Several Federal law enforcement agencies lack essential policies and procedures to address bias and privacy concerns in surveillance and screening technologies – potentially deepening inequalities in the criminal justice system – a Government Accountability Office (GAO) report issued on Dec. 3 warns.
The Department of Homeland Security (DHS) and its U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement (ICE) components – along with the Secret Service – are using various analytical tools, including artificial intelligence-powered technologies, to enhance detection, observation and monitoring.
However, those organizations need to establish policies to address bias risks and strengthen privacy protections, GAO said.
“Technologies such as automated license plate readers and drones can support federal law enforcement activities,” said GAO. “However, the use of these technologies in public spaces – where a warrant is not necessarily required prior to use – has led to concerns about how law enforcement is protecting civil rights, civil liberties, and privacy,” it said.
In 2023, DHS law enforcement agencies reported using over 20 “unique types of technologies” meant for surveillance in public spaces, GAO wrote.
While DHS has been working to develop and implement department-wide procedures and policies to prevent bias in AI systems – such as those used by CBP to detect anomalies, and track and recognize objects – it is not required to do so for non-AI systems, GAO said.
According to the watchdog, the three Federal law enforcement agencies confirmed that they lack specific policies and procedures for assessing bias in all their surveillance technology. Instead, they rely on general processes such as consulting with privacy officials and obtaining “authority to operate” declarations to oversee non-AI surveillance.
The DHS Office for Civil Rights and Civil Liberties (CRCL), which is tasked with ensuring the agency and its components take steps to prevent civil rights and liberties violations, lacks the resources and comprehensive knowledge of all DHS technologies needed to assess bias risks, GAO said.
GAO also emphasized the need for clear, specific policies to guide law enforcement in implementing privacy protections, recommending that these policies use the language of six core privacy principles outlined in the Fair Information Practice Principles – first proposed in 1973 and used to evaluate information systems affecting privacy.
Increasing the specificity of policies could lead to “better assurance that the privacy protections are being implemented and that technology users are aware of their responsibilities to protect privacy,” the watchdog wrote.
“The Biden administration and others have warned that improper collection and use of people’s data could have a chilling effect on First Amendment rights,” said the report. “In addition, civil liberties advocates have noted that the use of facial recognition at certain events – such as protests – could cause people to refrain from engaging in these events in the future for fear of how their data will be collected and used.”
GAO also cautioned that technological bias is not the only factor contributing to disparities in law enforcement practices. It highlighted that human decisions – such as where to deploy surveillance technology and which groups to target – can introduce additional bias, exacerbating racial disparities in police encounters and moving people “deeper into the criminal justice system.”
“Subject matter experts we met with also said that bias could be introduced if law enforcement uses detection, observation, and monitoring technology to target surveillance of certain groups for lawful activism and First Amendment-protected activity, such as religious worship, protest, and dissent,” the report says.
Among GAO’s recommendations are that CRCL should create and apply policies to assess and mitigate bias risks in DHS law enforcement technologies both before deployment and in current use. The agency also said that CBP, ICE, and the Secret Service should mandate that their technology policies align with the Fair Information Practice Principles to enhance privacy protections.
While DHS agreed with the recommendations, ICE and Secret Service stated that their current policies and processes address GAO’s recommendations, and requested that they “be considered implemented,” according to GAO.
“Both ICE and Secret Service stated that privacy protections for these technologies are addressed in privacy impact assessments (PIA) and/or privacy threshold analyses,” wrote GAO, noting that the reply was unresponsive to its recommendations.
“Documentation of responsibilities through policies is a cornerstone of federal internal control standards and helps ensure program objectives are achieved and risks are addressed,” the report says.