Jennifer Lee of the ACLU of Washington State delivered a letter co-signed by a coalition of organizations including the Identity Project urging the Port Commission not to authorize, pay for, or participate in any use of facial recognition to identify travelers:
On December 10, 2019, the Commission adopted seven principles to guide its decision-making on if and how biometrics should be used at the Port. These principles are: justified, voluntary, private, equitable, transparent, legal, and ethical.
We do not believe that either the current or the proposed uses of biometrics to identify travelers on Port property can be implemented in a manner consistent with these principles. Port staff state that its recommendations “are not meant to suggest that the Port should implement public-facing biometrics, but rather how to do so in alignment with our guiding principles.” The only action that would be aligned with those principles would be to ban the use of facial recognition technology to identify members of the public by the Port, as well as by the Port’s tenants and contractors….
1. We urge the Port of Seattle Commission to reject participation in, and funding of, CBP’s facial recognition exit and entry programs….
2. We urge the Port of Seattle Commission to prohibit use of facial recognition technology by private entities.
The Port of Seattle should prohibit business tenants such as airlines from integrating with CBP’s Traveler Verification Service (TVS) — the agency’s “Identity as a Service” biometrics system…. When Port tenants integrate with CBP’s TVS architecture, it is impossible to separate “private” or non-federal surveillance from federal government surveillance of travelers. Travelers may think that they are having their photo taken at a self-service kiosk solely for use by the airport or airline. But in reality, that photo will also be shared with DHS and CBP.
The Port, airlines, and contractors should not obscure the role of DHS and CBP by collecting facial images on their behalf. The Privacy Act, as discussed further below, requires that if an individual’s personal information is to be used by a federal agency, it must be collected by that agency directly from that individual. The best way to provide travelers with clear notice that facial images are being passed on to DHS is to require that any such images be collected by identifiable, uniformed DHS staff, using DHS equipment, at DHS’s expense.
The Port meeting also heard from the office of Rep. Pramila Jayapal, who represents the city of Seattle and environs (although not Sea-Tac Airport) in Congress. Noting the concerns that led her to introduce a bill in Congress that would “place a prohibition on the domestic use of facial recognition technology by federal entities, which can only be lifted with an act of Congress,” Rep. Jayapal suggested that the Port Commission “consider a moratorium on the use of biometrics technology in all Port activities under its purview.”
The Port states that facial recognition is lawful if use complies with all laws including privacy laws and laws prohibiting discrimination or illegal search against individuals or groups.
The Port or the Port’s airline tenants collaborating with CBP would likely violate the Privacy Act, a federal law mandating that data be collected directly from individuals by a federal agency if the data are used as part of the basis of making decisions about access to federal rights and privileges (such as federally-licensed air travel).
The Privacy Act also prohibits collection of information concerning the exercise of rights protected by the First Amendment without explicit statutory authorization. The First Amendment protects “the right of the people peaceably to assemble” and records of when, where, and with whom we travel are records of how we exercise rights protected by the First Amendment. Neither CBP nor TSA has explicit statutory authority to collect facial images of U.S. citizens or domestic travelers, and thus, collection of this information is prohibited by the Privacy Act.
By collecting facial images and sending them to CBP, the Port or airlines operating at the Port would potentially be complicit in CBP’s violation of federal law. The Port should not facilitate CBP’s unlawful outsourcing of personal data collection.
As we’ve pointed out repeatedly, current CBP facial imaging practices also violate the federal Paperwork Reduction Act requirements for OMB approval and notices .
Opposing Rep. Jayapal and all of the civil liberties, human rights, and other community organizations that spoke at the Port meeting yesterday, Seattle-based Alaska Airlines and Port of Seattle staff pointed to COVID-19 as an argument for “contactless” passenger processing procedures. But facial recognition actually increases health risks to travelers by requiring travelers to remove their face masks, which isn’t even allowed by health orders in many jurisdictions.
We believe that the Port of Seattle should follow the example set by the city of Portland, and ban use of facial recognition to identify travelers, to the limit of its jurisdiction. Certainly the Port of Seattle should reconsider and reverse its decision to collaborate with the DHS by funding and deploying its own shared-use DHS-linked cameras.
Port Commissioners participating in yesterday’s meeting said they plan to convene another meeting with the biometrics advisory committee in November before bringing the issue back to the full Port of Seattle Commission, where there will be another opportunity for public comments and testimony. In the meantime, you can send a message to the Port Commission using this form from the ACLU of Washington.