Seeking documents about the FBI’s expansive biometric identification database
The Federal Bureau of Investigation is developing a biometric identification database program called “Next Generation Identification” (NGI). When completed, the NGI system will be the largest biometric database in the world. The vast majority of records contained in the NGI database will be of US citizens. The NGI biometric identifiers will include fingerprints, iris scans, DNA profiles, voice identification profiles, palm prints, and photographs. The system will include facial recognition capabilities to analyze collected images. Millions of individuals who are neither criminals nor suspects will be included in the database. Many of these individuals will be unaware that their images and other biometric identifiers are being captured. Drivers license photos and other biometric records collected by civil service agencies could be added to the system. The NGI system could be integrated with other surveillance technology, such as Trapwire, that would enable real-time image-matching of live feeds from CCTV surveillance cameras. The Department of Homeland Security has expended hundreds of millions of dollars to establish state and local surveillance systems, including CCTV cameras that record the routine activities of millions of individuals. There are an estimated 30 million surveillance cameras in the United States. The NGI system will be integrated with CCTV cameras operated by public agencies and private entities.
The NGI database will be used for both law enforcement and non-law enforcement purposes. It will be available to law enforcement agencies at the local, state, and federal level. But it will also be available to private entities, unrelated to a law enforcement agency. Using facial recognition on images of crowds, NGI will enable the identification of individuals in public settings, whether or not the police have made the necessary legal showing to compel the disclosure of identification documents. The New York City Police Department began scanning irises of arrestees in 2010; these sorts of records will be entered into NGI. The Mobile Offender Recognition and Information System (“MORIS”), a handheld device, allows officers patrolling the streets to scan the irises and faces of individuals and match them against biometric databases. Similarly, children in some school districts are now required to provide biometric identifiers, such as palm prints, and are also subject to vein recognition scans. Clear, a private company offering identity services based on biometric identifiers, attempted to sell the biometric database of its users after its parent company, Verified Identity Pass, declared bankruptcy. The transfer of the biometric database was blocked by a federal district court judge.
There is a substantial risk that personally identifiable information could be lost or misused as a result of the creation of the NGI system. Among the private contractors involved in the deployment of NGI are Lockheed Martin, IBM, Accenture, BAE Systems Information Technology, Global Science & Technology (“GST”), Innovative Management & Technology Services (“IMTS”), and Platinum Solutions. Arizona, Hawaii, Kansas, Maryland, Michigan, Missouri, Nebraska, New Mexico, Ohio, South Carolina, and Tennessee are actively participating in the NGI program. The FBI is pursuing an aggressive deployment of the NGI program, scheduled for completion and full deployment by 2014.
EPIC’s Freedom of Information Act requests
In 2012, EPIC filed two Freedom of Information Act (FOIA) requests for documents related to the FBI’s NGI system. One request sought technical specifications related to the roll out of the NGI system. The other sought contracts between the FBI and the private entities developing the system. The FBI did not promptly comply with the law’s requirements and has so far failed to give EPIC any responsive documents. After the agency failed to comply with the Freedom of Information Act, EPIC filed a lawsuit in federal district court.