Released: June 16, 2015

Consumer group stakeholders withdraw from NTIA facial recognition process

Contact: Linda Sherry, 202-544-3088

Since February 2014, the National Telecommunication and Information Administration (a division of the Department of Commerce) has brought together industry representatives and privacy advocates to write a voluntary code of conduct for companies that use facial recognition technology. Today, all of the privacy advocates who have participated in the full process have decided to withdraw from further negotiations. A joint statement explaining our reasons is set out below.

We believe that people have a fundamental right to privacy. People have the right to control who gets their sensitive information, and how that information is shared. And there is no question that biometric information is extremely sensitive.

You can change your password and your credit card number; you cannot change your fingerprints or the precise dimensions of your face. Through facial recognition, these immutable, physical facts can be used to identify you, remotely and in secret, without any recourse.

At this point, we do not believe that the NTIA process is likely to yield a set of privacy rules that offers adequate protections for the use of facial recognition technology. We are convinced that in many contexts, facial recognition of consumers should only occur when an individual has affirmatively decided to allow it to occur. In recent NTIA meetings however, industry stakeholders were unable to agree on any concrete scenario where companies should employ facial recognition only with a consumer’s permission.

At a base minimum, people should be able to walk down a public street without fear that companies they’ve never heard of are tracking their every movement – and identifying them by name – using facial recognition technology. Unfortunately, we have been unable to obtain agreement even with that basic, specific premise. The position that companies never need to ask permission to use biometric identification is at odds with consumer expectations, current industry practices, as well as existing state law.

We have participated in this process in good faith for 16 months. We have joined working groups and offered constructive suggestions to build towards consensus. People deserve more protection than they are likely to get in this forum. Therefore, at this point, we choose to withdraw from further deliberations.

We hope that our withdrawal signals the need to reevaluate the effectiveness of multistakeholder processes in developing effective rules of the road that protect consumer privacy – and that companies will support and implement.

• Alvaro Bedoya, Center on Privacy & Technology at Georgetown Law*
• Justin Brookman, Center for Democracy & Technology
• Jeff Chester, Center for Digital Democracy
• Susan Grant, Consumer Federation of America
• Joni Lupovitz, Common Sense Media
• Jennifer Lynch, Electronic Frontier Foundation
• Gabriel Rottman, American Civil Liberties Union
• Linda Sherry, Consumer Action
• John Simpson, Consumer Watchdog

* Affiliation for identification purposes.