After a recent successful campaign for the Internal Revenue Service (IRS) to dump its facial recognition program, privacy activists are now turning their attention to other agencies that use the technology.
“The use of a third-party face verification service also creates needless security issues facilitated by government agencies, forcing individuals to hand over biometric data to a private company. Biometric data, particularly faceprints, are increasingly becoming targets for fraudulent activity,” the groups said.
“The likely result of federal and state agencies using faces as a credential to access sensitive information will be large-scale data breaches of a credential that cannot easily be changed.”
Sens. Wyden, Cory Booker (D-N.J.), and Elizabeth Warren (D-Mass.) joined in the chorus a day later with a letter to the Department of Labor, urging it to help state unemployment agencies abandon ID.me.
“It is concerning that so many state and federal government agencies have outsourced their core technology infrastructure to the private sector,” Wyden, Booker, and Warren wrote in their letter. “It is particularly concerning that one of the most prominent vendors in the space, ID.me, … uses facial recognition and lacks transparency about its processes and results.”
ID.me did not respond to a request for comment about the public campaign against it.
“We have listened to the feedback about facial recognition and are making this important change, adding an option for users to verify directly with a human agent to ensure consumers have even more choice and control over their personal data,” said ID.me CEO, Blake Hall.
“In recent weeks, we have modified our process so government agencies can empower people to choose to verify their identity with an expert human agent without going through a selfie check. Agencies can now select this configuration. Additionally, all ID.me users will be able to delete their selfie or photo at account ID.me, beginning on March 1.”
