The Department of Homeland Security is soliciting help from the U.S. private sector to run face recognition scans against drivers and passengers approaching the southern border, according to an agency document reviewed by The Intercept.
Despite the mixed track record and ongoing deficiencies of face recognition technology, DHS is hoping to devise a means of capturing the likenesses of travelers while vehicles are still in motion.
According to a “Request for Information” document distributed by the DHS Science and Technology Directorate, the government is looking for private sector assistance to run face recognition on drivers on passengers en route to the border before they even reach a checkpoint. “[DHS] Tech Scouting is seeking information on technology solutions that can capture biometric data (e.g., facial recognition) of occupants present in vehicles at speed as they approach land border checkpoints,” the document states. “Solutions of interest would have the ability to biometrically scan occupants without requiring them to exit the vehicle and provide checkpoint agents with information to determine if the occupants are a threat and if they may enter the United States.
The document does not elaborate on how such a system would be used to determine whether people in a car constitute a threat to the United States, though prior in-car face recognition pilot programs have checked if drivers had been previously arrested. Vendors that brief DHS on their offerings may be invited to participate in further testing, the document notes.
DHS and Customs and Border Protection did not respond to a request for comment.
Dave Maass, director of investigations at the Electronic Frontier Foundation and longtime researcher of border surveillance technologies, cautioned that face recognition can be deeply intrusive in personal privacy.
“We have already seen how automated license plate readers are able to create a massive surveillance dragnet of people’s vehicles and driving patterns,” Maass said. “If law enforcement is able to add face recognition capture from moving vehicles to the mix, they’ll be able to track not only where your vehicle is going, but who is driving it and who is in the car with you, adding a whole new dimension to the privacy invasion.”
Citing various acts of Congress, CBP says it has a legislative mandate to expand biometric identity checks across land, air, and sea. Anyone who has traveled through a major American airport in recent years has likely been confronted with face recognition cameras at security checkpoints or before boarding international flights — a process that can be opted out of, for now.
Since 2016, CBP has tested the use of face recognition cameras at border crossing to rapidly verify the identities of both drivers and passengers without requiring travelers to leave their cars. The program outsources to a computer the need for a human to compare the picture on a traveler’s ID to the face behind the wheel. In 2018, The Verge reported DHS added face recognition cameras to two lanes of the Anzalduas International Bridge that carries thousands of vehicles over the Rio Grande every day. In 2019, CBP officials told Politico that this program had ended; in 2021, it announced further limited tests of the systems at two lanes of the Anzalduas crossing.
Agency documents show that to date DHS has struggled to remotely identify drivers. A 2024 report by the DHS Office of Inspector General includes a section titled “CBP Does Not Have the Technology to Collect Biometrics from Travelers Arriving in Vehicles at Land Ports of Entry,” which notes the government has been “unable to identify a viable camera solution to reliably capture vehicle travelers’ facial images in real time.”
A 2022 DHS postmortem on the Anzalduas test obtained by the Electronic Frontier Foundation through a public records request and shared with The Intercept delivers a conflicting message. The 2022 document says that all “stated objectives were successfully met,” but concedes that drivers and passengers were photographed only about three-quarters of the time, and only about 80 percent of these images were usable — figures confirmed by the 2024 OIG report. This 80 percent figure was reached only after extensive tweaking to the test system. The postmortem document suggests remedying the lackluster capture rate in part by simply taking more photos: “CBP must significantly increase the number of occupants whose image is captured.”
Both documents repeat what’s long been known about face recognition technology: It often goes wrong. This is doubly the case at outdoor border crossings, where faces must be captured from behind windshields, obscured by reflections, hats, sunglasses, shadows, weather, Covid masks, sun visors, and a litany of other realworld obstructions and distortions.
While the Anzalduas postmortem touts a 99 percent accuracy rate when matching drivers and passengers to their ID photos, the OIG’s report makes no such claim. The accuracy figures also lack context and demand answers from the government, said Maass. “The report repeatedly trumpets a 99.2% accuracy rate when officials had both quality probe images and an ID image to compare against, approximately 41,000 comparisons in a month. But this still means that more than 3,280 people that month (more than 100 people a day) experienced a face recognition error,” he explained. “What happened to those travelers? How many suffered a minor inconvenience and how many found themselves subjected to prolonged, yet unwarranted, secondary inspection? And was there any correlation between race and those errors? Those questions were either left unanswered or were hidden in the overly redacted document.”
As DHS reaches out to the surveillance industry for help, the 2022 postmortem document offers a cautionary tale. In 2019, Perceptics, which provides CBP with license plate-scanning technology used at these same checkpoints, was hacked, revealing that the company “removed unauthorized copies of traveler image personally identifiable information (PII) and copied this information to Perceptics’ corporate servers.” The document notes that CBP “performed an assessment of additional data protection and insider threat security controls that could be incorporated to prevent a future incident from occurring,” but doesn’t say which, if any, were implemented.
Also included in the hacked files were emails from Perceptics CEO John Dalton, who noted in a message to a lobbyist, “CBP has none of the privacy concerns at the border that all agencies have inland.”