A Slack message was sent to his team by the director of a group charged with enhancing digital access to US government services.
He had made the decision that selfies and face recognition would not be used by Login.gov, which offers a safe method to access a number of government apps and websites. He wrote, referring to the practice of requesting users to submit a selfie and photo of their ID so that algorithms can compare the two, “The benefits of liveness/selfie do not outweigh any discriminatory impact.”
In order to prevent citizens from being treated unfairly by algorithms, Zvenyach’s rejection of facial recognition was detailed in a report this month by the Office of the Inspector General of the General Services Administration, the organization that manages Login.gov. The accuracy of face recognition technology has increased, but many systems have been found to perform less consistently for women with dark skin, individuals who identify as Asian, or those who do not identify as either male or female.
However, Zvenyach’s statement also placed US government agencies using Login.gov at odds with federal security regulations. They demand that a person’s identification be verified in person or remotely using a biometric like a fingerprint or face recognition in order to access some sensitive data or services.
According to the inspector general’s report, the GSA deceived 22 agencies paying for the use of Login.gov by representing that its service complied completely with NIST requirements when it did not. Officials from a federal agency informed OIG investigators that because Login.gov did not adhere to the standard, their organization was more vulnerable to fraud. In response to inquiries about the story, Zvenyach remained silent.
A spokesperson for Login.gov, Channing Grate, says that the service will continue to avoid using face recognition “until we have confidence that it can be deployed equitably and without harm to vulnerable populations.” Zvenyach left the GSA in September 2022, and a new Login.gov director was appointed in the same month. Despite the fact that the standard is being updated and a new draft asks for a facial recognition alternative to be made available, this renders Login.gov out of compliance with NIST requirements.
The claims of misconduct at the GSA come as the US government’s use of face recognition for administrative reasons is under renewed scrutiny. People seeking asylum at the US-Mexico border have complained that a new app from the Department of Homeland Security that uses selfies and facial recognition to expedite applications does not work well for people with dark skin. Face recognition poses more risks to human rights than it does advantages, according to civil liberties organizations who have long made this claim.
According to the inspector general’s report for the GSA, Zvenyach informed other agencies reliant on Login.gov that their inability to use face recognition rendered them ineligible for NIST compliance in early 2022 after a WIRED article brought notice to Login.gov’s face recognition policy.
An Internal Revenue Service contract for online account verification with the startup ID.me in January of that year led to criticism over discrimination and privacy issues. ID.me verifies new accounts using selfies and facial recognition.
The story was updated to reflect that Login.gov did not use face recognition and that its documentation was incorrect. According to the OIG report, Zvenyach wrote to federal agencies using Login.gov a few days later, in early February, seven months after his internal message on face recognition, informing them that it was not actually compliant with NIST requirements because of his group’s position on face recognition.
“Until rigorous review has given us confidence that we can do so equitably and without harming vulnerable populations, we have made the decision not to use facial recognition, liveness detection, or any other emerging technology in connection with government benefits and services,” he wrote. The report claims that although Login.gov leaders were aware they were out of compliance as early as 2020, Zvenyach subsequently claimed to investigators that he was unaware of NIST requirements.
Those NIST standards make an effort to address a challenging issue by reducing identity fraud. When a citizen uses a government service, the organization must verify their identity, a procedure known as verification. For proof in person, you can simply whip out your ID card, but doing so online is more challenging. The NIST’s digital identity standards mandate remote digital proofing, which compares a smartphone selfie with a photo on an ID card using face recognition, and liveness detection, which examines an image to determine whether it contains a real live human or is fake, for sensitive data or access.
Former employee of the White House Office of Management and Budget and part of the American Civil Liberties Union’s Surveillance Resistance Lab is Rebecca Williams. In that capacity, she attended frequent meetings with Login.gov staff, studied government initiatives to modernize digital identity, and listened to customer complaints. “Having someone refuse to incorporate biometrics is not one of the laundry list of things that Login.gov is doing that I might complain about,” she says.
Williams argues that there is a need for discussions with constituents and lawmakers about the types of identity verification they are comfortable with and whether people want a digital form of identification at all. Williams cites both the IRS face recognition scandal from last year and the new report on Login.gov from this month. According to Williams, this should entail never using biometrics like facial recognition and never giving law enforcement agencies access to biometric information that has been gathered by a federal agency.
The IRS gave people the option to have their identification verified by video call with an agent rather than by face recognition following controversy surrounding its ID.me contract. There are 650 retail sites in the US, which is a small number in a big nation, according to ID.me, where people can also present a photo ID.
According to Jim Waldo, a professor at Harvard University, some segments of the US population could use self-identification in lieu of remote facial recognition. He is in favor of federated proofing, which would allow individuals to turn up at a US Postal Service branch office to prove their identity. With USPS, GSA has developed a pilot program for in-person identification checks.
For the past 15 years, Waldo has pushed his privacy class pupils to create a digital identity system that can confirm a person is who they say they are. He has observed that while most students initially believe that requiring a digital ID for everyone is a good concept, their confidence decreases as they discuss the specifics.
Because statistical technologies like face recognition are used to verify identities at scale, Waldo claims that this practice will inevitably create issues for some people. Due to the fact that “nobody actually believes this stuff is going to be fair or non-discriminatory,” he claims, those failures raise suspicions about the pattern of errors. “Trust, not technology, is the problem,”
The NIST is currently updating its recommendations for digital identification. A draft suggests providing face recognition as an option. It also includes the necessity to continuously assess the performance of biometric technologies across demographic groups. The NIST has discovered that many commercial facial recognition algorithms struggle to correctly identify particular demographic groups.
Not all government agencies supported a requirement for face recognition use: The Social Security Administration recommended alternatives to face recognition in comments it filed regarding the revision process in 2020, citing “privacy, usability, and policy concerns” in addition to issues with discrimination that disproportionately affects people of color.
The revision, according to Ryan Galluzzo, the NIST’s lead on the digital identity initiative, focuses on giving federal agencies and people logging into government websites and apps more options. Face recognition is described by him as a “socially sensitive technology.”
We are also very interested in methods to offer people and organizations creative and responsible options that can bring comparable convenience and security at higher assurance levels, even though it has valid applications to identity proofing use cases.
The subject of how the US government should handle facial recognition is one that is receiving more and more attention. A group of Democratic representatives from both houses of Congress introduced a measure earlier this month that would halt the use of face recognition technology by government organizations, but it is unlikely to pass.
The White House has also put weight on federal agencies to examine the potential discriminatory effects of algorithms. People have a right to live lives free from ineffectual algorithms, according to an AI Bill of Rights published in October by the White House Office of Science and Technology Policy. In a racial equality executive order signed by President Biden last month, it is stated that government organizations are responsible for “protecting the public from algorithmic discrimination.”
Download The Radiant App To Start Watching!
Web: Watch Now
LGTV™: Download
ROKU™: Download
XBox™: Download
Samsung TV™: Download
Amazon Fire TV™: Download
Android TV™: Download