(a) In general
The Administrator and the Commissioner of U.S. Customs and Border Protection shall consult with each other on the deployment of biometric technologies.
(b) Rule of construction
Nothing in this section shall be construed to permit the Commissioner of U.S. Customs and Border Protection to facilitate or expand the deployment of biometric technologies, or otherwise collect, use, or retain biometrics, not authorized by any provision of or amendment made by the Intelligence Reform and Terrorism Prevention Act of 2004 (Public Law 108–458; 118 Stat. 3638) or the Implementing Recommendations of the 9/11 Commission Act of 2007 (Public Law 110–53; 121 Stat. 266).
(c) Report required
Not later than 270 days after October 5, 2018, the Secretary shall submit to the appropriate committees of Congress, and to any Member of Congress upon the request of that Member, a report that includes specific assessments from the Administrator and the Commissioner of U.S. Customs and Border Protection with respect to the following:
(1) The operational and security impact of using biometric technology to identify travelers.
(2) The potential effects on privacy of the expansion of the use of biometric technology under paragraph (1), including methods proposed or implemented to mitigate any risks to privacy identified by the Administrator or the Commissioner related to the active or passive collection of biometric data.
(3) Methods to analyze and address any matching performance errors related to race, gender, or age identified by the Administrator with respect to the use of biometric technology, including the deployment of facial recognition technology; 1
(4) With respect to the biometric entry-exit program, the following:
(A) Assessments of—
(i) the error rates, including the rates of false positives and false negatives, and accuracy of biometric technologies;
(ii) the effects of biometric technologies, to ensure that such technologies do not unduly burden categories of travelers, such as a certain race, gender, or nationality;
(iii) the extent to which and how biometric technologies could address instances of travelers to the United States overstaying their visas, including—
(I) an estimate of how often biometric matches are contained in an existing database;
(II) an estimate of the rate at which travelers using fraudulent credentials identifications are accurately rejected; and
(III) an assessment of what percentage of the detection of fraudulent identifications could have been accomplished using conventional methods;
(iv) the effects on privacy of the use of biometric technologies, including methods to mitigate any risks to privacy identified by the Administrator or the Commissioner of U.S. Customs and Border Protection related to the active or passive collection of biometric data; and
(v) the number of individuals who stay in the United States after the expiration of their visas each year.
(B) A description of—
(i) all audits performed to assess—
(I) error rates in the use of biometric technologies; or
(II) whether the use of biometric technologies and error rates in the use of such technologies disproportionately affect a certain race, gender, or nationality; and
(ii) the results of the audits described in clause (i).
(C) A description of the process by which domestic travelers are able to opt-out of scanning using biometric technologies.
(D) A description of—
(i) what traveler data is collected through scanning using biometric technologies, what agencies have access to such data, and how long the agencies possess such data;
(ii) specific actions that the Department and other relevant Federal departments and agencies take to safeguard such data; and
(iii) a short-term goal for the prompt deletion of the data of individual United States citizens after such data is used to verify traveler identities.
(d) Publication of assessments
The Secretary, the Administrator, and the Commissioner shall, if practicable, publish a public version of the assessment required by subsection (c)(2) on the Internet website of the TSA and of the U.S. Customs and Border Protection.
REFERENCES IN TEXT The Intelligence Reform and Terrorism Prevention Act of 2004, referred to in subsec. (b), is Pub. L. 108–458, Dec. 17, 2004, 118 Stat. 3638. For complete classification of this Act to the Code, see Tables. The Implementing Recommendations of the 9/11 Commission Act of 2007, referred to in subsec. (b), is Pub. L. 110–53, Aug. 3, 2007, 121 Stat. 266. For complete classification of this Act to the Code, see Tables.CODIFICATION Section was enacted as part of the TSA Modernization Act and also as part of the FAA Reauthorization Act of 2018, and not as part of the Implementing Recommendations of the 9/11 Commission Act of 2007 which comprises this chapter.DEFINITIONS For definitions of "Administrator", "appropriate committees of Congress", "Department", "Secretary", and "TSA" as used in this section, see section 1902 of Pub. L. 115–254, set out as a note under section 101 of Title 49, Transportation.
6 U.S.C. § 1118 (2018)