Dhs-uscis-pia-027 Raps

Privacy Impact Assessment Update
for the

Refugees, Asylum, and Parole System and the Asylum
Pre-Screening System
DHS/USCIS/PIA-027(a)
June 30, 2011
Contact Point
Donald K. Hawkins
Office of Privacy
United States Citizenship and Immigration Services
(202) 272-8030
Reviewing Official
Mary Ellen Callahan
Chief Privacy Officer
Department of Homeland Security
(703) 235-0780

Privacy Impact Assessment Update
United States Citizenship and Immigration Services (USCIS)
Refugees, Asylum, and Parole System and
the Asylum Pre-Screening System
Page 2

Abstract
The U.S. Department of Homeland Security (DHS), United States Citizenship and
Immigration Services (USCIS) is updating the Privacy Impact Assessment (PIA) for the
Refugees, Asylum, and Parole System (RAPS) and the Asylum Pre-Screening System (APSS) in
order to provide further notice of the expansion of routine sharing of RAPS with the intelligence
community in support of the Department’s mission to protect the United States from potential
terrorist activities.

Introduction
As set forth in Section 451(b) of the Homeland Security Act of 2002, Public Law 107296, Congress charged USCIS with the administration of the asylum program, which provides
protection to qualified individuals in the United States who have suffered past persecution or
have a well-founded fear of future persecution in their country of origin as outlined under INA §
208 and 8 CFR § 208. USCIS is also responsible for the adjudication of the benefit program
established by Section 203 of the Nicaraguan Adjustment and Central American Relief Act
(NACARA § 203) (discussed in more detail in Section B below), in accordance with 8 CFR §
240.60 and the maintenance and administration of the credible fear and reasonable fear screening
processes, in accordance with 8 CFR §§ 208.30 and 208.31. USCIS developed RAPS and APSS
in order to carry out its obligations in administering these benefit programs.
RAPS and APSS track case status and facilitate the scheduling of appointments and
interviews and the issuance of notices (including receipt notices, appointment notices, and
decision letters) at several stages of the adjudication process. USCIS Asylum Offices use RAPS
and APSS to record decisions and to generate decision documents such as approval, dismissal, or
rescission of an asylum or NACARA § 203 application, denial of an asylum application,
administrative closure of an asylum application, or referral of an asylum or NACARA § 203
application to Executive Office of Immigration Review (EOIR). The systems also initiate,
receive, and record responses for national security and background check screening and prevent
the approval of any benefit prior to the review and completion of all security checks. Finally, the
systems provide fully-developed and flexible means for analyzing and managing program
workflows and provide the Asylum Program with statistical reports to assist with oversight of
production and processing goals.
Pursuant to the National Security Act of 1947, as amended, the National Counter
Terrorism Center (NCTC) “serve[s] as the central and shared knowledge bank on known and
suspected terrorists and international terror groups, as well as their goals, strategies, capabilities,
and networks of contacts and support.” 50 U.S.C. § 404o. In order to enhance information
sharing, the President issued Executive Order 13388, Further Strengthening the Sharing of

Privacy Impact Assessment Update
United States Citizenship and Immigration Services (USCIS)
Refugees, Asylum, and Parole System and
the Asylum Pre-Screening System
Page 3

Terrorism Information to Protect Americans (October 27, 2005), which provides that the head of
each agency that possesses or acquires terrorism information shall promptly give access to that
information to the head of each other agency that has counterterrorism functions. The
Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004 (Pub. L. No. 108-458), as
amended, places an obligation on U.S. government agencies to share terrorism information with
the intelligence community, including NCTC. In certain instances, DHS shares an entire dataset
with an intelligence community member in order to support the counterterrorism activities of the
intelligence community and to identify terrorism information within DHS data.
DHS has decided to share the entire RAPS 1 database with NCTC under a Memorandum
of Understanding (MOU). The MOU permits NCTC to use RAPS information to facilitate
NCTC’s counterterrorism efforts. This information sharing also aligns with DHS’s mission to
prevent and deter terrorist attacks and comports with a recent exercise of the Secretarial
disclosure authority under 8 CFR §208.6(a) to permit regular sharing of asylum-related
information. The MOU includes a number of safeguards to ensure the data is only used for the
purposes explicitly permitted under the MOU, this PIA and the DHS/USCIS-010 Asylum
Information and Pre-Screening SORN (January, 5, 2010 75 FR 409). The MOU also limits the
amount of time the information is maintained at NCTC, ensures proper information technology
security is in place during and after transmission of the RAPS data to NCTC, requires training on
interpreting RAPS data, requires deletion of records, and provides for routine reporting and
auditing of NCTC’s use of the data.

Reason for the PIA Update
DHS/USCIS is updating the existing PIA (DHS/USCIS/PIA-027), first published on
November 24, 2009, to account for the routine sharing of RAPS and APSS data with the
intelligence community, specifically NCTC, in support of the Department’s mission to protect
the United States from potential terrorist activities.
DHS has entered into an MOU with NCTC in order to facilitate NCTC’s
counterterrorism efforts. This information sharing also aligns with DHS’s mission to prevent
and deter terrorist attacks. DHS and NCTC have placed specific safeguards in this MOU to
ensure that the data is used appropriately and in accordance with the existing system of records
notice for Asylum Information and Pre-Screening (last published January 5, 2010 75 FR 409)
and this PIA.

1

The MOU does not include the APSS database.

Privacy Impact Assessment Update
United States Citizenship and Immigration Services (USCIS)
Refugees, Asylum, and Parole System and
the Asylum Pre-Screening System
Page 4

Privacy Impact Analysis
In each of the below sections consider how the system has changed and what impact it has on the
below fair information principles. In some cases there may be no changes and indicate as such.
The System and the Information Collected and Stored within the System
There is no change in the collection of RAPS and APSS information.
Uses of the System and the Information
There are no changes to the uses of the system and the information described in the
RAPS and APSS PIA.
Retention
There are no changes to the retention periods described in the RAPS and APSS PIA.
Pursuant to the MOU, NCTC will be allowed to retain RAPS data for up to 180 days in
order to identify terrorism information, in support of its counterterrorism mission and in support
of DHS’ mission. RAPS information will be deleted by NCTC within 180 days of receipt unless
a nexus to terrorism has been identified for a particular record. NCTC may retain RAPS data
containing terrorism information in accordance with NCTC authorities and policies, applicable
law, and the terms of the MOU.
Internal Sharing and Disclosure
There are no changes to the internal sharing and disclosures described in the RAPS and
APSS PIA.
External Sharing and Disclosure
DHS has entered into a new information sharing agreement with NCTC in order to
facilitate NCTC’s counterterrorism efforts. Pursuant to 8 CFR §208.6(a), an exercise of the
Secretarial disclosure authority has been signed to allow this sharing. This information sharing
also aligns with DHS’s mission to prevent and deter terrorist attacks. This sharing is conducted
pursuant to routine uses H and I of the DHS/USCIS-010 SORN, which states that DHS may
share RAPS and APSS information with “any element of the U.S. Intelligence Community, or
any other federal or state agency having a counterterrorism function, provided that the need to
examine the information or the request is made in connection with its authorized intelligence or
counterterrorism function or functions and the information received will be used for the
authorized purpose for which it is requested.”
NCTC will process all RAPS records within 180 calendar days of receipt from DHS to determine
whether a nexus to terrorism exists. NCTC will immediately purge all RAPS records that do not

Privacy Impact Assessment Update
United States Citizenship and Immigration Services (USCIS)
Refugees, Asylum, and Parole System and
the Asylum Pre-Screening System
Page 5

constitute terrorism information no more than 180 calendar days from receipt. This process will
be audited as required under the MOU. NCTC will review, retain, and disseminate RAPS
records it has determined have a nexus to terrorism in accordance with procedures the
Memorandum of Agreement between the Attorney General and the Director of National
Intelligence on Guidelines for Access, Retention, Use and Dissemination by the NCTC of
Terrorism Information Contained within Datasets Identified as Including Non-terrorism
Information and Information pertaining Exclusively to Domestic Terrorism, November 2008 and
in accordance with Section 2.3 of Executive Order 12333 and additional terms specified in the
MOU.
The MOU has strict safeguards to protect the PII provided to NCTC. These protections
include a routine oversight of NCTC’s use of the data by DHS personnel detailed to NCTC. In
addition, NCTC will provide training to NCTC users on the appropriate use of personally
identifiable information. DHS/USCIS will provide annual and periodic training to appropriate
NCTC personnel on proper interpretation of the data contained in RAPS and on proper treatment
of data from certain categories which require special handling, such as asylum, refugee, U visa,
T Visa, VAWA and U.S. Person data.
In general, NCTC may not disseminate to third parties information derived from RAPS
data unless that data was identified as containing terrorism information and only in accordance
with the procedures described in the MOU. NCTC shall maintain an electronic copy of the
RAPS data that was disseminated, to whom, and the purpose for the dissemination. However, if
there is a question on RAPS information and its relationship to terrorism, NCTC may request
permission from DHS to share this RAPS information with other intelligence agencies.
This external sharing is also being appropriately logged pursuant to subsection (c) of the
Privacy Act, which requires the Department to maintain a log of when records have been shared
outside of DHS.
Notice
The system of records notice for RAPS and APSS was published on January 5, 2010, 75
FR 409, and remains accurate and current. Routine uses H and I cover this sharing.
Individual Access, Redress, and Correction
There are no changes to the access, redress, and correction procedures described in the
RAPS and APSS PIA

Privacy Impact Assessment Update
United States Citizenship and Immigration Services (USCIS)
Refugees, Asylum, and Parole System and
the Asylum Pre-Screening System
Page 6

Technical Access and Security
The security features and access controls for RAPS and APSS have not changed. The
new sharing is conducted in conformance with existing information technology security
protocols, including encryption. Please refer to the DHS/USCIS/PIA-027 RAPS APSS PIA for
more information.
Technology
No changes.

Responsible Official
Donald K. Hawkins
Privacy Officer
U.S. Citizenship and Immigration Services
U.S. Department of Homeland Security

Approval Signature
[Original signed copy on file with the DHS Privacy Office]

Mary Ellen Callahan
Chief Privacy Officer
Department of Homeland Security