The National Crime Records Bureau said its request for proposal (RFP) for Automated Facial Recognition System is under revision, and has extended the deadline to submit bids to May 22. The bids will now be opened on May 27. This is the seventh time that the deadline for submitting bids has been extended, with the previous deadline being March 27. NCRB has also removed the old 172-page long RFP from its website (but we have uploaded a copy here). We have reached out to NCRB for more details.

AFRS is a centralised web application, and is expected to be the foundation for “a national level searchable platform of facial images” which proposed to use data from passports, the Crime and Criminal Tracking Network and Systems (CCTNS), and the Interoperable Criminal Justice System, among other things.

Concerns prospective bidders had raised about the old RFP

In July 2019, when NCRB had held a pre-bid meeting with prospective bidders, questions about the future integration of AFRS with other systems, and how it would deal with cases of plastic surgery were raised. Other concerns raised include:

  1. Difficult for small Indian companies to bid: Prospective bidders had also said that requirements to qualify for developing the AFRS — as per the old RFP — could hardly be met by domestic companies, and in turn give an edge to bigger international firms. This included a request to reduce the turnover criteria, since according to the old RFP, bidders/joint venture companies should have an annual turnover of at least Rs 100 crore in each of the last 3 financial years.
  2. Allow more than 2 joint-bidders: Bidders had also called for allowing a consortium of three companies to place a bid for developing AFRS. The old RFP allowed a joint bid from a consortium of two companies.
  3. Past experience criterion was a problem: The issue of algorithms was also raised at the meeting. A vendor submitted that many companies who have a good algorithm for this system were not able to participate in the bidding because of the experience criterion. According to the old RFP, bidders were required to send a brief write-up to NCRB on their past experience with similar assignments, highlighting their hardware, software, AFRS Solution, etc.

Concerns surrounding surveillance, violation of privacy

When NCRB had announced its plans of developing a centralised facial recognition system, it sparked concerns surrounding state surveillance, and privacy. Advocacy group, the Internet Freedom Foundation (IFF), had written to the organisation, stating that the proposed surveillance tool was unfathomably detrimental to Indians’ privacy, while highlighting that it lacked legality, and had no safeguards and accountability.

  • In response, NCRB had justified the legality of AFRS on the basis of a CCTNS Cabinet Note from 2009, where a system, akin to the AFRS, was envisaged. Based on this note alone, the Bureau said that the AFRS has cabinet approval, and is hence, legal. It had also said that the AFRS will not be integrated with the Aadhaar database.

No data protection law in place: It is also worth mentioning that the department is planning to deploy a national level facial recognition system when India doesn’t have a data protection law. Moreover, the Personal Data Protection Bill, 2019, which is currently being deliberated upon by a Joint Parliamentary Committee, has carved out exemptions for government agencies to adhere to provisions of the Bill. Despite this, the government has maintained that this surveillance system “will not violate privacy”.

Indian authorities use facial recognition technology unabated, sans policy

This comes after Home Minister Amit Shah revealed in Parliament  that the government was using a facial recognition software to identify perpetrators of riots that broke out in Delhi in February, and had identified around 2,000 people. The footage that Delhiites sent to Delhi Police was compared against voter ID data, driver’s licence, and “other government data”. Apart from that, Indian law enforcement agencies continue to use facial recognition technology indiscriminately at rallies, polling booths and protests without any law or policy governing its use.

  • In February 2020, we reported that the Vadodara City Policy is planning to use Clearview AI’s controversial facial recognition software in public places to track “property offenders”. This software could also be used in CCTVs installed at “specific locations” in the city.
  • In January 2020, the Telangana State Election Commission (TSEC) piloted a facial recognition app would be used on a pilot basis at 10 polling stations in the Kompally Municipality in the state’s civic elections.
  • In January 2020, The Indian Railways said that it was in the process of installing Video Surveillance Systems (VSS), equipped with a facial recognition system, in 983 railway stations across the country.
  • In December 2019, Delhi Police used facial recognition technology at Prime Minister Narendra Modi’s rally to screen crowds, News18 had reported.
  • In November 2019, the Hyderabad Police randomly collected people’s fingerprints and facial data to identify “potential” criminals using the TSCOP app which was launched in January 2018. Syed Rafeeq, Additional DCP, South Zone, Hyderabad, had told MediaNama that the police was approaching people to verify if they were “suspects” mostly based on intuition.