Security Experts:

Connect with us

Hi, what are you looking for?



Huge US Facial Recognition Database Flawed: Audit

The FBI’s facial recognition database has more than 400 million pictures to help its criminal investigations, but lacks adequate safeguards for accuracy and privacy protection, a congressional audit shows.

The FBI’s facial recognition database has more than 400 million pictures to help its criminal investigations, but lacks adequate safeguards for accuracy and privacy protection, a congressional audit shows.

The huge database — which enables investigators to automatically search images for criminal suspects — “is far greater than had previously been understood” and raises concerns “about the risk of innocent Americans being inadvertently swept up in criminal investigations,” said Senator Al Franken, who requested the study.

“I will be asking tough questions about the FBI’s use of facial recognition technology and its plans to improve the testing, transparency, and privacy protections of its system,” the Minnesota senator said as he released the Government Accountability Office report on Wednesday.

The FBI’s database includes some 30 million criminal mugshots and 140 million images from visa applications by foreign nationals, the GAO found. It also contains drivers’ license pictures from 16 US states and 6.7 million photos from the Defense Department’s biometric identification system of individuals detained by US forces abroad, among others.

The system enables the FBI to use pictures of unidentified people to determine if they are being sought in criminal investigations, and can also assist local law enforcement agencies.

But the FBI has failed to adequately assess the system’s accuracy for its own images and those held by other agencies, the audit found.

“The FBI should better ensure privacy and accuracy,” the report said.

The agency has not done enough to protect against “false positives,” which can prompt the authorities to target innocent people, the GAO said.

“FBI officials stated that they have not assessed how often (system’s) face recognition searches erroneously match a person to the database (the false positive rate),” the report said.

“The accuracy of a system can have a significant impact on individual privacy and civil liberties,” it added, saying that the false positive rate should be analyzed “prior to the deployment of the system.”

“The report shows that the FBI hasn’t done enough to audit its own use of facial recognition technology or that of other law enforcement agencies that partner with the FBI, nor has it taken adequate steps to ensure the technology’s accuracy,” Franken said.

Civil liberties advocates said the report was worrisome.

“Face recognition is a relatively new technology and it’s important that not only the FBI but the public be aware of its limitations,” Jay Stanley of the American Civil Liberties Union said.

“Errors mean random people could be falsely identified as potential criminals and find themselves coming under the FBI’s powerful investigatory microscope. That could be not only invading people’s privacy, but also exposing them to accusations of wrongdoing.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...


A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...