Aletho News

ΑΛΗΘΩΣ

FBI Sued for Info on Supersnooping Program

By RYAN ABBOTT | Courthouse News | April 10, 2013

WASHINGTON – The FBI refuses to provide information on a massive biometric identification database that can identify noncriminal civilians through iris scans, DNA, and facial and voice recognition, a watchdog claims in court.

The Electronic Privacy Information Center, or EPIC, sued the FBI in Federal Court, claiming that the bureau identified more than 7,000 pages of responsive records, but won’t release them.

EPIC claims the FBI began posting details on its website about its biometric identification system, known as Next Generation Identification (NGI), in 2009.
“When completed, the NGI system will be the largest biometric database in the world,” EPIC says in its complaint. “The vast majority of records contained in the NGI database will be of U.S. citizens.”

EPIC claims the NGI system will be able to identify people through fingerprints, iris scans, DNA profiles, voice identification profiles, palm prints and photographs, and will through facial recognition.

“The NGI database will include photographic images of millions of individuals who are neither criminals nor suspects,” the complaint states.

The Department of Homeland Security has spent “hundreds of millions of dollars” into the system, and wants to integrate it into state and local surveillance systems that may use other surveillance technology, giving the government the capability of real-time matching of live feeds from surveillance cameras, EPIC claims.

There are an estimated 30 million surveillance cameras in the United States, but not all of them will be used for law enforcement purposes, EPIC says in the complaint.

It claims private entities will also have access to the system.

EPIC claims the Orwellian system already is up and running in New York City, where police have been scanning irises of arrestees since 2010 and using a handheld device that “allows officers patrolling the streets to scan irises and faces of individuals and match them against biometric databases.”

At least 11 other states participate in the program: Arizona, Hawaii, Kansas, Maryland, Michigan, Missouri, Nebraska, New Mexico, Ohio, South Carolina and Tennessee, according to the complaint.

EPIC claims it submitted two FOIA request in 2012, seeking records on the FBI’s contracts with private contractors Lockheed Martin, IBM, Accenture, BAE Systems Information Technology, Global Science & Technology, Innovation Management & Technology Services, Platinum Solutions, the National Center for State Courts, and any other entities involved with the program.

The FBI said it found 7,380 pages of potentially responsive records but has failed to disclose a single agency record, the complaint states.
EPIC wants to see the records, and wants its FOIA fees waived.

It is represented by house counsel Ginger McCall. 

Related article

April 11, 2013 Posted by | Civil Liberties, Full Spectrum Dominance | , , , , , | Leave a comment

FBI’s Facial Recognition is Coming to a State Near You

By Jennifer Lynch | EFF | August 2, 2012

Recently-released documents show that the FBI has been working since late 2011 with four states—Michigan, Hawaii, Maryland, and possibly Oregon—to ramp up the Next Generation Identification (NGI) Facial Recognition Program. When the program is fully deployed in 2014, the FBI expects its facial recognition database will contain at least 12 million “searchable frontal photos.” (p. 6)

The documents, which the National Day Laborer Organizing Network (NDLON) obtained from a recent meeting of the FBI’s Criminal Justice Information Services (CJIS) Advisory Policy Board,1  shed new light on the FBI’s plans for NGI—the Bureau’s massive biometrics database that combines fingerprints, iris scans, palm prints, facial recognition and extensive biographical data collected from over 100 million Americans.

The Advisory Board documents show that FBI’s database of facial images will provide search results automatically (the system won’t need to rely on a human to check the results before forwarding them to the state or local agency) and that the FBI is developing “Universal Face Workstation software” to allow states that don’t have their own “Face/Photo search capabilities”  to search through the FBI’s images.

After we read through the Advisory Board documents, we quickly sent Open Records requests to several of the states involved in the pilot program. The documents we received from Maryland and Hawaii further flesh out the story. For example, the Memorandum of Understanding (MOU) between Hawaii and the FBI shows that the government is building NGI to “permit photo submissions independent of arrests.” This is a problem because, the FBI has stated it wants to use its facial recognition system to “identify[] subjects in public datasets” and “conduct[] automated surveillance at lookout locations” (p.5). This suggests the FBI wants to be able to search and identify people in photos of crowds and in pictures posted on social media sites—even if the people in those photos haven’t been arrested for or even suspected of a crime. The FBI may also want to incorporate those crowd or social media photos into its face recognition database.

And an MOU between Maryland and the FBI will allow Maryland to submit photos in bulk to the database — something that Maryland described in an email as a “photo data dump.” This kind of an agreement could be used in the future to incorporate the same kind of facial identifying information already collected by 32 of 50 state DMVs solely to prevent fraud and identity theft.

The Advisory Board documents contain other concerning information. For example, one document discusses the FBI’s plans to combine civil and criminal biometrics records by giving them a single searchable “master name” or unique identifying number. As we’ve noted, criminal and civil records have always been kept separate in the past. While this may be a function of the differences in how each type of print is collected and stored, it has effectively meant that civil prints—collected for employment verification, for background checks, for federal jobs, and even to become a lawyer in California—have not been automatically searched every time criminal prints are checked against the database. That will all change once FBI implements its unique identity system. Although FBI states that “the criminal and civil files will remain logically separated . . . [to] ensure that retained civil submissions remain untainted by criminal submissions” it’s hard to see how this is functionally true, given that civil files will be searched at the same time as criminal files.

Another document discusses the federal government’s extensive biometrics sharing relationships with other countries. It notes that the FBI’s Global Initiatives Unit has already collected over 990,000 records from foreign partners, with over 600,000 of those coming from Afghanistan. The FBI already has information sharing relationships with 77 countries, (p.2), but CJIS is now trying to partner with “Visa Waiver Program countries” like Ireland, Spain and Australia to allow automatic access to each other’s biometric databases on a “hit/no hit basis.” This kind of access has already been set up to connect the German and U.S. biometric databases.2

And finally, as NDLON has discussed in greater detail, the documents show just how far the FBI and DHS partnership has progressed to maximize datasharing as part of the Secure Communities program. For example, NDLON notes that FBI has mobile devices that permit searches of the entire IDENT database in the field. These mobile devices may subject individuals to immigration background checks without ever being arrested or booked.

The FBI has not updated the Privacy Impact Assessment (PIA) for its photo database since 2008—well before signing MOUs with the states to share face recognition data and before the development and deployment of NGI’s facial recognition capabilities. As EFF recently testified during a Senate Subcommittee hearing on facial recognition, Americans should be very concerned about the government’s plans to build up its facial recognition capabilities:

Facial recognition takes the risks inherent in other biometrics to a new level . . . [it] allows for covert, remote, and mass capture and identification of images, and the photos that may end up in a database include not just a person’s face but also what she is wearing, what she might be carrying, and who she is associated with.

Without an updated PIA, it is impossible to tell exactly how the FBI plans to acquire and use facial recognition data now and in the future. However, given the information in these new documents and the FBI’s broad goals for face recognition data, the time is right for laws that limit face recognition data collection.

To see all the documents, go to our landing page for NGI and click on “Documents” in the middle toolbar.

Notes

1. The FBI’s CJIS Division manages the FBI’s biometrics databases, including its legacy fingerprint database (IAFIS) and NGI. CJIS’s Advisory Policy Board is charged with reviewing the “policy, technical, and operational issues related to CJIS Division programs” and makes recommendations to the FBI’s director. The Advisory Board is made up of 34 representatives from state, local, and tribal criminal justice agencies, and includes representatives from national security, and prosecutorial, judicial, and correctional sectors of the criminal justice system. It meets twice a year—generally in open meetings announced in the Federal Register—though it appears the materials from those meetings are generally only distributed to attendees and through an online system “only available to persons duly employed by a law enforcement, criminal justice, or public safety agency/department, and whose position requires secure communication with other agencies.”

2. The documents state the connection won’t be operational until Germany addresses some “remaining internal details.”

Related articles

August 4, 2012 Posted by | Civil Liberties, Full Spectrum Dominance, Timeless or most popular | , , , , , , | 2 Comments