Back to Bills

Limit Mobile Facial Recognition to Ports

Full Title:
Realigning Mobile Phone Biometrics for American Privacy Protection Act

Summary#

This bill would limit how the Department of Homeland Security (DHS) can use certain mobile facial recognition apps. It allows use only for identification at official border crossing points (ports of entry, such as airports, seaports, and land crossings). It directs DHS to set rules within 30 days and to delete stored biometric data (face photos and fingerprints) of U.S. citizens collected by these apps.

Key changes:

  • Bans DHS use of the “Mobile Fortify” and “Mobile Identify” mobile apps (and any successors) outside ports of entry.
  • Allows these apps at ports of entry only for identification purposes.
  • Forbids DHS from sharing these apps with any other federal, state, local, Tribal, or territorial agency.
  • Requires DHS to remove these apps from DHS devices, except where needed at ports of entry; and to remotely disable them on non-DHS devices.
  • Orders immediate destruction of any U.S. citizen images or fingerprints previously captured by these apps, wherever stored.
  • Requires deletion of U.S. citizen images or fingerprints captured at ports of entry within 12 hours.

What it means for you#

  • U.S. citizens

    • If DHS collected your face photo or fingerprint with these specific mobile apps in the past, DHS would have to destroy that data.
    • If these apps are used to identify you at a port of entry, DHS would have to delete your images or fingerprints within 12 hours.
    • This bill applies only to the named mobile apps. It does not address other DHS biometric systems.

  • Non-citizens (including lawful permanent residents and visitors)

    • The bill does not set a deletion timeline for non-citizen data captured by these apps. How long non-citizen data may be kept is not stated.

  • Travelers at ports of entry

    • DHS could still use these mobile apps to confirm identity at ports of entry.
    • For U.S. citizens, any images or fingerprints taken with these apps at ports must be deleted within 12 hours.

  • DHS officers and contractors

    • You would have to stop using these apps outside ports of entry.
    • You must remove the apps from DHS devices (except where needed at ports) and help ensure they are disabled on non-DHS devices.

  • Other government agencies (federal, state, local, Tribal, territorial)

    • DHS could not provide you these apps. Any copies of the apps on non-DHS devices would have to be disabled.

  • Timing

    • DHS must issue standards and guidelines within 30 days of the bill becoming law to carry out these requirements.

  • What is unclear

    • The bill does not explain data handling rules for non-citizens.
    • It does not address other facial recognition tools beyond the named apps and their successors.

Expenses#

The bill may increase administrative and technology costs, but no estimate is available.

  • DHS would need resources to draft and roll out standards within 30 days.
  • Costs are likely for removing the apps from devices, remotely disabling them on non-DHS devices, and auditing systems to find and delete stored images and fingerprints.
  • Training and compliance monitoring may add staff time and technology expenses.
  • No specific costs for state, local, Tribal, or territorial agencies are identified, but apps on their devices would be disabled.

Proponents' View#

  • The bill appears intended to protect privacy by limiting mobile facial recognition to controlled settings (ports of entry) and by requiring rapid deletion of U.S. citizen data.
  • It could reduce the spread of facial recognition in communities by banning use outside ports of entry.
  • Stopping DHS from sharing these apps with other agencies may prevent broader government use of these tools.
  • Short retention (12 hours) for U.S. citizen data could lower risks from data breaches or misuse.
  • Requiring DHS-wide standards within 30 days could create clear, uniform rules.

Opponents' View#

  • One concern is that banning use outside ports of entry may limit DHS’s ability to verify identities quickly in the field away from official crossings.
  • The bill orders immediate deletion of past U.S. citizen data and 12-hour deletion for new captures, with no stated exceptions. This could complicate record-keeping or follow-up actions that might rely on such data.
  • Finding and deleting all historical images “wherever stored” may be technically difficult, and disabling apps on non-DHS devices could be challenging.
  • The bill focuses on U.S. citizens; it does not set retention limits for non-citizens, which may raise fairness and clarity questions.
  • Because it covers only the named apps and their successors, other facial recognition tools may be unaffected, which could limit the bill’s overall impact.