[Federal Register: October 31, 2008 (Volume 73, Number 212)]
[Notices]
[Page 64967-64971]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr31oc08-89]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
[Docket No. DHS-2008-0106]
Privacy Act of 1974; U.S. Immigration and Customs Enforcement
Trade Transparency Analysis and Research (TTAR) System of Records
AGENCY: Privacy Office; DHS.
ACTION: Notice of Privacy Act system of records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act of 1974, the Department of
Homeland Security proposes to establish a new system of records titled
U.S. Immigration and Customs Enforcement (ICE) Trade Transparency
Analysis and Research (TTAR). TTAR contains trade and financial data
that is analyzed to generate leads for and otherwise support ICE
investigations of trade-based money laundering, contraband smuggling,
trade fraud and other financial crimes. The data in TTAR is generally
maintained in the ICE Data Analysis and Research Trade Transparency
System (DARTTS), a software application and data repository that
conducts analysis of trade and financial data to identify statistically
anomalous transactions that may warrant investigation for money
laundering or other import-export crimes. Additionally, a Privacy
Impact Assessment for DARTTS will be posted on the Department's privacy
Web site.
[[Page 64968]]
(See http://www.dhs.gov/privacy and follow the link to ``Privacy Impact
Assessments.'') Due to urgent homeland security and law enforcement
mission needs, DARTTS is currently in operation. Recognizing that ICE
is publishing a notice of system of records for an existing system, ICE
will carefully consider public comments, apply appropriate revisions,
and republish the TTAR notice of system of records within 180 days of
receipt of comments. A proposed rulemaking is also published in this
issue of the Federal Register in which the Department proposes to
exempt portions of this system of records from one or more provisions
of the Privacy Act because of criminal, civil, and administrative
enforcement requirements.
DATES: The established system of records will be effective December 1,
2008. Written comments must be submitted on or before December 1, 2008.
A revised TTAR notice of system of records that addresses public
comments, responds to OMB direction, and includes other ICE changes
will be published not later than May 29, 2009 and will supersede this
notice of system of records.
ADDRESSES: You may submit comments, identified by DHS-2008-0106 by one
of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 1-866-466-5370.
Mail: Hugo Teufel III, Chief Privacy Officer, Privacy
Office, Department of Homeland Security, Washington, DC 20528.
Instructions: All submissions received must include the
agency name and docket number for this rulemaking. All comments
received will be posted without change to http://www.regulations.gov,
including any personal information provided.
Docket: For access to the docket to read background
documents or comments received go to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: Lyn M. Rahilly (202-514-1900), Privacy
Officer, U.S. Immigration and Customs Enforcement, 425 I Street, NW.,
Washington DC 20001, or Hugo Teufel III (703-235-0780), Chief Privacy
Officer, Privacy Office, U.S. Department of Homeland Security,
Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
I. Background
The Trade Transparency Analysis and Research (TTAR) system of
records is owned by the ICE Office of Investigations Trade Transparency
Unit (TTU) and is maintained for the purpose of enforcing criminal laws
pertaining to trade through trade transparency. Trade transparency is
the concept of examining U.S. and foreign trade data to identify
anomalies in patterns of trade. Such anomalies can indicate trade-based
money laundering or other import-export crimes that ICE is responsible
for investigating, such as contraband smuggling, trafficking of
counterfeit goods, misclassification of goods, and the over- or under-
valuation of goods to hide the proceeds of illegal activities. TTAR
contains trade and financial data received from U.S. Customs and Border
Protection (CBP), U.S. Department of the Treasury Financial Crimes
Enforcement Network (FinCEN), other federal agencies and foreign
governments. TTAR data is primarily related to international commercial
trade and contains little information on the normal day-to-day
activities of individual consumers.
As part of the trade transparency investigative process, ICE
investigators and analysts must understand the relationships between
importers and exporters and the financing for a set of trade
transactions to determine which transactions are suspicious and warrant
investigation. If performed manually, this process often involves hours
of analysis of voluminous data for a particular case or operation. To
automate and expedite this process, the former U.S. Customs Service
created the Data Analysis and Research Trade Transparency System
(DARTTS), a software application and data repository that conducts
analysis of trade and financial data to identify statistically
anomalous transactions that may warrant investigation for money
laundering or other import-export crimes. DARTTS is specifically
designed to make this investigative process more efficient by
automating the analysis and identification of anomalies for the
investigator. While DARTTS does increase the efficiency of data
analysis, DARTTS does not allow ICE agents and analysts to obtain any
data they could not otherwise access in the course of their
investigative activities.
DARTTS does not seek to predict future behavior or ``profile''
individuals, i.e., look for individuals who meet a certain pattern of
behavior that has been pre-determined to be suspect. Instead, it
analyzes and identifies trade and financial transactions that are
statistically anomalous. Investigators gather additional facts, verify
the accuracy of the DARTTS data, and use their judgment and experience
to determine if the anomalous transactions are in fact suspicious and
warrant further investigation. Not all anomalies lead to formal
investigations. DARTTS can also identify links (relationships) between
individuals or entities based on commonalities, such as identification
numbers, addresses, or other information. These commonalities in and of
themselves are not suspicious, but in the context of additional
information they sometimes help investigators to identify potentially
criminal activity and identify other suspicious transactions,
witnesses, or suspects.
With the creation of the U.S. Department of Homeland Security (DHS)
in 2003, the criminal investigative arm of the U.S. Customs Service,
which included the TTU and the DARTTS system, was transferred to ICE.
As part of DHS's ongoing effort to ensure legacy records transferred to
DHS are maintained in compliance with the Privacy Act, ICE proposes to
establish this new system of records to cover the data ICE maintains
for trade transparency analysis, including the data maintained in
DARTTS. A Privacy Impact Assessment (PIA) was conducted on DARTTS
because it maintains personally identifiable information. The DARTTS
PIA is available on the Department of Homeland Security (DHS) Privacy
Office Web site at http://www.dhs.gov/privacy.
Individuals may request information about records pertaining to
them stored in DARTTS as outlined in the ``Notification Procedure''
section below. ICE reserves the right to exempt various records from
release pursuant to exemptions 5 U.S.C. 552a(j)(2) and (k)(2) of the
Privacy Act.
Consistent with DHS's information sharing mission, information
stored in the DARTTS may be shared with other DHS components, with
foreign governments with whom DHS has entered into international
information sharing agreements for trade data for the purpose of
enforcing customs laws, and with appropriate Federal, State, local,
tribal, foreign, or international government agencies. This sharing
will only take place after DHS determines that the receiving component
or agency has a need to know the information to carry out national
security, law enforcement, immigration, intelligence, or other
functions consistent with the routine uses set forth in this system of
records notice.
II. Privacy Act
The Privacy Act embodies fair information principles in a statutory
framework governing the means by which the United States Government
[[Page 64969]]
collects, maintains, uses, and disseminates personally identifiable
information. The Privacy Act applies to information that is maintained
in a ``system of records.'' A ``system of records'' is a group of any
records under the control of an agency for which information is
retrieved by the name of an individual or by some identifying number,
symbol, or other identifying particular assigned to the individual. In
the Privacy Act, an individual is defined to encompass United States
citizens and legal permanent residents. As a matter of policy, DHS
extends administrative Privacy Act protections to all individuals where
systems of records maintain information on U.S. citizens, lawful
permanent residents, and visitors. Individuals may request access to
their own records that are maintained in a system of records in the
possession or under the control of DHS by complying with DHS Privacy
Act regulations, 6 CFR Part 5.
The Privacy Act requires each agency to publish in the Federal
Register a description denoting the type and character of each system
of records that the agency maintains, and the routine uses that are
contained in each system in order to make agency record keeping
practices transparent, to notify individuals regarding the uses to
which personally identifiable information is put, and to assist
individuals to more easily find such files within the agency. Below is
the description of the TTAR system of records.
In accordance with 5 U.S.C. 552a(r), DHS has provided a report of
this new system of records to the Office of Management and Budget and
to Congress.
System of Records:
DHS/ICE-005.
System Name:
Trade Transparency Analysis and Research (TTAR).
Security Classification:
Sensitive But Unclassified.
System Location:
Records are maintained at the Immigration and Customs Enforcement
Headquarters in Washington, DC.
Categories of Individuals Covered by the System:
Categories of individuals covered by this system include: a)
Individuals who, as importers, exporters, shippers, transporters,
brokers, owners, purchasers, consignees, or agents thereof, participate
in the import or export of goods to or from the U.S. or to or from
nations with which the U.S. has entered an agreement to share trade
information; and b) individuals who participate in financial
transactions that are reported to the U.S. Treasury Department under
the Bank Secrecy Act or other U.S. financial crimes laws and
regulations (e.g., individuals who participate in cash transactions
exceeding $10,000; individuals who participate in a reportable
suspicious financial transaction).
Categories of Records in the System:
Categories of records in this system include:
Names;
Addresses (home or business);
Trade identifier numbers (e.g., Importer ID, Exporter ID,
Manufacturer ID);
Social Security/tax identification numbers;
Passport numbers;
Account numbers (e.g., bank account);
Description and/or value of trade goods;
Country of origin/export; and
Description and/or value of financial transactions.
Authority for Maintenance of the System:
18 U.S.C. 545 (Smuggling goods into the United States); 18 U.S.C.
1956 (Laundering of Monetary Instruments); and 19 U.S.C 1484 (Entry of
Merchandise).
Purpose(s):
The purpose of this system is to enforce criminal laws pertaining
to trade, financial crimes, smuggling, and fraud, specifically through
the analysis of raw financial and trade data in order to identify
potential violations of U.S. criminal laws pertaining to trade,
financial crimes, smuggling, and fraud and to support existing criminal
law enforcement investigations into related criminal activities.
Routine Uses of Records Maintained in the System, Including Categories
of Users and the Purposes of Such Uses:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed outside DHS as a
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice or other Federal agency conducting
litigation or in proceedings before any court, adjudicative or
administrative body, when (1) DHS or any component thereof; (2) any
employee of DHS in his/her official capacity; (3) any employee of DHS
in his/her individual capacity where DOJ or DHS has agreed to represent
the employee; or (4) the United States or any agency thereof, is a
party to the litigation or has an interest in such litigation; and DHS
determines that the records are both relevant and necessary to the
litigation and the use of such records is compatible with the purpose
for which DHS collected the records.
B. To a congressional office from the record of an individual in
response to an inquiry from that congressional office made at the
request of the individual to whom the record pertains.
C. To the National Archives and Records Administration or other
Federal government agencies pursuant to records management inspections
being conducted under the authority of 44 U.S.C. 2904 and 2906.
D. To an agency, organization, or individual for the purpose of
performing audit or oversight operations as authorized by law, but only
such information as is necessary and relevant to such audit or
oversight function.
E. To appropriate agencies, entities, and persons when:
1. DHS suspects or has confirmed that the security or
confidentiality of information in the system of records has been
compromised;
2. The Department has determined that as a result of the suspected
or confirmed compromise there is a risk of harm to economic or property
interests, identity theft or fraud, or harm to the security or
integrity of this system or other systems or programs (whether
maintained by DHS or another agency or entity) that rely upon the
compromised information, or harm to an individual; and
3. The disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with DHS's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
F. To contractors and their agents, grantees, experts, consultants,
and others performing or working on a contract, service, grant,
cooperative agreement, or other assignment for DHS, when necessary to
accomplish an agency function related to this system of records.
Individuals provided information under this routine use are subject to
the same Privacy Act requirements and limitations on disclosure as are
applicable to DHS officers and employees.
G. To an appropriate Federal, State, tribal, local, international,
or foreign law enforcement agency or other appropriate authority
charged with investigating or prosecuting a violation or enforcing or
[[Page 64970]]
implementing a law, rule, regulation, or order, where a record, either
on its face or in conjunction with other information, indicates a
violation or potential violation of law, which includes criminal,
civil, or regulatory violations and such disclosure is proper and
consistent with the official duties of the person making the
disclosure.
H. To third parties during the course of a law enforcement
investigation to the extent necessary to obtain information pertinent
to the investigation, provided disclosure is appropriate to the proper
performance of the official duties of the officer making the
disclosure.
I. To appropriate Federal, State, local, tribal, or foreign
governmental agencies or multilateral governmental organizations
responsible for investigating or prosecuting the violations of, or for
enforcing or implementing, a statute, rule, regulation, order, license,
or treaty where DHS determines that the information would assist in the
enforcement of civil or criminal laws.
J. To the news media and the public, with the approval of the Chief
Privacy Officer in consultation with counsel, when there exists a
legitimate public interest in the disclosure of the information or when
disclosure is necessary to preserve confidence in the integrity of DHS
or is necessary to demonstrate the accountability of DHS's officers,
employees, or individuals covered by the system, except to the extent
it is determined that release of the specific information in the
context of a particular case would constitute an unwarranted invasion
of personal privacy.
K. To a Federal, State, or local agency, or other appropriate
entity or individual, or through established liaison channels to
selected foreign governments, in order to provide intelligence,
counterintelligence, or other information for the purposes of
intelligence, counterintelligence, or antiterrorism activities
authorized by U.S. law, Executive Order, or other applicable national
security directive.
L. To a Federal, State, tribal, local or foreign government agency
or organization, or international organization, lawfully engaged in
collecting law enforcement intelligence information, whether civil or
criminal, or charged with investigating, prosecuting, enforcing or
implementing civil or criminal laws, related rules, regulations or
orders, to enable these entities to carry out their law enforcement
responsibilities, including the collection of law enforcement
intelligence.
M. To international and foreign governmental authorities in
accordance with law and formal or informal international agreements.
N. To Federal and foreign government intelligence or
counterterrorism agencies when DHS reasonably believes there to be a
threat or potential threat to national or international security for
which the information may be useful in countering the threat or
potential threat, when DHS reasonably believes such use is to assist in
anti-terrorism efforts, and disclosure is appropriate to the proper
performance of the official duties of the person making the disclosure.
O. To appropriate Federal, State, local, tribal, or foreign
governmental agencies or multilateral governmental organizations where
DHS is aware of a need to utilize relevant data for purposes of testing
new technology and systems designed to enhance national security or
identify other violations of law.
Disclosure to Consumer Reporting Agencies:
None.
Policies and Practices for Storing, Retrieving, Accessing, Retaining,
and Disposing of Records in the System:
Storage:
Records in this system are stored electronically or on paper in
secure facilities in a locked drawer behind a locked door. The records
are stored on magnetic disc, tape, digital media, and CD-ROM.
Retrievability:
Records may be retrieved by any of the personal identifiers stored
in the system including name, business address, home address, importer
ID, exporter ID, broker ID, manufacturer ID, social security number,
trade and tax identifying numbers, passport number, or account number.
Records may also be retrieved by non-personal information such as
transaction date, entity/institution name, description of goods, value
of transactions, and other information.
Safeguards:
Records in this system are safeguarded in accordance with
applicable rules and policies, including all applicable DHS automated
systems security and access policies. Strict controls have been imposed
to minimize the risk of compromising the information that is being
stored. Access to the computer system containing the records in this
system is limited to those individuals who have a need to know the
information for the performance of their official duties and who have
appropriate clearances or permissions. The system maintains a real-time
auditing function of individuals who access the system. Additional
safeguards may vary by component and program.
Retention and Disposal:
ICE is in the process of drafting a proposed record retention
schedule for the information maintained in DARTTS. ICE anticipates
retaining the records in DARTTS for five years and then archiving
records for five additional years, for a total retention period of ten
years. The five-year retention period for records is necessary to
create a data set large enough to effectively analyze anomalies and
patterns of behavior in trade transactions. Records older than five
years will be archived for five additional years and will only be used
to provide a historical basis for anomalies in current trade activity.
The original CD-ROMs containing the raw data will be retained for five
years for the purpose of data integrity and system maintenance.
System Manager and Address:
Unit Chief, Trade Transparency Unit, ICE Office of Investigations,
425 I Street, NW., Washington DC 20536.
Notification Procedure:
Individuals seeking notification of and access to any record
contained in this system of records, or seeking to contest its content,
may submit a request in writing to the component's FOIA Officer, whose
contact information can be found at http://www.dhs.gov/foia under
``contacts.'' If an individual believes more than one component
maintains Privacy Act records concerning him or her the individual may
submit the request to the Chief Privacy Officer, Department of Homeland
Security, 245 Murray Drive, SW., Building 410, STOP-0550, Washington,
DC 20528.
When seeking records about yourself from this system of records or
any other Departmental system of records your request must conform with
the Privacy Act regulations set forth in 6 CFR Part 5. You must first
verify your identity, meaning that you must provide your full name,
current address and date and place of birth. You must sign your
request, and your signature must either be notarized or submitted under
28 U.S.C. 1746, a law that permits statements to be made under penalty
or perjury as a substitute for notarization. While no specific form is
required, you may obtain forms for this purpose form the Director,
Disclosure and FOIA,
[[Page 64971]]
http://www.dhs.gov or 1-866-431-0486. In addition you should provide
the following:
An explanation of why you believe the Department would
have information on you,
Identify which component(s) of the Department you believe
may have the information about you,
Specify when you believe the records would have been
created,
Provide any other information that will help the FOIA
staff determine which DHS component agency may have responsive records,
If your request is seeking records pertaining to another
living individual, you must include a statement from that individual
certifying his/her agreement for you to access his/her records.
Without this bulleted information the component(s) will not be able
to conduct an effective search, and your request may be denied due to
lack of specificity or lack of compliance with applicable regulations.
Record Access Procedures:
See ``Notification procedure'' above.
Contesting Record Procedures:
See ``Notification procedure'' above.
Record Source Categories:
(1) U.S. Customs and Border Protection (CBP) import data collecting
using CBP Form 7501, ``Entry Summary.''
(2) U.S. Department of Commerce export data collected using
Commerce Department Form 7525-V, ``Shipper's Export Declaration.''
(3) U.S. Exports of Merchandise Dataset (a publicly available
aggregated U.S. export dataset purchased from the U.S. Department of
Commerce).
(4) Foreign import and export data provided by partner countries
pursuant to a Customs Mutual Assistance Agreement (CMAA) or other
similar agreement.
(5) Financial Transaction Reports from Treasury Department's
Financial Crimes Enforcement Network (FinCEN), specifically: (a)
Currency Monetary Instrument Reports (CMIRs)--Declarations of currency
or monetary instruments in excess of $10,000 made by persons coming
into or leaving the United States; (b) Currency Transaction Reports
(CTRs)--Deposits or withdrawals of $10,000 or more in currency into or
from depository institutions; (c) Suspicious Activity Reports (SARs)--
Information regarding suspicious financial transactions within
depository institutions, casinos, and the securities and futures
industry; and (d) Report of Cash Payments over $10,000 Received in a
Trade or Business--Report of merchandise purchased with $10,000 or more
in currency.
Exemptions Claimed for the System:
Pursuant to exemption 5 U.S.C. 552a(j)(2) of the Privacy Act,
portions of this system are exempt from 5 U.S.C. 552a(c)(3) and (4);
(d); (e)(1), (e)(2), (e)(3), (e)(4)(G), (e)(4)(H), (e)(5) and (e)(8);
(f); and (g). Pursuant to 5 U.S.C. 552a (k)(2), this system is exempt
from the following provisions of the Privacy Act, subject to the
limitations set forth in those subsections: 5 U.S.C. 552a(c)(3), (d),
(e)(1), (e)(4)(G), (e)(4)(H), and (f).
Dated: October 24, 2008.
Hugo Teufel III,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E8-25968 Filed 10-30-08; 8:45 am]
BILLING CODE 4410-10-P