Download:
pdf |
pdfPrivacy Impact Assessment Update
for the
United States Visitor and Immigrant Status
Indicator Technology (US-VISIT) Program
in conjunction with the Notice of Proposed Rulemaking on
the Authority to Process Additional Aliens in US-VISIT, July 12,
2006
July 12, 2006
Contact Point
Steve Yonkers, Privacy Officer
US-VISIT
(202) 298-5200
Reviewing Official
Maureen Cooney
Acting Chief Privacy Officer
Department of Homeland Security
(571) 227-3813
Privacy Impact Assessment Update
US-VISIT
July 12, 2006
Page 2
Abstract
This is an update to previous United States Visitor and Immigrant Status Indicator
Technology (US-VISIT) privacy impact assessments (PIAs) in order to describe the expansion of
US-VISIT biometric collection requirements to cover additional classes of aliens in conjunction
with the Notice of Proposed Rulemaking on the Authority to Process Additional Aliens in USVISIT. This population expansion necessitates that US-VISIT receive data, not only directly
from travelers, but also from the United States Citizens and Immigration Service (USCIS) Image
Storage and Retrieval System/Biometric Support System (ISRS/BSS). With this update, and the
accompanying regulation, US-VISIT will have the authority to process all aliens not explicitly
exempted with the exception of those Canadian citizens applying for admission as B-1/B-2
visitors for business or pleasure.
Introduction
The United States Visitor and Immigrant Status Indicator Technology (US-VISIT)
Program is an integrated, automated biometric entry-exit system that records the arrival and
departure of aliens (defined as any person not a citizen or national of the United States (U.S.));
conducts certain terrorist, criminal, and immigration violation checks on aliens; and compares
biometric identifiers to those collected on previous encounters to verify identity. US-VISIT has
published a number of privacy impact assessments (PIAs) which describe how the Program
operates and details any privacy impacts and mitigations. This PIA updates the three primary
US-VISIT PIAs that discuss the population of individuals processed by US-VISIT. 1 It describes
changes to the US-VISIT Program to extend US-VISIT biometric collection requirements to any
alien (subject to specific exemptions as described below), with the exception of those Canadian
citizens applying for admission as B-1/B-2 visitors for business or pleasure. This expansion will
take place as technological and operational resources permit.
Changes to US-VISIT Program
US-VISIT has been implemented incrementally, with each increment expanding the
mission capability, covered location, or covered population. As these increments are
implemented they have been documented by an update to the PIA. This PIA update is required
based on changes to US-VISIT in order to meet the legal mandates to cover all aliens. Before
processing the expanded population, US-VISIT regulations are being modified to provide that
any alien, subject to certain exemptions, can be processed through US-VISIT. To support this
US-VISIT PIA, Increment 1, January 5, 2004; US-VISIT PIA, Increment 2, September 14, 2004; and USVISIT PIA, Exit and 2C Proof of Concept, July 1, 2005. All US-VISIT PIAs are available from the DHS
Privacy Office website, www.dhs.gov/dhspublic/interapp/editorial/editorial_0511.xml
1
Privacy Impact Assessment Update
US-VISIT
July 12, 2006
Page 3
US-VISIT population expansion, US-VISIT is receiving biographic and biometric data on these
additional categories of aliens who have applied for certain benefits from USCIS.
At the present time, the Department of Homeland Security (DHS) is modifying USVISIT regulations to provide that any alien may be processed through US-VISIT (subject to
specific exemptions 2 ), with the exception of those Canadian citizens applying for admission as
B-1/B-2 visitors for business or pleasure. Several large classes of aliens will be affected by this
change including:
•
•
•
•
•
•
U.S. Lawful Permanent Residents (LPRs),
Aliens seeking admission on immigrant visas,
Refugees and asylees,
Certain Canadian citizens who receive a Form I-94 at inspection or who require a
waiver of inadmissibility,
Aliens paroled into the United States, and
Aliens applying for admission under the Guam Visa Waiver Program.
Because of the large number of individuals that would be affected by this expansion,
DHS may not begin to process all of these additional classes of aliens through US-VISIT at once
or using the same processes. Rather, initially only some of these classes of aliens will be
processed through US-VISIT. As operational capacity increases and technologies are further
developed and refined, all non-exempt classes of aliens will be processed through US-VISIT.
This expansion will neither change the types of data collected from the covered population, nor
the use of that data, as described in the previous PIAs.
In order to support this expanded processing of additional classes of aliens for purposes
of document and individual verification as well as to serve as the DHS repository for USCIS
biometric data, US-VISIT is receiving all biometric (fingerprints and photograph) and biographic
data from the USCIS ISRS/BSS. ISRS/BSS is a USCIS system that enables users to query the
repository of biometric, biographic and card issuance information used to produce Permanent
Resident Cards, Employment Authorization Document cards, Border Crossing Cards, Reentry
Permits, and Refugee Travel Documents. The purpose of ISRS/BSS is to verify certain
2
The following categories of aliens are expressly exempt by regulation from US-VISIT biometric
collection requirements:
•
•
•
•
Aliens admitted on an A-1, A-2, C-3, G-1, G-2, G-3, G-4, NATO-1, NATO-3, NATO-4, NATO-5,
or NATO-6 visa,
Children under the age of 14,
Persons over the age of 79, and
Certain officials of the Taipei Economic and Cultural Representative Office and members of their
immediate families seeking admission on E-1 visas.
Privacy Impact Assessment Update
US-VISIT
July 12, 2006
Page 4
controlled DHS documents issued, to assist the DHS with its responsibility to detect and reduce
fraudulent entry into the United States, and to detect and reduce the proliferation of fraudulent
DHS documents. The data in ISRS/BSS includes all information supplied by the USCIS benefit
applicants. Depending on the benefit for which the individual is applying, the information might
include such information as fingerprints, digital photograph, name, address, date of birth, alien
number, status, reason for application, and country of birth.
Data from ISRS/BSS is transmitted to the Automated Biometric Identification System
(IDENT), the biometric repository used by US-VISIT through a direct, secure encrypted
connection created between USCIS ISRS/BSS and IDENT. Existing data in ISRS/BSS has been
loaded into IDENT and the data will be kept current by daily updates from ISRS/BSS to IDENT.
The collection and accuracy of the ISRS/BSS data will continue to be the responsibility of
USCIS. The interconnection between ISRS/BSS and IDENT has been evaluated by the USVISIT security team to ensure that it complies with all security requirements.
Reason for Changes
Although US-VISIT has had the statutory authority to process all aliens, 3 it has requested
the regulatory authority incrementally, with each increment expanding the mission capability,
covered location, or covered population. This PIA update is required based on changes to USVISIT in order to meet the legal mandates to cover all aliens. To support this expansion, in order
to verify individuals who are USCIS benefit applicants US-VISIT will have access to the
ISRS/BSS data. These changes are all required to fulfill the US-VISIT mission of recording the
arrival and departure of aliens, conducting terrorist, criminal, and immigration violation checks
on aliens, and comparing biometric identifiers to those collected on previous encounters to verify
identity.
Privacy Impact Analysis
Data Collection
DHS is not collecting additional types of data from the US-VISIT covered population:
the covered population itself is growing. US-VISIT systems will face new performance and
operational challenges because of the expanded covered population. However, this is a
quantitative rather than qualitative change to an existing privacy risk. DHS mitigates the privacy
risk of this expansion by expanding the biometric matching system capabilities, employing
3
See, for example, The Immigration and Naturalization Service Data Management Improvement Act of 2000, as
amended, Public Law 106-215, § 110 (b), et al; Enhanced Border Security and Visa Entry Reform Act of 2002,
Public Law 107-173, § 302; and The Intelligence Reform and Terrorism Prevention Act of 2004, (IRTPA) Public
Law 108-458, § 7208.
Privacy Impact Assessment Update
US-VISIT
July 12, 2006
Page 5
extensive security measures to protect US-VISIT systems, and through additional system
education and training, policies, and procedures provided to users in handling this data.
The covered population of US-VISIT has generally been characterized as visitors or
travelers, which may not have been previously viewed as including LPRs. This may result in
some initial confusion over the appropriateness of processing LPRs through the US-VISIT
Program.
Nevertheless, the authorizing statutes, which all refer to “aliens” without
differentiation, support the inclusion of LPRs into the US-VISIT Program. In addition, several
pieces of legislation note the vulnerability of travel documents, and the special responsibility
DHS has to ensure that documents DHS or State issues to non-United States citizens are not used
by imposters, and that fraudulent documents are identified. As most LPRs travel internationally
on DHS issued documents, this group is directly impacted by these requirements. To reduce the
potential for misperception, US-VISIT is providing notice through this PIA and the Notice of
Proposed Rulemaking (NPRM). Additional public notice or education may be employed if
necessary based on public comments to the PIA and NPRM.
Data Use
There are no new uses of data based on the changes to US-VISIT necessitating this PIA.
US-VISIT will only use the data from ISRS/BSS consistent with the purposes as defined in the
system of records notice, including document verification, detection and reduction of fraudulent
entry into the United States, and the detection and reduction in the proliferation of fraudulent
documents. However, there is a potential privacy risk because an incorrect decision may be
made based on potentially inaccurate data from the transfer of historical USCIS data into
IDENT. To mitigate such risk, US-VISIT uses a quality assurance process to identify any errors
in properly matching individuals with relevant records, e.g., special checks targeted at specific
data elements exhibiting a statistically significant tendency to cause matching errors. In
addition, US-VISIT’s redress process provides multiple points at which inaccurate data can be
corrected, including on-the-spot corrections at POEs. The US-VISIT redress policy and process
are described on the US-VISIT web site at www.dhs.gov/us-visit. Moreover, all changes to
individuals’ immigration status that would result in enforcement actions undergo manual
analysis and verification.
Data Disclosure
There are no additional data disclosures from US-VISIT as result of this covered
population expansion. DHS internal data sharing of US-VISIT data is necessary to comply with
statutory requirements for national security and law enforcement. Any sharing of data,
nevertheless, whether internal or external, increases the potential for compromising that data and
creates new opportunities for misuse. US-VISIT mitigates these vulnerabilities by working
closely with the sharing organizations to develop secure standard operating procedures for
Privacy Impact Assessment Update
US-VISIT
July 12, 2006
Page 6
sharing this data. These procedures are documented in sharing agreements. In all cases of
sharing internal to DHS, all organizations are required to comply with the Department’s security
policies and procedures.
Notice
Notice will be provided by this PIA update, an update to the IDENT SORN, and a NPRM
to be published prior to the DHS expansion of US-VISIT processing of additional categories of
aliens. Additional notice and public education may be conducted if this is deemed necessary
based on public comments received on the publication of the PIA, SORN, and NPRM.
Informed Consent
As described in previous PIAs, the collected data is used only for the purposes of border
and immigration management, national security, and law enforcement. Individuals have no
opportunity to consent to or refuse the use of their data for any of these purposes, as this
collection is mandated by law. There is no change to this as a result of the expansion to cover
additional categories of aliens.
Redress
DHS has made a policy decision to extend the spirit of the Privacy Act, including the
right to redress, to all US-VISIT covered individuals. Although LPRs have a statutory right to
seek redress pursuant to the Privacy Act, there is no difference in the redress process from other
US-VISIT covered individuals because of this policy. The US-VISIT redress process—detailed
on the DHS website 4 —allows any individual processed by US-VISIT to access and correct his or
her data. In the case of a redress request based on USCIS data, the US-VISIT Privacy Officer
forwards the request to USCIS to be processed according to their redress process.
Security
US-VISIT uses a privacy risk management process based on information life cycle
analysis and fair information principles. This process was used in developing the physical
connection with USCIS ISRS/BSS and in developing the processes and procedures for ensuring
the appropriate use of this data. Specific activities taken to ensure data security during this
expansion include:
4
•
Updating the System Security Plan and Risk Assessment as part of the Certification
and Accreditation process,
•
Conducting a Security Test and Evaluation on the ISRS/BSS-IDENT connection,
www.dhs.gov/dhspublic/interapp/editorial/editorial_0436.xml
Privacy Impact Assessment Update
US-VISIT
July 12, 2006
Page 7
•
Providing for encryption of interconnection transmissions, and
•
Security Office involvement in the development of the Interface Control Document
between ISRS/BSS and IDENT.
US-VISIT continues to employ all security controls, as described in early PIAs, including
such things as access controls, system user education and training, transmission encryption.
Conclusion
This updated PIA focuses on changes to the US-VISIT Program to expand coverage to
additional populations of aliens as mandated by law. As a result of the analysis, it is concluded
that, while the expansion of US-VISIT to cover additional populations of aliens increases the
pool of individuals whose personal information is stored and processed in the US-VISIT system,
specific privacy risks associated with this expansion are mitigated through access controls,
education and training, encryption of data transmissions, security risk assessments, and
minimizing collection and use of personal information. While there is a chance of misperception
that the expansion to additional categories of aliens may be inappropriate, the legal requirement
for such an expansion is clear and the expansion is in keeping with the published purposes of
US-VISIT.
Responsible Official
Steve Yonkers, Privacy Officer
US-VISIT Program
Department of Homeland Security
Privacy Impact Assessment Update
US-VISIT
July 12, 2006
Page 8
Approval Signature Page
________________________________
Maureen Cooney
Acting Chief Privacy Officer
Department of Homeland Security
File Type | application/pdf |
File Title | PIA Addiing Additional Aliens to US-VISIT |
Author | rwjohnson |
File Modified | 2006-08-04 |
File Created | 2006-08-04 |