Communications Litigation Today was a Warren News publication.
NSLs ‘Essential’

FBI’s Comey Says Agency Piloting Facial Recognition Using Mug Shots, Continuing Cybersecurity Work

The FBI is “piloting” use of facial recognition involving criminal mug shots as part of its Next Generation Identification (NGI) database, but that program will not involve collecting civilians’ photos from drivers’ licenses or other sources, said FBI Director James Comey Wednesday. The facial recognition pilot is limited to criminal mug shots “because those are repeatable, we can count on the equality of them and they are tied to criminal conduct, obviously,” he said. State governments occasionally send the FBI pictures of people who are licensed school bus drivers or have other sensitive professions, but such photos won’t be part of that database, Comey told the House Judiciary Committee during the hearing, which also touched on the effects the USA Freedom Act (HR-3361) would have on the FBI’s surveillance capabilities and cybersecurity work.

Comey was responding to concerns raised by Rep. Zoe Lofgren, D-Calif., who noted reports from the Electronic Frontier Foundation (EFF) in April about the proposed program. His testimony contradicted EFF’s claims that documents it received under the Freedom of Information Act showed the FBI planned to collect up to 52 million photos for facial recognition purposes in the NGI database by 2015. At least some of those photos would come from background check submissions, EFF said.

The FBI’s current cybersecurity work prioritizes “high-level intrusions” involving state-sponsored hacking and global cyber syndicates, Comey said in his prepared testimony (http://1.usa.gov/1oaXQfR). The FBI’s cyber work also frequently involves partnership with the Department of Homeland Security (DHS), such as their joint work to identify 600,000 IP addresses associated with distributed denial of service attacks, he said. The FBI was also involved in the U.S. indictment last month of five Chinese military officials on cyberespionage charges. Comey said China is by far the top state sponsor of cyberattacks, but there are several others he did not want to mention in a public hearing. Rep. Steve Chabot, R-Ohio, said he plans to introduce legislation soon that would ask the FBI and DHS to expand their cyberthreat warnings to U.S. companies.

Comey said he disagreed with Rep. Jerrold Nadler, D-N.Y., who had said National Security Letters (NSLs) and surveillance authorizations under Section 215 of the Foreign Intelligence Surveillance Act overlapped in many aspects. Nadler had based his statements on the White House surveillance review group’s December report on phone metadata storage (CD Dec 19 p4 ). NSLs are “essential” and “the basic building blocks of our national security investigation work,” Comey said. NSLs allow the FBI to collect metadata in a targeted fashion, he said. The House-passed USA Freedom Act places limits on FBI use of Section 215 authorities. The Senate’s version of the USA Freedom Act may include stricter requirements, which Comey said he would be in agreement with as long as they don’t “accidentally” preclude some of the FBI’s most essential surveillance work.