Port Study Sessions Offer Insights on Coming Facial Recognition Biometrics for Travelers

By Eric Schinfeld, Federal Government Relations Senior Manager and Veronica Valdez, Commission Office Specialist

In 2019, the Port began a process to prepare for federal and private sector implementation of facial recognition technology for passenger processing at Port facilities. 

Facial recognition uses biological measurements or physical characteristics to identify individuals. It can make travel safer and more efficient by speeding up check in lines. However, it also raises concerns about privacy, racial equity, cybersecurity, civil liberties and unforeseen uses that raise ethical questions.

The Port Commission wanted to be sure that they — and the general public — understood how this technology works, how it might be used, and key policy and regulatory issues that might need to be addressed. 

The Port heard from a range of stakeholders at two study sessions in September and October 2019.  The first study session focused on how private companies use facial recognition technology to improve efficiency and service.  The Port also heard from civil society groups that raised concerns about threats to privacy and data protection, and inherent bias in the technology. 

The second study session focused on the federal implementation facial recognition biometrics and how the Port has prepared for adoption of biometrics technology at its facilities. By the end of next year, U.S. Customs and Border Protection will start using facial recognition in place of travel documents for arriving international passengers.

Feedback from those study sessions is helping to shape a Commission Motion to ensure proper safeguards when biometric technology is used on travelers and visitors at its facilities. The Port of Seattle Commission will consider the motion at its December 10, 2019 public meeting, which begins at noon in downtown Seattle. Commission meeting materials and a live stream will be available online.  

Q: Are biometrics new at Port facilities?

A: The Port of Seattle has long used various forms of biometrics at its aviation and maritime facilities — for access control and verification of employee, contractor, vendor, consultant identity. Our use of fingerprint scanners for employee access to secure areas of SEA began shortly after 9/11, and we offer travelers the option of using CLEAR at SEA to process through TSA checkpoints. On the maritime side, Norwegian Cruise Line and U.S. Customs and Border Protection have partnered for use of facial recognition for disembarkation of guests at the Pier 66 cruise terminal.

Q: Why is the Commission preparing to take action on biometrics now?

A: Because of efforts by U.S. Customs and Border Protection and some of our tenant cruise lines and airlines, we foresee a significant increase in facial recognition technology deployment at Port facilities over the next few years. They see it as a major benefit to travelers because of a faster and more efficient travel experience, as well as a more accurate security process. 

Q: Is SEA unique in considering facial recognition for passenger processing?

A: Already facial biometrics is being used by U.S. Customs and Border Protection for international arrivals at 11 U.S. airports (and 6 cruise terminals) and by airports/airlines for exit at 20 airports. Those include Atlanta, Dulles, Ft. Lauderdale, Houston, JFK, Las Vegas, LAX, Miami, Orlando, San Diego, and San Jose.

Q: Is SEA going to use facial recognition for mass surveillance of everyone who comes to the airport? 

A: The Port does not condone biometrics for “mass surveillance” — use of facial recognition on large groups of people without a lawful purpose — and has not approved use of facial recognition on the non-secure side of the airport (ticketing counters and TSA). Implementation of facial recognition at SEA is only being considered for passenger processing and facilitation working with CBP, replacing current passport control and boarding pass processes. CBP will utilize facial recognition for arriving international passenger customs and immigration processing when SEA opens our new International Arrivals Facility in late 2020. 

Q: What is motivating the Port to take action on biometrics?

A: At the Port, it is essential to us that there’s a high level of public engagement around something so personal as facial biometrics. We have a chance to ensure that public policy moves at the pace of innovation. To that end, the Port is working toward proper policy frameworks and clear guidelines to balance operational needs, business priorities and regulatory mandates with the interests of passengers, employees, and other visitors to our facilities.

Q: Shouldn’t Congress be responsible for biometric regulations?

A: State and federal regulation may be coming, but the Port Commission has decided to be proactive in developing these policies. Our guiding principles are a start, but we will be working over the next six months to translate them into implementable and enforceable regulations. We believe we are the first port in the country to take a leadership role in developing safeguards to reduce potential misuse and abuse, while improving public understanding of the benefits and risks.

Q: Why is CBP transitioning to facial recognition from current passport control processes?

A: Direction for U.S. Customs and Border Protection to move from biographic data collection to biometric data collection originated as a recommendation of the National Commission on Terrorist Attacks Upon the United States, also known as the 9/11 Commission. In its final report, the 9/11 Commission concluded that “funding and completing a biometric entry-exit screening system for travelers to and from the United States is essential to our national security.” 

• Based on the commission’s recommendations, Congress included biometric entry/exit provisions in the Intelligence Reform and Terrorism Prevention Act of 2004. The FY 2013 Consolidated and Further Continuing Appropriations Act transferred entry/exit policy and operations to CBP. In addition, the FY 2016 Consolidated Appropriations Act authorized funding for a biometric exit program of up to $1 billion to be collected through fee surcharges over a period of 10 years. 
• More recently, Executive Order 13769 stated: “The Secretary of Homeland Security shall expedite the completion and implementation of a biometric entry-exit tracking system for all travelers to the United States, as recommended by the National Commission on Terrorist Attacks Upon the United States.”

Q: What will the Port Commission motion say?

A: On December 10, the Port Commission will consider a set of seven “biometrics guiding principles”: 

• Voluntary — reasonable alternatives should be provided for those who not wish to participate through an opt-in or opt-out process
• Private — data should be stored for no longer than required by applicable law or regulations, and should be protected against unauthorized access or use
• Equitable — the technology should be reasonably accurate in identifying people of all backgrounds, and systems should be in place to treat mismatching issues
• Transparent — use of biometrics should be communicated to visitors and travelers
• Lawful — use of biometrics should comply with all laws, including privacy laws and laws prohibiting discrimination
• Ethical — Port staff and partners should act ethically when deploying technology or handling biometric data
• Justified — biometrics should be used only for a clear and intended purpose and not for surveillance on large groups without a lawful purpose 

These principles will apply until a more comprehensive policy is put in place, through a working group process. In the interim, any proposed use or expansion of biometric technology by Port or private sector partners must demonstrate alignment with these principles; Port leadership will implement an interim review and approval process, and any proposal will be communicated in advance directly to the Port Commission and through the Port’s external communications channels. 

Q: What has the Port Commission done to educate itself on this topic?

A: The Commission has undergone a lengthy and substantive process to educate themselves and the community about these issues:

• Held two Study Sessions (9/10 and 10/29) featuring stakeholders from all sides of the discussion, including airlines, cruise lines, technology companies, U.S. Customs & Border Protection, and immigrant & civil liberties advocacy organizations;
• Outreach to other local jurisdictions and ports from across the country, national trade associations, state and federal elected officials, and policy experts regarding best practices and key issues 
• Commissioners visited several airports implementing facial recognition technology to understand the process and the effect on passengers

Q: Does the Port have the authority to control biometrics at SEA?

A: The Port can set policy for its employees and tenants, like airlines and cruise lines. For our federal partners over whom we don’t have direct jurisdiction, the Port will communicate its guiding principles to CBP and other federal partners such as the U.S. Transportation Security Administration (TSA) and U.S. Coast Guard. We will not only notify them of our desired standards, but also work with these agencies and Congress to ensure that federal programs in place at Port facilities are aligned as closely as possible with Port policy regarding utilization of biometric technology. 

Q: What is CBP doing to protect privacy?

A: CBP has issued Privacy Impact Assessments (PIA) documenting each new phase of biometric testing and deployment. The most recent PIA from November 2018 is a comprehensive document describing how CBP promotes data privacy and appropriate data collection practices, including:

• Opt-out provisions — U.S. citizens who do not wish to submit to facial photo capture pursuant to these processes may request alternative processing. 
• Deletion of U.S. citizen photos — Once a match is made and notated in the appropriate systems, U.S. citizens’ photos are retained for no more than 12 hours, then deleted. 
• Routine testing — CBP regularly tests its facial matching algorithms to ensure high performance and maximize match rates while reducing the risk of false positives. 
• Prohibitions on additional uses — CBP’s business requirements do not permit its private sector partners to retain or share the photos captured at the boarding gate.
• Notifications to travelers — CBP provides notice to travelers at the designated ports of entry through both physical and either LED message boards or electronic signs as well as verbal announcements in some cases.