Logging Into a Brave New World: How Facial Recognition Just Got Personal

Surprising exactly no one paying attention to the slow erosion of privacy, the US General Services Administration (GSA) has rolled out its shiny new toy: facial recognition technology for accessing login.gov. Yes, that beloved single sign-in service, connecting Americans to federal and state agencies, now wants your face—literally. This gateway, clicked into over 300 million times a year by citizens has decided the most efficient way to keep us all “safe” is by scanning our mugs. How very 2024.

But of course, this little “upgrade” didn’t just appear overnight. Oh no, it dragged itself through bureaucratic purgatory, complete with false starts, delays, and some spicy critique from the Inspector General. Apparently, login.gov had been fibbing about its compliance with Identity Assurance Level 2 (IAL2)—a fancy label for a government-mandated security standard that requires real-deal verification of who you are. Up until now, that “verification” meant having someone eyeball your ID card photo and say, “Yep, that looks about right,” rather than dipping into the biometric surveillance toolkit.

Facial recognition was supposed to make its grand debut last year, but things got complicated when it turned out login.gov wasn’t actually playing by the rules it claimed to follow. The Inspector General, ever the fun police, caught them misrepresenting their tech’s adherence to the IAL2 standard, causing the rollout to stall while everyone scrambled to figure out if they could get away with this. Now, after enough piloting to give a nervous airline passenger a heart attack, login.gov has finally reached compliance, but not without leaving a greasy trail of unanswered questions in its wake.

Smile for the Algorithm

So here we are, with the GSA proudly offering up facial recognition as the answer to all our identity verification problems. Just snap a “live selfie,” upload it to the cloud, and let some “best in class” algorithm work its magic by comparing your face to the one on your government ID. What could possibly go wrong? According to the GSA, nothing. They swear these photos are used solely for verification purposes and won’t be stored, misused, or, you know, somehow end up in the hands of anyone you wouldn’t want to have your biometric data.