Coalition expresses concern over FBI proposal to exempt biometrics database from Privacy Act protections has joined a coalition of civil rights, human rights, immigrant rights, privacy and transparency organizations, and companies in expressing concern over an FBI proposal to exempt its extraordinary biometrics database – the Next Generation Identification (NGI) system –from virtually every key provision of the Privacy Act.

Since the launch of NGI in 2008, the public has waited for the FBI to publish basic privacy notices about this database, including a System of Records Notice (SORN) and/or a Privacy Impact Assessment (PIA). These are required by the Privacy Act when the agency starts to keep – or significantly changes – a database like NGI. In all this time, the FBI has not met these basic requirements.

On May 5, 2016, the FBI finally published a  SORN for NGI; The same day, the FBI asked for exemptions to key public protections of the Privacy Act, specifically provisions that allow people to: (1) find out if they are in the NGI database; (2) request the FBI promptly fix errors and inaccurate information in their files; and (3) obtain information (so long as it would not impede law enforcement) about whether their information is being shared with other parts of the government.

More significantly, the FBI is not just seeking exemption from specific requirements of the Privacy Act. It has asked to be exempt from the part of the law that lets citizens enforce any Privacy Act violation (5 U.S.C. § 552a(g)) – even violations of requirements from which the FBI is not exempt. For example, the Privacy Act indicates an agency shall “maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized” in specific circumstances (5 U.S.C. § 552a(e)(7)). Under the FBI’s proposal, the FBI could violate that rule – and private citizens could never take them to court.

The DOJ gave the public 21 business days to comment on both the FBI SORN and the request for significant exemptions from the Privacy Act. The letter emphasizes that, after waiting over half a decade for the publication of a basic privacy notice about NGI, 21 days is far too little time for the public to comment on the SORN alone, much less on an extraordinarily broad proposal to hide most of its uses – and any violations of the Privacy Act – from the public.

“The secrecy surrounding the FBI’s largest domestic database is concerning for open government groups and civil rights advocates alike,” according to Patrice McDermott, Executive Director of “The public has the right-to-know about the FBI system that employs the most advanced surveillance technologies and runs a database holding records on millions of Americans, many of whom have never been accused of a crime. Moreover, the public has a right to the protections and redress afforded by the Privacy Act.”

The letter calls on the Justice Department to allow the public the opportunity for a careful, step-by-step examination of both the NGI SORN and the FBI’s proposal to render that system largely secret, and requests a 30-day extension to the comment period. 

Read the letter here.