The FBI Gets a “Bigger, Better, Faster” Database – but Who Gets to Use It?
By Sunita Patel and Gitanjali Gutierrez, Staff Attorneys at the Center for Constitutional Rights, and Travis Hall, PhD Candidate at the Department of Media, Culture and Communication, New York University
Since 2006, the FBI has been quietly creating a massive new biometric database that is, in their words, “Bigger- Better- Faster.” Known as the “Next Generation Identification” program, or NGI, this new system marks a dramatic leap in the FBI’s ability to collect, store and share indentifying information across government agencies. Alarm bells should ring for all Americans concerned with their privacy.
Relying on “state of the art” biometric technology, NGI will use your physical traits (like eye scans and facial characteristics) to create identifications at lightning speed. While this may not seem terrible on its face, the real thrust of NGI is for multiple federal agencies to share your personal information without your knowledge. Through a series of disclosure programs, the FBI’s NGI database, the Department of Homeland Security’s (DHS) immigration database and the Department of Defense’s biometric database can now search and share matches. Moreover, the FBI hopes to expand the use of “Mobile” biometric units, which are biometric scanners that will send personal identifying information to all participating federal agencies, even for people who have not been arrested.
Given the troubled history of abuses with similar cross-agency collaborations, the erosion of walls between agencies with different purposes and the blanket exceptions granted these agencies from any kind of external oversight (e.g. the 1974 Privacy Act), the development of NGI is more than disturbing. The multiplier effect of an error is clear— a mistake in one federal database, let alone the databases it spreads to, can cause egregious harm to an individual, and, currently, correcting these mistakes is impossible, even if you know which database is responsible.
This raises another concern: information from state and local law enforcement feeds these databases. One of the key elements to NGI’s initial implementation for fingerprints was the Immigration and Customs Enforcement (ICE) program dubiously named “Secure Communities” that threw state law enforcement into the database sharing morass. Similar to the widely criticized anti-immigrant Arizona law, Secure Communities turns local cops investigating crimes into federal civil immigration agents.
Recently, local law enforcement authorities have joined in the opposition to Secure Communities because it undermines carefully cultivated community policing programs in immigrant neighborhoods. In fact, several localities and states have tried to opt out of Secure Communities but can’t get a strait answer from DHS. When pressured on this question, Secretary of DHS Janet Napolitano disingenuously claimed that the program only concerns sharing information between federal agencies—even though the states collect and control the information being shared!
Through Freedom of Information Act litigation brought by the Center for Constitutional Rights and others, however, we have learned that it was the FBI, not immigration officials, who demanded mandatory state participation in Secure Communities. There is no technical or legal reason why information must be shared with immigration authorities in the face of states’ decisions not to.
The truth is that the FBI made a policy decision to prioritize sharing of personal information as an end in itself. This post-9/11 zeal for total disclosure across federal agencies is a threat to our freedom. Secure Communities is a classic case of mission creep, where information gathered for one purpose is used for another unrelated purpose. This should cause us to question what other data is being shared and with whom, both at home and abroad. Everyone should demand that local police be exceedingly careful in what personal data they supply to the federal government, and for federal agencies to adapt their technical systems to contextualize data and share it only when allowed by federal and state or local law.
Otherwise the specter of NGI – a Kafkaesque system of unresponsive, opaque, error-ridden technological systems with untold power over our lives – looms large in the future.
To read the FOIA documents related to NGI and a related fact sheet, go to Uncoverthetruth.org/foia-ngi/ngi-documents. To learn more about Secure Communities and how you can prevent its implementation in your community or state, visit www.uncoverthetruth.org. For more information about the case NDLON v. ICE brought by CCR, the National Day Laborer Organizing Network and the Benjamin Cardozo Immigrant Justice Clinic, visit CCR’s case page.