Biometrics have a role to play in government service delivery, trade group says

A new policy blueprint from the trade group the Better Identity Coalition argues that state governments should tailor their use of facial recognition technology, rather than ban it.

A new policy blueprint from the trade group the Better Identity Coalition argues that state governments should tailor their use of facial recognition technology, rather than ban it. Maciej Frolow/ GETTY IMAGES

Featured eBooks
Space Tech
Read Now

CDM

Read Now

Digital Transformation

Read Now
Natalie Alms By Natalie Alms,
Staff Reporter, Nextgov/FCW

By Natalie Alms

|

The Better Identity Coalition laid out a roadmap for states to tackle digital identity issues Monday, including how to deploy and oversee technologies like facial recognition.

States should not ban facial recognition and other identity technology outright, a trade group focused on digital identity says in a new policy blueprint focused on state-level policy recommendations. 

The recommendations come from the Better Identity Coalition, part of the nonprofit Center for Cybersecurity Policy and Law and led by Jeremy Grant, former senior executive advisor for identity management at the National Institute for Standards and Technology. 

The group launched in 2018 and has 27 member companies, including Equifax, IDEMIA, ID.me, Mastercard and CVS.

The group’s thesis is that the government’s patchwork approach to establishing identity through a variety of credentials and issued by a myriad of sources, from Departments of Motor Vehicles to the Social Security Administration, hasn’t yet translated to the digital world, but needs to.

Part of that process would require the government to step up as the issuer of authoritative identity documents and back those paper credentials digitally, the group contends, especially as the tactics used to verify identity remotely, like knowledge-based verification, become less effective.

Some recommendations from its 2018 policy report – such as an interagency task force on digital identity and opt-in identity validation services from government agencies – ended up in a bill the group backs, first introduced by Rep. Bill Foster (D-Ill.).

While calling for states to not ban facial recognition or other identity technologies outright in its new blueprint, the Better Identity Coalition also proposes that they instead follow National Institute of Standards and Technology guidance on digital identity that are already required for federal agencies.

Grant told FCW that although states aren't required to follow NIST guidance, many do, as do some foreign governments. NIST is working on its first update to the guidance in years, although it appears to be delayed: a draft NIST had slated for fiscal year 2022 still hasn't been released. Grant said that it is "safe to say that cybersecurity experts across the globe are very eager to see NIST release the draft ... since the last version was published in 2017, there’s been a big shift in threats against identity systems, as well as the technologies used to guard against those threats."

Some state-level security and privacy legislation has “inadvertently precluded” certain identity tech or created more risks, the blueprint says, pointing to California’s Consumer Privacy Act. The law gives residents the right to access, correct and delete their data, but if organizations holding that data don’t have strong identity controls, they could give it to bad actors, the blueprint points out.

As for facial recognition, the group’s policy proposal acknowledges that proposed bans to the technology stem from real misuses of it in criminal justice or demographic differentials in systems, as NIST found out itself in 2019 research.

But the Better Identity Coalition stresses that there’s a range of different use cases, some not appropriate for the tech, and varying levels of accuracy and equity implications among facial recognition algorithms, with some performing better than others.

Charles Romine, director of NIST's Information Technology Laboratory, told lawmakers in 2020 that “users, policy makers and the public should not think of facial recognition as either always accurate or always error prone.”

Policies aimed at biometrics should be targeted to specific uses, harms or risks and the government should give alternatives to facial recognition, the paper states. 

The new recommendations come as government and industry are dealing with a spike in identity theft and fraud. There was at least a 70% increase in the amount that consumers reported losing to fraud in 2021 compared to the prior year, bringing the total to $5.8 billion, according to the Federal Trade Commission.

At the same time, the growing use of identity credentialing and fraud detection systems, and facial recognition technology in particular, has also elicited complaints and concerns about equity, demographic bias in systems and privacy. 

The report also recommended that state governors and legislatures push motor vehicle departments to issue mobile driver’s licenses and offer identity validation services alongside vital records bureaus that issue birth certificates and other government documents.

For DMVs, that could include verifying that a driver’s license picture on file matches selfies submitted by someone trying to verify their identity – something third party companies currently offer as a service by matching selfies with photos taken of identity cards like driver’s licenses. 

Other recommendations called for pushing virtual notarization services. The policy agenda also includes ensuring that states have accessible options and services for those without state identification like driver’s licenses and promote phishing-resistant multi-factor authentication and risk-based authentication.

NEXT STORY: Lawmakers Announce Bipartisan Breakthrough on Full-Year Omnibus Spending Bill

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.