Tweet
By Sunita Patel and Gitanjali Gutierrez, Staff Attorneys at the Center for Constitutional Rights, and Travis Hall, PhD Candidate at the Department of Media, Culture and Communication, New York University
Since 2006, the FBI has been quietly creating a massive new biometric database that is, in their words, “Bigger- Better- Faster.” Known as the “Next Generation Identification” program, or NGI, this new system marks a dramatic leap in the FBI’s ability to collect, store and share indentifying information across government agencies. Alarm bells should ring for all Americans concerned with their privacy.
Relying on “state of the art” biometric technology, NGI will use your physical traits (like eye scans and facial characteristics) to create identifications at lightning speed. While this may not seem terrible on its face, the real thrust of NGI is for multiple federal agencies to share your personal information without your knowledge. Through a series of disclosure programs, the FBI’s NGI database, the Department of Homeland Security’s (DHS) immigration database and the Department of Defense’s biometric database can now search and share matches. Moreover, the FBI hopes to expand the use of “Mobile” biometric units, which are biometric scanners that will send personal identifying information to all participating federal agencies, even for people who have not been arrested.
Given the troubled history of abuses with similar cross-agency collaborations, the erosion of walls between agencies with different purposes and the blanket exceptions granted these agencies from any kind of external oversight (e.g. the 1974 Privacy Act), the development of NGI is more than disturbing. The multiplier effect of an error is clear— a mistake in one federal database, let alone the databases it spreads to, can cause egregious harm to an individual, and, currently, correcting these mistakes is impossible, even if you know which database is responsible.
This raises another concern: information from state and local law enforcement feeds these databases. One of the key elements to NGI’s initial implementation for fingerprints was the Immigration and Customs Enforcement (ICE) program dubiously named “Secure Communities” that threw state law enforcement into the database sharing morass. Similar to the widely criticized anti-immigrant Arizona law, Secure Communities turns local cops investigating crimes into federal civil immigration agents.
Recently, local law enforcement authorities have joined in the opposition to Secure Communities because it undermines carefully cultivated community policing programs in immigrant neighborhoods. In fact, several localities and states have tried to opt out of Secure Communities but can’t get a strait answer from DHS. When pressured on this question, Secretary of DHS Janet Napolitano disingenuously claimed that the program only concerns sharing information between federal agencies—even though the states collect and control the information being shared!
Through Freedom of Information Act litigation brought by the Center for Constitutional Rights and others, however, we have learned that it was the FBI, not immigration officials, who demanded mandatory state participation in Secure Communities. There is no technical or legal reason why information must be shared with immigration authorities in the face of states’ decisions not to.
The truth is that the FBI made a policy decision to prioritize sharing of personal information as an end in itself. This post-9/11 zeal for total disclosure across federal agencies is a threat to our freedom. Secure Communities is a classic case of mission creep, where information gathered for one purpose is used for another unrelated purpose. This should cause us to question what other data is being shared and with whom, both at home and abroad. Everyone should demand that local police be exceedingly careful in what personal data they supply to the federal government, and for federal agencies to adapt their technical systems to contextualize data and share it only when allowed by federal and state or local law.
Otherwise the specter of NGI – a Kafkaesque system of unresponsive, opaque, error-ridden technological systems with untold power over our lives – looms large in the future.
To read the FOIA documents related to NGI and a related fact sheet, go to Uncoverthetruth.org/foia-ngi/ngi-documents. To learn more about Secure Communities and how you can prevent its implementation in your community or state, visit www.uncoverthetruth.org. For more information about the case NDLON v. ICE brought by CCR, the National Day Laborer Organizing Network and the Benjamin Cardozo Immigrant Justice Clinic, visit CCR’s case page.
49 Comments
Thanks so much for being here today Sunita, and also welcome to Travis Hall, who did much of the research.
Can talk a bit more about why local law enforcement is concerned about this?
There is no procedure for correcting errors? A database this huge, with inputs from thousands of people is bound to be full of garbage data.
Is the database subject to FOIA requests? Could I ask to see my data?
If I asked to see my data I have this vision of the planet-sized computer in Hitchikers Guide that was tied up for eons calculating the Answer to the Ultimate Question of Life.
Thanks Jane!
Secure communities essentially does what the Arizona immigration bill hoped to do, but on a national level, i.e. transform local law enforcement into immigration officers. Every time an immigrant is taken into police custody- or, if mobile technology is put into place, every time they talk to a police officer- there is a risk that they may be deported. And not only undocumented immigrants have to worry abou this- many immigrants have visas that become invalid if they are charged with a crime, no matter how petty.
Law enforcement has expressed several concerns. The primary one has been severing the gains made through community policing. Police are worried that crime victims will not call police when local police are acting as immigration officers. A video on this topic: http://uncoverthetruth.org/media/video/domestic-violence-victim-confronts-director-of-secure-communities/
Yes, but the computer would be located somewhere in West Virginia- I think Douglas Adams would approve.
The tricky part is that the Privacy Act of 1974 requires that all data be accurate, and that individuals have the ability to challenge their own records- but the FBI has exempted itself from these regulations, stating that the realities of law enforcement necessitate a potentially erroneous database.
I think a FOIA request may ultimately be successful, but they would probably fight it tooth and nail.
Ron Hampton wrote a great op-ed explaining his position, as the President of the National Black Police Association
http://www.washingtonpost.com/wp-dyn/content/article/2010/04/30/AR2010043002052.html
I remember this was a huge problem in California. Immigrant communities turned into huge crime pockets because nobody would call the police, and everyone knew it. There was a (ballot measure?) that passed against having local law enforcement act as immigration officials. The whole thing was a mess.
Also, just to make it clear, the problem becomes much bigger once you start linking databases. You may be able to look at and correct the FBI’s records, but not necessarily the information kept by DHS, the DoD, or the State Department. While one of the reasons they are pushing for interoperability is to find errors by cross-checking databases, errors are just as likely to be perpetuated or multiplied.
Thanks for joining us, Travis. Your point about transforming local law enforcement into immigration officers a la Arizona is important — and that, in turn, has a chilling effect on low-wage workers, as Ted Smukler and I explained in an article we co-authored on this:
http://www.inthesetimes.com/working/entry/6265
And thanks as well to you, Sunita, for joining us today, and for the critical analysis you and your colleagues are sharing with us.
That is something that is both troubling and frustrating about these databases: on the one hand, a well kept biometric database has the potential to empower individuals who are here on temporary worker visas who have their paperwork confiscated by their employers to provide proof of their legal claims, yet they are more often used as a form of intimidation and punishment for vulnerable individuals. The errors and inherent complexity of the immigration system is used to keep immigrants in constant doubt about their status, and as such any potential checkpoint becomes one of fear and harm.
Thanks for sharing Danny! And S-Comm is costing local cops a bundle. According to the Denver Post, the cost to each county to purchase updated equipment is an estimated $50,000, according to Christensen, the director of the County Sheriffs of Colorado organization. http://www.denverpost.com/news/ci_18415336
Has anyone estimated how much this will cost cash-strapped states across the country? I’m sure that’s a feature not a bug, however.
It’s actually worse than that.
If you consider that the FBI computer system overhall a few years back was pretty awful and they still haven’t got the kinks out of that system
AND
The Homeland Security no fly list is riddled with errors
Marrying these not very technically adept agencies to each other and expecting accuracy is to live in a fantasy world.
It should also hopefully have been made clear that S-Comm is only one program of sharing of biometric data between agencies- the Department of Defense has been building a biometric database of individuals in Iraq and Afghanistan, and Wikileaks exposed that the State department was trying to get biometric data (including DNA) from foreign diplomats. This is in addition to individuals who apply for federal work, or who work for the US military. They aren’t building one, large database, but multiple, inherently interconnected databases.
Many of the costs are “hidden” and therefore difficult to quantify. For example, prolonged incarceration times when non-citizens are kept locked up in local jails, even if a criminal court judge determines the person is not a danger or flight risk and sets no or a very low bond following an arrest.
Sunita might have more info on the actual cost, but DHS has repeatedly touted S-Comm as a means to enhance the effectiveness of its immigration enforcement arm, ICE, with very limited resources- i.e., you are absolutely right that they see this as a means to outsource the identification and detention of “criminal” immigrants to local law enforcement officers, along with the cost.
On the bright side from a provacy point of view, the federal gov’t has an abysmal record of interagency info sharing, so the likelyhood of this behemoth working efficiently, not so high.
Recommended.
Thanks for a terrific post.
Thanks Cynthia- this is a good point, but one that I’ve been struggling with: is an inefficient system of surveillance actually better? David Solove, a privacy scholar and law professor at George Washington University has made what I think is a compelling argument that Big Brother- the efficient, omnipresent and omnipotent government- is not what we should worry about, rather it is Franz Kafka’s Trial or Castle- an opaque, absurd, error-ridden system that doesn’t really work very well, but still has absolute power over people’s lives. I think that individuals who are arrested but not charged, and then deported because of faulty DHS data would fall into the latter category.
The inefficiency is certainly a concern. It may lead citizens into the deportation dragnet. But seriously, check out the documents, it’s scary how much they are planning: http://uncoverthetruth.org/foia-documents/ngi-documents/
How is this related to something like the Real ID Act? I see the last paragraph in this .PDF fact sheet. Does this program, which the FBI is employing and expanding, come as a result of that not being popular?
My understanding is that NGI is a separate beast than the REAL ID Act, although the two are both trying to solve the same problem. NGI, at its base, is simply an updating of the older fingerprint system, IAFIS, such that it is able to process matches faster and also capable of storing multiple types of biometrics- i.e. facial recognition data, iris scans, palm prints, etc. It is still primarily a criminal database, that is fed through local law enforcement and the FBI’s own collection, unlike REAL ID which would attempt to get biometric data for all citizens (similar to the current UID project in India). The FBI is growing the reach of its database into civil databases through the drive for interoperability- so instead of a single database a la REAL ID or UID, there are multiple government databases that link to one another. This could potentially be a privacy-enhancing situation, if proper barricades are put up between the various databases, but with the example of S-Comm it seems that they want no limit on sharing and as such no limit on the grasp of these databases.
Patel and Gitanjali, thanks for being here.
Is there any data on the reliability of these biometric identification techniques? Are they similar to the biometric databases the U.S. military has been using in Iraq and Afghanistan when arresting or capturing people? They were used at Guantanamo, too.
DHS was set up as a GOP graft machine. If you haven’t read this 2005 post by Sarah Posner, it’s canonical:
http://prospect.org/cs/articles?articleId=10750
I’m sure it’s a bipartisan looting festival now, but when I looked at the appropriations bill and saw the billions for the programs for TSA porno scanners that don’t work, it’s clear that nothing has changed:
http://fdlaction.firedoglake.com/2010/11/22/tsa-porno-screeners-giant-boondoggle/
Thanks for the post, Sunita and Travis.
The problem with any enterprise such as this is it’s only as good as the people who designed it and we all know who well the FBI’s super computer system has worked out. When you’ve got garbage going in at the development stage it doesn’t bode well for the end product.
Your biometric information IS like an ID. Your personal identifying information provides a way for the government to identify you and keep track of you. With a database that connects your fingerprints, iris scan, etc., with your name and background info, that serves the same purpose as forcing you to carry a national ID. (This response is provided with the assistance of my colleague Jessica Karp at the National Day Laborer Organizing Network. CCR has the pleasure of representing NDLON in the FOIA case which led the FBI to turn over these records.)
Thanks for the question Jeff, I’ll try to field it. The government is pretty public about its field tests for its biometric technologies, and much of the data can be found at biometrics.gov or nist.gov.
A recent National Research Council report stated that biometrics are “inherently fallible” and that more research is required at more or less all levels of deployment (http://www.homelandsecuritynewswire.com/report-biometric-id-technologies-inherently-fallible). The International Biometrics and Identification Association strongly denied the findings of this report, but at their core, biometric technologies are probabilistic (i.e. you will never have a 100% match), and as such matching errors are inherent and have to be controlled for either by increasing the accuracy of the system or putting in place proper protocols to ensure that there is some kind of additional check. In other words, there will always be problems, but technology is advancing steadily to minimize these problems.
In answer to your second question, the DoD has only really been using biometric technologies for the last 10 years or so, and then only in the field since around 2004. The DoD has been working closely with the FBI on their databases from the beginning, and as of March of this year their database is interoperable with those of the DHS as well. The DoD in fact touts that in 2004 a “known or suspected terrorist” was denied entry to the US by the DHS because of data provided by the DoD database (http://biometrics.dod.mil/References/Biometrics_Timeline.aspx). There are currently differences in the technologies used by the DoD and the FBI, both in terms of hardware and software, but their records are now being entered such that they can be cross-matched.
Also, the FBI was actually present at Guantanamo entering people into their database and helping the DoD with biometric collection.
I think a good point about IDs vs. biometrics is in the question of who gets to ask for them. If you think about social security numbers or driver’s licenses, both of which were set up for very limited purposes and- in the case of SSN- were explicitly designed not to be used for any other purpose, you can see how many different agencies, both private and public, now demand them for day-to-day interactions. India’s UID is hoping to make it such that biometrics are used the same way- currently not the case in the US, but it is certainly a possibility. One of the things that can’t be done with IDs, however, that can with biometrics is leave a trail- you can’t tell that someone has been to a bar because of their driver’s license, but you can because of their latent fingerprints.
Thank-you for all your work into this!!
I’m also curious about another ‘angle’ .. I was wondering just ‘Who/What Entity’ is the ‘Company’ who has this ‘contract’
And…
‘Can that ‘Company’ gathering and storing all that ‘info’ be trusted’???
Indeed!
And there are of course the unquantifiable costs– unreported crime, fear, separation of families.
Hi Jackie- I’m not 100% which “company” you’re referring to. Lockheed Martin received the contract to build the FBI’s NGI database back in 2008, and has been a part of the development and phase-in ever since (http://www.lockheedmartin.com/products/ngi/index.html). They will probably continue to be involved as contractors after the program is in full force, because that is how the government works.
As to whether or not they can be trusted with gathering and storing biometric data, I don’t think it is necessary to doubt the intentions or motivations of individuals both on the public and private side to recognize that major data breaches happen all the time (http://attrition.org/dataloss/).
Damn, no wonder so many people are attempting to go off-the-grid. Nascent fascism, folks. Or maybe we are already there. They can round up all the political prisoners they want to know. Say good-bye to democracy, if there was a democracy to begin with.
It may be necessary for groups of people to spontaneously go off-the-gird to avoid this level of fascism–and in order to create a new free society, with out Obamanian corporate control and state terror.
Welcome to the land of paranoia and fear! Isn’t one of the many purposes of our now perpetual wars to internalize among both past and future generations, the “need” for “homeland security” and endless losses of privacy? At some point, the only way to get away from “big brother”, may be to permanently leave this country.
I just haven’t determined whether that is one of the many goals…to get citizens who are fed up with what is happening to this country to move and the remaining will be complacent to these tactics.
Two more articles on this topic:
http://www.huffingtonpost.com/2011/07/06/new-documents-show-fbi-wa_n_890747.html
http://www.govtech.com/public-safety/Federal-Fingerprint-Sharing-Program-Meets-Resistance.html
Texas Civil Rights Review: Bob Libal: Secure Communities makes our community less safe
http://texascivilrightsreview.org/wp/?p=2073
And here’s another: http://texascivilrightsreview.org/wp/?p=2073
“We in Travis County and around Texas know that Secure Communities makes our community less safe. We know that Secure Communities breeds fear into the community, driving our immigrant brothers and sisters further into the shadows. Secure Communities also provides a steady business for the private prison company that ever more detainees to fill their detention beds.”
Thanks very much for your replies, and my apologies to Sunita for referring to her as “Patel”.
Ms. Patel:
Thank you for staying on top of this issue and keeping us informed.
Agreed, even if they were trying to do something good here (cough cough) it will have so many inaccuracies…and proving yourself after the fact would be a nightmare challenge. I hate being an evil empire.
Thank you for your interest! Here are a few others:
http://blogs.laweekly.com/informer/2011/07/fbi_documents_ice_secure_communities_program_mandated_biometric_database.php
http://floridaindependent.com/38178/fbi-secure-communities
Thank you for this article. Kafka could not have imagined the power of super computers, biometric scanners, and cheap solid-state and even molecular level data storage devices. He could have imagined, however, a state willing to keep detailed files on each of its citizens, regardless of their background, regardless of whether they had ever committed a crime, or would even consider it.
The issue is no longer controlling “crime”, which is behavior generally considered so anti-social that we empower the government to fine or imprison people who engage in it. The issue now is not “crime” but opposition to whatever the government of the day considers important, starting with opposition to the government itself, however seemingly peaceful or legally protected.
It is such goals that justify keeping biometric and social files on every person it comes across, citizen or not.
http://www.google.com/search?hl=en&source=hp&biw=995&bih=584&q=open+salon+cia+ford+foundation&oq=open+salon+cia+ford+foundation&aq=f&aqi=&aql=undefined&gs_sm=e&gs_upl=282l12328l0l34l34l3l17l17l0l266l2594l0.8.6l14
http://oklahoma.watchdog.org/1144/thoughts-on-new-investigation-bombshell-barack-obama-conclusively-outed-as-cia-creation/
http://www.luckinlove.com/obamaciaties.htm
So the way it works, all while B.O. keeps sounding perfect, is
the middle class gets killed, some run to the Tea Party,
and B.O. gets thrilled to death.
If your argument centers around the deportation of illegal aliens, you’re not going to worry me much. Surveillance of citizen activists, political protestors, etc., is a different story, as are problems with inaccuracies.
Ok, here’s the $64,000,000,000 question (applied to all IT) for the FOIA request.
How is it tested, how are the results verified, and what is the process to ensure accurate data?
Sounds like the Securitate. The cold war came home.
First they came for the Mexicans, but your not going to worry me much because I am not a Mexican…. They are simply the beta testers before it gets released on the “liberals.”