31 October 2008
[Federal Register: October 31, 2008 (Volume 73, Number 212)]
[Notices]
[Page 64976-64978]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr31oc08-92]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
Published Privacy Impact Assessments on the Web
AGENCY: Privacy Office, DHS.
ACTION: Notice of Publication of Privacy Impact Assessments.
-----------------------------------------------------------------------
SUMMARY: The Privacy Office of the Department of Homeland Security is
making available eleven (11) Privacy Impact Assessments on various
programs and systems in the Department. These assessments were approved
and published on the Privacy Office's Web site between April 1, 2008
and June 30, 2008.
DATES: The Privacy Impact Assessments will be available on the DHS Web
site until December 30, 2008, after which they may be obtained by
contacting the DHS Privacy Office (contact information below).
FOR FURTHER INFORMATION CONTACT: Hugo Teufel III, Chief Privacy
Officer, Department of Homeland Security, Mail Stop 0550, Washington,
DC 20528, or e-mail: pia@dhs.gov.
SUPPLEMENTARY INFORMATION: April 1, 2008 and June 30, 2008, the Chief
Privacy Officer of the Department of Homeland Security (DHS) approved
and published eleven (11) Privacy Impact Assessments (PIAs) on the DHS
Privacy Office Web site, http://www.dhs.gov/privacy, under the link for
``Privacy Impact Assessments.'' Below is a short summary of each of
those systems, including the DHS component responsible for the system,
the name of system, and the date on which the PIA was approved.
Additional information can be found on the Web site or by contacting
the Privacy Office.
System: Law Enforcement Information Data Base/Pathfinder.
Component: United States Coast Guard.
Date of approval: March 31, 2008.
The United States Coast Guard (USCG), a component of the Department
of Homeland Security, established the Law Enforcement Information Data
Base (LEIDB)/Pathfinder. LEIDB/Pathfinder archives text messages
prepared by individuals engaged in Coast Guard law enforcement,
counterterrorism, maritime security, maritime safety and other Coast
Guard missions enabling intelligence analysis of field reporting. USCG
conducted this PIA because the LEIDB/Pathfinder system collects and
uses personally identifiable information (PII).
System: Maritime Awareness Global Network.
Component: United States Coast Guard.
Date of approval: April 11, 2008.
USCG developed the Maritime Awareness Global Network (MAGNET)
system. MAGNET uses information relating to vessels and activities
within
[[Page 64977]]
the maritime environment to accomplish the USCG's missions in the areas
of Maritime Safety, Maritime Security, Maritime Mobility, National
Defense, and Protection of Natural Resources. MAGNET is a new system
that will replace the existing integrated intelligence sharing system
known as the Joint Maritime Information Element Support System. This
PIA was completed because MAGNET will process PII.
System: United States Visitor and Immigrant Status Indicator
Technology (US-VISIT) Program In conjunction with the Notice of
Proposed Rulemaking on the Collection of Alien Biometric Data upon Exit
from the United States at Air and Sea Ports of Departure.
Component: United States Visitor and Immigrant Status Indicator
Technology.
Date of approval: April 22, 2008.
The US-VISIT Program has been implemented in phases with each phase
adding additional capabilities, locations of implementation, or subject
populations. US-VISIT published this PIA in conjunction with the Notice
of Proposed Rulemaking on Collection of Alien Biometric Data upon Exit
from the United States at Air and Sea Ports of Departure. A revised PIA
will be issued in conjunction with the Final Rule on Collection of
Alien Biometric Data upon Exit from the United States at Air and Sea
Ports of Departure.
System: Group Violent Intent Modeling (GVIM) Program.
Component: Science and Technology.
Date of approval: April 25, 2008.
This PIA describes the research and development objectives of DHS
Science and Technology (S&T) Directorate's Human Factors Division Group
Violent Intent Modeling (GVIM) project. The goal of GVIM is to
determine whether including social and behavioral theories and concepts
from established research in a software tool that is used to analyze
group behaviors and motivations will improve the ability of analysts to
identify indicators that could predict group violence. The project will
develop a social and behaviorally based framework of theories and
concepts that includes modeling and simulation tools to improve the
efficiency and accuracy of intelligence analysts examining the
likelihood of a group choosing violence to achieve its goals. This PIA
is necessary because PII will be collected as part of the research and
development effort.
System: Web Time and Attendance System.
Component: Department Wide.
Date of approval: May 1, 2008.
The DHS Office of the Chief Human Capital Officer procured a
commercial off the shelf application and customized it to meet DHS
standard requirements. This system is designed to implement an
enterprise system that can efficiently automate the timesheet
collection process and provide robust reporting features and a labor
distribution capability. This PIA was conducted because WebTA utilizes
PII.
System: Einstein 2.
Component: National Protection and Programs Directorate.
Date of approval: May 19, 2008.
This PIA is for an updated version of the EINSTEIN System. EINSTEIN
is a computer network intrusion detection system (IDS) used to help
protect federal executive agency information technology enterprises.
EINSTEIN 2 will incorporate network intrusion detection technology
capable of alerting the United States Computer Emergency Readiness Team
(US-CERT) to the presence of malicious or potentially harmful computer
network activity in federal executive agencies' network traffic. This
network intrusion detection technology uses a set of pre-defined
signatures based upon known malicious network traffic. The signatures
are based upon malicious computer code and are not based upon PII. Nor
is the IDS programmed specifically to collect or locate PII. While the
IDS will collect some PII that is directly related to malicious code
being transmitted to the federal networks, its main focus is to
identify the malicious code and protect federal networks, not to
collect PII.
System: Tactical Information Sharing System Update.
Component: Transportation Security Administration.
Date of approval: June 1, 2008.
The Transportation Security Administration (TSA) operates the
Transportation Information Sharing System (TISS). TISS receives,
assesses, and distributes intelligence information related to
transportation security to Federal Air Marshals and other Federal,
State, and local law enforcement. This PIA is being updated to reflect
more clearly that TISS applies to all transportation modes, not just
aviation modes as might have been assumed because the system involves
Federal Air Marshals.
System: Security Threat Assessment for Airport Badge and Credential
Holders.
Component: Transportation Security Administration.
Date of approval: June 2, 2008.
TSA is updating the PIA for the Security Threat Assessment (STA)
for Airport Badge and Credential Holders to reflect an expansion of the
covered population to include certain holders of airport approved
badges, and to reflect the use of US-VISIT's Automated Biometrics
Identification System (IDENT) database as part of the STA process,
including enrollment of fingerprints in that database for recurring
checks. This PIA is an updated and amended version of the PIA
originally published by TSA on June 15, 2004, and subsequently amended
on August 19, 2005 and on December 20, 2006. The requirements addressed
in the previous PIAs are still in effect, including the requirement to
conduct name-based STAs on all individuals seeking or holding airport
identification badges or credentials and the requirement to conduct
fingerprint-based criminal history record checks along with name-based
checks on individuals seeking access to the Security Identification
Display Area (SIDA) or Sterile Area of an airport.
System: Electronic System for Travel Authorization.
Component: Customs and Border Protection.
Date of approval: June 3, 2008.
CBP issued an Interim Final Rule to create regulations governing
the submission of Electronic System for Travel Authorization (ESTA)
data, a new system of records notice, and an associated PIA. The ESTA
regulations will govern the collection and use of PII in determining
the eligibility to travel of persons seeking to enter the United States
under the Visa Waiver Program (VWP) by air or sea. The regulations will
require nationals of VWP countries seeking to enter the United States
by air or sea carriers to submit PII to an electronic system, ESTA,
prior to travel. ESTA will run the applicant's information against
various databases to determine whether there is a law enforcement or
security reason to deem that a prospective traveler is ineligible to
travel to the United States under the VWP. The ESTA system will serve
to modernize and strengthen the security of the VWP as mandated by the
``Implementing Recommendations of the 9/11 Commission Act of 2007'' (9/
11 Act), by providing automated vetting of travelers from VWP
countries.
System: Critical Infrastructure Change Detection (CICD).
Component: Science and Technology.
Date of approval: June 19, 2008.
The Critical Infrastructure Change Detection (CICD) program is a
DHS S&T research program that is examining novel technical approaches
to provide wide area surveillance and change detection capabilities to
protect the Nation's critical infrastructure. S&T
[[Page 64978]]
proposes to test a high resolution, 360 degree field-of-view video
system that will accommodate multiple simultaneous users and also have
change detection and tracking capabilities. A PIA is being conducted
because the system demonstration will be performed in a public area of
New York City and will involve capturing images of persons and textual
information in the public space.
System: Department of Homeland Security General Contact List.
Component: DHS Wide.
Date of approval: June 30, 2008.
Many Department of Homeland Security operations and projects
collect a minimal amount of contact information in order to distribute
information and perform various other administrative tasks. Department
Headquarters conducted this privacy impact assessment because contact
lists contain PII. The Department added the following systems to this
PIA:
Science and Technology Cyber Security Research and
Development Center Web Site,
U.S. Coast Guard Proceedings magazine online subscription
request form,
Federal Emergency Management Agency National Fire Academy
Long-Term Evaluation,
Federal Emergency Management Agency Port Security Grant
Program,
National Protection and Programs Directorate
Telecommunications Service Priority (TSP) Web.
Dated: October 21, 2008.
Hugo Teufel III,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E8-25962 Filed 10-30-08; 8:45 am]
BILLING CODE 4410-10-P
|