[Federal Register Volume 73, Number 95 (Thursday, May 15, 2008)]
[Notices]
[Pages 28143-28147]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-10896]
[[Page 28143]]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
[Docket No. DHS-2007-0074]
Privacy Act of 1974; System of Records
AGENCY: Privacy Office; DHS.
ACTION: Notice of Privacy Act system of records.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the Privacy Act of 1974, the Department of
Homeland Security, United States Coast Guard is updating and re-issuing
a legacy system of records, Department of Transportation DOT/CG 642
System of Records Notice known as Joint Maritime Information Element,
JMIE, Support System, JSS. This system of records will be replaced by
DHS/USCG-061 Maritime Awareness Global Network (MAGNET).
DATES: Written comments must be submitted on or before June 16, 2008.
ADDRESSES: You may submit comments, identified by DOCKET NUMBER DHS-
2007-0074 by one of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments. All comments received
will be posted without change to http://www.regulations.gov, including
any personal information provided.
Fax: 1-866-466-5370.
Mail: Hugo Teufel III, Chief Privacy Officer, Privacy
Office, Department of Homeland Security, Washington, DC 20528.
FOR FURTHER INFORMATION CONTACT: For system related questions please
contact: Mr. Frank Sisto, Program Officer, ISR Data Analysis &
Manipulation Division (CG-262), Phone 202-372-2795 or by mail
correspondence U.S. Coast Guard 2100 Second Street, SW., Washington, DC
20593-0001. For privacy issues, please contact: Hugo Teufel III, Chief
Privacy Officer, Privacy Office, Department of Homeland Security,
Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
I. Background Information
In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the
Department of Homeland Security (DHS) is replacing a legacy system of
records, Department of Transportation DOT/CG 642 System of Records
Notice known as Joint Maritime Information Element, JMIE, Support
System, JSS (67 FR 19475). DHS/USCG-001 Maritime Awareness Global
Network (MAGNET) will replace the JMIS/JSS System of Records. Coast
Guard Intelligence Directorate, Office of ISR (CG-26) will serve as
MAGNET's executive agent.
The JMIE JSS provided storage and access of maritime information
with some basic search capabilities such as vessel searches by name,
hull identification and registration number and person's searches by
passport or merchant mariner license number. MAGNET will enhance JMIE/
JSS capabilities by adding additional data sources, media storage,
access capabilities, and infrastructure to provide rapid, near real-
time data to the Coast Guard and other authorized organizations that
need it. DHS, Coast Guard, and MAGNET users will have the ability to
share, correlate, and provide classified/unclassified data across
agency lines to provide Maritime Domain Awareness critical to homeland
and national security.
Taken together the information in MAGNET establishes Maritime
Domain Awareness. Maritime Domain Awareness is the collection of as
much information as possible about the maritime world. In other words,
MAGNET establishes a full awareness of the entities (people, places,
things) and their activities within the maritime industry. MAGNET
collects the information described above and connects the information
in order to fulfill this need.
Coast Guard Intelligence (through MAGNET) will provide awareness to
the field as well as to strategic planners by aggregating data from
existing sources internal and external to the Coast Guard or DHS.
MAGNET will correlate and provide the medium to display information
such as ship registry, current ship position, crew background,
passenger lists, port history, cargo, known criminal vessels, and
suspect lists. Coast Guard Intelligence (CG-2) will serve as MAGNET's
executive agent and will share appropriate aggregated data to other law
enforcement and intelligence agencies.
MAGNET could relate to an individual in a few ways. As one example,
MAGNET may collect information on individuals associated with ports,
port facilities, and maritime vessels. Individuals may be passengers,
crew, owners, operators, or any other employee in support of maritime
business or other activities. The primary collection vehicle for people
information is through the Ships Arrival Notification System (SANS).
Certain vessels, as defined in 33 CFR part 160, are required to report
arrivals to U.S. ports and included is crew and passenger information.
The SANS information is replicated into MAGNET. MAGNET will also
contain information about passenger ships that are required to report
arrivals via SANS.
The MAGNET system receives data from several systems within DHS and
outside of DHS through electronic transfers of information. These
systems include Ships Arrival and Notification System (SANS), National
Automated Identification System (NAIS), Maritime Information for Safety
and Law Enforcement and the Coast Guard and U.S. Navy Common
Operational Pictures. These electronic transfers include the use of an
Internet Protocol called Secure File Transfer Protocol (SFTP), delivery
of data on CD-ROM or DVD-ROM, system-to-system communications via
specially written Internet Protocol socket-based data streaming,
database-to-database replication of data, electronic transfer of
database transactional backup files, and delivery of formatted data via
electronic mail.
MAGNET will provide output to the Common Operating Picture (COP) as
viewed using the Global Command and Control System, Integrated Imagery
and Intelligence (GCCS-I3) platform. The COP is an integrated, or
``common'', view of the vessels operating in water that is important to
the United States government, including geographic positions of the
vessels, as well as, characteristics of the vessel. The COP is
integrated (or ``shared'') amongst users of the GCCS-I3, which is
commonly used within the U.S. Coast Guard and the Department of Defense
to monitor areas of operation. The output destined for the COP may be
submitted to the Common Intelligence Picture (CIP) for review prior to
the data being transferred to the COP. In addition, users will be able
to run queries about specific vessels or tracks from a GCCS-I3
workstation and retrieve additional information from the MAGNET
database. MAGNET will be able to accept input from the GCCS-I3
environment and process this data into the MAGNET database. This will
allow MAGNET to accumulate position reports from the COP.
Types of information sharing that may result from the routine uses
outlined in this notice include: (1) Disclosure to individuals who are
working as a contractor or with a similar relationship working on
behalf of DHS; (2) sharing with Congressional offices asking on behalf
of an individual; (3) sharing when there appears to be a specific
violation or potential violation of law, or identified threat or
potential threat to national or international security, such as
criminal or terrorist
[[Page 28144]]
activities, based on individual records in this system; (4) sharing
with the National Archives and Records Administration (NARA) for proper
handling of government records; (5) sharing when relevant to litigation
associated with the Federal government; (6) sharing to protect the
individual who is the subject of the record from the harm of identity
theft in the case of a data breach affecting this system; and (7)
sharing with U.S. or foreign intelligence personnel in the development
or execution of intelligence activities or exercises.
Elsewhere in today's Federal Register, DHS has published a notice
of proposed rulemaking (NPRM) to exempt this system of records from one
or more provisions of the Privacy Act because of criminal, civil, and
administrative enforcement requirements pursuant to 5 U.S.C.
552a(j)(2), (k)(1), and (k)(2).
II. Privacy Act
The Privacy Act embodies fair information principles in a statutory
framework governing the means by which the United States Government
collects, maintains, uses, and disseminates individuals' records. The
Privacy Act applies to information that is maintained in a ``system of
records.'' A ``system of records'' is a group of any records under the
control of an agency from which information is retrieved by the name of
the individual or by some identifying number, symbol, or other
identifying particular assigned to the individual. In the Privacy Act,
an individual is defined to encompass United States citizens and legal
permanent residents. MAGNET involves the collection and creation of
information that is maintained in a system of records.
The Privacy Act requires each agency to publish in the Federal
Register a description denoting the type and character of each system
of records that the agency maintains, and the routine uses that are
contained in each system in order to make agency recordkeeping
practices transparent, to notify individuals regarding the uses to
which personally identifiable information is put, and to assist the
individual to more easily find such files within the agency. DHS is
hereby publishing a description of the system of records referred to as
the Maritime Awareness Global Network (MAGNET).
In accordance with 5 U.S.C. 552a(r), a report concerning this
record system has been sent to the Office of Management and Budget and
to the Congress.
DHS/USCG-061
SYSTEM NAME:
Maritime Awareness Global Network (MAGNET).
SYSTEM LOCATION:
The computer database is located at U.S. Coast Guard Intelligence
Coordination Center, Department of Homeland Security, National Maritime
Intelligence Center, Washington, DC 20395. A redundant capability for
continuity of operation in the event of a primary system failure is
located at the Coast Guard Operations System Center, Martinsburg, West
Virginia.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
1. Individuals, who are U.S. citizens, lawful permanent residents,
and non-citizens, associated with vessels, facilities, companies,
organizations, and ports involved in the maritime sector.
2. Individuals identified through observation by and interaction
with Coast Guard personnel during Coast Guard operations that include
but not limited to boarding of vessels, conducting aircraft over-
flights, and through Field Intelligence Support team (FIST) sightings
and reports.
3. Individuals identified during Coast Guard enforcement actions as
violating, suspected of violating, or witnessing the violations of
United States (U.S.) laws, international laws, or treaties.
4. Individuals associated with vessels or other individuals that
are known, suspected, or alleged to be involved in contraband
trafficking, illegal migrant activity (smuggling, trafficking, and
otherwise), or terrorist activity.
CATEGORIES OF RECORDS IN THE SYSTEM:
1. Information related to: Individuals associated with vessels,
companies, organizations, and ports involved in the maritime sector and
this information may include: Name, nationality, address, telephone
number, and taxpayer or other identification number; date of birth,
relationship to vessels and facilities; the individuals' relationship
to other individuals, companies, government agencies, and organizations
in MAGNET; individuals involved with pollution incidents, and
violations of laws and international treaties; and casualties.
2. Information on individuals who are associated with vessels
involved in contraband trafficking, illegal migrant activity
(smuggling, trafficking, and otherwise), or any other unlawful act
within the maritime sector, and with other individuals who are known,
suspected, or alleged to be involved in contraband trafficking, illegal
migrant activity (smuggling, trafficking, and otherwise), terrorist
activities, or any other unlawful act within the maritime sector.
3. Information on individuals, companies, vessels, or entities
associated with the maritime industry to include: vessel owners, vessel
operators, vessel characteristics, crewmen, passengers, facility
owners, facility managers, facility employees or any other individuals
affiliated with the maritime community. In addition to information on
individuals, commodities handled, equipment, location, certificates,
approvals, inspection data, pollution incidents, casualties, and
violations of all laws and international treaties may also be included.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Federal Records Act of 1950, Title 44 U.S.C. 3101; Title 36, Code
of Federal Regulations, chapter XII; The Maritime Transportation
Security Act of 2002, Pub L. 107-295 The Homeland Security Act of 2002,
Pub L. 107-296; 5 U.S.C. 301; 14 U.S.C. 632; 46 U.S.C. 3717; 46 U.S.C.
12501; 33 U.S.C. 1223.
Purpose(s):
MAGNET will assist DHS and the United States Coast Guard in
performing its mission of protecting the United States against
potential terrorist threats and respond to natural and man-made
disaster by providing Maritime Domain Awareness. MAGNET has been
established to enable the United States Coast Guard and various United
States Government agencies or military services/commands from the Law
Enforcement and Intelligence Communities to share multi-source maritime
information that will assist them in the performance of their missions.
Most recently these missions have been expanded and are enumerated
through National Security Presidential Directive NSPD 41 and Homeland
Security Presidential Directive HSPD-13 and other federal instruction.
MAGNET will provide MDA to the field as well as to USCG strategic
planners by aggregating data from existing sources internal and
external to the Coast Guard or DHS. MAGNET will organize and provide
the mechanism to display information such as ship registry, current
ship position, crew background, passenger lists, port history, cargo,
known criminal vessels, and suspect lists as such information is
collected from various sources.
[[Page 28145]]
Routine uses of records maintained in the system, including categories
of users and the purposes of such uses:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed outside DHS as a
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
MAGNET Records may be disclosed to the following:
A. To U.S. Department of Defense and related entities including,
but not limited to, the Military Sealift Command and the U.S. Navy, to
provide safety and security information on vessels chartered or
operated by those agencies.
B. To a Federal State, or local agency, or other appropriate
entities or individuals, or through established liaison channels to
selected foreign governments, in order to provide intelligence,
counterintelligence, or other information for the purposes of
intelligence, counterintelligence, or antiterrorism activities
authorized by U.S. law, Executive Order, or other applicable national
security directive.
C. To the National Transportation Safety Board and its related
State counterparts for safety investigation and transportation safety.
D. To the International Maritime Organization (IMO) or
intergovernmental organizations, nongovernmental organizations, or
foreign governments in order to conduct joint investigations,
operations, and inspections.
E. To Federal, State, or local agencies with which the Coast Guard
has a Memorandum of Understanding (MOU), Memorandum of Agreement (MOA),
or Inspection and Certification Agreement (ICA) pertaining to marine
safety, maritime security, maritime intelligence, maritime law
enforcement, and marine environmental protection activities.
F. To an organization or individual in either the public or private
sector, either foreign or domestic, where there is a reason to believe
that the recipient is or could become the target of a particular
terrorist activity or conspiracy, to the extent the information is
relevant to the protection of life or property and disclosure is
appropriate to the proper performance of the official duties of the
person making the disclosure.
G. To a Congressional office from the record of an individual in
response to an inquiry from that Congressional office made at the
request of the individual to whom the record pertains.
H. To contractors and their agents, grantees, experts, consultants,
and others performing or working on a contract, service, grant,
cooperative agreement, or other assignment for DHS, when necessary to
accomplish an agency function related to this system of records.
Individuals provided information under this routine use are subject to
the same Privacy Act requirements and limitations on disclosure as are
applicable to DHS officers and employees.
I. To appropriate federal, state, local, tribal, or foreign
governmental agencies or multilateral governmental organizations
responsible for investigating or prosecuting the violations of, or for
enforcing or implementing, a statute, rule, regulation, order, license,
or treaty where DHS determines that the information would assist in the
enforcement of civil or criminal laws.
J. To the Department of Justice or other Federal agency conducting
litigation or in proceedings before any court, adjudicative or
administrative body, when: (a) DHS or any component thereof, or (b) any
employee of DHS in his/her official capacity, or (c) any employee of
DHS in his/her individual capacity where DOJ or DHS has agreed to
represent the employee, or (d) the United States or any agency thereof,
is a party to the litigation or has an interest in such litigation, and
DHS determines that the records are both relevant and necessary to the
litigation and the use of such records is compatible with the purpose
for which DHS collected the records.
K. To a court, magistrate, or administrative tribunal in the course
of presenting evidence, including disclosures to opposing counsel or
witnesses in the course of civil discovery, litigation, or settlement
negotiations or in connection with criminal law proceedings or in
response to a subpoena.
L. To the National Archives and Records Administration or other
Federal government agencies pursuant to records management inspections
being conducted under the authority of 44 U.S.C. 2904 and 2906.
M. To appropriate Federal, state, local, tribal, foreign
governmental agencies, multilateral governmental organizations, and
non-governmental or private organizations for the purpose of protecting
the vital interests of a data subject or other persons, including to
assist such agencies or organizations in preventing exposure to or
transmission of a communicable or quarantinable disease or to combat
other significant public health threats; appropriate notice will be
provided of any identified health threat or risk.
Policies and practices for storing, retrieving, accessing, retaining,
and disposing of records in the system:
Storage:
Records in this system are stored in electronic form in an
automated data processing (ADP) system operated and maintained by the
U.S. Coast Guard. Backups are performed daily. Copies of backups are
stored at an offsite location. Personal, Sensitive but Unclassified
(SBU), Unclassified, and classified data and records reside commingled
with each other. Classified and non-classified information from member
agencies and other sources may be merged into a classified domain
within this data base.
Classified information, downloaded from the host and then extracted
from the personal computer (PC) workstations and recorded on paper or
electronic media, will be stored at user sites in appropriately
classified storage containers or on secured electronic media.
Unclassified information will be stored in accordance with each
user sites' handling procedures. Unclassified information derived from
MAGNET remains U.S. Coast Guard information and is For Official Use
Only. Determinations by any user to further disseminate, in any form,
MAGNET derived information to other entities or agencies, foreign or
domestic, must include prior authorization from the executive agent.
Retrievability:
Records are retrieved by name (individual, company, government
agency or organization), boat registration number, documented vessel
name/number, Social Security Number, drivers license number, foreign ID
number, passport number, VISA number military ID number, USCG license
number, resident alien number, Merchant Mariners License number, or
Merchant Mariner documentation number.
Safeguards:
Information in this system is safeguarded in accordance with
applicable laws, rules and policies, including the DHS Information
Technology Security Program Handbook. All records are protected from
unauthorized access through appropriate administrative, physical, and
technical safeguards. These safeguards include restricting access to
authorized personnel who have a need-to-know, using locks, and password
protection identification features. DHS
[[Page 28146]]
file areas are locked after normal duty hours and the facilities are
protected from the outside by security personnel.
MAGNET falls under the security guidelines of the National Maritime
Intelligence Center and has its own approved System Security Plan which
provides that:
All classified MAGNET equipment, records and storage devices are
located within facilities or stored in containers approved for the
storage of all levels of classified information.
All statutory and regulatory requirements pertinent to classified
and unclassified information have been identified in the MAGNET System
Security Plan and have been implemented, and
Access to records requiring TOP SECRET level is limited strictly to
personnel with TOP SECRET or higher level clearances and who have been
determined to have the appropriate ``need to know.''
Access to records requiring SECRET level is limited strictly to
personnel with SECRET or higher level clearances and who have been
determined to have the appropriate ``need to know''.
Access to records requiring CONFIDENTIAL level is limited strictly
to personnel with CONFIDENTIAL or higher level clearances and who have
been determined to have the appropriate ``need to know''.
Access to any classified records is restricted by login and
password protection. The scope of access to any records via login and
password is further limited based on the official need of each
individual authorized access. The U.S. Coast Guard will take
precautions in accordance with OMB Circular A-130, Appendix III.
The U.S. Coast Guard will operate MAGNET in consonance with Federal
security regulations, policy, procedures, standards and guidance for
implementing the Automated Information Systems Security Program.
Specific operating rules to ensure compliance with national policy are
reflected in each site's Standard Operating Procedures. These rules
include specifications that accesses to records containing information
on U.S. persons are as follows:
Only authorized personnel may access such records.
MAGNET transactions that include Privacy Act and Classified data
require an active pre-screened account, username and password and have
a unique identifier to differentiate them from other MAGNET
transactions. This allows for additional oversight and audit
capabilities to ensure that the data are being handled consistent with
all applicable federal laws and regulations regarding privacy and data
integrity.
Retention and disposal:
Dynamic information on vessel position(s) and movement(s) will be
stored for not more than ten (10) years but may be reduced in detail to
comply with media storage procedures and requirements. Other
information such as characteristics, identification status and
associate records is updated to remain current and is retained for
twenty (20) years. The requirements supporting the collection and
storage of data are reviewed regularly. Records will be kept accessible
online for three (3) years then archived offline within MAGNET to
support ongoing investigations or law enforcement activities.
Audit records, maintained to document access to information
relating to specific individuals, are maintained for five (5) years or
the life of the MAGNET whichever is longer. Access to audit records
will only be granted to authorized personnel.
System manager(s) and address:
Department of Homeland Security United States Coast Guard (MAGNET
Executive Agent), Intelligence Directorate, Office of ISR (CG-26), 2100
2nd Street, SW., Washington, DC 20593-0001.
Notification procedure:
Because this system contains classified and sensitive unclassified
information related to intelligence, counterterrorism, homeland
security, and law enforcement programs, records in this system have
been exempted from notification, access, and amendment to the extent
permitted by subsections (j)(2) and (k)(1) and (2) of the Privacy Act.
Nonetheless, DHS will examine each separate request on a case-by-case
basis, and, after conferring with the appropriate component or agency,
may waive applicable exemptions in appropriate circumstances and where
it would not appear to interfere with or adversely affect the law
enforcement or national security purposes of the systems from which the
information is recompiled or in which it is contained.
To determine whether this system contains records relating to you,
write to the System Manager identified above. Your written request
should include your name and mailing address. You may also provide any
additional information that will assist in determining if there is a
record relating to you if applicable, such as your Merchant Mariner
License or document number, the name and identifying number
(documentation number, state registration number, Social Security
Number, International Maritime Organization (IMO) number, etc.) of any
vessel with which you have been associated and the name and address of
any facility (including platforms, bridges, deep water ports, marinas,
terminals and factories) with which you have been associated. The
request must be signed by the individual, or his/her legal
representative, and must be notarized to certify the identity of the
requesting individual pursuant to 28 U.S.C. 1746 (unsworn declarations
under penalty of perjury). Submit a written request identifying the
record system and the category and types of records sought to the
Executive Agent.
Record access procedures:
Because this system contains classified and sensitive unclassified
information related to intelligence, counterterrorism, homeland
security, and law enforcement programs, records in this system have
been exempted from notification, access, and amendment to the extent
permitted by subsections (j)(2) and (k)(1) and (2) of the Privacy Act.
Nonetheless, DHS will examine each separate request on a case-by-case
basis, and, after conferring with the appropriate component or agency,
may waive applicable exemptions in appropriate circumstances and where
it would not appear to interfere with or adversely affect the law
enforcement or national security purposes of the systems from which the
information is recompiled or in which it is contained.
Write the System Manager at the address given above in accordance
with the ``Notification Procedure''. Provide your full name and a
description of the information you seek, including the time frame
during which the record(s) may have been generated. Individuals
requesting access to their own records must comply with DHS's Privacy
Act regulation on verification of identity (6 CFR 5.21(d)). Further
information may also be found at http://www.dhs.gov/foia.
Contesting record procedures:
Because this system contains classified and sensitive unclassified
information related to intelligence, counterterrorism, homeland
security, and law enforcement programs, records in this system have
been exempted from notification, access, and amendment to the extent
permitted by subsections (j)(2) and (k)(1) and (2) of the Privacy Act.
A request to amend non-exempt records in this system may be made by
writing to the System Manager, identified above, in conformance with 6
CFR Part 5, Subpart B, which provides
[[Page 28147]]
the rules for requesting access to Privacy Act records maintained by
DHS.
Record source categories:
Information contained in MAGNET is gathered from a variety of
sources both internal and external to the Coast Guard. Source
information may come from sensors, inspections, boardings,
investigations, documentation offices, vessel notice of arrival
reports, owners, operators, crew members, agents, passengers,
witnesses, employees, U.S. Coast Guard personnel, law enforcement
notices, commercial sources, as well as other federal, state, local and
international agencies who are related to the maritime sector and/or
national security sector.
Exemptions claimed for the system:
The records and information in this system are exempt from 5 U.S.C.
552a(c)(3) and (4), (d)(1), (d)(2), (d)(3), (d)(4), (e)(1), (e)(2),
(e)(3), (e)(4)(G), (H), and (I), (e)(5), (e)(8), (e)(12), (f), and (g)
of the Privacy Act pursuant to 5 U.S.C. 552a(j)(2), (k)(1), and (k)(2).
A Notice of Proposed Rulemaking for exempting this record system has
been promulgated in accordance with the requirements of 5 U.S.C.
553(b)(1), (2), and (3), (c), and (e) and is being published [in 6 CFR
part 5] concurrently with publication of this Notice Establishing a New
Systems of Records in the Federal Register.
Hugo Teufel, III,
Chief Privacy Officer.
[FR Doc. E8-10896 Filed 5-14-08; 8:45 am]
BILLING CODE 4410-10-P