Face Surveillance

Facial recognition is a powerful technique capable of facilitating a new era of mass surveillance. The technology has been in development since the 1960’s, but only recently has facial recognition begun to be rolled out in large scale. Face surveillance systems are now being implemented as part of commercial services, government administration, and law enforcement functions with little to no legal protections in place. Additionally, the technology is subject to bias and the images used to create the underlying algorithms and databases are often collected surreptitiously and without consent.

EPIC supports a ban on facial recognition.

Top News

• EPIC Urges NIST to Adopt Privacy-Protective Standards for Federal ID Cards + (Feb. 2, 2021)
  In comments responding to the National Institute of Standards and Technology's draft Federal Information Processing Standards for personal identity verification (ID cards and digital identity verification), EPIC urged the agency to adopt more privacy protective technology for federal employees and contractors. EPIC drew upon expertise from the Advisory Board for these comments. EPIC recently urged the Department of Homeland Security to suspend a new counterintelligence system of records which will collect biometric information. EPIC previously urged the Department of Transportation to provide more privacy protections for federal employees in the Insider Threat database.
• Hamburg DPA Deems Clearview AI's Biometric Photo database Illegal, Orders a Partial Deletion of Profile + (Jan. 28, 2021)
  The Hamburg Data Protection Authority has ruled that Clearview AI’s searchable database of biometric profiles is illegal under the EU’s GDPR and ordered the U.S. company to delete the claimant’s biometric profile. Clearview AI scrapes photos from websites to create a searchable database of biometric profiles. The database, which is marketed to private companies and U.S. law enforcement, contains over 3 billion images gathered from websites and social media. The claimant submitted a complaint to the Hamburg DPA after discovering that Clearview AI had added his biometric profile to the searchable database without his knowledge or consent. The DPA ordered Clearview to delete the mathematical hash values representing his profile but did not order Clearview to delete his captured photos. The DPA’s narrow order protects only the individual complainant because it is not a pan-European order banning the collection of any EU resident’s photos. The DPA decided that Clearview AI must comply with the GDPR, yet this narrow order places a burden on Europeans to have their profiles removed from the database. EPIC has long opposed systems like Clearview AI, filing an amicus brief before the 9th Circuit defending an individual's right to sue companies who violate BIPA and other privacy laws, submitting FOIA requests with several government agencies that use Clearview AI technology, and urgingthe Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.
• EPIC to Maryland Legislators: Enact Biometric Privacy Law + (Jan. 27, 2021)

  EPIC Senior Counsel Jeramie Scott testified today to Senate and House Committees of the Maryland General Assembly in support of legislation protecting biometric information privacy. HB218 and SB16 are modeled after the Illinois Biometric Information Privacy Act (BIPA). Passed in 2008, BIPA has been referred to as one of the most effective and important privacy laws in America. "Unlike a password or account number, a person’s biometrics cannot be changed if they are compromised," EPIC told the Committees. EPIC stressed the importance of strong enforcement measures in privacy laws, particularly a private right of action. EPIC also submitted a recent case study on the Illinois law written by EPIC Advisory Board member Woody Hartzog. EPIC previously filed an amicus brief in Rosenbach v. Six Flags, where the Illinois Supreme Court unanimously decided that consumers can sue companies that violate the state's biometric privacy law. [Watch the hearing]

More top news

New York Enacts Law Suspending Use of Facial Recognition in Schools + (Dec. 23, 2020)

A bill signed into law yesterday suspends the use of facial recognition and other biometric technology by New York State schools. The ban will last for two years or until a study by the State Education Department is complete and finds that facial recognition technology is appropriate for use in schools, whichever takes longer. EPIC leads a campaign to ban face surveillance through the Public Voice coalition. EPIC recently filed a DC Consumer Protection Complaint alleging that online test proctoring companies have violated students' privacy and engaged in unfair and deceptive practices.

Massachusetts Poised to Ban State Use of Biometric Surveillance + (Dec. 1, 2020)

An omnibus police reform bill banning public agencies or officials from using facial recognition technology is set to pass the Massachusetts legislature in the coming week. The bill contains an exception for law enforcement to perform facial recognition searches against the state driver's license database, but requires the state to publish statistics on how often officers request access to the database. EPIC's Policy Director Caitriona Fitzgerald testified before the Joint Committee on the Judiciary to urge that a moratorium on facial recognition be included in a previous version of the bill. Earlier this year, an EPIC-led coalition called on the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

LAPD Bans Use of Clearview AI Facial Recognition + (Nov. 19, 2020)

The Los Angeles Police Department (LAPD) issued a moratorium on the use of third-party commercial facial recognition systems including Clearview AI. However, the LAPD will continue to use a Los Angeles County system which searches booking images. LAPD officers have used Clearview AI at least 475 times since 2019. Clearview AI is a particularly dangerous facial recognition system because it queries a database of over 3 billion images scraped from social media sites, compromising the privacy of more individuals than smaller-scale systems. EPIC recently filed a Freedom of Information Act lawsuit seeking information on Immigrations and Customs Enforcement's (ICE) use of Clearview AI. EPIC leads a campaign to Ban Face Surveillance.

EPIC Seeks Documents on Facial Recognition System Used to Identify D.C. Protester + (Nov. 13, 2020)

EPIC filed a series of open government requests seeking information on a previously undisclosed facial recognition system used by police departments in the Washington, DC metropolitan area. EPIC sent requests to Metropolitan Police Department, Maryland National Capitol Park Police, and Montgomery County Police Department. The system was first revealed by the Washington Post on November 2, 2020. A protester accused of assaulting a police officer during a June 1 protest at D.C.'s Lafayette square was identified when police ran an image of him from Twitter against the National Capitol Region Facial Recognition Investigative Leads System (NCR-FRILS). EPIC recently filed suit against Immigration and Customs Enforcement to obtain documents about the agency's use of facial recognition. Earlier this year, an EPIC-led coalition called on the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

#ReclaimYourFace: European Civil Society Groups Oppose Biometric Surveillance + (Nov. 13, 2020)

A coalition of twelve European civil society groups launched a new campaign this month calling for a ban on "biometric mass surveillance". To date the campaign has gathered over 5,000 signatures. EPIC has launched a campaign to Ban Face Surveillance and through the Public Voice coalition gathered the support of over 100 organizations and many leading experts across 30 plus countries. In October, EPIC urged the Department of Homeland Security to rescind a proposed rule allowing broad biometric data collection and suspend the Department's use of facial recognition.

Portland, Maine Votes to Add Teeth to Ban on Facial Recognition + (Nov. 4, 2020)

Voters in Portland, Maine passed a ballot initiative that strengthens the city's ban on the use of facial recognition by law enforcement and city agencies. The City Council previously passed an order banning face surveillance, but the initiative strengthens the ban with a private right of action and penalties for violations of the law. A growing list of cities have banned facial recognition technology, including Boston, Oakland, San Francisco, and Portland, Oregon. EPIC has launched a campaign to Ban Face Surveillance and through the Public Voice coalition gathered the support of over 100 organizations and many leading experts across 30 plus countries. Earlier this year, an EPIC-led coalition called on the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

EPIC Urges DHS Advisory Committee to Investigate Fusion Centers + (Oct. 27, 2020)

EPIC Law Fellow, Jake Wiener, spoke at the Department of Homeland Security's Data Privacy and Integrity Advisory Committee's public meeting today and urged the Committee to investigate rampant privacy and civil liberties violations by fusion centers. Fusion centers are centralized systems that pool and analyze intelligence from federal, state, local, and private sector entities. Addressing the Committee's new tasking, Mr. Wiener directed the Committee's attention to recent reports of protest monitoring and ineffective privacy oversight. He urged the Committee to recommend a ban on the use of facial recognition technology at fusion centers and to consider whether funding of fusion centers is justified in light of the privacy and civil liberties harms the centers create. EPIC previously urged the Advisory Committee to recommend that Customs and Border Protection halt the use of facial recognition.

EPIC, Coalition Urge University of Miami to Ban Face Surveillance + (Oct. 27, 2020)

EPIC joined over 20 consumer, privacy, civil liberties, and student organizations to call on the University of Miami to ban the use of facial recognition technology. The coalition letter comes after reports the University used facial recognition to identify student protesters. The coalition argued that "facial recognition technology is invasive and ineffective." EPIC has launched a campaign to Ban Face Surveillance and through the Public Voice coalition gathered the support of over 100 organizations and many leading experts across 30 plus countries. Earlier this year, an EPIC-led coalition called on the Privacy and Civil Liberties Oversight Board to recommend the suspension of face surveillance systems across the federal government.

Federal Government Advises on Federal Laws Potentially Violated When Intercepting Drones + (Aug. 19, 2020)

The FAA, DOJ, FCC, and DHS jointly issued the "Advisory on the Application of Federal Laws to the Acquisition and Use of Technology to Detect and Mitigate Unmanned Aircraft Systems." The advisory covers the applicable federal laws that non-federal or private entities might violate if they sought to detect or mitigate drone threats, including the Wiretap Act and Computer Fraud and Abuse Act. Congress previously granted the DOJ and DHS broad authority to detect and mitigate drone "threats" in the Preventing Emerging Threats Act of 2018 that was incorporated into the FAA Reauthorization Act of 2018. The FAA Reauthorization Act of 2018 required a report on drone surveillance risks but did not establish any baseline privacy safeguards. EPIC has repeatedly urged both Congress and the FAA to take decisive action to limit the use of drones for surveillance and to establish a national database detailing drone surveillance capabilities.

EPIC Obtains Records About Texas's Use of Aerial Surveillance + (Aug. 10, 2020)

Through a Public Information Act request to the Texas Department of Public Safety, EPIC obtained records about the department's use of two Pilatus surveillance planes, including videos recorded during the George Floyd protests. Reports have indicated that these planes, purchased by the state for border operations, were used to surveil cities hundreds of miles from the border. EPIC obtained flight logs from January 1, 2018 to June 15, 2020, plane technical specifications and the department's video retention policy. The flight logs revealed that the surveillance planes flew an average of one flight per day between May 25 to June 15, 2020, with a total of 103 hours of total flight time. In over ninety percent of these flights, the planes recorded no video. The planes reportedly cost an average of $474 an hour to fly, and the Texas DPS spent roughly $49,000 to record three videos over the three-week span. The Texas DPS withheld three videos recorded between May 25 to June 15, 2020, during the height of the George Floyd protests, despite its video retention policy stating that "all retained video copies...will be subject to open records requests." EPIC has long highlighted the privacy and civil liberties implications of aerial surveillance technology and has called on Congress to "establish drone privacy safeguards that limit the risk of public surveillance."

EPIC’s Work

Featured Pages

• Ban Face Surveillance
• Spotlight on Surveillance: The FBI’s Next Generation Identification Program

Amicus Briefs

• Patel v. Facebook
• Rosenbach v. Six Flags

Litigation

• EPIC v. ICE (Facial Recognition Services)
• EPIC v. State Department (Facial Recognition Database)

Agency Comments

• EPIC Comments on DHS Expanding of Biometric Entry-Exit (Dec. 21, 2020)
• EPIC Comments on DHS Expanding Collection/Use of Biometrics (Oct. 13, 2020)
• EPIC Comments to DPIAC on DHS’s Biometric Entry-Exit Program (Dec. 10, 2018)