Privacy Act of 1974; DHS/CBP-024 Intelligence Records System (CIRS) System of Records, 44198-44203 [2017-19718]

Agencies

• DEPARTMENT OF HOMELAND SECURITY

[Federal Register Volume 82, Number 182 (Thursday, September 21, 2017)]
[Notices]
[Pages 44198-44203]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-19718]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

[Docket No. DHS-2017-0027]


Privacy Act of 1974; DHS/CBP-024 Intelligence Records System 
(CIRS) System of Records

AGENCY: Privacy Office, Department of Homeland Security.

ACTION: Notice of new Privacy Act System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the Department of 
Homeland Security (DHS)/U.S. Customs and Border Protection (CBP) 
proposes to establish a new DHS CBP system of records titled, ``DHS/
CBP-024 CBP Intelligence Records System (CIRS).'' As a new SORN in the 
CBP inventory, CBP will carefully consider public comments, apply 
appropriate revisions, and republish the CIRS SORN, if necessary, 
within 180 days of receipt of comments. A Notice of Proposed Rulemaking 
is also published in this issue of the Federal Register in which the 
Department proposes to exempt portions of this system of records from 
one or more provisions of the Privacy Act because of criminal, civil, 
and administrative enforcement requirements. This new system will be 
included in the Department of Homeland Security's inventory of record 
systems.

DATES: Submit comments on or before October 23, 2017. This new system 
will be effective upon publication. New or modified routine uses will 
be effective October 23, 2017.

ADDRESSES: You may submit comments, identified by docket number DHS-
2017-0027 by one of the following methods:
     Federal e-Rulemaking Portal: https://www.regulations.gov. 
Follow the instructions for submitting comments.
     Fax: 202-343-4010.
     Mail: Jonathan R. Cantor, Acting Chief Privacy Officer, 
Privacy Office, Department of Homeland Security, Washington, DC 20528.

[[Page 44199]]


FOR FURTHER INFORMATION CONTACT: For general questions, please contact: 
Debra L. Danisek (202) 344-1610, CBP Privacy Officer, U.S. Customs and 
Border Protection, 1300 Pennsylvania Avenue NW., Washington, DC 20229. 
For privacy questions, please contact: Jonathan R. Cantor, (202) 343-
1717, Acting Chief Privacy Officer, Privacy Office, Department of 
Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION: 

I. Background

    In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the 
Department of Homeland Security (DHS)/U.S. Customs and Border 
Protection (CBP) proposes to establish a new DHS system of records 
titled, ``DHS/CBP-024 CBP Intelligence Records System (CIRS) System of 
Records.''
    The CBP Intelligence Records System (CIRS) system of records is 
owned by CBP's Office of Intelligence (OI). CIRS contains information 
collected by CBP to support CBP's law enforcement intelligence mission. 
This information includes raw intelligence information collected by 
CBP's OI, public source information, and information initially 
collected by CBP pursuant to its immigration and customs authorities. 
This information is analyzed and incorporated into intelligence 
products. CBP currently uses the Analytical Framework for Intelligence 
(AFI) and the Intelligence Reporting System (IRS) information 
technology (IT) systems to facilitate the development of finished 
intelligence products. These products are disseminated to various 
stakeholders including CBP executive management, CBP operational units, 
various government agencies, and the Intelligence Community (IC).
    CIRS is the exclusive CBP System of Records Notice for finished 
intelligence products and any raw intelligence information, public 
source information, or other information collected by CBP for an 
intelligence purpose that is not subject to an existing DHS SORN. 
Information collected by CBP for an intelligence purpose that is not 
covered by an existing DHS SORN and is not incorporated into a finished 
intelligence product is retained and disseminated in accordance with 
this SORN. In addition, finished intelligence products, and the 
information contained in those products, regardless of the original 
source system of that information, is retained and disseminated in 
accordance with this SORN. CIRS records were previously covered by the 
Automated Targeting System SORN and the Analytical Framework for 
Intelligence System SORN.
    As part of the intelligence process, CBP investigators and analysts 
must review large amounts of data to identify and understand 
relationships between individuals, entities, threats, and events to 
generate law enforcement intelligence products that provide CBP 
operational units with actionable information for law enforcement 
purposes. If performed manually, this process can involve hours of 
analysis of voluminous data. To automate and expedite this process, CBP 
uses several IT systems to allow for the efficient research and 
analysis of data from a variety of sources. Existing IT systems that 
CBP uses to analyze and produce intelligence information include AFI 
and IRS.
    AFI is specifically designed to make the intelligence research and 
analysis process more efficient by allowing searches of a broad range 
of data through a single interface. AFI can also identify links 
(relationships) between individuals or entities based on commonalities, 
such as identification numbers, addresses, or other information. These 
commonalities in and of themselves are not suspicious, but in the 
context of additional information they sometimes help DHS agents and 
analysts to identify potentially criminal activity and identify other 
suspicious activities. These commonalities can also form the basis for 
a DHS-generated intelligence product that may lead to further 
investigation or other appropriate follow-up action by CBP, DHS, or 
other federal, state, or local agencies. DHS/CBP has published a 
Privacy Impact Assessment (PIA) for AFI, which is available on 
www.dhs.gov/privacy. A PIA for IRS is forthcoming.
    Individuals may request information about records pertaining to 
themselves stored in CIRS as outlined in the ``Notification Procedure'' 
section below. CBP reserves the right to exempt various records from 
release pursuant to exemptions 5 U.S.C. 552a(j)(2), (k)(1) and (k)(2) 
of the Privacy Act.
    Consistent with DHS's information sharing mission, information 
stored in the DHS/CBP-024 CIRS System of Records may be shared with 
other DHS Components that have a need to know the information to carry 
out their national security, law enforcement, immigration, 
intelligence, or other homeland security functions. In addition, DHS/
CBP may share information with appropriate federal, state, local, 
tribal, territorial, foreign, or international government agencies 
consistent with the routine uses set forth in this SORN.
    Additionally, DHS is issuing a Notice of Proposed Rulemaking to 
exempt this system of records from certain provisions of the Privacy 
Act elsewhere in the Federal Register. This newly established system 
will be included in DHS's inventory of record systems.

II. Privacy Act

    The Privacy Act embodies fair information practice principles in a 
statutory framework governing the means by which Federal Government 
agencies collect, maintain, use, and disseminate individuals' records. 
The Privacy Act applies to information that is maintained in a ``system 
of records.'' A ``system of records'' is a group of any records under 
the control of an agency from which information is retrieved by the 
name of an individual or by some identifying number, symbol, or other 
identifying particular assigned to the individual. In the Privacy Act, 
an individual is defined to encompass U.S. citizens and lawful 
permanent residents. Additionally, and similarly, the Judicial Redress 
Act (JRA) provides a statutory right to covered persons to make 
requests for access and amendment to covered records, as defined by the 
JRA, along with judicial review for denials of such requests. In 
addition, the JRA prohibits disclosures of covered records, except as 
otherwise permitted by the Privacy Act.
    Below is the description of the DHS/CBP-024 Intelligence Records 
System (CIRS) System of Records.
    In accordance with 5 U.S.C. 552a(r), DHS has provided a report of 
this system of records to the Office of Management and Budget and to 
Congress.
SYSTEM NAME AND NUMBER:
    Department of Homeland Security (DHS)/U.S. Customs and Border 
Protection (CBP)-024 CBP Intelligence Records System (CIRS) System of 
Records.

SECURITY CLASSIFICATION:
    Unclassified, Sensitive, For Official Use Only, Law Enforcement--
Sensitive, and Classified.

SYSTEM LOCATION:
    CBP maintains CIRS records at the CBP Headquarters in Washington, 
DC and field offices. CBP uses the Analytical Framework for 
Intelligence (AFI) and the Intelligence Reporting System (IRS) to 
facilitate the development of finished intelligence products and 
maintain a repository of intelligence information records. Records may 
also be stored on paper within the Office of Intelligence (OI) or in 
CBP field offices.

[[Page 44200]]

SYSTEM MANAGER:
    Assistant Commissioner for the Office of Intelligence, U.S. Customs 
and Border Protection, 1300 Pennsylvania Avenue NW., Washington, DC 
20229.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Title II of the Homeland Security Act of 2002 (Pub. L. 107-296), as 
amended by the Intelligence Reform and Terrorism Prevention Act of 2004 
(Pub. L. 108-458, 118 Stat. 3638); the Trade Facilitation and Trade 
Enforcement Act of 2015 (Pub. L. 114-125); the Tariff Act of 1930, as 
amended; the Immigration and Nationality Act (``INA''), 8 U.S.C. 1101, 
et seq.; the Implementing Recommendations of the 9/11 Commission Act of 
2007 (Pub. L. 110-53); the Antiterrorism and Effective Death Penalty 
Act of 1996 (Pub. L. 104-132, 110 Stat. 1214); the SAFE Port Act of 
2006 (Pub. L. 109-347); the Aviation and Transportation Security Act of 
2001 (Pub. L. 107-71); 6 U.S.C. 202; and 6 U.S.C. 211.

PURPOSE(S) OF THE SYSTEM:
    This system of records allows CBP to collect and consolidate 
information from multiple sources, including law enforcement agencies 
and agencies of the U.S. Intelligence Community, in order to enhance 
CBP's ability to: Identify, apprehend, or prosecute individuals who 
pose a potential law enforcement or security risk; aid in the 
enforcement of the customs and immigration laws, and other laws 
enforced by DHS at the border; and enhance U.S. border security.
    CBP maintains intelligence information to:
    (a) Support CBP's collection, analysis, reporting, and distribution 
of law enforcement, immigration administration, terrorism, 
intelligence, and homeland security information in support of CBP's law 
enforcement, customs and immigration, counterterrorism, national 
security, and other homeland security missions.
    (b) Produce law enforcement intelligence reporting that provides 
actionable information to CBP's law enforcement and immigration 
administration personnel and to other appropriate government agencies.
    (c) Enhance the efficiency and effectiveness of the research and 
analysis process for DHS law enforcement, immigration, and intelligence 
personnel through information technology tools that provide for 
advanced search and analysis of various datasets.
    (d) Identify potential criminal activity, violations of federal 
law, and threats to homeland security; provide overall situational 
awareness for the CBP enterprise; to uphold and enforce the law; and to 
ensure public safety.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Categories of individuals covered by this system include the 
following:
    1. Individuals (e.g., subjects, witnesses, associates, informants) 
associated with border security, immigration or customs enforcement, or 
other law enforcement investigations/activities conducted by CBP;
    2. Individuals associated with law enforcement investigations or 
activities conducted by other federal, state, tribal, territorial, 
local, or foreign agencies when there is a potential nexus to national 
security, CBP's law enforcement responsibilities, or homeland security 
in general;
    3. Individuals known or appropriately suspected to be or have been 
engaged in conduct constituting, in preparation for, in aid of, or 
related to terrorism;
    4. Individuals involved in, associated with, or who have reported 
suspicious activities, threats, or other incidents reported by domestic 
and foreign government agencies, multinational or non-governmental 
organizations, critical infrastructure owners and operators, private 
sector entities and organizations, and individuals;
    5. Individuals not implicated in narcotics trafficking or related 
activities, but with pertinent knowledge of some circumstance of a case 
or record subject. Such records may contain any information, including 
personal identification data, that may assist CBP in discharging its 
responsibilities generally (e.g., information which may assist in 
identifying and locating such persons);
    6. Individuals who are the subjects of or otherwise identified in 
classified or unclassified intelligence reporting received or reviewed 
by CBP OI;
    7. Individuals identified in law enforcement, intelligence, crime, 
and incident reports (including financial reports under the Bank 
Secrecy Act and law enforcement bulletins) produced by DHS and other 
government agencies;
    8. Individuals identified in U.S. visa, border, immigration, and 
naturalization benefit data, including arrival and departure data;
    9. Individuals identified in DHS law enforcement and immigration 
records;
    10. Individuals not authorized to work in the United States;
    11. Individuals whose passports have been lost or stolen; and
    12. Individuals identified in public news reports.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Categories of records in this system include information collected 
by CBP for an intelligence purpose that is not covered by an existing 
DHS SORN and finished intelligence products. This information may 
include:
    1. Biographic information (name, date of birth, Social Security 
number, alien registration number, citizenship/immigration status, 
passport information, addresses, phone numbers, etc.);
    2. Records of immigration enforcement activities or law enforcement 
investigations/activities;
    3. Information (including documents and electronic data) collected 
by CBP from or about individuals during investigative activities and 
border searches;
    4. Records of immigration enforcement activities and law 
enforcement investigations/activities that have a possible nexus to 
CBP's law enforcement and immigration enforcement responsibilities or 
homeland security in general;
    5. Law enforcement, intelligence, crime, and incident reports 
(including financial reports under the Bank Secrecy Act and law 
enforcement bulletins) produced by DHS and other government agencies;
    6. U.S. visa, border, immigration, and naturalization benefit data, 
including arrival and departure data;
    7. Terrorist watchlist information and other terrorism-related 
information regarding threats, activities, and incidents;
    8. Lost and stolen passport data;
    9. Records pertaining to known or suspected terrorists, terrorist 
incidents, activities, groups, and threats;
    10. CBP-generated intelligence requirements, analysis, reporting, 
and briefings;
    11. Information from investigative and intelligence reports 
prepared by law enforcement agencies and agencies of the U.S. foreign 
intelligence community;
    12. Articles, public-source data (including information from social 
media), and other published information on individuals and events of 
interest to CBP;
    13. Audio and video records retained in support of CBP's law 
enforcement, national security, or other homeland security missions;
    14. Records and information from government data systems or 
retrieved from commercial data providers in the course of intelligence 
research, analysis, and reporting;
    15. Reports of suspicious activities, threats, or other incidents 
generated by CBP or third parties;

[[Page 44201]]

    16. Additional information about confidential sources or 
informants; and
    17. Metadata, which may include but is not limited to transaction 
date, time, location, and frequency.

RECORD SOURCE CATEGORIES:
    Federal, state, local, territorial, tribal, or other domestic 
agencies, foreign agencies, multinational or non-governmental 
organizations, critical infrastructure owners and operators, private 
sector entities and organizations, individuals, commercial data 
providers, and public sources such as social media, news media outlets, 
and the Internet.
    CBP will abide by the safeguards, retention schedules, and 
dissemination requirements of DHS source system SORNs to the extent 
those systems are applicable and the information is not incorporated 
into a finished intelligence product. For additional information, 
please see the Privacy Impact Assessment for the Analytical Framework 
for Intelligence and the forthcoming Privacy Impact Assessment for the 
Intelligence Reporting System.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    Source data are to be handled consistent with the published system 
of records notice as noted in ``Source Category Records.'' Source data 
that is not part of or incorporated into a finished intelligence 
product, a response to a request for information (RFI), project, or the 
index shall not be disclosed external to DHS. The routine uses below 
apply only to finished intelligence products, responses to RFIs, 
projects, and responsive compilations of the index and only as 
explicitly stated in each routine use.
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside DHS as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (DOJ), including Offices of the 
U.S. Attorneys, or other federal agency conducting litigation or in 
proceedings before any court, adjudicative, or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    1. DHS or any component thereof;
    2. Any employee or former employee of DHS in his/her official 
capacity;
    3. Any employee or former employee of DHS in his/her individual 
capacity when DOJ or DHS has agreed to represent the employee; or
    4. The United States or any agency thereof.
    B. To a congressional office from the record of an individual in 
response to an inquiry from that congressional office made at the 
request of the individual to whom the record pertains.
    C. To the National Archives and Records Administration (NARA) or 
General Services Administration pursuant to records management 
inspections being conducted under the authority of 44 U.S.C. 2904 and 
2906.
    D. To an agency or organization for the purpose of performing audit 
or oversight operations as authorized by law, but only such information 
as is necessary and relevant to such audit or oversight function.
    E. To appropriate agencies, entities, and persons when:
    1. DHS determines that information from this system of records is 
reasonably necessary and otherwise compatible with the purpose of 
collection to assist another federal recipient agency or entity in (1) 
responding to a suspected or confirmed breach or (2) preventing, 
minimizing, or remedying the risk of harm to individuals, the recipient 
agency or entity (including its information systems, programs, and 
operations), the Federal Government, or national security, resulting 
from a suspected or confirmed breach; or
    2. DHS suspects or has confirmed that there has been a breach of 
this system of records; and (a) DHS has determined that as a result of 
the suspected or confirmed breach, there is a risk of harm to 
individuals, harm to DHS (including its information systems, programs, 
and operations), the Federal Government, or national security; and (b) 
the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with DHS's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    F. To contractors and their agents, grantees, experts, consultants, 
and others performing or working on a contract, service, grant, 
cooperative agreement, or other assignment for DHS, when necessary to 
accomplish an agency function related to this system of records. 
Individuals provided information under this routine use are subject to 
the same Privacy Act requirements and limitations on disclosure as are 
applicable to DHS officers and employees.
    G. To appropriate federal, state, local, international, tribal, or 
foreign governmental agencies or multilateral governmental 
organizations responsible for investigating or prosecuting the 
violations of, or for enforcing or implementing, a statute, rule, 
regulation, order, license, or treaty when DHS determines that the 
information would assist in the enforcement of civil or criminal laws.
    H. To a federal, state, territorial, tribal, local, international, 
or foreign government agency or entity for the purpose of consulting 
with that agency or entity: (1) To assist in making a determination 
regarding redress for an individual in connection with the operations 
of a DHS component or program; (2) for the purpose of verifying the 
identity of an individual seeking redress in connection with the 
operations of a DHS component or program; or (3) for the purpose of 
verifying the accuracy of information submitted by an individual who 
has requested such redress on behalf of another individual.
    I. To a former employee of DHS, in accordance with applicable 
regulations, for purposes of responding to an official inquiry by a 
federal, state or local government entity or professional licensing 
authority; or facilitating communications with a former employee that 
may be necessary for personnel-related or other official purposes when 
the Department requires information or consultation assistance from the 
former employee regarding a matter within that person's former area of 
responsibility.
    J. To an appropriate federal, state, local, tribal, foreign, or 
international agency, if the information is relevant and necessary to 
the agency's decision concerning the hiring or retention of an 
individual or the issuance, grant, renewal, suspension, or revocation 
of a security clearance, license, contract, grant, or other benefit; or 
if the information is relevant and necessary to a DHS decision 
concerning the hiring or retention of an employee, the issuance of a 
security clearance, the reporting of an investigation of an employee, 
the letting of a contract, or the issuance of a license, grant, or 
other benefit and when disclosure is appropriate to the proper 
performance of the official duties of the person receiving the 
information.
    K. To appropriate federal, state, local, tribal, or foreign 
governmental agencies or multilateral governmental organizations for 
the purpose of protecting the vital interests of a data subject or 
other persons, including to assist such agencies or organizations in 
preventing exposure to or transmission of a communicable or 
quarantinable disease or to combat other significant public health 
threats; appropriate notice will be provided of any identified health 
risk.

[[Page 44202]]

    L. To a public or professional licensing organization when such 
information indicates, either by itself or in combination with other 
information, a violation or potential violation of professional 
standards, or reflects on the moral, educational, or professional 
qualifications of an individual who is licensed or who is seeking to 
become licensed.
    M. To a federal, state, tribal, local, or foreign government agency 
or organization, or international organization, lawfully engaged in 
collecting law enforcement intelligence information, whether civil or 
criminal, or charged with investigating, prosecuting, enforcing, or 
implementing civil or criminal laws, related rules, regulations or 
orders, to enable these entities to carry out their law enforcement 
responsibilities, including the collection of law enforcement 
intelligence.
    N. To appropriate federal, state, local, tribal, or foreign 
governmental agencies or multilateral governmental organizations 
responsible for investigating or prosecuting the violations of, or for 
enforcing or implementing, a statute, rule, regulation, order, license, 
or treaty when DHS determines that the information would assist in the 
enforcement of civil, criminal, or regulatory laws.
    O. To third parties during the course of an investigation by DHS, a 
proceeding within the purview of the immigration and nationality laws, 
or a matter under DHS's jurisdiction, to the extent necessary to obtain 
information pertinent to the investigation, provided disclosure is 
appropriate to the proper performance of the official duties of the 
officer making the disclosure.
    P. To a federal, state, or local agency, or other appropriate 
entity or individual, or through established liaison channels to 
selected foreign governments, in order to provide intelligence, 
counterintelligence, or other information for the purposes of 
intelligence, counterintelligence, or antiterrorism activities 
authorized by U.S. law, Executive Order, or other applicable national 
security directive.
    Q. To federal and foreign government intelligence or 
counterterrorism agencies when DHS reasonably believes there to be a 
threat or potential threat to national or international security for 
which the information may be useful in countering the threat or 
potential threat, when DHS reasonably believes such use is to assist in 
anti-terrorism efforts, and disclosure is appropriate to the proper 
performance of the official duties of the person making the disclosure.
    R. To an organization or individual in either the public or private 
sector, either foreign or domestic, when there is a reason to believe 
that the recipient is or could become the target of a particular 
terrorist activity or conspiracy, to the extent the information is 
relevant to the protection of life or property and disclosure is 
appropriate to the proper performance of the official duties of the 
person making the disclosure.
    S. To the Department of State in the processing of petitions or 
applications for benefits under the Immigration and Nationality Act, 
and all other immigration and nationality laws including treaties and 
reciprocal agreements.
    T. To appropriate federal, state, local, tribal, or foreign 
governmental agencies or multilateral governmental organizations, with 
the approval of the Chief Privacy Officer, when DHS is aware of a need 
to use relevant data for purposes of testing new technology and systems 
designed to enhance national security or identify other violations of 
law.
    V. To the news media and the public, with the approval of the Chief 
Privacy Officer in consultation with counsel, when there exists a 
legitimate public interest in the disclosure of the information, when 
disclosure is necessary to preserve confidence in the integrity of DHS, 
or when disclosure is necessary to demonstrate the accountability of 
DHS's officers, employees, or individuals covered by the system, except 
to the extent the Chief Privacy Officer determines that release of the 
specific information in the context of a particular case would 
constitute a clearly unwarranted invasion of personal privacy.

Policies and Practices for Storage of Records:
    DHS/CBP stores records in this system electronically or on paper in 
secure facilities in a locked drawer behind a locked door. The records 
may be stored on magnetic disc, tape, and digital media.

Policies and Practices for Retrieval of Records:
    DHS/CBP may retrieve records by personal identifiers such as but 
not limited to name, alien registration number, phone number, address, 
Social Security number, or passport number. DHS/CBP may retrieve 
records by non-personal information such as transaction date, entity/
institution name, description of goods, value of transactions, and 
other information.

Policies and Practices for Retention and Disposal of Records:
    To the extent that CBP accesses and incorporates information from 
other DHS systems of records as sources of information for finished 
intelligence products, CBP will abide by the safeguards, retention 
schedules, and dissemination requirements of those underlying source 
systems of record. For additional information, please see the Privacy 
Impact Assessment for the Analytical Framework for Intelligence and the 
forthcoming Privacy Impact Assessment for the Intelligence Reporting 
System.
    Consistent with the DHS N1-563-07-016 records schedule, CBP will 
retain information consistent with the same retention requirements of 
the DHS Office of Intelligence and Analysis:
    1. Dissemination Files and Lists: CBP will retain finished and 
current intelligence report information distributed to support the 
Intelligence Community, DHS Components, and federal, state, local, 
tribal, and foreign Governments and includes contact information for 
the distribution of finished and current intelligence reports for two 
(2) years.
    2. Raw Reporting Files: CBP will retain raw, unevaluated 
information on threat reporting originating from operational data and 
supporting documentation that are not covered by an existing DHS system 
of records for thirty (30) years.
    3. Finished Intelligence Case Files: CBP will retain finished 
intelligence and associated background material for products such as 
Warning Products identifying imminent homeland security threats, 
Assessments providing intelligence analysis on specific topics, 
executive products providing intelligence reporting to senior 
leadership, intelligence summaries about current intelligence events, 
and periodic reports containing intelligence awareness information for 
specific region, sector, or subject/area of interest as permanent 
records and will transfer the records to the NARA after twenty (20) 
years.
    4. Requests for Information/Data Calls: CBP will retain requests 
for information and corresponding research, responses, and supporting 
documentation for ten (10) years.

Administrative, Technical, and Physical Safeguards:
    DHS/CBP safeguards records in this system according to applicable 
rules and policies, including all applicable DHS automated systems 
security and access policies. DHS/CBP has imposed strict controls to 
minimize the risk of

[[Page 44203]]

compromising the information that is being stored. Access to the 
computer system containing the records in this system is limited to 
those individuals who have a need to know the information for the 
performance of their official duties and who have appropriate 
clearances or permissions.

Record Access Procedures:
    The Secretary of Homeland Security has exempted this system from 
the notification, access, and amendment procedures of the Privacy Act, 
and the Judicial Redress Act if applicable, because it is a law 
enforcement system. However, DHS/CBP will consider individual requests 
to determine whether or not information may be released. Thus, 
individuals seeking access to and notification of any record contained 
in this system of records, or seeking to contest its content, may 
submit a request in writing to the Chief Privacy Officer and CBP 
Freedom of Information Act (FOIA) Officer, whose contact information 
can be found at https://www.dhs.gov/foia under ``Contacts Information.'' 
If an individual believes more than one component maintains Privacy Act 
records concerning him or her, the individual may submit the request to 
the Chief Privacy Officer and Chief FOIA Officer, Department of 
Homeland Security, Washington, DC 20528. Even if neither the Privacy 
Act nor the Judicial Redress Act provide a right of access, certain 
records about you may be available under the Freedom of Information 
Act.
    When seeking records about yourself from this system of records or 
any other Departmental system of records, your request must conform 
with the Privacy Act regulations set forth in 6 CFR part 5. You must 
first verify your identity, meaning that you must provide your full 
name, current address, and date and place of birth. You must sign your 
request, and your signature must either be notarized or submitted under 
28 U.S.C. 1746, a law that permits statements to be made under penalty 
of perjury as a substitute for notarization. While no specific form is 
required, you may obtain forms for this purpose from the Chief Privacy 
Officer and Chief FOIA Officer, https://www.dhs.gov/foia or (866) 431-
0486. In addition, you should:
     Explain why you believe the Department would have 
information on you;
     Identify which component(s) of the Department you believe 
may have the information about you;
     Specify when you believe the records would have been 
created; and
     Provide any other information that will help the FOIA 
staff determine which DHS component agency may have responsive records;
    If your request is seeking records pertaining to another living 
individual, you must include a statement from that individual 
certifying his/her agreement for you to access his/her records.
    Without the above information, the component(s) may not be able to 
conduct an effective search, and your request may be denied due to lack 
of specificity or lack of compliance with applicable regulations.

Contesting Record Procedures:
    For records covered by the Privacy Act or covered JRA records, see 
``Record Access Procedures'' above. For records not covered by the 
Privacy Act or JRA, individuals may submit an inquiry to the DHS 
Traveler Redress Inquiry Program (DHS TRIP) at https://www.dhs.gov/dhs-trip or the CBP INFO CENTER at www.help.cbp.gov or (877) 227-5511 
(international callers may use (202) 325-8000 and TTY users may dial 
(866) 880-6582).

Notification Procedures:
    See ``Record Access Procedures.''

Exemptions Promulgated for the System:
    The Secretary of Homeland Security, pursuant to 5 U.S.C. 
552a(j)(2), has exempted this system from the following provisions of 
the Privacy Act: 5 U.S.C. 552a(c)(3) and (4); (d); (e)(1), (e)(2), 
(e)(3), (e)(4)(G), (e)(4)(H), (e)(4)(I), (e)(5) and (e)(8); (f); and 
(g). Additionally, the Secretary of Homeland Security, pursuant to 5 
U.S.C. 552a(k)(1) and (k)(2), has exempted this system from the 
following provisions of the Privacy Act, 5 U.S.C. 552a(c)(3); (d); 
(e)(1), (e)(4)(G), and (e)(4)(H); (e)(4)(I), and (f). When this system 
receives a record from another system exempted in that source system 
under 5 U.S.C. 552a(k)(1); (k)(2); or (j)(2), DHS will claim the same 
exemptions for those records that are claimed for the original primary 
systems of records from which they originated and claims any additional 
exemptions set forth here.

History:
    None.

Jonathan R. Cantor,
Acting Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2017-19718 Filed 9-20-17; 8:45 am]
BILLING CODE 9111-14-P