[Federal Register Volume 73, Number 136 (Tuesday, July 15, 2008)]
[Notices]
[Pages 40591-40592]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-16045]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary


Published Privacy Impact Assessments on the Web

AGENCY: Privacy Office, DHS.

ACTION: Notice of Publication of Privacy Impact Assessments.

-----------------------------------------------------------------------

SUMMARY: The Privacy Office of the Department of Homeland Security 
(DHS) is making available ten (10) Privacy Impact Assessments on 
various programs and systems in the Department. These assessments were 
approved and published on the Privacy Office's Web site between October 
1, 2007, and December 31, 2007.

DATES: The Privacy Impact Assessments will be available on the DHS Web 
site until September 15, 2008, after which they may be obtained by 
contacting the DHS Privacy Office (contact information below).

FOR FURTHER INFORMATION CONTACT: Hugo Teufel III, Chief Privacy 
Officer, Department of Homeland Security, Mail Stop 0550, Washington, 
DC 20528, or e-mail: [email protected].

SUPPLEMENTARY INFORMATION: Between October 1 and December 31, 2007, the 
Chief Privacy Officer of the Department of Homeland Security (DHS) 
approved and published ten (10) Privacy Impact Assessments (PIAs) on 
the DHS Privacy Office Web site, http://www.dhs.gov/privacy, under the 
link for ``Privacy Impact Assessments.'' These PIAs cover ten (10) 
separate DHS programs. Below is a short summary of those programs, 
indicating the DHS component responsible for the system, and the date 
on which the PIA was approved. Additional information can be found on 
the Web site or by contacting the Privacy Office.
    System: Transportation Worker Identification Credential Program 
Final Rule.
    Component: Transportation Security Administration.
    Date of approval: October 5, 2007.
    The Transportation Security Administration (TSA) published a joint 
Final Rule with the United States Coast Guard to implement a 
Transportation Worker Identification Credential (TWIC) program to 
provide a biometric credential that can be used to confirm the identity 
of workers in the national transportation system, and conducted a PIA 
associated with that Final Rule. TSA is amending the PIA to reflect the 
development of TWIC contactless card capability in sections 1.4, 1.6, 
9.2 and 9.3, and the approval of the records schedule by NARA in 
section 3. This PIA replaces the one published December 29, 2006.
    System: Universal Commercial Driver's License (CDL) Security Threat 
Assessment.
    Component: Transportation Security Administration.
    Date of approval: October 12, 2007.
    TSA conducts security threat assessments on Commercial Driver's 
License (CDL) holders. CDL holders are licensed to operate large 
commercial motor vehicles that potentially pose threats to 
transportation security. Congress directed TSA to perform threat 
assessments on certain CDL holders in the SAFE PORT Act Pub. L. No. 
109-347, 120 Stat. 1884 (2006). Since the potential threat extends 
beyond ports, TSA will perform security threat assessments on all CDL 
holders pursuant to its authority under 49 U.S.C. 14(f) which gives TSA 
broad authority ``to assess threats to transportation'' including 
vetting persons who could pose a threat to transportation.
    System: Visitor Management System.
    Component: Transportation Security Administration.
    Date of approval: October 19, 2007.
    The PIA previously published on July 14, 2006, has been amended to 
reflect the collection of a photograph to be placed on the temporary 
badge. The photograph will be stored in the system only for so long as 
is required to create the badge, then is deleted to create the next 
badge. This PIA replaces the previously published PIA.
    System: Airmen Certificate Vetting Program.
    Component: Transportation Security Administration.
    Date of approval: October 22, 2007.
    TSA implemented a process to conduct security threat assessments on 
all Federal Aviation Administration (FAA) Airmen Certificate applicants 
and holders to ensure that the individual does not pose or is not 
suspected of posing a threat to transportation or national security. 
FAA Airmen Certificate holders include pilots, air crews, and others 
required to hold a certificate pursuant to FAA regulations. Because 
this program entails a new collection of information by TSA about 
members of the public in an identifiable form, the E-Government Act of 
2002 and the Homeland Security Act of 2002 require that the TSA issue a 
PIA. The data collected and maintained for this program and the details 
and uses of this information are outlined in this PIA.
    System: DHS/UKvisas Project.
    Component: U.S. Citizenship and Immigration Services.
    Date of approval: November 14, 2007.
    Recently the United Kingdom (UK) enacted legislation requiring the 
submission of biometric data by almost all individuals filing 
applications for UK visas. Officials from the UK and DHS have agreed 
that individuals who are physically located in the United States (US) 
may provide the requisite biometrics and limited biographical 
information at U.S. Citizenship and Immigration Services (USCIS) 
Application Support Centers (ASCs) for forward transfer to the UK in 
support of the adjudication of applications for visas. USCIS will 
temporarily retain the submitted biometric and biographical records 
until the UK provides confirmation that the transfer of data was 
successful. USCIS will delete the biometric and biographical records 
immediately after it receives that confirmation.

[[Page 40592]]

    System: Conversion to 10-Fingerprint Collection for the United 
States Visitor and Immigrant Status Indicator Technology Program.
    Component: US-VISIT.
    Date of approval: November 15, 2007.
    US-VISIT is an office and program within the National Protection 
and Programs Directorate of DHS. The office manages DHS' IDENT system 
and provides biometrics-based identity management services to agencies 
throughout immigration and border management, law enforcement, and 
intelligence communities. The Program provides an integrated, 
automated, biometric entry and exit system that records the arrival and 
departure of foreign nationals. US-VISIT published this PIA to update 
and describe the US-VISIT Program's change from collecting two (2) 
fingerprints to collecting up to ten (10) fingerprints (using inkless 
optical reading devices) from foreign nationals upon entering or 
exiting the United States.
    System: National Infrastructure Coordinating Center INSight 
Application.
    Component: National Protection and Programs Directorate.
    Date of approval: November 23, 2007.
    The National Infrastructure Coordinating Center (hereafter refer to 
as the NICC), part of the National Operations Center (NOC) in the 
Operations Directorate, operates the INSight Information Management 
System (INSight), designed to support the identification of potentially 
significant changes in the operational status of the nation's Critical 
Infrastructures and Key Resources so that trained analysts can provide 
timely coordination with the NOC, respective Information Sharing and 
Analysis Centers, and other involved agencies in the public sector and 
federal sectors. INSight may collect personally identifiable 
information (PII) associated with infrastructure information; 
accordingly NICC has conducted this PIA.
    System: Boarding Pass Scanning System.
    Component: Transportation Security Administration.
    Date of approval: November 29, 2007.
    The Boarding Pass Scanning System (BPSS) is a process and 
technology that validates the authenticity of the boarding pass at the 
TSA security checkpoint using 2-dimensional (2D) bar code readers and 
encryption techniques. The BPSS will display machine readable data from 
the boarding pass for confirmation against the human readable portions 
of the boarding pass to verify that the boarding pass is legitimate and 
has not been tampered with. Once confirmed, the displayed data will be 
deleted from the BPSS.
    System: Enterprise Correspondence Tracking System (ECT).
    Component: Department Wide.
    Date of approval: December 3, 2007.
    The Executive Secretariat of DHS operates the Enterprise 
Correspondence Tracking (ECT) system. The ECT is a correspondence 
workflow management system that assists DHS in responding to inquiries 
from the public, other government agencies, and the private sector. 
Tens of thousands of pieces of correspondence ranging from official 
rulings, policy statements, testimony, or even thank you letters are 
processed annually by DHS. The Executive Secretariat conducted this 
privacy impact assessment because the ECT collects and uses PII.
    System: DHSAccessGate System.
    Component: Management.
    Date of approval: December 3, 2007.
    DHS added a new layer of security to its vendor employee access 
control procedures at certain facilities by offering a new and 
voluntary vendor program called the DHSAccessGate Program. Part of this 
program will involve the collection of PII from individuals who are not 
DHS employees or contractors. The DHS Office of Security has conducted 
this privacy impact assessment because of the collection of new PII.

Hugo Teufel III,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E8-16045 Filed 7-14-08; 8:45 am]
BILLING CODE 4410-10-P