Tag: DHS

When the Department of Homeland Security (DHS) published its final rule last week expanding the use of biometrics at the nation’s borders, it formalized what had been years in the making: a full-scale system to photograph and track every non-citizen who enters or leaves the U.S.

The measure takes effect December 26 and authorizes Customs and Border Protection (CBP) to photograph “all aliens” at all ports of entry and departure, and “any other point of departure.”

CBP and the Department of Homeland Security (DHS) call it an “operational modernization.” Civil-liberties groups call it a sweeping expansion of government surveillance. Regardless of the label, it completes the long-delayed “biometric entry-exit” system Congress first ordered in 1996 and repeatedly demanded after September 11.

The new rule removes prior pilot limits and age exemptions, paving the way for a nationwide network of facial-recognition checkpoints at every border interface the agency controls.

Until now, CBP’s biometric operations have been patchwork. At airports, the agency’s “Simplified Arrival” program already photographs nearly every foreign traveler upon entry, comparing the live image against passport and visa databases.

But exits were another story. Land and sea departures were largely unmonitored, and air-exit facial scans existed only at a handful of airports. The new regulation ends that fragmentation, empowering CBP to photograph all non-citizens leaving the country as well.

By eliminating old limits such as a 15-airport cap and an age exemption for those under 14 and over 79, the new rule removes the last formal barriers to universal coverage. DHS says the expansion will strengthen border security, reduce visa overstays, and “close information gaps” in identifying those who enter and fail to leave when required.

In its public statements, DHS has emphasized efficiency, saying that “photographing travelers at entry and exit allows CBP to verify identities within seconds, reducing document fraud and streamlining inspections.”

Every image captured under the new system feeds CBP’s Traveler Verification Service (TVS), which is a massive cloud-based facial-recognition architecture that cross-checks live photos against government databases. When it verifies a traveler’s identity, it transmits the result to a CBP officer’s screen and stores the image and match data.

For non-citizens, those images can be retained for up to seventy-five years in DHS’s central biometric repository, the Automated Biometric Identification System (IDENT).

The new rule states DHS “may require an alien to be photographed when departing the United States to determine the alien’s identity or for other lawful purposes.” The phrasing gives the government extraordinary latitude in deciding where and how photographs are taken.

In practice, cameras will capture faces wherever CBP has an operational presence at passport control booths, boarding gates, vehicle lanes, pedestrian crossings, cruise terminals, and even small private docks.

Officials have acknowledged that “a few travelers depart the country from locations that are not designated ports of entry,” such as private airfields and marinas. The rule now covers them too.

CBP says the intent is to close loopholes exploited by travelers who might otherwise exit without inspection, but the net result is an authority broad enough to extend biometric surveillance to almost any international departure site.

At airports, implementation will likely resemble what already exists in the Simplified Arrival program. Cameras installed at boarding gates automatically photograph every passenger as they approach the jet bridge. The image is transmitted to CBP’s verification service, matched to passport or visa records, and the traveler is cleared to board if the face and documents align.

The rule applies to “aliens,” but the cameras do not distinguish citizens from non-citizens in real time. At airports and land ports, shared cameras often photograph everyone passing through, citizens included.

CBP insists that citizen participation is voluntary and that its systems automatically delete citizen images within twelve hours once nationality is confirmed. The agency says it posts signage at every location informing citizens they may opt out and present their passport for manual verification instead.

CBP’s rule and privacy documentation say citizen participation is voluntary; if a citizen opts out, CBP or the carrier must provide manual document verification. If a citizen is photographed, the image is deleted upon confirmation of citizenship and no later than twelve hours afterward.

A 2022 Government Accountability Office (GAO) report concluded that CBP’s privacy notices were inconsistent across airports and that airline contractors were often unsure how to process an opt-out. CBP’s own metrics suggest opt-outs are exceedingly rare: about 0.28 percent of air-exit travelers, 0.13 percent of air entrants, and 0.21 percent of pedestrians.

If the system misidentifies a citizen as a non-citizen – or fails to find a matching passport photo – the image can be retained longer than twelve hours. In its own testing, CBP reported false-non-match rates of up to three percent, translating into thousands of misclassified captures daily at full national scale.

Civil-liberties groups argue that even temporary retention undermines the promise of voluntariness.

CBP’s traveler verification infrastructure connects to a web of DHS systems including the Automated Targeting System, the Arrival and Departure Information System, Enhanced Passenger Processing (EPP), and the IDENT biometric database that stores fingerprints, facial images, and iris scans.

Under DHS retention schedules, records of non-immigrant aliens can be held for up to seventy-five years, lawful permanent residents for fifteen, and U.S. citizens only in short-term transaction logs.

The breadth of these retention periods has drawn sharp criticism from watchdogs. The American Civil Liberties Union warned that a program justified as an entry-exit tool could easily become a long-term tracking system for anyone designated a “non-citizen,” including millions of lawful residents and visa holders.

The Center for Democracy & Technology has raised parallel concerns about data sharing between CBP, Immigration and Customs Enforcement, and intelligence agencies. DHS acknowledges that law-enforcement and counterterrorism components can query IDENT under existing memoranda of understanding.

There are also structural risks. Large biometric repositories are valuable targets for hackers. Past breaches – such as the 2019 compromise of a CBP subcontractor’s facial-recognition data – demonstrate that the weakest link may not be government systems themselves but private vendors.

DHS now contracts multiple companies to maintain cameras, software, and data storage across ports, each bound by privacy clauses but ultimately dependent on CBP’s oversight. The agency requires these partners to delete images after transmission, yet GAO has noted CBP’s limited auditing of partner compliance.

CBP officials project that full nationwide coverage will take three to five years, citing the need to install infrastructure at hundreds of land and sea crossings. The program’s success will depend on funding, coordination with state and local port authorities, and technical performance.