Privacy Impact Assessment - Automated Electronic Fingerprinting (AEF)
AEF System Overview
AEF will be used to electronically scan and transfer fingerprint cards to the FBI for performing criminal background checks for external e-file applications. ETA currently receives approximately 3,500 fingerprint cards a year, with the majority of submissions in August through December of each year. The current process involves mailing the card to the FBI. AEF will be utilized to dramatically reduce the time and money required for the FBI to process the fingerprints for each individual.
AEF will use the following process to scan a fingerprint card. An external e-file applicant is sent an official fingerprint card, which they must take to an approved office (such as a police station) to be fingerprinted. The card is then mailed to the Andover Submission Processing Center who uses AEF to scan the cards and transmit a digital version of the fingerprints to the FBI (using a dedicated VPN tunnel in Martinsburg). The FBI does a background check against the Integrated Automated Fingerprint Identification System (IAFIS) and sends a secure e-mail with the results.
The application consists of a Commercial Off-the-Shelf (COTS) application developed by Cogent Systems and several peripheral components. The application includes a Transaction Management Server, an Email Filter Server and a Database Server within the Enterprise Computing Center (ECC) - Martinsburg. Peripheral components include a Windows COE workstation, printer, scanner, and barcode reader located at Andover, MA and Austin, TX (dedicated as AEF disaster recovery site only) where the fingerprint scanning and data entry occur. The system will interface with the FBI’s Integrated Automated Fingerprint Identification System (IAFIS) system over the Internet using a dedicated VPN tunnel in ECC-MTB.
The e-file unit staff and employees located at the Andover and Austin Service Centers will be the sole users of AEF.
AEF transmits and retains copies of fingerprint cards that contain personal identifiable information, including name, address and Social Security Number.
System of Records Number(s)
Treasury/IRS 22.062 - Electronic Filing Records
Treasury/IRS 36.003 - General Personnel and Payroll Records
Treasury/IRS 34.021 - Personnel Security Investigation, National Background Center (NBIC)
Data in the System
1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer:
-
Last Name
-
First Name
-
Middle Name (or NMN)
-
Gender
-
Race
-
Height
-
Weight
-
Eye Color
-
Hair Color
-
Place of Birth
-
Date of Birth
-
Date Fingerprinted
-
OCA Number (OCA is a Federal Bureau of Investigation (FBI)/National Criminal Investigation Center (NCIC) acronym meaning "originating agency's case number." This number is unique to one person/one arrest)
-
Transaction Control Reference (IAFIS Response Code)
B. Employee
C. Audit Trail Information
-
Name
-
SSN
-
Barcode ID (each card has this ID attached to it so that any transactions that occur to the card will contain this ID)
-
Event (any transaction or error)
-
Current State- the state of the transaction that is happening (Ex: complete, error, edit, search, etc…)
D. Other - The email message that is received from the FBI that states the results of the criminal background investigation will be used within the AEF processing environment. This email can be either one of type types. Type 1: an email notifying AEF that there was “no information found” on the individual. Type 2: an email would notify the AEF system of any criminal history recovered through the background investigation. This information may include: type of arrest and date, criminal charges and dates incurred, name and location of police department related to incidents.
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS - The FD-258 fingerprint card is provided by the IRS to taxpayers and police departments for the taxpayers to complete. This card and its corresponding information is the only source of data that is used throughout the criminal background investigation process. AEF validates the SSN by checking the SSN against the Third Party Data Store (TPDS). TPDS is a component of E-Services.
B. Taxpayer - When completing the fingerprint card the taxpayer provides the following information to the IRS.
C. Employee - None.
D. Other Federal Agencies - The Federal Bureau of Investigation (FBI) will be providing data for use within the AEF system through providing email messages that provide the results of background investigations.
E. State and Local Agencies
F. Other third party sources
3. Is each data item required for the business purpose of the system? Explain.
All information used within the AEF processing environment will be captured on the FD-258 fingerprint card and is necessary for the business purpose of the system.
The use of the AEF technology is both relevant and necessary to the purpose for which the AEF implementation was designed. This implementation will change the current manual process of submitting fingerprint cards to the FBI for performing criminal background investigations, which took 30 days or more to complete, to a reduced timeframe that results in customer satisfaction and a reduced workload for IRS employees.
4. How will each data item be verified for accuracy, timeliness, and completeness?
There will be no additional data collected from any source other than the applicant’s FD-258 fingerprint card. Currently, there is a manual process to confirm and compare data on the fingerprint card with data in the Third Party Data Store system (TPDS), which is an e-services subsystem for data records of registrants. This check is done to verify that name, address and SSN are accurate.
5. Is there another source for the data? Explain how that source is or is not used.
No. There will be no additional data collected from any source other than the applicant’s FD-258 fingerprint card.
6. Generally, how will data be retrieved by the user?
Viewing and retrieving information in AEF can be done two ways.
-
An AEF user can query via Cogent GUI functionality using name or SSN, or barcode assigned to each fingerprint card.
-
An image of the actual fingerprint card will be displayed and an AEF user can read the card for information.
7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?
Data/Fingerprint card image is retrievable by querying for name, SSN or fingerprint card barcode via Cogent GUI functionality.
Access to the Data
8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
All AEF users, managers, system administrators and developers that have a need-to-know will access AEF data via Role-based Access Controls (RBAC).
The following chart details the roles and permissions of AEF users.
| Role |
IRS Role |
Permissions |
| Document Scanner |
Clerical, Tax Examiner (TE) Assistors, Leads, Managers |
Start and stop the Epson Scanner. |
| Transaction Manager |
Clerical, Tax Examiner (TE) Assistors, Leads, Managers |
Perform data entry for fingerprint submissions, edit transactions, and review search results. |
| Archive Manager |
Leads, Managers |
View previously archived transactions. |
| Lock Manager |
Leads, Managers |
Unlock transactions that have been locked. |
| Report Manager |
Leads, Managers |
Generate and print identified reports. |
| Barcode Printer |
Leads, Managers |
Print barcode label. |
| |
Database Administrator |
Provides MS SQL Server Assistance/ Generate reports/ create ad hoc reports. |
9. How is access to the data by a user determined and by whom?
AEF user access to the system is reviewed by AEF managers using Role-based Access Controls (RBACs) and authorized via the Online 5081 approval process.
Contractors will not have access to the AEF system. Currently, any contractors acting as developers are required to have a Minimum Background Investigation (MBI)-level clearance.
10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.
Yes. AEF validates the SSN by checking the SSN against the Third Party Data Store (TPDS). This check is not via manual comparison of the data and is done electronically. TPDS is a component of E-Services.
11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?
E-Services - Third Party Data Store (TPDS)
-
Previous PIA 3/3/2003, expired 3/3/2006
-
C&A - 8/25/2005, expires 8/25/2008
A current PIA for TPDS is being developed.
Privacy Impact Assessment for FBI Integrated Automated Fingerprint Identification System (IAFIS) is available at http://foia.fbi.gov/iafis.htm
12. Will other agencies provide, receive, or share data in any form with this system?
IRS AEF and FBI IAFIS systems share data but the FBI will not have any direct access to the data within the AEF processing environment.
AEF and FBI Integrated Automated Fingerprint Identification System (IAFIS) systems share data but the FBI will not have any direct access to the data within the AEF processing environment. The AEF application interfaces with the IAFIS FBI System using communication and data exchange protocols defined by the IAFIS system. This capability is implemented by AEF. An FBI dedicated VPN router connects AEF system to the FBI IAFIS system over the Internet. The FBI VPN router encrypts/decrypts traffic between the IRS and FBI. The FBI configures and manages this router.
AEF will communicate and share data with IAFIS through Simple Mail Transfer Protocol (SMTP) email messages. This includes the submission of transactions to IAFIS and the receipt of response transactions from IAFIS via email. AEF will communicate with a remote file-based archive using TCP/IP sockets on a configurable port number. The archive will reside on a remote system that provides file storage of FBI Search transactions for an infinite amount of time. The AEF Transaction Management Server (TMS) will contain a client software package that communicates only with the archive server software. The purpose of this software is to insert, retrieve, and delete transactions from the archive when an AEF administrator reviews and/or deletes an archived transaction through the AEF Archive Manager Software.
Administrative Controls of Data
13. What are the procedures for eliminating the data at the end of the retention period?
The processed demographic and fingerprinting data will be retained for at least 2 years and will be maintained in accordance with Records Disposition Handbooks, IRM 1.15.59.1 through IRM 1.15.59.32.
All data meeting end of retention period requirements will be eliminated, overwritten, degaussed, and/or destroyed in the most appropriate method depending on the type of storage media used based upon documented IRS policies and procedures.
14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15.
Yes. The IRS will be utilizing AEF to provide electronic copies of applicant fingerprints from FD-258 paper forms to the FBI to conduct criminal background investigations.
15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.
Yes, the system provides information that enables the IRS (sanctioned by the Taxpayer Browsing Protection Act of 1997) to identify, locate, and monitor both firms and individuals for the purpose of auditing and to prevent the misuse of IRS services.
16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.
Yes, the system provides information that enables the IRS (sanctioned by the Taxpayer Browsing Protection Act of 1997) to identify, locate, and monitor both firms and individuals for the purpose of auditing and to prevent the misuse of IRS services.
Role-based Access Controls (RBAC) based upon user profile information will be used to help prevent unauthorized monitoring of IRS entities. In addition, auditing controls and intrusion detection systems are used by the IRS as deterrents to avoid exploitation of sensitive information by unauthorized entities.
17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain.
Yes. The system provides information that enables the IRS (sanctioned by the Taxpayer Browsing Protection Act of 1997) to identify, locate, and monitor both firms and individuals for the purpose of auditing and to prevent the misuse of IRS services.
18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?
Applicants will be able to correct information immediately through contact with an IRS Customer Representative of AEF or a resubmitted FD-258 fingerprint card. Applicants will have the right to appeal rejection for participation in the e-file program as a result of the FBI background investigation results.
There is an edit function for the information contained in AEF. Results sent back from FBI cannot be corrected, however, once an individual’s information is entered in the system it can be removed via deleting the record from the software. This is a function of AEF managers or leads and can be completed by all AEF users except those acting as fingerprint card scanners.
There are no anticipated effects on the due process rights of taxpayers and employees due to derivation of data. Under IRS terms of agreement, all authorized IRS personnel will be restricted from selling, trading, giving, bartering, misusing or further disclosing taxpayer information without that taxpayer’s specific consent.
19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?
No. AEF is not a web-based system.
| 
