EPIC lawsuit presses FBI for details on biometric database
Electronic Privacy Information Center files a Freedom of Information Act lawsuit against the FBI
IDG News Service - A privacy watchdog has filed a lawsuit contending the FBI has failed to provide requested technical information about a biometric identification database expected to be the largest in the world.
The Electronic Privacy Information Center (EPIC), a nonprofit organization based in Washington, alleges the FBI failed to disclose documents after it filed two Freedom of Information Act (FOIA) requests in September 2012.
EPIC sought information on the FBI's "Next Generation Identification" program, which will amass biometric information on mostly U.S. citizens from local, state and federal law enforcement agencies, including palm prints and iris scans. New York City's police department began collecting iris scans in 2010 of people who were arrested.
According to the FBI, a multimillion-dollar contract was awarded to Lockheed Martin Transportation and Security Solutions to develop the system. When completed, it is expected to be the largest biometric database in the world, according to EPIC's lawsuit.
EPIC said it filed a FOIA request asking for the contracts of companies working on the project, which also include IBM, Accenture, BAE Systems Information Technology, Global Science and Technology, Innovative Management and Technology Services, Platinum Solutions and the National Center for State Courts.
In a second FOIA request, EPIC asked for technical specifications related to the program.
The FBI contacted EPIC in October 2012 and asked the group to narrow its scope for the second FOIA request. EPIC said it has not heard back from the FBI since. Agencies are generally required to respond to a FOIA request within a month, but the deadline may be extended if an agency believes the FOIA request is not specific enough.
"Through the date of this pleading, the FBI has not contacted EPIC again regarding the status of either of EPIC's two FOIA requests," EPIC said in its suit.
EPIC's broad concern is that the Next Generation Identification program could pose privacy risks since it could include photographs of people who are neither criminals nor suspects. People also may be unaware that data is being collected about them, the lawsuit said. It is also concerned the data could be mishandled.
"There is a substantial risk that personally identifiable information could be lost or misused as a result of the creation of the NGI," EPIC's lawsuit said.
The suit was filed in U.S. District Court for the District of Columbia. EPIC is requesting the court order the "immediate disclosure of all responsive records and to provide other appropriate relief as it may determine."
An FBI spokeswoman said Monday the agency does not comment on pending lawsuits.
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts