[Federal Register: June 16, 2008 (Volume 73, Number 116)]
[Proposed Rules]
[Page 33928-33931]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr16jn08-12]
========================================================================
Proposed Rules
Federal Register
________________________________________________________________________
This section of the FEDERAL REGISTER contains notices to the public of
the proposed issuance of rules and regulations. The purpose of these
notices is to give interested persons an opportunity to participate in
the rule making prior to the adoption of the final rules.
========================================================================
[[Page 33928]]
DEPARTMENT OF HOMELAND SECURITY
6 CFR Part 5
[Docket No. DHS-2007-0057]
Privacy Act of 1974: Implementation of Exemptions; US-VISIT
Technical Reconciliation Analysis Classification System (TRACS)
AGENCY: Office of the Secretary, Department of Homeland Security.
ACTION: Notice of proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: The Department of Homeland Security is concurrently
establishing a new system of records pursuant to the Privacy Act of
1974 entitled the Technical Reconciliation Analysis Classification
System (TRACS). This system of records will serve as an information
management tool and be used to perform a range of information
management and analytical functions to enhance the integrity of the
United States' immigration system by detecting, deterring, and pursuing
immigration fraud, and by identifying persons who pose a threat to
national security and/or public safety. In this proposed rulemaking,
the Department proposes to exempt portions of this system of records
from one or more provisions of the Privacy Act because of criminal,
civil, and administrative enforcement requirements.
DATES: Comments must be received on or before July 16, 2008.
ADDRESSES: You may submit comments, identified by docket number DHS-
2007-0057, by one of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 1-866-466-5370.
Mail: Hugo Teufel III, Chief Privacy Officer, Department
of Homeland Security, 601 S. 12th Street, Arlington, VA 22202-4220.
Instructions: All submissions received must include the agency name
and docket number for this notice. All comments received will be posted
without change to http://www.regulations.gov, including any personal
information provided.
Docket: For access to the docket to read background documents or
comments received, go to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: TRACS System Manager, US-VISIT
Program, U.S. Department of Homeland Security, Washington, DC 20528
(202) 298-5200 or by facsimile (202) 298-5201; Hugo Teufel III, Chief
Privacy Officer, Privacy Office, Department of Homeland Security,
Washington, DC 20528; telephone 703-235-0780.
SUPPLEMENTARY INFORMATION:
Background
In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the
Department of Homeland Security (DHS), National Protection and Program
Directorate (NPPD), United States--Visitor and Immigrant Status
Indicator Technology (US-VISIT) program, is establishing a Privacy Act
system of records known as Technical Reconciliation Analysis
Classification System (TRACS). This system of records is an information
management tool used for management and analysis of US-VISIT records.
TRACS will help enhance the integrity of the United States immigration
system by detecting, deterring, and pursuing immigration fraud, and by
identifying persons who pose a threat to national security and/or
public safety. TRACS will consist of paper files and electronic
databases.
The Secretary of the Department of Homeland Security has delegated
to NPPD and US-VISIT the responsibility for enhancing the security of
U.S. citizens and visitors; facilitating safe, efficient, and
legitimate travel to the U.S.; promoting border security and the
integrity of the immigration system; safeguarding the privacy of
visitors to the U.S.
NPPD and US-VISIT have also been delegated authority for assisting
in the prevention of immigration identity fraud or theft; and serving
law enforcement, border officials, and others who make decisions on
immigration matters, including decisions on immigration benefits and
status, by identifying aliens seeking permission to enter, entering,
visiting, residing in, changing status within, or exiting the U.S.
Finally, NPPD and US-VISIT have been delegated the responsibility
for providing technical assistance and analytic services to other DHS
functions and components and other to Federal agencies, as well as to
State, local, tribal, and foreign governments, including multinational
and international organizations, to better protect the Nation's
physical and virtual borders.
To discharge the above responsibilities, TRACS will be used to: (1)
Identify individuals who have remained in the United States beyond
their authorized period of admission (overstays); (2) maintain
information on why individuals are promoted to or demoted from the
Automated Biometric Identification System (IDENT) list of subjects of
interest; (3) provide the means for additional research in regards to
individuals whose biometrics are collected by DHS, and subsequently
matched to the list of subjects of interest during a routine IDENT
query. A query of this nature would take place following a background
check or security screening relating to the individual's hiring or
retention, performance of a job function, or the issuance of a license
or credential, allowing them access to secured facilities to perform
mission and non-mission related work. Examples of this include
credentialing of Federal, non-Federal, and contractor employees who
work within the secured areas of our nation's airports; (4) to further
analyze information about individuals who may be identified as a
subject of interest following a routine query against IDENT while
applying for visas or other benefits on behalf of domestic partners,
such as the U.S. Department of State or foreign partners, as is the
case with the United Kingdom Border Agency's (UKBA) International Group
Visa Services program, which supports the DHS mission; and (5) to
provide information in response to queries from law enforcement and
intelligence agencies charged with national security, law enforcement,
immigration, or other DHS mission-related functions.
Specifically, TRACS will be used for the analysis of overstays, for
changes to the IDENT subject of interest lists, law enforcement and
intelligence research, and to assist in developing and fostering
foreign partnerships that enhance the
[[Page 33929]]
goals and mission of US-VISIT, such as the work being done in
association with the UKBA's International Group Visa Services project.
To identify possible overstays, US-VISIT reviews and analyzes
information in the Arrival and Departure Information System (ADIS), a
US-VISIT system used for the storage and use of biographic, biometric
indicator, and encounter data on aliens who have applied for entry,
entered, or departed the United States. ADIS consolidates information
from various systems in order to provide a repository of data held by
DHS for pre-entry, entry, status management, and exit tracking of
immigrants and non-immigrants. Its primary use is to facilitate the
investigation of subjects of interest who may have violated their
immigration status by remaining in the United States beyond their
authorized stay. To assist in the resolution of overstays, information
related to them may be copied to TRACS for review and further analysis
against other US-VISIT programs and systems to better determine their
status.
Regarding changes to the IDENT Subject of Interest List, in order
to maintain the integrity of the immigration and customs programs, DHS
maintains records within IDENT to identify individuals who may present
a terrorist threat to the United States as well as those individuals
who may not be allowed to enter the country because of past violations
of immigration or customs law. An individual is either promoted to or
demoted from the list of subjects of interest within IDENT. As IDENT is
not a case management system, it merely records the change, not the
justification for the change. TRACS will have the ability to serve as a
case management system and not only use the information regarding the
changes to the list of subjects of interest that is recorded in IDENT
but also to record and store the actual justification for any change.
The user will also have the ability to enter data in pre-determined
selectable categories or manually by either free text or by cutting and
pasting information retrieved from other systems and placing it into a
workspace in TRACS so that analysis can be performed.
For assistance in background checks and security clearance
processes for employment at DHS or receipt of a DHS license or
credential, applicants may have their information searched against ADIS
or IDENT records. Clearance, employment eligibility, or other license
or credential applications that have a match against ADIS or IDENT may
require additional research regarding the applicant. Such information
would be maintained and tracked in TRACS.
Regarding analyzing information on behalf of domestic or foreign
partners, US-VISIT will assist its partners in analyzing information
held by US-VISIT where such analysis supports the DHS mission. For
example, for the UKBA visa services project, US-VISIT will receive
biometric information from the UK for UK visa applicants and query
their biometric information against the IDENT list of subjects of
interest. US-VISIT will then provide the results from the query back to
the UK for purposes of visa adjudication.
Regarding law enforcement and intelligence research, US-VISIT may
also receive requests from law enforcement agencies, such as
Immigration and Customs Enforcement (ICE), Customs and Border
Protection (CBP), and the Federal Bureau of Investigation (FBI), as
well as from other intelligence agencies, to provide further
information regarding the immigration status for individuals of
interest to those organizations. US-VISIT tracks these requests and the
responses in TRACS.
Information in TRACS comes primarily from ADIS and IDENT. TRACS may
also contain information from other DHS component programs or systems,
or publicly available source systems that are manually queried while
researching a particular case. Data researched or identified through
publicly available source systems, such as the internet, will be
identified and referenced in the individual's record in TRACS. If it
becomes routine for a specific public source system(s) to be used on a
regular basis, the PIA will be updated to reflect this system(s) as a
common source of information and data. For research conducted, based on
an external request, information may also be provided from the
requesting entity, as described in the system of records notice.
The data contained in TRACS is primarily from the US-VISIT systems
Arrival and Departure Information System (ADIS) (72 FR 47057, Arrival
and Departure Information System (ADIS), System of Records Notice,
August 22, 2007); the Automated Biometric Identification System (IDENT)
(72 FR 31080, Automated Biometric Identification System (IDENT), System
of Records Notice, June 5, 2007); and a Customs and Border Protection
(CBP) system called the Treasury Enforcement Communications System
(TECS) (66 FR 53029, Treasury Enforcement Communication System (TECS),
System of Records Notice, October 18, 2001). TRACS also receives data
from a Department of State (DOS) system called the Consolidated
Consular Database (CCD); the Student and Exchange Visitor Information
System (SEVIS) (70 FR 14477, Student and Exchange Visitor Information
System (SEVIS), System of Records Notice, March 22, 2005); the Central
Index System (CIS) (72 FR 1755, Central Index System (CIS), System of
Records Notice, January 16, 2007); the Computer-linked Application
Information Management System (CLAIMS 3 and 4) (64 FR 18052, Computer
Linked Application Information Management System (CLAIMS 3 and 4),
System of Records Notice, April 13, 1999); the Refugees, Asylum &
Parole System (RAPS); the Deportable Alien Control System (DACS) (67 FR
64136, Deportable Alien Control System (DACS), System of Records
Notice, October 17, 2002); and the Enforcement Case Tracking System
(ENFORCE). TRACS also contains data from web searches for addresses and
phone numbers.
The Privacy Act allows Government agencies to exempt certain
records from the access and amendment provisions. If an agency claims
an exemption, however, it must issue a Notice of Proposed Rulemaking to
make clear to the public the reasons why a particular exemption is
claimed an issue a Final Rule.
In this notice of proposed rulemaking, DHS is now proposing to
exempt TRACS, in part, from certain provisions of the Privacy Act. Some
information in TRACS relates to official DHS national security, law
enforcement, immigration, intelligence, and preparedness and critical
infrastructure protection activities. These exemptions are needed to
protect information relating to DHS activities from disclosure to
subjects or others related to these activities. Specifically, the
exemptions are required to preclude subjects of these activities from
frustrating these processes; to avoid disclosure of activity
techniques; to protect the identities and physical safety of
confidential informants and of immigration and border management and
law enforcement personnel; to ensure DHS's ability to obtain
information from third parties and other sources; to protect the
privacy of third parties; and to safeguard classified information.
Disclosure of information to the subject of the inquiry could also
permit the subject to avoid detection or apprehension.
An individual who is the subject of a record in this system may
access or correction of those records that are not exempt from
disclosure. A determination whether a record may be accessed will be
made at the time a request is received. DHS will review
[[Page 33930]]
and comply appropriately with information requests on a case by case
basis. An individual desiring copies of records maintained in this
system should direct his or her request to the FOIA Officer (HTTP://
WWW.DHS.GOV/FOIA, under ``contacts''. See also the system of records
notice also in today's Federal Register). Requests for correction of
records in this system may be made through the Traveler Redress Inquiry
Program (TRIP) at http://www.dhs.gov/trip or via mail, facsimile or e-
mail in accordance with instructions available at http://www.dhs.gov/
trip.
The exemptions proposed here are standard law enforcement and
national security exemptions exercised by a large number of Federal law
enforcement and intelligence agencies. In appropriate circumstances,
where compliance would not appear to interfere with or adversely affect
the law enforcement purposes of this system and the overall law
enforcement process, the applicable exemptions may be waived.
Regulatory Requirements
A. Regulatory Impact Analyses
Changes to Federal regulations must undergo several analyses. In
conducting these analyses, DHS has determined:
1. Executive Order 12866 Assessment
This rule is not a significant regulatory action under Executive
Order 12866, ``Regulatory Planning and Review'' (as amended).
Accordingly, this rule has not been reviewed by the Office of
Management and Budget (OMB). Nevertheless, DHS has reviewed this
rulemaking, and concluded that there will not be any significant
economic impact.
2. Regulatory Flexibility Act Assessment
Pursuant to section 605 of the Regulatory Flexibility Act (RFA), 5
U.S.C. 605(b), as amended by the Small Business Regulatory Enforcement
and Fairness Act of 1996 (SBREFA), DHS certifies that this rule will
not have a significant impact on a substantial number of small
entities. The rule would impose no duties or obligations on small
entities. Further, the exemptions to the Privacy Act apply to
individuals, and individuals are not covered entities under the RFA.
3. International Trade Impact Assessment
This rulemaking will not constitute a barrier to international
trade. The exemptions relate to criminal investigations and agency
documentation and, therefore, do not create any new costs or barriers
to trade.
4. Unfunded Mandates Assessment
Title II of the Unfunded Mandates Reform Act of 1995 (UMRA), (Pub.
L. 104-4, 109 Stat. 48), requires Federal agencies to assess the
effects of certain regulatory actions on State, local, and tribal
governments, and the private sector. This rulemaking will not impose an
unfunded mandate on State, local, or tribal governments, or on the
private sector.
B. Paperwork Reduction Act
The Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3501 et seq.)
requires that DHS consider the impact of paperwork and other
information collection burdens imposed on the public and, under the
provisions of PRA section 3507(d), obtain approval from the Office of
Management and Budget (OMB) for each collection of information it
conducts, sponsors, or requires through regulations. DHS has determined
that there are no current or new information collection requirements
associated with this rule.
C. Executive Order 13132, Federalism
This action will not have a substantial direct effect on the
States, on the relationship between the national Government and the
States, or on the distribution of power and responsibilities among the
various levels of government, and therefore will not have federalism
implications.
D. Environmental Analysis
DHS has reviewed this action for purposes of the National
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has
determined that this action will not have a significant effect on the
human environment.
E. Energy Impact
The energy impact of this action has been assessed in accordance
with the Energy Policy and Conservation Act (EPCA) Public Law 94-163,
as amended (42 U.S.C. 6362). This rulemaking is not a major regulatory
action under the provisions of the EPCA.
List of Subjects in 6 CFR Part 5
Privacy; Freedom of information.
For the reasons stated in the preamble, DHS proposes to amend
Chapter I of Title 6, Code of Federal Regulations, as follows:
PART 5--DISCLOSURE OF RECORDS AND INFORMATION
1. The authority citation for part 5 continues to read as follows:
Authority: Pub. L. 107-296, 116 Stat. 2135, 6 U.S.C. 101 et
seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.
Subpart B also issued under 5 U.S.C. 552a.
2. At the end of appendix C to part 5, Exemption of Record Systems
Under the Privacy Act, add the following new section 6 to read as
follows:
Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy
Act
* * * * *
6. The Department of Homeland Security Technical Reconciliation
Analysis Classification System (TRACS) consists of a stand alone
database and paper files that will be used by DHS and its
components. This system of records will be used to perform a range
of information management and analytic functions involving
collecting, verifying, and resolution tracking of data primarily on
individuals who are not United States citizens or legal permanent
residents (LPRs). However, it will contain data on: (1) U.S.
citizens or LPRs who have a connection to the DHS mission (e.g.,
individuals who have submitted a visa application to the UK, or have
made requests for a license or credential as part of a background
check or security screening in connection with their hiring or
retention, performance of a job function or the issuance a license
or credential for employment at DHS); (2) U.S. citizens and LPRs who
have an incidental connection to the DHS mission (e.g., individuals
living at the same address as individuals who have remained in this
country beyond their authorized stays); and (3) individuals who
have, over time, changed their status and became U.S. citizens or
LPRs. TRACS is managed and maintained by the United States Visitor
and Immigrant Status Indicator Technology (US-VISIT) Program. The
data contained in TRACS is primarily derived from the Arrival and
Departure Information System (ADIS) (72 FR 47057, Arrival and
Departure Information System (ADIS), System of Records Notice,
August 22, 2007); the Automated Biometric Identification System
(IDENT) (72 FR 31080, Automated Biometric Identification System
(IDENT), System of Records Notice, June 5, 2007); and a Customs and
Border Protection (CBP) system called the Treasury Enforcement
Communications System (TECS) (66 FR 53029, Treasury Enforcement
Communication System (TECS), System of Records Notice, October 18,
2001). TRACS also receives data from a Department of State (DOS)
system called the Consolidated Consular Database (CCD); the Student
and Exchange Visitor Information System (SEVIS) (70 FR 14477,
Student and Exchange Visitor Information System (SEVIS), System of
Records Notice, March 22, 2005); the Central Index System (CIS) (72
FR 1755, Central Index System (CIS), System of Records Notice,
January 16, 2007); the Computer-linked Application Information
Management System (CLAIMS 3 and 4) (64 FR 18052, Computer Linked
Application Information Management System (CLAIMS 3 and 4), System
of Records Notice, April 13, 1999); the Refugees, Asylum & Parole
System (RAPS); the Deportable Alien Control System (DACS) (67 FR
64136, Deportable Alien Control System (DACS), System of Records
[[Page 33931]]
Notice, October 17, 2002); and the Enforcement Case Tracking System
(ENFORCE). TRACS also contains data from web searches for addresses
and phone numbers. This data is collected by, on behalf of, in
support of, or in cooperation with DHS and its components. The
Secretary of Homeland Security has exempted this system from 5
U.S.C. 552a(c)(3) and (4); (d); (e)(1), (e)(2), (e)(3), (e)(4)(G),
(e)(4)(H), (e)(4)(I), (e)(5) and (e)(8); (f); and (g) pursuant to 5
U.S.C. 552a(j)(2). In addition, the Secretary of Homeland Security
has exempted this system from 5 U.S.C. 552a(c)(3); (d); (e)(1),
(e)(4)(G), (e)(4)(H), (e)(4)(I), and (f) pursuant to 5 U.S.C.
552a(k)(1), (k)(2), and (k)(5). These exemptions apply only to the
extent that records in the system are subject to exemption pursuant
to 5 U.S.C. 552a (j)(2), (k)(1), (k)(2), and (k)(5). Exemptions from
these particular subsections are justified, on a case-by-case basis
to be determined at the time a request is made, for the following
reasons:
(a) From subsection (c)(3) and (4) (Accounting for Disclosures)
because release of the accounting of disclosures could alert the
subject of an investigation of an actual or potential criminal,
civil, or regulatory violation to the existence of the
investigation; and reveal investigative interest on the part of DHS
as well as the recipient agency. Disclosure of the accounting would
therefore present a serious impediment to law enforcement efforts
and/or efforts to preserve national security. Disclosure of the
accounting would also permit the individual who is the subject of a
record to impede the investigation, to tamper with witnesses or
evidence, and to avoid detection or apprehension, which would
undermine the entire investigative process.
(b) From subsection (d) (Access to Records) because access to
the records contained in this system of records could inform the
subject of an investigation of an actual or potential criminal,
civil, or regulatory violation, to the existence of the
investigation, and reveal investigative interest on the part of DHS
or another agency. Access to the records could permit the individual
who is the subject of a record to impede the investigation, to
tamper with witnesses or evidence, and to avoid detection or
apprehension. Amendment of the records could interfere with ongoing
investigations and law enforcement activities and would impose an
impossible administrative burden by requiring investigations to be
continuously reinvestigated. In addition, permitting access and
amendment to such information could disclose security-sensitive
information that could be detrimental to homeland security.
(c) From subsection (e)(1) (Relevancy and Necessity of
Information) because in the course of investigations into potential
violations of Federal law, the accuracy of information obtained or
introduced occasionally may be unclear or the information may not be
strictly relevant or necessary to a specific investigation. In the
interests of effective law enforcement, it is appropriate to retain
all information that may aid in establishing patterns of unlawful
activity.
(d) From subsection (e)(2) (Collection of Information from
Individuals) because requiring that information be collected from
the subject of an investigation would alert the subject to the
nature or existence of an investigation, thereby interfering with
the related investigation and law enforcement activities.
(e) From subsection (e)(3) (Notice to Subjects) because
providing such detailed information would impede law enforcement in
that it could compromise the existence of a confidential
investigation or reveal the identity of witnesses or confidential
informants.
(f) From subsections (e)(4)(G) and (e)(4)(H) (Agency
Requirements) because portions of this system are exempt from the
individual access provisions of subsection (d) which exempts
providing access because it could alert a subject to the nature or
existence of an investigation, and thus there could be no procedures
for that particular data. Procedures do exist for access for those
portions of the system that are not exempted.
(g) From subsection (e)(4)(I) (Agency Requirements) because
providing such source information would impede law enforcement or
intelligence by compromising the nature or existence of a
confidential investigation.
(h) From subsection (e)(5) (Collection of Information) because
in the collection of information for law enforcement purposes it is
impossible to determine in advance what information is accurate,
relevant, timely, and complete. Compliance with (e)(5) would
preclude DHS agents from using their investigative training and
exercise of good judgment to both conduct and report on
investigations.
(i) From subsection (e)(8) (Notice on Individuals) because
compliance would interfere with DHS' ability to obtain, serve, and
issue subpoenas, warrants, and other law enforcement mechanisms that
may be filed under seal, and could result in disclosure of
investigative techniques, procedures, and evidence.
(j) From subsection (f) (Agency Rules) because portions of this
system are exempt from the access and amendment provisions of
subsection (d).
(k) From subsection (g) to the extent that the system is exempt
from other specific subsections of the Privacy Act.
Hugo Teufel III,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E8-13386 Filed 6-13-08; 8:45 am]
BILLING CODE 4410-10-P