31 October 2008

[Federal Register: October 31, 2008 (Volume 73, Number 212)]
[Notices]               
[Page 64976-64978]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr31oc08-92]                         

-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

 
Published Privacy Impact Assessments on the Web

AGENCY: Privacy Office, DHS.

ACTION: Notice of Publication of Privacy Impact Assessments.

-----------------------------------------------------------------------

SUMMARY: The Privacy Office of the Department of Homeland Security is 
making available eleven (11) Privacy Impact Assessments on various 
programs and systems in the Department. These assessments were approved 
and published on the Privacy Office's Web site between April 1, 2008 
and June 30, 2008.

DATES: The Privacy Impact Assessments will be available on the DHS Web 
site until December 30, 2008, after which they may be obtained by 
contacting the DHS Privacy Office (contact information below).

FOR FURTHER INFORMATION CONTACT: Hugo Teufel III, Chief Privacy 
Officer, Department of Homeland Security, Mail Stop 0550, Washington, 
DC 20528, or e-mail: pia@dhs.gov.

SUPPLEMENTARY INFORMATION: April 1, 2008 and June 30, 2008, the Chief 
Privacy Officer of the Department of Homeland Security (DHS) approved 
and published eleven (11) Privacy Impact Assessments (PIAs) on the DHS 
Privacy Office Web site, http://www.dhs.gov/privacy, under the link for 
``Privacy Impact Assessments.'' Below is a short summary of each of 
those systems, including the DHS component responsible for the system, 
the name of system, and the date on which the PIA was approved. 
Additional information can be found on the Web site or by contacting 
the Privacy Office.

    System: Law Enforcement Information Data Base/Pathfinder.
    Component: United States Coast Guard.
    Date of approval: March 31, 2008.
    The United States Coast Guard (USCG), a component of the Department 
of Homeland Security, established the Law Enforcement Information Data 
Base (LEIDB)/Pathfinder. LEIDB/Pathfinder archives text messages 
prepared by individuals engaged in Coast Guard law enforcement, 
counterterrorism, maritime security, maritime safety and other Coast 
Guard missions enabling intelligence analysis of field reporting. USCG 
conducted this PIA because the LEIDB/Pathfinder system collects and 
uses personally identifiable information (PII).

    System: Maritime Awareness Global Network.
    Component: United States Coast Guard.
    Date of approval: April 11, 2008.
    USCG developed the Maritime Awareness Global Network (MAGNET) 
system. MAGNET uses information relating to vessels and activities 
within

[[Page 64977]]

the maritime environment to accomplish the USCG's missions in the areas 
of Maritime Safety, Maritime Security, Maritime Mobility, National 
Defense, and Protection of Natural Resources. MAGNET is a new system 
that will replace the existing integrated intelligence sharing system 
known as the Joint Maritime Information Element Support System. This 
PIA was completed because MAGNET will process PII.

    System: United States Visitor and Immigrant Status Indicator 
Technology (US-VISIT) Program In conjunction with the Notice of 
Proposed Rulemaking on the Collection of Alien Biometric Data upon Exit 
from the United States at Air and Sea Ports of Departure.
    Component: United States Visitor and Immigrant Status Indicator 
Technology.
    Date of approval: April 22, 2008.
    The US-VISIT Program has been implemented in phases with each phase 
adding additional capabilities, locations of implementation, or subject 
populations. US-VISIT published this PIA in conjunction with the Notice 
of Proposed Rulemaking on Collection of Alien Biometric Data upon Exit 
from the United States at Air and Sea Ports of Departure. A revised PIA 
will be issued in conjunction with the Final Rule on Collection of 
Alien Biometric Data upon Exit from the United States at Air and Sea 
Ports of Departure.

    System: Group Violent Intent Modeling (GVIM) Program.
    Component: Science and Technology.
    Date of approval: April 25, 2008.
    This PIA describes the research and development objectives of DHS 
Science and Technology (S&T) Directorate's Human Factors Division Group 
Violent Intent Modeling (GVIM) project. The goal of GVIM is to 
determine whether including social and behavioral theories and concepts 
from established research in a software tool that is used to analyze 
group behaviors and motivations will improve the ability of analysts to 
identify indicators that could predict group violence. The project will 
develop a social and behaviorally based framework of theories and 
concepts that includes modeling and simulation tools to improve the 
efficiency and accuracy of intelligence analysts examining the 
likelihood of a group choosing violence to achieve its goals. This PIA 
is necessary because PII will be collected as part of the research and 
development effort.

    System: Web Time and Attendance System.
    Component: Department Wide.
    Date of approval: May 1, 2008.
    The DHS Office of the Chief Human Capital Officer procured a 
commercial off the shelf application and customized it to meet DHS 
standard requirements. This system is designed to implement an 
enterprise system that can efficiently automate the timesheet 
collection process and provide robust reporting features and a labor 
distribution capability. This PIA was conducted because WebTA utilizes 
PII.

    System: Einstein 2.
    Component: National Protection and Programs Directorate.
    Date of approval: May 19, 2008.
    This PIA is for an updated version of the EINSTEIN System. EINSTEIN 
is a computer network intrusion detection system (IDS) used to help 
protect federal executive agency information technology enterprises. 
EINSTEIN 2 will incorporate network intrusion detection technology 
capable of alerting the United States Computer Emergency Readiness Team 
(US-CERT) to the presence of malicious or potentially harmful computer 
network activity in federal executive agencies' network traffic. This 
network intrusion detection technology uses a set of pre-defined 
signatures based upon known malicious network traffic. The signatures 
are based upon malicious computer code and are not based upon PII. Nor 
is the IDS programmed specifically to collect or locate PII. While the 
IDS will collect some PII that is directly related to malicious code 
being transmitted to the federal networks, its main focus is to 
identify the malicious code and protect federal networks, not to 
collect PII.

    System: Tactical Information Sharing System Update.
    Component: Transportation Security Administration.
    Date of approval: June 1, 2008.
    The Transportation Security Administration (TSA) operates the 
Transportation Information Sharing System (TISS). TISS receives, 
assesses, and distributes intelligence information related to 
transportation security to Federal Air Marshals and other Federal, 
State, and local law enforcement. This PIA is being updated to reflect 
more clearly that TISS applies to all transportation modes, not just 
aviation modes as might have been assumed because the system involves 
Federal Air Marshals.

    System: Security Threat Assessment for Airport Badge and Credential 
Holders.
    Component: Transportation Security Administration.
    Date of approval: June 2, 2008.
    TSA is updating the PIA for the Security Threat Assessment (STA) 
for Airport Badge and Credential Holders to reflect an expansion of the 
covered population to include certain holders of airport approved 
badges, and to reflect the use of US-VISIT's Automated Biometrics 
Identification System (IDENT) database as part of the STA process, 
including enrollment of fingerprints in that database for recurring 
checks. This PIA is an updated and amended version of the PIA 
originally published by TSA on June 15, 2004, and subsequently amended 
on August 19, 2005 and on December 20, 2006. The requirements addressed 
in the previous PIAs are still in effect, including the requirement to 
conduct name-based STAs on all individuals seeking or holding airport 
identification badges or credentials and the requirement to conduct 
fingerprint-based criminal history record checks along with name-based 
checks on individuals seeking access to the Security Identification 
Display Area (SIDA) or Sterile Area of an airport.

    System: Electronic System for Travel Authorization.
    Component: Customs and Border Protection.
    Date of approval: June 3, 2008.
    CBP issued an Interim Final Rule to create regulations governing 
the submission of Electronic System for Travel Authorization (ESTA) 
data, a new system of records notice, and an associated PIA. The ESTA 
regulations will govern the collection and use of PII in determining 
the eligibility to travel of persons seeking to enter the United States 
under the Visa Waiver Program (VWP) by air or sea. The regulations will 
require nationals of VWP countries seeking to enter the United States 
by air or sea carriers to submit PII to an electronic system, ESTA, 
prior to travel. ESTA will run the applicant's information against 
various databases to determine whether there is a law enforcement or 
security reason to deem that a prospective traveler is ineligible to 
travel to the United States under the VWP. The ESTA system will serve 
to modernize and strengthen the security of the VWP as mandated by the 
``Implementing Recommendations of the 9/11 Commission Act of 2007'' (9/
11 Act), by providing automated vetting of travelers from VWP 
countries.

    System: Critical Infrastructure Change Detection (CICD).
    Component: Science and Technology.
    Date of approval: June 19, 2008.
    The Critical Infrastructure Change Detection (CICD) program is a 
DHS S&T research program that is examining novel technical approaches 
to provide wide area surveillance and change detection capabilities to 
protect the Nation's critical infrastructure. S&T

[[Page 64978]]

proposes to test a high resolution, 360 degree field-of-view video 
system that will accommodate multiple simultaneous users and also have 
change detection and tracking capabilities. A PIA is being conducted 
because the system demonstration will be performed in a public area of 
New York City and will involve capturing images of persons and textual 
information in the public space.

    System: Department of Homeland Security General Contact List.
    Component: DHS Wide.
    Date of approval: June 30, 2008.
    Many Department of Homeland Security operations and projects 
collect a minimal amount of contact information in order to distribute 
information and perform various other administrative tasks. Department 
Headquarters conducted this privacy impact assessment because contact 
lists contain PII. The Department added the following systems to this 
PIA:
     Science and Technology Cyber Security Research and 
Development Center Web Site,
     U.S. Coast Guard Proceedings magazine online subscription 
request form,
     Federal Emergency Management Agency National Fire Academy 
Long-Term Evaluation,
     Federal Emergency Management Agency Port Security Grant 
Program,
     National Protection and Programs Directorate 
Telecommunications Service Priority (TSP) Web.

    Dated: October 21, 2008.
Hugo Teufel III,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E8-25962 Filed 10-30-08; 8:45 am]

BILLING CODE 4410-10-P