High-Tech Border Controls Could Threaten Privacy

Welcome to America! Now, let’s scan your face and copy your device data

Key Takeaways

  • Customs and Border Protection plan to use facial recognition to identify every traveler entering the country by 2025. 
  • The Department of Homeland Security can now extract a phone's location history, social media information, photos, and videos.
  • The software is still not accurate enough to prevent false matches.
  • How data collected at borders are shared between government agencies is important for protecting privacy.
People enter the United States through the Mexicali-Calexico pedestrian border crossing
Eder Zaid Figueroa / Norte Photo / Getty Images 

Erik Learned-Miller was flying last year from Hartford, Connecticut to a conference in Seoul, South Korea when he noticed cameras scanning his face at the airport. A US government agency was using facial recognition to identify him, he said. 

“I had a little bit of trepidation,” said Learned-Miller, a University of Massachusetts Amherst computer science professor who studies facial recognition technology, in a phone interview. “It’s worrisome that my face could end up in a database used by another government agency.”

Learned-Miller is among the increasing number of travelers who are being subjected to high-tech identification and data searches at US borders. Some civil liberties experts say the use of such technologies threatens privacy. 

Earlier this year, Customs and Border Protection (CBP) announced that every pedestrian traveler entering the country from Mexico will soon be identified using biometric facial comparison technology at the Brownsville Port of Entry. Previously, CBP officials said the agency will use facial recognition to identify every traveler entering the country by 2025. In July, the Department of Homeland Security detailed the tools it can now use to extract a phone's data, including its location history, social media information, photos, and videos.

Face the Facts

Facial recognition uses cameras and computers to compare pictures of travelers to passport and ID photos in government records, according to CBP. The agency has used the technology “to interdict more than 250 imposters who attempted to cross the Southwest Border using another person’s travel document” since Sept. 2018, according to a news release.

The technology is also used to screen travelers entering the US at airports.

One problem with facial recognition technology is that it’s still not accurate enough to prevent false matches. For example, current facial recognition systems often misidentify people of color, Learned-Miller said. He pointed to the recent case of Robert Williams, a Black man living in a suburb of Detroit, Michigan, who was misidentified by the software and arrested for a crime he did not commit.

Privacy lawyer Susan Hintze also called into question the accuracy of facial recognition technology and called it “very nascent in terms of its ability” to accurately detect people.

”These systems are more prone to misidentify people of color rather than White people,” she added via phone interview. “The major issue here is that a lot of people at the border are people of color so the chances of being misidentified are fairly high. It’s inappropriate to be using this technology until it has improved.” 

CBP says the facial recognition systems it uses are designed to protect privacy. In its news release, the agency explains it has “employed strong technical security safeguards and has limited the amount of personally identifiable information used in the new biometric process. 

“New photos of US citizens will be deleted within 12 hours. Photos of foreign nationals will be stored in a secure DHS system.” 

US citizens traveling across the border can opt out of the facial recognition by requesting a manual document check, according to the agency. 

Your Phone Isn’t Safe

Border patrol agents are also searching phones and computers, according to a recent report. Agents can copy digital devices—including cell phones and tablets—when travelers cross the border and collect data including contacts, call logs, emails, and social media information. 

DHS and border agents were allowed to search devices without a warrant until a court ruled against the practice last year. Now, most searches of electronic devices are collected with warrants, the report said.

But the document also outlined broad categories in which travelers’ devices can be searched without warrants, including when consent is given by the traveler, devices that are “lost,” and “if there is an imminent threat to the safety of the public or law enforcement, such as a life or death situation.”

Brenda Leong, Senior Counsel and Director of Artificial Intelligence and Ethics at Future of Privacy Forum said that collecting cell phone data at the border raises privacy concerns. “The amount of data available via cellphone and related apps and cloud storage and tracking data from providers and so on is unbelievably extensive, so obviously [it] creates significant privacy concerns,” Leong explained on the phone.

Multiple security cameras watching a locked smartphone
Jeffrey Coolidge / Getty Images

How the data collected at borders are shared between government agencies is key to protecting privacy. “In general, to share data across agencies takes permission, you can't just hand over data,” said Leong. “CBP can’t just hand over data to the IRS or anybody in the government. We have to look at whether requests for information sharing are being made inappropriately.” 

Safeguards need to be put in place to make sure the data collected is not misused, observers say. Data collected on travelers should be kept for a limited amount of time and only used for the stated purpose, suggested Learned-Miller. “There is potential for abuse of the system so if people are taking your picture for an authorized purpose, but then use it for any unauthorized purpose, that's a serious concern.”

Learned-Miller called for an independent federal agency to regulate the use of facial recognition technology, saying “there needs to be auditing and disclosure to make sure rules are being followed.”

Was this page helpful?