Thursday, 14 July 2016 07:17

The FBI hides collection of Iris information by local law enforcement since 2013

Written by

Reading time is around minutes.

In the last week the world saw what appeared to be another attempt to violate privacy by government law enforcement. In this case the FBI opened a “pilot” program to capture iris imprints for a searchable database. To date they have captured more than 400,000 of these imprints. The major concern here is that there was (and remains) no public debate, or oversight on the program. The program stands on its own outside the many restrictions that protect privacy and also other rights that people have. Well at least that is how things look on the surface. We took a little bit of a deeper look and tried to peel away some of the FUD and hype over the collection.

For anyone that has never been arrested or worked in law enforcement we should start by saying that any time you are arrested certain information about you is collected. You will be fingerprinted a photo of you taken and in some states/counties there might also be a blood sample taken (for multiple reasons including potential DNA matching). This is a lot of identifying information that is collected to pin point who you are. Much of this is sent to central databases to see if you are wanted for anything else and for future reference. This is all normal procedure.

Now some police agencies have started adding the collection of iris imprints to this data when you are arrested. It is that last sentence that is important; “when you are arrested”. IF (and that is a big if) this is the only time that the data is being collected there is really no problem in the collection. As we said any data collected after an arrest is typically stored in national databases anyway so not really all that concerning. The police agencies that are doing this did so very quietly and also happen to be some of the agencies that are also using systems like the Stingray cellular site simulator devices (San Bernardino, LA and Riverside).  

Where things do get concerning is the lack of public awareness of the collection and the potential for collection outside of the arrest procedure. This is where things get a little muddy. The FBI has a concerning history of pushing surveillance out beyond what most people would consider needed for investigation. An example of how this would expand beyond the arrest procedure would be if Border Patrol started scanning people to see if they are in the existing database. This could, and probably would, be setup to also capture the information and put it in the database. So now they can swipe your driver’s license or ID and match that to the iris scan. All of this would be done without any oversight or public discourse on the subject.

The FBI has been a big proponent of letting local law enforcement have access to sophisticated technology to do some of their legwork. In their eyes this helps them gather more information with less resources, but to the public is means that local law enforcement is often capturing data they should not and are also much more likely to misuse the tools they are given access to simply because there is less oversite at the municipal level (not that there appears to much at the government level). They have, in the recent past, pushed very hard to allow local law enforcement to have access to encrypted devices and also pushed for backdoors into encryption from companies like Apple. The overreach is impressive when you look at it.

This pattern is the real reason for concern over the FBI’s new program. It is not the collection of the data during an arrest, it is the methods they will eventually use to gather everyone’s data. This combined with the sneaky way they pushed the pilot program out is makes everyone suspicious. The FBI would have been better off to do this publicly and explain the benefits to this collection instead of trying to hide it and then slip it in to other areas. Now, no matter what they do it will look like they are trying to hide something and make the collection look more sinister.

Read 9199 times

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.