Download:
pdf |
pdfPrivacy Impact Assessment
for the
myUSCIS Account Experience
DHS/USCIS/PIA-071
December 15, 2017
Contact Point
Donald K. Hawkins
Privacy Officer
U.S. Citizenship and Immigration Services
(202) 272-8030
Reviewing Official
Philip S. Kaplan
Chief Privacy Officer
Department of Homeland Security
(202) 343-1664
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 1
Abstract
U.S. Citizenship and Immigration Services (USCIS) operates myUSCIS Account
Experience to engage benefit requestors and legal representatives, while they navigate and
complete the immigration process, through an authenticated digital account experience. MyUSCIS
Account Experience offers a personalized, authenticated, and secured account for benefit
requestors and legal representatives, and replaces all aspects of the public facing USCIS Electronic
Immigration System (USCIS ELIS).1 This Privacy Impact Assessment (PIA) evaluates the privacy
risks and mitigations associated with the collection, use, and maintenance of personally
identifiable information (PII). USCIS plans to update the appendices of the PIA as subsequent
services and functionalities are added to myUSCIS Account Experience.
Overview
U.S. Citizenship and Immigration Services (USCIS) is the component of the Department
of Homeland Security (DHS) that oversees lawful immigration to the United States. This mission
includes receiving and adjudicating a wide variety of immigration and non-immigration benefits
and requests (hereafter referred to as immigration benefits). USCIS historically operated under a
paper form intake process requiring USCIS adjudicators to use a variety of case management
systems to adjudicate the benefit request and issue written notices. During this time, USCIS only
offered live assistance for individuals seeking case assistance or updates through the National
Customer Service Center (NCSC) and field office visits.2 Further, benefit requestors experienced
an unauthenticated and fragmented online experience, or extended wait-times from NCSC and the
local field office, and could only access limited information about pending benefit filings.
As part of its mission, USCIS is striving to expand opportunities for individuals to further
engage with USCIS. USCIS is endeavoring to provide individuals reliable and up-to-date access
to general and pending case information. USCIS established the myUSCIS Account Experience to
offer customers an authenticated and holistic online experience. The purpose of myUSCIS
Account Experience is to integrate personalized digital services for a seamless end-to-end online
experience through a secure USCIS online account. Through myUSCIS Account Experience,
individuals are able to create a personal account to securely use digital services that supports the
benefit request process and allows access to pending case information. MyUSCIS Account
Experience will replace all aspects of the public-facing USCIS Electronic Immigration System
1
See DHS/USCIS/PIA-056 USCIS Electronic Immigration System (USCIS ELIS), available at
www.dhs.gov/privacy.
2
See DHS/USCIS-PIA-054 National Customer Service Center, available at www.dhs.gov/privacy.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 2
(USCIS ELIS).3 USCIS ELIS continues to serve as an internal electronic case management system
that allows USCIS adjudicators to process certain benefit request forms.
myUSCIS Account Experience offers the following six core digital modules along with
several supporting functions and capabilities:
1. Onboarding allows account holders to establish a secure account with USCIS.
2. Account Home serves as the central location for account holders to manage their case
with USCIS.
3. Digital Forms allows individuals to electronically file applications and petitions.
4. Case Activity offers a holistic view of a single case as well as a view into a customer’s
full immigration history with USCIS.
5. Document Center serves as a repository of documents and notices specific to the
account holder that are integral to the immigration process.
6. Secure Messaging provides access to live assistance within the account.
This secure online account allows individuals to manage their account, profile, and case
information with USCIS. Together, these modules provide individuals with a cohesive experience.
myUSCIS Account Experience is an expanding initiative with several supporting services
to contribute to the overall immigration experience of individuals. As myUSCIS Account
Experience includes additional support services, USCIS plans to update the Appendix to this PIA
to evaluate risks and mitigation strategies of each support service.
This PIA examines each module further to discuss the personally identifiable information
(PII) USCIS collects, uses, and maintains while using myUSCIS Account Experience.
Account Creation
myUSCIS Account Experience allows benefit requestors and legal representatives to create
a USCIS online account through https://myaccount.uscis.dhs.gov/. To create an account, an
individual enters an email address into an online form. USCIS sends a confirmation email to the
provided address for accuracy. The email address is then stored as the account holder’s username.
The account holder creates a strong password, and provides answers to security questions that he
or she will be asked to reset the account password in the future. The security questions are “fillin-the-blank” questions the customer provides the answer during account set-up. USCIS provides
the customer with a dropdown menu of standard questions, and the customer chooses which ones
to use as his or her security questions. USCIS will not use the answers to these questions for
3
See DHS/USCIS/PIA-056 USCIS Electronic Immigration System (USCIS ELIS), available at
www.dhs.gov/privacy.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 3
purposes other than assisting with password resets (e.g., the answers would not be available to
adjudicators for an immigration benefit purpose or fraud investigators in the event of a fraud
investigation).
myUSCIS Account Experience passwords and answers to the security questions are
centrally stored within the USCIS Identity, Credential and Access Management (ICAM) system.
Passwords are not visible. The answers to the security questions are only visible to USCIS
customer helpdesk personnel who assist account holders in resetting their passwords. USCIS
ICAM provides myUSCIS with account credentialing, account authentication, and identity
verification for account holders. ICAM collects this initial information. The USCIS online account
includes account information, profile information, and availability for online filing.
Two Factor Authentication
To complete the onboarding process, USCIS sets a two-factor authentication code
preference for integrity and authenticity assurance purposes. Each time the individual logs-in,
myUSCIS forwards an authentication code through an email or SMS, or through the use of a thirdparty authenticator application as part of his or her logon credentials. If the account holder chooses
to use a third party authentication application, he or she is provided instructions on how to connect
to the authentication application. The selection and use of a third-party application is at the
discretion of the account holder. The account holder can use any authentication application
available on the smart device of his or her choice. USCIS does not prescribe a specific
authenticator application. A separate USCIS notice informs the account holder to familiarize him
or herself with the privacy policy of the third party application since USCIS has no control over
the third party policies. The user credentials are sent to the USCIS ICAM system for verification
and authentication.
Identity Proofing
USCIS provides remote identity proofing using Identity Proofing as a Service (IDPaaS).
IDPaaS is a challenge-response system utilizing shared knowledge likely to be known to USCIS
and the myUSCIS account holder but unlikely to be known to third parties. This challengeresponse system draws questions based on information contained within the Central Index System
(CIS),4 originally derived from other USCIS systems, DHS systems, including U.S. Customs and
Border Protection (CBP), and Department of State (DOS) systems.
Potential questions may ask on what street an applicant lived or what DOS post his or her
immigrant visa was granted. This is similar to how some commercial applications in the United
States verify the identity of application account holders. Account holders who are required to use
IDPaaS are provided a notice explaining what identity proofing is and what to expect before
4
See DHS/USCIS/PIA-009 Central Index System, available at www.dhs.gov/privacy, to learn more about CIS and
view system USCIS, DHS, and DOS interfaces used develop challenge questions in support of identity proofing.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 4
launching into the process. If account holders are unable to pass the IDPaaS questionnaire, they
are presented with instructions on how to proceed on an alternate identity proofing path, which
may be contacting NCSC or appearing in-person at a USCIS field office. Once the account holder
passes the identity proofing quiz, myUSCIS Account Experience retains the fact that the account
holder has been identity-proofed and does not require the account holder to repeat the process for
subsequent immigration benefit requests.
The questions presented to each account holder are dynamically generated based on the
best information USCIS has about the account holder in CIS and the most diverse set of questions
available. This data originally comes from information the DOS collected in-person when issuing
a visa, information CBP collected in-person upon entry at the border, and information USCIS has
collected from the account holder based on previous immigration benefit requests. In designing
the questionnaire, USCIS looks at the breadth of data and categorizes it into several domains based
upon the type of information, such as travel, contact information, etc. The questionnaire is
designed to ask the account holder questions from different domains to ensure the account holder
is showing knowledge of a wide breadth of data about him or herself and also data that would not
be known by a different person. IDPaaS may allow account holders more than one attempt to pass
the questionnaire, but only if the system has enough reliable data in enough domains about the
account holder. Questions are in multiple-choice format and include a “none of the above” option,
when appropriate.
Account Home
The myUSCIS Account Experience homepage serves as the central location for account
holders. Account holders are able to save information throughout the benefit filing process and
return at a later time to submit or delete their draft case. Account holders who successfully submit
their case are able to manage their active cases from the beginning until the end. From the
dashboard, account holders are able to:
Select notifications options. As part of the account experience, the account holder can
receive notifications when there is a change in status. These alerts are sent via email or
text depending on the preference set by the account holder at the time of account
creation. These text or email alerts only provide notice that there has been a change to
the case. The account holder has the option to log in to the myUSCIS online account
for additional information;
Manage draft e-file forms;
Access documents and notices;
Start and send a secured message to USCIS;
Request an update to his or her profile;
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 5
View current status of any case and immediate next steps; and
View estimated processing time for a benefit request and next milestone in case
lifecycle.
Digital Forms
USCIS allows certain benefit request forms and service types to be completed and filed by
benefit requestors and/or legal representatives through their myUSCIS account.
The Digital Form module is an interactive tool that assists individuals with completing
immigration benefit request forms or service types. The digital benefit request forms collect the
same information as the corresponding paper form. Prior to initiating the request, USCIS provides
the account holder with a Privacy Notice covering the particular benefit request at the time of that
collection. The immigration benefit request forms and service types are dynamic meaning that
questions dynamically expand or become disabled as the account holder progresses through the
request. In other words, an account holder’s answer to one question may prevent a series of
additional questions from being necessary. This enables the customer to respond only to applicable
questions. The account holder may edit, delete, or update information when the form is in draft
state. The system does not keep copies of these previous iterations. Prior to the submission of the
benefit request form, the account holder has the opportunity to review the information entered as
part of benefit request form or service type. A draft case is deleted if inactive for 30 days.
Account holders who are assisted by a legal representative on a specific immigration case
must complete Form G-28, Notice of Entry of Appearance as Attorney or Accredited
Representative, and file it with USCIS. This can be accomplished online via myUSCIS Account
Experience or on paper via the USCIS Lockbox service.5 If a paper filing for an immigration
benefit type is submitted with a Form G-28, the Lockbox transmits the information to USCIS
ELIS. myUSCIS Account Experience interfaces with USCIS ELIS and conducts a search to
identify whether the legal representative already has a USCIS representative account in the system.
If a legal representative account already exists, the new filing is linked to the existing account. If
a legal representative account does not exist, the legal representative can create a USCIS online
account through the myUSCIS Account Experience.
5
Lockbox facilities are operated by a specialized contractor authorized by the Department of Treasury (Treasury).
This contractor manages the intake of USCIS benefit applications and the collection of associated fees submitted
directly by mail. It provides the mechanisms to capture information electronically from USCIS benefit request
forms, deposit associated fees, move the information to USCIS systems via a system interface, and generate
acceptance and rejection notices to applicants. The contractor is also responsible for preparing the applicationrelated files in accordance with USCIS guidance and sending the files to the next processing site (i.e., Service
Center). The contractor does not approve or deny benefit request forms received by the USCIS Lockbox. See
Department of Treasury Financial Management Service Privacy Impact Assessment, available at
https://www.fms.treas.gov/pia/ECP_PIA.pdf.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 6
Legal representatives may also electronically file requests in myUSCIS Account
Experience. To successfully submit a filing in myUSCIS, both the legal representative and his or
her client (i.e., the USCIS benefit requestor) must have their own, independent USCIS online
account. The legal representative uses his or her account to draft a request on behalf of the benefit
requestor. Upon completion, the legal representative submits it to the benefit requestor for review.
When the legal representative submits the draft benefit request for benefit requestor review, the
legal representative provides myUSCIS Account Experience with the benefit requestor’s email
address. MyUSCIS Account Experience then presents the legal representative with a passcode that
should be provided to the benefit requestor. The benefit requestor must provide the passcode in
order to access the draft request.
myUSCIS Account Experience then sends the benefit requestor an email informing him or
her about the pending draft in their existing account. When the benefit requestor logs into the
system he or she is prompted to input the passcode in order to view the draft immigration request
completed by the legal representative. myUSCIS Account Experience only gives the benefit
requestor access to review the draft case if the email and passcode match. Upon review, the benefit
requestor is able to reject the draft and send it back to the legal representative. The legal
representative may then overwrite the previous draft and resubmit to the benefit requestor for
review. However, a new passcode is required in order to access the revised document.
Once an account holder completes a benefit request and uploads necessary evidence,
myUSCIS Account Experience requires the account holder to electronically sign the request and
pay the applicable fee. Payment is made using the U.S. Department of Treasury’s Pay.Gov
service.6 USCIS does not collect the fee directly. Rather, the account holder is redirected to the
Pay.Gov interface, and Pay.Gov collects payment information (e.g., credit card, debit card, or
Automated Clearing House (ACH debit)) from a personal bank account and billing information.
Once Pay.Gov validates the payment information, the account holder is routed back to myUSCIS
Account Experience and the myUSCIS Account Experience confirms to the account holder that
he or she successfully submitted the request.
Once the immigration request is submitted and accepted to USCIS, both the legal
representative and the benefit requestor have access to the same processing requests and notices,
as well as case status updates.7 If applicable, USCIS mails a receipt notice to the account holder’s
6
See U.S. Department of Treasury Financial Management Services Pay.Gov Privacy Impact Assessment 2.0 (July 1,
2011), available at http://fms.treas.gov/pia/paygov_pia%20.pdf.
7
At any point during the benefit adjudication process, account holders may change their legal representative or elect
to forgo legal representation during the adjudication of a benefit request. Notification to USCIS of the substitution or
withdrawal of a legal representative may occur in a written notice of withdrawal by the representative of record or
upon the filing of a properly completed G-28 by the new representative, include the receipt number associated with
the substitution. USCIS updates the appropriate systems to remove and add access for the legal representative. The
updated legal representative is then provided case access and issued correspondence related to the benefit request.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 7
physical address, as well as makes it available electronically through the myUSCIS Account
Experience online account.
Case Activity
Case Activity provides current and past status updates and case processing times to account
holders on pending immigration benefit requests filed through myUSCIS Account Experience.
The case activity for electronically filed forms (for myUSCIS Account Experience only) is
automatically updated based on the associated receipt number. The Case Activity modules notify
the account holder of major milestones such as receipt of a benefit request form or upcoming
biometric and interview appointments. The Case Activity module receives case status updates from
Enterprise Citizenship and Immigrations Services Centralized Operational Repository
(eCISCOR).8 Case updates associated with a receipt number are sent electronically on a daily basis
to myUSCIS Account Experience. The Case Activity module provides the account holder with a
detailed explanation of the case status. Account holders are able to use Case Status Online9 to
obtain case updates for all forms filed outside of myUSCIS Account Experience.
Document Center
The Document Center serves as the document and notice repository for the account holder.
In the Document Center, the account holder is able to upload and view evidence submitted in
support of an electronically-filed or paper-filed application or petition, view notices issued by
USCIS, and reuse evidence submitted previously for new forms or USCIS requests, in addition to
searching, tagging, and sorting evidence and notices.
Case Evidence
USCIS requires initial evidence of proof of identification and justification of eligibility for
a benefit or service by way of supporting documentation. Examples of supporting documentation
include copies of birth, marriage, or adoption certificates; divorce decrees; affidavits of financial
support; and/or school records. myUSCIS prompts the account holder to upload certain evidence
based on the answers provided by the account holder while completing an application or petition.
Account holders upload evidence by scanning documents and attaching the scanned images to a
draft case or when responding to requests for additional information from USCIS.10 Account
holders can also upload evidence during the application process as part of a request for evidence
or as applicable.
8
See DHS/USCIS/PIA-023(a) Enterprise Citizenship and Immigrations Services Centralized Operational Repository
(eCISCOR), available at www.dhs.gov/privacy.
9
See DHS/USCIS/PIA-019(b) Customer Relationship Interface System (CRIS), available at www.dhs.gov/privacy.
10
A request for evidence is made when an application/petition is lacking required documentation/evidence (initial
evidence) or the USCIS adjudicator needs more documentation/evidence (additional evidence) to determine an
applicant’s eligibility for the benefit sought.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 8
USCIS Correspondence
Notices are written communications indicating that USCIS has taken an action regarding a
request that may or may not require action by the benefit requestor. In accordance with the
Immigration and Naturalization Act (INA), USCIS has a statutory obligation to provide the benefit
requestor with notice of action USCIS takes related to a request, as well as provide information
related to the status of a request. A notice has a legal effect with respect to the adjudication of the
requested benefit, and conveys information that the individual has a right to know and USCIS has
a legal duty to communicate.
USCIS issues the following notices to communicate with customers or convey a status of
an immigration benefit:
Receipt of benefit requests forms and payments;
Rejection of benefit requests forms;
Transfer of files;
Re-open cases; and
Appointments (i.e., fingerprint, biometric capture, interview, rescheduled).
USCIS sends notices to inform benefit requestors of any actions that the requestors may need to
take or actions that have been taken by USCIS.
USCIS adjudicators issue Requests of Evidence (RFE) or Notices of Intent to Deny (NOID)
when an application lacks required documentation or the adjudicator needs additional evidence to
determine an applicant’s eligibility for the benefit sought. These forms are also uploaded into the
Document Center. Once officially submitted, USCIS adjudicators review the benefit request and
supporting documents to ensure all information is present. In situations in which evidence is
missing or all required initial evidence is submitted but does not establish eligibility, USCIS may
request that the benefit requestor to supply additional information through an RFE or NOID for
continued processing.
USCIS adjudicators use the Enterprise Correspondence Handling Online (ECHO) and
Notice Generation Systems to generate notices while processing benefit requests for immigration
benefits.11 USCIS uploads notices from these systems to the myUSCIS Account Experience. All
notices available in myUSCIS Account Experience are also printed and mailed to the benefit
requestors and their legal representatives.
11
See DHS/USCIS/PIA-063 Benefit Decision and Output Processes, available at www.dhs.gov/privacy.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 9
Secure Messaging
Secure messaging allows the account holder to send emails to USCIS while logged into his
or her USCIS online account. To create a new email, the account holder clicks on the ‘new
message’ button and a form is displayed. The authenticated form requests the subject, case receipt
number, client name (legal representative only), and a text box to describe the issue.
The subject, case receipt number, and client name fields offer a drop down menu
personalized for his or her account. When composing a secure message, the account holder is able
to select one of the following options to autofill the subject line:
A case already filed online;
Filing an application online;
Getting a confirmation or PIN via email;
Getting an answer to a general question;
Getting online filing to work in my browser;
Making a payment; or
Other (write subject in description).
The receipt number field is a drop down menu of active receipt numbers associated with that
account holder’s pending applications. This reduces the risk of an account holder providing an
incorrect number in this field. If the account holder is a legal representative, he or she must select
the name of the client from a drop down menu as well.
An open textbox is available to the account holder to provide additional feedback. Since
emails are associated with a specific profile, USCIS notifies account holders to exclude personal
information, specifically Alien Number or Social Security number, in the subject or message. Each
inquiry is assigned a system-generated service item number and all corresponding messages are
tied to the service item number. When all fields are completed, the account holder may send the
email. The encrypted message is routed to NCSC after the account holder hits send. USCIS
researches each inquiry to assist the account holder with resolving the issue. Based on the outcome
of his or her finding, USCIS creates a response letter to inform the account holder of how his or
her inquiry was resolved. The account holder receives a text or email alert when USCIS responds
to an inquiry. USCIS only discloses information related to the case. If additional identity
verification is required, USCIS may contact the account holder with information on record. All the
responses between USCIS and the account holder are stored in the Secure Message module.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 10
Section 1.0 Authorities and Other Requirements
1.1
What specific legal authorities and/or agreements permit and
define the collection of information by the project in question?
The authority to collect information is found within the Immigration and Nationality Act
(INA), 8 U.S.C. §§ 1103, 1201, and 1255.
1.2
What Privacy Act System of Records Notice(s) (SORN(s)) apply to
the information?
The information collected, used, maintained, and stored in myUSCIS Account Experience
is covered under the following SORNS:
DHS/USCIS/ICE/CBP-001 Alien File, Index, and National File Tracking System of
Records12 covers documentation and maintenance of an individual’s immigration
application, petitions, and requests as he or she passes through the U.S. immigration
process;
DHS/USCIS-007 Benefits Information System13 permits USCIS’ collection, use,
maintenance, dissemination, and storage of paper and electronic benefit request
information. This includes case processing and decisional data not included in the AFile SORN. It also covers case specific information that is collected and shared with
online account holders; and
DHS/ALL-037 E-Authentication Records System of Records14 covers information
collected to create and authenticate an individual’s identity for the purpose of obtaining
a credential to electronically access a DHS program or application.
1.3
Has a system security plan been completed for the information
system(s) supporting the project?
Yes. myUSCIS was approved for operation on December 18, 2014, for a period of 36
months, unless a significant change to the information system required an earlier accreditation.
The myUSCIS authority to operate (ATO) is set to expire on December 18, 2017. myUSCIS is
undergoing the security authorization process and is to receive an update ATO upon completion
of this PIA.
12
DHS/USCIS/ICE/CBP-001 Alien File, Index, and National File Tracking System of Records, 82 FR 43556 (Oct.
18, 2017).
13
DHS/USCIS-007 Benefits Information System, 81 FR 72069 (Oct. 19, 2016).
14
DHS/ALL-037 E-Authentication Records System of Records, 79 FR 46857 (Aug. 11, 2014).
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 11
1.4
Does a records retention schedule approved by the National
Archives and Records Administration (NARA) exist?
No. USCIS is developing a retention schedule with NARA for myUSCIS that is subject to
final approval. USCIS is proposing to maintain the masterfile data for 5 years and account
registration data for 7.5 years.
1.5
If the information is covered by the Paperwork Reduction Act
(PRA), provide the OMB Control number and the agency number
for the collection. If there are multiple forms, include a list in an
appendix.
The OMB Control number for online account creation is 1615-0122 (there is no
corresponding agency number). Each benefit request form or service type filed through myUSCIS
Account Experience has an existing OMB control number that covers the electronic information
collection. An updated list is available in Appendix A and B.
Section 2.0 Characterization of the Information
The following questions are intended to define the scope of the information requested and/or collected, as
well as reasons for its collection.
2.1
Identify the information the project collects, uses, disseminates, or
maintains.
Account Creation
Benefit requestors and legal representatives are required to create separate accounts. To
create an account, myUSCIS Account Experience collects name, physical address, home telephone
number, mobile phone number, user name, user password, responses to security questions, and a
USCIS-generated authentication code. For a legal representative profile, USCIS collects the
organization name, bar number, licensing authority, accredited representation date, daytime phone
number, fax number, mailing address, and an electronic signature to verify information.
Account Dashboard
The Account Dashboard serves as the central location for account holders to manage their
case and relationship with USCIS. Account Dashboard serves as the access point of all the features
of the online account.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 12
Digital Forms and Services
The Digital Forms and Services module is an interactive tool that allows account holders
to complete immigration benefit request forms or service requests electronically. The information
collected from each benefit request form or service type varies and not all forms collect the same
information. Generally, each form may collect the following information regarding benefit
requestors and third party beneficiaries: full name, address, telephone number, date and place of
birth, unique identifying numbers (i.e., Online Account Number, Alien Number, and SSN,
citizenship/nationality, and gender. USCIS forms also collect information about the form preparer,
interpreter, and legal representative. A full account of what data is requested for each immigration
benefit and service type may be viewed by referencing the forms associated with each immigration
benefit or service type in Appendix A and B.15
Case Activity
Case activity provides current and past status updates and case processing times to account
holders on pending immigration benefit requests filed through myUSCIS Account Experience.16
Document Management
Document Management stores and maintains supplemental evidence uploaded from the
account holder and notices uploaded from USCIS. Examples of supporting evidence include copies
of civil documents such as birth, marriage, or adoption certificates; divorce decrees; affidavits of
financial support; or school records. Examples of USCIS notices include receipt of benefit requests
forms and payments, biometric appointments, RFEs, and NOIDs.
Secure Message
Secure Message allows account holders to email USCIS about a specific case inquiry. Each
email contains fields that request the subject of the inquiry, associated case receipt number, and a
text box to describe the issue. Legal representative email contains the same fields and also requests
the client name. The subject, case receipt number, and client name (only in the legal representative
account) include a drop down feature.
15
Subject: The account holder is offered multiple short, descriptive reasons for the
inquiry (e.g., a case already filed online, filing an application online, other (write
subject in description) to select and populate the subject heading.
Case Information: The benefit requestor is provided a list of receipt numbers for cases
that were filed online and selects the receipt number associated with the inquiry. The
All USCIS Forms are available at https://www.uscis.gov/forms.
USCIS processes all case submissions in the order they are received. Processing times are an estimate based on
the time it is currently taking to process the benefit request type submitted and the number of pending applications
or petitions of the same type in the office where the account holder’s case is pending.
16
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 13
legal representative account is provided with a list of client names and receipt numbers
for cases that were filed online or associated to the representative with a G-28 on file
and is able to select the appropriate case information relating to the inquiry.
Text box: An open textbox is available for the account holder to provide additional
feedback. Since emails are associated with a specific profile, USCIS notifies account
holders to exclude personal information, specifically Alien Number or Social Security
number, in the subject or message.
Each inquiry is assigned a system-generated service item number and all corresponding messages
are tied to the service item number.
2.2
What are the sources of the information and how is the information
collected for the project?
Information in myUSCIS Account Experience is derived from account holders (i.e., benefit
requestors and accredited representatives) for account creation, benefit form and service types,
secure messages, and supplemental evidence. USCIS systems and personnel to provide data for
case activity, processing times, USCIS notices, and secure messages.
2.3 Does the project use information from commercial sources or
publicly available data? If so, explain why and how this information is
used.
No.
2.4
Discuss how accuracy of the data is ensured.
myUSCIS Account Experience collects user profile, biographic information, and
supplemental evidence directly from the account holder (i.e., individual or his or her
representative); therefore, USCIS is dependent upon the accuracy of the information provided by
the account holder. To ensure the accuracy and integrity of the information, account holders are
provided with the opportunity to review and edit information prior to its submission.
myUSCIS also receives information from USCIS systems or personnel to share
information. The myUSCIS Account Experience account is tied to a unique identifier that links
the authentication services with myUSCIS and the USCIS systems. To ensure data accuracy,
myUSCIS validates data through system coding to mitigate or prevent inconsistencies in account
holder data (e.g., the system rejects 00/00/00 birthdates) and that only the account holder
information is being shared to create the personalized experience.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 14
2.5
Privacy Impact Analysis: Related to Characterization of the
Information
Privacy Risk: There is a risk that myUSCIS Account Experience collects more
information than necessary to adjudicate a benefit request.
Mitigation: myUSCIS mitigates this risk in two main ways. First, the system only collects
information pertaining to one case at a time, so that the account holder cannot be prompted to enter
information unless it pertains to the specific case on which the account holder is working. Second,
the user interface dynamically skips questions that are not relevant based on previous responses.
For example, when a paper form would instruct the customer to skip a section of the form based
on his or her answer, myUSCIS skips to relevant sections and questions. It is possible for account
holders to upload more evidence than necessary because they are allowed to submit “unsolicited
evidence” at any point until adjudication. This is a valuable feature that allows benefit requestors
the opportunity to provide information initially forgotten or submitted incorrectly, which partially
mitigates the risk that benefit requestors may opt to provide too much information.
Privacy Risk: myUSCIS Account Experience may capture outdated, inaccurate, irrelevant
or incomplete information through the Digital Forms module.
Mitigation: This risk is mitigated because the account holder has the ability to review
information prior to submission to USCIS. USCIS account holders provide information to
myUSCIS Account Experience directly to ensure accuracy of information. Prior to the submission
of information by the Digital Forms module, myUSCIS Account Experience provides the
individual with an opportunity to enter biographic information, review its accuracy, and amend it.
Information submitted by the legal representative requires the benefit requestor to review the filing
prior to electronically signing the form. The benefit requestor is required to check a box attesting
that he or she has reviewed the information. This ensures the accuracy and integrity of the benefit
request form prior to submission.
Privacy Risk: There is a risk that inaccurate or outdated evidence is stored and maintained
in the Document Center.
Mitigation: USCIS mitigates this risk by requiring the account holder to provide valid
documentation as initial evidence. USCIS requires supporting documentation as initial evidence
of a benefit requestor’s identification and eligibility for a benefit. Current and accurate documents
are required for USCIS to make a decision on a benefit request. USCIS relies on the account holder
to verify the veracity of the evidence. Account holders are responsible for ensuring the most upto-date documents are uploaded and included as part of their benefit request. If the account holder
identifies that the incorrect document was uploaded, the account holder is able to delete the
incorrect document and upload a new document. Also, prior to electronically submitting the benefit
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 15
request to USCIS, myUSCIS Account Experience allows the account holder to review the
information, as well the supporting evidence.
Section 3.0 Uses of the Information
The following questions require a clear description of the project’s use of information.
3.1
Describe how and why the project uses the information.
myUSCIS Account Experience allows account holders to engage with USCIS in an
authenticated account experience. Specific uses of myUSCIS Account Experience and the
information it contains include:
Create a user profile;
Draft, manage, and file benefit request forms and service types. Cases are maintained
in myUSCIS Account Experience until it is submitted and signed electronically. Once
the filing has been submitted, the information is sent to USCIS ELIS or the appropriate
case management system for adjudication;
Maintain supplemental evidence submitted with an e-filed application and reuse
evidence submitted previously for new forms or USCIS requests;
View notices issued by USCIS;
View estimated processing times for cases and next milestones in case lifecycles;
View current status of a case and immediate next steps;
Access documents and notices related to a particular status; and
Initiate secure messages to USCIS and manage responses from USCIS.
3.2
Does the project use technology to conduct electronic searches,
queries, or analyses in an electronic database to discover or locate
a predictive pattern or an anomaly? If so, state how DHS plans to
use such results.
No.
3.3
Are there other components with assigned roles and responsibilities
within the system?
No. Access to the data stored in myUSCIS Account Experience, as well as the system, is
limited to account holders.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 16
3.4
Privacy Impact Analysis: Related to the Uses of Information
Privacy Risk: There is a risk that myUSCIS Account Experience will collect and use
information in a manner inconsistent with USCIS’ authority and mission.
Mitigation: USCIS mitigates the risk by minimizing the amount of information collected
and by limiting the purposes for which USCIS may use the information. MyUSCIS Account
Experience offers account holders with a secure online account to engage with USCIS. Access to
the data stored in myUSCIS Account Experience, as well as the system, is limited to account
holders. USCIS adjudicators do not have access the account holder information until it is officially
submitted for USCIS review. USCIS systems administrator and help desk support have limited
access to the account holder’s account login information to assist with technical issues.
Privacy Risk: There is a risk that USCIS may access and use benefit information prior to
the official submission of the benefit request.
Mitigation: USCIS mitigates this risk by restricting secure profile access to account
holders (i.e., benefit requestors and legal representatives). While using myUSCIS Account
Experience, account holders are able to save draft benefit request forms and upload supplemental
evidence. The account holder may edit, delete, or update information when it is in draft state and
the system does not keep copies of these previous iterations. This preserves the same
confidentiality for an electronic filing as a paper filing. USCIS adjudicators do not have access to
this information until the account holder submits the filing to USCIS, in which the information is
routed to USCIS ELIS or other case management system. This risk is further mitigated by limiting
the retention of draft forms in the system to 30 days from the date of last action on the form.
Privacy Risk: There is a risk that USCIS may access and use uploaded, not officially
submitted, evidence maintained in the Document Center.
Mitigation: USCIS mitigates this risk by restricting access to information maintained in
secure profile to the account holder only. USCIS adjudicators do not have access to documents
stored in the Document Center or any other module of the secure profile. Account holders are
limited to benefit requestors and legal representatives. The account holder must electronically
submit the benefit request form and appended support evidence for USCIS to use the information
for adjudication purposes. Once officially submitted, the benefit request is transferred to USCIS
ELIS, or other case management system for review and adjudication. USCIS adjudicates the
benefit request using only the information maintained in USCIS ELIS through normal processing
procedures.
Privacy Risk: There is a risk that myUSCIS Account Experience will inadvertently
disclose information about a different account holder.
Mitigation: USCIS mitigates this risk by implementing multiple security controls. First,
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 17
USCIS configured the interconnecting systems to link and share information associated with the
same receipt number. Second, an account holder only has access to his or her own cases. This
prevents information from being submitted for the incorrect individual. Lastly, legal
representatives must select the receipt number and name of the client to upload the evidence. In
addition, for final submission, the client (applicant) must validate the submission through his or
her own account.
Section 4.0 Notice
The following questions seek information about the project’s notice to the individual about the information
collected, the right to consent to uses of said information, and the right to decline to provide information.
4.1
How does the project provide individuals notice prior to the
collection of information? If notice is not provided, explain why
not.
USCIS provides general notice to account holders through the publication of this PIA,
associated SORNs, and through the USCIS website. Additionally, myUSCIS Account Experience
provides a Privacy Notice prior to the submission of any information. The Privacy Notice notifies
the account holder about the authority to collect the information requested, the purposes of
collection, USCIS’ routine uses of the information, and the consequences of an account holder
providing or declining to provide the information to USCIS.
4.2
What opportunities are available for individuals to consent to uses,
decline to provide information, or opt out of the project?
USCIS informs the account holder that providing information is voluntary. An account
holder can choose to decline to provide information. However, this may prevent the account holder
from using the myUSCIS Account Experience. By using myUSCIS Account Experience, the
account holder is implying consent to USCIS’ uses of information.
4.3
Privacy Impact Analysis: Related to Notice
There is no privacy risk related to notice. All information collected by myUSCIS is
provided directly from the account holder. The account holder is provided a Privacy Notice prior
to submitting any information to USCIS. Additionally, USCIS provides notice to individuals
through this PIA, and associated SORNs.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 18
Section 5.0 Data Retention by the project
The following questions are intended to outline how long the project retains the information after the initial
collection.
5.1
Explain how long and for what reason the information is retained.
USCIS is developing a retention schedule for myUSCIS Account Experience that is subject
to final approval by NARA.USCIS is proposing to maintain the masterfile data for 5 years and
account registration data for 7.5 years.
5.2
Privacy Impact Analysis: Related to Retention
Privacy Risk: myUSCIS does not have a records retention schedule.
Mitigation: This risk is partially mitigated. USCIS is developing a retention schedule for
myUSCIS Account Experience and will not delete records until a retention schedule is approved
by NARA. The proposed NARA schedule is consistent with the concept of retaining data only for
as long as necessary to support USCIS mission. Until USCIS completes a NARA-approved
retention schedule, USCIS plans to maintain all records indefinitely in accordance with the Federal
Records Act, which prohibits agencies from destroying records without a NARA-approved
schedule.
Section 6.0 Information Sharing
The following questions are intended to describe the scope of the project information sharing external to the
Department. External sharing encompasses sharing with other federal, state and local government, and private sector
entities.
6.1
Is information shared outside of DHS as part of the normal agency
operations? If so, identify the organization(s) and how the
information is accessed and how it is to be used.
USCIS does not share information maintained in myUSCIS Account Experience with
external entities. While using myUSCIS Account Experience account holders may engage with
third-party service providers, but USCIS does not share PII with third party service providers.
Third Party Authentication Service
myUSCIS Account Experience requires account holders to go through a two-step
verification process. As part of two factor authentication, myUSCIS Account Experience account
holders are able to use their email, SMS, or third party authentication service provider for the
delivery of their two factor authentication code. The selection and use of a third-party
authentication application is at the discretion of the account holder. USCIS has no control over the
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 19
application’s privacy policies or what information the account holder provides.
myUSCIS Account Experience allows individuals to use a third-party authenticator
application to provide two-factor authentication into their USCIS online account. ICAM generates
a QR code and the account holder must either scan a QR code or enter a unique token manually
generated by ICAM using a mobile device to pair the USCIS account with the specific
authenticator application. The authenticator service provider then generates a temporary one-time
password, which expires every 30 seconds. The temporary one-time password displayed on the
account holder’s mobile device must be entered into the ICAM system as a second level of
authentication upon login. During this transaction, USCIS does not share any PII with the third
party authentication service provider.
Pay.Gov
Account holders electronically filing a benefit request form or service must pay for the
associated fees using the using the U.S. Department of Treasury’s Pay.Gov service.17 The Pay.Gov
icon is imbedded within the digital forms module. Once the account holder clicks the icon, the
account holder is redirected to a Pay.Gov, which is a third-party website, to make the fee payment.
MyUSCIS Account Experience provides a disclaimer notifying the account holder that he or she
is being redirected to a non-USCIS site and is then no longer engaging with myUSCIS. Once an
account holder links to Pay.Gov, the account holder is subject to the policies of the third-party site.
Pay.Gov allows account holders to make electronic payments to USCIS. Pay.Gov collects
biographic and payment information—either credit card, debit card, or Automated Clearing House
(ACH) debit from a personal bank account. Once Pay.Gov validates the payment information,
account holders are routed back to myUSCIS Account Experience and the USCIS online account
confirms to the account holder that he or she successfully submitted the request. During this
transaction, myUSCIS Account Experience does not collect or share any information with
Pay.Gov.
6.2
Describe how the external sharing noted in 6.1 is compatible with
the SORN noted in 1.2.
USCIS does not share information maintained in myUSCIS Account Experience with
external entities.
6.3
Does the project place limitations on re-dissemination?
USCIS does not share information maintained in myUSCIS Account Experience with
external entities.
17
See U.S. Department of Treasury Financial Management Services Pay.Gov Privacy Impact Assessment 2.0 (July
1, 2011), available at, http://fms.treas.gov/pia/paygov_pia%20.pdf.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 20
6.4
Describe how the project maintains a record of any disclosures
outside of the Department.
USCIS does not share information maintained in myUSCIS Account Experience with
external entities.
6.5
Privacy Impact Analysis: Related to Information Sharing
There is no privacy impact related to external information sharing because information
maintained in myUSCIS Account Experience is not shared with external entities.
Section 7.0 Redress
The following questions seek information about processes in place for individuals to seek redress which may
include access to records about themselves, ensuring the accuracy of the information collected about them, and/or
filing complaints.
7.1
What are the procedures that allow individuals to access their
information?
MyUSCIS Account Experience allows account holders to directly and securely engage
with USCIS to obtain useful immigration on case-related information. Account holders who
created online accounts must authenticate their identity using the username, password, and
authentication code. Once authenticated, individuals may access the information they used to
create their profiles, such as name and address information, as well as the case specific information
prior to official submission to USCIS.
Additionally, an account holder seeking access to his or her information held by USCIS
may gain access to his or her records by filing a Freedom of Information Act (FOIA) or Privacy
Act request. Account holders not covered by the Privacy Act or Judicial Redress Act (JRA) still
may obtain access to records consistent with FOIA unless disclosure is prohibited by law or if the
agency reasonably foresees that disclosure would harm an interest protected by an exemption. Any
account holder seeking access to his or her information should direct their request to the following
address:
USCIS National Records Center (NRC)
FOIA/PA Office
P.O. Box 648010
Lee's Summit, MO 64064-8010
Further information for Privacy Act and FOIA requests for USCIS records can also be found at
http://www.uscis.gov.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 21
7.2
What procedures are in place to allow the subject individual to
correct inaccurate or erroneous information?
MyUSCIS Account Experience allows account holders to directly and securely engage
with USCIS. Account holders are able to amend information in their accounts by logging in and
making the correction to the information they provided prior to official submission to USCIS.
U.S. citizens and lawful permanent residents, as well as other persons with records covered
by JRA, are afforded the ability to correct information by filing a Privacy Act Amendment request
under the Privacy Act. U.S. citizens, lawful permanent residents, and persons covered by the JRA
should submit requests to contest or amend information contained in USCIS systems. Individuals
may direct all requests to contest or amend information to the USCIS FOIA/PA Office. Individuals
must state clearly and concisely in the redress request the information being contested, the reason
for contesting it, the proposed amendment, and clearly mark the envelope “Privacy Act
Amendment.” This would only apply to amendment of USCIS-held information. Persons not
covered by the Privacy Act are not able to amend their records through FOIA. Should a non-U.S.
person find inaccurate information in his or her record received through FOIA, he or she may visit
a local USCIS Field Office to identify and amend inaccurate records with evidence.
7.3
How does the project notify individuals about the procedures for
correcting their information?
Individuals are notified about procedures for correcting their information by myUSCIS
Account Experience, published Privacy Notices in relevant USCIS application instructions, the
USCIS website, this PIA, and relevant SORNs.
7.4
Privacy Impact Analysis: Related to Redress
There is no privacy risk with respect to redress. Account holders may access the
information they enter into myUSCIS Account Experience prior to submission to USCIS. After
information is officially submitted to USCIS, USCIS provides individuals with multiple avenues
during and after the completion of the benefit request process to correct information. Individuals
are also given numerous opportunities to correct information they have provided and to respond
to information received from other sources.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 22
Section 8.0 Auditing and Accountability
The following questions are intended to describe technical and policy based safeguards and security
measures.
8.1
How does the project ensure that the information is used in
accordance with stated practices in this PIA?
USCIS ensures that the practices stated in this PIA are followed by leveraging training,
policies, rules of behavior, and auditing and accountability. USCIS established access and security
controls to mitigate privacy risks associated with authorized and unauthorized uses, namely misuse
and inappropriate dissemination of data. DHS security specifications require auditing capabilities
that log the transactions of user in order to reduce the possibility of misuse and inappropriate
dissemination of information. All user actions are tracked via audit logs to identify audit
information by user identification, network terminal identification, date, time, and data accessed.
All USCIS systems employ auditing measures and technical safeguards to prevent the misuse of
data.
8.2
Describe what privacy training is provided to account holders
either generally or specifically relevant to the project.
All USCIS federal employees and contractors are required to complete annual privacy and
security awareness training. The privacy awareness training addresses appropriate privacy
concerns, including Privacy Act obligations (e.g., SORN and Privacy Notices). The computer
security awareness training examines appropriate technical, physical, personnel and administrative
controls to safeguard information.
8.3
What procedures are in place to determine which users may access
the information and how does the project determine who has
access?
MyUSCIS Account Experience is a public-facing website and accessible to any individual
or legal representative seeking immigration or case-related information. Account holders have
access to their information only. Internal access to myUSCIS Account Experience is restricted by
USCIS management and limited to authorized USCIS and contractor personnel.
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 23
8.4
How does the project review and approve information sharing
agreements, MOUs, new uses of the information, new access to the
system by organizations within DHS and outside?
USCIS does not share information maintained in myUSCIS Account Experience with
organizations within or outside of DHS. However, should this change, USCIS has a formal review
and approval process in place that requires approval of any new sharing arrangement.
Responsible Officials
Donald K. Hawkins
Privacy Officer
U.S. Citizenship and Immigration Services
Department of Homeland Security
Approval Signature
Original, signed copy on file with DHS
Philip S. Kaplan
Chief Privacy Officer
Department of Homeland Security
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 24
Appendix A
Immigration Service Types Filed Online Through myUSCIS
Name of Immigration Service
OMB Control
Number
USCIS Immigrant Visa Fee
1615-0122
Privacy Impact Assessment
DHS/USCIS/PIA-071
myUSCIS Account Experience
Page 25
Appendix B
Immigration Forms Filed Online Through myUSCIS18
18
Form
Number
Form Name
OMB Control Number
G-28
Notice of Entry of Appearance as Attorney or
Accredited Representative
1615-0105
I-90
Replacement of Permanent Resident Card
1615-0082
N-400
Application for Naturalization
1615-0052
N-336
Request for a Hearing on a Decision in
Naturalization Proceedings (Under Section 336
of the INA)
1615-0050
N-565
Application for Replacement
Naturalization/Citizenship Document
1615-0091
All USCIS Forms are available at https://www.uscis.gov/forms.
File Type | application/pdf |
File Modified | 0000-00-00 |
File Created | 0000-00-00 |