from or-any-other-really-important-questions department
The Government Accountability Office (GAO) recently filed testimony [PDF] to the House Subcommittee on [takes deep breath] Investigations and Control and Science, Space and Technology Committee. Candace Wright, GAO’s director of science, technology assessment and analysis, explained the findings of previous GAO reports on the use of facial recognition by federal agencies.
Two of these reports were published last year. The first appeared in June, and it showed that federal agencies were doing next to nothing to track employees’ use of facial recognition technology.
Thirteen federal agencies do not know which non-federal systems with facial recognition technology are used by employees. These agencies have therefore not fully assessed the potential risks associated with the use of these systems, such as confidentiality and accuracy risks. Most federal agencies that reported using non-federal systems did not have systems. Thus, employees relied on systems belonging to other entities, including non-federal entities, to support their operations.
Thirteen of the fourteen agencies reviewed by the GAO (a list that includes ICE, ATF, CBP, DEA, FBI, and IRS) had no process in place to track the use of security technology. non-federal facial recognition.
This lack of internal control led directly to the behavior observed in the GAO’s second report, released in August. Either due to a lack of onsite technology or a desire to avoid what little internal oversight there is, federal agencies often asked state and local agencies to do their dirty facial recognition work for them.
Unfortunately, this testimony – rendered almost a year after the publication of the GAO’s conclusions – does not provide any answer to this lack of internal control. Nor is he suggesting that things are moving forward on the internal control front as a result of his earlier investigations.
The status quo remains, it seems. The only thing this testimony adds to the discussion of facial recognition is the unfortunate fact that federal agencies feel no qualms about better controlling the use of this technology. He also adds a bit of trivia to the FRT mix by discussing some little-known government uses of the technology.
Four agencies — the Departments of Health and Human Services, Transportation and Veterans Affairs, and NASA — said they use the FRT as a tool to conduct further research. For example, Transportation reported that the Federal Railroad Administration used eye tracking to study the alertness of railroad operators. Similarly, NASA has also reported that it uses eye tracking to conduct human factors research. Additionally, the Department of Veterans Affairs said it uses eye tracking as part of a clinical research program that treats post-traumatic stress disorder in veterans.
The report also doesn’t explain why the agencies surveyed underreported their use of Clearview’s controversial facial recognition software. The information in the June 2021 GAO report is contradicted by public records obtained by Ryan Mac and Caroline Haskins of BuzzFeed, strongly suggesting that five agencies lied to the GAO.
In a 92-page report released Tuesday by the Government Accountability Office, five agencies — the US Capitol Police, the US Probation Office, the Pentagon Force Protection Agency, the Transportation Security Administration and the Criminal Investigation Division of the Internal Revenue Service — stated they did not use Clearview AI between April 2018 and March 2020. However, this contradicts internal Clearview data previously reviewed by BuzzFeed News.
This deception – whether deliberate or not – is not mentioned in the GAO testimony. And apparently no follow-up investigation was done to see if the agencies were doing anything to prevent the kind of things seen here:
Officials from another agency first told us that employees were not using non-federal systems; however, after conducting a survey, the agency learned that its employees used a non-federal system to conduct more than 1,000 facial recognition searches.
A year later, and all the GAO can report is that three of the 13 agencies that did not have an internal tracking process are now implementing “at least one” of the three recommendations that the GAO issued nearly 13 months ago after its first report.
Most of the testimony is devoted to discussing much faster moves by federal agencies, i.e. widespread deployment of questionable technologies long before privacy impact assessments or assessment efforts to monitor the reliability of the technology deployed.
This testimony is incredibly disappointing, to say the least. It’s the government Responsibility This is the office talking here. And it is apparently unable to encourage more than a rounding error in liability gains. That leaves it to Congress, an entity that is largely unconcerned about increasing government accountability, as it could make things uncomfortable for them as they seek to extend four-year terms for de facto lifelong appointment.
The government has a facial recognition technology problem. And it’s going to get too big to deal with quickly if findings like those reported by the GAO a year ago continue to be ignored by federal agencies and the oversight to which this testimony was delivered. If the GAO can’t be bothered to ask tough questions of the agencies that misled it months ago, it seems unlikely that congressional representatives with multiple interests to serve (sometimes even those of their voters!) will hold an agency accountable for playing fast and loose with questionable technology and citizens’ rights.
Filed Under: facial recognition, gao, surveillance