A Government Accountability Office (GAO) review has found that U.S. Customs and Border Protection (CBP) has made progress testing and deploying facial recognition technology (FRT) at ports of entry to create entry-exit records for foreign nationals as part of its Biometric Entry-Exit Program. As of May 2020, CBP, in partnership with airlines, had deployed FRT to 27 airports to biometrically confirm travelers’ identities as they depart the United States (air exit) and was in the early stages of assessing FRT at sea and land ports of entry.
However, the review revealed that CBP’s privacy notices—which inform the public about its use of this technology—were not always current or available where the technology is used or on CBP’s website.
Part of CBP’s (and the Transportation Security Administration’s) inspection and screening responsibilities include reviewing travel identification documents and verifying traveler identities. From 1996, a series of federal laws were enacted to develop and implement an entry-exit data system, which is to integrate biographic and, since 2004, biometric records for foreign nationals.
GAO said in its September 2 report that CBP has taken steps to incorporate some privacy principles in its program, such as publishing the legislative authorities used to implement its program, but has not consistently provided complete information in privacy notices or ensured notices were posted and visible to travelers.
CBP requires its commercial partners, such as airlines, to follow CBP’s privacy requirements and can audit partners to assess compliance. However, GAO said that as of May 2020 CBP had audited only one of its more than 20 airline partners and did not have a plan to ensure all partners are audited.
CBP has assessed the accuracy and performance of air exit FRT capabilities through operational testing. Testing found that air exit exceeded its accuracy goals—for example, identifying over 90 percent of travelers correctly—but did not meet a performance goal to capture 97 percent of traveler photos because airlines did not consistently photograph all travelers. According to the operational testing report, air exit did not meet the photo capture rate requirement due to disruptions to the facial recognition process during boarding. The report found that disruptions were caused by factors such as camera outages, incorrectly configured systems at boarding gates, and airline agents’ decisions to exclude certain categories of people out of convenience (to speed up the boarding process), such as families or individuals using wheelchairs. In these cases, airline agents would revert to manual boarding procedures (i.e., visually comparing a traveler to his or her travel identification documents), and travelers’ photos were not captured or transmitted. For example, the test report noted that testing officials witnessed instances of cameras malfunctioning during boarding at all three of the airports they visited.
GAO found that CBP’s current monitoring process does not alert them when performance falls below minimum requirements (such as the 97 percent photo capture rate described above). CBP officials said they randomly sample two flights per airport per week and review the data from each flight, including the number of matches and the match rate. However, GAO said this random sampling process does not immediately alert officials to problems that affect the performance of air exit. CBP officials said there were several reasons why they chose random sampling to monitor the accuracy and performance of air exit. For example, officials said they have a small team of five analysts dedicated to monitoring air exit’s performance, and they do not have the capacity or resources to manually review every flight for anomalies. Additionally, officials said air exit has returned consistently high match rates for photos that are successfully captured, which gave them confidence that more robust or comprehensive monitoring was not necessary.
CBP officials said it would be helpful if they had automatic alerts or notification when the performance for a flight or airport fell below air exit performance thresholds and acknowledged that their system has the capability to provide these automatic alerts. Officials also said they had considered developing additional reports to evaluate system performance for air exit but had not begun this effort at the time of GAO’s review.
The Transportation Security Administration (TSA) meanwhile has conducted pilot tests to assess the feasibility of using FRT but, given the limited nature of these tests, GAO’s inspectors said it is too early to fully assess TSA’s compliance with privacy protection principles. TSA plans to continue testing and evaluating facial recognition technology through additional pilot tests prior to making any deployment decisions.
GAO conducted an onsite observation of the ongoing facial matching pilot in the international terminal at the Hartsfield-Jackson Atlanta International Airport in July 2019. During that visit, inspectors observed that the matching system was able to capture a photo and successfully match the majority of international travelers who participated in the pilot. For travelers who were unable to be matched by the system, the Transportation Security Officer (TSO) conducted manual identity verification (visual confirmation that the traveler’s face matched their travel identification document). In some cases, GAO observed that the TSO adjusted the camera to successfully capture a traveler’s photo, particularly for small children or travelers using wheelchairs.
TSA plans to conduct an additional test of this technology at the Detroit Metropolitan Wayne County Airport this year.
Although GAO is not yet able to fully assess TSA compliance, its observations at some individual airports have been largely positive. For example, At the Hartsfield-Jackson Atlanta International Airport, inspectors observed bilingual (English and Spanish) signs at the entrance to the relevant screening lane for each pilot test informing travelers about facial recognition identity verification. GAO also observed TSA officials standing by the entrance to the screening lanes answering traveler questions on the pilot tests and how personal information would be protected.
GAO is making five recommendations to CBP to ensure privacy notices are complete, ensure notices are available at locations using FRT, develop and implement a plan to audit its program partners for privacy compliance, develop and implement a plan to capture required traveler photos at air exit, and ensure it is alerted when air exit performance falls below established thresholds. DHS responded that it aims to ensure the privacy notices are complete by the end of the year. Work on the remaining recommendations is expected to be complete by July 2021.