Law enforcement officers in Maryland used facial recognition technology to identify the suspected shooter believed to be responsible for killing five staff members and injuring at least two others in the offices of newspaper company Capital Gazette last week.Authorities were able to ID the apparent shooter by taking a photo of the suspect in custody and running it through the Maryland Image Repository System (MIRS), a massive database that, according to documents obtained by Georgetown University, contains more than 10 million images taken from driver's licenses and mugshots.The system produced the name of the suspect, identified as Jarrod W. Ramos, a 38-year-old resident of Laurel, Maryland. Prior to being IDed through the database of faces, police had no way of determining the identity of the alleged shooter; he did not have identification on him, refused to cooperate with police, and law enforcement told CBS there were difficulties identifying him via his fingerprints. At one point, police claimed he intentionally damaged or mutilated his fingerprints to avoid being identified, but have since walked back that claim. Per The Verge, Anne Arundel County Police Chief Timothy Altomare said at a press conference Friday that, “we had lag getting answers on fingerprints is all I can tell you. …I don't know why it took us a little longer on the computer system. Computer systems do that.”With no other options available, the police opted for MIRS, which successfully identified Ramos-possibly because he may have had a mugshot in the system from when he was charged and convicted for harassment, an incident that the Capital Gazette covered. (Ramos would later unsuccessfully attempt to sue the paper for defamation. He appeared to regularly threaten the company's employees on social media.)The Baltimore Sun reported MIRS works by measuring specifics parts of a person's face-the width of their nose or the shape of their ear, for example-and comparing its dimensions to those of the millions of photos in its database. The software identifies potential matches, which law enforcement can use to determine the identity of a suspect.MIRS has been used before to help law enforcement identify criminals in the past, including a case earlier this month in which, according to theWall Street Journal, police ran an Instagram photo through the database to track down a robbery suspect.While the software appears to be effective, there are still lots of questions related to privacy concerns that are raised by the massive database of faces. For one, there is a considerable amount of access to the database provided to police. The Baltimore Sun reported that as many as 6,000 or 7,000 law enforcement officers have access to MIRS, and the system has been accessed more than 175 times in a week at one point. That amount of access can lead to misuse. In 2016, the ACLU accused the state of using MIRS without a warrant to identify people attending protests following the death of Freddie Gray. Documents from Georgetown University also show the system has never been audited, leaving one to wonder if there is much accountability for the system.It also seems likely that the database may include photos of people who have never committed a crime. MIRS incorporates the Maryland Motor Vehicle Administration's collection of driver's license photos, which includes anyone who has gone to the DMV to get a new license in the last seven years. Those people are unlikely to know they are consenting to have their photo added to a database used to identify suspected criminals. Beyond that, the database may include photos of people who were arrested but not convicted of a crime. Georgetown reported, “It's unclear if the [Maryland Department of Public Safety and Correctional Services] 'scrubs' its mug shot database to eliminate people who were never charged, had charges dropped or dismissed, or who were found innocent.”