Sens. John Kennedy (R-La.) and Jeff Merkley (D-Ore.) introduced a bipartisan bill Wednesday seeking to prohibit the Transportation Security Administration’s current use of facial recognition screening at airports, arguing the technology is being exploited and most travelers don’t know they can opt out of being screened.
The TSA uses CAT-2 technology to verify a traveler matches their physical ID before they enter physical security screening at some airports, and according to the TSA, the biometric data is not used for surveillance or law enforcement purposes.
Under the proposed bill, called the Traveler Privacy Protection Act of 2023, the TSA would be required to end its pilot facial recognition program and would need congressional authorization to use the technology, according to a press release from Kennedy’s office.
The TSA would also be immediately banned from expanding its facial recognition program, and would be required to delete facial biometric information, including images and videos obtained through the technology.
Kennedy said the act “would protect every American from Big Brother’s intrusion by ending the facial recognition program,” and Merkley called the program “a precursor to a full-blown national surveillance state.”
Sens. Roger Marshall (R-Kan.), Elizabeth Warren (D-Mass.), Edward Markey (D-Mass.) and Bernie Sanders (I-Vt.) cosponsored the bill.
Forbes Daily: Get our best stories, exclusive reporting and essential analysis of the day’s news in your inbox every weekday.Sign Up
By signing up, you accept and agree to our Terms of Service (including the class action waiver and arbitration provisions), and Privacy Statement.
The TSA declined a request for comment.
In June, a TSA spokesperson told Fast Company the agency planned to expand its facial recognition program to around 430 airports in the future. The TSA’s facial matching program, which was being piloted at 25 airports at the time, was determined to be 97% effective “across demographics, including dark skin tones,” TSA press secretary Robert Langston said. The TSA’s facial recognition technology has been used since 2020, according to CBS News. Travelers’ photos are not stored or saved after getting a positive ID match, according to the TSA. However, the TSA said some photos are saved “in a limited testing environment for evaluation of the effectiveness of the technology.”
In February, Merkley was joined by Markey, Warren, Sanders, and Cory Booker (D-N.J.) in a letter to TSA Administrator David Pekoske calling for an immediate halt to the use of facial recognition technology. The senators pointed out “racial discrimination this technology may exacerbate” and included a study by the National Institute of Standards and Technology that found Asian and African American people were around 100 times more likely to be misidentified by facial recognition technology than white men. The senators also said they were “concerned about the safety and security of Americans’ biometric data” falling into the hands of authorized private companies or “unauthorized bad actors,” like it did in 2019 when photos of travelers stored by the Department of Homeland Security were stolen in a data breach. The senators said the TSA’s deployment of facial recognition technology “on a mass scale” was a threat to civil rights “without sufficient evidence that the technology is effective on people of color and does not violate Americans’ right to privacy.” In a response to an online survey from Algorithmic Justice League about travelers’ experience of using facial recognition technology that was exclusively shared with Fast Company, one respondent said they didn’t know there was an option to opt out of the screening and that “it didn’t seem like there was a choice.”
In January, the TSA launched an investigation into a “potential cybersecurity incident” after a hacker claimed to have access to an outdated version of the agency’s no-fly list from 2019, CNN reported. The hacker, who identified herself as a cybersecurity researcher based in Switzerland, told CNN the no-fly list of known or suspected terrorists was on the public internet in an unsecured computer server hosted by a regional airliner in Ohio.