Privacy Act of 1974; Department of Homeland Security, U.S. Customs and Border Protection, DHS/CBP-017 Analytical Framework for Intelligence (AFI) System of Records, 33753-33758 [2012-13813]
Download as PDF
Federal Register / Vol. 77, No. 110 / Thursday, June 7, 2012 / Notices
Time: 2:00 p.m. to 3:00 p.m.
Agenda: To review and evaluate grant
applications
Place: National Institutes of Health, One
Democracy Plaza, 6701 Democracy
Boulevard, Bethesda, MD 20892, (Telephone
Conference Call).
Contact Person: Barbara J. Nelson, Ph.D.,
Scientific Review Officer, Office of Grants
Management & Scientific Review, National
Center for Advancing Translational Sciences
(NCATS), National Institutes of Health, 6701
Democracy Blvd., Room 1080, 1 Dem. Plaza,
Bethesda, MD 20892–4874, 301–435–0806,
nelsonbj@mail.nih.gov.
Dated: June 1, 2012.
Jennifer S. Spaeth,
Director, Office of Federal Advisory
Committee Policy.
[FR Doc. 2012–13844 Filed 6–6–12; 8:45 am]
BILLING CODE 4140–01–P
DEPARTMENT OF HOMELAND
SECURITY
Office of the Secretary
[Docket No. DHS–2011–0113]
Privacy Act of 1974; Department of
Homeland Security, U.S. Customs and
Border Protection, DHS/CBP—017
Analytical Framework for Intelligence
(AFI) System of Records
Privacy Office, DHS.
Notice of Privacy Act system of
AGENCY:
ACTION:
records.
In accordance with the
Privacy Act of 1974, the Department of
Homeland Security proposes to
establish a new Department of
Homeland Security system of records
titled, ‘‘Department of Homeland
Security, U.S. Customs and Border
Protection, DHS/CBP—017 Analytical
Framework for Intelligence (AFI)
System of Records.’’ This system of
records will allow the Department of
Homeland Security/U.S. Customs and
Border Protection to improve border and
national security by providing AFI users
with a single platform for research,
analysis, and visualization of large
amounts of data from disparate sources
and maintaining the final analysis or
products in a single, searchable location
for later use as well as appropriate
dissemination. Additionally, the
Department of Homeland Security is
issuing a Notice of Proposed
Rulemaking concurrent with this system
of records elsewhere in the Federal
Register. This newly established system
will be included in the Department of
Homeland Security’s inventory of
record systems.
srobinson on DSK4SPTVN1PROD with NOTICES
SUMMARY:
VerDate Mar<15>2010
17:48 Jun 06, 2012
Jkt 226001
Submit comments on or before
July 9, 2012. This new system will be
effective July 9, 2012.
ADDRESSES: You may submit comments,
identified by docket number DHS–
2011–0113 by one of the following
methods:
• Federal e-Rulemaking Portal: https://
www.regulations.gov. Follow the
instructions for submitting comments.
• Fax: 703–483–2999.
• Mail: Mary Ellen Callahan, Chief
Privacy Officer, Privacy Office,
Department of Homeland Security,
Washington, DC 20528.
Instructions: All submissions received
must include the agency name and
docket number for this rulemaking. All
comments received will be posted
without change to https://www.
regulations.gov, including any personal
information provided.
Docket: For access to the docket to
read background documents or
comments received go to https://www.
regulations.gov.
FOR FURTHER INFORMATION CONTACT: For
general questions please contact:
Laurence E. Castelli (202–325–0280),
CBP Privacy Officer, Office of
International Trade, U.S. Customs and
Border Protection, Mint Annex, 799
Ninth Street NW., Washington, DC
20229. For privacy issues please
contact: Mary Ellen Callahan (703–235–
0780), Chief Privacy Officer, Privacy
Office, Department of Homeland
Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
DATES:
I. Background
In accordance with the Privacy Act of
1974, 5 U.S.C. 552a, the Department of
Homeland Security (DHS) U.S. Customs
and Border Protection (CBP) proposes to
establish a new DHS system of records
titled, ‘‘DHS/U.S. Customs and Border
Protection, DHS/CBP—017 Analytical
Framework for Intelligence (AFI)
System of Records.’’ CBP is publishing
this SORN because AFI is a group of
records under the control of CBP that
contains personally identifiable
information which is retrieved by a
unique identifier.
AFI enhances DHS’s ability to
identify, apprehend, and prosecute
individuals who pose a potential law
enforcement or security risk; and it aids
in the enforcement of customs and
immigration laws, and other laws
enforced by DHS at the border. AFI is
used for the purposes of: (1) Identifying
individuals, associations, or
relationships that may pose a potential
law enforcement or security risk,
targeting cargo that may present a threat,
and assisting intelligence product users
PO 00000
Frm 00051
Fmt 4703
Sfmt 4703
33753
in the field in preventing the illegal
entry of people and goods, or
identifying other violations of law; (2)
conducting additional research on
persons and/or cargo to understand
whether there are patterns or trends that
could assist in the identification of
potential law enforcement or security
risks; and (3) sharing finished
intelligence products developed in
connection with the above purposes
with DHS employees who have a need
to know the analysis in the intelligence
products in the performance of their
official duties and who have appropriate
clearances or permissions. Finished
intelligence products are tactical,
operational, and strategic law
enforcement intelligence products that
have been reviewed and approved for
sharing with finished intelligence
product users and authorities outside of
DHS, pursuant to routine uses.
To support its capability to efficiently
query multiple data sources, AFI creates
and maintains an index, which is a
portion of the necessary and relevant
data in existing operational DHS source
systems, by ingesting this data through
and from the Automated Targeting
System (ATS) and other source systems.
In addition to the index, AFI provides
AFI analysts with different tools that
assist in detecting trends, patterns, and
emerging threats, and in identifying
non-obvious relationships.
AFI improves the efficiency and
effectiveness of CBP’s research and
analysis process by providing a platform
for the research, collaboration, approval,
and publication of finished intelligence
products.
AFI provides a platform for preparing
responses to requests for information
(RFIs). AFI will centrally maintain the
requests, the research based on those
requests, and the response to those
requests. AFI allows analysts to perform
federated queries against external
systems of record, including those of
Department of State, the Department of
Justice/FBI, as well as publicly and
commercially available data sources,
and eventually, classified data. AFI also
enables an authorized user to search the
Internet for additional information that
may contribute to an intelligence
gathering and analysis effort. AFI
facilitates the sharing of finished
intelligence products within DHS and
tracks sharing outside of DHS.
Two principal types of users will
access AFI: DHS analysts and DHS
finished intelligence product users.
Analysts will use the system to obtain
a more comprehensive view of data
available to CBP, and then analyze and
interpret that data using the
visualization and collaboration tools
E:\FR\FM\07JNN1.SGM
07JNN1
srobinson on DSK4SPTVN1PROD with NOTICES
33754
Federal Register / Vol. 77, No. 110 / Thursday, June 7, 2012 / Notices
accessible in AFI. If an analyst finds
actionable terrorist, law enforcement, or
intelligence information, he may use
relevant information to produce a
report, create an alert, or take some
other appropriate action within DHS’s
mission and authorities. In addition to
using AFI as a workspace to analyze and
interpret data, analysts may submit or
respond to RFIs, assign tasks, or create
finished intelligence products based on
their research or in response to an RFI.
Finished intelligence product users are
officers, agents, and employees of DHS
who have been determined to have a
need to know the analysis in the
intelligence products in the
performance of their official duties and
who have appropriate clearances or
permissions. Finished intelligence
product users will have more limited
access to AFI, will not have access to
the research space or tools, and will
only view finished intelligence products
that analysts published in AFI. Finished
intelligence product users are not able
to query the data from the source
systems through AFI.
AFI performs extensive auditing that
records the search activities of all users
to mitigate any risk of authorized users
conducting searches for inappropriate
purposes. AFI also requires that analysts
re-certify annually any user-provided
information marked as containing PII to
ensure its continued relevance and
accuracy. Analysts will be prompted to
re-certify any documents that contain
PII which are not related to a finished
intelligence product. Information that is
not re-certified is automatically purged
from AFI. Account access is controlled
by AFI passing individual user
credentials to the originating system or
through a previously approved
certification process in another system
in order to minimize the risk of
unauthorized access. When an analyst
conducts a search for products, AFI will
only display those results that an
individual user has permission to view.
Consistent with DHS’s information
sharing mission, information stored in
AFI may be shared consistent with the
Privacy Act, including in accordance
with the routine uses, and applicable
laws as described below including
sharing with other DHS components
and appropriate federal, state, local,
tribal, territorial, foreign, multilateral, or
international government agencies. This
sharing will only take place after DHS
determines that the receiving
component or agency has a need to
know the information and the
information will be used consistent with
the Privacy Act, including the routine
uses set forth in this SORN, in order to
carry out national security, law
VerDate Mar<15>2010
17:48 Jun 06, 2012
Jkt 226001
enforcement, customs, immigration,
intelligence, or other authorized
functions.
Additionally, DHS is issuing a Notice
of Proposed Rulemaking to exempt this
system of records from certain
provisions of the Privacy Act, elsewhere
in the Federal Register. This newly
established system will be included in
DHS’ inventory of record systems.
II. Privacy Act
The Privacy Act embodies fair
information practice principles in a
statutory framework governing the
means by which the U.S. Government
collects, maintains, uses, and
disseminates individuals’ records. The
Privacy Act applies to information that
is maintained in a ‘‘system of records.’’
A ‘‘system of records’’ is a group of any
records under the control of an agency
for which information is retrieved by
the name of an individual or by some
identifying number, symbol, or other
identifying particular assigned to the
individual. In the Privacy Act, an
individual is defined to encompass U.S.
citizens and lawful permanent
residents. As a matter of policy (Privacy
Policy Guidance Memorandum 2007–1,
most recently updated January 7, 2009),
DHS extends administrative Privacy Act
protections to all persons, regardless of
citizenship, where a system of records
maintains information on U.S. citizens
and lawful permanent residents, as well
as visitors. Individuals may request
access to their own records that are
maintained in a system of records in the
possession or under the control of DHS
by complying with DHS Privacy Act
regulations, 6 CFR part 5.
Below is the description of the DHS/
CBP—017 Analytical Framework for
Intelligence (AFI) System of Records.
In accordance with 5 U.S.C. 552a(r),
DHS has provided a report of this
system of records to the Office of
Management and Budget and to
Congress.
System of Records
Department of Homeland Security
(DHS)/CBP—017 Analytical Framework
for Intelligence (AFI).
SYSTEM NAME:
U.S. Customs and Border Protection
(CBP) Analytical Framework for
Intelligence (AFI).
SECURITY CLASSIFICATION:
Unclassified, Sensitive, Classified.
SYSTEM LOCATION:
Records are maintained within the
Information Technology system called
the Analytical Framework for
PO 00000
Frm 00052
Fmt 4703
Sfmt 4703
Intelligence (AFI) at the CBP
Headquarters in Washington, DC, field
offices, and in locations overseas where
users are stationed.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
1. Persons who are the subject of,
related to, or associated with the subject
of a finished intelligence product.
2. Persons whose information is
responsive to a request for information
(RFI).
3. Persons whose information is
maintained in CBP systems described
under the ‘‘Record Source Categories’’
below that are being indexed by AFI,
such as:
A. Persons, including operators, crew
and passengers, who seek to, or do in
fact, enter, exit, or transit through the
United States or through other locations
where CBP maintains an enforcement or
operational presence.
B. Crew members traveling on
commercial aircraft that fly over the
United States.
C. Persons who are employed in or
who engage in any form of trade, the
transit of goods intended to cross the
United States border, or other
commercial transaction related to the
importation or exportation of
merchandise.
D. Persons who serve as booking
agents, brokers, or other persons who
provide information on behalf of
persons seeking to enter, exit, or transit
through the United States, or to enter,
exit or transit goods through the United
States.
E. Owners of vehicles that cross the
border.
F. Persons whose data was received
by the Department as the result of a
memorandum of understanding or other
information sharing agreement or
arrangement because the information is
relevant to the border security mission
of the Department.
G. Persons who were identified in a
narrative report, prepared by an officer
or agent, as being related to or
associated with other persons who are
alleged to be involved in, who are
suspected of, or who have been arrested
for violations of the laws enforced or
administered by DHS.
H. Persons who are alleged to be
involved in, who are suspected of, who
have been arrested for, or who are
victims of violations of the laws
enforced or administered by DHS.
I. Persons with outstanding wants and
warrants.
J. Persons associated with matches to
threshold targeting rules.
K. Persons who may pose a national
security, border security, or criminal
threat to the United States.
E:\FR\FM\07JNN1.SGM
07JNN1
Federal Register / Vol. 77, No. 110 / Thursday, June 7, 2012 / Notices
L. Persons who seek to board an
aircraft to travel internationally who
have been identified by the Centers for
Disease Control and Prevention (CDC),
U.S. Health and Human Services, as
‘‘No Boards’’ because of a highly
contagious communicable disease.
M. Persons traveling across U.S.
borders or through other locations
where CBP maintains an enforcement or
operational presence and who have a
nexus to a law enforcement action.
srobinson on DSK4SPTVN1PROD with NOTICES
CATEGORIES OF RECORDS IN THE SYSTEM:
AFI uses information from a variety of
federal and commercial systems. If
additional data is ingested and that
additional data does not require
amendment of the categories of records
in this SORN, the PIA for AFI will be
updated to reflect that information. The
updated PIA can be found at
www.dhs.gov/privacy. Information from
such source systems is incorporated into
AFI’s five general categories of records:
(1) Finished intelligence products:
Intelligence products refer to tactical,
operational, and strategic law
enforcement intelligence products
(hereinafter referred to as intelligence
products). They include intelligence
products that analysts have created
based on their research and analysis of
the source data contained in AFI and
published in the system to make
available as appropriate throughout CBP
and DHS.
(2) Requests for information (RFIs)
and tasks and responses: This includes
requests for information or tasks
(generic requests for work to be
performed) that have been submitted
through AFI. AFI will also store the
responses to RFIs and those responses
will fall in the same category of records
as the RFIs unless the AFI analyst
determines that a response should be
converted to a finished intelligence
product and makes it available more
broadly.
(3) Projects: This includes projects
created in AFI where an analyst can
store source data for visualization and
analysis and also share that information
with other designated users. Projects
may also contain analyst-compiled data
from the source data described below
and unfinished intelligence products
that have not yet been published.
(4) Index data: AFI ingests subsets or
portions of data from the CBP and DHS
systems described in ‘‘Record Source
Categories’’ and creates an index of the
searchable data elements, as described
below in ‘‘source data.’’ This index will
indicate which source system records
match the search term used, when a
response to a query is compiled.
VerDate Mar<15>2010
17:48 Jun 06, 2012
Jkt 226001
(5) Source data: AFI uses various
types of data from CBP systems and
other DHS systems as described in the
individual system of records notices
noted in ‘‘Record Source Categories’’
below. AFI also uses data from other
federal agency systems and commercial
data providers as noted in ‘‘Record
Source Categories.’’ Data elements may
include but are not limited to:
a. Name.
b. Alias.
c. Addresses.
d. Telephone and fax numbers.
e. Tax ID number (e.g., Employer
Identification Number (EIN) or Social
Security Number (SSN), where
available).
f. Seizure number.
g. Date and place of birth.
h. Gender.
i. Nationality.
j. Citizenship.
k. Physical characteristics, including
biometrics where available (e.g., height,
weight, race, eye and hair color, scars,
tattoos, marks, fingerprints).
l. Familial relationships and other
contact information.
m. Occupation and employment
information.
n. Information from documents used
to verify the identity of individuals (e.g.,
driver’s license, passport, visa, alien
registration, citizenship card, border
crossing card, birth certificate,
certificate of naturalization, re-entry
permit, military card, trusted traveler
cards) including the:
i. Type;
ii. Number;
iii. Date of issuance; and
iv. Place of issuance.
o. Travel information pertaining to
individuals, including:
i. Information derived from an
Electronic System for Travel
Authorization (ESTA) application
(where applicable) or I–94 arrival/
departure information, where
applicable;
ii. Travel itinerary (e.g., Passenger
Name Record (PNR)); Advance
Passenger Information System (APIS)
information; and land border records
including information submitted in
advance of arrival or departure);
iii. Date of arrival or departure, and
means of conveyance with associated
identification (e.g., Vehicle
Identification Number, year, make,
model, registration);
iv. Payment information;
v. Any admissibility determination;
and
vi. Law enforcement data associated
with an individual which is created by
CBP or other government agencies.
p. Information pertaining to the
importation and exportation of cargo
PO 00000
Frm 00053
Fmt 4703
Sfmt 4703
33755
and/or property, including but not
limited to bills of lading, manifests,
commodity type, and inspection and
examination results
q. Identity and geospatial information
obtained from commercial systems used
to cross reference information contained
in CBP systems
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Title II of the Homeland Security Act
of 2002 (Pub. L. 107–296), as amended
by the Intelligence Reform and
Terrorism Prevention Act of 2004 (Pub.
L. 108–458, 118 Stat. 3638); The Tariff
Act of 1930, as amended; The
Immigration and Nationality Act
(‘‘INA’’), 8 U.S.C. 1101, et seq.; the
Implementing Recommendations of the
9/11 Commission Act of 2007 (Pub. L.
110–53); the Antiterrorism and Effective
Death Penalty Act of 1996 (Pub. L. 104–
132, 110 Stat. 1214); SAFE Port Act of
2006 (Pub. L. 109–347); Aviation and
Transportation Security Act of 2001
(Pub. L. 107–71); 6 U.S.C. 202.
PURPOSE(S):
The purpose of this system is to
enhance DHS’s ability to: Identify,
apprehend, and/or prosecute
individuals who pose a potential law
enforcement or security risk; aid in the
enforcement of the customs and
immigration laws, and other laws
enforced by DHS at the border; and
enhance United States security.
AFI uses data to:
(1) Identify individuals, associations,
or relationships that may pose a
potential law enforcement or security
risk, target cargo that may present a
threat, and assist intelligence product
users in the field in preventing the
illegal entry of people and goods, or
identifying other violations of law;
(2) Allow analysts to conduct
additional research on persons and/or
cargo to understand whether there are
patterns or trends that could identify
potential law enforcement or security
risks; and
(3) Allow finished intelligence
product users with a need to know to
query or receive relevant finished
intelligence products.
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:
Source data are to be handled
consistent with the published system of
records notice as noted in ‘‘Source
Category Records.’’ Source data that is
not part of or incorporated into a
finished intelligence product, a
response to an RFI, project, or the index
shall not be disclosed out of AFI. The
routine uses below apply only to
E:\FR\FM\07JNN1.SGM
07JNN1
srobinson on DSK4SPTVN1PROD with NOTICES
33756
Federal Register / Vol. 77, No. 110 / Thursday, June 7, 2012 / Notices
finished intelligence products,
responses to RFIs, projects, and
responsive compilations of the index
and only as explicitly stated in each
routine use. In addition to those
disclosures generally permitted under 5
U.S.C. 552a(b) of the Privacy Act, all or
a portion of the AFI records contained
in this system may be disclosed outside
DHS as a routine use pursuant to 5
U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice (DOJ),
including U.S. Attorney Offices, or other
federal agency conducting litigation or
in proceedings before any court,
adjudicative or administrative body,
when it is necessary to the litigation and
one of the following is a party to the
litigation or has an interest in such
litigation:
1. DHS or any component thereof;
2. Any employee of DHS in his/her
official capacity;
3. Any employee of DHS in his/her
individual capacity where DOJ or DHS
has agreed to represent the employee; or
4. The U.S. or any agency thereof, is
a party to the litigation or has an interest
in such litigation, and DHS determines
that the records are both relevant and
necessary to the litigation and the use of
such records is compatible with the
purpose for which DHS collected the
records.
This routine use applies to finished
intelligence products, responses to RFIs,
projects, and responsive compilations of
the index.
B. To a congressional office from the
record of an individual in response to
an inquiry from that congressional office
made at the request of the individual to
whom the record pertains. This routine
use applies to finished intelligence
products, responses to RFIs, projects,
and responsive compilations of the
index.
C. To the National Archives and
Records Administration (NARA) or
other federal government agencies
pursuant to records management
inspections being conducted under the
authority of 44 U.S.C. 2904 and 2906
and for records that NARA maintains as
permanent records. This routine use
applies to finished intelligence
products, responses to RFIs, projects,
and responsive compilations of the
index.
D. To an agency, organization, or
individual for the purpose of performing
audit or oversight operations as
authorized by law, but only such
information as is necessary and relevant
to such audit or oversight function. This
routine use applies to finished
intelligence products, responses to RFIs,
projects, and responsive compilations of
the index.
VerDate Mar<15>2010
17:48 Jun 06, 2012
Jkt 226001
E. To appropriate agencies, entities,
and persons when:
1. DHS suspects or has confirmed that
the security or confidentiality of
information in the system of records has
been compromised;
2. DHS has determined that as a result
of the suspected or confirmed
compromise there is a risk of harm to
economic or property interests, identity
theft or fraud, or harm to the security or
integrity of this system or other systems
or programs (whether maintained by
DHS or another agency or entity) or
harm to the individuals that rely upon
the compromised information; and
3. The disclosure made to such
agencies, entities, and persons is
reasonably necessary to assist in
connection with DHS’ efforts to respond
to the suspected or confirmed
compromise and prevent, minimize, or
remedy such harm.
This routine use applies to finished
intelligence products, responses to RFIs,
projects, and responsive compilations of
the index.
F. To contractors and their agents,
grantees, experts, consultants, and
others performing or working on a
contract, service, grant, cooperative
agreement, or other assignment for DHS,
when necessary to accomplish an
agency function related to this system of
records. Individuals provided
information under this routine use are
subject to the same Privacy Act
requirements and limitations on
disclosure as are applicable to DHS
officers and employees. This routine use
applies to finished intelligence
products, responses to RFIs, projects,
and responsive compilations of the
index.
G. To the federal, state, local, tribal,
or foreign government agencies or
multilateral governmental organizations
that submit an RFI, in order to identify
individuals who present a risk to
national security or to identify,
apprehend, and/or prosecute
individuals who are suspected of
violating a law, where DHS has
information responsive to the RFI and
has determined that it is appropriate to
provide that information in response to
the RFI. This routine use applies to all
responses to RFIs.
H. To appropriate federal, state, local,
tribal, or foreign governmental agencies
or multilateral governmental
organizations responsible for
investigating or prosecuting the
violations of, or for enforcing or
implementing, a statute, rule,
regulation, order, license, agreement, or
treaty where DHS determines that the
information would assist in the
enforcement of civil or criminal laws.
PO 00000
Frm 00054
Fmt 4703
Sfmt 4703
This routine use applies only to finished
intelligence products.
I. To appropriate federal, state, local,
tribal, or foreign governmental agencies
or multilateral governmental
organizations for the purpose of
protecting the vital health interests of a
data subject or other persons (e.g. to
assist such agencies or organizations in
preventing exposure to or transmission
of a communicable or quarantinable
disease or to combat other significant
public health threats; appropriate notice
will be provided of any identified health
threat or risk). This routine use applies
only to finished intelligence products,
responses to RFIs, and responsive
compilations of the index.
J. To a court, magistrate, or
administrative tribunal in the course of
presenting evidence, including
disclosures to opposing counsel or
witnesses in the course of civil or
criminal discovery, litigation, or
settlement negotiations, or in response
to a subpoena from a court of competent
jurisdiction. This routine use applies to
all AFI records, which include finished
intelligence products, responses to RFIs,
projects, and responsive compilations of
the index.
K. To third parties during the course
of a law enforcement investigation to
the extent necessary to obtain
information pertinent to the
investigation. This routine use applies
only to finished intelligence products.
L. To a federal, state, local, tribal, or
foreign governmental agency or
multilateral governmental organization
for the purpose of consulting with that
agency or entity: (1) To assist in making
a determination regarding redress for an
individual in connection with the
operations of a DHS component or
program; (2) for the purpose of verifying
the identity of an individual seeking
redress in connection with the
operations of a DHS component or
program; or (3) for the purpose of
verifying the accuracy of information
submitted by an individual who has
requested such redress on behalf of
another individual. This routine use
applies only to finished intelligence
products and responses to RFIs.
M. To appropriate federal, state, local,
tribal, or foreign governmental agencies
or multilateral governmental
organizations when DHS reasonably
believes there to be a threat or potential
threat to national or international
security for which the information may
be relevant in countering the threat or
potential threat. This routine use
applies only to finished intelligence
products.
N. To a federal, state, tribal, or local
agency, or other appropriate entity or
E:\FR\FM\07JNN1.SGM
07JNN1
Federal Register / Vol. 77, No. 110 / Thursday, June 7, 2012 / Notices
individual, or foreign governments, in
order to provide relevant information
related to intelligence,
counterintelligence, or antiterrorism
activities authorized by U.S. law,
Executive Order, or other applicable
national security directive. This routine
use applies only to finished intelligence
products.
O. To an organization or individual in
either the public or private sector, either
foreign or domestic, where there is a
reason to believe that the recipient is or
could become the target of a particular
terrorist activity or conspiracy, or where
the information is relevant and
necessary to the protection of life or
property. This routine use applies only
to finished intelligence products.
P. To an appropriate federal, state,
local, tribal, foreign, or international
agency, if the information is relevant to
a requesting agency’s decision
concerning the hiring or retention of an
individual, or issuance of a security
clearance, license, contract, grant, or
other benefit, or if the information is
relevant to a DHS decision concerning
the hiring or retention of an employee,
the issuance of a security clearance, the
reporting of an investigation of an
employee, the letting of a contract, or
the issuance of a license, grant or other
benefit. This routine use applies only to
finished intelligence products.
Q. To the news media and the public,
with the approval of the Chief Privacy
Officer in consultation with counsel,
when there exists a legitimate public
interest in the disclosure of the
information or when disclosure is
necessary to preserve confidence in the
integrity of DHS or is necessary to
demonstrate the accountability of DHS’s
officers, employees, or individuals
covered by the system, except to the
extent it is determined that release of
the specific information in the context
of a particular case would constitute an
unwarranted invasion of personal
privacy. This routine use applies only to
finished intelligence products.
DISCLOSURE TO CONSUMER REPORTING
AGENCIES:
None.
srobinson on DSK4SPTVN1PROD with NOTICES
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records in this system are stored
electronically or on paper in secure
facilities in a locked drawer behind a
locked door. The records are stored on
magnetic disc, tape, digital media, and
CD–ROM.
VerDate Mar<15>2010
17:48 Jun 06, 2012
Jkt 226001
RETRIEVABILITY:
Records may be retrieved by any
search term, including name, personal
identifier, date, subject matter or other
criteria.
SAFEGUARDS:
Records in this system are
safeguarded in accordance with
applicable rules and policies, including
all applicable DHS automated systems
security and access policies. Two
principal types of users will access AFI:
DHS analysts and DHS finished
intelligence product users. DHS
Analysts will use the system to obtain
a more comprehensive view of data
available to CBP, and then analyze and
interpret that data using the
visualization and collaboration tools
accessible in AFI. Finished intelligence
product users are officers, agents, and
employees of DHS who have been
determined to have a need to know
based on their job description and
duties. Finished intelligence product
users will have more limited access to
AFI, will not have access to the research
space or tools, and will only view
finished tactical, operational, and
strategic intelligence products that
analysts published in AFI. Finished
intelligence product users are not able
to query the data from the source
systems through AFI. If a finished
intelligence product user requires the
source data in order to take action or
make a determination, he will be
required to go to the source data to
ensure that he is receiving the most
accurate data available.
Strict controls have been imposed to
minimize the risk of compromising the
information that is being stored. Access
to AFI is limited to those individuals
who have a need to know the
information for the performance of their
official duties and who have appropriate
clearances or permissions.
RETENTION AND DISPOSAL:
Source data contained in AFI that has
not been incorporated into a finished
intelligence product, response to an RFI,
or project will follow the retention
schedule set forth in the applicable
source data system of records notice, as
noted in ‘‘Record Source Categories’’
below.
AFI projects that do not contain PII
are retained for 30 years and are then
deleted. Projects containing PII must be
recertified annually for up to 30 years or
the entire record is purged from the
system. Requests for information (RFIs)
and responses to RFIs, excluding
finished intelligence products, are
retained for 10 years and are then
deleted. Finished intelligence products
PO 00000
Frm 00055
Fmt 4703
Sfmt 4703
33757
are retained in accordance with the
NARA-approved record retention
schedule by first maintaining the
products as active in the system for a
period of 20 years, and then transferring
the records to the National Archives for
permanent storage and retention. The
index is maintained within AFI as a
permanent feature. Any changes to
source system records, or the addition
or deletion of source system records,
will be reflected in corresponding
amendments to the AFI index as the
index is routinely updated. Legacy
indices that are part of a project,
responses to RFI, or finished
intelligence product are maintained as
part of those records.
SYSTEM MANAGER AND ADDRESS:
Director of Advanced Analytics &
Intelligence Systems, Office of
Intelligence and Investigative Liaison,
U.S. Customs and Border Protection,
Ronald Reagan Building and Director,
Targeting and Analysis, Systems
Program Office, Office of Information
and Technology, U.S. Customs and
Border Protection.
NOTIFICATION PROCEDURE:
The Secretary of Homeland Security
has exempted this system from the
notification, access, and amendment
procedures of the Privacy Act because it
is a law enforcement system. These
exemptions also apply to the extent that
information in this system of records is
recompiled or is created from
information contained in other systems
of records. To the extent that a record
is exempted in a source system, the
exemption will continue to apply.
However, CBP will consider individual
requests to determine whether or not
information may be released. After
conferring with the appropriate
component or agency, as applicable,
DHS may waive applicable exemptions
in appropriate circumstances and where
it would not appear to interfere with or
adversely affect the law enforcement
purposes of the systems from which the
information is recompiled or in which
it is contained. Additionally, CBP and
DHS are not exempting any records that
were ingested or indexed by AFI where
the source system of records already
provides access and/or amendment
under the Privacy Act. Individuals
seeking notification of and access to any
record contained in this system of
records, or seeking to contest its
content, may submit a request in writing
to the Headquarters or CBP’s FOIA
Officer, whose contact information can
be found at https://www.dhs.gov/foia
under ‘‘contacts.’’ If an individual
believes more than one component
E:\FR\FM\07JNN1.SGM
07JNN1
33758
Federal Register / Vol. 77, No. 110 / Thursday, June 7, 2012 / Notices
maintains Privacy Act records
concerning him or her the individual
may submit the request to the Chief
Privacy Officer, Department of
Homeland Security, 245 Murray Drive
SW., Building 410, STOP–0655,
Washington, DC 20528.
When seeking records about yourself
from this system of records or any other
Departmental system of records your
request must conform with the Privacy
Act regulations set forth in 6 CFR part
5. You must first verify your identity,
meaning that you must provide your full
name, current address and date and
place of birth. You must sign your
request, and your signature must either
be notarized or submitted under 28
U.S.C. 1746, a law that permits
statements to be made under penalty of
perjury as a substitute for notarization.
While no specific form is required, you
may obtain forms for this purpose from
the Director, Disclosure and FOIA
Operations, https://www.dhs.gov or 1–
703–235–0790. In addition you must:
• Provide an explanation of why you
believe the Department would have
information on you;
• Identify which component(s) of the
Department you believe may have the
information about you;
• Specify when you believe the
records would have been created;
• Provide any other information that
will help the FOIA staff determine
which DHS component agency may
have responsive records;
• If your request is seeking records
pertaining to another living individual,
include a statement from that individual
certifying his/her agreement for you to
access his/her records.
Without this bulleted information the
component(s) may not be able to
conduct an effective search, and your
request may be denied due to lack of
specificity or lack of compliance with
applicable regulations.
RECORD ACCESS PROCEDURES:
See ‘‘Notification procedure’’ above.
CONTESTING RECORD PROCEDURES:
See ‘‘Notification procedure’’ above.
srobinson on DSK4SPTVN1PROD with NOTICES
RECORD SOURCE CATEGORIES:
AFI receives records and incorporates
portions of records into an index of
those records. Records are incorporated
from the following CBP and DHS
systems:
• ATS (last SORN published at 72 FR
43650 (August 6, 2007));
• APIS (last SORN published at 73 FR
68435 (November 18, 2008));
• ESTA (last SORN published at 76
FR 67751 (November 2, 2011));
VerDate Mar<15>2010
17:48 Jun 06, 2012
Jkt 226001
• Border Crossing Information (BCI)
(last SORN published at 73 FR 43457
(July 25, 2008));
• TECS (last SORN published at 73
FR 77778 (December 19, 2008));
• Nonimmigrant Information System
(NIIS) (last SORN published at 73 FR
77739 (December 19, 2008));
• Seized Asset Case Tracking System
(SEACATS) (last SORN published at 73
FR 77764 (December 19, 2008));
• Department of Homeland Security/
All-030 Use of the Terrorist Screening
Database System of Records (last SORN
published at 76 FR 39408 (July 6,
2011));
• Enterprise Management Information
System—Enterprise Data Warehouse
(EMIS–EDW), including:
a. Arrival and Departure Form (I–94)
information from the Nonimmigrant
Information System (NIIS) (last SORN
published at 73 FR 77739 (December 19,
2008));
b. Currency or Monetary Instruments
Report (CMIR) obtained from TECS (last
SORN for TECS published at 73 FR
77778 (December 19, 2008));
c. Apprehension information and
National Security Entry-Exit Program
(NSEERS) information from ENFORCE
(last SORN published at 75 FR 23274
(May 3, 2010));
d. Seizure information from
SEACATS (last SORN published at 73
FR 77764 (December 19, 2008));
e. Student and Exchange Visitor
Information System (SEVIS) information
(last SORN published at 75 FR 412
(January 5, 2010)); and
AFI accesses records from the
following agencies, but the records are
not part of the index:
• Department of State;
• Department of Justice/FBI;
• Department of Treasury; and
• Commercial information from
commercial data providers and
geospatial data providers.
Additionally, AFI permits analysts to
upload and store any information from
any source including public and
commercial sources, which may be
relevant to projects, responses to RFIs,
or final intelligence products. Accepted
requests for information may come from
within or outside DHS where CBP
determines it has responsive
information and it is consistent with the
purposes of this system.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
For index data and source data, as
described under Categories of Records,
to the extent that a record is exempted
in a source system, the exemption will
continue to apply. To the extent there is
no exemption for giving access to a
record under the source system, CBP
PO 00000
Frm 00056
Fmt 4703
Sfmt 4703
will provide access to the information
maintained in AFI.
Finished intelligence products, RFIs,
tasks, and responses, and projects, as
described under Categories of Records,
pursuant to 5 U.S.C. 552a(j)(2) of the
Privacy Act, are exempt from the
following provisions of the Privacy Act:
5 U.S.C. 552a(c)(3) and (4); (d); (e)(1),
(e)(2), (e)(3), (e)(4)(G), (e)(4)(H), (e)(4)(I),
(e)(5) and (e)(8); (f); and (g).
Finished intelligence products, RFIs,
tasks, and responses, and projects, as
described under Categories of Records,
pursuant to 5 U.S.C. 552a(k)(1) and (2),
are exempt from the following
provisions of the Privacy Act: 5 U.S.C.
552a(c)(3), (d), (e)(1), (e)(4)(G), (e)(4)(H),
(e)(4)(I), and (f).
Dated: June 4, 2012.
Mary Ellen Callahan,
Chief Privacy Officer, Department of
Homeland Security.
[FR Doc. 2012–13813 Filed 6–6–12; 8:45 am]
BILLING CODE 9110–06–P
DEPARTMENT OF HOMELAND
SECURITY
U.S. Citizenship and Immigration
Services
Agency Information Collection
Activities: Form I–829, Extension of a
Currently Approved Information
Collection; Comment Request
60-Day Notice of Information
Collection Under Review: Form I–829,
Petition by Entrepreneur to Remove
Conditions.
ACTION:
The Department of Homeland
Security, U.S. Citizenship and
Immigration Services (USCIS) will be
submitting the following information
collection request for review and
clearance in accordance with the
Paperwork Reduction Act of 1995. The
information collection notice is
published to obtain comments from the
public and affected agencies. Comments
are encouraged and will be accepted for
60 days until August 6, 2012.
During this 60-day period, USCIS will
be evaluating whether to revise the
Form I–829. Should USCIS decide to
revise Form I–829, we will advise the
public when we publish the 30-day
notice in the Federal Register in
accordance with the Paperwork
Reduction Act. The public will then
have 30 days to comment on any
revisions to the Form I–829.
Written comments and suggestions
regarding items contained in this notice,
and especially with regard to the
estimated public burden and associated
E:\FR\FM\07JNN1.SGM
07JNN1
Agencies
[Federal Register Volume 77, Number 110 (Thursday, June 7, 2012)]
[Notices]
[Pages 33753-33758]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-13813]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
[Docket No. DHS-2011-0113]
Privacy Act of 1974; Department of Homeland Security, U.S.
Customs and Border Protection, DHS/CBP--017 Analytical Framework for
Intelligence (AFI) System of Records
AGENCY: Privacy Office, DHS.
ACTION: Notice of Privacy Act system of records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act of 1974, the Department of
Homeland Security proposes to establish a new Department of Homeland
Security system of records titled, ``Department of Homeland Security,
U.S. Customs and Border Protection, DHS/CBP--017 Analytical Framework
for Intelligence (AFI) System of Records.'' This system of records will
allow the Department of Homeland Security/U.S. Customs and Border
Protection to improve border and national security by providing AFI
users with a single platform for research, analysis, and visualization
of large amounts of data from disparate sources and maintaining the
final analysis or products in a single, searchable location for later
use as well as appropriate dissemination. Additionally, the Department
of Homeland Security is issuing a Notice of Proposed Rulemaking
concurrent with this system of records elsewhere in the Federal
Register. This newly established system will be included in the
Department of Homeland Security's inventory of record systems.
DATES: Submit comments on or before July 9, 2012. This new system will
be effective July 9, 2012.
ADDRESSES: You may submit comments, identified by docket number DHS-
2011-0113 by one of the following methods:
Federal e-Rulemaking Portal: https://www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 703-483-2999.
Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy
Office, Department of Homeland Security, Washington, DC 20528.
Instructions: All submissions received must include the agency name
and docket number for this rulemaking. All comments received will be
posted without change to https://www.regulations.gov, including any
personal information provided.
Docket: For access to the docket to read background documents or
comments received go to https://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: For general questions please contact:
Laurence E. Castelli (202-325-0280), CBP Privacy Officer, Office of
International Trade, U.S. Customs and Border Protection, Mint Annex,
799 Ninth Street NW., Washington, DC 20229. For privacy issues please
contact: Mary Ellen Callahan (703-235-0780), Chief Privacy Officer,
Privacy Office, Department of Homeland Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
I. Background
In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the
Department of Homeland Security (DHS) U.S. Customs and Border
Protection (CBP) proposes to establish a new DHS system of records
titled, ``DHS/U.S. Customs and Border Protection, DHS/CBP--017
Analytical Framework for Intelligence (AFI) System of Records.'' CBP is
publishing this SORN because AFI is a group of records under the
control of CBP that contains personally identifiable information which
is retrieved by a unique identifier.
AFI enhances DHS's ability to identify, apprehend, and prosecute
individuals who pose a potential law enforcement or security risk; and
it aids in the enforcement of customs and immigration laws, and other
laws enforced by DHS at the border. AFI is used for the purposes of:
(1) Identifying individuals, associations, or relationships that may
pose a potential law enforcement or security risk, targeting cargo that
may present a threat, and assisting intelligence product users in the
field in preventing the illegal entry of people and goods, or
identifying other violations of law; (2) conducting additional research
on persons and/or cargo to understand whether there are patterns or
trends that could assist in the identification of potential law
enforcement or security risks; and (3) sharing finished intelligence
products developed in connection with the above purposes with DHS
employees who have a need to know the analysis in the intelligence
products in the performance of their official duties and who have
appropriate clearances or permissions. Finished intelligence products
are tactical, operational, and strategic law enforcement intelligence
products that have been reviewed and approved for sharing with finished
intelligence product users and authorities outside of DHS, pursuant to
routine uses.
To support its capability to efficiently query multiple data
sources, AFI creates and maintains an index, which is a portion of the
necessary and relevant data in existing operational DHS source systems,
by ingesting this data through and from the Automated Targeting System
(ATS) and other source systems. In addition to the index, AFI provides
AFI analysts with different tools that assist in detecting trends,
patterns, and emerging threats, and in identifying non-obvious
relationships.
AFI improves the efficiency and effectiveness of CBP's research and
analysis process by providing a platform for the research,
collaboration, approval, and publication of finished intelligence
products.
AFI provides a platform for preparing responses to requests for
information (RFIs). AFI will centrally maintain the requests, the
research based on those requests, and the response to those requests.
AFI allows analysts to perform federated queries against external
systems of record, including those of Department of State, the
Department of Justice/FBI, as well as publicly and commercially
available data sources, and eventually, classified data. AFI also
enables an authorized user to search the Internet for additional
information that may contribute to an intelligence gathering and
analysis effort. AFI facilitates the sharing of finished intelligence
products within DHS and tracks sharing outside of DHS.
Two principal types of users will access AFI: DHS analysts and DHS
finished intelligence product users. Analysts will use the system to
obtain a more comprehensive view of data available to CBP, and then
analyze and interpret that data using the visualization and
collaboration tools
[[Page 33754]]
accessible in AFI. If an analyst finds actionable terrorist, law
enforcement, or intelligence information, he may use relevant
information to produce a report, create an alert, or take some other
appropriate action within DHS's mission and authorities. In addition to
using AFI as a workspace to analyze and interpret data, analysts may
submit or respond to RFIs, assign tasks, or create finished
intelligence products based on their research or in response to an RFI.
Finished intelligence product users are officers, agents, and employees
of DHS who have been determined to have a need to know the analysis in
the intelligence products in the performance of their official duties
and who have appropriate clearances or permissions. Finished
intelligence product users will have more limited access to AFI, will
not have access to the research space or tools, and will only view
finished intelligence products that analysts published in AFI. Finished
intelligence product users are not able to query the data from the
source systems through AFI.
AFI performs extensive auditing that records the search activities
of all users to mitigate any risk of authorized users conducting
searches for inappropriate purposes. AFI also requires that analysts
re-certify annually any user-provided information marked as containing
PII to ensure its continued relevance and accuracy. Analysts will be
prompted to re-certify any documents that contain PII which are not
related to a finished intelligence product. Information that is not re-
certified is automatically purged from AFI. Account access is
controlled by AFI passing individual user credentials to the
originating system or through a previously approved certification
process in another system in order to minimize the risk of unauthorized
access. When an analyst conducts a search for products, AFI will only
display those results that an individual user has permission to view.
Consistent with DHS's information sharing mission, information
stored in AFI may be shared consistent with the Privacy Act, including
in accordance with the routine uses, and applicable laws as described
below including sharing with other DHS components and appropriate
federal, state, local, tribal, territorial, foreign, multilateral, or
international government agencies. This sharing will only take place
after DHS determines that the receiving component or agency has a need
to know the information and the information will be used consistent
with the Privacy Act, including the routine uses set forth in this
SORN, in order to carry out national security, law enforcement,
customs, immigration, intelligence, or other authorized functions.
Additionally, DHS is issuing a Notice of Proposed Rulemaking to
exempt this system of records from certain provisions of the Privacy
Act, elsewhere in the Federal Register. This newly established system
will be included in DHS' inventory of record systems.
II. Privacy Act
The Privacy Act embodies fair information practice principles in a
statutory framework governing the means by which the U.S. Government
collects, maintains, uses, and disseminates individuals' records. The
Privacy Act applies to information that is maintained in a ``system of
records.'' A ``system of records'' is a group of any records under the
control of an agency for which information is retrieved by the name of
an individual or by some identifying number, symbol, or other
identifying particular assigned to the individual. In the Privacy Act,
an individual is defined to encompass U.S. citizens and lawful
permanent residents. As a matter of policy (Privacy Policy Guidance
Memorandum 2007-1, most recently updated January 7, 2009), DHS extends
administrative Privacy Act protections to all persons, regardless of
citizenship, where a system of records maintains information on U.S.
citizens and lawful permanent residents, as well as visitors.
Individuals may request access to their own records that are maintained
in a system of records in the possession or under the control of DHS by
complying with DHS Privacy Act regulations, 6 CFR part 5.
Below is the description of the DHS/CBP--017 Analytical Framework
for Intelligence (AFI) System of Records.
In accordance with 5 U.S.C. 552a(r), DHS has provided a report of
this system of records to the Office of Management and Budget and to
Congress.
System of Records
Department of Homeland Security (DHS)/CBP--017 Analytical Framework
for Intelligence (AFI).
System name:
U.S. Customs and Border Protection (CBP) Analytical Framework for
Intelligence (AFI).
Security classification:
Unclassified, Sensitive, Classified.
System location:
Records are maintained within the Information Technology system
called the Analytical Framework for Intelligence (AFI) at the CBP
Headquarters in Washington, DC, field offices, and in locations
overseas where users are stationed.
Categories of individuals covered by the system:
1. Persons who are the subject of, related to, or associated with
the subject of a finished intelligence product.
2. Persons whose information is responsive to a request for
information (RFI).
3. Persons whose information is maintained in CBP systems described
under the ``Record Source Categories'' below that are being indexed by
AFI, such as:
A. Persons, including operators, crew and passengers, who seek to,
or do in fact, enter, exit, or transit through the United States or
through other locations where CBP maintains an enforcement or
operational presence.
B. Crew members traveling on commercial aircraft that fly over the
United States.
C. Persons who are employed in or who engage in any form of trade,
the transit of goods intended to cross the United States border, or
other commercial transaction related to the importation or exportation
of merchandise.
D. Persons who serve as booking agents, brokers, or other persons
who provide information on behalf of persons seeking to enter, exit, or
transit through the United States, or to enter, exit or transit goods
through the United States.
E. Owners of vehicles that cross the border.
F. Persons whose data was received by the Department as the result
of a memorandum of understanding or other information sharing agreement
or arrangement because the information is relevant to the border
security mission of the Department.
G. Persons who were identified in a narrative report, prepared by
an officer or agent, as being related to or associated with other
persons who are alleged to be involved in, who are suspected of, or who
have been arrested for violations of the laws enforced or administered
by DHS.
H. Persons who are alleged to be involved in, who are suspected of,
who have been arrested for, or who are victims of violations of the
laws enforced or administered by DHS.
I. Persons with outstanding wants and warrants.
J. Persons associated with matches to threshold targeting rules.
K. Persons who may pose a national security, border security, or
criminal threat to the United States.
[[Page 33755]]
L. Persons who seek to board an aircraft to travel internationally
who have been identified by the Centers for Disease Control and
Prevention (CDC), U.S. Health and Human Services, as ``No Boards''
because of a highly contagious communicable disease.
M. Persons traveling across U.S. borders or through other locations
where CBP maintains an enforcement or operational presence and who have
a nexus to a law enforcement action.
Categories of records in the system:
AFI uses information from a variety of federal and commercial
systems. If additional data is ingested and that additional data does
not require amendment of the categories of records in this SORN, the
PIA for AFI will be updated to reflect that information. The updated
PIA can be found at www.dhs.gov/privacy. Information from such source
systems is incorporated into AFI's five general categories of records:
(1) Finished intelligence products: Intelligence products refer to
tactical, operational, and strategic law enforcement intelligence
products (hereinafter referred to as intelligence products). They
include intelligence products that analysts have created based on their
research and analysis of the source data contained in AFI and published
in the system to make available as appropriate throughout CBP and DHS.
(2) Requests for information (RFIs) and tasks and responses: This
includes requests for information or tasks (generic requests for work
to be performed) that have been submitted through AFI. AFI will also
store the responses to RFIs and those responses will fall in the same
category of records as the RFIs unless the AFI analyst determines that
a response should be converted to a finished intelligence product and
makes it available more broadly.
(3) Projects: This includes projects created in AFI where an
analyst can store source data for visualization and analysis and also
share that information with other designated users. Projects may also
contain analyst-compiled data from the source data described below and
unfinished intelligence products that have not yet been published.
(4) Index data: AFI ingests subsets or portions of data from the
CBP and DHS systems described in ``Record Source Categories'' and
creates an index of the searchable data elements, as described below in
``source data.'' This index will indicate which source system records
match the search term used, when a response to a query is compiled.
(5) Source data: AFI uses various types of data from CBP systems
and other DHS systems as described in the individual system of records
notices noted in ``Record Source Categories'' below. AFI also uses data
from other federal agency systems and commercial data providers as
noted in ``Record Source Categories.'' Data elements may include but
are not limited to:
a. Name.
b. Alias.
c. Addresses.
d. Telephone and fax numbers.
e. Tax ID number (e.g., Employer Identification Number (EIN) or
Social Security Number (SSN), where available).
f. Seizure number.
g. Date and place of birth.
h. Gender.
i. Nationality.
j. Citizenship.
k. Physical characteristics, including biometrics where available
(e.g., height, weight, race, eye and hair color, scars, tattoos, marks,
fingerprints).
l. Familial relationships and other contact information.
m. Occupation and employment information.
n. Information from documents used to verify the identity of
individuals (e.g., driver's license, passport, visa, alien
registration, citizenship card, border crossing card, birth
certificate, certificate of naturalization, re-entry permit, military
card, trusted traveler cards) including the:
i. Type;
ii. Number;
iii. Date of issuance; and
iv. Place of issuance.
o. Travel information pertaining to individuals, including:
i. Information derived from an Electronic System for Travel
Authorization (ESTA) application (where applicable) or I-94 arrival/
departure information, where applicable;
ii. Travel itinerary (e.g., Passenger Name Record (PNR)); Advance
Passenger Information System (APIS) information; and land border
records including information submitted in advance of arrival or
departure);
iii. Date of arrival or departure, and means of conveyance with
associated identification (e.g., Vehicle Identification Number, year,
make, model, registration);
iv. Payment information;
v. Any admissibility determination; and
vi. Law enforcement data associated with an individual which is
created by CBP or other government agencies.
p. Information pertaining to the importation and exportation of
cargo and/or property, including but not limited to bills of lading,
manifests, commodity type, and inspection and examination results
q. Identity and geospatial information obtained from commercial
systems used to cross reference information contained in CBP systems
Authority for maintenance of the system:
Title II of the Homeland Security Act of 2002 (Pub. L. 107-296), as
amended by the Intelligence Reform and Terrorism Prevention Act of 2004
(Pub. L. 108-458, 118 Stat. 3638); The Tariff Act of 1930, as amended;
The Immigration and Nationality Act (``INA''), 8 U.S.C. 1101, et seq.;
the Implementing Recommendations of the 9/11 Commission Act of 2007
(Pub. L. 110-53); the Antiterrorism and Effective Death Penalty Act of
1996 (Pub. L. 104-132, 110 Stat. 1214); SAFE Port Act of 2006 (Pub. L.
109-347); Aviation and Transportation Security Act of 2001 (Pub. L.
107-71); 6 U.S.C. 202.
Purpose(s):
The purpose of this system is to enhance DHS's ability to:
Identify, apprehend, and/or prosecute individuals who pose a potential
law enforcement or security risk; aid in the enforcement of the customs
and immigration laws, and other laws enforced by DHS at the border; and
enhance United States security.
AFI uses data to:
(1) Identify individuals, associations, or relationships that may
pose a potential law enforcement or security risk, target cargo that
may present a threat, and assist intelligence product users in the
field in preventing the illegal entry of people and goods, or
identifying other violations of law;
(2) Allow analysts to conduct additional research on persons and/or
cargo to understand whether there are patterns or trends that could
identify potential law enforcement or security risks; and
(3) Allow finished intelligence product users with a need to know
to query or receive relevant finished intelligence products.
Routine uses of records maintained in the system, including categories
of users and the purposes of such uses:
Source data are to be handled consistent with the published system
of records notice as noted in ``Source Category Records.'' Source data
that is not part of or incorporated into a finished intelligence
product, a response to an RFI, project, or the index shall not be
disclosed out of AFI. The routine uses below apply only to
[[Page 33756]]
finished intelligence products, responses to RFIs, projects, and
responsive compilations of the index and only as explicitly stated in
each routine use. In addition to those disclosures generally permitted
under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the AFI
records contained in this system may be disclosed outside DHS as a
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice (DOJ), including U.S. Attorney
Offices, or other federal agency conducting litigation or in
proceedings before any court, adjudicative or administrative body, when
it is necessary to the litigation and one of the following is a party
to the litigation or has an interest in such litigation:
1. DHS or any component thereof;
2. Any employee of DHS in his/her official capacity;
3. Any employee of DHS in his/her individual capacity where DOJ or
DHS has agreed to represent the employee; or
4. The U.S. or any agency thereof, is a party to the litigation or
has an interest in such litigation, and DHS determines that the records
are both relevant and necessary to the litigation and the use of such
records is compatible with the purpose for which DHS collected the
records.
This routine use applies to finished intelligence products,
responses to RFIs, projects, and responsive compilations of the index.
B. To a congressional office from the record of an individual in
response to an inquiry from that congressional office made at the
request of the individual to whom the record pertains. This routine use
applies to finished intelligence products, responses to RFIs, projects,
and responsive compilations of the index.
C. To the National Archives and Records Administration (NARA) or
other federal government agencies pursuant to records management
inspections being conducted under the authority of 44 U.S.C. 2904 and
2906 and for records that NARA maintains as permanent records. This
routine use applies to finished intelligence products, responses to
RFIs, projects, and responsive compilations of the index.
D. To an agency, organization, or individual for the purpose of
performing audit or oversight operations as authorized by law, but only
such information as is necessary and relevant to such audit or
oversight function. This routine use applies to finished intelligence
products, responses to RFIs, projects, and responsive compilations of
the index.
E. To appropriate agencies, entities, and persons when:
1. DHS suspects or has confirmed that the security or
confidentiality of information in the system of records has been
compromised;
2. DHS has determined that as a result of the suspected or
confirmed compromise there is a risk of harm to economic or property
interests, identity theft or fraud, or harm to the security or
integrity of this system or other systems or programs (whether
maintained by DHS or another agency or entity) or harm to the
individuals that rely upon the compromised information; and
3. The disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with DHS' efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
This routine use applies to finished intelligence products,
responses to RFIs, projects, and responsive compilations of the index.
F. To contractors and their agents, grantees, experts, consultants,
and others performing or working on a contract, service, grant,
cooperative agreement, or other assignment for DHS, when necessary to
accomplish an agency function related to this system of records.
Individuals provided information under this routine use are subject to
the same Privacy Act requirements and limitations on disclosure as are
applicable to DHS officers and employees. This routine use applies to
finished intelligence products, responses to RFIs, projects, and
responsive compilations of the index.
G. To the federal, state, local, tribal, or foreign government
agencies or multilateral governmental organizations that submit an RFI,
in order to identify individuals who present a risk to national
security or to identify, apprehend, and/or prosecute individuals who
are suspected of violating a law, where DHS has information responsive
to the RFI and has determined that it is appropriate to provide that
information in response to the RFI. This routine use applies to all
responses to RFIs.
H. To appropriate federal, state, local, tribal, or foreign
governmental agencies or multilateral governmental organizations
responsible for investigating or prosecuting the violations of, or for
enforcing or implementing, a statute, rule, regulation, order, license,
agreement, or treaty where DHS determines that the information would
assist in the enforcement of civil or criminal laws. This routine use
applies only to finished intelligence products.
I. To appropriate federal, state, local, tribal, or foreign
governmental agencies or multilateral governmental organizations for
the purpose of protecting the vital health interests of a data subject
or other persons (e.g. to assist such agencies or organizations in
preventing exposure to or transmission of a communicable or
quarantinable disease or to combat other significant public health
threats; appropriate notice will be provided of any identified health
threat or risk). This routine use applies only to finished intelligence
products, responses to RFIs, and responsive compilations of the index.
J. To a court, magistrate, or administrative tribunal in the course
of presenting evidence, including disclosures to opposing counsel or
witnesses in the course of civil or criminal discovery, litigation, or
settlement negotiations, or in response to a subpoena from a court of
competent jurisdiction. This routine use applies to all AFI records,
which include finished intelligence products, responses to RFIs,
projects, and responsive compilations of the index.
K. To third parties during the course of a law enforcement
investigation to the extent necessary to obtain information pertinent
to the investigation. This routine use applies only to finished
intelligence products.
L. To a federal, state, local, tribal, or foreign governmental
agency or multilateral governmental organization for the purpose of
consulting with that agency or entity: (1) To assist in making a
determination regarding redress for an individual in connection with
the operations of a DHS component or program; (2) for the purpose of
verifying the identity of an individual seeking redress in connection
with the operations of a DHS component or program; or (3) for the
purpose of verifying the accuracy of information submitted by an
individual who has requested such redress on behalf of another
individual. This routine use applies only to finished intelligence
products and responses to RFIs.
M. To appropriate federal, state, local, tribal, or foreign
governmental agencies or multilateral governmental organizations when
DHS reasonably believes there to be a threat or potential threat to
national or international security for which the information may be
relevant in countering the threat or potential threat. This routine use
applies only to finished intelligence products.
N. To a federal, state, tribal, or local agency, or other
appropriate entity or
[[Page 33757]]
individual, or foreign governments, in order to provide relevant
information related to intelligence, counterintelligence, or
antiterrorism activities authorized by U.S. law, Executive Order, or
other applicable national security directive. This routine use applies
only to finished intelligence products.
O. To an organization or individual in either the public or private
sector, either foreign or domestic, where there is a reason to believe
that the recipient is or could become the target of a particular
terrorist activity or conspiracy, or where the information is relevant
and necessary to the protection of life or property. This routine use
applies only to finished intelligence products.
P. To an appropriate federal, state, local, tribal, foreign, or
international agency, if the information is relevant to a requesting
agency's decision concerning the hiring or retention of an individual,
or issuance of a security clearance, license, contract, grant, or other
benefit, or if the information is relevant to a DHS decision concerning
the hiring or retention of an employee, the issuance of a security
clearance, the reporting of an investigation of an employee, the
letting of a contract, or the issuance of a license, grant or other
benefit. This routine use applies only to finished intelligence
products.
Q. To the news media and the public, with the approval of the Chief
Privacy Officer in consultation with counsel, when there exists a
legitimate public interest in the disclosure of the information or when
disclosure is necessary to preserve confidence in the integrity of DHS
or is necessary to demonstrate the accountability of DHS's officers,
employees, or individuals covered by the system, except to the extent
it is determined that release of the specific information in the
context of a particular case would constitute an unwarranted invasion
of personal privacy. This routine use applies only to finished
intelligence products.
Disclosure to consumer reporting agencies:
None.
Policies and practices for storing, retrieving, accessing, retaining,
and disposing of records in the system:
Storage:
Records in this system are stored electronically or on paper in
secure facilities in a locked drawer behind a locked door. The records
are stored on magnetic disc, tape, digital media, and CD-ROM.
Retrievability:
Records may be retrieved by any search term, including name,
personal identifier, date, subject matter or other criteria.
Safeguards:
Records in this system are safeguarded in accordance with
applicable rules and policies, including all applicable DHS automated
systems security and access policies. Two principal types of users will
access AFI: DHS analysts and DHS finished intelligence product users.
DHS Analysts will use the system to obtain a more comprehensive view of
data available to CBP, and then analyze and interpret that data using
the visualization and collaboration tools accessible in AFI. Finished
intelligence product users are officers, agents, and employees of DHS
who have been determined to have a need to know based on their job
description and duties. Finished intelligence product users will have
more limited access to AFI, will not have access to the research space
or tools, and will only view finished tactical, operational, and
strategic intelligence products that analysts published in AFI.
Finished intelligence product users are not able to query the data from
the source systems through AFI. If a finished intelligence product user
requires the source data in order to take action or make a
determination, he will be required to go to the source data to ensure
that he is receiving the most accurate data available.
Strict controls have been imposed to minimize the risk of
compromising the information that is being stored. Access to AFI is
limited to those individuals who have a need to know the information
for the performance of their official duties and who have appropriate
clearances or permissions.
Retention and disposal:
Source data contained in AFI that has not been incorporated into a
finished intelligence product, response to an RFI, or project will
follow the retention schedule set forth in the applicable source data
system of records notice, as noted in ``Record Source Categories''
below.
AFI projects that do not contain PII are retained for 30 years and
are then deleted. Projects containing PII must be recertified annually
for up to 30 years or the entire record is purged from the system.
Requests for information (RFIs) and responses to RFIs, excluding
finished intelligence products, are retained for 10 years and are then
deleted. Finished intelligence products are retained in accordance with
the NARA-approved record retention schedule by first maintaining the
products as active in the system for a period of 20 years, and then
transferring the records to the National Archives for permanent storage
and retention. The index is maintained within AFI as a permanent
feature. Any changes to source system records, or the addition or
deletion of source system records, will be reflected in corresponding
amendments to the AFI index as the index is routinely updated. Legacy
indices that are part of a project, responses to RFI, or finished
intelligence product are maintained as part of those records.
System Manager and address:
Director of Advanced Analytics & Intelligence Systems, Office of
Intelligence and Investigative Liaison, U.S. Customs and Border
Protection, Ronald Reagan Building and Director, Targeting and
Analysis, Systems Program Office, Office of Information and Technology,
U.S. Customs and Border Protection.
Notification procedure:
The Secretary of Homeland Security has exempted this system from
the notification, access, and amendment procedures of the Privacy Act
because it is a law enforcement system. These exemptions also apply to
the extent that information in this system of records is recompiled or
is created from information contained in other systems of records. To
the extent that a record is exempted in a source system, the exemption
will continue to apply. However, CBP will consider individual requests
to determine whether or not information may be released. After
conferring with the appropriate component or agency, as applicable, DHS
may waive applicable exemptions in appropriate circumstances and where
it would not appear to interfere with or adversely affect the law
enforcement purposes of the systems from which the information is
recompiled or in which it is contained. Additionally, CBP and DHS are
not exempting any records that were ingested or indexed by AFI where
the source system of records already provides access and/or amendment
under the Privacy Act. Individuals seeking notification of and access
to any record contained in this system of records, or seeking to
contest its content, may submit a request in writing to the
Headquarters or CBP's FOIA Officer, whose contact information can be
found at https://www.dhs.gov/foia under ``contacts.'' If an individual
believes more than one component
[[Page 33758]]
maintains Privacy Act records concerning him or her the individual may
submit the request to the Chief Privacy Officer, Department of Homeland
Security, 245 Murray Drive SW., Building 410, STOP-0655, Washington, DC
20528.
When seeking records about yourself from this system of records or
any other Departmental system of records your request must conform with
the Privacy Act regulations set forth in 6 CFR part 5. You must first
verify your identity, meaning that you must provide your full name,
current address and date and place of birth. You must sign your
request, and your signature must either be notarized or submitted under
28 U.S.C. 1746, a law that permits statements to be made under penalty
of perjury as a substitute for notarization. While no specific form is
required, you may obtain forms for this purpose from the Director,
Disclosure and FOIA Operations, https://www.dhs.gov or 1-703-235-0790.
In addition you must:
Provide an explanation of why you believe the Department
would have information on you;
Identify which component(s) of the Department you believe
may have the information about you;
Specify when you believe the records would have been
created;
Provide any other information that will help the FOIA
staff determine which DHS component agency may have responsive records;
If your request is seeking records pertaining to another
living individual, include a statement from that individual certifying
his/her agreement for you to access his/her records.
Without this bulleted information the component(s) may not be able
to conduct an effective search, and your request may be denied due to
lack of specificity or lack of compliance with applicable regulations.
Record access procedures:
See ``Notification procedure'' above.
Contesting record procedures:
See ``Notification procedure'' above.
Record source categories:
AFI receives records and incorporates portions of records into an
index of those records. Records are incorporated from the following CBP
and DHS systems:
ATS (last SORN published at 72 FR 43650 (August 6, 2007));
APIS (last SORN published at 73 FR 68435 (November 18,
2008));
ESTA (last SORN published at 76 FR 67751 (November 2,
2011));
Border Crossing Information (BCI) (last SORN published at
73 FR 43457 (July 25, 2008));
TECS (last SORN published at 73 FR 77778 (December 19,
2008));
Nonimmigrant Information System (NIIS) (last SORN
published at 73 FR 77739 (December 19, 2008));
Seized Asset Case Tracking System (SEACATS) (last SORN
published at 73 FR 77764 (December 19, 2008));
Department of Homeland Security/All-030 Use of the
Terrorist Screening Database System of Records (last SORN published at
76 FR 39408 (July 6, 2011));
Enterprise Management Information System--Enterprise Data
Warehouse (EMIS-EDW), including:
a. Arrival and Departure Form (I-94) information from the
Nonimmigrant Information System (NIIS) (last SORN published at 73 FR
77739 (December 19, 2008));
b. Currency or Monetary Instruments Report (CMIR) obtained from
TECS (last SORN for TECS published at 73 FR 77778 (December 19, 2008));
c. Apprehension information and National Security Entry-Exit
Program (NSEERS) information from ENFORCE (last SORN published at 75 FR
23274 (May 3, 2010));
d. Seizure information from SEACATS (last SORN published at 73 FR
77764 (December 19, 2008));
e. Student and Exchange Visitor Information System (SEVIS)
information (last SORN published at 75 FR 412 (January 5, 2010)); and
AFI accesses records from the following agencies, but the records
are not part of the index:
Department of State;
Department of Justice/FBI;
Department of Treasury; and
Commercial information from commercial data providers and
geospatial data providers.
Additionally, AFI permits analysts to upload and store any
information from any source including public and commercial sources,
which may be relevant to projects, responses to RFIs, or final
intelligence products. Accepted requests for information may come from
within or outside DHS where CBP determines it has responsive
information and it is consistent with the purposes of this system.
Exemptions claimed for the system:
For index data and source data, as described under Categories of
Records, to the extent that a record is exempted in a source system,
the exemption will continue to apply. To the extent there is no
exemption for giving access to a record under the source system, CBP
will provide access to the information maintained in AFI.
Finished intelligence products, RFIs, tasks, and responses, and
projects, as described under Categories of Records, pursuant to 5
U.S.C. 552a(j)(2) of the Privacy Act, are exempt from the following
provisions of the Privacy Act: 5 U.S.C. 552a(c)(3) and (4); (d);
(e)(1), (e)(2), (e)(3), (e)(4)(G), (e)(4)(H), (e)(4)(I), (e)(5) and
(e)(8); (f); and (g).
Finished intelligence products, RFIs, tasks, and responses, and
projects, as described under Categories of Records, pursuant to 5
U.S.C. 552a(k)(1) and (2), are exempt from the following provisions of
the Privacy Act: 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G),
(e)(4)(H), (e)(4)(I), and (f).
Dated: June 4, 2012.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2012-13813 Filed 6-6-12; 8:45 am]
BILLING CODE 9110-06-P