Back

Why TSA's Implementation of Facial Recognition Is More Dangerous Than You Think

261 points7 monthsepic.org
crote7 months ago

What a confusingly-written article.

The 1:1 case is not too unreasonable, if you ask me. Store a cryptographically signed photo on a chip in the ID card, and the machine can compare that to the real-life human presented. There are obviously drawbacks with biases in the comparison algorithm, but that's not really any worse than a human doing the same. From a privacy perspective it's not too bad - provided they delete their copy of the photo after the card is issued. This isn't any different from having the photo printed on the ID card, if you ask me.

The 1:many case, on the other hand, is a bit of a problem. This requires the creation of a mass database with everyone's pictures in it. The privacy implications are obviously enormous, as it would also enable the identification of previously-anonymous people "in the wild".

And then there's obviously the issue that it simply cannot possibly work on a larger scale: with a 1:1 comparison you have to look for a close-enough match of a single picture pair, but with a 1:many comparison you have to identify one person out of millions of possible matches. There needs to be some lenience in the matching (people use makeup and get rhinoplasties) but people's faces already look quite similar - once you get to the million-people scale, there are pretty much guaranteed to be some false positive matches in there!

patmorgan237 months ago

"From a privacy perspective it's not too bad - provided they delete their copy of the photo after the card is issued. This isn't any different from having the photo printed on the ID card, if you ask me."

If you have a government ID they already have your picture in a database. I know for a fact this is true if you have a US passport and I would be shocked if each state doesn't have a database with all Drivers License/state ID pictures.

sokoloff7 months ago

I can get my license reissued with my old photo as long as it’s within X number of years. This was handy during COVID when renewing entirely by mail was rolled out, but I also did it on a prior license renewal as well.

I’m generally opposed to government intrusion on rights, but I don’t think I have the inherent right for the government to have no photos of me. I’m sure the Dept of State, Customs/Border Patrol, and my local motor vehicles dept has my photo on file.

phpisthebest7 months ago

>> I don’t think I have the inherent right for the government to have no photos of me.

Why? The government should have no info on you at all unless and until they have an articulable reason to suspect you to be in violation of the law. Then they should only be allowed to retain data about for the duration of your criminal history (which could be for life )

Customs and Border patrol should not even be allowed to ask you any questions or stop you at all upon reentry to the country unless again they have a clear and articulable reason to believe you are in violation for the law

same with the TSA.

the fact that we have allowed general "detainment" in the name of safety was the start of the slippery slope that they continue to advance further and further to more or less cancel all 4th and 5th amendment protections to the point now where those protections basically do not exist with in a 100 miles of any border which is like 80% of the nation.

it is absurd to simply accept this as normal, and inline with individual freedom. it is not

+1
justinclift7 months ago
+1
lmm7 months ago
chrismcb7 months ago

I disagree with the customs and border comment. I think a nation has a right to know who is entering the country. Otherwise you just have open borders. In addition other countries want to know who you are. So you need a passport

sokoloff7 months ago

> Customs and Border patrol should not even be allowed to ask you any questions or stop you at all upon reentry to the country unless again they have a clear and articulable reason to believe you are in violation for the law

I believe that CBP has an entirely valid reason to stop me and ask me questions as needed to validate my identity, that it’s legal for me to enter the country, to determine I’m not importing anything improper, or if I owe duty on goods I’m importing.

I understand that others are in favor of open borders. The country I live in and the countries I visit appear to not be.

lucasban7 months ago

I just went and got my license renewed in my home state while I’m living overseas. The last time I had a license photo taken there, I was maybe 17. The clerk made sure to turn the screen around so we could both laugh at my old photo, so at least they keep them in one state.

closeparen7 months ago

The mass database with everyone's pictures in it is called the DMV. It was created decades ago; we don't need to engage in speculation about what it "would" do.

thayne7 months ago

There is not a single DMV. Every state has its own DMV with its own database.

chaps7 months ago

Yes, and many of those DMVs share those photos with upstream agencies, which reduces the problem.

tgfrr7 months ago

My DMV literally sells the data to whoever.

chkaloon7 months ago

TSA presumably can narrow down the search space to the people with tickets at that airport for that day

dietr1ch7 months ago

My concerns here are not about the search cost, but about holding everyone's data.

chkaloon7 months ago

"And then there's obviously the issue that it simply cannot possibly work on a larger scale: with a 1:1 comparison you have to look for a close-enough match of a single picture pair, but with a 1:many comparison you have to identify one person out of millions of possible matches. "

kevin_thibedeau7 months ago

... then they came for my doppelganger and there was no one to implicate me.

collegeburner7 months ago

i should probably flesh out my reasoning more on this but i think we should preserve the ability for people to do wrong rather than trying to box it out. practically, it functions as a useful last resort of the system is very screwed up and we can probably punish noncompliance in other cases.

i think if we successfully remove the ability for people to break laws, regardless of whether it's done in a "privacy-preserving" way, that would be bad. but then again i'm against the feds knowing who anyone is so i'm probably biased.

epwr7 months ago

This statement seems pretty poorly thought out. I think the argument that's being made is actually that there should be comprehensive privacy legislation, not that the TSA's use of facial recognition is bad/dangerous.

I see three risks being pointed out:

1. "the potential privacy and bias risks" -> however it doesn't expand or explain these risks. I'm on team privacy in general, so I definitely worry about this, but I think it's almost comical that any description of this risk is absent.

2. While facial ID is currently optional, "there is no guarantee that will remain the case" -> this is a textbook slippery slope argument, which means they're arguing not that the current practice is bad but that someday they might start doing something bad.

3. "the very real possibility that our face eventually becomes our default ID" -> another slippery slope argument that has even less to do with the TSA. This would require a major effort by the rest of government, so this is more a "watch out for that big cliff over there" argument than a slippery slope argument.

After all that, I think the topic sentence of this statement should be" > This is [bad] because the United States lacks an overarching law to regulate the use of facial recognition to ensure the necessary transparency, accountability, and oversight to protect our privacy, civil liberties, and civil rights.

strombofulous7 months ago

The slippery slope argument is a pet peeve of mine. It is a real, valid concern - in fact when this strategy works people often switch to calling it boiling the frog, which is not usually contested for some reason (even though it is the same thing)

Slowly making changes is a normal strategy at this point, saying anything less than the worst case is a "slippery slope" is no longer relevant imo. It is a valid risk that should at the very least be a point of discussion

__MatrixMan__7 months ago

Right. "slippery slope" is a fallacy only when the slipperiness of the slope is taken for granted. In this case there is plenty of evidence that this slope is in fact slippery.

__MatrixMan__7 months ago

Since I'm bashing on fallacies here, I'd also like to call out the naturalistic fallacy as a frequently abused one.

If your ancestors managed to survive in the natural environment, and there is something novel in the synthetic environment, then the synthetic alternative does in fact deserve more scrutiny because you have less evidence about it.

"Natural doesn't mean safe" type reasoning only really applies when the natural and synthetic thing are being put in equally novel situations--which is a pretty rare setup. Like, how often do you consider eating a plant which nobody has ever eaten before?

cvoss7 months ago

> The slippery slope argument is a pet peeve of mine.

Do you mean that an argument which consists of a claim of an inevitable slide to a bad conclusion from a certain starting point is your pet peeve? Or that a rebuttal to such an argument, which consists of pointing out that the former may be a slippery slope fallacy, is your pet peeve? It gets confusing because the key phrase of the former is "we're on a slippery slope", while the key phrase of the latter is "that's a slippery slope fallacy."

antihipocrat7 months ago

The slippery slope argument is a logical fallacy. However as you say, when incremental changes are regularly used as an effective strategy to obtain a larger objective it becomes a valid concern.

The logical fallacy still holds even if the majority of all policy utilizes the incremental strategy, but only because there are edge cases that invalidate the argument.

The problem for people outside of the strategy room, is that we don't know whether there is a broader objective or not, and even when a broader objective is realized it's almost impossible to prove that the end result was the original intent.

phpisthebest7 months ago

Why does there need to be a broader objective?

Even absent a broader objective we should still look to history and understand that government only ever increases its own power, only ever reduces the liberty of the citizen.

Government actions move in one direction, to yell into the void "well that is a slippery slope fallacy" as if that means we should simply ignore all of the lessons history has to teach us about giving up liberty for perceived safety is crazy to me.

I am not sure what value there is in proclaiming a slippery slope fallacy or how that it a rebuttal to the very real historical record.

antihipocrat7 months ago

I agree with you. My point was that using slippery slope to discredit an argument is frustrating because it is practically impossible to know in advance whether the incremental change is part of a bigger objective, and yet we also know that the strategy can work and has been used in the past.

chaps7 months ago

It's part of a broader objective because many of these projects are fueled by both private organizations and public for-profit organizations. Yes, this is indeed part of a broader objective to sell more of this technology. Lots of ARPA money out and about right now.

brightlancer7 months ago

> The problem for people outside of the strategy room, is that we don't know whether there is a broader objective or not, and even when a broader objective is realized it's almost impossible to prove that the end result was the original intent.

In some cases, folks are open about their broader objectives. Sometimes, we DO know their broader objectives, or at least we COULD know if it was widely (properly) reported.

In all other cases, we have no way of knowing the objectives of politicians and bureaucrats _tomorrow_, so we shouldn't presume they will have good objectives -- or rather, that we would think their objectives Good.

Never give the government power that you wouldn't want the most hostile political adversary to have.

s3p7 months ago

>2. While facial ID is currently optional, "there is no guarantee that will remain the case" -> this is a textbook slippery slope argument,

And? Years ago you could say the same thing if OP complained about the TSA starting to use biometrics. And you would be disregarding their very real concerns, especially when they would have been right about them. I believe this is also the case now. OP has a valid point.

landemva7 months ago

> you would be disregarding their very real concerns, especially when they would have been right about them.

Which TSA concerns were they right about and what dates?

Matching pictures doesn't indicate a person smuggling items onboard, and the hijack avenue ended on 9-12 when in-flight procedures changed. Ramp workers and flight crew, and even TSA, go around the TSA screening and can smuggle anything that somebody holding their family hostage at home tells them to carry.

sailfast7 months ago

They are piloting this at an airport near me. When I asked if I could opt out the employee said “no”. It was only later I was told that I could (upon returning home and looking it up)

FaceID as government ID is not a good idea, and it’s fine to start somewhere in my opinion though of course I would prefer outlawing biometrics entirely as identifiers.

cmiles747 months ago

Every article I've read about the TSA's program included the journalist either being denied an alternative to the facial recognition process or being pressured to do it. In an environment where being late for a plane could cost people their travel plans, coercion is pretty easy.

Hnrobert427 months ago

I fly a lot. I always opt out, usually in Atlanta but I think in other airports. There are signs up they say you can opt out.

This is both in the precheck security line and when boarding international flights.

It was an issue once with a Delta employee who didn’t know I could opt out. And once with border control in Ireland (where ICE has a presence). There, the ICE employee manually verified me but still insisted I get a photo taken.

Otherwise, it’s not been an issue to opt out so far. The staff might be a little annoyed, but it goes just as fast.

deeebug7 months ago

As an opposite point - the airports I've been to have been pretty easy to opt-out, though they usually have snippy comments about "saying it up front".

That being said, did your airport not have signs talking about the pilot, and it being optional? I would of pointed to that if I was told no.

sailfast7 months ago

It was very early in the pilot process, and I was trying to board an international flight. There was little or no signage, and the TSA staffer told me I could not opt out when I asked. Not a great experience. Since Senator Markey has been harping on this it has improved.

landemva7 months ago

The full body scans are also voluntary. I opt out of all of that nonsense with three words "no thank you".

xhkkffbf7 months ago

EPIC hasn't been the same since they kicked out Marc Rotenberg. Sad to say.

closeparen7 months ago

Even GDPR only applies to private entities, and the same polity who did that have used their willingness to regulate data handling and software architecture to, if anything, minimize end-user privacy vs. the state.

anticensor7 months ago

Some countries have their equivalent of GDPR applied to the government entities as well. Turkey and India are such examples.

nati0n7 months ago

These questions come up and I always wonder about the edge cases. I'm an identical twin. My twin can get get past my faceID consistently, from first release until today. What happens when twins with bad blood start abusing facial recognition?

oh_sigh7 months ago

What kind of abuse are you imagining? Presumably with this system, the TSA agent's query is like: "Does this person's photo match the photo for the identity they are claiming to be?", and not do something like compare your face to every other person's face and return the most likely identity for your face.

So, in that instance, your evil twin could steal your ID and travel as you, but they could do that before this system was in place anyway.

phantom7847 months ago

The article mentions a "one to many" system which is exactly this - it compares you to every face in the database and decides who you are, eliminating the need to show physical ID.

Unless both twins are flying on the same day, you could solve this by rejecting matches of people who don't hold a boarding pass for that airport.

Or you could just require a physical ID as backup if the system can't return a match (due to identical twins or otherwise).

landemva7 months ago

> you could just require a physical ID

It's actually not necessary to have an ID to get through TSA, so please don't encourage it.

phantom7847 months ago

True - I suppose the "backup" would be either a physical ID or whatever they do to verify your identity when you don't have an ID.

toomuchtodo7 months ago

Other signal will be fused in. Otherwise, you’re counting on the possession of your government credentials as the control. You could just as easily swap IDs.

Leakage is expected, leading to iteration on edge cases. Some leakage will always be inevitable, no system is perfect.

The legal system is the final recourse mechanism if malicious activity (identity fraud) is detected.

wongarsu7 months ago

Currently you need to look kind of close and have the other person's ID. With the 1:many pilot it would just check your face against a database of ID photos of PreCheck enrolled travelers, so you only have to be at the right place at the right time, and look very close. Not a huge concern in general, but for an evil twin it's much easier to get past TSA if they know which plane their twin will take.

cmiles747 months ago

I don't see how that's the case with the TSA's program. It really sounds like you present your ID and a boarding pass and that's it.

toomuchtodo7 months ago

Present state. They are moving towards facial recognition with no need for ID presentation or boarding pass. No need for the ID when they have your photo on file (this is how Global Entry re-entry kiosk works), and your identity is tied to airline PNR.

https://www.cbp.gov/travel/clearing-cbp/passenger-name-recor...

https://www.youtube.com/watch?v=EnxfsZrnPv0

(enrolled in the CBP program 1:many program mentioned)

zlg_codes7 months ago

> The legal system is the final recourse mechanism if malicious activity (identity fraud) is detected.

We're screwed, then.

taneq7 months ago

Even if someone totally unrelated who looks a lot like you is caught in the act by facial recognition, it can be really bad. “Here are videos of the defendant caught on the act of three separate crimes!” can be pretty convincing when you’ve been dredged up as the closest match.

PartiallyTyped7 months ago

Fingerprints are more unique than faceID.

r00fus7 months ago

Would a combo touch+faceID be sufficient for distinguishing twins?

arcticbull7 months ago

Touch ID alone should suffice, identical twins have different fingerprints. Similar, but not identical. There's some amount of entropy captured in the womb which affects their development. [1]

> Fingerprints aren’t included in these genetic similarities. That’s because the formation of fingerprints is dependent on both genetic and environmental factors in the womb.

> The chances of identical fingerprints in identical twins is slim-to-none. While anecdotal articles online often discuss the possibility of a chance that the science could be wrong, no research has found that identical twins can have the same fingerprints.

> [...] As a result, identical twins may have similarities in the ridges, whorls, and loops in their fingerprints. But upon closer examination, you’ll notice differences in some of the smaller details, including spaces between ridges and divisions between branch markings.

[1] https://www.healthline.com/health/do-identical-twins-have-th...

interloxia7 months ago

To my anecdotal surprise my toddler occasionally unlocks my wife's various iPhone and Android touch sensors.

It lowered my confidence in the security of these devices somewhat.

closeparen7 months ago

Then your twin might be able to enter an airport terminal without first spending a couple hundred dollars on a ticket.

browningstreet7 months ago

My son can, too.

Moto74517 months ago

> Another risk that is set in motion by TSA’s use of face verification is the very real possibility that our face eventually becomes our default ID and creates a de facto national ID controlled by the government.

For one, why are people afraid of a national ID? I remember this argument being used to delay RealID changes in some states. Other countries have a national ID and it hasn’t lead been billed as a privacy nightmare.

Second, we have a national ID already called a passport. That’s valid ID in the US and issued by the Federal government. I have one and so far the Feds haven’t come for me while I’ve slept or thrown me into whatever lies at the bottom of this slippery slope argument. Am I missing something?

Third, what makes the Feds worse than my State government? What stops Florida or New Mexico from turning State ID databases into a surveillance tool? Is it possible we really have 50 slippery slopes to deal with? Again, I don’t understand where the fear is.

saq77 months ago

1. People don’t trust the government and are wary of giving it more power

2. You’re missing that your face is different than a piece of paper. You can choose to refuse to show ID in some cases. You could keep your face covered, but that has ramifications you might not desire

3. The Feds are worse because they are already much more powerful than any state government.

It’s really not hard to see where the fear is. This might be one of the most obtuse comments I have seen on here

Broken_Hippo7 months ago

1. Sure, folks don't trust the government. I'm gonna guess that same sort wants to see ID in some situations. In this case, the government already has the power. State ID's already exist, and the federal government can get access. You already have a ss# - if someone wanted to mess with you, they'd just code you as dead. "accidentally".

2. Sure, your face isn't a piece of paper. It is still a major identifier, hence the reason you have it on your ID. The DMV already has your picture on file (hence, you don't always have to have a new picture). I'm not sure there are many situations where you could refuse to show ID to the government.

3. That's not a given, depending on the situation.

atoav7 months ago

The advantage of a traditional ID card is that that you usually know when "the readout" of your ID happens. I don't know about you, but my idea of a good society does not involve states reading out the identity of their citizens without them noticing. If they have to do that they are not that good at the whole state-thing.

A good ID system has to solve two problems:

- Allow verification that the holder of the ID is the owner of the ID (identity verification)

- Allow to read out certain facts. Bonus points if this can be done granular, e.g. verify to the other side that you are older than X years without telling them when you were born, where you live and what number a state assigned to you. Extra bonus points if you can see which information is read out and can deny (or even flag) over-eagerly information requests.

Note that for the identity verification you just need to know if the biometric identifier of the person holding the ID matches the picture on the ID. You do not know when they were born, what their name is, where they live etc.

In a safe digital future this need-to-know-principle is IMO necessary to keep the power symmetry between inividuals and governments/corporations/criminals.

saq77 months ago

1. “Just because they have power let’s give them more power.” This is a bad argument

2. There certainly are situations where you can refuse. And some one needs to ask you explicitly for it right now. Won’t be true when your face is a government id

3. This is simply not true. When push comes to shove, the feds will win every time

kanbara7 months ago

identity “verification” by ssn is stupid; almost every other democracy has national id systems and residential verification and it works better and is easier to get benefits or prove yourself than real id and any other absurd american invention.

Mountain_Skies7 months ago

The first part is correct, the rest is technocratic handwaving over real concerns based on real experiences that lead to dire consequences that cannot be undone and often aren't fully known until it's too late to undo them.

Moto74517 months ago

I’m not commenting on the facial recognition tech. They do that without a national ID.

State and the Federal government also work together in security, especially “National Security.” That’s how police departments end up with former military vehicles.

ShrimpHawk7 months ago

Some state governments already perform facial recognition when issuing drivers licenses. There have been stories of twins being unable to obtain an ID because it was flagged as fraud due to matching facial features.

chronicsonic7 months ago

Project 2025 is a good example of why we are very afraid.

https://en.wikipedia.org/wiki/Project_2025

brightlancer7 months ago

> Second, we have a national ID already called a passport. That’s valid ID in the US and issued by the Federal government. I have one and so far the Feds haven’t come for me while I’ve slept or thrown me into whatever lies at the bottom of this slippery slope argument. Am I missing something?

"I did X and bad thing didn't happen, therefore bad things never happen as a consequence of X."

> Third, what makes the Feds worse than my State government?

Scale: 330M persons versus 1M - 40M persons. Also: budget, legal authority, known illegal abuses (Florida never tried to render a citizen to Gitmo).

> What stops Florida or New Mexico from turning State ID databases into a surveillance tool?

Not sure about NM, but FL has, as have many other states.

(In NM, I think the ABQ police just shoot first and identify later.)

> Is it possible we really have 50 slippery slopes to deal with?

50 states + 1 federal, yes.

> Again, I don’t understand where the fear is.

Mass surveillance of citizens, invasion of privacy, you know, things like that.

It doesn't have to turn into a Chinese social credit score for things to get bad.

everforward7 months ago

> Scale: 330M persons versus 1M - 40M persons. Also: budget, legal authority, known illegal abuses (Florida never tried to render a citizen to Gitmo).

The jurisdiction of your ID doesn't change your legal jurisdiction. I.e. having a Florida ID instead of a federal ID won't prevent the feds sending you to Gitmo.

> Mass surveillance of citizens, invasion of privacy, you know, things like that.

The feds already have access to DMV data from all the states.

I think there was a time where having to get data from state DMV's would have been a nominal hurdle, but not anymore. I'm on team federal ID these days because I don't think the feds get access to any additional data, and most state DMV's suck. It's easier to get a passport than a driver's license these days, I'm more confident in the feds ability to make a functional ID system.

soks867 months ago

My uncle got a passport and then a week later he vanished.

Vicinity96357 months ago

The TSA violates the 4th amendment millions of times a day and has a 95% failure rate at its job simultaneously.

Read it for yourself and ask if searching every single person trying to fly is "reasonable" or if they have a warrant: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

sokoloff7 months ago

I think a metal detector search of the person and X-ray of bags is reasonable in terms of an invasiveness of search which is no greater than required for the legitimate safety concern and proportionate to the risk.

I think the AIT machines are not reasonable (by nature of being more invasive than required), which is why I opt-out 100% of the time, much to the frustration of my wife when we’re traveling together, but I don’t care.

I think the TSA agrees the AIT is likely enough to be unreasonable to not want it tested in court, hence they allow opt-out.

brightlancer7 months ago

Does the "opt-out" still involve a groping by a minimum wage fake LEO whose abuse is protected both by a union and federal law?

I'm not concerned for myself, I'm concerned for _my kids_.

As long as TSA agents are allowed to molest kids under the color of authority, then the "opt-out" is as much or more of a threat as the naked pictures they take in the AIT machines.

sokoloff7 months ago

Yes for adults, but no on the kids. Kids (along with one parent per kid) are already directed through the metal detector line.

I know that's not a great answer and I'm frustrated that AITs exist as a convenience and throughput increasing device, but it's also not "TSA is molesting kids who opt-out."

therobot247 months ago

whenever biometrics pops up on HN i always have to post the reminder that a biometric is _both_ a username & password bundled as one login credential. People like to compare biometrics to passwords, but that's a bad analogy because passwords can be changed whereas no one in tech likes to admit that a username should be changeable too.

akira25017 months ago

> a biometric is _both_ a username & password

It's just a username. As implemented the systems only require a username. It's also not even that, it's a temporal identifier, as faces change, sometimes in ways that we all expect and sometimes, not. To the extent that we've even performed facial transplants in response to some of these cases.

If biometrics were going to work, we'd be using fingerprints already. For all the same reasons we don't use fingerprints, we won't be able to use facial identification.

drdaeman7 months ago

It's not "just" a username, in a way that I can type arbitrary username easily, but spoofing biometrics is somewhat harder, at least in a controlled environment. And that's the only reason why it's used - it is essentially a replacement for situations such an agent quickly checking a photo ID (low-effort high-volume quick-and-dirty weak authentication).

Not that I'm fond of this, just saying that it's not exactly just an username.

There is no culture of using secrets for authentication in any public setting. It all had always relied on biometrics, since times immemorial (people knowing how one looks like, then scaled up with printed documents, now scaled up again with machine-assisted recognition). Essentially, with some exceptions like high-security facilities, people had always relied on their public identities (self-asserted or asserted by a trusted third party, depending on the requirements) to get access.

alistairSH7 months ago

And not even a unique user name. Twins and other relatives can pass for each other.

JohnFen7 months ago

And with facial recognition, two people don't even have to be related. I knew a guy who looked so much like me that he grew a mustache purely so that our own friends could tell us apart (which is how I know I look terrible with a mustache). There's zero chance that facial recognition could distinguish us.

He and I weren't even remotely related.

+1
spullara7 months ago
eichin7 months ago

you can't change it, it's not a password (though the mustache example in this thread is an amusing/distressing counterpoint :-)

robocat7 months ago

New Zealand has been using facial recognition (& iris I believe) at airport border control for over a decade. New Zealand is probably still a bit sensitive over France bombing Greenpeace here last century. https://nzhistory.govt.nz/politics/nuclear-free-new-zealand/...

I don't like it, but it is where the world is going. The USA has been taking fingerprints of international travelers for a long time!

injeolmi_love7 months ago

When will the temporary post 9-11 policies end? They aren’t really needed anymore, if they ever were.

gustavus7 months ago

I think this is doubleplus good, we need to stop the double negative bad people of eastasia who want to use violence and terror to take away our way of life.

Thus by ensuring that the government is tracking every person that goes through an air port at all times we can ensure we stop the bad people of eurasia for hurting our people and this is doubleplus good.

It makes me feel all warm and fuzzy to know that the state is willing to go to such great lengths to stop bad things like an older sibling watching over my shoulder.

Of course we all know that the TSA is a vital component of national security given all the times they successfully done...... anything?

awinter-py7 months ago

still not clear to me why ID matters if they're going to x-ray me

pwg7 months ago

To remove, for the airlines, the old grey market of resold "non-refundable" tickets that which the original purchaser can no longer utilize that existed before the ID requirement.

There is more profit in being able to sell an unoccupied seat twice (once for the unused non-refundable ticket, a second time when the original ticket does not show up at the gate) than in allowing tickets to be resold on the grey market.

phantom7847 months ago

Then the airlines should be doing the ID checks. But they don't bother, because the TSA basically does it for them.

Pretty sure the stated reason for the TSA checking IDs is to keep people on the no-fly list from flying. (Worth nothing that the no-fly list is not without its problems). It also allows trusted traveler programs to work.

derbOac7 months ago

Not disagreeing with you or the OP about anything, but then this just raises the question for me of why not use facial recognition to screen against a no fly database (negative screen) than to verify identity (positive screen)? Or restrict it to trusted traveler on an opt-in basis?

The TSA approach and security paradigm in general seems poorly thought out and misguided to me sometimes.

stavros7 months ago

Why do they care, though, if their margins are going to remain at X% anyway, because of market forces? They're just adding extra steps to the whole thing so a random passenger can benefit from my lost ticket money, rather than someone I explicitly choose.

JohnFen7 months ago

Because if a ticket is sold privately to another rather than going unused, the airline only gets paid once. If the airline can resell the seat, they get paid for it twice.

+1
ezfe7 months ago
spullara7 months ago

non-refundable doesn't mean what you think it means. you get a voucher for the ticket price (minus a fee) you can use on a later date so they aren't really selling the seat twice.

hammock7 months ago

Not for basic fares

spullara7 months ago

Even United Basic gives travel credit for cancellation. This whole double charge thing is fantasy.

oh_sigh7 months ago

I imagine there are still ways naughty people could wreak havoc even if they only have access to items that appear benign on an x-ray.

komali27 months ago

Buy a beer on the other side of security, it's served in a glass. Take it to the bathroom, wrap in towel, break. You now have many shivs. Distribute to your compatriots.

Get compatriot hired to Benny's Shrimp Shack and Burger Emporium. Have him pass a knife roll over the counter from the kitchen.

Get a compatriot hired as a cleaner. Have her pass you a bag of bleach and a bag of ammonia.

Security theater is wonderful.

Hnrobert427 months ago

Defense in depth.

alistairSH7 months ago

Control.

ggm7 months ago

I flew through HKG last week. Biometric scan to transit from incoming to outgoing space, then at gate, I only had to be scanned by my eyeballs and face, I didn't even have to present my boarding pass.

This was unexpected.

cmrdporcupine7 months ago

Returning to Canada on my Canadian passport now no longer involves talking to a human at all. Scan passport, then facial scan, quick touch-screen questionnaire, and that's that. Fast and convenient, but disturbing.

I'm used to the humiliating invasions of privacy and overtones of fascism etc when traveling to the US where it can be "excused" because I'm a foreigner there. But I don't particularly feel great about the biometric stuff in my own country.

I kind of miss the "welcome back, I hope you didn't smuggle anything in" routine TBH.

tavavex7 months ago

> I kind of miss the "welcome back, I hope you didn't smuggle anything in" routine TBH.

I mean, you're not actually required to use the kiosks. You're allowed to go to the regular stand with an immigration official and get processed the normal way. Given that the vast majority of countries don't support this system, I don't see this option going away any time soon.

Hnrobert427 months ago

Yeah. I transited Beijing only once, and it was enough to scare me away forever. Sooooo many cameras.

telesilla7 months ago

Also at JFK, flying out international recently. Was weird and I hope I don't get used to it.

pseudosavant7 months ago

I've worked with a lot of very good facial recognition technology. They all have demonstrated biases for white males. Even in the ideal scenario they are far too inaccurate (<97%) to be used for identification, unless your false reject rate is extremely high (>30%). And if it is a less ideal scenario (elderly Latina, Asian woman, etc) you'll be lucky to get 80% accuracy without high false reject rates.

When it comes down to it, accurate facial recognition is at best 99% accurate. But being wrong 1 in 100 times is a horrible number for an authentication system. Anything else you ever use for authentication (password, iOS face scanning, PIN, etc) would be considered a complete joke if it only got to 99% accuracy.

mjbeswick7 months ago

People often cite bias in facial recognition systems, but I would argue that the average human is worse. Many people struggle to distinguish between people of ethnicities that are different from those they are most familiar with.

The real problem with people interpret the data from those systems, assuming the confidence levels of matches are displayed as they should be.

whodidntante7 months ago

This reads as something ChatGPT 3 generated: wordy,repetitive,and simply states again and again that is bad, very bad, without providing any actual or imagined scenarios.

wly_cdgr7 months ago

A federal government agency implementing and using facial recognition technology can't possibly be any more dangerous than I think

alliao7 months ago

just because technology exists doesn't mean we have to use them is a lesson I fear will take the world a long ass time to realise and internalise.

avazhi7 months ago

Can somebody explain to me, succinctly and without the slippery slope nonsense immanent in this link, why facial recognition is seen by some reasonable people to be a problem? I’m not interested in why anarcho-fascists or tinfoil hat libertarians or Luddites think it’s a bad idea - I’d like to know why your average reasonable man would have a problem with this. As somebody with both a law and a science degree, I just can’t understand the outrage. We already have to take our photos for passports and our IDs - how the fuck is this substantively different? I get the sense this a situation that proves that rule that somebody, somewhere will always find a way to be outraged about everything in 2023.

tavavex7 months ago

To me, widespread facial recognition isn't that different from an ID... except you're always obligated to walk with your ID taped to your forehead. Once the system is in place, expanding it to other locations could be a trivial task. Hypothetically, this leads to a situation where you can discretely "card" anybody by just recording them, with no need to ask for an ID or even let the person know that they're being checked. And if that's in place, then, given enough cameras, tracking every person's location is also simplified. So, I guess my opposition here isn't directed at specifically TSA, but rather creating a centralized facial recognition database in general.

from-nibly7 months ago

Because it gives the government a direct up to date photo of you, while it's already tracking where you are going. It's just that much easier to decide you have committed a crime. And find you.

However, the slippery slope holds true when you complain about previous actions. I.e. the government knowing where you go when you fly, and searching your private belongings without a warrant.

This isn't the first thing on the slope. With just those two examples this is the 3rd. I'll believe the slope isn't slippery when they repeal the patriot act.

Edit: finished first thought.

rebeccaskinner7 months ago

> I’m not interested in why anarcho-fascists or tinfoil hat libertarians or Luddites think it’s a bad idea - I’d like to know why your average reasonable man would have a problem with this.

I think this is an overly adversarial view of people trying to take a long and systems based view of this, but even if we do focus on the immediate practicalities, there are a couple of obvious ones.

First, and foremost, I don't trust TSA to get it right. Facial recognition is one of many technologies that works well enough most of the time that it might be fine for non-critical infrastructure, but there are enough issues with it that at the scale of imposing it on all passengers we should anticipate a lot of negative impact. This can include both the possibility of bad actors being allowed to travel because they can find effective ways to defeat the system, and innocent people being negatively impacted through no fault of their own. Early on the system may be opt-in, and in the medium term there may be reasonable paths to opt out, but once the system is mandatory- or a significant default, people will be punished with a significantly degraded experience because the technology doesn't work well for them.

There's also the infosec angle. I don't trust TSA to get security right any more than I trust them to get facial recognition working right. We've already seen leaks of images from millimeter wave scanners. Although a photo of your face may not be as private as the images leaked from those scanners, there are a lot of potential negative outcomes from someone getting a hold of a corpus of facial recognition data, especially if it contains more than just a raw photo and includes information that could help someone to impersonate you.

monkeydust7 months ago

I was at JFK recently and was shocked how fast the Global Entry facial recognition system was compared to say UK one. I literally had barley registered on the camera before it gave me a green tick.

Racing04617 months ago

I don't see facial recognition going away anytime soon since (other than fingerprints) is being rolled out to answer "this document is a legit document, but is the holder of this document the person on the document".

Anyone's guess why facial recognition is being used in favor of fingerprints is anyone's guess since fingerprints are way more accurate.

Hnrobert427 months ago

I would guess (really, just a guess) that

1. government IDs have photos but not all contain fingerprint data.

2. facial recognition can be done at a distance. In the future, you could be verified walking the building.

3. (tin foil hat) People associate giving fingerprints to the govt with criminals moreso than they do pictures.

ibejoeb7 months ago

I'm not exactly sure of the connection, but I just got a message that I must enroll in the new, mandatory CLEAR program which appears to use facial recognition. Is this one of the two pilot programs they're talking about here?

quantified7 months ago

Can you elaborate? Where is CLEAR mandatory?

ibejoeb7 months ago

It's mandatory in order to continue using clear, not for travelers in general. They're being a little dodgy about what it all entails.

> Members will need to upgrade to CLEAR’s NextGen Identity+. This will power CLEAR’s Lane of the Future rolling out over 2024.

> NextGen Identity+ will unlock the CLEAR Lane of the Future. The CLEAR Lane of the Future, which will be rolling out over 2024, will deliver an even faster, more predictable airport experience for our Members. It will allow CLEAR Plus Members to verify their identity with their face (instead of iris or fingerprints) and eliminate the need for Members to stop at a CLEAR pod.

https://www.clearme.com/support/what-is-nextgen-identity-and...

AlotOfReading7 months ago

This is because CLEAR screwed up for years and wasn't properly verifying identity. The TSA smacked them for it earlier this year when a significant fraction of the CLEAR user base turned out to be effectively unverifiable. It's mostly unrelated to the article.

powera7 months ago

Yeah, I don't see any argument here. There is just an assumption that "an effective person identification system is bad", and a bunch of words distracting from the fact that they are begging the question.

JCharante7 months ago

It’s funny to see so much controversy when anybody who has traveled a decent amount has already had their eyeballs, fingerprint, and face recorded at immigration checkpoints around the world.

gdsdfe7 months ago

Isn't it ironic that they're doing what they blamed the Chinese for doing?!

et-al7 months ago

Do most privacy-oriented here who fly a lot just not bother with Global Entry then?

bozhark7 months ago

Time for the ICP face paint while traveling

ifeja7 months ago

clickbait headline

badrabbit7 months ago

Story time! They probably had different reasons but I had funny encounters with the TSA involving hoodies.

One time I missed a flight in Miami and the next flight was 6-8hrs later. I decided to hang around the airport. Eventually I became sleepy, put my bags next to me, sat down where there are no passengers, put headphones and covered myself with a large hoodie to keep it dark enough for a nap. A couple of hours later I take off my hoodie for a peek and this uniformed TSA guy is sitting in front of me and staring at me, I stared back for a few seconds, checked the time and went back to sleep. A while later I am rested so I get up, now there are 2-3 people around me but the TSA guy is still staring at me. We had a staring contest for like 5-10min the I got bored and started wasting time on my phone. A little later, I was hungry and my departure time was within 1h so I ignored the guy and went to my gate area and ate an expensive tuna sandwich before leaving miami.

Second story, same hoodie I think, I was similarly taking a nap (forgot the airport), I hear a small commotion and look up there are TSA people standing around one is trying to make it look like they are not trying to look at me, then another TSA worker brought a k-9 dog straight to me without saying a single word and had the dog take its time sniffing me and all my stuff. I didn't mind tbh. Then they had the dog sniff around a couple of nearby seats and took it away. Not a big deal, I just couldn't figure out what they were thinking? Did they think I was a terrorist but needed a nap before my attack?

Also, I don't know if facial recognition flags people but I can tell by their body language when I am standing line if they will do a chemical test, to the point I prepare my hands and volunteer them before the guy even asks (they comment on how I am too used to it lol).

People complain about this stuff but personally I care more about all the surveillance they buy that then gets paired with your facial/biometrics and sticks with you for life.

Also, had a rookie TSA agent follow procedure one time and tell me I can request a private pat-down if I so wish. I told him "sure" just to see what they do, they knew I was fooling around so they didn't pat me down properly but they took me to a private room for the pat down. Worth mentioning because it sounded like they are supposed to inform you of that for each pat down and if you are legitimately a person sensitive about being touched and fondled in public you have that option (they even leave the cash on the dresser before they leave /s ).

I say all this but I do understand that the TSA workers on the ground are well meaning folks keeping everyone safe. I have much respect for them even if I don't always agree with TSA/DHS policy, which ulitimately is a product of the american voter's will.

withinboredom7 months ago

As someone who flies into and out of the US fairly regularly-ish ... the way I'm treated by Homeland Security when I fly with my wife & son vs. alone, is a bit shocking.

Alone: I'm asked what I am doing there (despite having a US passport; so it shouldn't matter), why I live in a foreign country instead of the US, what I do for a living, why I have a backpack on instead of suitcase, etc. While they sit there holding my passport hostage, scrolling through who knows what data... sometimes I even "randomly" get sent to a back room to have all my stuff dumped out and my phone confiscated. It's like they want to make _really_ sure I never come visit my parents.

With my family: welcome home! Have fun!

If you want to sneak into the US, just go with a wife and kids. /s

komali27 months ago

If you're a USA citizen you're under no obligation to answer any of their questions, and in fact answering any of them can only really hurt you. You shouldn't ever answer questions from any form of cop without your lawyer present, and even at the border you still don't have to, though they have more unconstitutional but legal leeway to seize your stuff and hold you as punishment.

American cops across the board are getting more bold in their degradation of civilians and we shouldn't stand for it.

Even tsa only has one thing they're legally allowed to do: determine you don't have weapons you're trying to bring onto the plane. Whenever I have to deal with TSA I say I forgot my ID. "But you're in the international terminal you need your passport to board." Aw bummer I guess the airline won't let me fly, here's my boarding pass. They pat me down of course but they eventually let me in, every time, cause they have to.

If every American exercised their rights with the TSA the charade would collapse instantly as lines extended to hours long and security protocols were relaxed so people could get to their flights. I got to witness this firsthand after defcon once when all the attendees arriving at the airport around the same time were refusing to show ID to TSA and refusing to do the genital scanner, and a bunch of tourists were stuck in line for hours with strange people in black hoodies extolling to them the dangers of their Facebook account, until TSA finally just started pushing people through the metal detector as fast as they could.

alliao7 months ago

I did go with a wife and kids but no US passport, got pulled into a small room and questioned till we missed our connection flight, US customs is so obnoxious is the number 1 reason why I avoid travelling to the US...

eszed7 months ago

Yeah, I (well, she) had this experience entering the US with a non-American girlfriend, 10+ years ago. She was pulled aside, grilled, treated terribly, and emerged in tears 30+ minutes later. It really made me angry, because it's not as effective _security_-wise as what we were used to flying the other way. Immigration agents at Heathrow were generally so polite and accommodating (eg, let me go through the EU citizens path, when we were traveling together), that I typically revealed more about my travel plans than I probably _had_ to, and / or may have been wise. It's dumb and self-defeating, and should be a source of shame for all USA-ians.

alliao7 months ago

yeah, it's not even a job well done the way it's done. usually more power tripping above all else. the security theatrics of TSA should be gutted to be honest. I remember flying into the US in the 80s, that was a treat. Very different times.

objclxt7 months ago

> While they sit there holding my passport hostage, scrolling through who knows what data

Legally it's their passport, not yours. A passport is the property of the US government at all times.

withinboredom7 months ago

Yeah, that doesn’t make it any less terrifying…

onetokeoverthe7 months ago

[dead]

brookst7 months ago

tl;dr: slippery slope

> This statement by TSA Administrator Pekoske highlights one of the main risks of TSA using facial recognition in any capacity—there is no guarantee that how TSA initially uses facial recognition will not change or expand beyond the current stated purpose.

Which, if you think about it, would be an equally valid statement about the risks of NOT using facial recognition: that approach would also provide no guarantee that TSA would not use facial recognition in bad ways in the future.

In fact, it is very hard to guarantee that something won't happen.

I'm a biometric skeptic, but this is not a super compelling article. There are better arguments: biometrics can be fooled, biometric measurements are essentially an immutable password which can be leaked/abused, they can be unfair to people with physical differences, etc.

Just saying X can lead to Y so X is bad is just so... lazy.

jvanderbot7 months ago

One way to guarantee that a mass database of biometric data isn't leaked or abused is to not gather it in the first place.

So, yes, it is easy to guarantee that a mass database of biometric data isn't abused if you can prevent it from being gathered. We're making no efforts in that direction, so we're running every day towards a future in which the holder of such a database can deepfake anyone doing anything.

brookst7 months ago

Agreed, and that seems like a good argument.

Which is why it's so strange to say that one of the greatest risks of the TSA's program is that they could do a totally different program in the future. It's literally like saying that going to the gym is risky because you might get into BASE jumping.

There are better arguments. Hence, this piece is weak.

ang_cire7 months ago

That is one of the greatest risks, because while you may agree to give them your biometrics for air travel, you may not agree to do it for another purpose, but it's too late at the point where they already have it.

It effectively means that if I don't want them to potentially give it to LEOs, I have to opt out of any services they are gatekeeping behind it.

That's not a slippery slope argument, it's an argument that there is no way for me to review how the information they collect is actually being used.

brookst7 months ago

I don't think you read the EPIC post, or the part I quoted. You're creating a new, more reasonable argument that is loosely aligned with the second, lesser concern that EPIC had.

jjjjmoney7 months ago

I wonder if when these things leak and become ever-more damaging, biometrics will basically become worthless and we will pivot to hardware tokens or something else.

There seems to be little resistance to this in the USA, and we’re also okay with abysmally bad forms of identification (SSN, birth certificates).

plagiarist7 months ago

> Which, if you think about it, would be an equally valid statement about the risks of NOT using facial recognition: that approach would also provide no guarantee that TSA would not use facial recognition in bad ways in the future.

The key difference is one of those scenarios gives the TSA a larger database of candid photos linked to an ID compared to just the one photo on record.

hooverd7 months ago

The security state has been demonstrated to be greasing the slope again and again and again.

Eumenes7 months ago

And judging by the comments in here, most people are OK with it because we shouldn't demonize an "effective" form of identification.

brookst7 months ago

Are we reading the same thread? I'm not seeing any comments defending the practice, or calling it effective, or accusing people of "demonizing" a technology.