One of the key fears that critics of mass surveillance and the proliferation of facial recognition technology have warned about has been realized with new reporting Monday that a “malicious cyber attack” has resulted in photos of airport passengers and other personal data harvested by U.S. Customs and Border Patrol being stolen by unknown actors.
“This incident further underscores the need to put the brakes on these efforts and for Congress to investigate the agency’s data practices. The best way to avoid breaches of sensitive personal data is not to collect and retain it in the first place.”
—Neema Singh Guliani, ACLUAccording to the Washington Post:
The CBP apparently did not want to confirm which private subcontractor was the target of the attack, but the Post and others were able to track down that it likely was Perceptics:
“This is a bombshell,” said Evan Greer, deputy director of the advocacy group Fight fight for the Future, in response to the reporting. “Even if you 100% trust the US government with your biometric information (which you shouldn’t) this is a reminder that once your face is scanned and stored in a database, it’s easily shared across government agencies, stolen by hackers, other governments, etc.”
Buzzfeed, also among the first to report on the breach on Monday, noted that the “cyberattack comes amid the ongoing rollout of CBP’s “biometric entry-exit system,” the government initiative to biometrically verify the identities of all travelers crossing US borders.” Citing earlier reporting, Buzzfeed pointed out that “CBP is scrambling to implement the initiative with the goal of using facial recognition technology on ‘100 percent of all international passengers,’ including American citizens, in the top 20 US airports by 2021.”
SCROLL TO CONTINUE WITH CONTENT