It seems like each month we get another example of how the use of  personal information is growing faster than the ability to protect our own privacy.

A massive trove of information is now available, along with tools to gather and manipulate it. Government and businesses are simply too enamored of the possibilities it presents. Meanwhile, the larger public has yet to fully reckon with what that means.

It’s time for the public, and the law, to catch up.

The Washington Post reported Sunday that the FBI and Immigration and Customs Enforcement have accessed hundreds of millions of photos from local, state and federal databases, including state motor vehicle departments.

The photos were used along with facial recognition software for a number of investigative purposes. Some of the database scans were completed as a result of court orders or subpoenas, but most followed a simple email request. The FBI used the searches to identify not only suspects, but also witnesses, victims, bodies and innocent bystanders.

In many case, no one gave the FBI permission to use the photos for this purpose, nor did anyone sign off on state agencies sharing them. No Congress or state legislature voted to allow the sharing of the biometric data – as distinctive as a fingerprint – encased in a photo.


What’s more, the individuals whose photos were used in the searches – the vast majority of whom have not committed a crime – were not aware that they were handing over their biometric data to federal investigators, and they weren’t notified until The Post’s report. (Maine Secretary of State Matthew Dunlap said Monday that his office won’t allow such wide-ranging searches.)

There’s no doubt that being able to access these photos and the information they contain is a powerful tool for law enforcement. It’s similar to when the FBI used personal data collected from smartphone users near a series of robberies in the Portland area last spring to identify a suspect, or when internet companies mine users’ online activity to sell them more stuff.

Technology now allows massive amounts of information to be collected and manipulated. It allows hundreds of thousands of photos to be reviewed in moments. It can follow you around the internet and figure out who you are, what you like, and what you are likely to do next.

A lot of good can be done with that information, and to companies trying to sell more widgets, or to police officers investigating crimes, there’s little downside to using it. So while most people are still trying to figure out what privacy means in an online world, businesses and law enforcement have been aggressive in how they seek out and use all that available information.

For a worst-case scenario in how that can devolve, look at the incredible surveillance state in China, where authorities use facial recognition and online monitoring to track and control members of a minority population.

But even with the best of intentions, personal information can be misused.


Laws have to catch up with how that information is being gathered and used now, with the goal of protecting individuals. These laws should give individuals control over their own privacy, just as the Maine Legislature did this year with a law governing internet service providers.

And they should set clear limits for the use of vast government databases.

Going online shouldn’t cost someone their privacy, and getting a driver’s license shouldn’t mean signing up for what amounts to a nationwide government surveillance program.



Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.