Can the Bay Area Rein In the Surveillance Tools It Created?

andriano.cz/Shutterstock.com

Oakland and San Francisco may become the first cities to ban use of facial recognition technology by government entities. But that’s only the beginning.

OAKLAND, Calif.—On the first Thursday of every month, about a dozen people meet in a dim, sepia-toned room in Oakland’s City Hall. This is the city’s Privacy Advisory Commission—a group of volunteers from each Oakland district, a representative from the Oakland Police Department and the Mayor’s office, and the city’s chief privacy officer, Joe DeVries. They gather to discuss a host of issues related to the city’s growing use of surveillance technology: how data is used, stored, and shared. Just who, in this tech-saturated city, is tracking whom?

A predecessor to the first Privacy Advisory Commission convened five years ago, after news of a planned surveillance hub surfaced. The federally funded “Domain Awareness Center” was initially intended just for the Oakland port, but city officials proposed expanding it in 2013. The stated purpose of the $11 million expanded project was to fight crime and better respond to potential emergencies. (Oakland had been struggling with an increase in violent crime since 2005.) The proposal sought to blanket the city with cameras, gunshot detectors, and automated license plate readers so that the actions, movements, and connections of suspects could be tracked—and unwanted incidents, preempted. “It’s all about efficiency and automation into the response when it comes to public safety and emergency response,” the city’s then-chief information officer, Ahsan Baig, told GovTech.

But privacy activists raised the alarm about mass surveillance, particularly highlighting the risk that this technology would discriminate against communities of color in poor neighborhoods. Later, their concerns were vindicated when emails revealed that the real purpose of this initiative was spying on protesters, and the scope of the project was rolled back.

In the wake of the DAC debate, Oakland’s City Council assembled an ad hoc committee to set strict data-retention policies and best practices for the center to follow. That committee suggested that what the city really needed was something more permanent: The technology was bound to evolve, and its uses to multiply.

Oakland’s commission isn’t the only such formal municipal privacy board in the country—Seattle has one, too—but it might be the most aggressive. Under the leadership of local privacy advocate Brian Hofer, it helped pass legislation regulating surveillance in the area, including a transparency ordinance governing the conditions under which the Oakland Police Department cooperates with the FBI and guidelines for “technology impact reports” on each new piece of smart-city surveillance gear the city rolls out.

May’s meeting had a full agenda, and the mood was particularly charged. They discussed the final draft of city-wide Privacy Principles, developed by Berkeley Law’s Samuelson Law, Technology, and Public Policy Clinic. If approved by the City Council next month, this document is meant to act as a lodestar for the city, as it tries to maximize both transparency and privacy—interests that Erik Stallman, the associate director of the Samuelson Clinic, said at the meeting that he believes are not “irreconcilable.”

But the commission were also there to discuss another potential privacy milestone: Thanks to the Privacy Advisory Commission’s work, both Oakland and San Francisco are steps away from becoming the first U.S. cities to ban facial recognition technology, an increasingly common and powerful form of technology that allows computers to identify faces in photos and video footage and match them with law enforcement databases.

Under a Surveillance and Community Safety Ordinance passed last year, new kinds of surveillance technology now must go through a public approval process before being deployed in Oakland. But an amendment proposed by Hofer and commission member Heather Patterson would also expressly prohibit city departments—and any public entities that have data-sharing agreements with the city—from using facial recognition technology, or the information captured through it. (The amendment doesn’t ban private use of this technology, however, so private landlords can deploy it in a residential or commercial building.) If the city’s Public Safety Committee approves the amendment this month, the City Council will vote on it in early June.

San Francisco’s ban mirrors Oakland’s: It’s bundled as part of the city’s proposed Stop Secret Surveillance Ordinance, introduced by supervisor Aaron Peskin in January, and it’s up for a deciding vote this week after passing the city’s board of supervisors.

Right now, neither cities’ police departments are using facial recognition technology. San Francisco stopped testing it in 2017. But preemptively prohibiting the technology fits into a broader effort to establish San Francisco and Oakland as “digital sanctuaries”—places where government data collecting and sharing is underpinned by transparency, accountability, and equity. Facial recognition technology is particularly perilous, privacy advocates say, because it can do something unprecedented: turn one’s visual presence into potentially incriminating information that lands someone, without their knowledge, in a database used by law enforcement.

“Facial recognition is the perfect tool and system for oppression of rights and liberties that Oaklanders cherish,” said Matt Cagle, the technology and civil liberties attorney at the ACLU of Northern California, during public comment in support of the amendment at the May meeting. “The harms are disproportionately experienced by people of color, immigrants, and other communities that are historically targeted by the government for oppression.

Because public places where crowds gather under cameras—to celebrate or protest or simply exist—are such fertile territory for harvesting this information, the fight over facial recognition is a uniquely urban one. And the Bay Area, says Hofer, has a unique responsibility to lead the effort to regulate it.

“We’re where all this technology is being developed,” he said. “I think it’s important that—in the home of technology—that we establish these rules and guidelines.”

***

In 2001, the city of Tampa secretly used cameras equipped with facial scanning software on a stadium full of Super Bowl spectators. The system compared the faces of fans with a mugshot database, revealing that 19 people in the crowd of 100,000 had outstanding warrants for misdemeanors.

Such automated computer-assisted technology had been in development for identifying and verifying criminal suspects since the 1960s. But the 2001 incident was the first time many people realized that the ability for a computer to summon names for human faces was no longer in the realm of science fiction. And plenty were not happy about it: When reports of the incident became public, the ACLU penned a letter to Tampa city leaders, demanding a full explanation for the “Snooper Bowl.”

This would prove to be the beginning of an ongoing series of conflicts between civil liberties advocates and law enforcement. As facial recognition technology improved, authorities touted its many public safety applications: the ability to detect passport and other types of identity fraud, identify active shooters and uncooperative suspects, aid forensic investigations, and help find missing children.

In June, for example, Anne Arundel County police used facial recognition to quickly identify the man who killed five journalists at the Capital Gazette newspaper in Annapolis, Maryland. With the shooter in custody but uncooperative, police compared his photo with millions of images from driver’s license photos and mug shots in the Maryland Image Repository System. “The Facial Recognition System performed as designed,” ​Stephen T. Moyer, Maryland’s public safety secretary, said in a statement to the Baltimore Sun. “It has been and continues to be a valuable tool for fighting crime in our state.”

Facial recognition also has applications beyond the realm of crimefighting, proponents say. It can help the blind identify the expressions of people they interact with, and help historians identify soldiers who died in the Civil War.

But privacy advocates warn that this is a tool that can be used to target vulnerable populations. Authorities in China, for example, use it to profile and control the Uighur Muslim minority. In the U.S., researchers found that the government has already been testing facial recognition technology using photos from child pornography, visa applications, and pre-conviction mug shots without consent or notification. Police in Baltimore faced criticism from civil liberties groups after it used facial recognition to identify and monitor protesters after the death of Freddie Gray in 2015.

In 2016, the Center of Privacy & Technology (CPT) at Georgetown Law came out with a report outlining the extent to which facial recognition had proliferated nationwide. The report found that almost 30 states allow law enforcement to scan drivers license and ID databases. “Roughly one in two American adults has their photos searched this way,” the authors wrote. Overall, around 117 million adults are affected by this technology—they’re part of “a virtual, perpetual line-up,” the report says, where the identifying eyewitness is an algorithm.

Using biometric data—measurements or maps of the unique features of the human body—to find people isn’t new, of course. The first national fingerprint database in the U.S. was assembled by FBI director Edgar J. Hoover in the 1920s; in the 1990s, the Bureau’s Combined DNA Index System, or CODIS, allowed law enforcement to use DNA profiles to help identify and locate offenders. But the scope and reach of facial recognition goes further than these databases, which only track a relatively small segment of the population. You can’t secretly fingerprint or collect DNA information from vast groups of people from afar, like you can with facial recognition. As surveillance cameras capture people’s faces, law enforcement can construct an intimate real-time portrait of their movements around the city.

“This technology lets law enforcement do something they literally have never been able to do before,” said Alvaro Bedoya, the founding director of Georgetown Law CPT and co-author of the 2016 report. “People need to understand that this is not normal.”

It’s not just that this technology has a greater reach. Research has shown that facial recognition software is prone to error when it comes to identifying gender and ethnic minorities. In 2018, researchers at MIT tested three types of AI-based facial recognition technology and found an error rate of 0.8 percent when identifying white men, but failed with 34.7 percent for black women.

“You’ve already seen issues with law enforcement and their use of force,” said Sameena Usman, the Government Relations Coordinator for the Council on American-Islamic Relations, during public comment at the privacy commission’s May meeting. “To have this kind of facial recognition software that is inaccurate could lead to these types of wrongful deaths.”

Still, police departments nationwide are eagerly adopting the technology, which is being marketed by companies such as Amazon. That company’s Rekognition software is being piloted in Florida and Oregon, despite questions about its accuracy. (The ACLU used a version of Rekognition to scan photos of the 535 members of Congress against 25,000 public mugshots, and got 28 false hits.) Amazon is also pushing ICE to buy Rekognition.

Local leaders, especially in cities struggling with crime problems, are often taken with the idea that facial recognition-powered surveillance will be a boon for public safety. “In Oakland, we do have a good amount of crime,” Noel Gallo, a City Council member, told the San Francisco Chronicle. “It’s just a form of public safety since I don’t have the police staffing necessary to protect our children and families. If you do the crime, you should also be clearly identified.”

Though the commission approved the facial recognition amendment unanimously, the tension between safety and privacy sparked debate at the May meeting. Oakland Police Department representative Bruce Stoffmacher had been tasked with analyzing the department’s use of remote, live-streaming cameras and suggesting in what circumstances they could be deployed under Oakland’s broader surveillance ordinance. One draft of the exemptions suggested officers should only be able to use the devices for undercover operations, or at public events that are expected to draw 10,000 or more people and national attention.

But Stoffmacher also laid out situations in which the police would want to use these devices in smaller gatherings, such as Golden State Warriors game parades. “It’s still considered a large enough event where OPD is going to try to have officers observing. You could be live-streaming that either to emergency operations center or to the police headquarters building,” he said. “I don’t think it’s supportive of the nature of policing to be able to say this is an exact number.”

Others argued that any cameras deployed by police at large and small events would have a chilling effect on protected free speech and assembly. “There’s nothing benign about a police officer holding a camera at a public gathering,” said Henry Gage III, an Oakland-based attorney and a member of the Coalition for Police Accountability, during public comment at the meeting. “That’s essentially political violence by another name.”

Part of the tension could be eased with clearly articulated use cases, Hofer said: If the police have intelligence that a protest or gathering will include a group with a history of violence—such as the white supremacist Proud Boys, for example—perhaps this technology would be useful.

“The police have a duty to ensure public safety, and they need to be able to operate in some manner in order to achieve that,” he said. “And so some of this is going to need a really fine line.”

***

In a sense, this technology is already out of the box, and a facial recognition ban such as Oakland’s or San Francisco’s will not be able to stuff it back in. Images of people in public can still be shot, collected, and stored; potentially, they can just be sent elsewhere to be analyzed.

“Facial recognition does not require specific cameras to enable it—it’s helped by them, but does not require them,” said Mike Katz-Lacabe, a member of Oakland Privacy. “As long as you have the cameras, you can take that video and send it somewhere else to analyze it.”

This scenario frequently plays out in other realms of smart surveillance.

Last year, the local accountability nonprofit Oakland Privacy found that Bay Area Rapid Transit was documenting license plate information from California drivers and storing the records in a database that was also accessible by Immigration and Customs Enforcement. That gave ICE access to 57,000 plate records, allowing them to track the movement of potentially undocumented immigrants and anyone who comes in contact with them.

The worry is not just that ICE has been deporting immigrants without criminal records at record levels. It is that the Department of Homeland Security (DHS) is also keeping tabs on family members, advocates, and supporters. The Intercept recently found that DHS has been monitoring civilians who are protesting the administration’s practice of separating migrant families.

In that context, BART’s transportation data collection could have had more insidious implications—just as live-streaming a protest might. “It may be that a local police department doesn’t really have anything malignant in mind, but if they collect all of the pictures and make it available, other agencies can get ahold of that information and use it for any purpose they want,” said Tracy Rosenberg, an organizer with Oakland Privacy and the director of the Oakland technology organization Media Alliance. “And those purposes aren’t always consistent with what they thought.”

These convoluted surveillance supply chains complicate enforcement of facial recognition bans like Oakland’s, says Steve Trush, a research fellow at UC Berkeley’s Center for Long-Term Cybersecurity and a board member of the nonprofit Hofer chairs, Secure Justice. Even if Oakland or San Francisco’s city departments adhere to it, they’re surrounded by counties and states that don’t. “I can envision some of that friction there could be resolved if enough cities in the county agree to ban facial recognition,” Trush said. “Then maybe you could see maybe it’s time for the county to consider banning it, and maybe the state agrees to an outright ban.”

What’s more, facial recognition technology isn’t just in the hands of official bodies like governments and law enforcement: It’s on your neighbor’s front door. “Smart” video doorbell devices such as those made by Ring and Nest have created a whole army of citizen-recorders, who can potentially ping law enforcement with surveillance of passersby they find suspicious. As these devices become recognition-enabled, it will be difficult for Oakland, or any city, to ensure that this technology was not used somewhere in the data collection process when they receive intelligence.

With more regulations and pressure from consumers, Trush says, perhaps technology companies will choose to develop their products without facial recognition technology, or create alternatives. Already, campaigns launched from within tech companies like Microsoft and Amazon have raised ethical concerns surrounding projects and contracts; in response, those companies have walked back certain initiatives.

Ultimately, achieving a critical mass of local and state regulations on this technology is Hofer’s dream, too. “I do expect this to spread,” he said. “We cracked the door open and are letting others join in.”

But he and other advocates also acknowledge the challenges involved in containing the spread of smart technology that threatens privacy. That’s why the commission is also pushing to pass Oakland’s guiding Privacy Principles, which can inform future policy-making.

“What we wanted was, rather than technology-specific legislation, a process that could handle whatever came down the pike,” said Rosenberg. “Because whatever was upsetting in 2015 is going to be different than what’s upsetting in 2019 or 2023. You don’t want to create a nine-headed hydra situation where you put in regulation that’s technology specific, and then technology shifts and it’s like nothing ever happened.”

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.