Sen. Jeff Merkley, D-Ore., is joining other U.S. senators in asking the Transportation Security Administration to stop using facial recognition technology at airports.
Sixteen airports around the u.S. Have adopted the use of facial recognition as additional security. But the senators, including Merkley, Bernie Sanders, Elizabeth Warren and Cory Booker, have questions about the risk to civil liberties and privacy.
The following is their letter to TSA Administrator David Pekoske:
Dear Administrator Pekoske,
We write regarding the Transportation and Safety Administration’s (TSA) alarming use of facial recognition technology at domestic airports. Reporting indicates that TSA has been using and testing facial recognition technology for passenger screening at 16 major domestic airports, including some of the busiest U.S. airports, in cities like Atlanta, Dallas, Denver, and Los Angeles, and may expand its use across the entire United States as soon as this year.
RELATED: US, Oregon airports set new records for firearms found at security
RELATED: REAL ID requirement delayed another two years
Increasing biometric surveillance of Americans by the government represents a risk to civil liberties and privacy rights. Currently if a U.S. traveler shows up to one of the 16 airports testing this technology, they will be met with a facial identification scanner before they can proceed to their flight. Thousands of people daily are encountering a decision to travel or safeguard their privacy- a decision that threatens our democracy.
While TSA claims that facial identification scans are not mandatory, it is unclear how travelers will know that they can “opt-out,” and what the consequences for travelers are if they choose to opt-out. When Senator Merkley flew out of DCA while TSA was piloting its facial recognition program, he witnessed TSA agents directing passengers to look at the facial identification scanner in order to verify their identity. In order for facial recognition identification scans to truly be completely optional, TSA agents must inform passengers of their rights, and there must be clearly visible signage notifying passengers of their ability to proceed without a facial identification scan.
TSA’s facial recognition is also likely to exacerbate racial discrimination. A 2019 study by the National Institute of Standards and Technology tested 18 million photos of over 8 million people and found that Asian and African American people were up to 100 times more likely to be misidentified than White men by facial recognition technology, testing 18 million photos of more than 8 million people. American’s civil rights are under threat when the government deploys this technology on a mass scale, without sufficient evidence that the technology is effective on people of color and does not violate American’s right to privacy. According to a TSA spokesperson statement in July 2022, “TSA has no plans to limit [its] current use of facial recognition.”
In addition to government misuse, we are concerned about the safety and security of Americans’ biometric data in the hands of authorized private corporations or unauthorized bad actors. TSA’s new data could be hacked — we’ve seen it happen before. In 2019, the Department of Homeland Security’s photos of travelers, which are used in the agency’s facial recognition program, were stolen in a data breach.As government agencies grow their database of identifying images, increasingly large databases will prove more and more enticing targets for hackers and cybercriminals.
Notably, in the Agency’s 2018 Biometrics Roadmap, TSA planned to extend biometric solutions to the public on an “opt-in” basis. However, in the Agency’s 2022 document building on the Biometrics Roadmap, TSA states that biometric capture now occurs both when individuals opt-in and “where required”.
We urge the Agency to immediately halt its deployment of facial recognition technology and respond to the following questions:
1. Please provide data on the accuracy and volume of TSA’s facial recognition technology program from 2020 to 2022 broken down by race, ethnicity, and gender that includes:
- the rate of false positives and negatives produced;
- the total number of travelers who had their face scanned by TSA;
- the total number of travelers who opted out;
- the total number of cases where TSA stored its facial scans, instead of immediately deleting.
- How are travelers notified of their right to opt-out of facial recognition? What are the effects on a traveler who chooses to opt-out of facial recognition?
- Under TSA’s current system, do travelers who choose to opt-out face any additional consequences or additional screenings, pat-downs, interrogations, or even detention, beyond what they would have encountered at a non-facial recognition airport?
- What training measures does TSA currently mandate for staff to regarding travelers who choose to opt-out of facial recognition technology?
- Has TSA ever shared biometric data with other government agencies? If so, which agencies and for what purposes?
- What measures is TSA taking to protect biometric data from cyberattacks or any other form of unauthorized distribution or release? How does TSA ensure the security of Americans’ data that third-parties have access to? Is TSA aware of any breaches of travelers’ biometric data collected at US airports? If so, please detail all such breaches.