Privacy Act of 1974; Systems of Records, 20708-20710 [E6-5968]

Agencies

• Office of the Secretary
• DEPARTMENT OF HOMELAND SECURITY

[Federal Register Volume 71, Number 77 (Friday, April 21, 2006)]
[Notices]
[Pages 20708-20710]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E6-5968]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

[DHS-2005-0053]


Privacy Act of 1974; Systems of Records

AGENCY: Department of Homeland Security; United States Customs and 
Border Protection.

ACTION: Notice of revision to and expansion of Privacy Act system of 
records.

-----------------------------------------------------------------------

[[Page 20709]]

SUMMARY: This notice announces a revision to and expansion of a 
previously-established Privacy Act system of records, the Global 
Enrollment System, to facilitate the creation of a consolidated 
database to collect biometric and biographic data for individuals who 
voluntarily exchange personally identifiable information in return for 
expedited transit at U.S. border entry points. The Global Enrollment 
System will enhance transportation security by affording United States 
Customs and Border Protection, the system owner, the opportunity to 
perform advanced screening on low-risk trusted travelers and to 
expedite the security screening process of these trusted travelers as 
their low-risk status is confirmed.

DATES: The revised System of Records will be effective May 22, 2006, 
unless comments are received that result in a contrary determination. 
The public is invited to comment on the proposed System of Records.

ADDRESSES: You may submit comments, identified by docket number DHS-
2005-0053 by one of the following methods:
     Federal eRulemaking Portal: https://www.regulations.gov. 
Follow the instructions for submitting comments.
     Fax: (202) 572-8727.
     Mail: Border Security Regulations Branch, Office of 
Regulations and Rulings, Bureau of Customs and Border Protection, Mint 
Annex, Washington, DC 20229; Maureen Cooney, Acting Chief Privacy 
Officer, Department of Homeland Security, 601 S. 12th Street, 
Arlington, VA 22202-4220.

FOR FURTHER INFORMATION CONTACT: If you have any questions about this 
notice, please contact Laurence Castelli, Chief, Privacy Act Policy and 
Procedures Branch, U.S. Customs and Border Protection, Washington, DC 
20229, Phone: (202) 572-8720, Fax (202) 572-8727; or Maureen Cooney, 
Acting Chief Privacy Officer, U.S. Department of Homeland Security, 
Arlington, VA 22202-4220, Phone: (571) 227-3813, Fax: (571) 227-4171.

SUPPLEMENTARY INFORMATION: United States Customs and Border Protection, 
a component agency of the Department of Homeland Security, currently 
operates multiple programs at Ports of Entry that offer individuals an 
expedited transit experience at United States security points in 
exchange for providing personally identifiable information to 
facilitate identification of the individual as a ``trusted traveler.'' 
The personally identifiable information now collected for these 
programs is currently maintained in the Global Enrollment System (GES), 
a Privacy Act system of records, notice of which was last published in 
the Federal Register on March 13, 1997, as Justice/INS-017 (62 FR 
11919).
    CBP inherited these Port of Entry expedited border-crossing 
programs upon the creation of DHS on March 1, 2003. These local 
programs were created by both the former Immigration and Naturalization 
Service and the former U.S. Customs Service to facilitate the regular 
and recurring border transit of individuals who voluntarily provide 
information to CBP in exchange for expedited processing at the border. 
The personally identifiable data collected for these programs is 
maintained in a legacy GES system, notice of which was originally 
published in the Federal Register at 62 FR 11919 on March 13, 1997 as 
Justice/INS-017.
    CBP is now consolidating these various programs, which have 
operated locally, into a national system as a means for both expanding 
the expedited border crossing benefit to approved participants and 
achieving greater uniformity in the criteria for admission to these 
programs. The information to be collected will continue to be provided 
primarily by applicants, and will consist of biographic data sufficient 
for program purposes and biometric data--currently envisioned to be 
fingerprints and photographs--that will be used for identity 
verification. In order to complete the enrollment process, the 
information from applicants will be used to query law enforcement and 
other databases in order for CBP to decide if an individual can be 
accepted as a low-risk, ``trusted traveler.'' There will be an 
opportunity for the individual to verify the accuracy of the 
information at enrollment. In addition, a redress program will be 
available so that if errors are made in decisions regarding applicants, 
a process is available to resolve these discrepancies.
    An enterprise-wide Global Enrollment System (GES) will centralize 
the application and enrollment functions for these programs in a way 
that is efficient, integrated and scalable. The proposed revisions to 
GES are expected to be part of the process by which CBP and the entire 
Department of Homeland Security, acting in concert with the Department 
of State and our international partners, adopts 21st century technology 
to improve the security of our borders while facilitating travel by 
United States citizens and foreign visitors.
    The Privacy Act (5 U.S.C. 552a) embodies fair information 
principles in a statutory framework governing the means by which the 
United States Government collects, maintains, uses and disseminates 
personally identifiable information. The Act applies to information 
that is maintained in a ``system of records.'' A ``system of records'' 
is a group of any records under the control of an agency from which 
information is retrieved by the name of the individual or by some 
identifying number, symbol, or other identifying particular assigned to 
the individual.
    The Privacy Act requires each agency to publish in the Federal 
Register a description of the type and character of each system of 
records that the agency maintains, and the routine uses for which such 
information may be disseminated and the purpose for which the system is 
maintained. The revised and consolidated Global Enrollment System is 
described below.
    In accordance with 5 U.S.C. 552a(r), a report of this revised 
system of records has been provided to the Office of Management and 
Budget (OMB) and to the Congress.
DHS/CBP-002

System Name:
    Global Enrollment System (GES).

System Location:
    This computer database is located at U.S. Customs and Border 
Protection (CBP) National Data Center in Washington, DC. Computer 
terminals are located at border ports of entry and airport and seaport 
inspection facilities under the jurisdiction of the Department of 
Homeland Security (DHS).

Categories of Individuals Covered by the System:
    Individuals who apply to use any form of automated or other 
expedited inspection for verifying eligibility to cross the borders 
into the United States.

Categories of Records in the System:
    The system contains application data such as full name, including 
nickname or other names used, place and date of birth, gender, current 
and former addresses, telephone numbers, country of citizenship, alien 
registration number (if applicable), employment history, biometric 
data, driver's license number and issuing state or province, the make, 
model, color, year, license number and license issuing state or 
province of the applicant's vehicle, the flag and home port (where the 
vessel is foreign flagged), name, registration number and registration 
issuing state or province of the applicant's vessel, the name and 
address of the vehicle's or vessel's registered owners if different 
from the applicant, and the amount of fee paid. The application may 
also include such

[[Page 20710]]

information as the frequency of border crossings or travel, and the 
most frequent reason for crossing the border or travel, information 
supplied by the applicant as to whether he or she has been arrested or 
convicted of any violations of law, and information obtained from 
checks of other law enforcement databases that would confirm or refute 
this information.

Authority for Maintenance of the System:
    8 U.S.C. 1101, 1103, 1201, 1304, and 1356.

Purpose(s):
    Information in this system is used to adjudicate applications to 
enter the United States by any available form of automated or other 
expedited inspection, including that offered to travelers arriving in 
the United States via dedicated commuter lanes, to pedestrians and 
vehicles arriving at ports of entry, to pedestrians and vehicles 
arriving at other lands borders, and to air and sea travelers.

Routine Uses of Records Maintained in the System, Including Categories 
of Users and the Purposes of Such Uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside DHS as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To Federal, State, local, foreign, international or tribal 
government agencies or organizations during the course of processing 
applications to elicit information necessary to make decisions on these 
applications.
    B. To appropriate Federal, State, local, foreign, international or 
tribal government agencies or organizations that are lawfully engaged 
in collecting intelligence or law enforcement information (whether 
civil, criminal or administrative) and/or charged with investigating, 
prosecuting, enforcing or implementing civil and/or criminal laws, 
related rules, regulations or orders, to enable these entities to carry 
out their law enforcement and intelligence responsibilities.
    C. To a Congressional office response to an inquiry from that 
Congressional office made at the request of the individual to whom the 
record pertains.
    D. To the National Archives and Records Administration or other 
federal government agencies pursuant to records management inspections 
being conducted under the authority of 44 U.S.C. 2904 and 2906.
    E. To the Department of Justice or other federal agency conducting 
litigation or proceedings before any court, adjudicative or 
administrative body, when: (a) DHS, or (b) any employee of DHS in his/
her official capacity, or (c) any employee of DHS in his/her individual 
capacity where DOJ or DHS has agreed to represent the employee, or (d) 
the United States or any agency thereof, is a party to the litigation 
or has an interest in such litigation.
    F. To contractors, grantees, experts, consultants, volunteers, and 
others performing or working on a contract, service, grant, cooperative 
agreement, or other assignment for the Federal government, when 
necessary to accomplish an agency function related to this system of 
records.
    G. To an agency, organization, or individual for the purposes of 
performing authorized audit or oversight operations.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, 
and Disposing of Records in the System:
Storage:
    Application information is maintained in paper form and in an 
automated database in electronic format.

Retrievability:
    These records are retrieved by name, address, vehicle license 
number or other personal identifier.

Safeguards:
    The system is protected through a multi-layer security approach. 
The protective strategies are physical, technical, administrative and 
environmental in nature and provide access control to sensitive data, 
physical access control to DHS facilities, confidentiality of 
communications, authentication of sending parties, and personnel 
screening to ensure that all personnel with access to data are screened 
through background investigations commensurate with the level of access 
required to perform their duties.

Retention and Disposal:
    The legacy GES system provides that records will be destroyed three 
years after the denial of an application as a ``trusted traveler'' or 
after an issued permit expires. In light of the changes to the program 
that are envisioned, CBP will work with its Records personnel to 
develop an appropriate retention schedule that accounts for both 
operational and privacy concerns.

System Manager and Address:
    Director, Passenger Systems Program Office, Office of Information 
and Technology, 1300 Pennsylvania Ave., NW., Washington, DC 20229.

Notification Procedures:
    To determine whether this system contains records relating to you, 
write to the CBP Customer Satisfaction Unit, Office of Field 
Operations, U.S. Customs and Border Protection, 1300 Pennsylvania 
Avenue, NW. (Room 5.5C), Washington, DC 20229.

Records Access Procedures:
    Requests for access must be in writing and should be addressed to 
CBP Customer Satisfaction Unit in the Office of Field Operations, or 
the DHS Director for Departmental Disclosure and FOIA. Requests should 
conform to the requirements of 6 CFR part 5, subpart B, which provides 
the rules for requesting access to Privacy Act records maintained by 
DHS. The envelope and letter should be clearly marked ``Privacy Act 
Access Request.'' The request should include a general description of 
the records sought and must include the requester's full name, current 
address, and date and place of birth. The request must be signed and 
either notarized or submitted under penalty of perjury.

Contesting Records Procedures:
    Same as Records Access Procedures above. State clearly and 
concisely the information being contested, the reasons for contesting 
it, and the proposed amendment to the information sought.

Record Source Categories:
    The primary source of information is the application. Other law 
enforcement records systems may be used as part of adjudicating the 
applications.

Exemptions Claimed for the System:
    Records and information in this system obtained from checks of 
other law enforcement databases are exempt from 5 U.S.C. 552a(c)(3), 
(c)(4), (d)(1), (d)(2), (d)(3), (d)(4), (e)(1), (e)(2), (e)(3), 
(e)(4)(G), (H), and (I), (5) and (8), (f), and (g) of the Privacy Act 
pursuant to 5 U.S.C. 552a(j)(2) and (k)(2). No exemptions are claimed 
for information obtained from an application or otherwise submitted by 
an applicant.

    Dated: April 13, 2006.
Maureen Cooney,
Acting Chief Privacy Officer.
[FR Doc. E6-5968 Filed 4-20-06; 8:45 am]
BILLING CODE 4410-10-P