U.S. Customs and Border Protection (CBP) needs to address privacy and system performance issues as it moves forward with facial recognition technology and programs for identity checks, according to a Government Accountability Office report.
“We found that CBP’s privacy notices – which inform the public about its use of this technology – were not always current or available where this technology is being used or on CBP’s website,” the report says. “Also, CBP has only audited one of its 27 airline partners to ensure compliance with its facial recognition privacy policies.”
As of May 2020, CBP had deployed facial recognition technology to 27 airlines to biometrically confirm travelers’ identities. However, CBP has not always provided complete information in privacy notices, or made sure that notices were posted and visible to travelers – which would help give travelers the opportunity to opt out of participating in this Biometric Entry-Exit Program.
While accuracy goals of air-exit facial recognition capabilities have been exceeded, CBP assessments found that the capabilities did not meet performance goals of capturing 97 percent of traveler photos since airlines did not consistently photograph all travelers.
“A plan to improve the photo capture rate would help CBP better fulfill the program’s mission of creating biometrically confirmed traveler departure records,” GAO said. “Further, while CBP monitors air exit’s performance, officials are not alerted when performance falls short of minimum requirements.”
GAO made five recommendations to CBP, to which all were agreed to by the Department of Homeland Security, which oversees CBP. Among those recommendations include:
- Ensure privacy notices are complete;
- Have privacy notices available at locations using facial recognition;
- Develop and implement a plan to audit program partners for privacy compliance;
- Develop and implement a plan to capture traveler photos at air exit; and
- Ensure CBP is alerted when air-exit performance doesn’t meet established thresholds.