[Federal Register Volume 74, Number 232 (Friday, December 4, 2009)]
[Rules and Regulations]
[Pages 63944-63946]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-28910]
[[Page 63943]]
-----------------------------------------------------------------------
Part V
Department of Homeland Security
-----------------------------------------------------------------------
6 CFR Part 5
Privacy Act of 1974: Implementation of Exemptions; Final Rules
��Federal Register / Vol. 74 , No. 232 / Friday, December 4, 2009 /
Rules and Regulations��
[[Page 63944]]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
6 CFR Part 5
[Docket No. DHS-2009-0045]
Privacy Act of 1974: Implementation of Exemptions; Department of
Homeland Security/National Protections and Programs Directorate/U.S.
Visitor and Immigrant Status Indicator Technology--001 Arrival and
Departure Information System of Records
AGENCY: Privacy Office, DHS.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Department of Homeland Security is issuing a final rule
to amend its regulations to exempt portions of a Department of Homeland
Security/National Protections and Programs Directorate/U.S. Visitor and
Immigrant Status Indicator Technology system of records entitled the
``Department of Homeland Security/National Protections and Programs
Directorate/U.S. Visitor and Immigrant Status Indicator Technology--001
Arrival and Departure Information System of Records'' from certain
provisions of the Privacy Act. Specifically, the Department exempts
portions of the Department of Homeland Security/National Protections
and Programs Directorate/U.S. Visitor and Immigrant Status Indicator
Technology--001 Arrival and Departure Information system of records
from one or more provisions of the Privacy Act because of criminal,
civil, and administrative enforcement requirements.
DATES: Effective Date: This final rule is effective December 4, 2009.
FOR FURTHER INFORMATION CONTACT: For general questions please contact:
Paul Hasson (202-298-5021), Privacy Officer, U.S. Visitor and Immigrant
Status Indicator Technology, Washington, DC 20598. For privacy issues
please contact: Mary Ellen Callahan (703-235-0780), Chief Privacy
Officer, Privacy Office, U.S. Department of Homeland Security,
Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
Background
The Department of Homeland Security (DHS) published a notice of
proposed rulemaking in the Federal Register, 72 FR 46921, August 22,
2007, proposing to exempt portions of the system of records from one or
more provisions of the Privacy Act because of criminal, civil, and
administrative enforcement requirements. The system of records is the
DHS/National Protections and Programs Directorate (NPPD)/U.S. Visitor
and Immigrant Status Indicator Technology (US-VISIT)--001 Arrival and
Departure Information system. The DHS/NPPD/US-VISIT--001 Arrival and
Departure Information system of records notice was published
concurrently in the Federal Register, 72 FR 47057, August 22, 2007.
Comments were invited on both the notice of proposed rulemaking and the
system of records notice. Public comments were received on the notice
of proposed rulemaking and system of records notice.
Comments on the Notice of Proposed Rulemaking
DHS received eleven comments on the notice of proposed rulemaking
(NPRM) (72 FR 46921, August 22, 2007) and seven comments on the system
of records notice (SORN) (72 FR 47057, August 22, 2007). The NPRM and
SORN received identical comments twice from the same two individuals.
One comment was related to permanent resident alien cards and is
unrelated to the proposed rulemaking. Two additional comments contained
individuals' personal opinions on DHS' status within the Federal
government that are unrelated to the proposed rulemaking. Several other
commenters complained of the Department's use of Privacy Act exemptions
under the Freedom of Information Act (FOIA). The SORN and NPRM relate
to the Privacy Act and not FOIA. The proposed exemptions are standard
law enforcement and national security exemptions currently being
exercised by a large number of Federal law enforcement and intelligence
agencies. Moreover, in appropriate circumstances the applicable
exemptions may be waived, when compliance would not appear to interfere
with or adversely affect the enforcement process.
Below is an analysis of each comment that specifically relate to
this NPRM that is not addressed directly above.
An initial commenter expressed concern that inaccurate and
irrelevant information could falsely target innocent individuals. DHS
notes that occasionally in the course of an investigation into
potential violations of Federal law, the accuracy of information
obtained or introduced may be unclear, or the information may not be
strictly relevant or necessary to a specific investigation, but in the
interest of effective law enforcement, it is appropriate for the DHS/
NPPD/US-VISIT--001 Arrival and Departure Information system of records
to retain all information that may aid in establishing patterns of
unlawful activity. The DHS/NPPD/US-VISIT--001 Arrival and Departure
Information system of records information serves as another important
tool to support better determinations concerning potentially high-risk
travelers that may require additional screening.
Another commenter stated that information in the background section
of the notice, specifically a routine use for information sharing with
the intelligence community, sharing to prevent identity theft, and
sharing with foreign governments, was not present in the body of the
SORN. This statement is inaccurate and sharing for those purposes can
be found in routine use A, B, G and H. The commenter further states
that there is no language in the SORN relating to the retention period
for the DHS/NPPD/US-VISIT--001 Arrival and Departure Information system
of records data. This statement is also inaccurate and information
relating to the retention period can be found under the Retention and
Disposal section of the SORN. Further, the commenter goes on to contest
the purpose and use of the information maintained in the DHS/NPPD/US-
VISIT--001 Arrival and Departure Information system of records and all
information within the SORN and disagrees with the language and
truthfulness of the Department's justification. DHS has provided
accurate information regarding purpose and use of information as well
as all other information in the DHS/NPPD/US-VISIT--001 Arrival and
Departure Information system of records.
One commenter suggested that the proposed exemptions could allow
for errors and inaccuracy of information. DHS advises that travelers
who believe that the information contained in the DHS/NPPD/US-VISIT--
001 Arrival and Departure Information system of records or in any other
DHS systems is erroneous may request correction of that information
through the Traveler Redress Inquiry Program (TRIP) at http://www.dhs.gov/trip or via mail, facsimile, or e-mail in accordance with
instructions provided on the Web site listed above or contact DHS/NPPD/
US-VISIT directly.
Another commenter suggested that the potential for error and abuse
is enormous because the information is regarded as being about non-
citizens only. DHS extends administrative Privacy Act protections to
individuals where information is maintained on both U.S. citizens,
lawful permanent residents, and visitors, on whom a system of records
maintains
[[Page 63945]]
information. This is the case with the DHS/NPPD/US-VISIT--001 Arrival
and Departure Information system of records and the reason DHS has
issued the NPRM and SORN.
A concluding commenter stated that ``We have a right and a duty to
ensure that we do not relinquish our Constitutional rights.'' DHS
agrees and has established a number of administrative and policy checks
and balances to further ensure that the use of the DHS/NPPD/US-VISIT--
001 Arrival and Departure Information system of records information
remains within the appropriate bounds of the mission of DHS. In
conjunction with the SORN published in the Federal Register 72 FR
47057, August 22, 2007, DHS has also posted on its Web site an updated
Privacy Impact Assessment that fully informs the public about the uses
of the DHS/NPPD/US-VISIT--001 Arrival and Departure Information system
of records including the privacy risks and the mitigation approaches to
address any identified risks.
Comments on the System of Records Notice 72 FR 47057, August 22, 2007
Below is an analysis of each comment that specifically relate to
this SORN that is not addressed directly above.
An initial commenter suggested that the routine uses permitting the
sharing of information contained in the DHS/NPPD/US-VISIT--001 Arrival
and Departure Information system of records should be clarified or
expanded to include sharing with companies that have posted immigration
bonds pertaining to aliens ``based on the traditional notions of
fairness.'' DHS notes that access to the DHS/NPPD/US-VISIT--001 Arrival
and Departure Information system of records information is strictly
regulated. Sharing ``based on the traditional notion of fairness'' is
not within DHS' mission or based on a need to know. In addition to
those disclosures generally permitted under 5 U.S.C. 552a(b) of the
Privacy Act and the routine uses outlined in the SORN, and consistent
with DHS' information sharing limitations, all or a portion of the
records or information contained in the DHS/NPPD/US-VISIT--001 Arrival
and Departure Information system of records may be shared with other
DHS components or outside of DHS with appropriate Federal, State,
local, tribal, foreign, or international government agencies, or party
after DHS determines that the receiving agency or party has a need to
know the information to carry out national security, law enforcement,
immigration, intelligence, or other functions consistent with the
routine uses set forth in the SORN for the DHS/NPPD/US-VISIT--001
Arrival and Departure Information system of records.
Another commenter expressed that the exemption of one or more
provisions of the Privacy Act is not necessary because information in
the DHS/NPPD/US-VISIT--001 Arrival and Departure Information system of
records record is already known to the subject. While this is generally
true, individuals who desire access to their information in the DHS/
NPPD/US-VISIT--001 Arrival and Departure Information system of records
may submit a request to gain access.
DHS carefully reviewed all the public comments and the
recommendations within the public comments. DHS has determined that
since the information in the DHS/NPPD/US-VISIT--001 Arrival and
Departure Information system of records is used primarily to facilitate
the investigation of subjects of interest who may have violated their
immigration status by remaining in the United States beyond their
authorized stay; thereby supporting the several and varied missions and
functions of DHS, including but not limited to: the enforcement of
civil and criminal laws (including the immigration law);
investigations, inquiries; national security and intelligence
activities in support of the DHS mission to identify and prevent acts
of terrorism against the United States, it is important that the
exemptions remain in place and be waived only when compliance would not
interfere with or adversely affect the law enforcement purposes of the
system and the overall law enforcement process.
Having taken into consideration public comments resulting from this
NPRM and SORN, as well as the Department's position on these public
comments, DHS will implement the rulemaking as proposed.
List of Subjects in 6 CFR Part 5
Freedom of information; Privacy.
0
For the reasons stated in the preamble, DHS amends Chapter I of Title
6, Code of Federal Regulations, as follows:
PART 5--DISCLOSURE OF RECORDS AND INFORMATION
0
1. The authority citation for part 5 continues to read as follows:
Authority: Public Law 107-296, 116 Stat. 2135, 6 U.S.C. 101 et
seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.
Subpart B also issued under 5 U.S.C. 552a.
0
2. At the end of Appendix C to Part 5, Exemption of Record Systems
under the Privacy Act, add the following new paragraph 41 to read as
follows:
Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy
Act
* * * * *
41. The DHS/NPPD/US-VISIT--001 Arrival and Departure Information
system of records notice is a system for the storage and use of
biographic, biometric indicator, and encounter data consolidated
from various systems regarding aliens who have applied for entry,
entered, or departed the United States. Information in the DHS/NPPD/
US-VISIT--001 Arrival and Departure Information system of records
notice is used primarily to facilitate the investigation of subjects
of interest who may have violated their immigration status by
remaining in the United States beyond their authorized stay; thereby
supporting the several and varied missions and functions of DHS,
including but not limited to: the enforcement of civil and criminal
laws (including the immigration law); investigations, inquiries;
national security and intelligence activities in support of the DHS
mission to identify and prevent acts of terrorism against the United
States. The information is collected by, on behalf of, in support
of, or in cooperation with DHS and its components and may contain
personally identifiable information collected by other Federal,
State, local, tribal, foreign, or international government agencies.
The Secretary of Homeland Security has exempted this system from the
following provisions of the Privacy Act, subject to the limitations
set forth in 5 U.S.C. 552a(c)(3) and (4); (d); (e)(1), (e)(2),
(e)(3), (e)(4)(G), (e)(4)(H), (e)(5) and (e)(8); (f); and (g)
pursuant to 5 U.S.C. 552a(j)(2). Additionally, the Secretary of
Homeland Security has exempted this system from the following
provisions of the Privacy Act, subject to the limitations set forth
in 5 U.S.C. 552a(c)(3); (d); (e)(1), (e)(4)(G), (e)(4)(H); and (f)
pursuant to 5 U.S.C. 552a(k)(1), (k)(2), (k)(3) and (k)(5).
Exemptions from these particular subsections are justified, on a
case-by-case basis to be determined at the time a request is made,
for the following reasons:
(a) From subsection (c)(3) and (4) (Accounting for Disclosures)
because release of the accounting of disclosures could alert the
subject of an investigation of an actual or potential criminal,
civil, or regulatory violation to the existence of the
investigation; and reveal investigative interest on the part of DHS
as well as the recipient agency. Disclosure of the accounting would
therefore present a serious impediment to law enforcement efforts
and/or efforts to preserve national security. Disclosure of the
accounting would also permit the individual who is the subject of a
record to impede the investigation, to tamper with witnesses or
evidence, and to avoid detection or apprehension, which would
undermine the entire investigative process.
(b) From subsection (d) (Access to Records) because access to
the records contained in this system of records could inform the
subject of an investigation of an actual or potential criminal,
civil, or regulatory violation, to the existence of the
investigation, and reveal investigative interest on the part of DHS
or another agency. Access to the records could permit the
[[Page 63946]]
individual who is the subject of a record to impede the
investigation, to tamper with witnesses or evidence, and to avoid
detection or apprehension. Amendment of the records could interfere
with ongoing investigations and law enforcement activities and would
impose an impossible administrative burden by requiring
investigations to be continuously reinvestigated. In addition,
permitting access and amendment to such information could disclose
security-sensitive information that could be detrimental to homeland
security.
(c) From subsection (e)(1) (Relevancy and Necessity of
Information) because in the course of investigations into potential
violations of Federal law, the accuracy of information obtained or
introduced occasionally may be unclear or the information may not be
strictly relevant or necessary to a specific investigation. In the
interests of effective law enforcement, it is appropriate to retain
all information that may aid in establishing patterns of unlawful
activity.
(d) From subsection (e)(2) (Collection of Information from
Individuals) because requiring that information be collected from
the subject of an investigation would alert the subject to the
nature or existence of an investigation, thereby interfering with
the related investigation and law enforcement activities.
(e) From subsection (e)(3) (Notice to Subjects) because
providing such detailed information would impede law enforcement in
that it could compromise investigations by: revealing the existence
of an otherwise confidential investigation and thereby provide an
opportunity for the subject of an investigation to conceal evidence,
alter patterns of behavior, or take other actions that could thwart
investigative efforts; reveal the identities of witnesses in
investigations, thereby providing an opportunity for the subjects of
the investigations or others to harass, intimidate, or otherwise
interfere with the collection of evidence or other information from
such witnesses; or reveal the identity of confidential informants,
which would negatively affect the informant's usefulness in any
ongoing or future investigations and discourage members of the
public from cooperating as confidential informants in any future
investigations.
(f) From subsections (e)(4)(G) and (H) (Agency Requirements),
and (f) (Agency Requirements) because portions of this system are
exempt from the individual access provisions of subsection (d) for
the reasons noted above, and therefore DHS is not required to
establish requirements, rules, or procedures with respect to such
access. Providing notice to individuals with respect to existence of
records pertaining to them in the system of records or otherwise
setting up procedures pursuant to which individuals may access and
view records pertaining to themselves in the system would undermine
investigative efforts and reveal the identities of witnesses, and
potential witnesses, and confidential informants.
(g) From subsection (e)(5) (Collection of Information) because
in the collection of information for law enforcement purposes it is
impossible to determine in advance what information is accurate,
relevant, timely, and complete. Compliance with (e)(5) would
preclude DHS agents from using their investigative training and
exercise of good judgment to both conduct and report on
investigations.
(h) From subsection (e)(8) (Notice on Individuals) because
compliance would interfere with DHS' ability to obtain, serve, and
issue subpoenas, warrants, and other law enforcement mechanisms that
may be filed under seal, and could result in disclosure of
investigative techniques, procedures, and evidence.
(i) From subsection (g) (Civil Remedies) to the extent that the
system is exempt from other specific subsections of the Privacy Act
relating to individuals' rights to access and amend their records
contained in the system. Therefore DHS is not required to establish
rules or procedures pursuant to which individuals may seek a civil
remedy for the agency's: refusal to amend a record; refusal to
comply with a request for access to records; failure to maintain
accurate, relevant, timely and complete records; or failure to
otherwise comply with an individual's right to access or amend
records.
Dated: November 25, 2009.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E9-28910 Filed 12-3-09; 8:45 am]
BILLING CODE 9110-9P-P