Download:
pdf |
pdfPrivacy Impact Assessment
for the
Microfilm Digitization Application
System (MiDAS)
DHS/USCIS/PIA-017(a)
August 31, 2017
Contact Point
Donald K. Hawkins
Office of Privacy
U.S. Citizenship and Immigration Services
(202) 272-8000
Reviewing Official
Philip S. Kaplan
Chief Privacy Officer
Department of Homeland Security
(202) 343-1717
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 1
Abstract
U.S. Citizenship and Immigration Services (USCIS) maintains millions of electronic
immigration-related records that were created between 1893 and 1975. USCIS created the Microfilm
Digitization Application System (MiDAS) to retain these historical records. MiDAS enables USCIS
to search the historical records and provide records to government agencies and members of the public
who request this information for mission-related and genealogy purposes. USCIS is updating this
Privacy Impact Assessment (PIA) to discuss the privacy risks and mitigations associated with the
collection, use, and maintenance of personally identifiable information (PII) provided by MiDAS’
functionalities.
Overview
The Homeland Security Act of 2002 1 dismantled the former Immigration and Naturalization
Service (INS) and separated the agency into three Components within the Department of Homeland
Security (DHS). 2 On March 1, 2003, U.S. Citizenship and Immigration Services (USCIS) officially
assumed responsibility for the immigration service functions of the U.S. Federal Government. USCIS
maintains historical records on aliens, which includes information on subjects who are both living
and deceased. This information may be provided to government agencies for mission-related
purposes, to assist in the determination to grant or deny a government benefit, or to conduct law
enforcement or other investigations. USCIS also makes records of deceased subjects available to
members of the public who request them for genealogical and other historical research purposes.
USCIS Immigration Records and Identity Services Directorate (IRIS) Records Division (RD) is
responsible for responding to historical records requests made by government and public requestors.
Within RD, Records and Identity Services Branch (RISB) responds to requests made by government
requestors, while Historical Research Branch (HRB) responds to requests made by the public.
Historical Records
RISB and HRB can release five types of the agency’s historical records to government and
public requesters. The types of releasable historical records maintained by USCIS include:
•
1
Naturalization Certificate-Files (C-Files) are copies of records relating to all U.S.
naturalizations in federal, state, county, or municipal courts; overseas military
naturalizations; replacement of old law naturalization certificates; and the issuance of
Pub. L. No. 107-296, 116 Stat. 2135.
U.S. Immigration and Customs Enforcement (ICE) and U.S. Customs and Border Protection (CBP), components
within DHS, now handle immigration enforcement and border security functions.
2
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 2
Certificates of Citizenship in derivative, repatriation, and resumption cases. 3 C-Files were
created between September 27, 1906 and March 31, 1956.
3
•
Alien Registration Forms (Forms AR-2 4 and AR-102 5) are copies of approximately 5.5
million Alien Registration Forms completed by all aliens age 14 and older residing in or
entering the United States between August 1, 1940 and March 31, 1944. 6
•
Visa Files are original arrival records of immigrants admitted for permanent residence
under provisions of the Immigration Act of 1924. 7 Visa Files were created between July
1, 1924 and March 31, 1944.
•
Registry Files are records that document the creation of immigrant arrival records for
persons who entered the United States prior to July 1, 1924, and for whom no arrival
record could later be found. 8 Registry Files were created between March 1929 and March
31, 1944.
•
Alien Files are the individual alien case files that became the official file for all
immigration records created or consolidated since April 1, 1944. Alien Registration
Numbers (“A-numbers”) ranging up to approximately six million were issued to aliens
and immigrants within or entering the United States between 1940 and 1945. The
C-Files are a product of the Basic Naturalization Act of 1906. That law created the Federal Naturalization Service and
required the new agency to collect and maintain copies of all naturalization records nationwide. The C-File series later
expanded to include records of U.S. citizenship acquired by derivation (naturalization by virtue of qualifying relation to
another who is a birthright or naturalized citizen) and resumption or repatriation by former citizens that expatriated
themselves (lost their U.S. citizenship).
4
Alien Registration Forms (“AR-2s”) document the presence of non-citizens in the United States during the Second
World War. The Immigration and Naturalization Service (“INS”) used the Form AR-2 to make a record of all aliens
residing in or entering the country between August 1940 and March 31, 1944. Although stamped with an Alien
Registration Number ("A-number"), AR-2s are a distinct records series and are not Alien Files (“A-Files”)
5
Individuals submitted the Form AR-102 in order to satisfy the registration requirement. See 8 C.F.R. Sec. 170.8. (1938
& Supp. 1941)
6
The Alien Registration Program was a World War II-era national security measure ordered by the original Alien
Registration Act of 1940. That 1940 Act directed INS to fingerprint and register every alien age 14 and older living or
arriving in the United States.
7
The Immigration Act of 1924 took effect on July 1, 1924. That law required all arriving non-citizens to present a visa
when applying for admission to the United States. Immigrants requested visas at U.S. Embassies and Consulates abroad
before their departure. The State Department only issued visa documents to approved immigrants and the Immigration
Service only admitted immigrants arriving with a visa. In this way, visas allowed the Federal government to both select
and limit the number of immigrants legally admitted for permanent residence.
8
Registry Files document the creation of official immigrant arrival records under the Registry Act of March 2, 1929 (45
Stat 1512). The Registry Act applied to persons who entered the United States prior to July 1, 1924, and for whom no
arrival record could later be found. Because the Registry Program required applicants to document their arrival and
subsequent residence in the country, Registry Files often contain significant biographical information about the subject
immigrant.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 3
predecessor immigration agencies issued six million to seven million series of A-numbers
between 1944 and May 1, 1951. 9
Relevant IT System for Historical Records
To preserve the historical content, USCIS digitally indexed over 85 million historic
immigration-related records, previously stored on microfilm, using the Microfilm Digitization
Application System (MiDAS). 10 USCIS RD, specifically RISB and HRB, use MiDAS to search,
retrieve, and deliver information about individuals to federal, state, and local government agencies
and the public.
MiDAS consists of the five components that allow government and public requestors to
submit a request, and USCIS RD to search for and retrieve matching records to respond to the request:
External components used by requestors to request records:
•
Office of Records Management Web Request site (ORM-WR) is used by government
agencies to request immigrant files and searches for immigrant files; file creations,
Certificates of Non-Existence, and Certified True Copies.
•
Genealogy Web Request site (GEN-WR) 11 is used by the general public to request
immigrant files and searches for immigrant files.
Internal components used by USCIS RD to respond to requests:
9
•
MiDAS Search Engine (MSE) allows RD users to enter search criteria to locate and
display specific records from a set of approximately 100 million digitized images created
from deteriorating microfilm and paper files. MSE is accessible to users within the specific
Case Management Tracking (CMT) tool, and as a standalone search engine used by both
RISB and HRB.
•
ORM CMT Tool is a customized Siebel application used by the RISB to track and
manage the fulfillment of requests, in the form of cases, for historical immigrant
information from government agencies.
•
Genealogy CMT Tool is a customized Siebel application used by the HRB to track and
manage the fulfillment of requests, in the form of cases, for historical immigrant
information from the general public.
A-Files became the official file for all immigration and naturalization records created or consolidated since April 1,
1944.
10
While efforts continue to digitize remaining microfilm and paper files, a large amount of historical immigration
records still exist in hard copy paper only.
11
GEN-WR is available at https://genealogy.uscis.dhs.gov/.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 4
Requesting Historical Records contained in MiDAS
USCIS allows both government and public requestors to request historical records contained
in MiDAS.
Requests by Members of the Public:
The USCIS HRB Genealogy Program offers two services for members of the public:
•
Index Search Request is a request for searches of USCIS indices to determine whether
any USCIS records exist for a specific individual, and
•
Record Copy Request is a request for USCIS to retrieve a specific record or file related
to a particular individual.
Index Search Request:
USCIS requires requestors to submit an Index Search Request to obtain a file number of a
subject, prior to conducting a Record Copy Request, unless the requestor is certain of the subject’s
file number.
Generally, requestors conduct an Index Search Request to indicate (1) whether or not any
record(s) exists for the subject identified; and (2) if records do exist for the subject, how many records,
what type(s) of records, where those records are currently located, and how to request the records.
Since 1893, federal immigration and naturalization agencies created and maintained a variety of
records for immigrants. USCIS personnel search MiDAS for records related to a specific subject,
using biographical information provided by the requestor. The Index Search Request provides all file
numbers related to a specific subject to the public requestor.
Record Copy Request:
Public requestors who have a USCIS file number(s), gained through an Index Search Request
or through independent research, may request copies of historical immigration and naturalization
records. Members of the public can request copies of C-Files, AR-2 Forms, Visa Files, Registry Files,
and A-Files with a valid USCIS file number.
For public requests, whether an Index Search Request or a Record Copy Request, responses
can only be provided if they relate to subjects who are deceased (USCIS presumes that an individual
is deceased if he or she was born more than 100 years ago or for whom proof of death is provided). 12
USCIS may disclose information about deceased subjects to requestors because the Privacy Act of
1974 does not protect information pertaining to deceased individuals. 13 When responding to these
requests, USCIS presumes that subjects born more than 100 years ago are deceased. Thus, if the
subject of a record request was born less than 100 years prior to the date of the request, documentary
12
13
Schrecker v. Dep’t of Justice, 349 F.3d 657 (D.C. Cir. 2003).
See Office of Management and Budget Privacy Act Guidelines, 40 Fed. Reg. 28949, 28951 (July 9, 1975)
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 5
evidence of the subject's death is required. The public requestor bears the burden of establishing to
the satisfaction of USCIS that the subject is deceased. Acceptable documentary evidence includes
death records, published obituaries, published death notices or published eulogies, church or bible
records, photographs of gravestones, or copies of official documents relating to payment of death
benefits.
If it is determined that the subject is still alive, USCIS will cancel the genealogy request and
advise the public requestor to submit a Freedom of Information Act (FOIA) request. 14
Submission of a Public Request:
Public Requestors with an interest in finding records using an Index Search Request must
complete a Form G-1041, Genealogy Index Search Request, and submit a $20.00 fee. 15 Public
requestors with an interest in finding records using a Record Copy Request must complete a Form G1041A, Genealogy Records Request. Requestors are required to submit a $20.00 fee for a copy of the
microfilm 16 or a $35.00 fee for a copy of the hardcopy file along with their form to USCIS. 17
USCIS accepts the Forms G-1041 and G-1041A either by mail or online. Public requestors
who complete the paper Forms G-1041 and G-1041A can submit the forms and the associated fees
to:
USCIS Genealogy Program
PO Box 805925
Chicago, IL 60680-4120
Genealogy cannot process requests by mail until USCIS receives payment by cashier's check or
money order. If a public requestor chooses to make a payment by check, upon receipt, the check is
converted into an electronic funds transfer (EFT). USCIS copies the check and the account
information is used to electronically debit the account for the amount of the check. 18 This process
usually occurs within 24 hours of receipt of the request. Upon receipt of the request, the public
requestor is sent a letter through the U.S. Postal Mail confirming receipt of the request
Public requestors who wish to submit a request online may do so using the GEN-WR without
making an online account. Requestors can complete the electronic Form G-1041 or G-1041A and
14
The Freedom of Information Act of 1966, as amended (5 U.S.C § 552), permits any person to request access to
federal agency records. See DHS/ALL/PIA-028 FOIA and PA Records Program and associated updates, available at
https://www.dhs.gov/privacy.
USCIS FOIA requests can be submitted using the G-639, FOIA/PA Request Form, available at
http://www.uscis.gov/g-639
15
The G-1041 is available at http://www.uscis.gov/files/form/g-1041.pdf
16
Microfilm is photographed materials maintained on film o to greatly reduced size for ease of storage.
17
The Form G-1041A is available at http://www.uscis.gov/files/form/g-1041a.pdf
18
USCIS does not provide the original check back to the requestor. Instead, USCIS makes a copy of the check,
maintains it in the respective GEN Case Folder, and destroys the original.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 6
submit the associated fee online using the Pay.gov interface which automatically transmits the
information to the USCIS Lockbox facility. 19 Once the transaction is complete, the website will return
to a printable receipt on the GEN-WR showing the requestors USCIS Genealogy Case number.
The Forms G-1041 and G-1041A ask the public requestor to provide detailed information
about themselves as well as information about the subject. USCIS cannot conduct searches without
the public requestor providing the subject’s name, year of birth, and country of birth. USCIS will
search alternative names only if the requestor provides the names, spelling, and aliases. If a search
results in multiple subjects, USCIS will contact the public requestor via email or phone to request
additional information to confirm the accuracy of the search results. For example, if search results in
multiple subjects with the same name, identical birth year, and country, the public requester will be
contacted to obtain a middle name, an exact date of birth, spouse or children’s names, actual or
estimated date of arrival or naturalization, or place of residence when naturalized. If the public
requestor cannot provide additional information to make an informed decision USCIS will then return
a “No Record” response. Requestors receive the “No Record” response by mail, or through the case
status inquiry online webpage. If the requestor emails USCIS, USCIS may also provide the “No
Record” response by email.
In most cases, the processing time for public requests is 90 days. If the case is taking longer
than 90 days to process, public requestors are encouraged to use the Genealogy Request Case Status
Inquiry Webpage. 20 The web user is able to quickly retrieve the status of his or her request by entering
the Genealogy Request Case ID and the requester's first and last name. Requestors may also e-mail
USCIS at [email protected] or contact USCIS via postal mail. Requestors may send
postal mail inquiries to the following address:
USCIS Genealogy Program
1200 First Street NE Room 230
Washington, DC 20529-2206
Requests by Government Agencies:
Federal, state, and local government agencies may request records from RISB to collect law
enforcement or intelligence information for the enforcement of criminal or civil law (i.e., an
investigation, prosecution, implementation of civil or criminal laws, regulations, or orders). The
information may also assist these entities in determining an individual’s claim of a benefit or legal
status. Unlike public requestors, government agencies are able to request information (i.e., immigrant
19
Lockbox facilities are operated by pay.gov which is authorized by the Department of Treasury. In general, a Lockbox
is a post office box used by USCIS to accelerate the collection of receivables. The USCIS Lockbox is used to accept
applications and petitions by electronically capturing data and images from benefit request forms and by performing fee
receipting and fee deposit. See DHS/USCIS/PIA-061 USCIS Benefit Intake and Receipt Intake, available at
www.dhs.gov/privacy.
20
The Genealogy Request Case Status Inquiry Webpage is available at https://genealogy.uscis.dhs.gov/casestatus.aspx
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 7
files, file creations, Certificates of Non-Existence, or Certified True Copies) maintained on both living
and deceased individuals.
Government agencies with a valid need-to-know can obtain copies of these historical records
using the access-controlled ORM-WR site or by contacting RISB directly with a detailed explanation
of why the request is required for official business. Through ORM-WR, government requestors are
able to request a search of the MiDAS index or a copy of a historical USCIS record on file. ORMWR only enables government agencies to request RISB to search for records. ORM-WR does not
enable them to search the documents stored in MiDAS. USCIS issues a user ID and password to
registered ORM-WR users, who are not required to pay a fee. RISB grants access to ORM-WR to
authorized users who submit a request via the ORM e-mail mailbox, including the reason why they
are seeking access to ORM-WR. Government requestors are directed to the USCIS Service Desk to
complete the requisite access requirements, and for the USCIS Service Desk to validate the
requestor’s identity and affiliation. Once the requestor receives access, they are permitted to request
a search of the MiDAS index or a copy of a historical USCIS record on file. RISB supervisors review
each individual request to determine if compatibility exists, and when disclosure is permitted pursuant
to a Routine Use in the covered System of Record Notice. Requests for records from government
requestors may be made by fax, email, postal or express mail. RISB will respond within two to four
weeks.
Additionally, USCIS keeps an accurate accounting of each disclosure of living individuals to
outside entities pursuant to subsection (c) of the Privacy Act, (5 U.S.C. 552a).. USCIS records each
disclosure on the Form G-658, Record of Information Disclosure (Privacy Act), and maintains a copy
in the Subject’s A-File. 21
Section 1.0 Authorities and Other Requirements
1.1
What specific legal authorities and/or agreements permit and define
the collection of information by the project in question?
Sections of the Immigration and Naturalization Act (INA), 8 USC §§ 1103, 1304 and 1360,
provide the legal authority to collect and disseminate the information for this system. 8 USC § 1103
directs the Secretary to create and control such programs and systems used to support the program. 8
USC § 1304 authorizes the Secretary to create forms for such programs. 8 USC § 1360 allows DHS
to establish a central file to maintain such records. Furthermore, 8 CFR §§ 103.38-.41, comprise the
regulations covering the Genealogy Program. These regulations apply only to searches for and
retrieval of records from the file series described as historical records in 8 CFR § 103.39. These
regulations set forth the procedures by which individuals may request searches for historical records
21
USCIS maintains a record of disclosure to external agencies only for living individuals.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 8
and, if responsive records are located, obtain copies of those records. Subject data stored and
converted from historical records and the related indices were collected under various legal authorities
dating back to 1882.
USCIS published a final rule entitled “Establishment of a Genealogy Program” in the Federal
Register (73 FR 28026, May 15, 2008), which provides additional guidance for the collection and
dissemination of information as part of the Genealogy Program.
1.2
What Privacy Act System of Records Notice(s) (SORN(s)) apply to
the information?
The following Privacy Act System of Records Notices apply to the collection, use,
maintenance, and dissemination of information:
•
Benefits Information System, 22 which covers USCIS' collection, use, maintenance,
dissemination, and storage of benefit request information, including case processing
and decisional data not included in the A-File.; and
•
Alien File, Index, and National File Tracking System of Records, 23 which covers the
paper and electronic copy A-File and/or Receipt File, supplemental forms,
supplemental evidence, and identity history summaries (formally known as RAP
sheets), but does not include all case processing and decisional data.
USCIS is in the process of publishing an update to the A-File SORN to account for public
requestors retrieving case status information by his or her own name.
1.3
Has a system security plan been completed for the information
system(s) supporting the project?
Yes. MiDAS has been granted an Authority to Operate (ATO), which is continually being
monitored under the USCIS Ongoing Authorization process. Ongoing Authorization requires MiDAS
to be reviewed on a monthly basis and to maintain its security posture in order to retain its ATO.
1.4
Does a records retention schedule approved by the National Archives
and Records Administration (NARA) exist?
Information (data and electronic images) pertaining to correspondence with the public and
government requestors is retained and disposed every 6 years in accordance with the NARA
General Records Schedule 4.2, item 020 and GRS 6.5, item 010.
22
DHS/USCIS-007 Benefits Information System, 81 FR 72069 (Oct. 19, 2016).
DHS/USCIS/ICE/CBP-001 Alien File, Index, and National File Tracking System of Records, 78 FR 69864 (Nov. 21,
2013).
23
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 9
Information contained in MiDAS is retained and disposed of in accordance with the schedule,
N1-566-06-2, approved by NARA in March 2006. These records are permanent. 24
In accordance with N1-566-04-02, the following records are permanent and are scheduled to
be transferred to NARA in 2018 (75 years after last action):
•
Chinese Reentry Permit Application Files, 1924-1943;
•
Chinese Visa Petition Files, 1930-1943;
•
Index to Chinese Visa Petition Files, 1930-1943; and
•
Chinese Students, Hawaiian-Born, prior to 1924. 25
In accordance with N1-566-04-03, the following records are permanent and are scheduled to
be transferred to NARA in 2019 (75 years after last action):
•
Immigrant Visa Files created from July 1, 1924 to March 31, 1944. 26
In accordance with N1-566-04-04, the following records are permanent and are scheduled to
be transferred to NARA in 2019 (75 years after last action):
•
Registry Files created from March 2, 1929 – March 31, 1944. 27
In accordance with N1-566-07-01, the following records are permanent were transferred to
NARA in 2006:
•
Old Law Index to Pre-1906 Naturalization in Courts Within the INS Denver District.28
Original records (negatives) contained in the legacy Immigration and Naturalization Service
(INS) Master Index, a microfilm index system, were transferred to NARA in 2005, in accordance
with N1-85-91-03. 29 Alien Registration Microfilm Reels were transferred to NARA in 2005, in
accordance with N1-85-91-04. 30
24
http://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-homeland-security/rg-0566/n1-56606-002_sf115.pdf.
25
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-homeland-security/rg-0566/n1566-04-002_sf115.pdf.
26
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-homeland-security/rg-0566/n1566-04-003_sf115.pdf.
27
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-homeland-security/rg-0566/n1566-04-004_sf115.pdf.
28
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-homeland-security/rg-0566/n1566-07-001_sf115.pdf.
29
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-justice/rg-0085/n1-085-91003_sf115.pdf.
30
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-justice/rg-0085/n1-085-91004_sf115.pdf.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 10
Protocol Registration Microfilm Reels created between March 1941 and July 1944 were
transferred to NARA for permanent retention in 1994 in accordance with N1-85-92-02. 31
INS Investigation Files created between 1948 and 1985 are to be transferred to NARA soon,
in accordance with N1-85-94-03. 32
Both NN-168-099 and NN-168-102 are being revised to change the retention schedule for
Naturalization and Citizenship Files (C-Files) created between July 1, 1906 and March 31, 1956 and
Field Petition Files, Admitted Slips, and Vertical Files (P-Files) created between July 1909 and March
1950, from 100 years to permanent records.
The Genealogy Case File and Historical Information Case File (for government requestors) is
retained and disposed of in accordance with the schedule, N1-566-12-01 and N1-566-12-02, approved
by NARA in February and March 2012, respectively. These records are deleted and destroyed 3 years
after the case is closed.
Outputs sent to both the public and government requestors (acknowledgment letter, screen
prints, response letters, responsive documents) are destroyed when no longer needed, in accordance
with the General Records Schedule 4.3, Item 30.
1.5
If the information is covered by the Paperwork Reduction Act (PRA),
provide the OMB Control number and the agency number for the
collection. If there are multiple forms, include a list in an appendix.
The collection of information for genealogy requests is subject to the PRA. USCIS obtained
approval from OMB for Form G-1041 and Form G-1041A (OMB No. 1615-0040). ORM-WR is only
accessible by Government employees and is therefore exempt from the PRA.
31
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-justice/rg-0085/n1-085-92002_sf115.pdf.
32
https://www.archives.gov/records-mgmt/rcs/schedules/departments/department-of-justice/rg-0085/n1-085-94003_sf115.pdf.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 11
Section 2.0 Characterization of the Information
The following questions are intended to define the scope of the information requested and/or collected, as well
as reasons for its collection.
2.1
Identify the information the project collects, uses, disseminates, or
maintains.
USCIS collects, uses, disseminates and maintains the following information in support of
MiDAS and historical record/genealogy requests:
Information about both the requestor making the request and the subject of the request is
collected in the following methods:
ORM-WR:
Information about the government requestor includes his or her:
•
Full Name;
•
Mailing Address;
•
Email Address;
•
Phone Numbers;
•
User ID;
•
Password; and
•
Agency.
GEN-WR and Form G-1041/G-1041A:
Information about the public requestor includes his or her:
33
•
Full Name;
•
Mailing Address;
•
Email Address;
•
Phone numbers; and
•
Reply from Pay.gov or USCIS Lockbox 33 stating fees have/have not been paid.
Lockbox facilities are operated by a specialized contractor authorized by the Department of Treasury. Lockbox intake
includes a) a secure environment for fee collections, resulting in improved internal controls; b) centralized and
expedited application and fee-collection intake; c) reduced operational costs, as Treasury funds a significant portion of
the Lockbox activities; and d) flexibility in addressing issues related to unanticipated surges in volume.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 12
Information about the subject of the request includes his or her:
•
Genealogy Index Search Case Number;
•
Full Name(s) and Alias(es);
•
Date of Birth;
•
Place of Birth;
•
Date of Arrival in the United States;
•
Place of Residence in the United States;
•
Name of Spouse and Children;
•
Date of Immigrant’s Death;
•
Military Service;
•
Date of Naturalization;
•
Date of Female Immigrant’s Marriage;
•
Occupation;
•
Legal documents or notes (e.g., divorce decree);
•
Certificates (e.g., birth, death, marriage, and naturalization);
•
Naturalization Certificate File (1906-1956) (certificate number, date of
naturalization, court, city, and country);
•
Non-standard C-Files (B, D, OM, OS, A, AA, OL) (certificate number, and
date of issuance);
•
Alien Registration Record (AR-2) (1940-1944) (A-Number);
•
A-File numbered below 8 Million (A-File Number);
•
Visa File (1924-1944) (visa number, date of entry, port-of-entry, and ship); and
•
Registry File (1929-1944) (Registry File Number) Paper or electronic copy of
death certificate, obituary, or other proof of death if the date of birth is fewer than 100 years
prior to request.
Upon submission of the request, both HRB and RISB provide case ID number to the requestor.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 13
Information retained in MiDAS and provided in response to a request:
Information provided in response to an Index Search Request:
Digitized images of the microfilmed index cards, which contain the following limited
information about the Subjects of records:
•
Full Name;
•
Date of Birth;
•
Country of Birth;
•
Biometric Identifiers (e.g., photograph, signature);
•
Place of Residence (Address(s));
•
Parents Names;
•
Identifying Numbers issued by legacy Immigration and Naturalization Service
now the Department of Homeland Security (e.g. Alien Number, Naturalization Certificate
number); and
•
Location of the Subjects' official files.
Information provided in response to a Record Copy Request:
C-Files typically contain copies of at least one application form (Declaration of Intention
and/or Petition for Naturalization, or other application) and a duplicate Certificate of Naturalization
or Certificate of Citizenship. Many files contain additional documents, including correspondence,
affidavits, or other records. C-Files dating from 1929 onward include photographs.
Form AR-2 contains identifiable information, including but not limited to: name; name at
arrival; other names used; street address; post-office address; date of birth; place of birth; citizenship;
sex; marital status; race; height; weight; hair and eye color; date, place, vessel, and class of admission
of last arrival in United States; date of first arrival in United States; number of years in United States;
usual occupation; present occupation; name, address, and business of present employer; membership
in clubs, organizations, or societies; dates and nature of military or naval service; whether citizenship
papers filed, and if so date, place, and court for declaration or petition; number of relatives living in
the United States; arrest record, including date, place, and disposition of each arrest; whether or not
affiliated with a foreign government; signature, and fingerprint.
Visa Files contain any information normally found on a ship passenger list from the period,
as well as the immigrant’s places of residence for the five years prior to emigration, names of both
the immigrant’s parents, and other data. Attached to the visa in most cases are birth records or
affidavits. Marriage, military, or police records may additionally be included as attachments.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 14
Registry Files include documents supporting the immigrant’s claims regarding arrival and
residence (i.e., proofs of residence, receipts, and employment records).
A-Files contain identifiable information, including but not limited to: full name, alias(es), sex,
address, telephone number, social security number, A-Number, passport number, DOB, COB,
Country of Citizenship (COC), vital documents (e.g., birth certificates, passports, marriage
certificates), biometric information (e.g., photographs, fingerprints), enforcement supporting
documents (e.g., rap sheets), and other documents (e.g., naturalization certificates, tax returns, labor
certifications, correspondence, court dispositions, interview notes).
2.2
What are the sources of the information and how is the information
collected for the project?
USCIS collects information from government officials and private citizen requestors seeking
to obtain information for mission related purposes or historical/genealogy purposes. If USCIS has
records on the subject, USCIS provides the requestor with the subject’s records. These records are
generally historical immigration related records collected from subjects between 1892 – 1975. In most
circumstances, the subject of a record would have sought an immigration benefit, naturalization, or
were in immigration enforcement proceedings from the former INS and its predecessor agencies. The
former INS collected information from applicants and petitioners seeking immigration related
benefits using paper forms. The INS converted many of the historical documents to include
applications/petitions for naturalization, derivative citizenship, arrival, expulsion, exclusion, and
lawful entry on microfilm and also created an index card system to track these records. In 1975, INS
replaced this legacy filing system, the Master Index (MI), 34 with the Central Index System (CIS).35
After this transition, unless INS took further action on a subject, INS did not transfer the information
from MI to CIS. As stated above, these records were ultimately transferred to NARA in 2005.
2.3
Does the project use information from commercial sources or publicly
available data? If so, explain why and how this information is used.
USCIS may use publicly available sites such as Ancestry.com to access the Social Security
Death Index to confirm whether an individual over the age of 100 is deceased. Although USCIS
typically presumes an individual over the age of 100 is deceased, in an effort to protect privacy,
USCIS accesses this publically available data prior to releasing information about an individual.
34
35
DOJ/INS-001 Index System, 58 FR 51847 (October 5, 1993).
See DHS/USCIS/PIA-009 CIS, available at www.dhs.gov/privacy.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 15
2.4
Discuss how accuracy of the data is ensured.
Requestors seeking subject records provide their contact information and information about
their subject to USCIS via ORM-WR, GEN-WR, Form G-1041 or G-1041A. USCIS presumes the
information provided by the requestor is correct and accurate.
USCIS only provides records of subjects that are an exact match to the information the
requestor provided. USCIS does not return records to the requestor if USCIS maintains the immigrant
records under a name other than what the requestor provides. Similarly, if multiple immigrants with
the same name appear with identical birth year and country, no matching records are returned. Only
if requestors provide additional information (e.g., actual or estimated date of arrival or naturalization,
or place of residence when naturalized) can USCIS identify an immigrant from among other with the
same name.
2.5
Privacy Impact Analysis: Related to Characterization of the
Information
Privacy Risk: There is a risk that USCIS may provide inaccurate or incomplete records to a
requestor due to poor quality image of the subject’s file.
Mitigation: USCIS can only partially mitigate this risk because it is mostly out of USCIS’
control. Poor production of microfilm in the past has led to deterioration of many records. Record
images may be faded, but USCIS provides the best record copy.
Section 3.0 Uses of the Information
The following questions require a clear description of the project’s use of information.
3.1
Describe how and why the project uses the information.
USCIS retains these records for historical purposes, sharing with government agencies for
mission-related purposes, and making them available to members of the public who are interested in
obtaining the records for genealogical and other historical research.
USCIS shares historical immigration information with government personnel, including state
and local government agencies responsible for providing benefits, investigating or processing
violations of civil or criminal laws, or protecting the national security.
Members of the public and other government agencies use the immigration records obtained
by USCIS for genealogical and other historical research. In many cases, USCIS is the only
government agency that has certain historical records that provide the missing link for which
genealogists or family historians search. USCIS will provide this information to genealogists or
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 16
family historians to assist in completing their search. USCIS RD only shares records of deceased
subjects with members of the public. 36
3.2
Does the project use technology to conduct electronic searches,
queries, or analyses in an electronic database to discover or locate a
predictive pattern or an anomaly? If so, state how DHS plans to use
such results.
No.
3.3
Are there other components with assigned roles and responsibilities
within the system?
Yes. USCIS may share information with other DHS components, such as Immigration and
Customs Enforcement and Customs and Border Protection, to provide the immigration status of an
individual for employment, determining entitlement of an agency’s benefits, or law enforcement
purposes.
3.4
Privacy Impact Analysis: Related to the Uses of Information
Privacy Risk: There is a risk that the information collected may be used for purposes that do
not align with the USCIS mission.
Mitigation: Members of the public who request information about deceased individuals may
obtain the data and use it for their own intended purpose. The Privacy Act of 1974 does not extend to
deceased individuals. If USCIS receives a request for an individual who is over 100 years of age,
USCIS presumes they are deceased. Documentary evidence of the subject’s death is required when
USCIS receives a request regarding a subject born less than 100 years prior to the date of the request.
Requestors must provide additional evidence including death records, published obituaries, published
death notices or published eulogies, church or bible records, photographs of gravestones, or copies of
official documents relating to payment of death benefits.
Government agencies are able to access information in MiDAS on both deceased and living
subjects. For living individuals covered by the Privacy Act, USCIS only shares information when
compatible with the purpose for collection and pursuant to a routine use as outlined in the Alien File,
Index, and National File Tracking SORN and Benefits Information System SORN.
36
If a public requestor requests historical immigration related records containing information about living people, GEN
will cancel the USCIS Genealogy Request and he or she will be advised to submit a Privacy Act/Freedom of Information
Act (PA/FOIA) request.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 17
For living individuals not covered by the Privacy Act, pursuant to Privacy Policy Guidance
Memorandum 2017-01, DHS Privacy Policy Regarding Collection, Use, Retention, and
Dissemination of Personally Identifiable Information, 37 DHS treats all persons, regardless of
immigration status, consistent with the Fair Information Practice Principles (FIPPs). 38 For these living
individuals, USCIS uses a FIPPs analysis to determine whether or not the sharing should occur.
Similar to covered individuals, the analysis requires a determination that the use of the records
proposed is consistent with the purpose for which DHS collected the records. USCIS also continues
to look at the SORNs listed in section 1.2 as guidance as to whether a disclosure is consistent with
the purpose for the collection of the information, and generally the FIPPs framework.
USCIS documents a record of disclosure for living individuals, regardless of whether or not
he or she is covered by the Privacy Act, through the Form G-658, Record of Disclosure, and maintains
a copy in the subject’s A-File.
Section 4.0 Notice
The following questions seek information about the project’s notice to the individual about the information
collected, the right to consent to uses of said information, and the right to decline to provide information.
4.1
How does the project provide individuals notice prior to the collection
of information? If notice is not provided, explain why not.
Individuals are provided general notice through the publication of this PIA and the associated
SORNs identified in section 1.2 of this PIA. USCIS is updating the A-File SORN to provide notice
to members of the public that the customer information they provide on the Forms G-1041, G-1041A,
or the GEN-WR will be retained and can be retrieved using a personal identifier.
Forms G-1041, G-1041A, GEN-WR, and ORM-WR all contain a Privacy Notice, and
instructions for how to file, where to send, and how to contact USCIS with any filing questions. Each
Privacy Notice provides notice to individuals about USCIS’ authority to collect information, the
purposes of data collection, routine uses of the information, and the consequences of declining to
provide the requested information to USCIS.
37
See Privacy Policy Guidance Memorandum 2017-01, DHS Privacy Policy Regarding Collection, Use, Retention, and
Dissemination of Personally Identifiable Information, available at www.dhs/gov/privacy
38
The FIPPs are a widely recognized framework for privacy law and policy used in many parts of the world. The FIPPs
help serve as a useful framework for the Department to analyze how to handle PII, comply with its continuing
responsibilities under the numerous legal obligations that apply, as well as adhere to its commitments to its partners.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 18
Additionally, the USCIS website provides Genealogy and Record Request FAQs, 39 brochures,
and additional information on the USCIS Genealogy Program and the records that are releasable by
USCIS.
However, USCIS cannot provide notice to many of the subjects of record requests because
those individuals are deceased.
4.2
What opportunities are available for individuals to consent to uses,
decline to provide information, or opt out of the project?
All MiDAS requests are voluntary. USCIS uses MiDAS to provide requestors with historical
records dating to 1975. Generally, this information is regarding individuals who sought or received
United States immigration benefits in the past. USCIS presumes subjects are deceased, and no longer
receive Privacy Act protections. Deceased individuals do not have the opportunity to consent to opt
out of sharing.
To request historical records, the requestor voluntarily provides information to USCIS
regarding his or her request. USCIS does not require the requestor to provide any information,
however, failure to provide the requested information would likely result in USCIS being unable to
respond to the request.
If the requestor volunteers to provide information, there are fields for both electronic and
paper submission of the Index Search Request and the Records Copy Request. USCIS asks requestors
to provide the name, date of birth, and country of birth of the subject to perform the requested Index
Search Request. Furthermore, USCIS may require additional specific information about the records
requested in a Records Copy Request. USCIS requests the requestor’s name, e-mail, address and
phone number to contact him or her with questions or search results. USCIS requires public requestors
to submit payment in advance of providing records since it is a fee-for-service program.
4.3
Privacy Impact Analysis: Related to Notice
Privacy Risk: Members of the public who are requesting records may not be aware of the
information USCIS collects, retains, and uses about them.
Mitigation: USCIS provides notice to the individual by providing a Privacy Notice on the
Form G-1041/G-1041A or ORM-WR. The Privacy Notice provides the requestor with notice as to
why USCIS is requesting the information, that their submission of the form is voluntary, how their
information may be used, and the authority for collecting the information. USCIS is updating the AFile SORN to provide notice to members of the public that the customer information they provide on
the Form G-1041/G-1041A, or the GEN-WR will be retained and can be retrieved using a personal
identifier.
39
https://www.uscis.gov/history-and-genealogy/genealogy/genealogy-frequently-asked-questions
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 19
Section 5.0 Data Retention by the project
The following questions are intended to outline how long the project retains the information after the initial
collection.
5.1
Explain how long and for what reason the information is retained.
Information (data and electronic images) pertaining to correspondence with the public and
government requestor is retained and disposed every six years in accordance with the NARA General
Records Schedule 14.
Information contained in MiDAS is retained and disposed of in accordance with the schedule,
N1-566-06-2, approved by NARA in March 2006. These records are permanent.
In accordance with N1-566-04-02, the following records are permanent and are scheduled to
be transferred to NARA in 2018 (75 years after last action):
•
Chinese Reentry Permit Application Files, 1924-1943
•
Chinese Visa Petition Files, 1930-1943
•
Index to Chinese Visa Petition Files, 1930-1943
•
Chinese Students, Hawaiian-Born, prior to 1924
In accordance with N1-566-04-03, the following records are permanent and are scheduled to
be transferred to NARA in 2019 (75 years after last action):
•
Immigrant Visa Files created from July 1, 1924 to March 31, 1944
In accordance with N1-566-04-04, the following records are permanent and are scheduled to
be transferred to NARA in 2019 (75 years after last action):
•
Registry Files created from March 2, 1929 – March 31, 1944
In accordance with N1-566-07-01, the following records are permanent were transferred to
NARA in 2006:
•
Old Law Index to Pre-1906 Naturalization in Courts Within the INS Denver
District
Original records (negatives) contained in the legacy Immigration and Naturalization Service
(INS) Master Index, a microfilm index system were transferred to NARA in 2005, in accordance with
N1-85-91-03. Alien Registration Microfilm Reels were transferred to NARA in 2005, in accordance
with N1-85-91-04.
Protocol Registration Microfilm Reels created between March 1941 and July 1944 were
transferred to NARA for permanent retention in 1994 in accordance with N1-85-92-02.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 20
INS Investigation Records created between 1948 and 1985 and plan to be transferred to
NARA soon, in accordance with N1-85-94-03.
Both NN-168-099 and NN-168-102 are being revised to change the retention schedule for
Naturalization and Citizenship Files (C-Files) created between July 1, 1906 and March 31, 1956 and
Field Petition Files, Admitted Slips, and Vertical Files (P-Files) created between July 1909 and March
1950, from 100 years to permanent records.
The Genealogy Case File and Historical Information Case File (for government requestors) is
retained and disposed of in accordance with the schedule, N1-566-12-01 and N1-566-12-02, approved
by NARA in February and March 2012, respectively. These records are deleted and destroyed 3 years
after the case is closed.
Outputs sent to both the public and government requestors (e.g., acknowledgment letter,
screen prints, response letters, and responsive documents) are destroyed when no longer needed, in
accordance with the General Records Schedule 4.3, Item 30.
5.2
Privacy Impact Analysis: Related to Retention
Privacy Risk: There is a risk USCIS may maintain these historical records for longer than
necessary.
Mitigation: USCIS does not mitigate this risk because USCIS maintains immigration records
permanently due to their historical value to government agencies. USCIS retains this information for
several mission-related purposes, including future immigration status verification, evaluating
subsequent benefits sought by an applicant, and for litigation. Because many of these immigration
records are of deceased individuals, they are excluded from Privacy Act protections and USCIS may
release records when requested for genealogy and other historical purposes.
Section 6.0 Information Sharing
The following questions are intended to describe the scope of the project information sharing external to the
Department. External sharing encompasses sharing with other federal, state and local government, and private sector
entities.
6.1
Is information shared outside of DHS as part of the normal agency
operations? If so, identify the organization(s) and how the
information is accessed and how it is to be used.
Yes. USCIS shares historical information with government agencies, for mission-related
purposes, and members of the public, for historical research and genealogy purposes. USCIS provides
this information to government agencies by via fax, email, postal or express mail. USCIS provides
this information to members of the public by postal or express mail.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 21
6.2
Describe how the external sharing noted in 6.1 is compatible with the
SORN noted in 1.2.
The A-File SORN provides notice that DHS may share the information for law enforcement,
national security, and benefit eligibility purposes. Furthermore, USCIS may share information on
deceased individuals with the public, without a routine use, because they are excluded from the
Privacy Act of 1974 protections. However, DHS treats all persons, regardless of immigration status,
consistent with the Fair Information Practice Principles (FIPPs). 40 For external information sharing
relating to living individuals, RISB uses a FIPPs analysis to determine whether or not the sharing
should occur. Similar to covered individuals, the analysis requires a determination that the use of the
records proposed is consistent with the purpose for which DHS collected the records. USCIS also
continues to look at the SORNs listed in section 1.2 as guidance as to whether a disclosure is
consistent with the purpose for the collection of the information, and generally the FIPPs framework.
6.3
Does the project place limitations on re-dissemination?
Yes. DHS has Memorandums of Understanding (MOUs) in place with external organizations
for recurring information sharing processes. When sharing information with parties outside of DHS,
DHS requires the same specifications related to security and privacy that are in place for USCIS and
DHS apply to the outside entity. USCIS governs access to records on a need-to-know basis that
requires the requestor demonstrate the mission-related need before sharing any information. The
reason for the access, an intended use consistent with the receiving agency’s purpose, USCIS’s
justification for collecting the data, and an acknowledgement that the receiving agency will not share
the information without USCIS’s permission are also concerns that are included in either the terms of
a negotiated MOU or the language of an authorization providing information to an external agency.
6.4
Describe how the project maintains a record of any disclosures
outside of the Department.
USCIS requires a representative from an outside agency to specify in writing the requested
information and the justification for the request. USCIS also requires the outside agency
representative to sign a non-disclosure statement or record of disclosure, as appropriate, before
releasing the information. As required by the Privacy Act, USCIS maintains a record of these ad hoc
sharing transactions. USCIS records the reason for each disclosure on the Form G-658, Record of
Information Disclosure (Privacy Act), and maintains it in the living subject’s A-File.
6.5
Privacy Impact Analysis: Related to Information Sharing
Privacy Risk: There is a risk that USCIS may share information with unauthorized agencies.
40
See DHS Privacy Policy Guidance Memorandum 2017-01, DHS Privacy Policy Regarding Collection, Use,
Retention, and Dissemination of Personally Identifiable Information, available at www.dhs.gov/privacy.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 22
Mitigation: USCIS mitigates this risk by only sharing information about living individuals
with agencies for mission-related purposes, to assist in the determination to grant or deny a
government benefit, or to conduct law enforcement or other investigations. Pursuant to both the
Privacy Act and DHS Privacy Policy, USCIS ensures the information sharing is compatible with the
purpose for collection prior to disclosing any information. Regardless of a living individual’s
immigration status, USCIS reviews the Routine Uses in the A-File and Benefit Information System
SORNs to ensure compatibility exists. RISB consults with the USCIS Office of Chief Counsel and
the Office of Privacy to determine routine use applicability prior to releasing any information.
In many of these instances, USCIS also has an MOU with the external entity to permit sharing.
The agreements between DHS and external entities fully outline responsibilities of the parties,
security standards, and limits of use of the information, including re-dissemination, prior to
information sharing. Access to records is governed by need-to-know criteria that demand the
receiving entity demonstrate the mission-related need for the data before access is granted.
Finally, USCIS may share information on deceased individuals with both government
agencies and the public, without a routine use, because they are excluded from Privacy Act
protections.
Privacy Risk: There is a risk that an individual may live to be older than 100 years and
USCIS may share their information in violation of the Privacy Act.
Mitigation: This risk is not fully mitigated. USCIS abides by the Department of Justice’s
“100 year rule” (Schrecker v. Dep’t of Justice, 349 F.3d 657) which presumes an individual is
deceased after 100 years from his or her date of birth. Although this is the general rule, if the subject
is over 100 years of age, USCIS cross references available resources (i.e., Social Security Death
Index through Ancestry.com) to confirm the subject is deceased prior to releasing any information.
While this decreases the chance of USCIS violating the Privacy Act, USCIS acknowledges that the
Social Security Death Index verification process may be unable to verify the status of an individual.
Therefore, USCIS is unable to confirm with 100% accuracy that the individual is deceased and the
risk of releasing data about living individuals still remains. USCIS is in the process of revisiting this
long-standing policy to determine whether USCIS should increase the age limit, or require proof of
death for all individuals.
Privacy Risk: There is a risk that released subject records could contain information on third
party living individuals.
Mitigation: Often times, subject records may contain information on third party living
individuals, for example, the subject may have included his or her minor children on an application.
USCIS mitigates this risk by redacting any third-party information prior to sharing records to the
public. A document containing third-party personal information is not releasable outside the FOIA
process.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 23
Privacy Risk: There is a risk that USCIS may provide information about the wrong record
subject to the requestor.
Mitigation: USCIS strives to only provide information about the requested subject to the
requestor. USCIS RD provides information to the requestor based on information contained in the
MiDAS index or from an actual file. To avoid improper disclosures, USCIS RD has a second-level
review to ensure that the information is accurate when responding to request. Furthermore, USCIS
RD asks requestors to provide their contact information so that USCIS may contact the requestor
during a search for additional information on the subject to help confirm or deny a positive identity
match. If USCIS is unable to confirm a positive identity match with additional information, USCIS
returns a No Record Found response to the requestor.
Section 7.0 Redress
The following questions seek information about processes in place for individuals to seek redress which may
include access to records about themselves, ensuring the accuracy of the information collected about them, and/or filing
complaints.
7.1
What are the procedures that allow individuals to access their
information?
If the individual is still living and would like to access his or her information, he or she may
submit a FOIA or Privacy Act request to USCIS. Only U.S. citizens and lawful permanent residents
may file a Privacy Act request. Any person, regardless of immigration status, may file a FOIA request.
If an individual would like to file a Privacy Act or FOIA request to view his or her USCIS record, he
or she may mail the request to the following address:
U.S. Citizenship and Immigration Services
National Records Center
FOIA/PA Office
P O Box 648010
Lee’s Summit, MO 64064-8010
Further information about PA/FOIA requests for USCIS records is available at http://www.uscis.gov.
The FOIA or Privacy Act request must contain the following information: full name, current
address, date and place of birth, telephone number, and email address (optional). Privacy Act
requesters must either provide a notarized and signed request or sign the request pursuant to penalty
of perjury, 28 U.S.C. § 1746.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 24
7.2
What procedures are in place to allow the subject individual to
correct inaccurate or erroneous information?
The information released to the public is about subjects who are presumed to be deceased.
Because of this, there is no opportunity for the subject to correct inaccurate or erroneous information.
Living U.S. citizens and lawful permanent residents, under the Privacy Act, are afforded the ability
to correct information by filing a Privacy Act Amendment request. U.S. citizens and lawful permanent
residents should submit requests to contest or amend information contained in MiDAS by following
the process to submit a Privacy Act request described in Section 7.1. The requestor should clearly and
concisely state the information being contested, the reason for contesting or amending it, the proposed
amendment, and any evidence of the correct information. The requestor should also clearly mark the
envelope, “Privacy Act Amendment Request.” The record must be identified in the same manner as
described for making a request for access.
Members of the public who submit requests on subjects have the opportunity to correct any
information they submit to USCIS regardless of citizenship or immigration status. Requestors can
correct inaccurate or erroneous data by contacting USCIS via [email protected].
Requestors should provide their name, case number, any additional information including what the
change in information is.
7.3
How does the project notify individuals about the procedures for
correcting their information?
USCIS discusses the mechanisms for correcting information on living individuals in this PIA.
Furthermore, the USCIS Genealogy Program website provides adequate notice to members of the
public on how to correct their information.
7.4
Privacy Impact Analysis: Related to Redress
Privacy Risk: There is a privacy risk that USCIS may not afford an individual adequate
opportunity to correct information that USCIS maintains on the subject.
Mitigation: Because these records are historical in nature and pertain to individuals who are
most likely deceased, there are no opportunities for subjects to correct their information. If the
individual is still living, USCIS affords the individual the right to correct their information via the
FOIA/PA process described in Section 7.1. Furthermore, USCIS provides adequate opportunity for
the requestor to correct erroneous information.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 25
Section 8.0 Auditing and Accountability
The following questions are intended to describe technical and policy based safeguards and security measures.
8.1
How does the project ensure that the information is used in
accordance with stated practices in this PIA?
USCIS ensures that the information is used in accordance with this PIA by requiring training,
policies, rules of behavior, and auditing and accountability practices. USCIS established access and
security controls to mitigate privacy risks associated with authorized and unauthorized uses, namely
misuse and inappropriate dissemination of data. DHS security specifications require auditing
capabilities that log the activity of each user in order to reduce the possibility of misuse and
inappropriate dissemination of information. USCIS tracks all user actions via audit logs to identify
audit information by user identification, network terminal identification, date, time, and data
accessed. All USCIS systems employ auditing measures and technical safeguards to prevent the
misuse of data.
8.2
Describe what privacy training is provided to users either generally
or specifically relevant to the project.
All USCIS employees and contractors are required to complete annual privacy and security
awareness training. The Culture of Privacy Awareness training addresses appropriate privacy
concerns, including Privacy Act obligations (e.g., SORNs, Privacy Notices). The Computer Security
Awareness training examines appropriate technical, physical, personnel, and administrative controls
to safeguard information.
8.3
What procedures are in place to determine which users may access
the information and how does the project determine who has access?
USCIS employs user-based access controls and enforces a separation of duties to limit access
to only those individuals who have a need-to-know in order to perform their duties. As discussed
above, for external agencies, USCIS determines compatibility prior to providing external agencies
access to ORM-WR. Each user role is mapped to the set of system authorizations required to support
the intended duties of the role. The mapping of roles to associated authorizations enhances adherence
to the principle of least privilege. Authorized users are broken into specific classes with specific
access rights. The need-to-know and compatibility is determined by the respective responsibilities of
the USCIS or external user. Supervisors in RISB and HRB maintain administrator privileges which
allow them to add and remove users. USCIS audits the list of users annually.
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 26
8.4
How does the project review and approve information sharing
agreements, MOUs, new uses of the information, new access to the
system by organizations within DHS and outside?
USCIS has formal review and approval process in place for new sharing agreements. Any new
use of information or new access requests for USCIS systems must go through the USCIS change
control process and must be approved by the proper authorities including the USCIS Office of Chief
Counsel and USCIS Office of Privacy, prior to sharing information within and outside of DHS.
Responsible Officials
Donald K. Hawkins
Privacy Officer
U.S. Citizenship and Immigration Services
Department of Homeland Security
Approval Signature
Original, signed copy on file with the DHS Privacy Office.
________________________________
Philip S. Kaplan
Chief Privacy Officer
Department of Homeland Security
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 27
Appendix A
External Entities with ORM-WR Access
External Partner
Routine Use(s)
Compatibility
Department of Justice
A-file SORN:
Sharing USCIS data with DOJ
is compatible with the purpose
of the system because the DOJ
mission, like USCIS, includes
ensuring lawful visits and
immigration to the United
States as dictated by the INA.
Routine Use G of the A-File
and BIS SORNs permit
USCIS to share information
with DOJ when a record,
either on its face or in
conjunction with other
information, indicates a
violation or potential violation
of law, which includes
criminal, civil, or regulatory
violations and such disclosure
is proper and consistent with
the official duties of the
person making the disclosure.
Routine Use G. To an
appropriate federal, state,
tribal, territorial, local,
international, or foreign law
enforcement agency or other
appropriate authority charged
with investigating or
prosecuting a violation or
enforcing or implementing a
law, rule, regulation, or order,
when a record, either on its
face or in conjunction with
other information, indicates a
violation or potential violation
of law, which includes
criminal, civil, or regulatory
violations.
BIS SORN:
Routine Use G. To an
appropriate federal, state,
tribal, local, international, or
foreign law enforcement
agency or other appropriate
authority charged with
investigating or prosecuting a
violation, enforcing, or
implementing a law, rule,
regulation, or order, when a
record, either on its face or in
conjunction with other
Privacy Impact Assessment
DHS/USCIS/PIA-017(a) MiDAS
Page 28
information, indicates a
violation or potential violation
of law, which includes
criminal, civil, or regulatory
violations and such disclosure
is proper and consistent with
the official duties of the
person making the disclosure.
File Type | application/pdf |
File Title | Privacy Impact Assessment |
Author | Department Of Homeland Security Privacy Office |
File Modified | 2017-08-31 |
File Created | 2017-08-31 |