Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

House Panels Probe Gov’t Use of Facial Recognition Software

Two House committees have launched an investigation into the government’s use of facial recognition software that was most recently used by the Internal Revenue Service, but stopped after complaints from lawmakers and privacy advocates.

Two House committees have launched an investigation into the government’s use of facial recognition software that was most recently used by the Internal Revenue Service, but stopped after complaints from lawmakers and privacy advocates.

Critics of the software said facial recognition databases could become a target for cyberthreats. They also expressed concerns about how the information could be used by other government agencies.

In a letter Thursday to Blake Hall, CEO of ID.me, the lawmakers requested documents and information related to the company’s contracts with 10 federal agencies and 30 state governments for use of its facial recognition technology.

“I am deeply concerned that the federal government lacks a clear plan, leaving agencies like the IRS to enter contracts worth tens of millions of dollars with questionable terms and oversight mechanisms,” House oversight committee chair Carolyn Maloney, D-N.Y., said in a statement.

[ Read: The Art Exhibition That Fools Facial Recognition Systems ]

“Without clear rules of the road, agencies will continue to turn to companies like ID.me, which heightens the risk that essential services will not be equitably provided to Americans, or will be outright denied, and that their biometric data won’t be properly safeguarded.”

The letter was signed by Maloney and Rep. James Clyburn, D-S.C., who chairs the Select Subcommittee on the Coronavirus Crisis. It was first reported by The Washington Post.

In an emailed statement, a company representative said “ID.me remains a highly effective solution available for government agencies that provides the most access for under-served Americans.”

“ID.me adheres to the federal guidelines for identity verification and login while providing services to public sector agencies. These standards have proved remarkably effective at preventing fraud. Four states have credited ID.me with preventing $210 billion in fraud,” the statement reads.

In February, the IRS said it would suspend its use of facial recognition technology to authenticate people who create online accounts after the practice was criticized by privacy advocates and lawmakers.

Lawmakers, including Senate Finance Committee Chair Ron Wyden, D-Ore., called on the IRS to end its use of the ID.me software.

The agency is currently grappling with a worker shortage and an expanded workload processing tax filings and administering pandemic-related programs.

The tax day deadline is Monday.

RelatedBecoming Elon Musk – the Danger of Artificial Intelligence

RelatedIRS to End Use of Facial Recognition to Identify Taxpayers

 

RelatedItaly Fines US Facial Recognition Firm

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Identity & Access

Strata Identity has raised $26 million in a Series B funding round led by Telstra Ventures, with additional investment from Forgepoint Capital, Innovating Capital,...