These days, you can't really go anywhere without encountering cameras. Going into a store? Chances are there are security cameras. Getting money at an ATM? More cameras. Driving through the streets of a city? More cameras still. Your neighbors may have those doorbells from Amazon that are surveilling the entire neighborhood.
And many of these cameras are tied into facial recognition databases, or the footage can be quite easily compared there if "authorities" are looking for somebody.
But as it turns out, it isn't just facial recognition we have to worry about.
DHS has a new recognition system called HART.
Homeland Advanced Recognition Technology system is the alarming new identity system being put in place by the Department of Homeland Security.
DHS is retiring its old system that was based on facial recognition. It's being replaced with HART, a cloud-based system that holds information about the identities of hundreds of millions of people.
The new cloud-based platform, called the Homeland Advanced Recognition Technology System, or HART, is expected to bring more processing power, new analytics capabilities and increased accuracy to the department's biometrics operations. It will also allow the agency to look beyond the three types of biometric data it uses today--face, iris and fingerprint--to identify people through a variety of other characteristics, like palm prints, scars, tattoos, physical markings and even their voices.
Incidentally, the cloud hosting for HART is being done by none other than Amazon - you know, the ones with surveillance devices like the Ring doorbell and the Alexa home assistant and the Nest home security system. Does anyone see a pattern here?
Also note that Amazon Web Services also hosts data for the CIA, the DoD, and NASA.
More about HART
As HART becomes more established, that old saying "you can run but you can't hide" is going to seem ever more true. The DHS is delighted at how much further the new system can take them into surveilling Americans.
And by freeing the agency from the limitations of its legacy system, HART could also let officials grow the network of external partners with whom they share biometric data and analytics capabilities, according to Patrick Nemeth, director of identity operations within Homeland Security's Office of Biometric Identity Management.
"When we get to HART, we will be better, faster, stronger," Nemeth said in an interview with Nextgov. "We'll be relieved of a lot of the capacity issues that we have now ... and then going forward from there we'll be able to add capabilities."
The DHS wants to break free of the limitations of the old system with their new and "improved" system. HART will use multiple pieces of biometric data to increase identification accuracy.
Today, when an official runs a person's face, fingerprint or iris scans through IDENT's massive database, the system doesn't return a single result. Rather, it assembles a list of dozens of potential candidates with different levels of confidence, which a human analyst must then look through to make a final match.
The system can only handle one modality at a time, so if agent is hypothetically trying to identify someone using two different datapoints, they need to assess two lists of candidates to find a single match. This isn't a problem if the system identifies the same person as the most likely match for both fingerprint and face, for example, but because biometric identification is still an imperfect science, the results are rarely so clear cut.
However, the HART platform can include multiple datapoints in a single query, meaning it will rank potential matches based on all the information that's available. That will not only make it easier for agents to analyze potential matches, but it will also help the agency overcome data quality issues that often plague biometric scans, Nemeth said. If the face image is pristine but the fingerprint is fuzzy, for example, the system will give the higher-quality datapoint more weight.
"We're very hopeful that it will provide better identification surety than we can provide with any single modality today," Nemeth said. And palm prints, scars, tattoos and other modalities are added in the years ahead, the system will be able to integrate those into its matching process.
HART will also use DNA.
Remember a while back when we reported that DNA sites were teaming up with facial recognition software? Well, HART will take that unholy alliance even further.
The phase-two solicitation also lists DNA-matching as a potential application of the HART system. While the department doesn't currently analyze DNA, officials on Wednesday announced they would start adding DNA collected from hundreds of thousands of detained migrants to the FBI's criminal database.
During the interview, Nemeth said the agency is still working through the legal implications of storing and sharing such sensitive data. It's also unclear whether DNA information would be housed in the HART system or a separate database, he said.
The DHS is operating without any type of regulation.
Currently, there's no regulation or oversight of government agencies collecting and using this kind of data. Civil liberty activists and some lawmakers are alarmed by this, citing concerns about privacy and discrimination. This hasn't slowed down the DHS one iota, however.
Critics have taken particular issue with the government's tangled web of information sharing agreements, which allow data to spread far beyond the borders of the agency that collected it. The Homeland Security Department currently shares its biometric data and capabilities with numerous groups, including but not limited to the Justice, Defense and State departments.
In the years ahead, HART promises to strengthen those partnerships and allow others to flourish, according to Nemeth. While today the department limits other agencies' access to IDENT to ensure they don't consume too much of its limited computing power, HART will do away with those constraints.
Mana Azarmi, the policy counsel for the Freedom, Security and Technology Project at the Center for Democracy and Technology is one of those people voicing concern.
A person might give information to a single agency thinking it would be used for one specific purpose, but depending on how that information is shared, they could potentially find themselves subjected to unforeseen negative consequences, Azarmi said in a conversation with Nextgov.
"The government gets a lot of leeway to share information," she said. "In this age of incredible data collection, I think we need to rethink some of the rules that are in place and some of the practices that we've allowed to flourish post-9/11. We may have overcorrected."
Many people voluntarily provide biometric data.
Many folks provide biometric data without giving it a second thought. They cheerfully swab a cheek and send it into sites like Ancestry.com, providing not only their DNA, but matches to many relatives who never gave permission for their DNA to be in a database.
Then there are cell phones. If you have a newer phone, it's entirely possible that it has asked you to set up fingerprint login, facial recognition, and even voice recognition. It isn't a stretch of the imagination to believe that those samples are shared with folks beyond the device in your hand. Add to this that your device is tracking you every place you go through a wide variety of seemingly innocuous apps, and you start to get the picture.
You can't opt-out.
Back in 2013, I wrote an article called "The Great American Dragnet". At that time, facial recognition was something that sounded like science fiction or some kind of joke. Our drivers' licenses were the first foray into creating a database but even in 2013, it far exceeded that.
Another, even larger, database exists. The US State Department has a database with 230 million searchable images. Anyone with a passport or an immigration visa may find themselves an unwilling participant in this database. Here's the breakdown of who has a photo database:
- The State Department has about 15 million photos of passport or visa holders
- The FBI has about15 million photos of people who have been arrested or convicted of crimes
- The Department of Defense has about 6 million photos, mainly of Iraqis and Afghans
- Various police agencies and states have at least 210 million driver's license photos
This invasion of privacy is just another facet of the surveillance state, and should be no surprise considering the information Edward Snowden just shared about the over-reaching tentacles of the NSA into all of our communications. We are filing our identities with the government and they can identify us at will, without any requirement for probable cause.
Some people don't even seem to mind that their identities have been tagged and filed by the US government. And even those of us who do mind have no option. If you wish to drive a car or travel outside of the country or have any kind of government ID, like it or not, you're in the database. Six years ago, I wrote:
The authorities that use this technology claim that the purpose of it is to make us safer, by helping to prevent identity fraud and to identify criminals. However, what freedom are we giving up for this "safety" cloaked in benevolence? We are giving up the freedom of having the most elemental form of privacy - that of being able to go about our daily business without being watched and identified.
And once you're identified, this connects to all sorts of other personal information that has been compiled: your address, your driving and criminal records, and potentially, whatever else that has been neatly filed away at your friendly neighborhood fusion center.
Think about it: You're walking the dog and you fail to scoop the poop - if there's a surveillance camera in the area, it would be a simple matter, given the technology, for you to be identified. If you are attending a protest that might be considered "anti-government", don't expect to be anonymous. A photo of the crowd could easily result in the identification of most of the participants.
Are you purchasing ammo, preparedness items, or books about a controversial topic? Paying cash won't buy you much in the way of privacy - your purchase will most likely be captured on the CCTV camera at the checkout stand, making you easily identifiable to anyone who might wish to track these kinds of things.
What if a person with access to this technology uses it for personal, less than ethical reasons, like stalking an attractive women he saw on the street? The potential for abuse is mind-boggling.
If you can't leave your house without being identified, do you have any real freedom left, or are you just a resident in a very large cage?
When I wrote that, it still seemed far-fetched but remotely possible, even to me. This was before we were really aware of anything like the social credit program in China or how crazy the censorship was going to become or how social media would change the very fabric of our society.
Now, it's here and it looks like there's no stopping it.