Biometrics

Facing Up to Terrorism

BY

JOHN D. WOODWARD, JR.

✺

A R R O Y O C E N T E RR

For more information on RAND Arroyo Center, contact the Directorof Operations (telephone 310-393-0411, extension 6500; FAX 310-451-6952; e-mail donnab@rand.org), or visit the Arroyo Center’sWeb site at http://www.rand.org/organization/ard/.

RAND issue papers explore topics of interest to the policymakingcommunity. Although issue papers are formally reviewed, authorshave substantial latitude to express provocative views without doingfull justice to other perspectives. The views and conclusions expressedin issue papers are those of the authors and do not necessarilyrepresent those of RAND or its research sponsors.

© Copyright RAND 2001. All rights reserved. No part of this bookmay be reproduced in any form by any electronic or mechanicalmeans (including photocopying, recording, or information storageand retrieval) without permission in writing from RAND.

RAND is a nonprofit institution that helps improve policy and decision-making through research and analysis. Results of specific studies aredocumented in other RAND publications and in professional journalarticles and books. To obtain information about RAND studies or to order documents, contact Distribution Services (Telephone: tollfree 877-584-8642 or 310-451-7002; FAX: 310-451-6915; or Email:order@rand.org). RAND® is a registered trademark.

October 2001

R

1700 Main Street, P.O. Box 2138, Santa Monica, CA 90407-2138

1200 South Hayes Street, Arlington, VA 22202-5050

201 North Craig Street, Suite 102, Pittsburgh, PA 15213-1516

As the nation recovers from the attacks ofSeptember 11, 2001, we must rededicate our

efforts to prevent any such terrorist acts in the future.Although terrorism can never be completely eliminat-ed, we, as a nation, can take additional steps tocounter it. We must explore many options in thisendeavor. Among them, we should examine the useof emerging biometric technologies that can helpimprove public safety. While there is no easy, fool-proof technical fix to counter terrorism, the use ofbiometric technologies might help make America asafer place.

“Biometrics” refers to the use of a person’s physicalcharacteristics or personal traits to identify, or verifythe claimed identity of, that individual. Fingerprints,faces, voices, and handwritten signatures are allexamples of characteristics that have been used toidentify us in this way. Biometric-based systems pro-vide automatic, nearly instantaneous identification ofa person by converting the biometric—a fingerprint,for example—into digital form and then comparing itagainst a computerized database. In this way, finger-prints, faces, voices, iris and retinal images of the eye,hand geometry, and signature dynamics can now beused to identify us, or to authenticate our claimedidentity, quickly and accurately. These biometric tech-nologies may seem exotic, but their use is becomingincreasingly common. In January 2000, MIT Tech-nology Review named biometrics as one of the “top

3

✺

John Woodward, Jr.., a former CIA operations officer, is asenior policy analyst at RAND. He thanks Jon Grossman, PeterHiggins, Bob Preston, Jack Riley, and Shirley Woodward fortheir helpful comments. Research assistant Christopher Hornprovided excellent suggestions and support. The views repre-sented in this issue paper are the author’s own.

ten emerging technologies that will change theworld.” And after September 11th, biometric tech-nologies may prove to be one of the emerging tech-nologies that will help safeguard the nation.

This issue paper does not advance the argumentthat biometrics would have prevented the September11th attacks. Nor does it present biometrics as acomplete solution to the terrorist problem. Rather, itoffers recommendations as to how biometric tech-nologies can be used to improve security and therebyhelp safeguard our communities against future ter-rorist attacks. Specifically, this issue paper discusseshow biometric technologies could be used to impedeterrorism in three critical areas:

1. Controlling access to sensitive facilities at airports,

2. Preventing identity theft and fraud in the use oftravel documents, and

3. Identifying known or suspected terrorists.

It further offers a proposed counterterrorist applica-tion that uses a type of biometric known as facialrecognition to identify terrorists.

CONTROLLING ACCESS

Sensitive areas of the nation’s ports of entry, particu-larly airport facilities, need to be safeguarded so thatonly authorized personnel can gain access to them.Accordingly, individuals who have authorized accessto sensitive areas of airport facilities must be identi-fied and distinguished, accurately and efficiently,from those who do not. Currently, badges and tokenssuch as keys or passcards are used to identify autho-rized personnel and to control access to these areas.For example, display of a photograph identification

4

✺

badge may be all that is needed to gain access to someemployee-only areas of an airport. Similarly, individ-uals with authorized access to a particular area in anairport may use a magnetic strip badge or cardwhich, when swiped through a reader, allows accessto baggage loading areas, runways, and aircraft. Suchaccess control measures, based on items in an indi-vidual’s physical possession, are not particularlysecure. The system assumes that whoever possessesthe badge or the passcard is the person who shouldbe granted access, when in reality, badges and tokensare easily forged, stolen, or misplaced.

Combining something a person must physicallypossess with something a person must know, such asa password or personal identification number (PIN),improves security. For example, a system similar to anautomated teller machine (ATM), which requiresboth a magnetic strip card and a PIN, can reduce thethreat to security from lost or stolen cards. The sys-tem is still easily compromised, however: given theprofusion of PINs and passwords and our difficulty inremembering them, their owners often write them onthe card itself or on a piece of paper stored nearby.

Access control to sensitive facilities can beimproved by using biometric-based identifiers. Inother words, instead of identifying an individualbased on something he has (a badge), or something heknows (a password or a PIN), that person will beidentified based on something he is. For example,instead of flashing a badge, an airline worker with aneed to access sensitive areas of airports could berequired to present a biometric, say his iris, to a sen-sor. From a foot away and in a matter of seconds, thisdevice captures the person’s iris image, converts it to atemplate, or computer-readable representation, and

5

✺

6

✺

searches a database containing the templates ofauthorized personnel for a match. A match confirmsthat the person seeking access to a particular area is infact authorized to do so. This scenario is not sciencefiction. Such a system has been used at Charlotte-Douglas International Airport in North Carolina.

While not foolproof, such a biometric system ismuch harder to compromise than systems using abadge or badge plus PIN. As such, a biometric systemto authenticate the identity of individuals seekingaccess to sensitive areas within airports or similarfacilities represents a significant increase in security.And to the extent that terrorist acts can be thwartedby the ability to keep unauthorized individuals out ofthese sensitive areas, this improvement in physicalsecurity could contribute directly to a decrease in theterrorist threat.

PREVENTING IMMIGRATION

FRAUD/IDENTITY THEFT

In addition to failures to authenticate the identity ofairport employees, failures to accurately identifyindividuals as they cross through our borders canalso contribute to a terrorist attack. It is important toensure that necessary travel documents are used onlyby the person to whom they were issued. Like badgesand tokens, passports, visas, and boarding passes canbe forged, misplaced, or stolen. While anti-fraudmeasures are built into the issuance of such docu-ments, there is room for improvement. A biometrictemplate of, for example, one’s fingerprint (or otherbiometric) could be attached to the document on abar code, chip, or magnetic strip, making it more dif-ficult for someone to adopt a false identity or forge a

travel document. To ensure security, the biometricshould be encrypted and inserted into the documentby a digital signature process using a trusted agent,such as a U.S. embassy’s visa section.

In addition to helping prevent fraud or identitytheft, we can use biometrics to make it easier for cer-tain qualified travelers to identify themselves. Forexample, the Immigration and Naturalization Service(INS) currently uses biometrics in the Immigrationand Naturalization Service Passenger AcceleratedService System (INSPASS). Under INSPASS, over45,000 international travelers, whose identities andtravel papers have been vetted, have voluntarilyenrolled in a system that verifies their identity atports of entry using the biometric of hand geometry.By allowing these frequent travelers to pass throughimmigration quickly, INSPASS enables INS officers todevote more time and attention to problem cases.1

IDENTIFYING KNOWN OR SUSPECTED

TERRORISTS

As the criminal investigation of the September 11thattacks appears to demonstrate, some of the terroristswere able to enter the United States using valid trav-el documents under their true identities, passing withlittle difficulty through immigration procedures atU.S. ports of entry. Once in the country, they patient-ly continued their planning, preparation, training,and related operational work for months and in somecases years until that fateful day. Once inside theUnited States, the terrorists cleverly took advantageof American freedoms to help carry out their attacks.

According to media reports, however, at least threeof the suicide attackers were known to U.S. authori-

7

✺

ties as suspected terrorists. In late August 2001, theCentral Intelligence Agency (CIA) passed informationto the INS to be on the lookout for two men suspect-ed of involvement in terrorist activities. The CIAapparently obtained videotape showing the men,Khalid Almihdhar and Nawaf Alhazmi, talking topeople implicated in the U.S.S. Cole bombing. Thevideotape was taken in Kuala Lumpur, Malaysia, inJanuary 2000. It is not clear when the CIA received it.

When the INS checked its database, it found that aAlmihdhar and Alhazmi had successfully passedthrough INS procedures and had already entered theUnited States. The CIA asked the Federal Bureau ofInvestigation (FBI) to find them. But with both menalready in the United States, the FBI was looking fortwo needles in a haystack. The FBI was still seekingthe two when the hijackers struck. Khalid Almihdharand Nawaf Alhazmi are believed to have been hijack-ers on American Airlines flight 77, which crashedinto the Pentagon.

As the above details illustrate, we need a betterway to identify individuals whom we know or sus-pect to be terrorists when they attempt to enter theUnited States. The use of biometric facial recognitionis one way to make such identifications, particularlywhen U.S. authorities already have a photograph ofthe suspected terrorist whom they seek.

FACECHECK

Biometric facial recognition systems could be imme-diately deployed to help thwart future terrorist acts.Such a “FaceCheck” system, the term I use for thespecific counterterrorism application discussed in thispaper, can be done in a way that uses public safety

8

✺

resources effectively and efficiently and minimizesinconvenience and intrusiveness for the average trav-eler.

In general, facial recognition systems use a camerato capture an image of a person’s face as a digitalphotograph. In the most common form of facialrecognition, this image is manipulated and reduced toa series of numbers that represent the image in rela-tion to the “average” face. These numbers are oftenreferred to as a template, which is then instantlysearched against a “watchlist,” or computerized data-base of suspected terrorists’ templates. This searchseeks to answer the question, “Is this person in thewatchlist database?” A computer-generated match or“hit” alerts the authorities to the presence of a poten-tial threat. The value of such a system in helping toprevent individuals such as Khalid Almihdhar andNawaf Alhazmi from entering the country is clear.Indeed, according to the Washington Post, a govern-ment committee appointed by Secretary of Trans-portation Norman Y. Mineta to review airportsecurity measures will recommend that facial recogni-tion systems be deployed in specified airports toimprove security.2

OPERATIONAL FRAMEWORK

Controlling access to sensitive facilities, as well as pre-venting immigration fraud and identity theft, can beaccomplished with a variety of biometric systems. Suchsystems can accommodate users and are relatively easyto incorporate into current security systems (i.e., addinga digitally signed, encrypted biometric bar code toexisting travel documents or badges). Moreover, thetechnology is readily available.

9

✺

Identifying known or suspected terrorists presentsa greater challenge. While fingerprint and other bio-metric systems could be used to identify these indi-viduals, government authorities might find it difficultto collect the fingerprints or iris scans of suspectedterrorists in order to build the database against whichto compare an unknown individual. Facial recogni-tion biometric systems, however, offer a way aroundthis problem. Specifically, facial recognition systemswill allow the identification of a suspected or knownterrorist even if the only identifying information wehave is a photograph.

But the technology is not perfect, and it has yet tobe fully vetted in real-world, operational settings.3

Facial recognition systems received much publicattention in January 2001 when authorities inTampa, Florida deployed one at Super Bowl XXXVin an attempt to identify threats to public safety. AtRaymond James Stadium, surveillance camerasscanned the crowd and captured images of spectatorsattending the Super Bowl. Authorities reported thatthe system made nineteen computer matches. Basedon this limited experience, it is difficult to discernhow well the system worked. The police did notmake any arrests based on the computer matches,and it is therefore not known whether any of thesematches were “false matches,” also known as “falsepositives,” i.e., false alarms because the individualwas not in fact the person the system thought he was.In other words, although the computer may indicatea match, this information is not confirmed until thepolice arrive on the scene and scrutinize the suspect.

Dr. James L. Wayman of San Jose State University,a leading biometrics expert, has explained thatalthough human beings generally can perform facial

10

✺

recognition processes with relatively high fidelity andat long distances, these activities are still very chal-lenging for technological systems. At the most basiclevel, even detecting whether a face is present in agiven electronic photograph is a difficult technicalproblem. Dr. Wayman has noted that unless the pho-tograph is captured under very controlled conditions,ideally with each subject looking directly into thecamera and filling the area of the photo completely,the system may have difficulty identifying the indi-vidual or even detecting his face in the photograph.

Recent technical analyses of facial recognition sys-tems indicate that while the technology showspromise, it is not yet advanced enough to be consid-ered fully mature. The “Facial Recognition VendorTest 2000” study makes clear that the technology isnot yet perfected.4 This comprehensive study of cur-rent facial recognition technologies, sponsored by theDepartment of Defense (DoD) Counterdrug Technol-ogy Development Program Office, the DefenseAdvanced Research Projects Agency (DARPA), andthe National Institute of Justice, showed that environ-mental factors such as differences in camera angle,direction of lighting, facial expression, and otherparameters can have significant effects on the abilityof systems to recognize individuals.

Recent tests of these technologies indicate that thecurrent capabilities of facial recognition systems arelimited. For example, Professor Takeo Kanade ofCarnegie-Mellon University is skeptical of the sys-tem’s reliability in “a typical airport situation.” Dr.Wayman has stressed that there is a great deal ofroom for improvement in both the algorithms used tomatch sampled faces and in databases of file images.

11

✺

The moderate level of success that current systemshave displayed must be placed in the appropriatecontext, however; while human beings can oftenreadily recognize faces at long distances, the efficien-cy of such recognition falls precipitously when post-ed human guards are asked to scrutinize large crowdsin search of small numbers of potentially threateningindividuals. As a result, for these tasks, the currenttechnical capabilities may still exceed more tradition-al approaches, and combinations of automated andhuman-based recognition could be advantageous. Toassist in this determination, there is definite need forindependent organizations to test, assess, and vali-date the various biometric technologies.

It is of critical importance that the capabilities of sys-tems and potential ways of applying those capabilitiesare appropriately matched to security and surveillanceneeds so that individuals expect neither too much nortoo little from these emerging technological tools.

Although facial recognition is not a perfect tech-nology, we should not let the perfect become theenemy of the good. The overall challenge is to makeit better. Fortunately, gifted scientists and engineersare working on this challenge, and in light of theSeptember 11th attacks, the government is likely tomake additional resources available to encourageresearch, development, testing, and evaluation. In themeantime, we can use facial recognition operational-ly in a way that minimizes its weaknesses. The systemworks best when environmental factors such as cam-era angle, lighting, and facial expression are con-trolled to the maximum extent possible. We mustapply this lesson to our operational framework.

If a person (including a terrorist) is coming to theUnited States from overseas, he must pass through an

12

✺

immigration checkpoint at the port of entry. At thischeckpoint, the INS official scrutinizes the person,asks questions, and inspects the person’s travel docu-ments. The official then makes a decision as towhether the person gets into the box, i.e., enters theUnited States. This immigration checkpoint is one ofthe nation’s vital first lines of defense against terror-ist entry. From the perspective of counterterrorism,this checkpoint is a chokepoint where the would-beterrorist is at his most vulnerable. This is the first andprobably only place in the United States where he willbe closely scrutinized by trained federal officials.Here is how FaceCheck can make the checkpoint amore formidable bastion.

An individual processing through an immigrationcheckpoint at a port of entry should be subject to aFaceCheck whereby he would be required as part ofimmigration processing to pose for a photographunder completely controlled conditions. This way weminimize facial recognition’s technological imperfec-tions, which derive in large measure from attempting

13

✺

Countering Terrorism withFaceCheck

2. Database Search

3. VisualInspection

1.Photograph Capture

?

X

4. Final Decision

Welcometo theUSA

to use the system to find a face in a crowd. The pho-tograph would then be processed by the facial recog-nition system and run against a watchlist database ofsuspect terrorists. If the system indicates a match, thisresult would be confirmed by visual inspection by theauthorities, and the person could be taken to a sec-ondary interview for heightened scrutiny.

Facial recognition systems do not necessarily haveto be implemented to process every individual seek-ing to enter the United States. Rather, the authoritiesshould use FaceCheck in a more strategic way. Thiswould include using it randomly; in targeted ways;and in conjunction with other information. Forexample, FaceCheck could be run on every so manypeople from a given flight. It could be used at differ-ent ports of entry at different times and for differentflights. Similarly, FaceCheck teams could deploy tospecific ports of entry at specific times to target a spe-cific flight in light of threat information. Testers—human guinea pigs whose images have been enteredinto the watchlist database—should be included inthe immigration processing to rigorously evaluate thesystem: How well did FaceCheck do in identifyingsuspects?5

Moreover, while we do not have to use the systemon all passengers entering the United States, weshould consider setting up FaceCheck stations atports of entry and have passengers pose for pho-tographs as though the system were in continuoususe. In this way, we keep terrorists guessing as towhere the systems are actually deployed or in use. Weshould also experiment with FaceCheck systemsusing closed-circuit surveillance cameras to captureimages clandestinely at certain ports of entry. In thisway, we can learn how well such systems work in

14

✺

realistic operational environments and gain informa-tion to improve their technical capabilities. Again, wedo not need to inform passengers as to where suchsystems are actually deployed.

We also need to consider using FaceCheck for visaprocessing at our embassies and consulates overseas.We could easily require a visa applicant to submit toa photograph taken under controlled conditions. Wecould then run a search against the watchlist data-base. Similarly, we do not need to inform visa appli-cants overseas whether we are actually runningFaceCheck.6

Dedicated, highly trained terrorists may be able todefeat facial recognition systems. One technique maybe for a terrorist to undergo cosmetic surgery to alterhis facial features. As a result, he will not match hisdatabase photograph. Similarly, terrorists may try toenter the United States illegally by crossing the rela-tively porous borders with Canada and Mexico. Butalthough facial recognition systems might be defeat-ed by a surgeon’s skill or an illegal border crossing, atleast we force terrorists to take additional steps thatdrain their resources and keep them on the defen-sive.7

POLICY ISSUES

Though these facial recognition systems are not tech-nically perfected, they are improving. There is littlereason to doubt that as the technology improves, itwill eventually be able to identify faces in a crowd aseffectively as it currently identifies a face scannedunder controlled circumstances. And while civil liber-tarians might decry the use of this technology as aninvasion of privacy, the key lies in balancing the need

15

✺

for security with the need to protect civil liberties.8 Inthis regard, three brief points need to be made.

First, we do not have a constitutional right to pri-vacy in the face we show in public. The United StatesSupreme Court has determined that governmentaction constitutes a “search” when it invades a per-son’s reasonable expectation of privacy. But theCourt has found that a person does not have a rea-sonable expectation of privacy in those physicalcharacteristics that are constantly exposed to thepublic, such as one’s facial features, voice, and hand-writing. Therefore, although the Fourth Amendmentrequires that a search conducted by governmentactors be “reasonable,” which generally means thatthe individual is under suspicion, the use of facialrecognition does not constitute a search. As a result,the government is not constrained, on FourthAmendment grounds, from employing facial recogni-tion systems in public spaces. Although the use offacial recognition may generate discussion of thedesirability of enacting new regulations for the use ofthe technology, such use is allowed under our currentlegal framework.

Secondly, current legal standards recognize that weare all subject to heightened scrutiny at our bordersand ports of entry. The “border exception” to theFourth Amendment recognizes the “the longstandingright of the sovereign to protect itself by stopping andexamining persons and property crossing into thiscountry.”9 Accordingly, such searches are reasonableand do not require a warrant, probable cause, or evenreasonable suspicion. When we transit our borders,therefore, the authorities can closely scrutinize ourperson and property in ways that they could not doin another setting. Even within our own borders, the

16

✺

law requires airport facilities to conduct securityscreening of passengers’ persons and personal effects,and it is unlawful even to make jokes about threatson airport property.

Finally, it is worth noting that facial recognitionsystems are not relied upon to make final determina-tions of a person’s identity. Rather, the system alertsthe authorities so that additional screening and inves-tigation can take place. And though the system willmake false matches that will subject innocent passen-gers to additional questioning and scrutiny, the cur-rent system routinely does the same.

EXISTING GOVERNMENT RESOURCES

There are many existing resources in this field thatcan aid in the implementation of biometric technolo-gy for the uses described above. Since 1992, theNational Institute of Standards and Technologies(NIST), the national security community, and otherfederal agencies have participated in the BiometricConsortium (BC), which serves as the U.S. govern-ment’s focal point for biometric technologies.However, the BC currently operates on a very leanbudget with limited staff.

The Department of Defense is also involved inexploring the uses of biometric technology. In thewake of the Khobar Towers terrorist attack in SaudiArabia in 1996, DARPA embarked on a $50 millioninitiative known as “Human ID at a Distance,” amajor component of which is facial recognition.DARPA’s ambitious goal is to help develop biometrictechnologies, like facial recognition, that can bedeployed to identify a known terrorist at some dis-tance, before he closes on his target.

17

✺

The nation’s political leadership has also recog-nized the potential of biometric technologies. As partof an appropriations bill for 2001, Congressaddressed the use of biometrics technology for DoDto use in its information assurance programs.Specifically, Public Law 106-246, which was signedinto law on July 13, 2000, included a provision mak-ing the Army “the Executive Agent to lead, consoli-date, and coordinate all biometrics informationassurance programs of the Department of Defense.”Soon thereafter, Pentagon leadership created aBiometrics Management Office to consolidate over-sight and management of biometric technology forDoD.

POLICY RECOMMENDATIONS

The U.S. government has taken positive steps toencourage the use of biometrics. It is time to do more.The newly established Office of Homeland Security(OHS) is a logical place to coordinate these efforts.Specifically, OHS can focus part of its efforts onusing biometrics to counter terrorism. As a first step,OHS, working with other concerned agencies like theDepartment of Justice, INS, FBI, CIA, Department ofState, and Department of Transportation, shoulddraft guidelines to explain how biometric technolo-gies, particularly the FaceCheck system, should beused and implemented. This OHS coordination effortis essential for any biometrics that would be used inconjunction with travel documents where interoper-ability and technical standards are of critical impor-tance.

These guidelines should also address a crucialaspect of any FaceCheck system—the data that are

18

✺

included in the watchlist database. In this regard, theguidelines must include rigorous technical and proce-dural controls on the information that goes into thewatchlist database. The nation’s focus now is on thewar against terrorism; the focus of the watchlist data-base should similarly be on locating known or sus-pected terrorists and deterring unknown terroristsfrom entering the United States. Depending onresources and constraints, the watchlist might alsoinclude certain individuals for whom there are felonyarrest warrants outstanding.

Accordingly, OHS should immediately task thelaw enforcement and intelligence communities toprovide photographs of known and suspected terror-ists for the watchlist database. The security and intel-ligence services of foreign states could also contributeto this effort. It would also seem advisable to expandFaceCheck so that it can be used among other nationsat their ports of entry to help identify terroristsaround the globe.

With an eye toward the future, OHS should workclosely with the BC, INS, and DoD’s ongoing bio-metric initiatives to encourage the U.S. government’sbiometric development efforts. Priority should beplaced on rigorous independent vetting and testing ofbiometric technologies.

CONCLUSION

There is no high-tech silver bullet to solve the prob-lem of terrorism. And it is doubtful that facial recog-nition or other biometric technologies could haveprevented the terrorist attacks on September 11th.But to the extent we can improve access control atsensitive facilities such as airports, reduce identity

19

✺

theft and immigration fraud, and identify known orsuspected terrorists, then we make terrorism moredifficult in the future. Biometrics is one technologythat can help us achieve the goal of a safer America.

20

✺

NOTES

1To learn more about INSPASS, visit http://www.ins.gov/graphics/lawenfor/bmgmt/inspect/inspass.htm.

2On September 24, 2001, Visionics Corporation, a companyspecializing in biometric products, issued a white paper,“Protecting Civilization from the Faces of Terror: A Primer onthe Role Facial Recognition Technology Can Play in EnhancingAirport Security.” Joseph Atick, the CEO of Visionics, testifiedbefore the government committee. For additional information,see www.visionics.com. Similarly, Viisage Technology Inc. hasbeen selected to install its facial recognition system at a U.S. air-port. This deployment is believed to be the first-in-the-nationuse of face-recognition technology for airport security. The sys-tem is expected to be operational in 2001. For further details,see Viisage Press Release, “Viisage Selected to Deploy the FirstFace-Recognition Technology System for Security in a U.S.Airport,” October 4, 2001, available at http://www.viisage.com.

3See, e.g., Lee Gomes, “Can Facial Recognition Help SnagTerrorists?” Wall Street Journal, September 27, 2001, p. B11.

4The “Facial Recognition Vendor Test 2000” study is avail-able at http://www.dodcounterdrug.com/facialrecognition/FRVT2000/frvt2000.htm.

Other large-scale evaluations include the report of theUnited Kingdom’s Communications-Electronics SecurityGroup (CESG) Biometrics Working Group (BWG), “BiometricTest Programme Report,” available at http://www.cesg.gov.uk/technology/biometrics/, and the Facial Recognition Technolo-gy (FERET) program’s evaluation of algorithms, available athttp://www.dodcounterdrug.com/facialrecognition/FERET.feret.htm.

The Visionics white paper cited above does not discuss testand evaluation issues related to the use of facial recognitiontechnology.

5An abundant source of volunteer testers could include air-crews, for example.

6Along these lines, Congress is considering requiring foreign-ers to have identification cards bearing their digitized finger-prints for entry into the United States. The legislation’s goal isto permit greater screening of foreign visitors.

21

✺

7Through coordinated efforts with our neighbors, it might bepossible that Canada and Mexico would embrace deploymentof a FaceCheck system.

8For a more detailed discussion of the policy concernsattached to facial recognition, see, e.g., John D. Woodward, Jr.,Super Bowl Surveillance: Facing Up to Biometrics, SantaMonica, CA: RAND, IP-209, 2001.

9United States v. Ramsey, 431 U.S. 606, 616 (1977).

22

✺