You are viewing an archived webpage. The information on this page may be out of date. Learn about EPIC's recent work at

State Facial Recognition Policy


Facial recognition image

Facial recognition technologies (FRTs) attempt to verify individuals using their faces. FRTs detect faces, extract distinctive features from the faces, and compare the features to those accumulated in a database. FRT takes away control of one's identity and gives that control to a third party--often law enforcement. Facial recognition can be used as a digital ID allowing the government or other entity to identify individuals in mass, without consent, and in secret. FRT threatens privacy and civil liberties and the databases required for large-scale facial recognition are vulnerable to data breaches, misuse, and mission creep.

State and Local Laws

California moratorium FRT tech on police body cameras

In October 2019, California enacted a 3-year moratorium on the use of facial recognition technology in police body cameras. The law takes effect in January 2020.

San Francisco, CA Facial Recognition Ban

In May 2019, San Francisco became the first city in the U.S. to ban the use of facial recognition technology by city agencies, including the police department.

Somerville, MA Facial Recognition Ban

In June 2019, the City Council of Somerville, MA voted unanimously to ban the use of facial recognition technology by city agencies, including the police department.

Oakland, CA Facial Recognition Ban

In July 2019, the City Council of Oakland, CA voted unanimously to ban the use of facial recognition technology by city agencies, including the police department. The Oakland ordinance also includes whistleblower protections and a prohibitions on non-disclosure agreements.


EPIC v. CBP (Biometric Entry/Exit Program)

U.S. Custom and Border Protection's implementation of a Comprehensive Biometric Entry/Exit Plan currently includes the testing of facial recognition and iris imaging capabilities at exit/entry points within the US. The FY 2016 Consolidated Appropriations Act provides up to a $1 billion for the CBP biometric entry/exit program and President Trump's Executive Order "Protecting the Nation From Foreign Terrorist Entry into the United States"(Executive Order 13780 of March 6, 2017) explicitly calls on CBP to "expedite the completion and implementation of a biometric entry exit tracking system." These techniques pose significant threats to privacy and civil liberties, in particular the ability to conduct facial recognition covertly, remotely and on a mass scale. The lack of precautions that can be taken to prevent the collection of one's facial image, in addition to the absence of well-defined federal regulations controlling the collection, use, dissemination, and retention of biometric identifiers, raises serious privacy concerns for the individual. Identification through these processes eliminates an individual's ability to control their identities and poses a specific risk to the First Amendment rights of free association and free expression.

EPIC is concerned that the CBP's biometric entry/exit tracking system and techniques lack proper privacy safeguards and maintains that the public should be fully informed about these systems. Without access to relevant records, EPIC and the public cannot assess the level to which the biometric entry/exist systems used and developed by the CPB safeguard and respect individual privacy. EPIC therefore has a significant interest in obtaining CPB documents concerning the biometric entry/exit system and plan -- including reports, records, correspondence, training materials, technical specifications, memoranda, passenger complaints, contracts, policies and procedures.

EPIC first filed a FOIA request for documents related to the Biometric Entry-Exit program in June 2016, and EPIC subsequently filed several FOIA requests after that. In EPIC v. CBP, EPIC has sued the agency for details about the program. Documents obtained by EPIC, and featured at Buzzfeed, have revealed significant flaws in the technology.

Pending Legislation

News logo
Back to State Policy home

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security