January 23, 2004
Table of Contents
Overview of National Highway Traffic Safety Administration (NHTSA) privacy management process for MVII
Personally-identifiable information and MVII
Why MVII collects information
How MVII uses information
How MVII shares information
How MVII provides notice and consent
How MVII ensures data accuracy
How MVII provides redress
How MVII secures information
System of records
National Highway Traffic Safety Administration (NHTSA), within the Department of Transportation (DOT), has been given the responsibility to carry out motor vehicle and highway safety programs. NHTSA is responsible for reducing deaths, injuries, and economic losses resulting from motor vehicle crashes. In order to fulfill this mission, NHTSA identifies and tests vehicles and equipment, and follows through with non-compliance with standards. NHTSA also regulates imported vehicles coming into the United States to ensure that they meet U.S. safety compliance standards.
NHTSA develops and enforces Federal motor vehicle safety standards (FMVSS), which require minimum levels of safety performance for motor vehicles. As part of NHTSA’s enforcement program, the Import and Certification Division of Office of Vehicle Safety Compliance within NHTSA monitors vehicles being imported into the United States to ensure that they comply with all applicable FMVSS. NHTSA has regulatory responsibility for motor vehicles manufactured for sale in the United States or imported into the United States.
In order to manage and analyze the data associated with vehicle importation and safety compliance, NHTSA has developed the Motor Vehicle Importation Information (MVII) system. This system maintains vehicle importation and compliance process information, Registered Importer (RI) identification and vehicle petition information.
Privacy management is an integral part of the MVII project. DOT/NHTSA has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.
The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and NHTSA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing NHTSA to achieve its mission of protecting and enhancing a most important U.S. transportation system. The methodology is based upon the following:
Establish priority, authority, and responsibility. Appoint a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
Assess the current privacy environment. This involves interviews with key individuals involved in the MVII system to ensure that all uses of personally identifiable data, along with the risks involved with such use, are identified and documented.
Organize the resources necessary for the project’s goals. Internal DOT/NHTSA resources, along with outside experts, are involved in reviewing the technology, data uses, and associated risks. They are also involved in developing the necessary redress systems and training programs.
Develop the policies, practices, and procedures. The resources identified in Step 3 will work to develop an effective policy or policies, practices, and procedures to ensure that fair information practices are complied with. The policies effectively protect privacy while allowing DOT/NHTSA to achieve its mission.
Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training of all individuals who will have access to and/or process personally identifiable information. It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the NHTSA project.
Maintain policies, practices, and procedures. Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance with privacy policies, practices, and procedures is required.
Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints can be effectively addressed and corrections made if necessary.
The MVII system both contains Personally Identifiable Information (PII) and nonpersonally identifiable information pertaining to motor vehicle importation. First, MVII may contain the name and address of individuals or organizations/companies that are importing one or more vehicles, as well as the Vehicle Identification Number (VIN) of the vehicle(s) in question. Second, MVII contains the name, postal address, email address, and telephone number of registered importers, entities registered by DOT. In most cases, this is business contact information and not PII. Third, MVII contains information on the stages and outcomes of the import process. Also, in order to maintain and control access to MVII, the system maintains PII for federal contractors and employees who require access to the system, such as name and login information
MVII obtains data from U.S. Customs in twice-weekly ASCII files as a vehicle enters the country. Registered importers then may mail in a paper Compliance Packet with a supplemental disk file that includes additional information on the compliance of a vehicle in the MVII system. Data entry staff then manually input additional data from these Compliance Packets. Hard copies of packets are retained for 2 years and then destroyed. MVII data are retained indefinitely.
MVII collects PII in order to manage the motor vehicle importation process, ensuring that motor vehicles that were not originally manufactured to comply with all applicable FMVSS are determined eligible for importation by NHTSA, and are imported by an RI or by a person who has a contract with an RI to bring the vehicle into compliance with all applicable FMVSS within 120 days of entry.
NHTSA uses PII within MVII to track vehicles entering the United States from other countries. NHTSA also tracks the Registered Importer identification information, vehicle petition and compliance process through MVII.
Individuals, organizations, companies, and other agencies with a legitimate need to know vehicle import and compliance status can request MVII data. NHTSA provides data once requestors are verified, through prior relationship, letterhead, email extension, or other validation. NHTSA only provides PII to law enforcement, when required by law. In all other cases, NHTSA only provides non-PII to requestors. Only designated MVII staff members have access to PII in the MVII system, which is provided through a password-protected application loaded on designated computers.
Compliance of imported vehicles is a requirement. Each RI provides vehicle importation information on a HS-7 Declaration form to a Customs broker to file an electronic HS-7 entry into Customs system. A DOT conformity bond is provided to Customs on Form HS-474. After all necessary modifications have been performed on a vehicle to conform the vehicle to all applicable FMVSS, the RI must submit a statement to NHTSA, supplemented with photographs and such other evidence as the agency may require (referred to as a “conformity package”), certifying that the vehicle has been brought into conformity. Following its review of the conformity package, if the agency is satisfied that the required modifications have been made to the vehicle, it will issue a letter to the RI releasing the conformity bond that was furnished at the time of entry.
NHTSA’s statute and regulations prohibit an RI from releasing custody of a motor vehicle to be licensed or registered for on-road use until 30 days after the RI has submitted a conformity package covering the vehicle to NHTSA, unless the agency earlier releases the bond furnished for the vehicle. Many State motor vehicle departments will not register or license an imported nonconforming motor vehicle unless the owner can produce a copy of the DOT bond release letter issued by NHTSA.
NHTSA collects MVII directly from U.S. Customs systems in twice-weekly ACSII files. Before it stores these data on the MVII database, MVII runs several data integrity and validation checks. After the data are housed on MVII, data entry and import analyst staff may find missing, inaccurate, or duplicate data. For missing or inaccurate data, MVII staff request changes by Customs and validate entry correction with the RI. Customs brokers may also request that the MVII staff make changes on the vehicle entry information by submitting written requests and a Customs Release form. MVII does not delete data, unless two “perfect match” duplicate files are found.
At any time, an individual can contact a NHTSA MVII staff member to address a privacy concern or data inaccuracy.
The MVII system is housed in the DOT Headquarters Building. Physical access to the MVII system is limited to appropriate personnel through building badges. Personnel with physical access have all undergone and passed DOT background verifications.
In addition to physical access, electronic access to PII in MVII is limited according to job function. NHTSA controls access privileges according to the following roles:
The following matrix describes the privileges and safeguards around each of these roles as they pertain to PII.
|
ROLE |
ACCESS |
SAFEGUARDS |
|---|---|---|
|
Data Entry |
Changes own password Views, changes, and enters data. |
Authorized loading of MVII application on desktop. MVII username/password with a minimum of 6 alpha/numeric characters. Password must be changed regularly. |
|
Manager, Compliance Engineer, Vehicle Import Analyst |
Changes own password Views data. |
Authorized loading of MVII application on desktop. MVII username/password with a minimum of 6 alpha/numeric characters. Password must be changed regularly. |
|
Administrator |
Changes own password Views, changes, enters, and deletes all data |
Authorized loading of MVII application on desktop. MVII username/password with a minimum of 6 alpha/numeric characters. Password must be changed regularly. |
Personnel with access to MVII receive training that includes some privacy direction.
As a system searched by name and other PII, MVII is a system of records subject to the Privacy Act (DOT/NHTSA 463). NHTSA has certified and accredited MVII in accordance with DOT information technology security requirements.