The 1:1 case is not too unreasonable, if you ask me. Store a cryptographically signed photo on a chip in the ID card, and the machine can compare that to the real-life human presented. There are obviously drawbacks with biases in the comparison algorithm, but that's not really any worse than a human doing the same. From a privacy perspective it's not too bad - provided they delete their copy of the photo after the card is issued. This isn't any different from having the photo printed on the ID card, if you ask me.
The 1:many case, on the other hand, is a bit of a problem. This requires the creation of a mass database with everyone's pictures in it. The privacy implications are obviously enormous, as it would also enable the identification of previously-anonymous people "in the wild".
And then there's obviously the issue that it simply cannot possibly work on a larger scale: with a 1:1 comparison you have to look for a close-enough match of a single picture pair, but with a 1:many comparison you have to identify one person out of millions of possible matches. There needs to be some lenience in the matching (people use makeup and get rhinoplasties) but people's faces already look quite similar - once you get to the million-people scale, there are pretty much guaranteed to be some false positive matches in there!
"From a privacy perspective it's not too bad - provided they delete their copy of the photo after the card is issued. This isn't any different from having the photo printed on the ID card, if you ask me."
If you have a government ID they already have your picture in a database. I know for a fact this is true if you have a US passport and I would be shocked if each state doesn't have a database with all Drivers License/state ID pictures.
I can get my license reissued with my old photo as long as it’s within X number of years. This was handy during COVID when renewing entirely by mail was rolled out, but I also did it on a prior license renewal as well.
I’m generally opposed to government intrusion on rights, but I don’t think I have the inherent right for the government to have no photos of me. I’m sure the Dept of State, Customs/Border Patrol, and my local motor vehicles dept has my photo on file.
>> I don’t think I have the inherent right for the government to have no photos of me.
Why? The government should have no info on you at all unless and until they have an articulable reason to suspect you to be in violation of the law. Then they should only be allowed to retain data about for the duration of your criminal history (which could be for life )
Customs and Border patrol should not even be allowed to ask you any questions or stop you at all upon reentry to the country unless again they have a clear and articulable reason to believe you are in violation for the law
same with the TSA.
the fact that we have allowed general "detainment" in the name of safety was the start of the slippery slope that they continue to advance further and further to more or less cancel all 4th and 5th amendment protections to the point now where those protections basically do not exist with in a 100 miles of any border which is like 80% of the nation.
it is absurd to simply accept this as normal, and inline with individual freedom. it is not
> The government should have no info on you at all ...
Are you meaning for citizens of the country, or visitors to the country?
If you're meaning for citizens... um... how would the government know you're a citizen if it has no records of you? Ditto for knowing who to collect tax from, although a Good-and-Services-Tax could remove that particular need. ;)
You hit the nail on the head.. I dont find income based taxation to be ethical at all, and believe either a Land Use tax, Service fees, or contextual public finance is a better way, not stealing a part of a persons labor.
I also see government as only being needed for "night watchman" status, not as providers of all your needs from craddle to grave, under such a system of governance visitors to the nation are no different than citizens, as everyone is equal before the law, and the law is only used for peaceful dispute resolution between 2 parties. Not to dole out political based favors via an ever increasing state via both government contracts to big business, and government subsides to protect business, and social welfare which also is a handout to large business..
Once that state has no power to redistribute wealth (often from the poor to the rich in practice not in the manner many democrats envision the redistribution is going in their fantasy) then the need to track every dollar, and every person drops to near zero
> Customs and Border patrol should not even be allowed to ask you any questions or stop you at all upon reentry to the country unless again they have a clear and articulable reason to believe you are in violation for the law
> same with the TSA.
> the fact that we have allowed general "detainment" in the name of safety was the start of the slippery slope that they continue to advance further and further to more or less cancel all 4th and 5th amendment protections to the point now where those protections basically do not exist with in a 100 miles of any border which is like 80% of the nation.
I agree with all that, but I still don't see how that leads to your claim.
> Why? The government should have no info on you at all unless and until they have an articulable reason to suspect you to be in violation of the law. Then they should only be allowed to retain data about for the duration of your criminal history (which could be for life )
Why? It's normal for other people to remember what you look like, it's normal for your local government workers (who are likely the only ones for whom it matters) to remember what you look like, what people look like isn't secret.
I think the issue here is that it is both reasonable for the government to have a photo to facilitate some services, and also extremely dangerous for a centralized database to exist due to the kinds of surveillance this enables.
If we could be certain that the collected photos would be used only for the specific uses cases deemed necessary and acceptable, and never for the purpose of enabling new forms of surveillance, then it seems reasonable for the government to have this info.
But I don’t think that’s the reality. Or at least there aren’t checks and balances in place that I’m aware of that ensure the collected photos are not used for other purposes. It’s ultimately a problem of trust, and trust has been deeply eroded.
I disagree with the customs and border comment. I think a nation has a right to know who is entering the country. Otherwise you just have open borders. In addition other countries want to know who you are. So you need a passport
> Customs and Border patrol should not even be allowed to ask you any questions or stop you at all upon reentry to the country unless again they have a clear and articulable reason to believe you are in violation for the law
I believe that CBP has an entirely valid reason to stop me and ask me questions as needed to validate my identity, that it’s legal for me to enter the country, to determine I’m not importing anything improper, or if I owe duty on goods I’m importing.
I understand that others are in favor of open borders. The country I live in and the countries I visit appear to not be.
I just went and got my license renewed in my home state while I’m living overseas. The last time I had a license photo taken there, I was maybe 17. The clerk made sure to turn the screen around so we could both laugh at my old photo, so at least they keep them in one state.
The mass database with everyone's pictures in it is called the DMV. It was created decades ago; we don't need to engage in speculation about what it "would" do.
"And then there's obviously the issue that it simply cannot possibly work on a larger scale: with a 1:1 comparison you have to look for a close-enough match of a single picture pair, but with a 1:many comparison you have to identify one person out of millions of possible matches. "
i should probably flesh out my reasoning more on this but i think we should preserve the ability for people to do wrong rather than trying to box it out. practically, it functions as a useful last resort of the system is very screwed up and we can probably punish noncompliance in other cases.
i think if we successfully remove the ability for people to break laws, regardless of whether it's done in a "privacy-preserving" way, that would be bad. but then again i'm against the feds knowing who anyone is so i'm probably biased.
This statement seems pretty poorly thought out. I think the argument that's being made is actually that there should be comprehensive privacy legislation, not that the TSA's use of facial recognition is bad/dangerous.
I see three risks being pointed out:
1. "the potential privacy and bias risks" -> however it doesn't expand or explain these risks. I'm on team privacy in general, so I definitely worry about this, but I think it's almost comical that any description of this risk is absent.
2. While facial ID is currently optional, "there is no guarantee that will remain the case" -> this is a textbook slippery slope argument, which means they're arguing not that the current practice is bad but that someday they might start doing something bad.
3. "the very real possibility that our face eventually becomes our default ID" -> another slippery slope argument that has even less to do with the TSA. This would require a major effort by the rest of government, so this is more a "watch out for that big cliff over there" argument than a slippery slope argument.
After all that, I think the topic sentence of this statement should be"
> This is [bad] because the United States lacks an overarching law to regulate the use of facial recognition to ensure the necessary transparency, accountability, and oversight to protect our privacy, civil liberties, and civil rights.
The slippery slope argument is a pet peeve of mine. It is a real, valid concern - in fact when this strategy works people often switch to calling it boiling the frog, which is not usually contested for some reason (even though it is the same thing)
Slowly making changes is a normal strategy at this point, saying anything less than the worst case is a "slippery slope" is no longer relevant imo. It is a valid risk that should at the very least be a point of discussion
Right. "slippery slope" is a fallacy only when the slipperiness of the slope is taken for granted. In this case there is plenty of evidence that this slope is in fact slippery.
Since I'm bashing on fallacies here, I'd also like to call out the naturalistic fallacy as a frequently abused one.
If your ancestors managed to survive in the natural environment, and there is something novel in the synthetic environment, then the synthetic alternative does in fact deserve more scrutiny because you have less evidence about it.
"Natural doesn't mean safe" type reasoning only really applies when the natural and synthetic thing are being put in equally novel situations--which is a pretty rare setup. Like, how often do you consider eating a plant which nobody has ever eaten before?
> The slippery slope argument is a pet peeve of mine.
Do you mean that an argument which consists of a claim of an inevitable slide to a bad conclusion from a certain starting point is your pet peeve? Or that a rebuttal to such an argument, which consists of pointing out that the former may be a slippery slope fallacy, is your pet peeve? It gets confusing because the key phrase of the former is "we're on a slippery slope", while the key phrase of the latter is "that's a slippery slope fallacy."
The slippery slope argument is a logical fallacy. However as you say, when incremental changes are regularly used as an effective strategy to obtain a larger objective it becomes a valid concern.
The logical fallacy still holds even if the majority of all policy utilizes the incremental strategy, but only because there are edge cases that invalidate the argument.
The problem for people outside of the strategy room, is that we don't know whether there is a broader objective or not, and even when a broader objective is realized it's almost impossible to prove that the end result was the original intent.
Even absent a broader objective we should still look to history and understand that government only ever increases its own power, only ever reduces the liberty of the citizen.
Government actions move in one direction, to yell into the void "well that is a slippery slope fallacy" as if that means we should simply ignore all of the lessons history has to teach us about giving up liberty for perceived safety is crazy to me.
I am not sure what value there is in proclaiming a slippery slope fallacy or how that it a rebuttal to the very real historical record.
I agree with you. My point was that using slippery slope to discredit an argument is frustrating because it is practically impossible to know in advance whether the incremental change is part of a bigger objective, and yet we also know that the strategy can work and has been used in the past.
It's part of a broader objective because many of these projects are fueled by both private organizations and public for-profit organizations. Yes, this is indeed part of a broader objective to sell more of this technology. Lots of ARPA money out and about right now.
> The problem for people outside of the strategy room, is that we don't know whether there is a broader objective or not, and even when a broader objective is realized it's almost impossible to prove that the end result was the original intent.
In some cases, folks are open about their broader objectives. Sometimes, we DO know their broader objectives, or at least we COULD know if it was widely (properly) reported.
In all other cases, we have no way of knowing the objectives of politicians and bureaucrats _tomorrow_, so we shouldn't presume they will have good objectives -- or rather, that we would think their objectives Good.
Never give the government power that you wouldn't want the most hostile political adversary to have.
>2. While facial ID is currently optional, "there is no guarantee that will remain the case" -> this is a textbook slippery slope argument,
And? Years ago you could say the same thing if OP complained about the TSA starting to use biometrics. And you would be disregarding their very real concerns, especially when they would have been right about them. I believe this is also the case now. OP has a valid point.
> you would be disregarding their very real concerns, especially when they would have been right about them.
Which TSA concerns were they right about and what dates?
Matching pictures doesn't indicate a person smuggling items onboard, and the hijack avenue ended on 9-12 when in-flight procedures changed. Ramp workers and flight crew, and even TSA, go around the TSA screening and can smuggle anything that somebody holding their family hostage at home tells them to carry.
They are piloting this at an airport near me. When I asked if I could opt out the employee said “no”. It was only later I was told that I could (upon returning home and looking it up)
FaceID as government ID is not a good idea, and it’s fine to start somewhere in my opinion though of course I would prefer outlawing biometrics entirely as identifiers.
Every article I've read about the TSA's program included the journalist either being denied an alternative to the facial recognition process or being pressured to do it. In an environment where being late for a plane could cost people their travel plans, coercion is pretty easy.
I fly a lot. I always opt out, usually in Atlanta but I think in other airports. There are signs up they say you can opt out.
This is both in the precheck security line and when boarding international flights.
It was an issue once with a Delta employee who didn’t know I could opt out. And once with border control in Ireland (where ICE has a presence). There, the ICE employee manually verified me but still insisted I get a photo taken.
Otherwise, it’s not been an issue to opt out so far. The staff might be a little annoyed, but it goes just as fast.
As an opposite point - the airports I've been to have been pretty easy to opt-out, though they usually have snippy comments about "saying it up front".
That being said, did your airport not have signs talking about the pilot, and it being optional? I would of pointed to that if I was told no.
It was very early in the pilot process, and I was trying to board an international flight. There was little or no signage, and the TSA staffer told me I could not opt out when I asked. Not a great experience. Since Senator Markey has been harping on this it has improved.
Even GDPR only applies to private entities, and the same polity who did that have used their willingness to regulate data handling and software architecture to, if anything, minimize end-user privacy vs. the state.
These questions come up and I always wonder about the edge cases. I'm an identical twin. My twin can get get past my faceID consistently, from first release until today. What happens when twins with bad blood start abusing facial recognition?
What kind of abuse are you imagining? Presumably with this system, the TSA agent's query is like: "Does this person's photo match the photo for the identity they are claiming to be?", and not do something like compare your face to every other person's face and return the most likely identity for your face.
So, in that instance, your evil twin could steal your ID and travel as you, but they could do that before this system was in place anyway.
The article mentions a "one to many" system which is exactly this - it compares you to every face in the database and decides who you are, eliminating the need to show physical ID.
Unless both twins are flying on the same day, you could solve this by rejecting matches of people who don't hold a boarding pass for that airport.
Or you could just require a physical ID as backup if the system can't return a match (due to identical twins or otherwise).
Other signal will be fused in. Otherwise, you’re counting on the possession of your government credentials as the control. You could just as easily swap IDs.
Leakage is expected, leading to iteration on edge cases. Some leakage will always be inevitable, no system is perfect.
The legal system is the final recourse mechanism if malicious activity (identity fraud) is detected.
Currently you need to look kind of close and have the other person's ID. With the 1:many pilot it would just check your face against a database of ID photos of PreCheck enrolled travelers, so you only have to be at the right place at the right time, and look very close. Not a huge concern in general, but for an evil twin it's much easier to get past TSA if they know which plane their twin will take.
Present state. They are moving towards facial recognition with no need for ID presentation or boarding pass. No need for the ID when they have your photo on file (this is how Global Entry re-entry kiosk works), and your identity is tied to airline PNR.
Even if someone totally unrelated who looks a lot like you is caught in the act by facial recognition, it can be really bad. “Here are videos of the defendant caught on the act of three separate crimes!” can be pretty convincing when you’ve been dredged up as the closest match.
Touch ID alone should suffice, identical twins have different fingerprints. Similar, but not identical. There's some amount of entropy captured in the womb which affects their development. [1]
> Fingerprints aren’t included in these genetic similarities. That’s because the formation of fingerprints is dependent on both genetic and environmental factors in the womb.
> The chances of identical fingerprints in identical twins is slim-to-none. While anecdotal articles online often discuss the possibility of a chance that the science could be wrong, no research has found that identical twins can have the same fingerprints.
> [...] As a result, identical twins may have similarities in the ridges, whorls, and loops in their fingerprints. But upon closer examination, you’ll notice differences in some of the smaller details, including spaces between ridges and divisions between branch markings.
> Another risk that is set in motion by TSA’s use of face verification is the very real possibility that our face eventually becomes our default ID and creates a de facto national ID controlled by the government.
For one, why are people afraid of a national ID? I remember this argument being used to delay RealID changes in some states. Other countries have a national ID and it hasn’t lead been billed as a privacy nightmare.
Second, we have a national ID already called a passport. That’s valid ID in the US and issued by the Federal government. I have one and so far the Feds haven’t come for me while I’ve slept or thrown me into whatever lies at the bottom of this slippery slope argument. Am I missing something?
Third, what makes the Feds worse than my State government? What stops Florida or New Mexico from turning State ID databases into a surveillance tool? Is it possible we really have 50 slippery slopes to deal with? Again, I don’t understand where the fear is.
1. People don’t trust the government and are wary of giving it more power
2. You’re missing that your face is different than a piece of paper. You can choose to refuse to show ID in some cases. You could keep your face covered, but that has ramifications you might not desire
3. The Feds are worse because they are already much more powerful than any state government.
It’s really not hard to see where the fear is. This might be one of the most obtuse comments I have seen on here
1. Sure, folks don't trust the government. I'm gonna guess that same sort wants to see ID in some situations. In this case, the government already has the power. State ID's already exist, and the federal government can get access. You already have a ss# - if someone wanted to mess with you, they'd just code you as dead. "accidentally".
2. Sure, your face isn't a piece of paper. It is still a major identifier, hence the reason you have it on your ID. The DMV already has your picture on file (hence, you don't always have to have a new picture). I'm not sure there are many situations where you could refuse to show ID to the government.
3. That's not a given, depending on the situation.
The advantage of a traditional ID card is that that you usually know when "the readout" of your ID happens. I don't know about you, but my idea of a good society does not involve states reading out the identity of their citizens without them noticing. If they have to do that they are not that good at the whole state-thing.
A good ID system has to solve two problems:
- Allow verification that the holder of the ID is the owner of the ID (identity verification)
- Allow to read out certain facts. Bonus points if this can be done granular, e.g. verify to the other side that you are older than X years without telling them when you were born, where you live and what number a state assigned to you. Extra bonus points if you can see which information is read out and can deny (or even flag) over-eagerly information requests.
Note that for the identity verification you just need to know if the biometric identifier of the person holding the ID matches the picture on the ID. You do not know when they were born, what their name is, where they live etc.
In a safe digital future this need-to-know-principle is IMO necessary to keep the power symmetry between inividuals and governments/corporations/criminals.
1. “Just because they have power let’s give them more power.” This is a bad argument
2. There certainly are situations where you can refuse. And some one needs to ask you explicitly for it right now. Won’t be true when your face is a government id
3. This is simply not true. When push comes to shove, the feds will win every time
identity “verification” by ssn is stupid; almost every other democracy has national id systems and residential verification and it works better and is easier to get benefits or prove yourself than real id and any other absurd american invention.
The first part is correct, the rest is technocratic handwaving over real concerns based on real experiences that lead to dire consequences that cannot be undone and often aren't fully known until it's too late to undo them.
I’m not commenting on the facial recognition tech. They do that without a national ID.
State and the Federal government also work together in security, especially “National Security.” That’s how police departments end up with former military vehicles.
Some state governments already perform facial recognition when issuing drivers licenses. There have been stories of twins being unable to obtain an ID because it was flagged as fraud due to matching facial features.
> Second, we have a national ID already called a passport. That’s valid ID in the US and issued by the Federal government. I have one and so far the Feds haven’t come for me while I’ve slept or thrown me into whatever lies at the bottom of this slippery slope argument. Am I missing something?
"I did X and bad thing didn't happen, therefore bad things never happen as a consequence of X."
> Third, what makes the Feds worse than my State government?
Scale: 330M persons versus 1M - 40M persons. Also: budget, legal authority, known illegal abuses (Florida never tried to render a citizen to Gitmo).
> What stops Florida or New Mexico from turning State ID databases into a surveillance tool?
Not sure about NM, but FL has, as have many other states.
(In NM, I think the ABQ police just shoot first and identify later.)
> Is it possible we really have 50 slippery slopes to deal with?
50 states + 1 federal, yes.
> Again, I don’t understand where the fear is.
Mass surveillance of citizens, invasion of privacy, you know, things like that.
It doesn't have to turn into a Chinese social credit score for things to get bad.
> Scale: 330M persons versus 1M - 40M persons. Also: budget, legal authority, known illegal abuses (Florida never tried to render a citizen to Gitmo).
The jurisdiction of your ID doesn't change your legal jurisdiction. I.e. having a Florida ID instead of a federal ID won't prevent the feds sending you to Gitmo.
> Mass surveillance of citizens, invasion of privacy, you know, things like that.
The feds already have access to DMV data from all the states.
I think there was a time where having to get data from state DMV's would have been a nominal hurdle, but not anymore. I'm on team federal ID these days because I don't think the feds get access to any additional data, and most state DMV's suck. It's easier to get a passport than a driver's license these days, I'm more confident in the feds ability to make a functional ID system.
The TSA violates the 4th amendment millions of times a day and has a 95% failure rate at its job simultaneously.
Read it for yourself and ask if searching every single person trying to fly is "reasonable" or if they have a warrant: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
I think a metal detector search of the person and X-ray of bags is reasonable in terms of an invasiveness of search which is no greater than required for the legitimate safety concern and proportionate to the risk.
I think the AIT machines are not reasonable (by nature of being more invasive than required), which is why I opt-out 100% of the time, much to the frustration of my wife when we’re traveling together, but I don’t care.
I think the TSA agrees the AIT is likely enough to be unreasonable to not want it tested in court, hence they allow opt-out.
Does the "opt-out" still involve a groping by a minimum wage fake LEO whose abuse is protected both by a union and federal law?
I'm not concerned for myself, I'm concerned for _my kids_.
As long as TSA agents are allowed to molest kids under the color of authority, then the "opt-out" is as much or more of a threat as the naked pictures they take in the AIT machines.
Yes for adults, but no on the kids. Kids (along with one parent per kid) are already directed through the metal detector line.
I know that's not a great answer and I'm frustrated that AITs exist as a convenience and throughput increasing device, but it's also not "TSA is molesting kids who opt-out."
whenever biometrics pops up on HN i always have to post the reminder that a biometric is _both_ a username & password bundled as one login credential. People like to compare biometrics to passwords, but that's a bad analogy because passwords can be changed whereas no one in tech likes to admit that a username should be changeable too.
It's just a username. As implemented the systems only require a username. It's also not even that, it's a temporal identifier, as faces change, sometimes in ways that we all expect and sometimes, not. To the extent that we've even performed facial transplants in response to some of these cases.
If biometrics were going to work, we'd be using fingerprints already. For all the same reasons we don't use fingerprints, we won't be able to use facial identification.
It's not "just" a username, in a way that I can type arbitrary username easily, but spoofing biometrics is somewhat harder, at least in a controlled environment. And that's the only reason why it's used - it is essentially a replacement for situations such an agent quickly checking a photo ID (low-effort high-volume quick-and-dirty weak authentication).
Not that I'm fond of this, just saying that it's not exactly just an username.
There is no culture of using secrets for authentication in any public setting. It all had always relied on biometrics, since times immemorial (people knowing how one looks like, then scaled up with printed documents, now scaled up again with machine-assisted recognition). Essentially, with some exceptions like high-security facilities, people had always relied on their public identities (self-asserted or asserted by a trusted third party, depending on the requirements) to get access.
And with facial recognition, two people don't even have to be related. I knew a guy who looked so much like me that he grew a mustache purely so that our own friends could tell us apart (which is how I know I look terrible with a mustache). There's zero chance that facial recognition could distinguish us.
New Zealand has been using facial recognition (& iris I believe) at airport border control for over a decade. New Zealand is probably still a bit sensitive over France bombing Greenpeace here last century. https://nzhistory.govt.nz/politics/nuclear-free-new-zealand/...
I don't like it, but it is where the world is going. The USA has been taking fingerprints of international travelers for a long time!
I think this is doubleplus good, we need to stop the double negative bad people of eastasia who want to use violence and terror to take away our way of life.
Thus by ensuring that the government is tracking every person that goes through an air port at all times we can ensure we stop the bad people of eurasia for hurting our people and this is doubleplus good.
It makes me feel all warm and fuzzy to know that the state is willing to go to such great lengths to stop bad things like an older sibling watching over my shoulder.
Of course we all know that the TSA is a vital component of national security given all the times they successfully done...... anything?
To remove, for the airlines, the old grey market of resold "non-refundable" tickets that which the original purchaser can no longer utilize that existed before the ID requirement.
There is more profit in being able to sell an unoccupied seat twice (once for the unused non-refundable ticket, a second time when the original ticket does not show up at the gate) than in allowing tickets to be resold on the grey market.
Then the airlines should be doing the ID checks. But they don't bother, because the TSA basically does it for them.
Pretty sure the stated reason for the TSA checking IDs is to keep people on the no-fly list from flying. (Worth nothing that the no-fly list is not without its problems). It also allows trusted traveler programs to work.
Not disagreeing with you or the OP about anything, but then this just raises the question for me of why not use facial recognition to screen against a no fly database (negative screen) than to verify identity (positive screen)? Or restrict it to trusted traveler on an opt-in basis?
The TSA approach and security paradigm in general seems poorly thought out and misguided to me sometimes.
Why do they care, though, if their margins are going to remain at X% anyway, because of market forces? They're just adding extra steps to the whole thing so a random passenger can benefit from my lost ticket money, rather than someone I explicitly choose.
Because if a ticket is sold privately to another rather than going unused, the airline only gets paid once. If the airline can resell the seat, they get paid for it twice.
When I buy tickets, they are nonrefundable. If I don't use the ticket, I don't get my money back (or credits). You can buy tickets that are refundable, but they cost more.
non-refundable doesn't mean what you think it means. you get a voucher for the ticket price (minus a fee) you can use on a later date so they aren't really selling the seat twice.
Buy a beer on the other side of security, it's served in a glass. Take it to the bathroom, wrap in towel, break. You now have many shivs. Distribute to your compatriots.
Get compatriot hired to Benny's Shrimp Shack and Burger Emporium. Have him pass a knife roll over the counter from the kitchen.
Get a compatriot hired as a cleaner. Have her pass you a bag of bleach and a bag of ammonia.
I flew through HKG last week. Biometric scan to transit from incoming to outgoing space, then at gate, I only had to be scanned by my eyeballs and face, I didn't even have to present my boarding pass.
Returning to Canada on my Canadian passport now no longer involves talking to a human at all. Scan passport, then facial scan, quick touch-screen questionnaire, and that's that. Fast and convenient, but disturbing.
I'm used to the humiliating invasions of privacy and overtones of fascism etc when traveling to the US where it can be "excused" because I'm a foreigner there. But I don't particularly feel great about the biometric stuff in my own country.
I kind of miss the "welcome back, I hope you didn't smuggle anything in" routine TBH.
> I kind of miss the "welcome back, I hope you didn't smuggle anything in" routine TBH.
I mean, you're not actually required to use the kiosks. You're allowed to go to the regular stand with an immigration official and get processed the normal way. Given that the vast majority of countries don't support this system, I don't see this option going away any time soon.
I've worked with a lot of very good facial recognition technology. They all have demonstrated biases for white males. Even in the ideal scenario they are far too inaccurate (<97%) to be used for identification, unless your false reject rate is extremely high (>30%). And if it is a less ideal scenario (elderly Latina, Asian woman, etc) you'll be lucky to get 80% accuracy without high false reject rates.
When it comes down to it, accurate facial recognition is at best 99% accurate. But being wrong 1 in 100 times is a horrible number for an authentication system. Anything else you ever use for authentication (password, iOS face scanning, PIN, etc) would be considered a complete joke if it only got to 99% accuracy.
People often cite bias in facial recognition systems, but I would argue that the average human is worse. Many people struggle to distinguish between people of ethnicities that are different from those they are most familiar with.
The real problem with people interpret the data from those systems, assuming the confidence levels of matches are displayed as they should be.
This reads as something ChatGPT 3 generated: wordy,repetitive,and simply states again and again that is bad, very bad, without providing any actual or imagined scenarios.
Can somebody explain to me, succinctly and without the slippery slope nonsense immanent in this link, why facial recognition is seen by some reasonable people to be a problem? I’m not interested in why anarcho-fascists or tinfoil hat libertarians or Luddites think it’s a bad idea - I’d like to know why your average reasonable man would have a problem with this. As somebody with both a law and a science degree, I just can’t understand the outrage. We already have to take our photos for passports and our IDs - how the fuck is this substantively different? I get the sense this a situation that proves that rule that somebody, somewhere will always find a way to be outraged about everything in 2023.
To me, widespread facial recognition isn't that different from an ID... except you're always obligated to walk with your ID taped to your forehead. Once the system is in place, expanding it to other locations could be a trivial task. Hypothetically, this leads to a situation where you can discretely "card" anybody by just recording them, with no need to ask for an ID or even let the person know that they're being checked. And if that's in place, then, given enough cameras, tracking every person's location is also simplified. So, I guess my opposition here isn't directed at specifically TSA, but rather creating a centralized facial recognition database in general.
Because it gives the government a direct up to date photo of you, while it's already tracking where you are going. It's just that much easier to decide you have committed a crime. And find you.
However, the slippery slope holds true when you complain about previous actions. I.e. the government knowing where you go when you fly, and searching your private belongings without a warrant.
This isn't the first thing on the slope. With just those two examples this is the 3rd. I'll believe the slope isn't slippery when they repeal the patriot act.
> I’m not interested in why anarcho-fascists or tinfoil hat libertarians or Luddites think it’s a bad idea - I’d like to know why your average reasonable man would have a problem with this.
I think this is an overly adversarial view of people trying to take a long and systems based view of this, but even if we do focus on the immediate practicalities, there are a couple of obvious ones.
First, and foremost, I don't trust TSA to get it right. Facial recognition is one of many technologies that works well enough most of the time that it might be fine for non-critical infrastructure, but there are enough issues with it that at the scale of imposing it on all passengers we should anticipate a lot of negative impact. This can include both the possibility of bad actors being allowed to travel because they can find effective ways to defeat the system, and innocent people being negatively impacted through no fault of their own. Early on the system may be opt-in, and in the medium term there may be reasonable paths to opt out, but once the system is mandatory- or a significant default, people will be punished with a significantly degraded experience because the technology doesn't work well for them.
There's also the infosec angle. I don't trust TSA to get security right any more than I trust them to get facial recognition working right. We've already seen leaks of images from millimeter wave scanners. Although a photo of your face may not be as private as the images leaked from those scanners, there are a lot of potential negative outcomes from someone getting a hold of a corpus of facial recognition data, especially if it contains more than just a raw photo and includes information that could help someone to impersonate you.
I was at JFK recently and was shocked how fast the Global Entry facial recognition system was compared to say UK one. I literally had barley registered on the camera before it gave me a green tick.
I don't see facial recognition going away anytime soon since (other than fingerprints) is being rolled out to answer "this document is a legit document, but is the holder of this document the person on the document".
Anyone's guess why facial recognition is being used in favor of fingerprints is anyone's guess since fingerprints are way more accurate.
I'm not exactly sure of the connection, but I just got a message that I must enroll in the new, mandatory CLEAR program which appears to use facial recognition. Is this one of the two pilot programs they're talking about here?
It's mandatory in order to continue using clear, not for travelers in general. They're being a little dodgy about what it all entails.
> Members will need to upgrade to CLEAR’s NextGen Identity+. This will power CLEAR’s Lane of the Future rolling out over 2024.
> NextGen Identity+ will unlock the CLEAR Lane of the Future. The CLEAR Lane of the Future, which will be rolling out over 2024, will deliver an even faster, more predictable airport experience for our Members. It will allow CLEAR Plus Members to verify their identity with their face (instead of iris or fingerprints) and eliminate the need for Members to stop at a CLEAR pod.
This is because CLEAR screwed up for years and wasn't properly verifying identity. The TSA smacked them for it earlier this year when a significant fraction of the CLEAR user base turned out to be effectively unverifiable. It's mostly unrelated to the article.
Yeah, I don't see any argument here. There is just an assumption that "an effective person identification system is bad", and a bunch of words distracting from the fact that they are begging the question.
It’s funny to see so much controversy when anybody who has traveled a decent amount has already had their eyeballs, fingerprint, and face recorded at immigration checkpoints around the world.
Story time! They probably had different reasons but I had funny encounters with the TSA involving hoodies.
One time I missed a flight in Miami and the next flight was 6-8hrs later. I decided to hang around the airport. Eventually I became sleepy, put my bags next to me, sat down where there are no passengers, put headphones and covered myself with a large hoodie to keep it dark enough for a nap. A couple of hours later I take off my hoodie for a peek and this uniformed TSA guy is sitting in front of me and staring at me, I stared back for a few seconds, checked the time and went back to sleep. A while later I am rested so I get up, now there are 2-3 people around me but the TSA guy is still staring at me. We had a staring contest for like 5-10min the I got bored and started wasting time on my phone. A little later, I was hungry and my departure time was within 1h so I ignored the guy and went to my gate area and ate an expensive tuna sandwich before leaving miami.
Second story, same hoodie I think, I was similarly taking a nap (forgot the airport), I hear a small commotion and look up there are TSA people standing around one is trying to make it look like they are not trying to look at me, then another TSA worker brought a k-9 dog straight to me without saying a single word and had the dog take its time sniffing me and all my stuff. I didn't mind tbh. Then they had the dog sniff around a couple of nearby seats and took it away. Not a big deal, I just couldn't figure out what they were thinking? Did they think I was a terrorist but needed a nap before my attack?
Also, I don't know if facial recognition flags people but I can tell by their body language when I am standing line if they will do a chemical test, to the point I prepare my hands and volunteer them before the guy even asks (they comment on how I am too used to it lol).
People complain about this stuff but personally I care more about all the surveillance they buy that then gets paired with your facial/biometrics and sticks with you for life.
Also, had a rookie TSA agent follow procedure one time and tell me I can request a private pat-down if I so wish. I told him "sure" just to see what they do, they knew I was fooling around so they didn't pat me down properly but they took me to a private room for the pat down. Worth mentioning because it sounded like they are supposed to inform you of that for each pat down and if you are legitimately a person sensitive about being touched and fondled in public you have that option (they even leave the cash on the dresser before they leave /s ).
I say all this but I do understand that the TSA workers on the ground are well meaning folks keeping everyone safe. I have much respect for them even if I don't always agree with TSA/DHS policy, which ulitimately is a product of the american voter's will.
As someone who flies into and out of the US fairly regularly-ish ... the way I'm treated by Homeland Security when I fly with my wife & son vs. alone, is a bit shocking.
Alone: I'm asked what I am doing there (despite having a US passport; so it shouldn't matter), why I live in a foreign country instead of the US, what I do for a living, why I have a backpack on instead of suitcase, etc. While they sit there holding my passport hostage, scrolling through who knows what data... sometimes I even "randomly" get sent to a back room to have all my stuff dumped out and my phone confiscated. It's like they want to make _really_ sure I never come visit my parents.
With my family: welcome home! Have fun!
If you want to sneak into the US, just go with a wife and kids. /s
If you're a USA citizen you're under no obligation to answer any of their questions, and in fact answering any of them can only really hurt you. You shouldn't ever answer questions from any form of cop without your lawyer present, and even at the border you still don't have to, though they have more unconstitutional but legal leeway to seize your stuff and hold you as punishment.
American cops across the board are getting more bold in their degradation of civilians and we shouldn't stand for it.
Even tsa only has one thing they're legally allowed to do: determine you don't have weapons you're trying to bring onto the plane. Whenever I have to deal with TSA I say I forgot my ID. "But you're in the international terminal you need your passport to board." Aw bummer I guess the airline won't let me fly, here's my boarding pass. They pat me down of course but they eventually let me in, every time, cause they have to.
If every American exercised their rights with the TSA the charade would collapse instantly as lines extended to hours long and security protocols were relaxed so people could get to their flights. I got to witness this firsthand after defcon once when all the attendees arriving at the airport around the same time were refusing to show ID to TSA and refusing to do the genital scanner, and a bunch of tourists were stuck in line for hours with strange people in black hoodies extolling to them the dangers of their Facebook account, until TSA finally just started pushing people through the metal detector as fast as they could.
I did go with a wife and kids but no US passport, got pulled into a small room and questioned till we missed our connection flight, US customs is so obnoxious is the number 1 reason why I avoid travelling to the US...
Yeah, I (well, she) had this experience entering the US with a non-American girlfriend, 10+ years ago. She was pulled aside, grilled, treated terribly, and emerged in tears 30+ minutes later. It really made me angry, because it's not as effective _security_-wise as what we were used to flying the other way. Immigration agents at Heathrow were generally so polite and accommodating (eg, let me go through the EU citizens path, when we were traveling together), that I typically revealed more about my travel plans than I probably _had_ to, and / or may have been wise. It's dumb and self-defeating, and should be a source of shame for all USA-ians.
yeah, it's not even a job well done the way it's done. usually more power tripping above all else. the security theatrics of TSA should be gutted to be honest. I remember flying into the US in the 80s, that was a treat. Very different times.
> This statement by TSA Administrator Pekoske highlights one of the main risks of TSA using facial recognition in any capacity—there is no guarantee that how TSA initially uses facial recognition will not change or expand beyond the current stated purpose.
Which, if you think about it, would be an equally valid statement about the risks of NOT using facial recognition: that approach would also provide no guarantee that TSA would not use facial recognition in bad ways in the future.
In fact, it is very hard to guarantee that something won't happen.
I'm a biometric skeptic, but this is not a super compelling article. There are better arguments: biometrics can be fooled, biometric measurements are essentially an immutable password which can be leaked/abused, they can be unfair to people with physical differences, etc.
Just saying X can lead to Y so X is bad is just so... lazy.
One way to guarantee that a mass database of biometric data isn't leaked or abused is to not gather it in the first place.
So, yes, it is easy to guarantee that a mass database of biometric data isn't abused if you can prevent it from being gathered. We're making no efforts in that direction, so we're running every day towards a future in which the holder of such a database can deepfake anyone doing anything.
Which is why it's so strange to say that one of the greatest risks of the TSA's program is that they could do a totally different program in the future. It's literally like saying that going to the gym is risky because you might get into BASE jumping.
There are better arguments. Hence, this piece is weak.
That is one of the greatest risks, because while you may agree to give them your biometrics for air travel, you may not agree to do it for another purpose, but it's too late at the point where they already have it.
It effectively means that if I don't want them to potentially give it to LEOs, I have to opt out of any services they are gatekeeping behind it.
That's not a slippery slope argument, it's an argument that there is no way for me to review how the information they collect is actually being used.
I don't think you read the EPIC post, or the part I quoted. You're creating a new, more reasonable argument that is loosely aligned with the second, lesser concern that EPIC had.
I wonder if when these things leak and become ever-more damaging, biometrics will basically become worthless and we will pivot to hardware tokens or something else.
There seems to be little resistance to this in the USA, and we’re also okay with abysmally bad forms of identification (SSN, birth certificates).
> Which, if you think about it, would be an equally valid statement about the risks of NOT using facial recognition: that approach would also provide no guarantee that TSA would not use facial recognition in bad ways in the future.
The key difference is one of those scenarios gives the TSA a larger database of candid photos linked to an ID compared to just the one photo on record.
Are we reading the same thread? I'm not seeing any comments defending the practice, or calling it effective, or accusing people of "demonizing" a technology.
The 1:1 case is not too unreasonable, if you ask me. Store a cryptographically signed photo on a chip in the ID card, and the machine can compare that to the real-life human presented. There are obviously drawbacks with biases in the comparison algorithm, but that's not really any worse than a human doing the same. From a privacy perspective it's not too bad - provided they delete their copy of the photo after the card is issued. This isn't any different from having the photo printed on the ID card, if you ask me.
The 1:many case, on the other hand, is a bit of a problem. This requires the creation of a mass database with everyone's pictures in it. The privacy implications are obviously enormous, as it would also enable the identification of previously-anonymous people "in the wild".
And then there's obviously the issue that it simply cannot possibly work on a larger scale: with a 1:1 comparison you have to look for a close-enough match of a single picture pair, but with a 1:many comparison you have to identify one person out of millions of possible matches. There needs to be some lenience in the matching (people use makeup and get rhinoplasties) but people's faces already look quite similar - once you get to the million-people scale, there are pretty much guaranteed to be some false positive matches in there!