Senators Seek FTC Probe of ID.me Selfie Technology
In a letter to the Federal Trade Commission requesting an investigation, four Democratic senators asked the regulator to examine whether identity verification company ID.me's statements pointed to its use of illegal "deceptive and unfair business practices."
May 18, 2022 at 12:41 PM
5 minute read
A group of Democratic senators has asked the Federal Trade Commission to investigate whether identity verification company ID.me illegally misled consumers and government agencies over its use of controversial facial recognition software.
ID.me, which uses a mixture of selfies, document scans, and other methods to verify people's identities online, has grown rapidly during the coronavirus pandemic, largely as a result of contracts with state unemployment departments and federal agencies, including the Internal Revenue Service.
The company, which says it has more than 80 million users, has also faced growing questions about that role as well as whether a private contractor should be allowed to act as a de facto gatekeeper to government services. It is already the subject of an investigation by the House Oversight and Reform Committee.
Key to the concerns have been questions about ID.me's use of facial recognition technology. After long claiming that it only used "one-to-one" technology that compared selfies taken by users to scans of a driver's license or other government-issued ID the company earlier this year said it actually maintained a database of facial scans and used more controversial "one-to-many" technology.
In a letter sent to FTC chairman Lina Khan requesting an investigation, Sens. Ron Wyden, Cory Booker, Ed Markey and Alex Padilla on Wednesday asked the regulator to examine whether the company's statements pointed to its use of illegal "deceptive and unfair business practices."
ID.me's initial statements about its facial recognition software appeared to have been employed to mislead both consumers and government officials, the senators wrote in the letter.
"Americans have particular reason to be concerned about the difference between these two types of facial recognition," the senators said. "While one-to-one recognition involves a one-time comparison of two images in order to confirm an applicant's identity, the use of one-to-many recognition means that millions of innocent people will have their photographs endlessly queried as part of a digital "line up."
The use of one-to-many technology also raised concerns about false matches that led to applicants being denied benefits or having to wait months to receive them, the senators said. The risk was "especially acute" for people of color, with tests showing many facial recognition algorithms have higher rates of false matches for Black and Asian users.
Questions over ID.me's use of facial recognition software surfaced in January after the publication of a Bloomberg Businessweek article on the company. That coincided with growing concerns over an $86 million contract with the IRS that would have required American taxpayers to enroll in ID.me in order to use online services. The IRS has since announced that it is looking at alternatives to ID.me.
In interviews with Bloomberg Businessweek as well as in a January blog post by Bake Hall, its chief executive officer, ID.me had defended the fairness of its facial recognition systems partly by saying the company merely used a one-to-one matching system that compares a selfie taken by the user with their photo ID. "Our 1:1 face match is comparable to taking a selfie to unlock a smartphone. ID.me does not use 1:many facial recognition, which is more complex and problematic," Hall wrote in the post.
A week later, Hall corrected the record in a post on LinkedIn, saying the company did use a one-to-many facial recognition system, in which an image is compared against often-massive databases of photos.
Hall, in that post, said the company's use of a one-to-many algorithm was limited to checks for government programs it says are targeted by organized crime and does not involve any external or government database.
"This step is not tied to identity verification," Hall wrote. "It does not block legitimate users from verifying their identity, nor is it used for any other purpose other than to prevent identity theft. Data shows that removing this control would immediately lead to significant identity theft and organized crime."
While researchers and activists have raised concerns about privacy, accuracy and bias issues in both systems, multiple studies show the one-to-many systems perform poorly on photos of people with darker skin, especially women. Companies such as Amazon.com Inc. and Microsoft Corp. have as a result paused selling those types of software to police departments and have asked for government regulation in the field.
According to internal Slack messages obtained by CyberScoop, ID.me's software, demonstrated to the IRS, made use of Amazon's Rekognition product, the very same one that Amazon has stopped selling to law enforcement.
The company had not disclosed its use of Rekognition in a white paper on its technology issued earlier that month.
Privacy and artificial intelligence safety advocates have also complained that ID.me has not opened up its facial recognition systems to outside audit.
Shawn Donnan and Dina Bass report for Bloomberg News.
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllMiami’s Arbitration Week Aims To Cement City’s Status as Dispute Destination
3 minute readFrom ‘Deep Sadness’ to Little Concern, Gaetz’s Nomination Draws Sharp Reaction From Lawyers
7 minute readTrending Stories
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250