Mike DeWine’s office has received a report on its facial recognition technology.

The report from DeWine’s hand-picked Advisory Committee was released on Friday.  The report makes a number of recommendations aimed at tightening up access to the facial recognition software.

That is good.

Unfortunately, the report does not recommend any changes to how information can be gathered, used, and maintained on a day to day basis.

That is bad.

The report acknowledges that facial recognition technology is a new tool, and that it “is important to examine the security and technology behind OHLEG to ensure the system is serving as a tool for criminal justice practitioners and not being used improperly.”

So what recommendations were made to guide the proper use of this technology?  None.

The Committee did not address the legitimate concerns about the use of this technology.  Back when this story broke, we suggested two potential problems. First, the database could be used to compile lists of those who appear at political or social events.  Law enforcement could then create a “web of association” and target innocent people and their friends/families for scrutiny. Second, the database could be used to track the movements of innocent people without a warrant.  This tracking could be used to reveal intimate details about a person’s life – such as doctor visits and religious views.

We hoped that the Committee would recommend some guidelines on the acceptable use of this system.  The Committee could have, for example, restricted the use to ongoing investigations or prohibited the use to identify persons who were not the subject of a criminal investigation.

Instead, the recommendations all focused on restricting access to the system.

Don’t get us wrong.  This is sorely needed.  The Cincinnati Enquirer, which has been doing great work in bringing this issue to light, recently reported that close to 30,000 people nationwide have access to this database.  How bad is Ohio compared to other states with similar databases?  The Enquirer reports that in Kentucky (long known for protecting civil rights), only 34 people statewide have access to a similar facial recognition database.  Pennsylvania allows much more liberal access; about 500 people statewide can access the database.

Compare that to a single small Ohio County.  A recent article in the Marion Star illustrates this problem.  The article notes that in Marion County (population 66,000) about 110 people have access to this facial recognition software.

DeWine’s committee suggests SOME tightening of access to the database.  The Committee’s report suggests that all law enforcement officers in Ohio should retain access to this technology, and that the Attorney General’s Office could continue to give access to non-law enforcement personnel on a case by case basis.

What about people outside of Ohio?  Don’t worry, the report recommends that Ohio adopt a “written policy governing access by out?of?state  agencies.”  So we should be all good.

The Committee also, predictably, recommends more training (which seems useless to us; if people don’t know by now they should not access databases for non-law enforcement purposes, will an additional training session make a difference?) and random audits of users (which seems like a really good idea – let’s do it now!).

The most disturbing aspect of the report is the assumption that if we just knew more about facial recognition software, we would learn to love it.  “Public education about information found in [the system]” the report suggests, “can increase the accuracy of those records while improving public perception of the system.”  In regards to facial recognition software, “The public should be informed as to how facial recognition searches can benefit them.”

What the public needs now is some leadership from the Attorney General.  Mike DeWine should stop hiding behind a committee and give us some answers on what he believes is an acceptable use of this technology, and what he believes is not an acceptable use of this technology.