Download:
pdf |
pdfPrivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ANALYSIS (PTA)
This form serves as the official determination by the DHS Privacy Office to
identify the privacy compliance requirements for all Departmental uses of
personally identifiable information (PII).
A Privacy Threshold Analysis (PTA) serves as the document used to identify
information technology (IT) systems, information collections/forms, technologies,
rulemakings, programs, information sharing arrangements, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined by
the Chief Privacy Officer, pursuant to Section 222 of the Homeland Security Act, and to
assess whether there is a need for additional Privacy Compliance Documentation. A PTA
includes a general description of the IT system, information collection, form, technology,
rulemaking, program, pilot project, information sharing arrangement, or other Department
activity and describes what PII is collected (and from whom) and how that information is
used and managed.
Please complete the attached Privacy Threshold Analysis and submit it to your
component Privacy Office. After review by your component Privacy Officer the PTA is sent
to the Department’s Senior Director for Privacy Compliance for action. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
[email protected]
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form and assess whether any privacy compliance documentation is required. If compliance
documentation is required – such as Privacy Impact Assessment (PIA), System of Records
Notice (SORN), Privacy Act Statement, or Computer Matching Agreement (CMA) – the DHS
Privacy Office or component Privacy Office will send you a copy of the relevant compliance
template to complete and return.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 1 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis (PTA)
Specialized Template for
Information Collections (IC) and Forms
The Forms-PTA is a specialized template for Information Collections and Forms. This
specialized PTA must accompany all Information Collections submitted as part of the
Paperwork Reduction Act process (any instrument for collection (form, survey,
questionnaire, etc.) from ten or more members of the public). Components may use this PTA
to assess internal, component-specific forms as well.
Form Number:
I-352 SA, I-352 RA
Form Title:
eBONDS Access Application
and Agreement, eBONDS Rules
of Behavior Agreement
Immigration and
Office:
Customs Enforcement
(ICE)
Component:
Click here to enter text.
IF COVERED BY THE PAPERWORK REDUCTION ACT:
Collection Title:
Electronic Bonds Online
OMB Control
Number:
Collection status:
Name:
Office:
Phone:
(eBONDS) Access
1653-0046
Extension
OMB Expiration
Date:
Date of last PTA (if
applicable):
June 30, 2019
Click here to enter
a date.
PROJECT OR PROGRAM MANAGER
Carl Albritton
ERO
Title:
Management and Program
Analyst
(202) 732-5918
Email:
Management and Program
Analyst
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 2 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Name:
Office:
Phone:
COMPONENT INFORMATION COLLECTION/FORMS CONTACT
Scott Elmore
OCIO
Title:
ICE Forms & PRA
Coordinator
(202) 732-2601
Email:
[email protected]
SPECIFIC IC/Forms PTA QUESTIONS
1. Purpose of the Information Collection or Form
a. Describe the purpose of the information collection or form. Please provide a
general description of the project and its purpose, including how it supports the DHS
mission, in a way a non-technical person could understand (you may use
information from the Supporting Statement).
If this is an updated PTA, please specifically describe what changes or upgrades are
triggering the update to this PTA.
The data collected on the Electronic Bonds Online (eBONDS) Access Application and
Agreement (I-352-SA), and eBONDS Rules of Behavior Agreement (I-352-RA) enable U.S.
Immigration and Customs Enforcement (ICE) to determine whether to grant surety
companies access privileges to eBONDS, an information system administered by ICE, and
to maintain accurate records about the surety companies and their agents that have been
granted access to eBONDS. Surety companies who access eBONDS are required to
register with ICE and acknowledge in writing that they will only use eBONDS for those
purposes related to surety bonds (e.g., posting surety bonds, retrieving bond-related
notifications, responding to requests for information from ICE, etc.); create, manage, and
terminate surety agent user accounts in accordance with ICE policy; notify ICE in the
event that they suspect or experience a security breach that impacts eBONDS; and follow
guidance issued by ICE on the proper handling of personal information.
The I-352-RA collects information about the surety president, and agent authorized as an
attorney-in-fact. The complete list of data elements collected on this form can be found
in the answer to Question 2e (below). Members of the public (surety president, and
agent authorized as an attorney-in-fact) complete and sign I-352-RA. The surety
president or agent authorized as an attorney-in fact submits the Form I-352-RA via
regular mail, or regular mail, commercial courier, to: ICE/ERO/BMU, 500 12th Street,
SW, Washington, DC 20536.
The I-352-SA collects information about the Surety company, surety president, surety
agent, administrator(s) for the surety or agency, corporate secretary. The complete list
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 3 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
of data elements collected on this form can be found in the answer to Question 2e
(below). Members of the public (Surety President, Surety Agent, Administrator(s) for the
Surety or Agency, Corporate Secretary) complete and sign I-352-SA in the presence of a
notary. Surety President, Surety Agent, Administrator(s) for the Surety or Agency, or
Corporate Secretary submits the Form I-352-RA via regular mail, or regular mail,
commercial courier, to: ICE/Enforcement and Removal Operations (ERO)/Bonds
Management Unit (BMU), 500 12th Street, SW, Washington, DC 20536.
b. List the DHS (or component) authorities to collect, store, and use this information.
If this information will be stored and used by a specific DHS component, list the
component-specific authorities.
8 U.S.C. §§ 1103, 1183, 1226, 1229c, and 1363; and 31 U.S.C. § 7701
2. Describe the IC/Form
a. Does this form collect any
Personally Identifiable
Information” (PII1)?
b. From which type(s) of
individuals does this form
collect information?
(Check all that apply.)
☒ Yes
☐No
☒ Members of the public
☒ U.S. citizens or lawful permanent
residents
☒ Non-U.S. Persons.
☐DHS Employees
☐DHS Contractors
☐Other federal employees or contractors.
c. Who will complete and
submit this form? (Check
all that apply.)
☒ The record subject of the form (e.g., the
individual applicant).
☒ Legal Representative (preparer, attorney,
etc.).
☒ Business entity.
1
Personally identifiable information means any information that permits the identity of an individual to be directly or indirectly inferred, including
any other information which is linked or linkable to that individual regardless of whether the individual is a U.S. citizen, lawful permanent resident,
visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 4 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
If a business entity, is the only
information collected business contact
information?
☐Yes
☒ No
☐Law enforcement.
☐DHS employee or contractor.
☐Other individual/entity/organization that is
NOT the record subject. Please describe.
Click here to enter text.
d. How do individuals
complete the form? Check
all that apply.
☒ Paper.
☒ Electronic. (ex: fillable PDF)
☐Online web form. (available and submitted via
the internet)
Provide link:
e. What information will DHS collect on the form? List all PII data elements on the
form. If the form will collect information from more than one type of individual,
please break down list of data elements collected by type of individual.
I-352-SA:
Information about the Surety Company:
Name, address, telephone, email address of surety point of contact, Employer
Identification Number (EIN). The surety company has an option to check a box if Surety
is authorized to post immigration bonds in all U.S. States & Territories. If the box is not
checked the surety company lists all the U.S. States and Territories in which the Surety is
authorized to post immigration bonds.
Information about the Agent(s) authorized as an agent to post immigration bonds
on behalf of the Surety Company:
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 5 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Name, address, telephone, email, agent or producer number (Surety Issued), Agent State
License Number, Agency EIN. On addendum 2 of I-352SA, there is a box for the agent to
check a box to add or deactivate eBONDS Access.
Information about the Administrator(s) for the Surety or Agency:
Name, Title, Surety, or Agency name, address, telephone, email, Surety or Agency EIN. On
addendum 2 of I-352SA, there is a box for the Surety Administrator to check a box to add
or deactivate eBONDS Access.
Information about the Surety President:
Name.
Information about the Corporate Secretary:
Name.
Information about the Notary Public:
Name.
I-352-RA:
Information about the Surety Company:
Name, EIN.
Information about the Surety President:
Name.
Information about the Agent authorized as an attorney-in-fact:
Name.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 6 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
f. Does this form collect Social Security number (SSN) or other element that is
stand-alone Sensitive Personally Identifiable Information (SPII)? Check all that
apply.
☐ Social Security number
☐ DHS Electronic Data Interchange
Personal Identifier (EDIPI)
☐ Alien Number (A-Number)
☐ Social Media Handle/ID
☐ Tax Identification Number
☐ Known Traveler Number
☐ Visa Number
☐ Trusted Traveler Number (Global
☐ Passport Number
Entry, Pre-Check, etc.)
☐ Bank Account, Credit Card, or other
☐ Driver’s License Number
financial account number
☐ Biometrics
☐ Other. Please list: EIN
g. List the specific authority to collect SSN or these other SPII elements.
N/A
h. How will this information be used? What is the purpose of the collection?
Describe why this collection of SPII is the minimum amount of information
necessary to accomplish the purpose of the program.
N/A
i. Are individuals
☒ Yes. Please describe how notice is provided.
provided notice at the
Surety companies have notice of the collection
time of collection by
because they are the individuals supplying the
DHS (Does the records
information on the form.
subject have notice of
the collection or is
Additionally, notice is provided by the privacy
form filled out by
notice that is on the form, and by the following ICE
third party)?
privacy compliance documentation:
PIAs
DHS/ICE/PIA – 008 eBONDS Online System,
and subsequent updates
DHS/ICE/PIA-005 Bond Management
Information System, and subsequent
updates
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 7 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
DHS/ICE-PIA-015 Enforcement Integrated
Database (Updates (b) and (d) specifically
discuss form I-352)
DHS/ICE-004 Bond Management
Information System (BMIS) SORN
DHS/ICE 011 – CARIER SORN
SORNs
☐No.
3. How will DHS store the IC/form responses?
a. How will DHS store
☐Paper. Please describe.
the original,
Click here to enter text.
completed IC/forms?
☒ Electronic. Please describe the IT system that will
store the data from the form.
Data from the forms are stored electronically in
the ENFORCE Allen Removal Module (EARM),
BMIS Web, eBONDS, and the eBONDS Document
Repository System.
☐Scanned forms (completed forms are scanned into
an electronic repository). Please describe the
electronic repository.
Click here to enter text.
b. If electronic, how
does DHS input the
☒ Manually (data elements manually entered). Please
describe.
Same data elements noted in Question No. 2(e)
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 8 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
responses into the IT
system?
c. How would a user
search the
information
submitted on the
forms, i.e., how is the
information
retrieved?
d. What is the records
retention
schedule(s)? Include
the records schedule
number.
☒ Automatically. Please describe.
Two system-to-system interfaces provide data to
EID in support of the electronic processing of
immigration bonds. The first is an interface with
ICE’s eBONDS and the second is with BMIS Web.
☒ By a unique identifier.2 Please describe. If
information is retrieved by personal identifier, please
submit a Privacy Act Statement with this PTA.
It would depend on why the information is being
retrieved/needed. It could be done by account #,
name, surety company name, or address.
☐By a non-personal identifier. Please describe.
Click here to enter text.
I-352RA-I-352SA forms fall under Records Retention
Schedule N1-567-11-02, which covers eBONDS.
Under this schedule, the Master file is
destroyed/deleted once the surety company is no
longer U.S. Department of Treasury certified and all
associated bonds have been deleted from the
database.
Approved bonds are maintained in the BMIS-Web
system, and are destroyed/deleted no earlier than 48
hours and no later than 2 weeks after migration.
e. How do you ensure
that records are
disposed of or deleted
in accordance with
For bonds that are not approved, the system
automatically deleted these applications 2 weeks
from the date when the record was initially created.
The ERO Bond Management Unit (BMU) takes
mandatory ICE Records Training and follows ICE
2
Generally, a unique identifier is considered any type of “personally identifiable information,” meaning any information that permits the identity
of an individual to be directly or indirectly inferred, including any other information which is linked or linkable to that individual regardless of
whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 9 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
the retention
schedule?
Records Guidance ensuring that the I-352RA-I-352SA
forms are disposed of in accordance with the
applicable retention schedules.
f. Is any of this information shared outside of the original program/office? If yes,
describe where (other offices or DHS components or external entities) and why.
What are the authorities of the receiving party?
☐Yes, information is shared with other DHS components or offices. Please describe.
Click here to enter text.
☒ Yes, information is shared external to DHS with other federal agencies, state/local
partners, international partners, or non-governmental entities. Please describe.
ICE makes available via eBONDS the appropriate bond-related documents to
surety agents for those aliens for whom they have posted a surety bond.
☐No. Information on this form is not shared outside of the collecting office.
Please include a copy of the referenced form and Privacy Act Statement (if
applicable) with this PTA upon submission.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 10 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:
Kevin Mullinix
Date submitted to component Privacy
Office:
Date submitted to DHS Privacy Office:
May 6, 2019
Have you approved a Privacy Act
Statement for this form? (Only
applicable if you have received a
waiver from the DHS Chief Privacy
Officer to approve component Privacy
Act Statements.)
Click here to enter a date.
☒ Yes. Please include it with this PTA
submission.
☐No. Please describe why not.
Click here to enter text.
Component Privacy Office Recommendation:
Please include recommendation below, including what existing privacy compliance
documentation is available or new privacy compliance documentation is needed.
This Electronic Bonds Online (eBONDS) Access Application and Agreement (I-352SA), and eBONDS Rules of Behavior Agreement (I-352-RA) PTA is being submitted for
review. Because this form collects information from the surety agent, or company on
behalf of the bonded alien, and notary public, a Privacy Act notice is required. ICE
Form 352, Immigration Bond, has coverage under the following PIAs and SORNs:
PIAs
DHS/ICE/PIA – 008 eBONDS Online System, and subsequent updates
DHS/ICE/PIA-005 Bond Management Information System, and
subsequent updates
DHS/ICE-PIA-015 Enforcement Integrated Database (Updates (b) and
(d) specifically discuss form I-352)
SORNs
DHS/ICE-004 Bond Management Information System (BMIS) SORN
DHS/ICE 011 – CARIER SORN
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 11 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 12 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ADJUDICATION
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:
Hannah Burgess
PCTS Workflow Number:
Date approved by DHS Privacy Office:
PTA Expiration Date
1180579
May 10, 2019
May 10, 2022
DESIGNATION
Privacy Sensitive IC or
Form:
Yes If “no” PTA adjudication is complete.
Determination:
☐PTA sufficient at this time.
☐Privacy compliance documentation determination in progress.
☐New information sharing arrangement is required.
☐DHS Policy for Computer-Readable Extracts Containing SPII
applies.
☒ Privacy Act Statement required.
☒ Privacy Impact Assessment (PIA) required.
☒ System of Records Notice (SORN) required.
☐Specialized training required.
☐Other. Click here to enter text.
DHS IC/Forms Review:
Choose an item.
Date IC/Form Approved Click here to enter a date.
by PRIV:
IC/Form PCTS Number: Click here to enter text.
Privacy Act
Privacy Act Statement Required
Statement:
PTA:
System PTA Required
Click here to enter text.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 13 of 14
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PIA:
System covered by existing PIA
If covered by existing PIA, please list: DHS/ICE/PIA-005 Bond
Management Information System Web Version (BMIS Web) 2.2;
DHS/ICE/PIA-008 eBonds Online System;
DHS/ICE/PIA-015 Enforcement Integrated Database
If a PIA update is required, please list: Click here to enter text.
SORN:
System covered by existing SORN
If covered by existing SORN, please list: DHS/ICE-004 Bond
Management Information System (BMIS) February 15, 2011 76 FR
8761;
DHS/ICE-011 Criminal Arrest Records and Immigration Enforcement
Records (CARIER) System of Records October 19, 2016, 81 FR 72080
If a SORN update is required, please list: Click here to enter text.
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
ICE Privacy is submitting this PTA for the data collected on the Electronic Bonds Online
(eBonds) Access Application and Agreement (I-352-SA), and eBonds Rules of Behavior
Agreement (I-352-RA) that enable ICE to determine whether to grant surety companies
access privileges to eBonds. The forms collect PII, and information is retrieved by account
#, name, surety company name, or address.
DHS Privacy Office finds this is privacy sensitive. The collection of PII, by Form I-352RA
and I-352SA, is covered by DHS/ICE/PIA-005, DHS/ICE/PIA-008, and DHS/ICE/PIA-015(b)
and (d).
SORN coverage is also required, and is provided by DHS/ICE-004 BMIS and DHS/ICE-011
CARIER.
This form requires a privacy notice, which should be updated to include all applicable
SORNs.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 14 of 14
File Type | application/pdf |
File Modified | 2019-06-25 |
File Created | 2019-05-10 |