The FBI has proposed keeping its database of fingerprints, iris scans and photographs exempt from privacy laws, prompting companies like Lyft and Uber to join advocacy groups in saying they are “deeply concerned” about the proposed change.
The bureau wants to shield its massive biometric database, called the Next Generation Identification (NGI), from Privacy Act rules that require a person to be notified if they are in a government system, as well as rules that let people ensure that the information the government is holding about them is accurate.
The FBI’s proposal was first published in early May, and it has since drawn the ire of civil liberties advocates who say that such an exemption would do away with any accountability that would prevent the use of the NGI. The Electronic Frontier Foundation (EFF) and other privacy activists were joined by ridesharing giants Uber and Lyft in sending a letter to the FBI on Friday, demanding a 30-day extension to the response period.
“The FBI waited over half a decade to public a basic privacy notice about NGI. Now, the American people have 21 business days to comment on that system – and the FBI’s request makes most of it secret. This is far too little time,” the groups and companies said in the letter.
The letter said that exemptions to privacy protections may be warranted in some cases, but the FBI’s proposal seems to “go far beyond that.” “For example, the Privacy Act generally bars the government from creating databases about the political activities of its citizens,” the letter said. “Under the FBI’s proposal, the FBI could violate that rule – and private citizens could never take them to court.”
The letter also said that the NGI likely includes a disproportionate number of African Americans, Latinos, and immigrants. “This is a problem from a technical perspective, as a body of research – including research authored by FBI personnel – suggests that some of the biometrics at the core of NGI, like facial recognition, may misidentify African Americans, young people, and women at higher rates than whites, older people, and men, respectively,” said the letter signed by the EFF, Uber and Lyft.
Also having potential civil liberties implications is the sheer volume of records in the FBI’s system, according to the EFF. Of the 100 million records on file, nearly 50 million of which is data that was collected for “non-criminal purposes,” the EFF said.
"If you're ever arrested for any crime – even for blocking a street as part of a First Amendment-protected protest – your non-criminal photographs will be combined with your criminal record and will become fair game for the same criminal database searches as any mug shot photo,” the EFF said. While Uber and Lyft are usually competitors, they both signed onto the letter, since both companies have resisted the idea of having laws requiring their drivers to enter into fingerprint-based background checks.
“We believe the right path forward is to continue to improve the level of transparency and accountability that’s built-into our service and the processes available for screening drivers,” wrote Uber Chief Security Officer Joe Sullivan in a blog post about the letter. “Instead of relying solely on flawed databases that are known to have information gaps, our technology makes it possible to focus on safety before, during and after every trip.”
