facial recognition technology is far greater than had previously been understood," Franken said in a statement. "This is especially concerning because the report shows that the FBI hasn't done enough to audit its own use of facial recognition technology…nor has it taken adequate steps to ensure the technology's accuracy."

Though facial recognition technology has become more accurate in the last few years, GAO faults the FBI for doing limited testing before deploying NGI-IPS, and not determining how often the system committed errors.

"FBI officials stated that they do not know, and have not tested, the detection rate for candidate list sizes smaller than 50," the report says. 

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.