Published on May 19th, 2022 📆 | 6114 Views ⚑
0Senators Seek FTC Probe of ID.me Selfie Technology
A group of Democratic senators has asked the Federal Trade Commission to investigate whether identity verification company ID.me illegally misled consumers and government agencies over its use of controversial facial recognition software.
ID.me, which uses a mixture of selfies, document scans, and other methods to verify peopleâs identities online, has grown rapidly during the coronavirus pandemic, largely as a result of contracts with state unemployment departments and federal agencies, including the Internal Revenue Service.
The company, which says it has more than 80 million users, has also faced growing questions about that role as well as whether a private contractor should be allowed to act as a de facto gatekeeper to government services. It is already the subject of an investigation by the House Oversight and Reform Committee.
Key to the concerns have been questions about ID.meâs use of facial recognition technology. After long claiming that it only used âone-to-oneâ technology that compared selfies taken by users to scans of a driverâs license or other government-issued ID the company earlier this year said it actually maintained a database of facial scans and used more controversial âone-to-manyâ technology.
In a letter sent to FTC chairman Lina Khan requesting an investigation, Sens. Ron Wyden, Cory Booker, Ed Markey and Alex Padilla on Wednesday asked the regulator to examine whether the companyâs statements pointed to its use of illegal âdeceptive and unfair business practices.â
ID.meâs initial statements about its facial recognition software appeared to have been employed to mislead both consumers and government officials, the senators wrote in the letter.
âAmericans have particular reason to be concerned about the difference between these two types of facial recognition,â the senators said. âWhile one-to-one recognition involves a one-time comparison of two images in order to confirm an applicantâs identity, the use of one-to-many recognition means that millions of innocent people will have their photographs endlessly queried as part of a digital âline up.â
The use of one-to-many technology also raised concerns about false matches that led to applicants being denied benefits or having to wait months to receive them, the senators said. The risk was âespecially acuteâ for people of color, with tests showing many facial recognition algorithms have higher rates of false matches for Black and Asian users.
Questions over ID.meâs use of facial recognition software surfaced in January after the publication of a Bloomberg Businessweek article on the company. That coincided with growing concerns over an $86 million contract with the IRS that would have required American taxpayers to enroll in ID.me in order to use online services. The IRS has since announced that it is looking at alternatives to ID.me.
In interviews with Bloomberg Businessweek as well as in a January blog post by Bake Hall, its chief executive officer, ID.me had defended the fairness of its facial recognition systems partly by saying the company merely used a one-to-one matching system that compares a selfie taken by the user with their photo ID. âOur 1:1 face match is comparable to taking a selfie to unlock a smartphone. ID.me does not use 1:many facial recognition, which is more complex and problematic,â Hall wrote in the post.
A week later, Hall corrected the record in a post on LinkedIn, saying the company did use a one-to-many facial recognition system, in which an image is compared against often-massive databases of photos.
Hall, in that post, said the companyâs use of a one-to-many algorithm was limited to checks for government programs it says are targeted by organized crime and does not involve any external or government database.
âThis step is not tied to identity verification,â Hall wrote. âIt does not block legitimate users from verifying their identity, nor is it used for any other purpose other than to prevent identity theft. Data shows that removing this control would immediately lead to significant identity theft and organized crime.â
While researchers and activists have raised concerns about privacy, accuracy and bias issues in both systems, multiple studies show the one-to-many systems perform poorly on photos of people with darker skin, especially women. Companies such as Amazon.com Inc. and Microsoft Corp. have as a result paused selling those types of software to police departments and have asked for government regulation in the field.
According to internal Slack messages obtained by CyberScoop, ID.meâs software, demonstrated to the IRS, made use of Amazonâs Rekognition product, the very same one that Amazon has stopped selling to law enforcement.
The company had not disclosed its use of Rekognition in a white paper on its technology issued earlier that month.
Privacy and artificial intelligence safety advocates have also complained that ID.me has not opened up its facial recognition systems to outside audit.
Shawn Donnan and Dina Bass report for Bloomberg News.
Gloss