CBP Failed to Protect Sensitive Biometric Information in Test of Facial Recognition Program
September 24, 2020
In a new report, the Inspector General for the Department of Homeland Security found that Customs and Border Protection failed to safeguard pictures of travelers obtained for a facial recognition pilot program, the Biometric Entry-Exit Program. The pictures were exposed in a data breach of a CBP subcontractor, Perceptics, LLC. OIG found that the CBP failed to undertake sufficient information security practices to prevent Perceptics from obtaining the data. At least 17 of the images were ultimately released on the dark web. EPIC leads an ongoing campaign to Ban Face Surveillance. In 2018, EPIC urged CBP to suspend its Biometric Entry-Exit Program. EPIC previously obtained documents on that program through a FOIA lawsuit.