Fact Check: No proof Canadian citizens will face mandatory facial-recognition scans at US border

Claim:
Canadians entering the U.S. by car will face mandatory facial-recognition scans.
Rating:
In May 2025, claims (archived) circulated online that Canadians entering the U.S. by car would face mandatory facial-recognition scans.
A Facebook post on the topic read:
Canadians entering the U.S. by car will now undergo mandatory facial recognition checks, as part of expanded border security measures. U.S. Customs and Border Protection confirmed the rollout includes photographing travelers and comparing images to passport or visa records in real time. The move, already in place at airports, is now being implemented at land crossings to streamline identity verification and detect fraud. Privacy advocates warn the technology raises serious concerns about data use and oversight.
The claim was popular on Facebook (archived), but also appeared on (archived) Reddit (archived). Snopes readers also searched our site for information about the claim.
However, at the time of this writing, we found no credible reports that U.S. Customs and Border Protection was introducing new regulations to make facial-recognition scans mandatory for Canadian citizens (archived, archived, archived, archived). A CBP spokesperson told Snopes via email that "biometric data collection is not a new process." The spokesperson also confirmed that "Canadian and Bermudian citizens traveling as tourists on only a passport" were not required to comply with biometric testing, which can include facial scans, on entry and exit. Therefore, we rate this claim false.
We reached out to Global Affairs Canada and the Canada Border Services Agency to ask whether regulations around facial-recognition scans for Canadians entering the U.S. were due to become mandatory and await a reply.
The claim could be loosely based on a report by the technology-focused outlet Wired published on May 9, 2025. The report detailed CBP plans to expand existing efforts to use facial-recognition technology on travelers entering the U.S. by car to those exiting, as well. Other (archived) reports (archived) published later in May, nearer to when the claim circulated, also based their reporting on the Wired report.
That report, however, did not say that specifically Canadian travelers would be subjected to mandatory facial-recognition scans when entering the U.S. The claim took Wired reporting a step further by claiming that facial-recognition scans at the border were something new and would be mandatory.
Biometric facial-comparison technology — where cameras take a photo of a person's face as part of identity checks — was "in testing" for travelers crossing into the U.S. in "personally owned vehicles" in May 2025, according to CBP's website. Peace Bridge in Buffalo, New York, and Veterans-Los Tomates in Brownsville, Texas, were the only two locations listed on CBP's website that used facial biometric comparison technology on travelers in vehicles in May 2025. CBP said in September 2023 (Page 21) and in November 2024 that people traveling through Veterans-Los Tomates and Peace Bridge border crossings respectively could opt out of biometric testing if they wished during the test period.
CBP used facial biometric comparison technology to admit pedestrians at land border crossings in seven states in May 2025. The agency currently allows U.S. citizens to opt out of "facial photo capture" at border points that use this biometric data to process travelers.
The Intercept, a nonprofit investigative news organization, reported in August 2024 that CBP asked private-sector businesses to help it develop facial-recognition technology to identify and screen passengers inside a moving vehicle before it approached a border point.
CBP said in November 2024 it was testing a similar system to that described in The Intercept's report at the Peace Bridge point of entry on the U.S.-Canada border in New York. According to a news release, travelers could opt in to use designated "biometric" lanes when entering the U.S. at this crossing.
CBP said: "As travelers approach the vehicle lanes, the camera will attempt to take a photo of each occupant in the vehicle and match it to photos of those travelers already in government holdings, such as passport, visa, or prior encounters, to verify identity."
Travelers who wished to opt out could use alternative lanes where staff would continue to carry out the "standard manual document check," CBP said.
According to CBP's website, though it initially said this test would run until March 2025, vehicle biometric technology was still in use at the Peace Bridge entry point in May 2025. We found no evidence that using the designated biometric lanes at Peace Bridge was mandatory for Canadian citizens in May 2025.
However, a September 2023 Department of Homeland Security report (Page 11) on biometric technology at Brownsville points of entry said that once the system was "fully realized" only U.S. citizens and other "non-in scope travelers" could opt out. Some Canadian citizens could be included in "non-in scope travelers" as defined by Immigration and Nationality Act and thus still be able to opt out, the report said. This is in line with the CBP spokesperson's confirmation that Canadian citizens "traveling as tourists on only a passport" were exempt from biometric requirements at the U.S. border.
The DHS, which is CBP's parent agency, has been working toward a biometric entry-exit system to the U.S. since at least 2004, when it featured as one of the 9/11 Commission Report's (Page 389) recommendations.
8 USC 1101: Definitions. https://uscode.house.gov/view.xhtml?req=granuleid:USC-prelim-title8-section1101#=0&edition=prelim#:~:text=(B)%20an%20alien%20(other,or%20temporarily%20for%20pleasure%3B. Accessed 23 May 2025.
Biddle, Sam. "Homeland Security Still Dreams of Face Recognition at the Border." The Intercept, 27 Aug. 2004, https://archive.ph/N8wNq#selection-559.9-562.0.
Biometrics Locations: Land Border Ports of Entry | U.S. Customs and Border Protection. https://www.cbp.gov/travel/biometrics/locations/land-border-ports-of-entry. Accessed 23 May 2025.
Biometrics: Overview | U.S. Customs and Border Protection. https://www.cbp.gov/travel/biometrics/overview. Accessed 23 May 2025.
CBP Announces Facial Biometric Test for Inbound Vehicle Travelers at Buffalo, Peace Bridge Port of Entry | U.S. Customs and Border Protection. https://www.cbp.gov/newsroom/local-media-release/cbp-announces-facial-biometric-test-inbound-vehicle-travelers-buffalo. Accessed 23 May 2025.
Department of Homeland Security. Privacy Impact Assessment Update for the Automated Commercial Environment (ACE) Modernization. 26 Sept. 2023, https://www.dhs.gov/sites/default/files/2023-09/23_0926_privacy-p%E2%81%AEia-cbp003c-acemodernizations.pdf.
Haskins, Caroline. "US Border Agents Are Asking for Help Taking Photos of Everyone Entering the Country by Car." WIRED, 6 May 2025, https://archive.ph/4I1GM#selection-455.0-460.0.
---. "US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car." WIRED, 9 May 2025, https://archive.ph/ngDNh#selection-455.0-460.0.
Mandatory Facial Recognition Scans Us Canada - Google Search. https://www.google.com/search?sca_esv=237638b250c80c54&rlz=1C5CHFA_enGB1138GB1138&q=mandatory+facial+recognition+scans+us+canada&tbm=nws&source=lnms&fbs=AIIjpHxU7SXXniUZfeShr2fp4giZ1Y6MJ25_tmWITc7uy4KIeqDdErwP5rACeJAty2zADJgYJpo1blvMpITBRgbnARM69TTwvvH-eOrrmkPmiC48hn9CUNQ4JZ2TOsEIOgvK2IAoHx7UEPHuZIoFgWSLI2a7JIZGhsNxVC82t_bFSO_jgnxghhv_sRbByYHItWk1DKcZ748DqiWjIj8fkNmRrqxb9uyPYA&sa=X&ved=2ahUKEwiThKXTqLqNAxVChv0HHceKJMsQ0pQJegQIExAB&biw=1920&bih=849&dpr=2. Accessed 23 May 2025.
Mandatory Facial Recognition Scans Us Canada - Search News. https://www.bing.com/news/search?q=mandatory+facial+recognition+scans+us+canada&FORM=HDRSC7. Accessed 23 May 2025.
Mandatory Facial Recognition Scans Us Canada - Yahoo Search Results. https://uk.news.search.yahoo.com/search;_ylt=AwrLBm9fyzBoEwIAh.ZLBQx.;_ylu=Y29sbwNpcjIEcG9zAzEEdnRpZAMEc2VjA3BpdnM-?p=mandatory+facial+recognition+scans+us+canada&fr2=piv-web&fr=yfp-t. Accessed 23 May 2025.
Mandatory Facial Recognition Scans Us Canada at DuckDuckGo. https://duckduckgo.com/?q=mandatory+facial+recognition+scans+us+canada&t=h_&iar=news. Accessed 23 May 2025.
Silvestre, Irish Mae. "U.S. Border Agents Will Force Canadians to Undergo Facial Recognition Checks." blogTO, https://dailyhive.com/canada/us-border-cbp-facial-biometrics. Accessed 23 May 2025.
---. "U.S. Border Control's Facial Biometrics Plans Will Affect Canadians | National." Daily Hive, https://dailyhive.com/canada/us-border-cbp-facial-biometrics. Accessed 23 May 2025.
The 9/11 Commission. 12. What To Do? A Global Strategy. 22 July 2004, https://govinfo.library.unt.edu/911/report/911Report_Ch12.pdf.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Hamilton Spectator

9 hours ago

• Hamilton Spectator

Don't regulate us like radio, music streamer Spotify tells CRTC

OTTAWA - Music streamer Spotify says Canada's federal broadcast regulator shouldn't impose rules meant for radio on streaming services. Appearing before a CRTC hearing Friday, company representatives compared regulating Spotify like a radio station to treating Uber like a horse and buggy operation. 'To apply yesterday's tools to today's platforms risks dulling Canada's success on the global music stage,' said Xenia Manning, Spotify's director of global music policy. 'It is essential to assess whether a real problem exists that justifies regulatory intervention. In our view, the evidence is clear. There is no market failure in audio streaming that would warrant intervention by the CRTC.' In its written submission, Spotify argued the CRTC doesn't have the jurisdiction to extend rules governing commercial negotiations and disputes in the broadcast sector to online players. Spotify said the Broadcasting Act doesn't give the CRTC the authority to 'regulate the terms of trade between online undertakings, including good faith negotiations and commercial disputes.' It said the CRTC's proposals 'would see it imposing dispute resolution and commercial negotiation requirements on online undertakings that are plainly outside the scope of broadcasting.' The CRTC is holding a hearing on market dynamics as part of its work to implement the Online Streaming Act, which updated broadcasting laws to capture online platforms. During the hearing, large telecom and broadcasting companies like Bell and Rogers called on the CRTC to loosen existing rules for traditional players. They took aim at regulations governing how cable channels must be packaged and disputes about carriage of cable channels. Bell, which appeared Wednesday, asked the CRTC to get rid of the rule the regulator implemented nearly a decade ago requiring companies to offer a $25 basic cable package. In its opening statement Friday, Rogers asked the CRTC to dramatically reduce regulation of cable companies. Colette Watson, president of Rogers' media division, said less than half of Canadian households now subscribe to cable, satellite or IPTV service. 'Canadian ownership groups cannot survive another decade of disproportionate regulation,' she said. The CRTC is holding a series of hearings as part of its work under the Online Streaming Act. Spotify, along with Amazon and Apple, is fighting in court an earlier order requiring streamers to make CRTC-ordered financial contributions to Canadian content and news. This report by The Canadian Press was first published June 20, 2025.

Yahoo

10 hours ago

• Yahoo

Billions of login credentials have been leaked online, Cybernews researchers say

NEW YORK (AP) — Researchers at cybersecurity outlet Cybernews say that billions of login credentials have been leaked and compiled into datasets online, giving criminals 'unprecedented access' to accounts consumers use each day. According to a report published this week, Cybernews researchers have recently discovered 30 exposed datasets that each contain a vast amount of login information — amounting to a total of 16 billion compromised credentials. That includes user passwords for a range of popular platforms including Google, Facebook and Apple. Sixteen billion is roughly double the amount of people on Earth today, signaling that impacted consumers may have had credentials for more than one account leaked. Cybernews notes that there are most certainly duplicates in the data and so 'it's impossible to tell how many people or accounts were actually exposed.' It's also important to note that the leaked login information doesn't span from a single source, such as one breach targeting a company. Instead, it appears that the data was stolen through multiple events over time, and then compiled and briefly exposed publicly, which is when Cybernews reports that its researchers discovered it. Various infostealers are most likely the culprit, Cybernews noted. Infostealers are a form of malicious software that breaches a victim's device or systems to take sensitive information. Many questions remain about these leaked credentials, including whose hands the login credentials are in now. But, as data breaches become more and more common in today's world, experts continue to stress the importance of maintaining key 'cyber hygiene.' If you're worried about your account data potentially being exposed in a recent breach, the first thing you can do is change your password — and avoid using the same or similar login credentials on multiple sites. If you find it too hard to memorize all your different passwords, consider a password manager or passkey. And also add multifactor authentication, which can serve as a second layer of verification through your phone, email or USB authenticator key.

Yahoo

10 hours ago

• Yahoo

A massive trove of 16 billion stolen passwords was discovered — here's what to do

Researchers say they uncovered a massive data leak exposing 16 billion login credentials. The leak involves logins for platforms like Apple, Gmail, and Facebook, posing security risks. Companies advise using two-step authentication and passkeys to protect your accounts. Researchers say they've uncovered one of the largest data leaks in history that involves many popular platforms. The leak includes nearly 16 billion login credentials that could give cybercriminals access to social media and business platforms such as Apple, Gmail, Telegram, Facebook, GitHub, and more, researchers at Cybernews said this week. Bad actors now have "unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing," the researchers said. The number of exposed people or accounts is unknown. The researchers said the data likely comes from malicious software known as infostealers. "What's especially concerning is the structure and recency of these datasets — these aren't just old breaches being recycled. This is fresh, weaponizable intelligence at scale," the researchers said. Cybernews said researchers uncovered the leak when the datasets were exposed for a short period of time. It follows the May discovery of a database containing more than 184 million credentials, including Apple, Facebook, and Google logins, Wired earlier reported. If you're nervous that your logins are at risk, there are steps you can take to make your account safer. You can't unring the bell of an information leak. However, you can take steps to identify if your credentials have been involved in any data breaches and protect yourself in the future. You can check sites like Have I Been Pwned to see if your email has appeared in a data breach. Turning on two-step authentication for your accounts can also help protect them from unauthorized access. Platforms also offer resources to help users secure their accounts. Google encourages users to use protections that don't require a password, like a passkey. It's one of the tech giants, along with Apple, Amazon, and Microsoft, that have been working to move users away from passwords to help secure their accounts. For those who prefer to stick with passwords, Google's password manager can store login credentials and notify users if they appear in a breach, a spokesperson told Business Insider. There's also Google's dark web report, a free tool that tracks whether personal information is floating around in online databases. GitHub, an online coding platform, offers developers a guide on how to implement safety measures in their organizations. The site recommends creating a security policy, having strict password guidelines, and requiring two-factor authorization. The data leak included logs — "often with tokens, cookies, and metadata," which makes it "particularly dangerous for organizations lacking multi-factor authentication or credential hygiene practices," the Cybernews team said. Meta offers a Privacy Checkup tool for users to review their privacy and security account settings. There, you can turn on two-factor authentication and ensure Meta alerts you of unusual logins. Meanwhile, Telegram said its primary login method sends a one-time password to users over SMS. "As a result, this is far less relevant for Telegram users compared to other platforms where the password is always the same," a Telegram spokesperson told BI about the data leak. Apple, GitHub, and Meta did immediately respond to a request for comment on the data leak. Google said it was directing users to some of the security resources above. Read the original article on Business Insider