It is unquestionable that technology creates efficiencies. But efficiency should not come at the total expense of privacy. A new app from U.S. Customs and Border Protection (CBP) toes that line between productivity and the need for users’ privacy.
In October 2020, CBP launched a new mobile application to help process individuals entering the United States. The CBP One mobile app has three known functions:
- Merchants can use it to make appointments for cargo inspection.
- Foreign travelers can apply for an arrival and departure record and use its GPS to document their entry and exit from the United States.
- Organizations in Mexico may use it to verify whether individuals are enrolled in the Migrant Protection Protocols (MPP) program.
Though the app’s efficiencies may seem obvious at first glance, the vast amount of data that CBP could collect with this app should give the public pause. A recent Freedom of Information Act (FOIA) request points to some of these potential privacy concerns.
For example, CBP One uses facial-recognition technology to check whether individuals are enrolled in MPP and have pending immigration cases. The app also can use its GPS function to collect information about users’ location when such information is submitted via CBP One.
If not closely guarded, these technologies could track immigrants and use collected data in ways that are outside of the app’s stated purposes.
Information published by CBP regarding this new mobile application raises more questions than it answers. For example, the government states that the use of this app is voluntary. This ignores the reality of how CBP One will be used. CBP does not address whether migrants—who may well be desperate to seek refuge in the United States after having waited in Mexico for MPP processing—would be comfortable denying consent for their pictures to be taken and compared to existing CBP databases.
Likewise, one of the app’s stated future uses would allow bus drivers and airplane pilots to submit biographic information to CBP on behalf of “consenting” travelers, yet the government fails to address what happens if the travel operators make use of the app mandatory. Ultimately, use of the new app may not feel voluntary to the travelers subjected to CBP One.
The agency also does not make clear whether the use of facial recognition will remain optional. A document showing screenshots of the app says the collection of a photograph for non-MPP users is optional “for now.”
The GPS function built into the app also raises concerns. Though CBP One can collect information about users’ whereabouts, CBP claims that it will not track travelers’ location because the GPS location is only received by CBP when the user hits “Submit” on the app. Yet, the app has the capability of locating users. Fundamentally, the government is asking users for trust in keeping this feature off.
Other obvious concerns relate to information sharing. For example, CBP states that data collected through CBP One may be shared with other government agencies. In addition, facial recognition technology has failed in the past to correctly identify racial minorities.
Providing travelers with an expeditious way to facilitate their entry into the country, especially if they have been subject to life-risking delays caused by MPP, is a laudable goal. But CBP should be clear about how it plans to use these tools, now and in the future, so that individuals can make informed decisions about whether to share information with a law enforcement agency.
FILED UNDER: CBP One Risks, Customs and Border Protection