[Federal Register: June 10, 2008 (Volume 73, Number 112)]
[Proposed Rules]
[Page 32657-32659]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr10jn08-6]
========================================================================
Proposed Rules
Federal Register
________________________________________________________________________
This section of the FEDERAL REGISTER contains notices to the public of
the proposed issuance of rules and regulations. The purpose of these
notices is to give interested persons an opportunity to participate in
the rule making prior to the adoption of the final rules.
========================================================================
[[Page 32657]]
DEPARTMENT OF HOMELAND SECURITY
6 CFR Part 5
[Docket Number DHS-2008-0053]
Privacy Act of 1974: Implementation of Exemptions; Electronic
System for Travel Authorization
AGENCY: Privacy Office, Office of the Secretary, DHS.
ACTION: Notice of proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: The Department of Homeland Security is amending its
regulations to exempt portions of a system of records from certain
provisions of the Privacy Act. Specifically, the Department proposes to
exempt portions of the Electronic System for Travel Authorization
(ESTA) from one or more provisions of the Privacy Act because of
criminal, civil, and administrative enforcement requirements.
DATES: In accordance with 5 U.S.C. 552a(e)(4) and (11), the public is
given a 30-day period in which to comment on this notice; and the
Office of Management and Budget (OMB), which has oversight
responsibility under the Act, requires a 40-day period in which to
conclude its review of the system. Therefore, the public, OMB, and
Congress are invited to submit comments July 21, 2008.
ADDRESSES: You may submit comments, identified by DOCKET NUMBER DHS-
2008-0053 by one of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 1-866-466-5370.
Mail: Hugo Teufel III, Chief Privacy Officer, Privacy
Office, Department of Homeland Security, Washington, DC 20528.
FOR FURTHER INFORMATION CONTACT: For general questions please contact:
Laurence E. Castelli (202-572-8790), Chief, Privacy Act Policy and
Procedures Branch, U.S. Customs and Border Protection, Regulations and
Rulings, Office of International Trade, Mint Annex, 1300 Pennsylvania
Ave., NW., Washington, DC 20229. For privacy issues please contact:
Hugo Teufel III (703-235-0780), Chief Privacy Officer, Privacy Office,
U.S. Department of Homeland Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
Background
The Department of Homeland Security (DHS), elsewhere in this
edition of the Federal Register, published a Privacy Act system of
records notice describing records in the Electronic System Travel
Authorization (ESTA).
CBP currently does not require a visa for qualifying nationals
traveling from countries that participate in the Visa Waiver Program
(VWP). To ensure the VWP national does not pose a security risk or have
a law enforcement reason to prevent his or her travel to the United
States and in response to a Congressional mandate to do so, DHS/CBP
will be implementing an Electronic System for Travel Authorization
(ESTA) to permit nationals of VWP countries to electronically submit
biographic and admissibility information in advance of their travel to
the United States so that CBP can determine whether the applicant is
eligible to travel to the United States.
Applicants under this program will electronically provide
information, as specified in the ESTA Interim Final Rule, prior to
traveling to the United States by air or sea, which will be stored in
the ESTA system in an account. The individual will have the opportunity
to verify the accuracy of the information entered in ESTA during the
application process and before the application is submitted through
ESTA. Applicants will be given a tracking number which, combined with
some personal information already provided to the system, will allow
the applicant to submit updates to data elements that do not affect
their admissibility or apply for a new ESTA.
Once an applicant has verified the application information and
submitted the required information to ESTA, the information supplied by
the applicant will be used to automatically query terrorist and law
enforcement databases to determine whether the applicant is eligible to
travel to the United States under VWP. When possible matches to
derogatory information are found, the applications will be vetted
through normal CBP procedures. During this time, the applicant will
receive a ``pending'' status. If the applicant is cleared to travel
under the VWP, he or she will receive an ``authorized to travel''
status via the ESTA Web site. If the applicant is not cleared for
travel, the applicant will receive a ``not authorized to travel''
status and be directed to the State Department Web site to obtain
information on how to apply for a visa at a U.S. consulate or embassy.
The Department of State will have access to the information supplied by
the applicant and the ESTA results to assist in determining whether to
issue a visa.
Carriers, when querying the applicant through the Advance Passenger
Information System/APIS Quick Query (APIS/AQQ) to determine whether a
boarding pass should be issued, will be notified whether the applicant
traveler has been authorized to travel, pending, not authorized, or has
not applied for an ESTA. VWP travelers must have an authorized ESTA or
a visa to be issued a boarding pass.
No exemption shall be asserted with respect to information
maintained in the system as it relates to data submitted by or on
behalf of a person who travels to visit the United States, nor shall an
exemption be asserted with respect to the resulting determination
(authorized to travel, not authorized to travel, pending).
This system may contain records or information pertaining to the
accounting of disclosures made from ESTA to other law enforcement
agencies (Federal, State, Local, Foreign, International or Tribal) in
accordance with the published routine uses. For the accounting of these
disclosures only, in accordance with 5 U.S.C. 552a (j)(2), and (k)(2),
DHS will claim the original exemptions for these records or information
from subsection (c)(3), (e) (8), and (g) of the Privacy Act of 1974, as
amended, as necessary and appropriate to protect such information.
Moreover, DHS will add this exemption to Appendix C to 6 CFR Part 5,
DHS Systems of Records Exempt from the Privacy Act. Such exempt records
or information may be law enforcement or national security
investigation records,
[[Page 32658]]
law enforcement activity and encounter records, or terrorist screening
records.
DHS needs these exemptions in order to protect information relating
to law enforcement investigations from disclosure to subjects of
investigations and others who could interfere with investigatory and
law enforcement activities. Specifically, the exemptions are required
to: Preclude subjects of investigations from frustrating the
investigative process; avoid disclosure of investigative techniques;
protect the identities and physical safety of confidential informants
and of law enforcement personnel; ensure DHS's and other federal
agencies' ability to obtain information from third parties and other
sources; protect the privacy of third parties; and safeguard sensitive
information.
Nonetheless, DHS will examine each request on a case-by-case basis,
and, after conferring with the appropriate component or agency, may
waive applicable exemptions in appropriate circumstances and where it
would not appear to interfere with or adversely affect the law
enforcement or national security investigation.
Again, DHS will not assert any exemption with respect to
information maintained in the system that is collected from a person
and submitted by that person's air or vessel carrier, if that person,
or his or her agent, seeks access or amendment of such information.
Regulatory Requirements
A. Regulatory Impact Analyses
Changes to Federal regulations must undergo several analyses. In
conducting these analyses, DHS has determined:
1. Executive Order 12866 Assessment
This rule is not a significant regulatory action under Executive
Order 12866, ``Regulatory Planning and Review'' (as amended).
Accordingly, this rule has not been reviewed by the Office of
Management and Budget (OMB). Nevertheless, DHS has reviewed this
rulemaking, and concluded that there will not be any significant
economic impact.
2. Regulatory Flexibility Act Assessment
Pursuant to section 605 of the Regulatory Flexibility Act (RFA), 5
U.S.C. 605(b), as amended by the Small Business Regulatory Enforcement
and Fairness Act of 1996 (SBREFA), DHS certifies that this rule will
not have a significant impact on a substantial number of small
entities. The rule would impose no duties or obligations on small
entities. Further, the exemptions to the Privacy Act apply to
individuals, and individuals are not covered entities under the RFA.
3. International Trade Impact Assessment
This rulemaking will not constitute a barrier to international
trade. The exemptions relate to criminal investigations and agency
documentation and, therefore, do not create any new costs or barriers
to trade.
4. Unfunded Mandates Assessment
Title II of the Unfunded Mandates Reform Act of 1995 (UMRA), (Pub.
L. 104-4, 109 Stat. 48), requires Federal agencies to assess the
effects of certain regulatory actions on State, local, and tribal
governments, and the private sector. This rulemaking will not impose an
unfunded mandate on State, local, or tribal governments, or on the
private sector.
B. Paperwork Reduction Act
The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.)
requires that DHS consider the impact of paperwork and other
information collection burdens imposed on the public and, under the
provisions of PRA section 3507(d), obtain approval from the Office of
Management and Budget (OMB) for each collection of information it
conducts, sponsors, or requires through regulations. DHS has determined
that there are no current or new information collection requirements
associated with this rule.
C. Executive Order 13132, Federalism
This action will not have a substantial direct effect on the
States, on the relationship between the national Government and the
States, or on the distribution of power and responsibilities among the
various levels of government, and therefore will not have federalism
implications.
D. Environmental Analysis
DHS has reviewed this action for purposes of the National
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has
determined that this action will not have a significant effect on the
human environment.
E. Energy Impact
The energy impact of this action has been assessed in accordance
with the Energy Policy and Conservation Act (EPCA) Public Law 94-163,
as amended (42 U.S.C. 6362). This rulemaking is not a major regulatory
action under the provisions of the EPCA.
List of Subjects in 6 CFR Part 5
Freedom of information, Privacy.
For the reasons stated in the preamble, DHS proposes to amend
Chapter I of Title 6, Code of Federal Regulations, as follows:
PART 5--DISCLOSURE OF RECORDS AND INFORMATION
1. The authority citation for part 5 continues to read as follows:
Authority: Public Law 107-296, 116 Stat. 2135, 6 U.S.C. 101 et
seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.
2. At the end of Appendix C to part 5, add the following new
paragraph:
Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy
Act
* * * * *
6. DHS/CBP-009, Electronic System for Travel Authorization
(ESTA). A portion of the following system of records is exempt from
5 U.S.C. 552a(c)(3), (e)(8), and (g) pursuant to 5 U.S.C.
552a(j)(2),and (k)(2). Further, no exemption shall be asserted with
respect to information maintained in the system as it relates to
data submitted by or on behalf of a person who travels to visit the
United States and crosses the border, nor shall an exemption be
asserted with respect to the resulting determination (approval or
denial). After conferring with the appropriate component or agency,
DHS may waive applicable exemptions in appropriate circumstances and
where it would not appear to interfere with or adversely affect the
law enforcement purposes of the systems from which the information
is recompiled or in which it is contained. Exemptions from the above
particular subsections are justified, on a case-by-case basis to be
determined at the time a request is made, when information in this
system of records may impede a law enforcement or national security
investigation:
(a) From subsection (c)(3) (Accounting for Disclosure) because
making available to a record subject the accounting of disclosures
from records concerning him or her would specifically reveal any
investigative interest in the individual. Revealing this information
could reasonably be expected to compromise ongoing efforts to
investigate a violation of U.S. law, including investigations of a
known or suspected terrorist, by notifying the record subject that
he or she is under investigation. This information could also permit
the record subject to take measures to impede the investigation,
e.g., destroy evidence, intimidate potential witnesses, or flee the
area to avoid or impede the investigation.
(b) From subsection (e)(8) (Notice on Individuals) because to
require individual notice of disclosure of information due to
compulsory legal process would pose an impossible administrative
burden on DHS and other agencies and could alert the subjects of
counterterrorism or law enforcement investigations to the fact of
those investigations when not previously known.
[[Page 32659]]
(c) From subsection (g) (Civil Remedies) to the extent that the
system is exempt from other specific subsections of the Privacy Act.
Hugo Teufel, III,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E8-12785 Filed 6-9-08; 8:45 am]
BILLING CODE 4410-10-P