Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy United States Government

Will ID.Me Destroy the Data of the 7 Million Americans Already Directed to Its Face-Scanning Service? (msn.com) 26

America's Internal Revenue service abandoned plans to make face-scanning mandatory for access to your tax records.

Unfortunately, before this change of heart the IRS had already directed 7 million Americans to facial recognition vendor ID.me, reports the Washington Post. Now the chair of the House Oversight Committee is urging IRS Commissioner Charles Rettig to instruct ID.me to destroy the biometric data and ensure the data isn't used for "unapproved or unauthorized purposes." "Those Americans' highly personal information may continue to be held by a third party outside of the IRS's direct control — increasing the potential for exposure due to bad actors and other cybersecurity incidents," [head of the committee] . Maloney wrote.... ID.me said on Wednesday that it would drop the facial recognition requirement in its software, which is used by 30 states and 10 federal agencies. The company also told The Washington Post that effective March 1, anyone would be able to delete their selfie or photo data....

The letter follows years of controversy over the government's expanding use of facial recognition software, despite warnings from the General Services Administration that the face-scanning technology has too many problems to justify its use.... There is no federal law regulating how facial recognition can be used or how it should be secured....

Maloney also writes that 13 percent of ID.me users since June had struggled to use the software and were referred to customer service, where representatives would attempt to verify their identities over video chat. The letter says this underscores the "widespread issues related to the use of the nascent facial recognition technology."

In fact, the Verge reports that "Internal documents and former ID.me employees say the company was beset by disorganization and staffing shortages throughout 2021, as shortcomings in the automated systems created tensions among the company's workforce, particularly the human verification workers who have to step in when the algorithms fail." Current and former employees who spoke to The Verge paint a picture of a company described as being in "permanent crisis mode," changing policies rapidly to keep up with fluctuating demand for its services and fight a slew of negative press. In particular, they say a lack of human review capacity has been a chokepoint for the company, leading to stress, pressure, and a failure to meet quality standards. It's an unexpected challenge for a biometrics system that's usually seen as automatic, pointing to the often-ignored workers needed to support automated systems at scale.

When the automated systems fail — ID.me says roughly 10 percent of users will need video chat assistance — it's workers and subjects who are left to manage the consequences.... To keep up with demand, the company added 1,300 new employees between January and September 2021, including 500 to be based in a new office in Tampa, Florida, dedicated to customer support. But as adoption increased, so did complaints. A Vice report found dozens of complaints from applicants who said they had been locked out of unemployment benefits when ID.me's verification service had failed to identify them. When the automated system failed, applicants often faced long wait times to reach human reviewers, according to the report — wait times that became even more burdensome and difficult to navigate for people without access to reliable internet connections....

Many staff were unhappy about the end of work-from-home policies, which were being phased out at the company at the same time as first the delta and then omicron variants hit the US. As in-office staffing levels rose, more ID.me employees began to contract COVID at work, sources said, in some cases taking whole teams offline at once.

One Id.me employee complained to the Verge that "In terms of worker treatment, it's like the Amazon of identity protection."

The article also notes that an ID.me video chat agent was terminated after engaging in "inappropriate conduct," and while the company added new procedures to prevent this, "sources said that these quality checks have begun to fall by the wayside under the pressure of clearing through the backlog of video verification requests."
This discussion has been archived. No new comments can be posted.

Will ID.Me Destroy the Data of the 7 Million Americans Already Directed to Its Face-Scanning Service?

Comments Filter:
  • Government officials obviously did this without oversight or proper planning and should be fired.

    -From a government job, so yea not happening :(
    • If history as taught us anything, is that we should expect a certain level of incompetence from our elected officials. Sadly this means that the appointed officials and government employees can't really be held accountable either. Nobody is getting punished, and you aren't going to receive an apology.

  • That data was collected and will be used. As to "unauthorized", there simply will be a secret authorization that you do not know about and cannot fight. Standard procedure in a budding surveillance state.

  • Why should the ID people destroy the information?

    They haven't made any money with it yet! Look at all the Law Enforcement agencies that will buy this info. All the Governments that will buy it! The Communist Chinese Party who govern the Peoples Republic of China. All the businesses.
    This information is worth money and the company will use it to make money regardless of what the USA Federal Government does with it.
    IMHO
    • Yeah, this sounds like some kind of joke. Throwing away data on someone is like asking if they'll give money away.
  • The answer is NO! Personal data is currency. Personal data that allows for identifying and tracking people even in public spaces, is gold currency. The data in question almost certainly has been or will be stolen and sold to the highest bidder or bidders.

  • ... strikes again.

  • This is likely to have been part of the Id.me plan. They probably won't be able to get the scans back from who they sold them to -- even if they asked.

    • The problem with all digital goods. You never "get them back", you just want them to be deleted - but there is no way of ensuring that this actually happens (unless it is held in a secure auditable system with verifiable access controls).

  • by PPH ( 736903 ) on Saturday February 12, 2022 @11:59AM (#62262121)

    .. to the US Postal Service. Because that's the only way I (and many other people) will do business with the government for the next few decades.

    • by tlhIngan ( 30335 )

      .. to the US Postal Service. Because that's the only way I (and many other people) will do business with the government for the next few decades.

      And the most scam-proof, too. After all, if you ever get a phone call about taxes, or warrants for your arrest, it's a scam. Those things are actually handled through the mail.

      Plus, you get plenty of time - you typically get a month if not more from when you get a notice to when you must have done something about it. You're never going to be arrested "in an hour" f

  • Yup. As I noted last month...
    https://slashdot.org/comments.... [slashdot.org]

    For example, what is ID.me going to do with the all the data they've amassed when their IRS contract expires?

  • by crunchygranola ( 1954152 ) on Saturday February 12, 2022 @12:40PM (#62262217)

    A private company that is disorganized, has poor worker morale, and holds lots of highly sensitive data.

    Who wants to bet that one of more of these unhappy workers has not already downloaded the entire data set and had it walk out the door?

  • by CaseCrash ( 1120869 ) on Saturday February 12, 2022 @12:50PM (#62262235)
    What is with all these giant blocks of texts used as summaries on slashdot recently? I used to be able to see multiple stories at once on the page but this one took almost all of it. This has happened a lot lately.
    • Hell, the summaries are usually just the first 6 paragraphs of a 10 paragraph article nowadays. Gone are the days of actual edited summaries.
  • That particular horse left the barn in the early 2000s. Nowadays, I’m sure that when I look at my phone, at least half a dozen intelligence agencies take my photo. If I shop for groceries, I’m monitored by at least a dozen cameras. God forbid I ever get close to a crowd of people. In addition to any commercial or government cameras, Everyone older than 8 carries a tiny HD camera with them, and nobody refrains from using them anymore.

    Some company has 7 million pictures of faces. So what? What
  • At this point it may the only viable option left even though I have usually opposed it and still kinda do but for problems like this that the modern world is going to keep bringing it's a better scenario than this clusterfuck.

    For as many that fear Soviet style "show me your papers" scenarios is that not what we practically already have with a drivers license? Even if the Federal government decided to standardize state IDs into a format and featureset that made them compatible it essentially has the same fu

    • by schwit1 ( 797399 )

      It already exists. RealID created it without saying that was the intent.

      Getting rid of the convoluted and antiquated income tax system would solve much of this too.

      • Getting rid of the convoluted and antiquated income tax system

        This. They already have the information which is correct for most people.

  • by rantrantrant ( 4753443 ) on Saturday February 12, 2022 @01:47PM (#62262353)
    Before someone finds the unsecured AWS bucket!

Beware the new TTY code!

Working...