EPIC v. CBP (Biometric Entry/Exit Program)
- EPIC Urges NIST to Adopt Privacy-Protective Standards for Federal ID Cards: In comments responding to the National Institute of Standards and Technology's draft Federal Information Processing Standards for personal identity verification (ID cards and digital identity verification), EPIC urged the agency to adopt more privacy protective technology for federal employees and contractors. EPIC drew upon expertise from the Advisory Board for these comments. EPIC recently urged the Department of Homeland Security to suspend a new counterintelligence system of records which will collect biometric information. EPIC previously urged the Department of Transportation to provide more privacy protections for federal employees in the Insider Threat database. (Feb. 2, 2021)
- Hamburg DPA Deems Clearview AI's Biometric Photo database Illegal, Orders a Partial Deletion of Profile: The Hamburg Data Protection Authority has ruled that Clearview AI’s searchable database of biometric profiles is illegal under the EU’s GDPR and ordered the U.S. company to delete the claimant’s biometric profile. Clearview AI scrapes photos from websites to create a searchable database of biometric profiles. The database, which is marketed to private companies and U.S. law enforcement, contains over 3 billion images gathered from websites and social media. The claimant submitted a complaint to the Hamburg DPA after discovering that Clearview AI had added his biometric profile to the searchable database without his knowledge or consent. The DPA ordered Clearview to delete the mathematical hash values representing his profile but did not order Clearview to delete his captured photos. The DPA’s narrow order protects only the individual complainant because it is not a pan-European order banning the collection of any EU resident’s photos. The DPA decided that Clearview AI must comply with the GDPR, yet this narrow order places a burden on Europeans to have their profiles removed from the database. EPIC has long opposed systems like Clearview AI, filing an amicus brief before the 9th Circuit defending an individual's right to sue companies who violate BIPA and other privacy laws, submitting FOIA requests with several government agencies that use Clearview AI technology, and urgingthe Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government. (Jan. 28, 2021) More top news »
The CBP's implementation of a Comprehensive Biometric Entry/Exit Plan currently includes the testing of facial recognition and iris imaging capabilities at exit/entry points within the US. The FY 2016 Consolidated Appropriations Act provides up to a $1 billion for the CBP biometric entry/exit program and President Trump's Executive Order "Protecting the Nation From Foreign Terrorist Entry into the United States"(Executive Order 13780 of March 6, 2017) explicitly calls on CBP to "expedite the completion and implementation of a biometric entry exit tracking system." These techniques pose significant threats to privacy and civil liberties, in particular the ability to conduct facial recognition covertly, remotely and on a mass scale. The lack of precautions that can be taken to prevent the collection of one's facial image, in addition to the absence of well-defined federal regulations controlling the collection, use, dissemination, and retention of biometric identifiers, raises serious privacy concerns for the individual. Identification through these processes eliminates an individual's ability to control their identities and poses a specific risk to the First Amendment rights of free association and free expression.
CBP's 1:1 Facial Recognition Air Entry Pilot Program
Facial recognition technology has been used by CBP officers at airport entry screening points. This roll out began with a sixty-day field test deploying equipment to take photos of individuals at ports of entry and using facial recognition technology to compare the photo stored on the embedded computer chip in U.S. passports. The program has been expanded to all U.S. airports and to cover first-time travelers form VWP countries. Individuals, including U.S. citizen, do not have the option to opt-out of the facial recognition comparison process.
CBP states it will "retain facial images and comparison match score data from those travelers who are subject to an adverse or law enforcement action resulting from secondary inspection." This retention was expanded to include those "images with scores that fall in the mandatory referral range" as well as "all facial images taken during secondary inspection."
CBP's Biometric Exit Program
A pilot facial recognition program (the Departure Information Systems Test ("DIST")) began in June 2016 at Hartsfield-Jackson Atlanta International Airport. The purpose of the pilot was to test the accuracy of CBP's facial recognition technology. The CBP stated that the agency's "initial findings support the piloted process as a viable solution to fulfill the mandated biometric exit requirements in certain settings." However, no report explaining these initial findings has been released to the public.
Under this program, CBP would create exit records for passengers and retain them in CBP's Advance Passenger Information System ("APIS"). CBP officers would take a photo of the passenger and match it to a photo in the flight-specific galleries in the Automated Targeting System ("ATS") consisting of compilations of photos from the Automated Biometric Identification System ("IDENT"), the Department of State's Consolidated Consular Database, and U.S. Citizen and Immigration Service's Computer Linked Adjudication Information Management System ("CLAIM 3"). Photos of U.S. citizens could be retained until their identities were confirmed, and the photos of non-U.S. citizens could be retained for up to fifteen years in the DVS system in ATS.
The Traveler Verification Service ("TVS") is an iteration of the agency's biometric exist system that uses a cloud environment for facial recognition. A production of a "report identifying how each algorithm performed" was expected following the release of a TVS PIA update in May 15, 2017. DHS Deputy Executive Assistant Commissioner, John Wagner, has stated that TVS will be expanded to eight airports during the summer of 2017.
A JetBlue self-boarding program will utilize CBP's facial recognition technology to verify the identity of JetBlue customers and CBP's database of passport, visa, and immigration photographs and is part of CBP's "ongoing trials to implement a biometric exit process in the future."
CBP's Iris Imaging Testing
The CBP is testing "iris imaging capabilities" at Otay Mesa Port of Entry. Testing, beginning in December 2015, consisted of capturing the iris images of non-U.S. citizens entering the U.S. and requiring certain non-U.S. citizens to "provide facial and iris biometrics to compare to their entry record.";
The CBP has three goals for the entry/exit strategy they have developed: (1) reducing biographic gaps by expanding biographic collection, (2) conducting targeted biometric operations, and (3) transforming entry/exit operational processes.
CBP's Changing Rules
Without any formal procedure in place, CBP has frequently changed the FAQs provided on the agency's website with regard to opt-out procedures. As of December 11, 2018, the FAQs read:
Are U.S. Citizens required to provide biometrics for the entry-exit system?
U.S. Citizens who are entering or exiting the country are generally required to be in possession of a valid U.S. passport. At this time, however, CBP does not require U.S. Citizens to have their photos captured when entering or exiting the country. U.S. Citizens who do not wish to participate in this biometric collection should notify a CBP Officer or an airline or airport representative in order to seek an alternative means of verifying their identity and documents. CBP discards all photos of U.S. Citizens, once their identities have been verified.
But on March 6, 2018, the same FAQ stated:
Individuals seeking to travel internationally are subject to the laws and rules enforced by CBP and are subject to inspection. If a U.S. citizen, however, requests not to participate in the Traveler Verification System, specified agreements between CBP and the partner airline or airport authority will guide alternate procedures. For some participating airlines, a traveler may request not to participate in the TVS and, instead, present credentials to airline personnel before proceeding through the departure gate. In other cases of an opt-out, an available CBP Officer may use manual processing to verify the individual’s identity. (screenshot)
And on August 24, 2018 it read:
Individuals seeking to travel internationally are subject to the laws and rules enforced by CBP and are subject to inspection. However, if a U.S. Citizen does not wish to participate in the biometric entry or exit process, he or she must request to be processed using alternate procedures, such as presenting travel credentials to an available CBP Officer or authorized airline personnel. Without legal authority or the opportunity for public comment, CBP is making up the rules as it rolls out the program. (screenshot)
EPIC is concerned that the CBP's biometric entry/exit tracking system and techniques lack proper privacy safeguards and maintains that the public should be fully informed about these systems. Without access to relevant records, EPIC and the public cannot assess the level to which the biometric entry/exist systems used and developed by the CPB safeguard and respect individual privacy. EPIC therefore has a significant interest in obtaining CPB documents concerning the biometric entry/exit system and plan -- including reports, records, correspondence, training materials, technical specifications, memoranda, passenger complaints, contracts, policies and procedures.
EPIC previously sued the FBI over the Bureau's Next Generation Identification database, which contains face prints, fingerprints, and other biometrics of millions of Americans. EPIC's lawsuit against the FBI revealed that biometric identification is often inaccurate.
- EPIC's FOIA Request - Facial Recognition Air Entry Pilot Program (June 6, 2015)
- CBP's Final Production Letter (July 24, 2017)
- EPIC's FOIA Request - Iris Imaging Testing (Mar. 2, 2017)
- CBP's FOIA Acknowledgement (Mar. 9, 2016)
- EPIC's FOIA Request - Biometric Exit Program (Jun. 13, 2017)
- FOIA Production
- 1:1 Face ePassport Air Entry Experiment - Final Report
- Southern Border Pedestrian Field Test - Summary Report
- Supplemental FOIA Production
U.S. District Court for the District of Columbia (No. 17-1438)
- EPIC Complaint (July 19, 2017)
- Protecting the Nation From Foreign Terrorist Entry Into the United States, Executive Order 13780 (March 6, 2017)
- U.S. Department of Homeland Security, Comprehensive Biometric Entry/Exit Plan, 2016 Report
- Shayna Posses, EPIC Demands Info About Biometric Tracking At U.S. Borders, Law360 (July 20, 2017)
- Jeramie D. Scott, Facial recognition surveillance is here -- but privacy protections are not, The Hill (Jul. 13, 2017)
- Franks Bajak and David Koenig, Face scans for US citizens flying abroad stir privacy issues, AP News (Jul. 12, 2017)
- Donna Goodson, JetBlue to test facial recognition tech at Boston's Logan airport, (Jun. 1, 2017)
- Mark Rockwell, CBP reports advances in biometrics, FCW (May 24, 2017)
- Russell Brandom, Airport face recognition could extend to US citizens, says Customs, The Verge (May 9, 2017)
- Alex Perala, CBP Lays Out Biometric Entry-Exit Program Plan, Find Biometrics (Mar. 7, 2017)
Share this page:
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.