House lawmakers launch investigation of face-scan contractor ID.me

The House launched an investigation into the efficacy and security of the identity verification contractor ID.me, after government agencies used the software to identify people accessing tax records and unemployment assistance.

Lawmakers wrote a letter to ID.me's chief executive asking for detailed records about the company's contracts with federal, state and local governments, as well as questions about how it investigates potential inaccuracies in its systems. Lawmakers have serious concerns about the accuracy of the facial recognition service and reports of long delays in using the service to get assistance for the swine flu.

The letter was co-authored by leaders of the House Oversight Committee and the House select subcommittee on the coronaviruses crisis. The IRS used ID.me to allow taxpayers to access their records, while states used the service to verify the identities of people seeking unemployment assistance.

Story continues below advertisement

The chair of the House Oversight Committee hopes that the investigation will lead to more transparency and accountability in the use of facial recognition.

Without clear rules of the road, agencies will continue to turn to companies like ID.me, which heightens the risk that essential services will not be provided to Americans, or will be denied, and that their data won't be valid.

A series of stories in The Post raised concerns about the system's accuracy, technical errors and long delays.

There is no federal law on how to protect privacy with facial recognition technology. The IRS's decision to require Americans to use facial recognition to access their tax accounts caused a lot of controversy and led to a House probe.

Story continues below advertisement

Despite warnings from the General Services Administration that the technology is ridden with too many problems to justify its use, government agencies have been increasingly relying on facial recognition. Efforts to pass legislation limiting its use have largely stopped, despite the House holding hearings in 2019.

Following complaints from members of Congress, taxpayers and privacy advocates, the agency walked back its plans to use the service. The facial recognition requirement would be dropped by ID.me.

The IRS and ID.me did not respond to requests for comment.

Story continues below advertisement

The scale of facial recognition use and the accuracy of the services are not known. The company was asked to report how many people completed the ID.me process and how many were rejected. The average wait time for the service is asked in the letter, as well as details about the companies retention of data related to government contracts.

The company said in February that 73 million people who had used its service would be able to remove their selfies.

The company's contracts with the IRS are a concern for the lawmakers. In February, Maloney sent a letter to the IRS, revealing that the agency directed 7 million people to the facial recognition vendor and demanded answers about how the agency would help people in deletion of their data, and how much it would cost for the IRS to end its contract with ID.me.

Story continues below advertisement

The IRS told The Post that it would require ID.me to remove all selfies and face videos it had received by March 11, but would not tell users about it. The agency's contract with ID.me does not allow for it to be terminated without additional costs.

There are issues with requiring ID.me to access key government services for older and low-income people who may not have access to a laptop or a phone. According to the data cited in the letter, 15% of American adults do not own a phone, and 23% do not own a computer.

The ID.me process creates disproportionate obstacles for older individuals who may face challenges using new technology, residents of rural and low-income areas without high-speed Internet access, and households that share technological devices for school, remote work, or job hunting.