Private contractor to drop facial recognition requirement for all state and federal agencies after backlash over IRS plan

The company’s face scans have been run on millions of Americans seeking unemployment insurance, tax credits, pandemic assistance grants or other government services in states including California, Florida, New York and Texas as well as the federal agencies handling Social Security, Labor and Veterans Affairs.

After questioning from The Washington Post, the company also announced that anyone could delete their selfie or photo data starting March 1. The company said its technology has been used by 73 million people, with more than 145,000 new people joining every day.

“We have listened to the feedback about facial recognition and are making this important change, adding an option for users to verify directly with a human agent to ensure consumers have even more choice and control over their personal data,” Blake Hall, the company’s founder and chief, said in a statement late Tuesday.

But the change posed its own issues, said Evan Greer, a director at the digital-rights advocacy group Fight for the Future, who has argued that “biometrics have no place being used by agencies that provide people with basic services.”

“Offering it as an ‘option’ is still hugely problematic because the vast majority of people don’t really know what the risks are associated with handing their sensitive biometric information over to a private company,” Greer said. “They may assume it’s safe because they’ve been directed there through a government agency that they trust or have interacted with before. … Having this as an ‘option’ puts people’s sensitive information at risk.”

The company said agencies that “procured our offline option” will be able to offer people the choice to verify their identities through a live video call or an in-person meeting with a company representative. A company spokesperson did not immediately respond to questions of whether agencies would have to pay more money for that alternative. The Treasury Department signed an $86 million, two-year contract for ID.me services last summer.

The change raises questions of whether applicants will face even more intense delays for verification. People who have gone through the video-chat process — which requires them to hold up official documents for the camera so an agent can verify them — have complained of hours-long delays and technical glitches.

Company officials told The Post last month that only 10 percent of applicants had needed the video-call option, and that the company employed 966 agents who handled video-chat verification for the entire country. While this change might quickly multiply the number of people needing to pursue that option, the company has not said whether or how it will be expanding its workforce to handle the potential surge.

The company said in a statement that it runs other identity-verification systems and is “not a biometrics company,” but it has continued to defend its facial recognition software as federally tested and secure. “The selfie check continues to be a critical tool in the fight against organized crime,” the statement said, but “at the same time, we believe deeply in choice.”

Federal research has shown that facial recognition algorithms can show wildly different accuracy levels based on factors such as the quality of the camera or the color of the person’s skin. And using it requires technical abilities — such as a smartphone or laptop camera — that millions of Americans can’t access or afford.

How the ID.me controversy might affect the continued debate within the federal government over the use of facial recognition software remains an open question.

Ten federal agencies told government auditors last year that they intended to expand their facial recognition capabilities by 2023, including expanding the face-scanning systems used to unlock doors and access computers as well as those used by investigators to seek out names of a suspect or witness to a crime.

But opposition to the use of ID.me’s facial recogntion by the IRS has become one of the few areas on which Democrats and Republicans in Congress agree. A flurry of bipartisan letters from roughly two dozen members of Congress slamming federal officials for allowing “an outside contractor to stand as the gatekeeper between citizens and necessary government services” drove the IRS’s decision to abandon its plan.

There is no federal law regulating how facial recognition should be used or secured. But in the wake of the IRS developments, coalitions of legislators are calling for limitations of its use by federal agencies. Five states (Maine, Massachusetts, New York, Virginia and Vermont) and a number of cities (including Boston, Portland and San Francisco) already have passed laws banning or restricting facial recognition use by the police and other public agencies.

On Tuesday, six Republican senators — Mike Braun (Ind.), Ted Cruz (Tex.), Joni Ernst (Iowa), Josh Hawley (Mo.), John Neely Kennedy (La.) and Tommy Tuberville (Ala.) — announced they were introducing a bill that would ban the IRS from requiring taxpayers to submit face scans or other biometric data.

“We must ensure this disastrous idea is never entertained again,” Scott said in a statement.

And on Wednesday, four Democrats — Sens. Edward J. Markey (Mass.) and Jeff Merkley (Ore.) and Reps. Pramila Jayapal (Wash.) and Ayanna Pressley (Mass.) — sent letters to the departments of Defense, Health and Human Services, Homeland Security, Interior and Justice urging them to stop using facial recognition systems such as Clearview AI, which expanded its database by scraping billions of people’s photos from Facebook, Twitter and YouTube.

“This technology utilizes a high level of surveillance that is often inconsistent with Americans’ right to privacy,” the letter said.

The ID.me stance on facial recognition also clashes with the leaders of the government’s own identity verification service, Login.gov, which has been used by more than 40 million people to access websites run by 28 federal agencies.

Dave Zvenyach, director of the General Services Administration’s Technology Transformation Services, told The Post that the agency “is committed to not deploying facial recognition … or any other emerging technology for use with government benefits and services until rigorous review has given us confidence that we can do so equitably and without causing harm to vulnerable populations.”

ID.me exploded during the pandemic by selling government agencies the promise of remotely confirming Americans’ qualifications for public aid, and the company has celebrated itself as having blocked “hundreds of billions of dollars” in unemployment fraud.