FBI face rec leads to fugitive pedophile

FBI using facial recognition despite privacy concerns (Valley News – Fargo, ND)

For 19 years, Lynn Cozart eluded authorities after being convicted of sexually assaulting his three children.

He failed to show up for his sentencing hearing and seemed to drop off the map. So in a desperate bid to track down the Pennsylvania native, an FBI agent submitted Cozart’s mug shot to the agency’s newly created Next Generation Identification (NGI) system, which among other things uses facial recognition software to identify suspects.

The story continues at the link. With input from privacy advocates and law enforcement officials.

Asia-Pacific region lagging in counter-terror biometrics

Interpol pushes for more use of biometrics to ID terrorists (Computerworld)

Interpol is calling for Asia Pacific authorities to make better usage of biometrics to identify members of terrorist groups such as ISIS.

“Europe provides 26 more times fingerprint data than the APAC region and 623 times more DNA data. Yet, we know the [APAC] region has the technology and does make use of it at national levels.”

The Europe-Asia comparison is even more dramatic considering the size of their respective populations.

Voice biometrics and “the right to remain silent”

Passcode vs. Touch ID: A Legal Analysis (9TO5MAC)

With the suspect in handcuffs, the agent swipes the student’s finger across the phone to access his call history and messages. Once the FBI swipes the suspect’s finger and bypasses the biometric security, the phone asks for the student’s passcode. The FBI agent asks for his password but the student refuses to speak. How can the FBI agent access the phone? Whereas a fictional Federal Agent like Jack Bauer would simply pull out his gun, jam it in the suspect’s mouth and scream, “WHERE IS THE BOMB?”, in our example, the FBI agent would hit the proverbial brick wall.

This is where a gray area might still exist for hardware protected with voice biometrics.

I’m no criminal or constitutional lawyer, but it seems plausible that while a criminal suspect can be legally compelled to give over their fingerprint, the “right to remain silent” remains.

Commonwealth v. Baust probably isn’t the last word on all biometric modalities that could prove useful in criminal investigations.

Biometrics against criminal aliases

Suspect in deputy deaths arrested in Utah in 2003 (Boston Herald)

Police in West Valley City, Utah, said they took a fingerprint from a man using the name Marcelo Marquez during a misdemeanor hit-and-run arrest in 2003. Court records show that he pleaded guilty, received a year of probation and was fined about $500.

However, Utah authorities never connected him to his real name or his previous criminal record.

In Utah, fingerprint data is entered into a biometric database for all people booked into jail. But for those who are cited and released, police take a print from a single finger that’s kept in state criminal records.

Unless there’s a request from an investigator, the print is not run against the biometric database to determine whether the person has a prior record outside Utah or is using an alias, said Alice Moffat, director of the Bureau of Criminal Identification.

Biometrics are a great way to root out criminal aliases, but only if procedures are in place to run the biometric search.

Law enforcement interoperability, though little discussed, is a big deal

Tyneside jewellery heist could lead to DNA sharing (Chronicle Live)

A jewellery heist on Tyneside has sparked a review of DNA sharing across Europe that could force police to hand over criminal records to foreign counterparts.

Specialists in Newcastle will spearhead a £1.2m effort to design a database that profiles crimes committed across the continent as part of a controversial EU information sharing treaty.

It comes just 12 months after a convicted murderer and his armed gang from Eastern Europe were convicted of carrying out an armed raid at a Newcastle jewellers.

Led by convicted murderer Marek Viidemann, the ring was linked to at least 150 armed robberies across the UK and Europe before being eventually jailed for a total of more than 30 years.

First, DNA is likely to be a small part of whatever system improvements emerge.  It’s expensive and slow compared to just about any other biometric modality or combination of modalities such as finger, face and iris.

From a management standpoint it seems that if you want to have a free flow of people, you need to have a free flow of law enforcement information. This is easier said than done. It’s often a challenge even when dealing with adjacent counties in the same state in the US much less, as in the European context, two different countries.

The term for this system compatibility and ability to effectively cooperate among departments is interoperability. It is a managerial and technical challenge that is rarely dealt with in popular depictions of how law enforcement works but, especially as the complexity of the law enforcement challenge increases, it is of critical importance.

Often, there are good systems in place for passing information “up the chain of command,” i.e. from street cop all the way up to a state or national information repository, but the information doesn’t always flow as freely back down again in the other direction. For various reasons, the formal links between street-level law enforcement officers in neighboring jurisdictions run up through a centralized authority and then back down again, though there are often informal links that bypass the up-and-back-down information flow model. The implications for efficient multi-jurisdictional law enforcement are clear.

Some of these issues came up a couple of years ago in a post. Usefulness of Biometrics in Law Enforcement: Who is the Customer? The analysis there can be extended from biometrics to all sorts of law enforcement IT systems and it has a great deal of bearing on issues like the ones raised by the Newcastle jewelry heist by international criminals.

Many police professionals put a lot more into databases of all types than they ever get out of them. Through biometric technologies and other integration services, SecurLinx works hard to balance that out a bit for our law enforcement customers.

Facial recognition and criminal investigations

Updated & Bumped…
Facial recognition and identifying suspects in the Boston Marathon bombing (Biometric Update)

Since the bombing, authorities have appealed to anyone who was at the event to turn over any video or photo evidence, in hopes that they may hold crucial details in identifying a suspect. Though nothing can be confirmed, particularly in the midst of an investigation, it is likely facial recognition will be used to identify suspects from these photos and videos. So far, the FBI has received more than 2,000 tips.

Auhor Adam Vrankulj strikes the right tone in his article about how facial recognition is going to be applied to investigation of the recent terrible events in Boston. Read the whole thing.

Paul Scheupp, CEO of face recognition technology developer Animetrics weighs in on Fox’s “On the Record,” last night.

UPDATE:
Facial recognition technology could prove key in Boston Marathon bombing manhunt – video embed unavailable.

UPDATE II:
The Boston Marathon bomber: Caught on film? (BBC)
More personal videos are being shot now than ever before, and such footage could help identify the Boston marathon bomber. But how is that footage processed – and could civilians really solve the crime?

Real fake ID’s

Facial recognition system leads to thousands of fraud arrests

After kicking off facial recognition technology, the Department of Motor Vehicle says the state was arresting people by the thousands for possible identity fraud. They were even a bit surprised at the number of people trying to cheat the system.

“We’ve arrested 2,500. We’ve taken 5,000 to administrative hearings,” said Owen McShane from the DMV.

Read the whole thing for an education about how lax issuance of legitimate ID documents enables crime.

See also similar items from Washington and Texas.

Pakistan may require a fingerprint check to purchase a cell phone

Pakistan is considering requiring a fingerprint check as part of the process of purchasing a SIM (Subscriber Identity Module) card as a way of more definitively tying mobile phones to their purchasers.

Nigeria implemented a similar system beginning in 2010.

There are several reasons that countries would want to do this, most related to making it easier (or even possible) to investigate crime. Mobile phones are critically important tools in such criminal enterprises as ransoming kidnapping victims and organized robbery. Terrorists depend upon mobile phones both for communication and to detonate explosive devices.

Tele-operators briefed on biometric system (The Nation)

“NADRA being the sole custodian of biometrics of over 96 percent total population of the country, has offered the biometric solution in the wake of Interior Ministry’s grave security concerns over the use of cellular devices in terrorist plots,” the spokesperson said. It should be noted that on December 1, 2012, the Prime Minister, after taking notice of insecure sales mechanism for issuance of SIMs, directed all telecom companies to employ biometric verification for SIMs issuance within two months’ time.

Biometrics “Fix” Identity

Even if there is fraud in the identification process, biometrics can be used to fix a single identity upon an individual.

An article in today’s Canberra Times about people smuggling brings home the point.

Despite some unauthorised arrivals’ lack of documents, biometric capability is critical. In a few cases, unauthorised boat arrivals will be identified from international databases, particularly through fingerprints. Even if people cannot be identified, the collection of biometric data on arrival provides a basis for anchoring the identity of an unauthorised arrival, so that the Australian community can be confident it is dealing with one person and that further identity-shifting is difficult. It also leaves open the possibility of identification in the future. [Emphasis mine]

One classic use of identity fraud among professional criminals is the use of multiple ID’s so as to keep a clean identity and a dirty identity. If possible, all the documents involved are “real” in that even the ID card related to the fabricated identity is issued by the legitimate authority.

When the the professional criminal with his family in the car is pulled over for running a stop sign in his neighborhood by a police man who goes to the same church, he presents his “real” ID. When he’s picked up in the course of his job, say 1,500 miles away, with a trunk full of weapons and narcotics, he gives the police the ID containing bogus information.

The arresting officers call the ID authority who created the false ID card. Sure enough, he’s in the database. No criminal record. Light sentence for a first offence and he can still go back to his life, get another ID, and go back to work, too.

The same pattern works well with fraud.

Pretty simple, right?

Well, yes — until biometrics.

Once ID issuing authorities institute biometric checks before issuing new ID documents, even a person who lies on their original ID application is stuck with only the one ID.* Further attempts to obtain additional ID’s can be detected and investigated. Later claims of a false identity (or lost ID) can be unraveled.

This is something that might have given pause to the person who supplied Mr. Coriander with fingerprints. If he thought the only time those fingerprints could be used for a UID number, he might not have found the joke as funny.

*This applies to discrete ID management system. If ID databases aren’t linked, it may be possible to maintain different identities in different databases.

UID to Link With Criminal Records System

Home Ministry plans to link its crime records with UIDAI (Economic Times)

The Union home ministry plans to link its crime records with the Aadhar unique identity project, signaling a reversal in its hostile stance towards the Nandan Nilekani-led Unique Identity Authority of India.

The home ministry’s 2,000-crore Crime and Criminal Tracking System project, which aims to create a central database of all crime records in the country, will have a provision for linking up with UID or Aadhar numbers, an official associated with managing the project said.

“The big plan is to link crime records with UID,” the official told ET. “This will make the database easier to handle and more accurate.”

UID has an incredible potential to help bridge Indian bureaucratic silos.