[Federal Register Volume 74, Number 188 (Wednesday, September 30, 2009)]
[Proposed Rules]
[Pages 50148-50150]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-23523]


 ========================================================================
 Proposed Rules
                                                 Federal Register
 ________________________________________________________________________
 
 This section of the FEDERAL REGISTER contains notices to the public of 
 the proposed issuance of rules and regulations. The purpose of these 
 notices is to give interested persons an opportunity to participate in 
 the rule making prior to the adoption of the final rules.
 
 ========================================================================
 

  Federal Register / Vol. 74, No. 188 / Wednesday, September 30, 2009 / 
Proposed Rules  

[[Page 50148]]



DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

6 CFR Part 5

[Docket No. DHS-2009-0105]


Privacy Act of 1974: Implementation of Exemptions; U.S. 
Immigration and Customs Enforcement-012 Visa Security Program Records 
(VSPR)

AGENCY: Privacy Office, DHS.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: The Department of Homeland Security (DHS), U.S. Immigration 
and Customs Enforcement, is giving concurrent notice of a new system of 
records pursuant to the Privacy Act of 1974 for the U.S. Immigration 
and Customs Enforcement Visa Security Program Records (VSPR) and this 
proposed rulemaking. In this proposed rulemaking, the Department 
proposes to exempt portions of the system of records from one or more 
provisions of the Privacy Act because of criminal, civil, and 
administrative enforcement requirements.

DATES: Comments must be received on or before October 30, 2009.

ADDRESSES: You may submit comments, identified by DHS-2009-0105 by one 
of the following methods:
     Federal e-Rulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Fax: 703-483-2999.
     Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy 
Office, U.S. Department of Homeland Security, Washington, DC 20528.
     Instructions: All submissions received must include the 
agency name and docket number for this rulemaking. All comments 
received will be posted without change to http://www.regulations.gov, 
including any personal information provided.
     Docket: For access to the docket to read background 
documents or comments received go to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Lyn Rahilly, (202-732-3300), Privacy 
Officer, U.S. Immigration and Customs Enforcement, 500 12th Street, 
SW., Washington, DC 20536; or Mary Ellen Callahan, (703-235-0780), 
Chief Privacy Officer, Privacy Office, U.S. Department of Homeland 
Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

    The Visa Security Program Records (VSPR) system of records is owned 
and maintained by the ICE Office of International Affairs (OIA). It 
consists of paper and electronic records created in support of the Visa 
Security Program, the purpose of which is to identify persons who may 
be ineligible for a U.S. visa because of criminal history, terrorism 
association, or other factors and convey that information to the State 
Department, which decides whether to issue the visa. VSPR contains 
records on visa applicants for whom a visa security review is 
conducted. The Visa Security Program Tracking System (VSPTS-Net) is a 
new OIA application scheduled to deploy in September 2009 that supports 
the management of ICE's Visa Security Program. ICE Special Agents use 
VSPTS-Net to record, track, and manage all visa security reviews 
performed by ICE. The VSPR system of records describes records 
maintained in VSPTS-Net and associated paper records.
    In support of Section 428 of the Homeland Security Act of 2002, ICE 
deploys agents to U.S. embassies and consulates (``consular posts'') in 
high-risk areas worldwide to conduct security reviews of visa 
applications. ICE agents assigned to the Visa Security Program examine 
visa applications, initiate investigations of applicants who may be 
ineligible for a visa, coordinate with other law enforcement entities, 
and provide advice and training to the State Department staff. Through 
its Visa Security Program, ICE also participates in the Security 
Advisory Opinion (SAO) process, which is a U.S. Government mechanism to 
coordinate third-agency checks on visa applicants about whom the State 
Department has security-related concerns. Upon request from the State 
Department, ICE provides information from DHS record systems about visa 
applicants who are selected to undergo the SAO process. The State 
Department in turn provides the results of SAO checks to consular 
officers to aid in adjudicating visa applications. Like the ICE Special 
Agents located at consular posts abroad, ICE agents and analysts 
supporting SAO operations identify persons who may be ineligible for a 
U.S. visa because of criminal history, terrorism association, or other 
factors and convey that information to the State Department, which 
decides whether to issue the visa.
    VSPTS-Net will be used to support the Visa Security Program 
activities described above by recording, tracking, and managing the 
SAOs and visa security reviews and documenting the results that are 
communicated to the State Department. VSPTS-Net will provide ICE agents 
with an intranet-based application that manages the workflow associated 
with visa security reviews and will provide the necessary analytical, 
reporting and data storage capabilities. VSPTS-Net will also allow 
users (ICE employees and contractors) to records relevant visa 
application data, derogatory information about applicants, visa 
recommendation data. It also supports the generation of performance 
metrics for the Visa Security program as a whole. Ultimately, the 
system helps the Visa Security Program and the State Department prevent 
known and suspected terrorists, criminals, and other ineligible persons 
from obtaining U.S. visas. A PIA was conducted on VSPTS-Net because it 
is a new system that will maintain PII information. The VSPTS-Net PIA 
is available on the Department of Homeland Security (DHS) Privacy 
Office Web site at http://www.dhs.gov/privacy.
    The DHS/ICE-012 VSPR system of records will collect, use, 
disseminate, and maintain PII on persons who apply for a visa and 
undergo a visa security review. This collection of this information is 
necessary for ICE to conduct visa security reviews and to provide the 
State Department with a visa recommendation and/or information that is 
relevant to the applicant's eligibility for a visa under Federal law.
    Consistent with DHS's information sharing mission, information 
stored in the VSPR system of records may be shared with other DHS 
components, as

[[Page 50149]]

well as appropriate Federal, State, local, Tribal, foreign, or 
international government agencies. This sharing will only take place 
after DHS determines that the receiving component or agency has a need-
to-know the information to carry out national security, law 
enforcement, immigration, intelligence, or other functions consistent 
with the routine uses set forth in the VSPR system of records notice, 
also published in this issue of the Federal Register.

II. Privacy Act

    In this notice of proposed rulemaking, DHS now is proposing to 
exempt DHS/ICE-012 VSPR, in part, from certain provisions of the 
Privacy Act. The Privacy Act embodies fair information principles in a 
statutory framework governing the means by which the United States 
Government collects, maintains, uses, and disseminates personally 
identifiable information. The Privacy Act applies to information that 
is maintained in a ``system of records.'' A ``system of records'' is a 
group of any records under the control of an agency from which 
information is retrieved by the name of the individual or by some 
identifying number, symbol, or other identifying particular assigned to 
the individual. Individuals may request their own records that are 
maintained in a system of records in the possession or under the 
control of DHS by complying with DHS Privacy Act regulations, 6 CFR 
part 5.
    The Privacy Act requires each agency to publish in the Federal 
Register a description of the type and character of each system of 
records that the agency maintains, and the routine uses that are 
contained in each system in order to make agency recordkeeping 
practices transparent, to notify individuals regarding the uses to 
which personally identifiable information is put, and to assist 
individuals in finding such files within the agency. The Privacy Act 
also allows Government agencies to exempt certain records from the 
access and amendment provisions. If an agency claims an exemption, 
however, it must issue a notice of proposed rulemaking to make clear to 
the public the reasons why a particular exemption is claimed.
    DHS is claiming exemptions from certain requirements of the Privacy 
Act for VSPR. Some information in VSPR relates to official DHS national 
security, law enforcement, and intelligence activities. These 
exemptions are needed to protect information relating to DHS activities 
from disclosure to subjects of inquiry or others related to these 
activities. Specifically, the exemptions are required to preclude 
subjects of these activities from frustrating these processes; to avoid 
disclosure of law enforcement sensitive information and investigative 
techniques; to protect the identities and physical safety of 
confidential informants and of border management and law enforcement 
personnel; to ensure DHS's ability to obtain information from third 
parties and other sources; to protect the privacy of third parties; and 
to safeguard classified information. Disclosure of information to the 
subject of the inquiry could also permit the subject to frustrate the 
purpose of the visa review process or to avoid detection or 
apprehension.
    The exemptions proposed here are standard law enforcement and 
national security exemptions exercised by a large number of Federal law 
enforcement and intelligence agencies. In appropriate circumstances, 
where compliance would not appear to interfere with or adversely affect 
the law enforcement purposes of this system and the overall law 
enforcement process, the applicable exemptions may be waived on a case 
by case basis.
    A notice of system of records for the Department's VSPR system is 
also published in this issue of the Federal Register.

List of Subjects in 6 CFR Part 5

    Freedom of information; Privacy.

    For the reasons stated in the preamble, DHS amends Chapter I of 
Title 6, Code of Federal Regulations, as follows:

PART 5--DISCLOSURE OF RECORDS AND INFORMATION

    1. The authority citation for Part 5 continues to read as follows:

    Authority: Pub. L. 107-296, 116 Stat. 2135, 6 U.S.C. 101 et 
seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.

    2. At the end of Appendix C to Part 5, add the following new 
paragraph ``41'' to read as follows:

Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy 
Act

* * * * *
    41. The Visa Security Program Records (VSPR) system of records 
consists of electronic and paper records and will be used by the 
Department of Homeland Security (DHS) U.S. Immigration and Customs 
(ICE). VSPR consists of information created in support of the Visa 
Security Program, the purpose of which is to identify persons who may 
be ineligible for a U.S. visa because of criminal history, terrorism 
association, or other factors and convey that information to the State 
Department, which decides whether to issue the visa. VSPR contains 
records on visa applicants for whom a visa security review is 
conducted. VSPR contains information that is collected by, on behalf 
of, in support of, or in cooperation with DHS and its components and 
may contain personally identifiable information collected by other 
Federal, State, local, Tribal, foreign, or international government 
agencies. Pursuant to exemption 5 U.S.C. 552a(j)(2) of the Privacy Act, 
portions of this system are exempt from 5 U.S.C. 552a(c)(3) and (4); 
(d); (e)(1), (e)(2), (e)(3), (e)(4)(G), and (e)(4)(H), (e)(5) and 
(e)(8); (f); and (g). Pursuant to 5 U.S.C. 552a(k)(1) and (k)(2), this 
system is exempt from the following provisions of the Privacy Act, 
subject to the limitations set forth in those subsections: 5 U.S.C. 
552a(c)(3), (d), (e)(1), (e)(4)(G), (e)(4)(H), and (f). Exemptions from 
these particular subsections are justified, on a case-by-case basis to 
be determined at the time a request is made, for the following reasons:
    (a) From subsection (c)(3) and (4) (Accounting for Disclosures) 
because release of the accounting of disclosures could alert the 
individual to the existence of an investigation in the form of a visa 
security review predicated on classified, national security, law 
enforcement, foreign government, or other sensitive information. 
Disclosure of the accounting would therefore present a serious 
impediment to ICE's Visa Security Program, immigration enforcement 
efforts and/or efforts to preserve national security. Disclosure of the 
accounting would also permit the individual who is the subject of a 
record to impede the investigation, thereby undermining the entire 
investigative process.
    (b) From subsection (d) (Access to Records) because access to the 
records contained in this system of records could alert the individual 
to the existence of an investigation in the form of a visa security 
review predicated on classified, national security, law enforcement, 
foreign government, or other sensitive information. Revealing the 
existence of an otherwise confidential investigation could also provide 
the visa applicant an opportunity to conceal adverse information or 
take other actions that could thwart investigative efforts; and reveal 
the identity of other individuals with information pertinent to the 
visa security review thereby providing an opportunity for the applicant 
to interfere with the collection of adverse or other relevant 
information from such individuals. Access to the records would 
therefore present a serious impediment to the enforcement of

[[Page 50150]]

Federal immigration laws, law enforcement efforts and/or efforts to 
preserve national security. Amendment of the records could interfere 
with ICE's ongoing investigations and law enforcement activities and 
would impose an impossible administrative burden by requiring 
investigations to be continuously reinvestigated. In addition, 
permitting access and amendment to such information could disclose 
classified and other security-sensitive information that could be 
detrimental to national or homeland security.
    (c) From subsection (e)(1) (Relevancy and Necessity of Information) 
because in the course of investigations of visa applications, the 
accuracy of information obtained or introduced occasionally may be 
unclear or the information may not be strictly relevant or necessary to 
a specific investigation. In the interests of effective enforcement of 
Federal immigration laws, it is appropriate to retain all information 
that may be relevant to the determination whether an individual is 
eligible for a U.S. visa.
    (d) From subsection (e)(2) (Collection of Information from 
Individuals) because requiring that information be collected from the 
visa applicant would alert the subject to the fact of an investigation 
in the form of a visa security review, and to the existence of adverse 
information about the individual, thereby interfering with the related 
investigation and law enforcement activities.
    (e) From subsection (e)(3) (Notice to Subjects) because providing 
such detailed information would impede immigration enforcement 
activities in that it could compromise investigations by: Revealing the 
existence of an otherwise confidential investigation and thereby 
provide an opportunity for the visa applicant to conceal adverse 
information, or take other actions that could thwart investigative 
efforts; reveal the identity of other individuals with information 
pertinent to the visa security review thereby providing an opportunity 
for the applicant to interfere with the collection of adverse or other 
relevant information from such individuals; or reveal the identity of 
confidential informants, which would negatively affect the informant's 
usefulness in any ongoing or future investigations and discourage 
members of the public from cooperating as confidential informants in 
any future investigations.
    (f) From subsections (e)(4)(G) and (H) (Agency Requirements), and 
(f) (Agency Rules) because portions of this system are exempt from the 
individual access provisions of subsection (d) for the reasons noted 
above, and therefore DHS is not required to establish requirements, 
rules, or procedures with respect to such access. Providing notice to 
individuals with respect to existence of records pertaining to them in 
the system of records or otherwise setting up procedures pursuant to 
which individuals may access and view records pertaining to themselves 
in the system would undermine investigative and immigration enforcement 
efforts as described above.
    (g) From subsection (e)(5) (Collection of Information) because in 
the collection of information for law enforcement purposes it is 
impossible to determine in advance what information is accurate, 
relevant, timely, and complete. Compliance with (e)(5) would preclude 
DHS agents from using their investigative training and exercise of good 
judgment to both conduct and report on investigations.
    (h) From subsection (e)(8) because to require individual notice of 
disclosure of information due to compulsory legal process would pose an 
impossible administrative burden on DHS and other agencies and could 
alert the subjects of counterterrorism, law enforcement, or 
intelligence investigations to the fact of those investigations when 
not previously known.
    (i) From subsection (g) to the extent that the system is exempt 
from other specific subsections of the Privacy Act relating to 
individuals' rights to access and amend their records contained in the 
system. Therefore DHS is not required to establish rules or procedures 
pursuant to which individuals may seek a civil remedy for the agency's: 
Refusal to amend a record; refusal to comply with a request for access 
to records; failure to maintain accurate, relevant timely and complete 
records; or failure to otherwise comply with an individual's right to 
access or amend records.

    Dated: September 23, 2009.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E9-23523 Filed 9-29-09; 8:45 am]
BILLING CODE 9111-28-P