More than 4,500 individuals at federal and local law enforcement agencies currently have access to a facial recognition database hosted by the Ohio Attorney General’s office, including at the Federal Bureau of Investigation, Immigration and Customs Enforcement, and the National Aeronautics and Space Administration.

The program is part of the Ohio AG’s Ohio Law Enforcement Gateway (OHLEG), a platform for sharing digital tools and information between law enforcement agencies. Created as a way for state law enforcement to pool and collaborate on data and investigations, access has spread far beyond the state’s borders, complicating oversight of accuracy and potential misuse. MuckRock received a partial list of agencies with access from early February 2018 as part of a public records request ; two additional sets of materials are forthcoming.

“One of the issues we have with these shared systems is that, first of all, it allows this cloak of secrecy to stay in place,” said Professor Alvaro Bedoya of the Center on Privacy and Technology at Georgetown Law School. A 2016 report from the CPT found at least 117 million Americans are represented by photos in federal and local facial recognition databases.

“It helps keep these systems secret, and a lot of agencies, when asked about these systems say, Oh, we don’t own face recognition system or we don’t run a face recognition system,” said Bedoya. “It lets them get away from answering difficult questions about the systems like, Are they biased? What are the access rules for those systems? Are they accurate?”

Added to OHLEG in 2013, the facial recognition program, which was based on a collection of mugshots and drivers’ photos released by the Ohio Bureau of Motor Vehicles, initially received no public discussion or announcement. An investigation by the Cincinnati Enquirer, published two months after the program’s activation, brought to light its use and the broad accessibility granted to law enforcement officers. At that point, approximately 26,500 people had credentials for the system, which had been accessed nearly 3,000 times in the first two months alone.

The widespread accessibility of the technology spurred concerns that too few provisions were in place to protect the system from abuse. The ACLU of Ohio called for it to be shut down until officials could verify the accuracy and privacy of the system. In response, AG’s office established an Advisory Group and updated its rules and regulations to provide a stricter policy for gaining access, outlining that “out-of-state law enforcement agencies as a general rule will not have access to the Facial Recognition attribute.

OHLEG also created a Quality Assurance group whose job function is to ensure compliance to the OHLEG Rules and Regulations,” Steve Irwin of the Attorney General’s office wrote in response to questions. The current number of authorized users for face recognition is about 12 percent of the 36,000 individuals with active OHLEG access.

In the year after OHLEG release, the AG noted that more than half of U.S. states placed additional restrictions around the platform’s users.

In August 2016, the ACLU of Ohio discovered that the FBI was seeking access to OHLEG and urged the AG against it, but the released materials show that the FBI, in addition to ICE, DEA, and NASA, all have members with access to the system.

A 2016 federal Government Accountability Office report on the FBI’s use of the Next Generation Identification-Interstate Photo System (NGI-IPS) found that the FBI had not taken sufficient steps to audit the accuracy of its systems and those used by affiliated state and local facial recognition platforms. GAO released a follow-up evaluation of its recommendations last month determining that FBI had still neither verified the accuracy of NGI-IPS nor the local facial recognition systems from which it draws.

In Ohio, there haven’t been any legislative moves to address privacy or accuracy concerns. When contacted, the Ohio Civil Rights Commission said that, though it would be open to working with the Attorney General’s office on the issue, it had not yet handled any cases or been approached about agency use of facial recognition platforms, which don’t fall under the agency’s immediate purview.

“If the AG wants to work with us, we would be happy to do that,” said Mary Turocy, Director of Public Affairs and Civic Engagement for the Commission.

A bill banning the use of facial recognition software on police body cameras is currently working its way through the California state legislature. Yesterday, San Francisco became the first city in the country to ban the use by the city of facial recognition software. Seattle, Washington and Somerville, Massachusetts are both also currently considering bans on the use of facial recognition technology by government agencies.

Algorithmic Control by MuckRock Foundation is licensed under a Creative Commons Attribution 4.0 International License.
Based on a work at https://www.muckrock.com/project/algorithmic-control-automated-decisionmaking-in-americas-cities-84/.

Image via Ohio AG