Biometric data of tens of thousands of people who crossed southern border exposed in cyberattack

The cyberattack of a Customs and Border Patrol subcontractor has exposed facial recognition data of tens of thousands of people crossing the southern border, raising security questions as jurisdictions debate how to govern the rapidly expanding biometric technology.

Boasting databases containing millions of photos and machine learning algorithms that churn through the information so quickly that matches are identified in milliseconds, the technology offers law enforcement unprecedented investigative powers to thwart both small-time crooks and potential perpetrators of mass carnage.

But its deployment, experts say, is occurring with minimal oversight.

“It is pretty much a wild west in terms of regulation and a very dangerous environment for civil liberty and also public safety. Lawmakers are starting to get a sense that they need to address this,” said Jake Laperruque, senior counsel at the Project On Government Oversight, a nonprofit watchdog group.

On Monday, CBP officials revealed weaknesses in a database when they detailed a malicious cyberattack against one of their subcontractors’ computer networks on May 31. CBP, which is overseen by the Department of Homeland Security, said the contractor had violated government regulations by transferring copies of images it had captured of travelers and license plates collected on the Mexican border — to its company network.

On Capitol Hill, where skepticism over the technology is mounting, reaction was swift. House Homeland Security Committee Chairman Bennie Thompson said it was DHS’s “second major privacy breach this year.”

“We must ensure we are not expanding the use of biometrics at the expense of the privacy of the American public,” the Mississippi Democrat said in a statement.

In March, DHS’s inspector general announced that personal information from 2.3 million survivors of 2017 hurricanes and wildfires had been improperly released to a contractor by the Federal Emergency Management Agency, risking mass identity fraud and theft.

Mr. Laperruque said cynicism about the technology is “strongly bipartisan.”

Late last month lawmakers from the House Oversight and Government Reform Committee highlighted concerns regarding the technology’s ability to accurately identify faces, especially those of women and minorities. Withering critiques came from ideological opposites — committee Chairman Elijah E. Cummings, Maryland Democrat, and Rep. Mark Meadows, North Carolina Republican and Freedom Caucus chairman.

Mr. Cummings said “there’s a lot of agreement” among lawmakers about the need for regulation, while Mr. Meadows added that the technology “gets out of control.”

Doubts also are growing among state and local governments, where opponents say the technology could convert America into a surveillance state.

Last month, technology haven San Francisco became the nation’s first city to ban police and other agencies from using facial recognition programs.

City Supervisor Aaron Peskin, who pushed the move, called the tactics “psychologically unhealthy” for citizens.

Meanwhile, California state lawmakers are considering blocking police officers across the state from using facial recognition programs on body cameras. Similar bans are under consideration in Oakland, California, and Somerville, Massachusetts.

Last week in New York, lawmakers on the State Assembly Education Committee approved a one-year moratorium on facial recognition systems in public schools, delaying plans for Lockport, a city near Niagara Falls, to become the nation’s first school district to adopt the technology.

The debate played out across New York media as the assemblywoman behind the moratorium, Monica Wallace, argued that Lockport didn’t want its “students to be used as guinea pigs for very new and untested technology.”

In an op-ed for The New York Times, city police Commissioner James O’Neill countered that facial recognition is reliable and urgently needed.

“It would be an injustice to the people we serve if we policed our 21st-century city without using 21st-century technology,” Mr. O’Neill wrote.

Comments are closed.