Today’s second hour of Tom Ashbrook’s show looked at where facial recognition technology is taking us. The pending ubiquity of identifying individuals from snaphots, web posts, and security cameras is becoming a serious possibility, and with that comes the threat of putting any of us on the scene and adding that information to our profiles.
The DMV has collected and most likely now has digitized our mug shots. That represents a potential security risk for citizens of the Commonwealth. If DMV were to furnish our Mass Drivers License data to third parties such as data aggregators and brokers, security and police agencies, or lose them to hackers, the recipients will be able tag us almost wherever we go where cameras are around and to sell that capability to other entities.
And so, I would like to know with whom the DMV shares MV license data other than to law enforcement agencies for good reason, and whether our photos go with such disclosures. A driver’s license is the gold standard for ID’ing people. Given the recent breach of tens of million Federal employee records, I would really like the Commonwealth to vouchsafe that my likeness and other personal details that I have entrusted them with is our little secret. Any chance that could happen, Will?
Geoff, good question. We’ll check in to this.
Here is the official response of the RMV to this question (sent to us by MASSDOT Legislative Affairs staff).
“The Massachusetts Registry of Motor Vehicles does not sell photo images of our licensees to facial recognition software companies or to any other vendor requesting such content from our database. Nor do we sell the photo images of our licensees to law enforcement. However, law enforcement does have access to the RMV’s photo images of licensees, when needed for official use, for instance, when a police officer makes a motor vehicle stop and he or she has a laptop in the police cruiser, the officer can pull up the driving status and the photo image (to confirm the identity of the driver). They may also access the images during their investigations.
Photo images are in a category denominated as “highly restricted personal information” under the federal Driver Privacy Protection Act, (DPPA) 18 U.S.C. 2721 et. Seq. That law applies to all motor vehicle agencies across the United States that maintain driving and motor vehicle records. It prohibits the dissemination of “personal information” unless authorized by the DPPA. “Highly restricted personal information” (which includes photo images) requires the permission of the person whose image is requested (except when demanded by court order). To see what is and is not authorized see the RMV’s DPPA form (Request for Personal Information in RMV Records) on the website. 1. Go to massrmv.com. 2. Click on Forms and Manuals. 3. Go all the way down the left column and click on: “Request for Personal Information.” It is a 4-page form.
Barbara Miranda, Chief of Staff
Thanks to you both. This information is what I had hoped to receive. Of course, this policy doesn’t mean that drivers’ records haven’t been leaked.
Given the massive breach of Federal employees and applicants for jobs from the OPM database servers, I’m not confident that it couldn’t happen here. DMV data security probably isn’t up to snuff either.
Hope and pray nobody breaks in, or somehow force all state agencies with PII to review their security precautions, procedures, and disaster plans. That’s a job for the Guv’ner but does he know he has it?
I think the administration knows that leaking of identity information is a big risk for the state. Whether they are successful in preventing it is the $64 million question.