Judging from the number of agencies that use it, facial recognition technology has gone mainstream in the federal government. The technology is getting faster and more accurate, and has a growing number of use cases. Federal Drive with Tom Temin got the latest from the director for science, technology assessment and analytics at the Government Accountability Office Candice Wright.
Insight by Cloudera: Learn about what a few federal agencies are doing to tackle data security challenges and improve their cyber data posture in this exclusive e-book.
Tom Temin: Ms. Wright, good to have you back.
Candice Wright: Thank you for having me again, Tom.
Tom Temin: So this was a survey based more than kind of an audit investigation. And who did you ask about the use of facial recognition? Which agencies did you pull here?
Candice Wright: So Tom, for this work, we looked at 24 agencies, and these are the largest federal departments and agencies and surveyed them to get a sense of their current use of the facial recognition technology in fiscal year 2020. But also looking ahead to plan future use in future years.
Tom Temin: And the majority of them use it in one way or another, correct?
Candice Wright: Yes, that’s correct. So we found in the survey responses we got back from these agencies had 18 of the 24 agencies surveyed, do you currently use the technology or had been using it in some capacity during fiscal year 2020. And that’s included agencies like the Department of Homeland Security, Department of Defense, the Department of Health and Human Services as well, and a number of other agencies.
Tom Temin: And what are the use cases they’re presenting here?
Candice Wright: So among the key takeaways that we took from the survey responses was that there are three primary uses. This includes digital access, or cybersecurity, law enforcement and physical security on the digital access front. What we found mostly is that agencies were using facial recognition technologies to unlock agency provided smartphones or tablets that are provided to employees to conduct their work for the for their agency. We also, in thinking about this, you might sort of think of the face or image as a password that is used to unlock the device. We also saw two agencies, the Social Security Administration and the General Services Administration, who were also using the technology to were testing the technology to provide access to people looking to use government websites. And so in this regard, these two agencies noted that they will continue to do testing to further determine if it will be rolled out publicly.
Tom Temin: Yeah, that’s a big change. Because mostly it’s used internally, or in the case of the public, the traveling public, by Customs and Border Protection at the airport applications. But for purposes of government services, or accessing things through government websites, it’s still really not widely or at all used at this point – correct?
Candice Wright: That’s what we found from what the agencies reported. But again, as I said, Social Security Administration and the General Services Administration are testing the technology to determine whether it can be used to verify the identity of an individual attempting to, let’s say, apply for an account to access Social Security’s public online services.
Tom Temin: And then there’s the issue of physical security that five agencies reported.
Candice Wright: Yes, that’s correct. And so in this regard, we found that agencies were using facial recognition technology or physical security in order to control access to a building or facility, or to determine if someone is permitted to access the building or facility. And one of the things that we heard from agencies is that by using the technology in this way, it reduces the need for security guards, for example, at a building to memorize individual faces.
Tom Temin: So is the sense then based on this survey, relative to the prior one that you did, is this growing use of facial recognition?
Candice Wright: Well, we certainly have seen an increase use in the technology not just in commercial sectors, but also government sectors. And so the survey that we did for this work was one of the first where we really took a more comprehensive look to understand the extent to which it’s being used, because in the past we had limited, for example, the work to certain sectors – but this gave us a broader view across the federal government.
Tom Temin: We’re speaking with Candace Wright. She is the director for Science Technology Assessment and Analytics at the Government Accountability Office. And what are some of the dangers or some of the cautions that agencies need to exercise in the use of this sometimes controversial technology?
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
Candice Wright: Well, certainly there are pros and cons and risks associated as well. There’s benefits associated with anything new. And I think it will be important to continue to take a look at how agencies are using the technology also to try to understand what might be some of the privacy implications. Are there safeguards in place to help manage access to the information that’s being collected? And that’s actually some work that we’re going to be starting very soon to look at some of those kinds of issues, what might be some of the redress procedures, excuse me, as well as how agencies might be engaging with public stakeholders.
Tom Temin: And with respect to the experiments going on at GSA and Social Security, what do they envision as the means by which the face will be entered into the system, should this come to pass? Are they looking just at the people’s laptop computers with the built in camera?
Candice Wright: So for this particular report, we did not assess the systems themselves and or its effectiveness. So I’m not able to elaborate on that other than just to note that they had these pilots underway to test the technology.
Tom Temin: And was this a report with recommendations or simply just to look see for the benefit of Congress to keep tabs on something that some members have been watching closely?
Candice Wright: Certainly. So as the use of the technology has been growing, as I mentioned, both in commercial and government sectors, there was an interest in understanding its use across the agencies. We did not make recommendations in this particular report, really, it was just an opportunity to take a comprehensive look, and get a lay of the land. And based on what we have identified, or learned I should say, through this work, we may look at conducting further studies to gain better insights.
Tom Temin: And having looked at this now for a while, what’s your sense of where this should be going, where it is going in the federal government?
Candice Wright: So based on what we learned in this most recent report, we’ll consider further studies to examine, for example, the extent to which agencies might be sharing data that they’re obtaining by using these systems. So we might look at things around what is being shared, how often and with whom. Even just trying to understand what data are being collected, and access and use by whom. There may be also a need to look at the legal authorities with regards to the agency’s use of the technology, but also sharing the data. And then also, maybe there’s perhaps a need to take a look at the controls and monitoring that are in place to prevent unauthorized access to data that is being generated by using this technology. So again, based on what we’ve learned in this report, we’ll take a look at where we may want to conduct them further studies
Tom Temin: Could one of those studies also include the training data sets that are used for artificial intelligence algorithms that are applied to facial recognition?
Candice Wright: That certainly could be a possibility. I will note that GAO has done work in the past, looking at the algorithms and certainly other work on artificial intelligence. So again, we’ll continue to sort of look at what we learned from this study relative to what we have found in the past and then think about what the best path forward is to understand agency’s use of the technologies and what the risks might be, as you know, in addition to the opportunities that it can present.
Tom Temin: Okay, Candice Wright is Director for Science Technology Assessment and Analytics at the Government Accountability Office. As always, thanks so much.
Candice Wright: My pleasure, Tom. Thanks again for having me.