Download:
pdf |
pdfPRIVACY IMPACT ASSESSMENT (PIA)
PRESCRIBING AUTHORITY: DoD Instruction 5400.16, "DoD Privacy Impact Assessment (PIA) Guidance". Complete this form for Department of Defense
(DoD) information systems or electronic collections of information (referred to as an "electronic collection" for the purpose of this form) that collect, maintain, use,
and/or disseminate personally identifiable information (PII) about members of the public, Federal employees, contractors, or foreign nationals employed at U.S.
military facilities internationally. In the case where no PII is collected, the PIA will serve as a conclusive determination that privacy requirements do not apply to
system.
1. DOD INFORMATION SYSTEM/ELECTRONIC COLLECTION NAME:
Global Air Transportation Execution System (GATES)
3. PIA APPROVAL DATE:
2. DOD COMPONENT NAME:
01/27/22
United States Transportation Command
SECTION 1: PII DESCRIPTION SUMMARY (FOR PUBLIC RELEASE)
a. The PII is: (Check one. Note: Federal contractors, military family members, and foreign nationals are included in general public.)
From members of the general public
From Federal employees
from both members of the general public and Federal employees
Not Collected (if checked proceed to Section 4)
b. The PII is in a: (Check one.)
New DoD Information System
New Electronic Collection
Existing DoD Information System
Existing Electronic Collection
Significantly Modified DoD Information System
c. Describe the purpose of this DoD information system or electronic collection and describe the types of personal information about individuals
collected in the system.
GATES collects PII to support the following: Aerial Ports and Water Ports of Embarkation and Debarkation; Military Transportation
Offices; Air Mobility Support Flights; Passenger Gateways; Navy Operated Air Terminals and Aerial Ports; SDDC Army and Navy Water
Ports; Military airfields or installations (all services); any activity or agency responsible for initiating or receiving a request for movement of
personnel and their baggage, manifesting, tracing, billing actions, and statistical data collection; and deployed fixed and non-fixed airfields
throughout the world.
The PII collected by GATES: Citizenship, Driver's License, Home/Cell Phone, Military/Home Address, Work E-mail, Birth Date, Person Email, Rank/Grade, Security Information, DOD ID, Emergency Contact, Gender/Gender Information, Medical Information, Name(s), Other
ID Number, PHI, Blood Type.
d. Why is the PII collected and/or what is the intended use of the PII? (e.g., verification, identification, authentication, data matching, mission-related use,
administrative use)
Identifiable information must be collected to execute USTRANSCOM missions. Passenger records containing PII are used to: (1) prepare
aircraft manifests for passenger identification processing and movement on military aircraft, commercial contract (charter) aircraft, and on
seats reserved (blocked) on regularly scheduled commercial aircraft at military and civilian airports; (2) screen passengers for customs,
immigration, and transportation security purposes; and (3) create manifests and records relating to the movement of personal property and
human remains.
Records containing PII in this system are also used to: (a) develop billing data to the user Military Departments or other organizations; (b)
determine passenger movement trends; (c) forecast future travel requirements; (d) identify, research, and resolve transportation related
problems; and, (e) screening for customs, immigration, and transportation security purposes.
e. Do individuals have the opportunity to object to the collection of their PII?
Yes
No
(1) If "Yes," describe the method by which individuals can object to the collection of PII.
(2) If "No," state the reason why individuals cannot object to the collection of PII.
Per AMCI 24-605, paragraph 2.4.2., GATES applicants see a Privacy Act statement at all the GATES passenger terminals on the collection
of personal information. If an individual objects, the Privacy Act statement informs passengers that failure to provide the information could
result in them not being accepted for travel on military aircraft.
f. Do individuals have the opportunity to consent to the specific uses of their PII?
Yes
No
(1) If "Yes," describe the method by which individuals can give or withhold their consent.
DD FORM 2930, JUN 2017
PREVIOUS EDITION IS OBSOLETE.
AEM Designer
Page 1 of 9
(2) If "No," state the reason why individuals cannot give or withhold their consent.
GATES provides privacy advisory statement in written form and electronic format at the passenger terminals. Per AMCI 24-605, paragraph
2.4.2., a Privacy Act statement is displayed for the applicants at all the GATES passenger terminals of the collection of personal information.
“DISCLOSURE is voluntary; however, failure to provide the requested information may impede, delay or prevent further processing of this
request.” If an individual does not consent, they can decline to sign the form.
g. When an individual is asked to provide PII, a Privacy Act Statement (PAS) and/or a Privacy Advisory must be provided. (Check as appropriate and
provide the actual wording.)
Privacy Act Statement
Privacy Advisory
Not Applicable
Per AMCI 24-605, paragraph 2.4.2., the following Privacy Act statement displays for the applicants at all the GATES passenger terminals:
“DISCLOSURE is voluntary; however, failure to provide the requested information may impede, delay or prevent further processing of this
request.”
Privacy Act statement reads as follows:
PRIVACY ACT STATEMENT
AUTHORITY: 10 U.S.C. 8013
PRINCIPAL PURPOSE: To apply for air travel SSN is needed for positive ID. [To comply with DODI 1000.30, Reduction of Social
Security Number (SSN) Use within DOD, passenger service agents will use DOD identification (ID) numbers in lieu of SSN.]
ROUTINE USE(S): Records from this system of records may be disclosed for any of the blanket routine uses published by the Air Force.
DISCLOSURE IS VOLUNTARY: Disclosure of SSN is voluntary. However, failure to provide the information may result in member not
being accepted for travel on military aircraft.
h. With whom will the PII be shared through data/system exchange, both within your DoD Component and outside your Component?
(Check all that apply)
Within the DoD Component
Specify.
USTRANSCOM and USTRANSCOM Components
Other DoD Components (i.e. Army, Navy, Air Force)
Specify.
Army, Navy, Air Force, Marine Corps, and Defense
Logistics Agency (DLA)
Other Federal Agencies (i.e. Veteran’s Affairs, Energy, State)
Specify.
Department of Homeland Security
State and Local Agencies
Specify.
Contractor (Name of contractor and describe the language in
the contract that safeguards PII. Include whether FAR privacy
clauses, i.e., 52.224-1, Privacy Act Notification, 52.224-2,
Privacy Act, and FAR 39.105 are included in the contract.)
ECS, eVETS, MITRE, OBXtek and TRI-COR.
The contractor shall comply with Federal Information
Processing Standards (FIPS) and Federal laws and
Specify. regulations that affect IT systems operations.
Examples are the Privacy Act of 1974, the Computer
Security Act of 1987 and the Joint Financial Management
Improvement Program (JFMIP).
Other (e.g., commercial providers, colleges).
Specify.
i. Source of the PII collected is: (Check all that apply and list all information systems if applicable)
Individuals
Databases
Existing DoD Information Systems
Commercial Systems
Other Federal Information Systems
GATES interfaces with systems that transfer PII: (1) Cargo Movement Operations System (CMOS): passenger data and personal property/
super cargo shipments; (2) Distribution Component Billing System (DCBS): passenger data; (3) Division of Health Service Regulation
(DHSR): passenger data; (4) Defense Personal Property System (DPS): personal property shipments; (5) Distribution Standards System
(DSS): personal property/super cargo shipments (6) Integrated Data Environment/Global Transportation Network Convergence (IGC):
passenger data and personal property/super cargo shipments; (7) Mobility Enterprise Information Services (MEIS): human remains; (8)
Non-combatant Evacuation Operations (NEO) Tracking System (NTS): evacuee passenger data; (9) Radio Frequency In-Transit Visibility
(RF-ITV) Server: personal property shipments; (10) Single Mobility System (SMS): user defined reports may contain PII; (11) Sea Service
Deployment Module (SSDM): passenger manifests; (12) Transportation Coordinators’ Automated (TC-AIMS II): passenger manifests and
personal property/super cargo shipments; (13) Financial and Air Clearance Transportation (FACTS): passenger movement and personal
property/super cargo shipments; (14) Integrated Booking System (IBS-ATCMD): personal property/super cargo shipments; (15) IBS-Unit:
super cargo shipments; (16) Surface Deployment and Distribution Command (SDDC): passenger and personal property/super cargo
shipments; (17) Military Sealift Command (MSC): passenger and personal property/super cargo shipments; (18) Munitions Transportation
Management System (MTMS): super cargo; (19) Marine Air Ground Task Force II (MAGTF) Deployment Support System II (MDSS II):
super cargo; (20) Transportation Operational Personal Property Standard System (TOPS): personal property shipments; (21) Weapon
DD FORM 2930, JUN 2017
PREVIOUS EDITION IS OBSOLETE.
AEM Designer
Page 2 of 9
System Management Information (TRACKER): passenger data and personal property/super cargo shipments; and (22) Vendor Shipment
Module (VSM): super cargo shipments.
j. How will the information be collected? (Check all that apply and list all Official Form Numbers if applicable)
E-mail
Official Form (Enter Form Number(s) in the box below)
In-Person Contact
Paper
Fax
Telephone Interview
Information Sharing - System to System
Website/E-Form
Other (If Other, enter the information in the box below)
GATES collects PII through the following:
Travelers using Government conveyances provide PII in person, via the web or paper based collections to port personnel. Automated and
manual transfers of PII data can occur between GATES and other systems interfaces.
GATES interfaces with systems that transfer PII: CMOS, DCBS, DHSR, DPS, DSS, IGC, FACTS, GEX, GFM, GTN, IGC, LOGMOD,
MDSSII, MEIS, SMS,TC-AIMS II, TMDS, TOPS, TRACKER.
PII can also be embedded in the transportation control number for personal property shipments and for super cargo.
k. Does this DoD Information system or electronic collection require a Privacy Act System of Records Notice (SORN)?
A Privacy Act SORN is required if the information system or electronic collection contains information about U.S. citizens or lawful permanent U.S. residents that
is retrieved by name or other unique identifier. PIA and Privacy Act SORN information must be consistent.
Yes
No
If "Yes," enter SORN System Identifier
FTRANSCOM 01 DOD
SORN Identifier, not the Federal Register (FR) Citation. Consult the DoD Component Privacy Office for additional information or http://dpcld.defense.gov/
Privacy/SORNs/
or
If a SORN has not yet been published in the Federal Register, enter date of submission for approval to Defense Privacy, Civil Liberties, and Transparency
Division (DPCLTD). Consult the DoD Component Privacy Office for this date
If "No," explain why the SORN is not required in accordance with DoD Regulation 5400.11-R: Department of Defense Privacy Program.
l. What is the National Archives and Records Administration (NARA) approved, pending or general records schedule (GRS) disposition authority
for the system or for the records maintained in the system?
(1) NARA Job Number or General Records Schedule Authority.
DAA-GRS-2017-0003-0002
(2) If pending, provide the date the SF-115 was submitted to NARA.
(3) Retention Instructions.
Item 30 - Systems not requiring special accountability for access: destroy when business use ceases.
Item 31 - Systems requiring special accountability for access: destroy 6 years after password is altered or user account is terminated, but
longer retention is authorized if required for business use.
m. What is the authority to collect information? A Federal law or Executive Order must authorize the collection and maintenance of a system of
records. For PII not collected or maintained in a system of records, the collection or maintenance of the PII must be necessary to discharge the
requirements of a statue or Executive Order.
(1) If this system has a Privacy Act SORN, the authorities in this PIA and the existing Privacy Act SORN should be similar.
(2) If a SORN does not apply, cite the authority for this DoD information system or electronic collection to collect, use, maintain and/or disseminate PII.
(If multiple authorities are cited, provide all that apply).
(a) Cite the specific provisions of the statute and/or EO that authorizes the operation of the system and the collection of PII.
(b) If direct statutory authority or an Executive Order does not exist, indirect statutory authority may be cited if the authority requires the
operation or administration of a program, the execution of which will require the collection and maintenance of a system of records.
(c) If direct or indirect authority does not exist, DoD Components can use their general statutory grants of authority (“internal housekeeping”) as
the primary authority. The requirement, directive, or instruction implementing the statute within the DoD Component must be identified.
Public Law 100-562, Imported Vehicle Safety Compliance Act of 1988; 5 U.S.C. 5726, Storage Expenses, Household Goods and Personal
DD FORM 2930, JUN 2017
PREVIOUS EDITION IS OBSOLETE.
AEM Designer
Page 3 of 9
Effects; 10 U.S.C. 113, Secretary of Defense; 10 U.S.C. 3013, Secretary of the Army; 10 U.S.C. 5013, Secretary of the Navy; 10 U.S.C.
8013, Secretary of the Air Force; 19 U.S.C. 1498, Entry Under Regulations; 37 U.S.C. 406, Travel and Transportation Allowances:
Dependents, Baggage and Household Effects; 49 U.S.C. 41113, Plans to address needs of families of passengers involved in aircraft
accidents; 14 C.F.R. 243, Passenger Manifest Information; Federal Acquisition Regulation (FAR); Joint Federal Travel Regulation (JTR),
Volumes I and II; DOD Directive 4500.09, Transportation and Traffic Management (2019); DOD Instruction 5158.06, Joint Deployment and
Distribution Enterprise (JDDE) (2020); DOD Instruction 4140.01, DOD Supply Chain Material Management (2019); DTR 4500.9-R,
Defense Transportation Regulation (2019); DOD Instruction 4515.13, Air Transportation Eligibility (2016); and DOD Instruction 4500.57,
Transportation and Traffic Management (2017).
n. Does this DoD information system or electronic collection have an active and approved Office of Management and Budget (OMB) Control
Number?
Contact the Component Information Management Control Officer or DoD Clearance Officer for this information. This number indicates OMB approval to
collect data from 10 or more members of the public in a 12-month period regardless of form or format.
Yes
No
Pending
(1) If "Yes," list all applicable OMB Control Numbers, collection titles, and expiration dates.
(2) If "No," explain why OMB approval is not required in accordance with DoD Manual 8910.01, Volume 2, " DoD Information Collections Manual:
Procedures for DoD Public Information Collections.”
(3) If "Pending," provide the date for the 60 and/or 30 day notice and the Federal Register citation.
The OMB Control Number required is being requested and will be provided at a later date.
DD FORM 2930, JUN 2017
PREVIOUS EDITION IS OBSOLETE.
AEM Designer
Page 4 of 9
File Type | application/pdf |
File Title | DD 2930, Privacy Impact Assessment (PIA), Jun 2017.pdf |
Author | tcsneela |
File Modified | 2022-02-01 |
File Created | 2022-02-01 |