On Wednesday, Secretary Alejandro Mayorkas, Rep. Pramila Jayapal, and Rep Ayanna Pressley joined Senators Ed Markey and Jeff Merkley in calling for DHS to end its use of Clearview AI’s facial recognition technology. “Facial recognition tools pose a serious threat to the public’s civil liberties and privacy rights, and Clearview AI’s product is particularly dangerous. We urge you to immediately stop the Department’s use of facial recognition technology, including Clearview AI’s tools. Clearview AI’s technology could eliminate public anonymity in the United States,” the members of Congress wrote in a letter to Homeland Security. “It reportedly allows users to capture and upload photos of strangers, analyze the photographed individuals’ biometric information, and provide users with existing images and personal information of the photographed individuals found online. Clearview AI reportedly scrapes billions of photos from social media sites without permission from or notice to the pictured individuals. In conjunction with the company’s facial recognition capabilities, this trove of personal information is capable of fundamentally dismantling Americans’ expectation that they can move, assemble, or simply appear in public without being identified. Reports indicate that use of this technology is already threatening to do so.” They go on to explain that the use of facial recognition technology would deter people from participating in marches and rallies “for fear of being permanently included in law enforcement databases.” The technology poses unique threats to Black communities, other communities of color, and immigrant communities, the members of Congress added, noting that three Black men have already been wrongfully arrested based on mistakes made by a facial recognition system. Studies from the National Institute of Standards and Technology (NIST) have also found that Black, Brown, and Asian individuals were up to 100 times more likely to be misidentified than white male faces with most facial recognition tools available. According to the letter, facial recognition software is being promoted widely among law enforcement agencies, and “reviews of deployment of facial recognition technology show that law enforcement entities are more likely to use it on Black and Brown individuals than they are on white individuals.” “Additionally, past law enforcement use of this technology reportedly targeted Black Lives Matter activists. Use of increasingly powerful technologies like Clearview AI’s have the concerning potential to violate Americans’ privacy rights and exacerbate existing injustices,” Jayapal, Markey, Pressley, and Merkley wrote. “Therefore, as the authors of the Facial Recognition and Biometric Technology Moratorium Act (S. 2052/H.R. 3907) — which would halt a federal agency or official from using these technologies — we urge you to stop use of facial recognition tools, including Clearview AI’s products.” The Department of Homeland Security did not respond to requests for comment. The letter comes two days after the Internal Revenue Service (IRS) announced that it will no longer be using ID.me facial recognition software. The agency added in a statement that it will “transition away from using a third-party service for facial recognition to help authenticate people creating new online accounts.” The IRS had faced overwhelming backlash from civil rights groups and members of Congress from both parties, all of whom questioned how the IRS could begin the use of facial recognition without advance warning. But the issue revealed that the IRS was one of many federal and state agencies using facial recognition tools to provide access to vital government services and benefits. ID.me’s facial recognition tools are already used by 27 states for their unemployment benefits systems, according to CyberScoop, while 30 states and 10 federal agencies also use ID.me for other government services. The Veterans Affairs Administration and Social Security Administration both use facial recognition. More than 70 million Americans who filed for unemployment insurance, pandemic assistance grants, child tax credit payments, or other services have already had their faces scanned by ID.me. Several civil rights groups – including Fight for the Future, Algorithmic Justice League, the Electronic Privacy Information Center, and others – that started a protest movement last week designed to stop the IRS plan have expanded the effort to other agencies. Caitlin Seeley George, campaign director at Fight for the Future, told ZDNet they have updated their campaign page, dumpID.me, and are urging the Veterans Affairs Administration, the Social Security Administration, the US Patent and Trademark Office, and the many states using ID.me for unemployment benefits to follow the example of the IRS. “Veterans trying to access their benefits, elderly people trying to access Social Security Administration resources, and those applying for unemployment benefits in dozens of states are all facing the same problems and threats that caused the IRS to stop using ID.me. Many of these essential services are critical for marginalized groups, people who are already disproportionately targeted by surveillance and misidentified by facial recognition technologies,” Seeley George said. “No one should be coerced into giving their biometric information to a third party vendor for seven years or longer in order to access these essential government services. We expect all the lawmakers who spoke out against the broad use of facial recognition by the IRS to push these other agencies to stop using ID.me and any other biometric verification tools.”
ID.me to let users delete selfies
In the wake of the IRS decision, ID.me founder and CEO Blake Hall said they decided to modify their process and will now allow people to choose to verify their identity with a human agent without going through a “selfie check.” Agencies will now be able to choose this option, and Hall said they were also going to allow ID.me users to delete their selfie or photo at account.ID.me beginning on March 1. Aubrey Turner, the executive advisor at identity access management software company Ping Identity, listed several other authentication methods that agencies could use to replace their reliance on facial recognition as a means to stop fraud. He said they could use security keys (FIDO), mobile push, behavioral biometrics, authenticator apps like Google Authenticator, SMS, email, or voice. But all have their pros and cons relative to the balance of security and end-user convenience, he noted. “Static Knowledge Based Answers (KBAs) can no longer be trusted as a means of identity verification and authentication. Facial recognition as implemented by ID.me may not be the answer for IRS, but neither is UID + password. We deserve and should demand better as citizens,” Turner said. “What’s done is done as far as the IRS ending the relationship with ID.me, but how Congress plans to secure taxpayer accounts after abandoning ID.me is now my biggest question and concern.”