Published Privacy Impact Assessments on the Web, 46100-46102 [2012-18813]

Agencies

• DEPARTMENT OF HOMELAND SECURITY
• Office of the Secretary

[Federal Register Volume 77, Number 149 (Thursday, August 2, 2012)]
[Notices]
[Pages 46100-46102]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-18813]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary


Published Privacy Impact Assessments on the Web

AGENCY: Privacy Office, DHS.

ACTION: Notice of publication of Privacy Impact Assessments (PIA).

-----------------------------------------------------------------------

SUMMARY: The Privacy Office of the Department of Homeland Security (DHS 
or Department) is making available fifteen new or updated PIAs on 
various programs and systems in DHS. These assessments were approved 
and published on the Privacy Office's Web site between March 1, 2012 
and May 31, 2012.

DATES: The PIAs will be available on the DHS Web site until October 1, 
2012, after which they may be obtained by contacting the DHS Privacy 
Office (contact information below).

FOR FURTHER INFORMATION CONTACT: Mary Ellen Callahan, Chief Privacy 
Officer, Department of Homeland Security, Washington, DC 20528, or 
email: pia@hq.dhs.gov.

SUPPLEMENTARY INFORMATION: Between March 1, 2012 and May 31, 2012, the 
Department's Chief Privacy Officer approved and published fifteen 
Privacy Impact Assessments (PIAs) on the DHS Privacy Office Web site, 
www.dhs.gov/privacy, under the link for ``Privacy Impact Assessments.'' 
These PIAs cover fifteen separate DHS programs and systems. Below is a 
short summary of those programs and systems, indicating the responsible 
DHS component and the date on which the PIA was approved. Additional 
information can be found on the Web site or by contacting the Privacy 
Office.
    System: DHS/USSS/PIA-009 Field Investigative Reporting System 
(FIRS).
    Component: United States Secret Service (USSS).
    Date of approval: March 7, 2012.
    The USSS has created the Field Investigative Reporting System 
(FIRS). The USSS's Criminal Investigative Division is the business 
owner of FIRS. FIRS consists of seven applications for the reporting of 
law enforcement activities that fall within the USSS's jurisdiction, 
such as investigating counterfeiting and electronic crimes. The USSS 
completed this PIA because FIRS is a new system that contains PII about 
the subjects of criminal investigations.
    System: DHS/NPPD/PIA-010(a) Federal Protective Service (FPS) 
Dispatch Incident Records Management System Update.
    Component: National Protection and Programs Directorate (NPPD).
    Date of approval: March 13, 2012.
    The PIA updates the NPPD's FPS Dispatch and Incident Record 
Management Systems to add the Field Interview Report (FIR) system to 
its suite of records management systems and to include administrative 
changes to the existing PIA. FPS uses the FIR system to collect and 
analyze information from field interviews, contacts, and stops at 
protected federal facilities around the country that have been 
identified as a significant vulnerability. NPPD updated this PIA 
because this new FIR system provides a new mechanism to collect 
additional/new PII about members of the public.
    System: DHS/MGMT/PIA-006 Email Secure Gateway (EMSG).
    Component: Directorate for Management.
    Date of approval: March 22, 2012.
    The Department manages and operates the EMSG, which is used by all 
DHS email users. This service was previously managed under the DHS 
Directory Services Electronic Mail System. EMSG handles email traffic 
in, out, and between DHS, its components, and the Internet, and 
provides a directory of users' official contact information. This PIA 
was conducted to assess the risk associated with the PII that is 
received and processed within the EMSG system. This PIA does not cover 
the PII that may be contained within the body of an email or 
attachment.
    System: DHS/FEMA/PIA-021 Advanced Call Center Network (ACCN) 
Platform.
    Component: Federal Emergency Management Agency (FEMA).
    Date of approval: March 4, 2012.
    FEMA, Office of Response and Recovery, Recovery Directorate, 
Individual Assistance Division, operates the ACCN Platform. ACCN 
provides intelligent call routing for FEMA's National Processing and 
Service Centers in support of disaster survivors who are applicants for 
FEMA individual assistance (``individual assistance disaster 
applicants''). The purpose of this system is to provide applicants 
requesting assistance under the Robert T. Stafford Disaster Relief and 
Emergency Assistance Act, the highest quality of technology and support 
services. FEMA conducted this PIA because ACCN uses individual 
assistance disaster applicants' PII to provide status updates regarding 
their individual assistance disaster application.
    System: DHS/FEMA/PIA-022 Student Training/Exercise Application and 
Registration Records (STARRS).
    Component: FEMA.
    Date of approval: March 29, 2011.
    FEMA collects, uses, maintains, retrieves, and disseminates STARRS 
of training sponsors, hosts, and attendees and conducts numerous 
training and exercise programs/systems, including conferences and 
seminars hosted by FEMA, in support of its mission. These programs 
collect PII to register individuals for the respective training and 
exercise programs/systems; coordinate field exercises; and support the 
general administration of all registration, training, and exercise 
delivery and course evaluation for FEMA employees, contractors, members 
of the first responder community, and others. Where possible, FEMA's 
training and exercise programs/systems collect non-sensitive PII such 
as contact information, business card information, biographies, and 
phone lists; however some programs and systems collect Sensitive PII 
(SPII) such as Social Security Numbers, performance information, 
financial information, name plus date of birth, and medical information 
because of the nature of the training or exercise program. This PIA 
documents how FEMA collects, uses, maintains, retrieves, and 
disseminates both PII and SPII in support of its training and exercise 
missions.
    System: DHS/USSS/PIA-010 Enterprise Investigative System (EIS).
    Component: USSS.
    Date of approval: March 30, 2012.
    The USSS uses EIS to collect information about ongoing and resolved 
investigative cases and about individuals seeking access to USSS -
protected events. EIS is a compilation of six applications that reside 
on the USSS mainframe computer system. These applications are used 
collectively to protect the integrity of the nation's financial systems 
and are managed by several entities within the Office of 
Investigations. This PIA was conducted because EIS collects PII.
    System: DHS/ICE/PIA-006(b) Data Analysis and Research for Trade 
Transparency System (DARTTS) Update.
    Component: Immigration and Customs Enforcement (ICE).
    Date of approval: April 2, 2012.
    The original PIA for DARTTS was published in October 2008, and re-

[[Page 46101]]

published with changes in April 2010. With this update to the PIA, ICE 
is adding two new data sets to DARTTS and modifying its retention 
period. ICE is also expanding the use of DARTTS within DHS to permit 
select U.S. Customs and Border Protection customs officers and import 
specialists to access and use the system. Finally, ICE is establishing 
a separate instance of DARTTS for use by foreign government partners 
that operate trade transparency units and have customs information 
sharing agreements with the United States.
    System: DHS/ICE/PIA-015(d) Enforcement Integrated Database (EID) 
ENFORCE Alien Removal Module Update.
    Component: ICE.
    Date of approval: April 6, 2012.
    The EID is a DHS shared database repository for several DHS law 
enforcement and homeland security applications. EID, which is owned and 
operated by ICE, captures and maintains information related to the 
investigation, arrest, booking, detention, and removal of persons 
encountered during immigration and criminal law enforcement 
investigations and operations conducted by the ICE, U.S. Customs and 
Border Protection, and U.S. Citizenship and Immigration Services 
(USCIS) components within DHS. The PIA for EID was last updated in 
November 2011. ICE added additional functionality to ENFORCE, 
necessitating this current PIA update. This functionality includes: (1) 
Technology which helps ICE prioritize aliens for immigration 
enforcement action based on criminal history; and (2) a methodology 
which helps ICE conduct risk classification assessments of aliens 
arrested under the immigration laws during the intake process and while 
in ICE custody.
    System: DHS/TSA/PIA-018(e) Secure Flight Program Update.
    Component: Transportation Security Administration (TSA).
    Date of approval: April 13, 2012.
    The TSA Secure Flight program screens aviation passengers and 
certain non-travelers before they access airport sterile areas or board 
aircraft. This screening compares these individuals to the No Fly and 
Selectee portions of the consolidated and integrated terrorist watch 
list, against other watch lists maintained by the federal government 
when warranted by security considerations, and against a list of 
passengers with redress numbers, i.e., passengers who have been 
assigned a unique number by the DHS Traveler Redress Inquiry Program. 
In August 2011, TSA updated the Secure Flight PIA to reflect a number 
of changes, including:
    1. The initiation of a Known Traveler proof of concept starting 
with individuals enrolled within CBP Trusted Traveler programs, and 
expected to expand to include other populations such as transportation 
sector workers receiving TSA security threat assessments and members of 
the military; and
    2. The receipt by Secure Flight of aircraft operator frequent flyer 
status codes for use in conjunction with risk-based security rules 
using Secure Flight Passenger Data.
    This PIA update reflects the transition from proof of concept to 
operational program of the Known Traveler and frequent flyer concepts 
within a program known as TSA Pre[check]TM. In addition to 
the populations noted above, TSA intends to initiate new pilot programs 
designed to test the expansion of the Known Traveler program to other 
populations, such as eligible members of the U.S. Armed Forces and 
certain active security clearance holders. In addition, TSA will 
create, maintain, and screen against a watch list of individuals who, 
based upon their involvement in violations of security regulations of 
sufficient severity or frequency, are disqualified from receiving 
expedited screening for some period of time or permanently.
    This PIA Update further provides updated information on TSA's use 
of CBP's Automated Targeting System. Unless otherwise noted, the 
information provided in previously published PIAs remain in effect. 
Individuals are encouraged to read all program PIAs to have an 
understanding of TSA's privacy assessment of the Secure Flight program.
    System: DHS/OPS/PIA-002 Homeland Security Information Network-SBU 
Update.
    Component: Office of Operations Coordination and Planning (OPS).
    Date of Approval: April 16, 2012.
    The OPS Homeland Security Information Network-SBU system has 
undergone a PIA 3-Year Review. The PIA requires no changes, other than 
to update the name from HSIN-COI to HSIN-SBU, and continues to 
accurately relate to its stated mission. The HSIN-SBU is designed to 
facilitate the secure integration and interoperability of information 
sharing resources amongst federal, state, local, tribal, private sector 
commercial, and other non-governmental stakeholders involved in 
identifying and preventing terrorism as well as in undertaking incident 
management activities. As part of the information sharing efforts HSIN-
SBU supports, HSIN-SBU has established different communities of 
interest within the HSIN-SBU network. The above mentioned PIA has had 
no changes to privacy risks and mitigations identified in the published 
PIA. The information technology certification and accreditation 
approval has been extended to June 2015.
    System: DHS/USCG/PIA-018 Coast Guard Business Intelligence (CGBI).
    Component: United States Coast Guard (USCG).
    Date of Approval: April 17, 2012.
    The USCG owns and operates the CGBI System. CGBI is a Business 
Intelligence (BI) and mission support tool which provides USCG users 
with a web-based reporting and analysis capability. CGBI utilizes 
standardized enterprise data and metrics, consisting of the Enterprise 
Data Warehouse, and a front-end BI application providing standardized 
reports and data cubes. This system was created to provide an 
integrated reporting and analysis environment for organizational 
Knowledge and Performance Management by providing ``one version of the 
truth.'' This PIA is required as the system contains PII obtained from 
authoritative, transactional source systems; this data may be 
transferred or viewed by other personnel or systems upon data sponsor 
approval, with limited PII data available within the CGBI interface to 
authorized users.
    System: DHS/USCIS/PIA-041 Electronic Immigration System (ELIS-1) 
Temporary Accounts and Draft Benefit Requests.
    Component: USCIS.
    Date of Approval: May 16, 2012.
    USCIS is the component of DHS that oversees lawful immigration to 
the United States. USCIS is transforming its operations by creating a 
new electronic environment known as the USCIS ELIS, which allows 
individuals requesting a USCIS benefit to register online and submit 
certain benefit requests through the online system. This system will 
improve customer service; increase efficiency for processing benefits; 
better identify potential national security concerns, criminality, and 
fraud; and create improved access controls and better auditing 
capabilities. This PIA was conducted because USCIS ELIS collects and 
uses PII. This new electronic environment is divided into three 
distinct processes: (1) Temporary Account and Draft Benefit Requests; 
(2) Account and Case Management; and (3) Automated Background 
Functions. This PIA addresses the Temporary Account and Draft Benefit 
Requests process by describing how Applicants or their Representatives 
can create a temporary

[[Page 46102]]

account, draft a benefit request, and submit or abandon that request.
    System: DHS/USCIS/PIA-042 Electronic Immigration System (ELIS-2) 
Account and Case Management.
    Component: USCIS.
    Date of Approval: May 16, 2012.
    USCIS is the component of DHS that oversees lawful immigration to 
the United States. USCIS is transforming its operations by creating a 
new electronic environment known as the USCIS ELIS, which allows 
individuals requesting a USCIS benefit to register online and submit 
certain benefit requests through the online system. This system will 
improve customer service; increase efficiency for processing benefits; 
better identify potential national security concerns, criminality, and 
fraud; and create improved access controls and better auditing 
capabilities. This PIA was conducted because USCIS ELIS collects and 
uses PII. This new electronic environment is divided into three 
distinct processes: (1) Temporary Account and Draft Benefit Requests; 
(2) Account and Case Management; and (3) Automated Background 
Functions. This PIA addresses the Account and Case Management process 
by describing how USCIS ELIS uses information provided on initial and 
subsequent benefit requests and subsequent collections to create or 
update USCIS ELIS accounts; gather any missing information; manage 
workflow; assist USCIS in making a benefit determination; and provide a 
repository of data to assist with future benefit requests.
    System: DHS/USCIS/PIA-043 Electronic Immigration System (ELIS-3) 
Automated Background Functions.
    Component: USCIS.
    Date of Approval: May 16, 2012.
    USCIS is the component of DHS that oversees lawful immigration to 
the United States. USCIS is transforming its operations by creating a 
new electronic environment known as the USCIS ELIS, which allows 
individuals requesting a USCIS benefit to register online and submit 
certain benefit requests through the online system. This system will 
improve customer service; increase efficiency for processing benefits; 
better identify potential national security concerns, criminality, and 
fraud; and create improved access controls and better auditing 
capabilities. This PIA was conducted because USCIS ELIS collects and 
uses PII. This new electronic environment is divided into three 
distinct processes: (1) Temporary Account and Draft Benefit Requests; 
(2) Account and Case Management; and (3) Automated Background 
Functions. This PIA addresses the Automated Background Functions 
process, which includes the actions USCIS ELIS takes to ensure that 
serious or complex cases receive additional scrutiny by detecting 
duplicate and related accounts and identifying potential national 
security concerns, criminality, and fraud.
    System: DHS/FEMA/PIA-023 Enterprise Coordination and Approval 
Processing System (eCAPS).
    Component: FEMA.
    Date of Approval: May 21, 2012.
    FEMA, Office of Response and Recovery (OR&R) operates the eCAPS 
application. Following a Presidentially-declared disaster, OR&R 
utilizes eCAPS, a FEMA intranet-based application, to collect, use, 
maintain, and disseminate PII from federal and state points of contact 
(POCs) who request disaster support from FEMA. eCAPS tracks action 
requests, electronic coordination and approval of internal requisitions 
for services and supplies, and mission assignments. This PIA was 
conducted because eCAPS collects, uses, maintains, and disseminates PII 
from federal and state POCs.

    Dated: July 16, 2012.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2012-18813 Filed 8-1-12; 8:45 am]
BILLING CODE 9110-9L-P