Authored by Edward Hasbrouck via Papers, Please! blog,

Today the US Transportation Security Administration released a detailed TSA Biometric Roadmap for Aviation Security & the Passenger Experience, making explicit the goal of requiring mug shots (to be used for automated facial recognition and image-based surveillance and control) as a condition of all domestic or international air travel.

This makes explicit the goal that has been apparent, but only implicit, in the activities and statements of both government agencies and airline and airport trade associations.

It’s a terrifyingly totalitarian vision of pervasive surveillance of air travelers at, quite literally and deliberately, every step of their journey, enabled by automated facial recognition and by the seamless collaboration of airlines and airport operators that will help the government surveil their customers in exchange for free use of facial images for their own business purposes and profits.

The closest contemporary counterpart to what the TSA envisions for the USA is the pervasive surveillance and control of travelers in China through automated facial recognition by the Public Security Bureau.

Automated surveillance of air travelers by the TSA will begin with people who have “voluntarily” provided photos for other purposes such as background checks:

In the near term, TSA will deploy Credential Authentication Technology (CAT) to authenticate the security features of passengers’ ID credentials and allow Transportation Security Officers (TSOs) to retrieve passenger pre-screening status in near-real time…. In the future, TSA will be able to use TSA Pre✓® enrolled facial images for matching…. Moving forward, TSA Pre✓® will increase its access to and utilization of voluntarily-provided biometric data, including facial images, to modernize the trusted traveler experience for TSA Pre✓® travelers.

In a press release announcing its roadmap, the TSA says that:

TSA has already begun testing biometrics for TSA Pre✓® travelers…. As of September 2018, passengers who enroll in TSA Pre✓® or renew their membership in person are required to provide their photograph. Using applicants’ photographs, TSA will test facial biometric technology in TSA Pre✓® lanes at select airports once enrollment numbers support this testing.

The roadmap released today is dated September 2018. We’ve already begun to receive reports suggesting that the TSA may already be using automated facial recognition — without explicit notice or any obvious way to opt out — in “TSA Pre-Check” lanes at checkpoints at some airports. If you see something, say something: Ask whether facial images are being collected, by whom, for what purposes, and subject to what if any option to opt out.

In its next stage, the TSA Biometrics Roadmap envisions expanding automated facial image surveillance to include photos from drivers licenses and state ID cards:

Additionally, TSA will work with DHS and other stakeholders to ensure mobile drivers’ licenses (mDL) are REAL ID compliant and explore their acceptance at aviation security touchpoints across the passenger experience. Several state issuance authorities have started to securely provision mDL onto driver’s mobile devices in addition to issuing a physical license. These solutions may include biometric data that TSA could leverage for identity verification…. TSA will explore opportunities to more effectively use existing information within DHS systems including DHS databases (e.g., IDENT/HART), State Department passport photos, and solutions that may broker verification touchpoints between federal and state systems.

The obvious “touchpoint” between federal and state ID databases would be DHS access to the SPEXS database of information from drivers licenses and state IDs. SPEXS is operated by a contractor of the American Association of Motor Vehicle Administrators (AAMVA), and already includes personal information about more than 50 millionUS residents.

Participation in SPEXS is a de facto condition of state compliance with the Federal REAL-ID Act. SPEXS records sourced from drivers license and state ID databases don’t yet include facial images. But if AAMVA decides to add facial images to the SPEXS dataset, states won’t be able to say no without immediately becoming noncompliant with the REAL-ID Act.

AAMVA is listed among the “stakeholders” collaborating with the TSA. But AAMVA is identified as a “government” stakeholder, even though AAMVA itself claims to be a nongovernmental organization and is not subject to any of the transparency or accountability rules that would apply to a government agency.

“Various” technology vendors were consulted by the TAA and are, presumably, building this infrastructure of enhanced surveillance and control of travel, but are unnamed.

The TSA claims that:

TSA will adopt a “privacy by design” mindset that incorporates privacy considerations into each phase of biometric solution development (design, build, implement). Privacy protections will include restrictions to prevent the use of biometrics for purposes other than transportation security unless individuals have opted into other uses.

But that claim is belied by the fact that none of the stakeholders consulted by the TSA in designing its roadmap for automated facial recognition of travelers were travelers or privacy, civil liberties, or human rights experts or advocates. Other than the conclusionary claim quoted above, there is no actual consideration in the TSA roadmap of its privacy, civil liberties, or human rights implications.

Two other issues beside privacy are are also notably absent from the TSA roadmap:

First, there is no mention of the procedural due process required by the Constitution and the Administrative Procedure Act. The DHS has been sitting on a formal petition for rulemaking regarding its secret non-rules for biometric identification of travelers. But that petition is not mentioned in the TSA Biometric Roadmap. As usual, the TSA and DHS appear to be substituting administrative fiat for public notice and comment. Second, there is no mention of the substantive legal basis, if any, for TSA authority to conduct this surveillance or of its compatibility with the First Amendment, the Privacy Act (which prohibits the collection of information about how individuals exercise rights protected by the First Amendment, such as the right to assemble, without explicit statutory authority), or the obligations of common carriers. What — if any — personal information an airline can demand of a passenger as a condition of travel, consistent with its obligations as a common carrier, under US law recognizing a public right of tranit by air, and under international aviation and human rights treaties, is likely to be a key issue in future litigation.

Travel is a right, not a privilege subject to arbitrarily imposed government conditions. Travelers should continue to “Just Say No” to demands for mug shots or ID papers.