Why It Matters
A new Congressional Research Service report lands at a fraught moment: the federal government is deploying facial recognition technology at a faster pace than any regulatory framework can track, and Congress has yet to act.
The report, published May 1, 2026, lays out the technical landscape, the expanding scope of federal deployment, and the civil liberties risks that come with it — all without a single comprehensive federal law governing how the technology can be used, who it can be used on, or how long the data can be kept.
The central tension is straightforward: the Trump administration is aggressively expanding biometric surveillance across federal agencies while simultaneously pulling back internal oversight mechanisms. Congress is being handed a detailed roadmap for action. Whether it uses it is another question.
The Big Picture
The CRS report draws a critical distinction between two types of facial recognition systems. The first, one-to-one matching, verifies that a person matches a claimed identity, like unlocking a phone or confirming an airline ticket. The second, one-to-many matching, identifies an unknown individual by searching a large database, the kind used in law enforcement when a surveillance photo is run against a criminal database.
That distinction matters enormously for facial recognition regulation. One-to-many matching carries far higher civil liberties stakes and, according to the report, far higher error rates, particularly for women, darker-skinned individuals, and older people.
The report catalogs where federal agencies are already using this technology:
- The Transportation Security Administration uses it to verify traveler identities at airport security checkpoints.
- Customs and Border Protection runs its Traveler Verification Service for biometric entry and exit checks at air, land, and sea ports.
- Immigration and Customs Enforcement uses facial recognition technology to support detention and removal operations.
- The FBI operates the Next Generation Identification–Interstate Photo System, a large criminal and civil photo database used in law enforcement investigations.
Beyond government, the report notes commercial facial recognition applications span payments, building access, retail loss prevention, and consumer devices.
What ties all of this together — and what makes the report significant — is the absence of a unifying legal framework. Oversight is fragmented. Agency policies are inconsistent. And citizens are often unaware they are being scanned.
The Administration's Posture
The report arrives as the Trump administration has taken a series of steps that expand the technology's reach while reducing accountability for its use.
In February 2025, the Department of Homeland Security removed its internal directive on face-recognition and face-capture technologies from its website, eliminating existing guardrails. DHS is also reported to be consolidating biometric platforms across CBP, ICE, USCIS, and TSA into a single centralized matching engine capable of cross-agency face, fingerprint, and iris searching, an infrastructure expansion directly tied to immigration enforcement and removal operations.
CBP is simultaneously expanding facial recognition to all non-U.S. citizen travelers at air, land, and sea ports of entry, with phased deployment continuing throughout 2026. ICE has been granted access to new facial recognition tools to support deportation operations, with some access extended to select CBP officers assisting in removal.
The CRS report's findings sit in direct tension with this trajectory. Its emphasis on the absence of a federal regulatory framework, the civil liberties risks of one-to-many matching, and the documented demographic bias in these systems amounts to an implicit challenge to the administration's expansionary posture. The report does not call for a ban, but it makes clear that Congress has not built the guardrails the executive branch has declined to build for itself.
Political Stakes
For the Administration: The consolidation of biometric platforms and the removal of DHS's internal oversight directive leave the administration exposed to legal and political challenges, particularly if high-profile misidentifications occur in the context of immigration enforcement. The report gives critics a detailed, nonpartisan accounting of what oversight mechanisms are missing.
For Republicans: The party faces a split. Border security and immigration enforcement are central priorities, and facial recognition technology has become a key tool in that effort. But facial recognition regulation also draws support from libertarian-leaning members who are skeptical of expanding federal surveillance capabilities, even under a Republican administration.
For Democrats: The report hands Democrats a legislative agenda. Four bills are currently before Congress, and the CRS report provides the policy architecture to argue for all of them. The challenge is that none of these bills are likely to advance without bipartisan support in a Congress where the majority has shown little appetite for constraining the administration's immigration enforcement tools.
For the public: The stakes are concrete. Documented accuracy disparities mean that errors in one-to-many matching are not randomly distributed. They fall disproportionately on women, older people, and darker-skinned individuals. In the context of immigration enforcement or law enforcement investigations, a misidentification is not a minor inconvenience.
Legislation Before Congress
The report references four bills currently before the 119th Congress that reflect different approaches to facial recognition legislation:
H.R. 4695, the Facial Recognition Act of 2025, would require law enforcement agencies using the technology to undergo annual accuracy and bias testing administered by the National Institute of Standards and Technology, and would establish training standards for human operators.
H.R. 3782 would prohibit the federal government from using facial recognition as a means of identity verification for general purposes.
S. 1691, the Traveler Privacy Protection Act of 2025, would restrict TSA and DHS from capturing, collecting, storing, or processing biometric data from airline passengers without explicit authorization.
S. 3779, the ICE Out of Our Faces Act, introduced in February 2026, would ban ICE and CBP from using biometric surveillance systems, including facial recognition, for monitoring individuals.
Taken together, the bills reflect the range of approaches available to Congress, from targeted accuracy mandates to outright prohibitions on specific uses. The CRS report does not advocate for any particular approach, but it gives lawmakers the definitional and technical grounding to make that choice deliberately.
The Bottom Line
The CRS report on biometric technology and Congress makes one thing unmistakably clear: the federal government is deploying facial recognition technology at scale, across multiple agencies, for consequential purposes, with no comprehensive legal framework governing its use.
The public should be aware of two things. First, the accuracy problems in one-to-many facial recognition matching are not theoretical. They are documented, they fall disproportionately on specific demographic groups, and they are being deployed in contexts, immigration enforcement, law enforcement investigations, border screening, where errors have serious consequences. Second, Congress has the tools to act. The CRS report provides the definitional precision, the policy options, and the legislative examples needed to build a regulatory framework. What it cannot provide is the political will to use them.
Access the Legis1 platform for comprehensive political news, data, and insights.