FBI Wants to Exempt Its Biometric Data From Privacy Rules

by is licensed under
The FBI maintains a large database of biometric information called the Next Generation Identification (NGI) system, which includes fingerprints, iris patterns, photos for facial recognition and other data about millions of Americans. The agency recently sought to have this database exempted from rules laid out by the Privacy Act of 1974, rules intended to protect citizens from privacy violations and give them tools for finding out whether their records are included in the NGI system. This exclusionary bid by the intelligence agency has many civil rights groups concerned.

In May, the American Civil Liberties Union, the Electronic Frontier Foundation, the Center for Democracy and Technology and other organizations wrote a letter to the FBI explaining potential problems this rule change could present. The letter explains that, while many of the records in the NGI system are from criminal cases, it also includes millions of records from people who were subject to background checks for matters such as naturalization documents or job applications. With such a large array of data in this system, advocacy organizations worry that personal information could be used for investigations for which it was never intended.

“The biggest issue here is that the database will contain an enormous amount of biometric data about individuals who are not even suspected of wrongdoing, which will be searched hundreds or thousands of times a day by law enforcement looking for leads,” Gabe Rottman, deputy director of the Freedom, Security and Technology Project at the Center for Democracy and Technology, told Truthdig. “Even a small number of false positives would be an extreme threat to civil liberties.”

The FBI has argued that informing people that they’re in the database could hamper investigations involving people suspected of criminal activity. But records of law-abiding citizens are in the database as well. Rottman points out that the FBI is essentially classifying all NGI records as criminal records and argues that there’s no legitimate reason to exempt much of what’s in the system from Privacy Act protections.

“They shouldn’t be mixing civil and criminal records,” he says. “If you give your fingerprints as part of a job application, they shouldn’t be in a criminal investigative database.”
by is licensed under

Comments