TL;DR: The U.S. government operates several massive biometric databases. The FBI's Next Generation Identification (NGI) holds 161+ million fingerprint records and 30+ million mugshots. DHS's IDENT contains 300+ million biometric profiles and processes nearly half a million queries daily. These systems collect fingerprints, facial images, iris scans, palm prints, voice prints, and increasingly DNA. They share data with each other, with state and local agencies, and with foreign governments. Federal agencies also access 641+ million driver's license photos from state DMVs, often without warrants. A massive upgrade called HART will consolidate DHS biometrics into a cloud-based system with expanded capabilities. If you've been arrested, crossed a border, applied for a visa, or gotten a driver's license, your biometrics are likely in one of these systems.

The Major Federal Biometric Systems

The U.S. government operates several interconnected biometric databases [1]:

System Agency Size Primary Use
NGI FBI 161M+ fingerprints, 30M+ mugshots Criminal justice
IDENT DHS 300M+ biometric profiles Immigration, border
ABIS DoD Millions (classified) Military, intelligence
State DMVs 50 states 641M+ photos accessible to FBI Identity verification

These systems are interconnected. A query to one can trigger searches across others. Data flows between DHS, FBI, and DoD under sharing agreements. The result is a surveillance infrastructure that spans multiple agencies and hundreds of millions of records.

FBI's Next Generation Identification (NGI)

NGI is the world's largest and most efficient electronic repository of biometric and criminal history information [2].

What it contains:

  • 161+ million fingerprint records
  • 30+ million criminal mugshots searchable via facial recognition
  • Iris scans linked to fingerprint records
  • Palm prints
  • Scars, marks, and tattoos
  • DNA profiles (separate CODIS database, linked)
  • Voice identification profiles

Who's in it:

  • Anyone arrested and fingerprinted
  • Federal employees requiring background checks
  • Military personnel
  • People applying for certain licenses
  • Non-citizens processed through immigration

Performance:

  • Fingerprint matching accuracy: 99.6%
  • Response time: seconds for most queries
  • Iris matching: automated search linked to fingerprint records

Data sharing: NGI exchanges biometric data with DHS (IDENT) and DoD (ABIS) under defined circumstances. State and local law enforcement can submit queries and receive results.

NGI replaced the older Integrated Automated Fingerprint Identification System (IAFIS) in 2014, expanding capabilities beyond fingerprints to multiple biometric modalities.

DHS IDENT and the HART Upgrade

The Automated Biometric Identification System (IDENT) is DHS's central biometric repository, the largest in the U.S. government [3].

IDENT capabilities:

  • 300+ million biometric profiles
  • ~500,000 queries processed daily
  • Fingerprint, face, and iris matching
  • Both one-to-one verification and one-to-many identification
  • Notification services alerting partners to encounters

Who uses it:

  • CBP (Customs and Border Protection)
  • ICE (Immigration and Customs Enforcement)
  • USCIS (Citizenship and Immigration Services)
  • TSA
  • Coast Guard
  • State and local law enforcement
  • Foreign governments (under agreements)

The HART upgrade:

DHS is replacing IDENT with the Homeland Advanced Recognition Technology (HART) system, a multi-billion-dollar cloud-based upgrade [4]:

  • All existing IDENT data plus expanded modalities
  • Scars, tattoos, and DNA in addition to fingerprints/face/iris
  • Cloud-based microservice architecture
  • Single unique identifier linking all data for each individual
  • Enhanced data sharing across agencies

HART has faced repeated delays and cost overruns. Originally planned for 2018, development continues under contractor Peraton. A 2023 GAO report cited incomplete cost estimates, outdated privacy assessments, and gaps in data-sharing governance.

Biometrics at the Border

CBP has built comprehensive biometric systems for entry and exit [5]:

Simplified Arrival (entry):

  • Facial comparison at airports and land ports
  • Compares traveler's face to passport/visa photo on file
  • Fully implemented in commercial air environment
  • 99%+ accuracy for operational systems

Biometric exit:

  • Facial recognition for departing travelers
  • Expanding to land borders
  • Tracks who leaves the country

Expanded collection (2025):

New DHS rules define "biometrics" to include:

  • Facial imagery (for recognition and comparison)
  • Fingerprints and palm prints
  • Ocular imagery (iris, retina, sclera)
  • Voice prints
  • DNA
  • Signature

Mobile collection:

ICE uses CBP's Mobile Fortify application for field collection of facial images, fingerprints, and metadata. The FBI's Mobile Biometric Application (MBA) allows agents to collect and transmit biometrics from mobile devices directly to NGI.

State DMV Photos: The Hidden Database

One of the largest facial recognition resources isn't a federal database, it's the combined driver's license photos from state DMVs [6].

Scale of access:

  • FBI has access to 641+ million face photos across databases
  • 27+ states allow FBI to search driver's license databases
  • 21 states allow federal agencies direct access
  • 39 states use facial recognition for their own DMV purposes

How it works:

  • Federal agents submit a photo to a state DMV
  • State runs facial recognition search against their database
  • Matching candidates returned to federal agency
  • Often done via administrative request, no warrant required

The legal basis:

ICE uses a two-decade-old law requiring DMVs to cooperate with law enforcement, written before facial recognition existed. States usually comply, often without informing residents.

State examples:

  • Florida: Longest-running facial recognition database; 250+ agencies have access
  • Arizona: Maricopa County Sheriff has access to entire ADOT database
  • Utah, Vermont, Washington: ICE has run searches of these DMV databases

Limited protections:

Some states with licenses for undocumented residents include protections limiting disclosure. New York's law includes multiple provisions protecting driver information. But most states have no such restrictions.

How the Systems Connect

Federal biometric systems don't operate in isolation, they share data extensively [7]:

FBI ↔ DHS:

  • NGI and IDENT exchange data under defined circumstances
  • Immigration encounters trigger criminal history checks
  • Arrests can trigger immigration status checks

FBI ↔ DoD:

  • Military biometrics flow to FBI databases
  • Battlefield captures checked against criminal records

Federal ↔ State/Local:

  • Local arrests submit fingerprints to NGI
  • State fusion centers share intelligence
  • Joint task forces access multiple databases

U.S. ↔ Foreign:

  • FBI expanding global biometric partnerships
  • Five Eyes sharing agreements
  • Interpol connectivity

The 2025 trend: convergence. Facial recognition databases, mobile collection tools, and backend systems aren't just expanding, they're integrating. HART will consolidate DHS biometrics under a single identifier per person, making it easier to build complete profiles.

What Biometrics Are Collected

Currently collected:

  • Fingerprints: 10-print and latent (crime scene) matching
  • Facial images: Mugshots, visa photos, driver's licenses, passport photos
  • Iris scans: Expanding at borders and in corrections
  • Palm prints: Collected at arrest, matched against crime scene evidence
  • Voice prints: Limited deployment
  • DNA: CODIS database for convicted offenders, expanding to arrestees

Expanding collection:

  • Scars, marks, tattoos: Searchable identifiers
  • Gait analysis: Identifying people by how they walk
  • Behavioral biometrics: Typing patterns, device usage

Who gets collected:

  • Everyone arrested (fingerprints, mugshot)
  • Everyone crossing a U.S. border (facial comparison, often fingerprints)
  • Everyone applying for a visa or immigration benefit
  • Everyone with a driver's license (photo in state database)
  • Many government employees and contractors (background checks)
  • TSA PreCheck/Global Entry applicants (fingerprints)

Accuracy and Bias Concerns

Claimed accuracy:

  • DHS: 99%+ accuracy for operational facial recognition systems
  • FBI: 99.6% fingerprint matching accuracy
  • High accuracy in controlled conditions (good lighting, frontal photos)

Real-world problems:

  • Studies show facial recognition performs worse on women and people with darker skin
  • Accuracy drops with poor image quality, angles, aging
  • False positives lead to wrongful arrests
  • GAO faulted FBI for not determining if state DMV searches are accurate enough

Documented failures:

  • Multiple cases of Black men wrongfully arrested based on facial recognition misidentification
  • ACLU test: Amazon Rekognition falsely matched 28 members of Congress to mugshots
  • Studies show error rates 10-100x higher for Black faces vs. white faces

High accuracy in aggregate statistics can mask significant disparities for specific demographic groups.

Oversight and Privacy

Legal framework:

  • No comprehensive federal biometric privacy law
  • Privacy Act of 1974 provides some protections for federal records
  • Privacy Impact Assessments required but often outdated
  • Limited judicial oversight of database queries

GAO findings (2023):

  • HART program has "significant shortcomings" in management
  • Incomplete cost and schedule estimates
  • Outdated privacy impact assessments
  • Gaps in data-sharing governance

Congressional oversight:

Limited. Biometric programs often expand without explicit congressional authorization. Oversight hearings occur but rarely result in binding restrictions.

What's missing:

  • No warrant requirement for facial recognition searches
  • No comprehensive audit of who accesses data
  • No meaningful consent for most collection
  • Limited ability to challenge inclusion in databases

Is Your Biometric Data in These Systems?

You're likely in these databases if you've:

  • Been arrested (fingerprints, mugshot → NGI)
  • Applied for a U.S. visa or immigration benefit (fingerprints, photo → IDENT)
  • Crossed a U.S. border (facial comparison, possibly fingerprints → IDENT)
  • Applied for Global Entry, TSA PreCheck, or SENTRI (fingerprints → multiple systems)
  • Worked for the federal government (fingerprints → NGI)
  • Applied for certain professional licenses
  • Have a driver's license in most states (photo → state DMV, accessible to FBI)

How to check:

  • FBI: Submit a Privacy Act request to CJIS Division for your NGI record
  • DHS: Submit a Privacy Act request to OBIM for your IDENT record
  • State DMV: Request your records from your state DMV

Note: You can request your own records, but challenging errors or requesting deletion is difficult. These are law enforcement systems with broad retention authorities.

The Bottom Line

The U.S. government has built the world's largest biometric surveillance infrastructure. Across FBI, DHS, DoD, and state DMVs, hundreds of millions of Americans and foreign nationals have their fingerprints, faces, and other biometric identifiers on file.

Key numbers:

  • 161+ million fingerprint records (FBI)
  • 300+ million biometric profiles (DHS)
  • 641+ million face photos accessible to FBI
  • ~500,000 queries processed daily by DHS alone

These systems were built incrementally, criminal justice, then immigration, then border security, then employment screening. Each expansion seemed reasonable in isolation. The result is comprehensive biometric coverage of the population.

The HART upgrade will consolidate DHS biometrics into a cloud-based system with a single identifier per person, expanded modalities (including DNA), and enhanced sharing capabilities. The trend is toward more collection, more integration, and more sharing.

There's no comprehensive federal law governing how these systems can be used, who can access them, or how long data is retained. Privacy protections exist on paper but enforcement is limited. Once your biometrics are in the system, they're likely there permanently.

The infrastructure is built. The question is how it will be used.

References

  1. DHS, Biometrics
  2. FBI, Next Generation Identification (NGI)
  3. DHS, Office of Biometric Identity Management
  4. DHS, HART Privacy Impact Assessment
  5. Biometric Update, 2025 Consolidation of America's Biometric Border
  6. Washington Post, FBI, ICE Find Driver's License Photos Are Gold Mine
  7. GAO, Biometric Identity System: DHS Needs to Address Shortcomings
  8. EFF, FBI's Next Generation Identification
  9. NILC, Face Recognition and Driver's License Photo Sharing
  10. EPIC, EPIC v. FBI: Next Generation Identification