Face it

Ohio must do more to guard against official abuse of citizens’ privacy through facial-recognition technology


Ohio Attorney General Mike DeWine is taking the first necessary steps to safeguard how law enforcement officials in the state use powerful new facial-recognition technology. But the state must do more.

Mr. DeWine says he will execute recommendations “as fast as we can” from an advisory group he named to examine the technology and its use by the Ohio Law Enforcement Gateway (OHLEG).

Yet neither he nor the group has adequately addressed what could become an invasion by government of Ohioans’ privacy: the technology’s potential to monitor citizens’ activities, collect information about them, and assemble lists of people to watch. New laws are needed to control such data and guard against an accelerating loss of privacy.

Ohio’s facial recognition program allows law enforcement officers to compare digital images of faces captured by security cameras, outdoor surveillance cameras, and cell-phone cameras with photos in the state Bureau of Motor Vehicles’ database. Previously, police relied on time-consuming efforts that used names and addresses to search driver’s-license photos and mug shots.

The new process takes less than a minute — a plus, Mr. DeWine says, if police are pursuing a kidnapper recorded on a security camera. “You want to nail that guy as quickly as possible,” he says.

His office cites three recent cases in which the new technology was used. One of them produced three BMV photos and a prison photo that helped Indiana officials pursue an identity-theft suspect.

Ohio quietly launched its facial-recognition program last June; Mr. DeWine appointed his advisory group after controversy arose over use of the technology. Despite pledges of diversity, the group was official-heavy — four judges, a prosecutor, a county sheriff, a lawyer in the state public defender’s office, a police chief, and a coroner — and included no members of the general public.

The group properly recommends limiting access to the facial recognition program. Now, 26,585 people in Ohio and some parts of Pennsylvania have such access, according to a list supplied by Mr. DeWine’s office.

The advisory group calls for greater access among criminal-justice professionals, such as police and prosecutors, and less for agencies that are not directly engaged in law enforcement. The latter should have to get written permission from the superintendent of the Bureau of Criminal Investigation in the attorney general’s office to gain access to the program, the group says. Such a revision, Mr. DeWine says, will cost as much as $1 million to carry out.

The advisory group urges mandatory training for users of the system, guidelines for reporting and prosecuting misuse, audits to guarantee that state law and OHLEG policies are followed, public education about the facial-recognition program, a steering committee of criminal-justice agencies that use OHLEG, and an advisory body of other professionals.

Mr. DeWine’s office says products of facial searches are not saved. But the advisory panel properly proposes that a formal policy on records retention be written into state law.

Ohioans have reason to be wary that the state could use its new technology to spy on them. The attorney general’s office insists rules and laws are in place to prosecute individuals who abuse the facial recognition system.

But the real threat of abuse of the technology is institutional, not individual. State lawmakers who profess to be mightily bothered by eye-in-the-sky traffic enforcement cameras should be even more concerned about the state’s new, powerful eye on your face.