The South Korean Ministry of Justice has provided more than 100 million photos of foreign nationals who travelled through the country’s airports to facial recognition companies without their consent, according to attorneys with the non-governmental organization Lawyers for a Democratic Society.
While the use of facial recognition technology has become common for governments across the world, advocates in South Korea are calling the practice a “human rights disaster” that is relatively unprecedented.
“It’s unheard-of for state organizations—whose duty it is to manage and control facial recognition technology—to hand over biometric information collected for public purposes to a private-sector company for the development of technology,” six civic groups said during a press conference last week.
The revelation, first reported in the South Korean newspaper The Hankyoreh, came to light after National Assembly member Park Joo-min requested and received documents from the Ministry of Justice related to a April 2019 project titled Artificial Intelligence and Tracking System Construction Project. The documents show private companies secretly used biometric data to research and develop an advanced immigration screening system that would utilize artificial intelligence to automatically identify airport users’ identities through CCTV surveillance cameras and detect dangerous situations in real time.
Shortly after the discovery, civil liberty groups announced plans to represent both foreign and domestic victims in a lawsuit.
“We, the NGOs, urge the government to immediately stop the establishment of a biometric monitoring system that is not only illegal but also significantly violates international human rights norms,” wrote Advocates for Public Interest Law, MINBYUN - Lawyers for a Democratic Society, the Institute for Digital Rights, the Joint Committee with Migrants in Korea, and the Korean Progressive Network Jinbonet, in a press release that was translated and provided to Motherboard. Attorneys claim the project directly violates South Korea’s Personal Information Protection Act, a law that strictly limits the processing of personal information in the country. Still, the Ministry has yet to announce plans to halt the program, which was scheduled to be completed in 2022.
The practice of buying and selling human biometric data for use in scientific studies without an individual’s consent has a long history. In the 1950’s, cancer researchers at Johns Hopkins Hospital infamously harvested the cells of Henrietta Lacks, a Black woman who had been admitted to the hospital for vaginal bleeding. Without her knowledge, the cells were later reproduced, and have been critical to a range of major medical advancements since the mid 20th century.
News of the South Korean facial recognition data comes amid an ongoing battle over the use of the technology. Numerous studies, including from the US government, have shown the technology to be racist and unreliable, and civil rights advocates have noted that facial recognition is deployed disproportionately against immigrants and communities of color.
Movements against facial recognition in the US have achieved some gains. In 2019, San Francisco became the first US city to ban police and government agencies from using the technology. Six other US cities have since followed suit to varying degrees. Virginia and Vermont have banned local law enforcement agencies from using facial recognition, and in June, several US Democratic Senators introduced legislation that would stop government use of biometric technology. The European Union’s draft Artificial Intelligence Act would also limit live facial recognition in public spaces—but with exemptions for “national security” purposes.
Despite this pushback, the use of the technology is increasingly used in commercial spaces and airports. This holiday season, Delta Airlines will be piloting a facial recognition boarding program in Atlanta, following similar moves by JetBlue. US Customs and Border Protection is already relying on facial recognition technology in dozens of locations.
While the South Korean government’s collaboration with the private sector is unprecedented in its scale, it is not the only collaboration of its kind. In 2019, a Motherboard investigation revealed the Departments of Motor Vehicles in numerous states had been selling names, addresses and other personal data to insurance or tow companies and to private investigators.