Governments and private companies have a long history of collecting data from civilians, often justifying the resulting loss of privacy in the name of national security, economic stability, or other societal benefits. But it is important to note that these trade-offs do not affect all individuals equally. In fact, surveillance and data collection have disproportionately affected communities of color under both past and current circumstances and political regimes.
In this paper, we present the case for stronger federal privacy protections with proscriptive guardrails for the public and private sectors to mitigate the high risks that are associated with the development and procurement of surveillance technologies. We also discuss the role of federal agencies in addressing the purposes and uses of facial recognition and other monitoring tools under their jurisdiction, as well as increased training for state and local law enforcement agencies to prevent the unfair or inaccurate profiling of people of color. We conclude the paper with a series of proposals that lean either toward clear restrictions on the use of surveillance technologies in certain contexts, or greater accountability and oversight mechanisms, including audits, policy interventions, and more inclusive technical designs.
Facebook Updates Policy to Prohibit Use of Data for Surveillance
But African Americans are not the only population that has been subjected to overt tracking and profiling. The consequences of mass government surveillance were evident in programs like the China Initiative, which the Department of Justice (DOJ) launched in 2018 to prevent espionage and intellectual property theft and formally ceased in February 2022.5Although the China Initiative aimed to address national security threats from the Chinese government, it manufactured wider distrust and racial profiling of Chinese American academics, including those who were U.S. citizens or who lacked ties with the Chinese Communist Party. It led to several false arrests, including those of Temple University professor Xi Xiaoxing, UCLA graduate student Guan Lei, University of Tennessee professor Anming Hu, and National Weather Service scientist Sherry Chen.6 Like with other historically-disadvantaged populations, government surveillance of Asian Americans is not a new phenomenon. As an example, the U.S. government monitored the broader Japanese American community for years even prior to World War II, including by accessing private communications and bank accounts, and eventually used census data after 1941 to locate and detain 120,000 people in internment camps.7
Although suspicion toward communities of color has historical roots that span decades, new developments like facial recognition technologies (FRT) and machine learning algorithms have drastically enlarged the precision and scope of potential surveillance.14 Federal, state, and local law enforcement agencies often rely upon tools developed within the private sector, and, in certain cases, can access massive amounts of data either stored on private cloud servers or hardware (e.g., smartphones or hard drives) or available in public places like social media or online forums.15 In particular, several government agencies have purchased access to precise geolocation history from data aggregators that compile information from smartphone apps or wearable devices. In the general absence of stronger privacy protections at the federal or state levels to account for such advancements in technology, enhanced forms of surveillance used by police officers pose significant risks to civilians already targeted in the criminal justice system and further the historical biases affecting communities of color. Next, we present tangible examples of how the private and public sectors both play a critical role in amplifying the reach of law enforcement through facial recognition and other surveillance technologies.
As both the government and private corporations feed into the problem of surveillance, gaps in current federal and state privacy laws mean that their actions to collect, use, or share data often go unchallenged. In other words, existing laws do not adequately protect user privacy among the rising ubiquity of facial recognition and other emerging technologies, fundamentally omitting the needs of communities of color that disproportionately bear the consequences of surveillance. To reduce the potential for emerging technologies to replicate historical biases in law enforcement, we summarize recent proposals that address racial bias and unequal applications of technology in the public sector. We also explain why U.S. federal privacy legislation is necessary to govern how private sector companies implement fairness in the technical development process, limit their data collection and third-party sharing, and grant more agency to the individuals they surveil.
Version 2.2: released on May 2019. Changed Webmail access policy to block only access from public Internet and encourage OpDivs to reduce its use. Added requirement to restrict the use of personal email, storage services and devices to conduct HHS business and store HHS data.
The HHS Rules of Behavior for Use of HHS Information and IT Resources includes the policy and the rules that govern the appropriate use and protection of all Department of Health and Human Services (HHS or Department) information resources and help to ensure the security of information technology (IT) equipment, systems, and data as well as their confidentiality, integrity and availability. This policy applies to all HHS personnel, contractors, and other information system users and is issued under the authority of the HHS Policy for Information Security and Privacy Protection (IS2P).
Information Technology (IT) - Any services, equipment, or interconnected system(s) or subsystem(s) of equipment, that are used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the agency. For purposes of this definition, such services or equipment if used by the agency directly or is used by a contractor under a contract with the agency that requires its use; or to a significant extent, its use in the performance of a service or the furnishing of a product. Information technology includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including cloud computing and help-desk services or other professional services which support any point of the life cycle of the equipment or service), and related resources. Information technology does not include any equipment that is acquired by a contractor incidental to a contract which does not require its use. (Source: OMB Circular A-130)
On June 24, 2013, by making full use of my mental faculties and my ownership of this account in Facebook, I declare, to whom it may concern, and in particular to the administrator of the company Facebook, my author rights which are related to all my personal information, comments, texts, articles, illustrations, comics, paintings, photos, professional videos and other publications in electronic format that I spread on this site under my signature. The above on the basis of the principle enshrined in the Berne Convention for the protection of literary and artistic works, as well as with regard to the respective national copyright law. For commercial use of the aforementioned items, always must be by my written consent. By this statement, I give notice to Facebook it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this profile and/or its contents. These prohibited actions also apply to employees, students, agents or members of any team, under the direction or control of Facebook. The content of this profile is private and confidential information. The violation of privacy can be punished by law (UCC 1-308 - 1 1 308-103 and the Rome Statute). Note: Facebook is now a public entity. All members must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once, it will be tactically allowing the use of your photos, as well as the information contained in the profile status updates. Do not share; copy and paste
Channel 13 News was just talking about this change in Facebook's privacy policy. Better safe than sorry. As of October 14, 2013 at 5:50pm Eastern standard time, I do not give Facebook or any entities associated with Facebook permission to use my pictures, information, or posts, both past and future. By this statement, I give notice to Facebook it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this profile and/or its contents. The content of this profile is private and confidential information. The violation of privacy can be punished by law (UCC 1-308- 1 1 308-103 and the Rome Statute). NOTE: Facebook is now a public entity. All members must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once it will be tactically allowing the use of your photos, as well as the information contained in the profile status updates. DO NOT SHARE. You MUST copy and Paste
There is a rumor circulating that Facebook is making a change related to ownership of users' information or the content they post to the site. This is false. Anyone who uses Facebook owns and controls the content and information they post, as stated in our terms. They control how that content and information is shared. That is our policy, and it always has been. Click here to learn more: www.facebook.com/policies.
Federal and state laws protect against the removal of eligible registrants from the voter rolls. These include federal prohibitions, applicable in most states, against removing some registrants in the 90 days prior to a federal election and removing registrants solely due to their failure to vote. Unless an election official has first-hand information that a registrant has moved, processes used for removing records for those who may have moved can take longer than two years due to protections to prevent registrants from being removed incorrectly. Such legal protections and the timing of data sharing can result in a lag time between a person becoming ineligible and the removal of their record. This can lead to some official election mail, including mail-in ballots in some states, being delivered to addresses of those who have moved or may be otherwise ineligible. Election officials often encourage people to notify the election office if they receive election mail for individuals who no longer reside at the address. 2ff7e9595c
Comments