System of Records Notice

SORN - DHS - IDENT.docx

Secondary Inspections Tool

System of Records Notice

OMB: 1615-0125

Document [docx]
Download: docx | pdf

[Federal Register Volume 72, Number 107 (Tuesday, June 5, 2007)]

[Notices]

[Pages 31080-31082]

From the Federal Register Online via the Government Printing Office [www.gpo.gov]

[FR Doc No: 07-2781]



=======================================================================

-----------------------------------------------------------------------


DEPARTMENT OF HOMELAND SECURITY


Office of the Secretary


[Docket No. DHS-2007-0027]



Privacy Act; IDENT System of Records


AGENCY: Privacy Office, Office of the Secretary, Department of Homeland

Security.


ACTION: Notice of updated Privacy Act system of records notice.


-----------------------------------------------------------------------


SUMMARY: The Department of Homeland Security is republishing the

Privacy Act system of records notice for the Automated Biometric

Identification System in order (1) to add a category of records that

comprises unique personal identifiers that links individuals with their

encounters, biometrics, records, and other data elements and (2) to add

a new routine use consistent with Office of Management and Budget

Memorandum M-07-16, Attachment 2 that permits DHS to be in the best

position to respond in a timely and effective manner in the event of a

data breach. This republished system of records notice will replace the

previously published system of records notice for the Automated

Biometric Identification System, Federal Register on July 27, 2006 (71

FR 42651).


DATES: Written comments must be submitted on or before July 5, 2007.


ADDRESSES: You may submit comments, identified by DOCKET NUMBER DHS-

2007-0027 by one of the following methods:

Federal e-Rulemaking Portal: http://www.regulations.gov.

Follow the instructions for submitting comments.

Fax: 1-866-466-5370.

Mail: Hugo Teufel III, Chief Privacy Officer, Privacy

Office, Department of Homeland Security, Washington, DC 20528.


FOR FURTHER INFORMATION CONTACT: Claire Miller, US-VISIT Acting Privacy

Officer, Department of Homeland Security, Washington, DC 20528. For

privacy issues please contact: Hugo Teufel III, Chief Privacy Officer,

Privacy Office, U.S. Department of Homeland Security, Washington, DC

20528.


SUPPLEMENTARY INFORMATION: In accordance with the Privacy Act of 1974,

5 U.S.C. 552a, the Department of Homeland Security (DHS) is publishing

a revision to an existing Privacy Act system of records known as

Automated Biometric Identification System (IDENT). The notice for these

systems of records was last published in the Federal Register on July

27, 2006 (71 FR 42651).

DHS is republishing IDENT in order (1) to add a category of records

that comprises unique personal identifiers that links individuals with

their encounters, biometrics, records, and other data elements and (2)

to add a new routine use consistent with Office of Management and

Budget Memorandum M-07-16, Attachment 2 that permits DHS to be in the

best position to respond in a timely and effective


[[Page 31081]]


manner in the event of a data breach. This republished system of

records notice will replace the previously published system of records

notice for the Automated Biometric Identification System, Federal

Register on July 27, 2006 (71 FR 42651).

IDENT is the primary repository of biometric information held by

DHS in connection with its several and varied missions and functions,

including, but not limited to: The enforcement of civil and criminal

laws (including the immigration and customs laws), including

investigations, inquiries, and proceedings thereunder; and national

security and intelligence activities. IDENT is a centralized and

dynamic DHS-wide biometric database that also contains limited

biographic and encounter history information needed to place the

biometric information in proper context. The information is collected

by, on behalf of, in support of, or in cooperation with DHS and its

components and may contain personally identifiable information

collected by other federal, state, local, tribal, foreign, and

international agencies. As part of an effort to more accurately

identify individuals and ensure that all encounters are appropriately

linked, IDENT will generate, store, and retrieve data by unique numbers

or sequence of numbers and characters. This SORN update adds a category

of records to IDENT to include these unique numbers or sequence of

numbers and characters, also known as enumerators that link individuals

with their encounters, biometrics, records, and other data elements.

Additionally, this SORN adds a new routine consistent with Office of

Management and Budget Memorandum M-07-16, Attachment 2 that permits DHS

to be in the best position to respond in a timely and effective manner

in the event of a data breach.

In accordance with 5 U.S.C. 552a(r), DHS has provided a report of

this system change to the Office of Management and Budget and to

Congress.

DHS/US-VISIT-001


System name:

DHS Automated Biometric Identification System (IDENT).


System location:

US-VISIT, Department of Homeland Security (DHS), Washington, DC

20528.


Categories of individuals covered by the system:

Categories of individuals covered by this notice consist of:

A. Individuals whose biometrics are collected by, on behalf of, in

support of, or in cooperation with DHS concerning operations that

implement and/or enforce laws, regulations, treaties, or orders related

to the mission of DHS.

B. Individuals whose biometrics are collected by, on behalf of, in

support of, or in cooperation with DHS as part of a background check or

security screening in connection with their hiring, retention,

performance of a job function, or the issuance of a license or

credential.

C. Individuals whose biometrics are collected by federal, state,

local, tribal, foreign, or international agencies for national

security, law enforcement, immigration, intelligence, or other DHS

mission-related functions, and who are the subjects of wants, warrants,

or lookouts or any other subject of interest.


Categories of records in the system:

IDENT contains biometric, biographic, unique machine-generated

identifiers, and encounter-related data for operation/production,

testing, and training environments. Biometric data includes, but is not

limited to, fingerprints and photographs. Biographical data includes,

but is not limited to, name, date of birth, nationality, and other

personal descriptive data. The encounter data provides the context of

the interaction with an individual including, but not limited to,

location, document numbers, and reason fingerprinted. Unique machine-

generated identifiers are identifiers that link individuals with their

encounters, biometrics, records, and other data elements. Test data may

be real or simulated biometric, biographic, encounter, or identifiers

related data.


Authority for maintenance of the system:

6 U.S.C. 202, 8 U.S.C. 1103, 1158, 1201, 1225, 1324, 1357, 1360,

1365a, 1365b, 1379, and 1732; 19 U.S.C. 1589a.


Purpose(s):

This system of records is established and maintained to provide a

DHS-wide repository of biometrics captures in DHS or law enforcement

encounters. This will enable DHS to carry out its DHS national

security, law enforcement, immigration, intelligence, and other

mission-related functions, and to provide associated testing, training,

management reporting, planning and analysis, and other administrative

uses, by allowing DHS to positively identify an individual whether the

name information is the same or different based on biometrics.


Routine uses of records maintained in the system, including categories

of users and the purposes of such uses:

In addition to those disclosures generally permitted under 5 U.S.C.

552a(b) of the Privacy Act, all or a portion of the records or

information contained in this system may be disclosed outside DHS as a

routine use pursuant to 5 U.S.C. 552a(b)(3), as follows:

A. To appropriate federal, state, local, tribal, foreign, or

international agencies seeking information on the subjects of wants,

warrants, or lookouts, or any other subject of interest, for purpose

related to administering or enforcing the law, national security,

immigration, or intelligence, where consistent with a DHS mission-

related function as determined by DHS.

B. To appropriate federal, state, local tribal, foreign, or

international government agencies charged with national security, law

enforcement, immigration, intelligence, or other DHS mission-related

functions in connection with the hiring or retention by such an agency

of an employee, the issuance of a security clearance, the reporting of

an investigation of that employee (but only if the System of Records in

which the investigatory files are maintained allows such disclosure),

the letting of a contract, or the issuance of a license, grant, loan,

or other benefit by the requesting agency.

C. To an actual or potential party or to his or her attorney for

the purpose of negotiation or discussion on such matters as settlement

of the case or matter, or discovery proceedings.

D. To a Congressional office from the record of an individual in

response to an inquiry from that Congressional office made at the

request of the individual to whom the record pertains.

E. To the National Archives and Records Administration or other

Federal government agencies pursuant to records management inspections

being conducted under the authority of 44 U.S.C. Sections 2904 and

2906.

F. To individual who are obligors or representatives of obligors of

bonds posted.

G. To contractors, grantees, experts, consultants, and others

performing or working on a contract, service, grant, cooperative

agreement, or other assignment for the Federal Government, when

necessary to accomplish a DHS mission function related to this system

of records. Such recipients are required to comply with the Privacy

Act, 5 U.S.C. 552a, as amended.

H. To the Department of Justice (DOJ) or other Federal agency for

purposes of conducting litigation or proceedings


[[Page 31082]]


before any court, adjudicative, or administrative body when (1) DHS; or

(2) Any employee of DHS in his/her official capacity; or (3) Any

employee of DHS in his/her individual capacity, where DOJ or DHS has

agreed to represent the employee; or (4) The United States or any

agency thereof is a party to the litigation or proceeding, or has an

interest in such litigation or proceeding.

I. To appropriate agencies, entities, and persons when (1) it is

suspected or confirmed that the security or confidentiality of

information in the system of records has been compromised; (2) DHS has

determined that as a result of the suspected or confirmed compromise

there is a risk of harm to economic or property interests, identity

theft or fraud, or ham to the security or integrity of this system or

other systems or programs (whether maintained by DHS or another agency

or entity) that rely upon the compromised information; and (3) the

disclosure is made to such agencies, entities, and persons when

reasonably necessary to assist in connection with DHS's efforts to

respond to the suspected or confirmed compromise and prevent, minimize,

or remedy such harm.


Policies and practices for storing, retrieving, accessing, retaining,

and disposing of records in the system:

Storage:

Information can be stored in case file folders, cabinets, safes, or

a variety of electronic or computer databases and storage media.


Retrievability:

Records may be retrieved by biometrics or select personal

identifiers, including but not limited to names, identification

numbers, date of birth, nationality, document number, and address.


Safeguards:

The system is protected through multi-layer security mechanisms.

The protective strategies are physical, technical, administrative, and

environmental in nature, and provide access to control to sensitive

data, physical access control to DHS facilities, confidentiality of

communications, authentication of sending parties, and personnel

screening to ensure that all personnel with access to data are screened

through background investigations commensurate with the level of access

required to perform their duties.


Retention and disposal:

The following proposal for retention and disposal is pending

approval with National Archives and Records Administration (NARA):

Records that are stored in an individual's file will be purged

according to the retention and disposition guidelines that relate to

the individual's file in DHS/US-VISIT-001, IDENT.

Testing and training data will be purged when the data is no longer

required (GRS 20). Electronic records for which the statute of

limitations has expired for all criminal violations or that are older

than 75 years will be purged. Fingerprint cards, created for the

purpose of entering records in the database, will be destroyed after

data entry. Work Measurement Reports and Statistical Reports will be

maintained within the guidelines set forth in NCI-95-78-5/2 and NCI-85-

78-1/2 respectively.


System manager(s) and address:

System Manager, IDENT Program Management Office, US-VISIT Program,

U.S. Department of Homeland Security, Washington, DC 20528, USA.


Notification procedure:

To determine whether this system contains records relating to you,

write to the US-VISIT Privacy Officer, US-VISIT Program, U.S.

Department of Homeland Security, 245 Murray Lane, SW., Washington, DC

20528, USA.


Record access procedures:

The major part of this system is exempted from this requirement

pursuant to 5 U.S.C. 552a(j)(2) and (k)(2). A determination as to the

granting or denial of access shall be made at the time a request is

received. Requests for access to records in this system must be in

writing, and should be addressed to the US-VISIT Privacy Officer at the

address in the Notification procedure section above. Such request may

be submitted either by mail or in person. The envelope and letter shall

be clearly marked ``Privacy Officer--Access/Redress Request.'' To

identify a record, the record subject should provide his or her full

name, date and place of birth; if appropriate, the date and place of

entry into or departure from the United States; verification of

identity by submitting a copy of fingerprints if appropriate (in

accordance with 8 CFR 103.21(b) and/or pursuant to 28 U.S.C. 1746, make

a dated statement under penalty of perjury as a substitute for

notarization), and any other identifying information that may be of

assistance in locating the record. The requestor shall also provide a

return address for transmitting the records to be released.


Contesting record procedures:

The major part of this system is exempted from this requirement

pursuant to U.S.C. 552a(j)(2) and (k)(2). A determination as to the

granting or denial of a request shall be made at the time a request is

received. An individual requesting amendment of records maintained in

this system should direct his or her request to the System Manager

noted above. The request should state clearly what information is being

contested, the reasons for contesting it, and the proposed amendment to

the information.


Record source categories:

Basic information contained in this system is supplied by

individuals covered by this system, and from Federal, State, local,

tribal, or foreign governments; private citizens; and public and

private organizations.


Exemptions claimed for the system:

The Secretary of Homeland Security has exempted this system from 5

U.S.C. 552a(c)(3) and (4); (d); (e)(1), (e)(2), (e)(3), (e)(4)(G),

(e)(4)(H), (e)(5) and (e)(8); (f)(2) through (5); and (g) pursuant to 5

U.S.C. 552a(j)(2). In addition, the Secretary of Homeland Security has

exempted portions of this system from 5 U.S.C. 552a(c)(3), (d), (e)(1),

(e)(4)(G), and (e)(4)(H) pursuant to 5 U.S.C. 552a(k)(2). These

exemptions apply only to the extent that records in the system are

subject to exemption pursuant to 5 U.S.C. 552a(j)(2) and (k)(2).


Dated: May 25, 2007.

Hugo Teufel III,

Chief Privacy Officer.

[FR Doc. 07-2781 Filed 5-31-07; 1:24 pm]

BILLING CODE 4410-10-M





File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorEvadne Hagigal
File Modified0000-00-00
File Created2021-01-26

© 2024 OMB.report | Privacy Policy