[Federal Register: December 19, 2008 (Volume 73, Number 245)]
[Proposed Rules]
[Page 77548-77549]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr19de08-30]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
6 CFR Part 5
[Docket No DHS-2008-0195]
Privacy Act of 1974: Implementation of Exemptions; U.S. Customs
and Border Protection--015 Automated Commercial System
AGENCY: Privacy Office, DHS.
ACTION: Notice of proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: The Department of Homeland Security is amending its
regulations to exempt portions of a system of records from certain
provisions of the Privacy Act. Specifically, the Department proposes to
exempt portions of the CBP Automated Commercial System (ACS) from one
or more provisions of the Privacy Act because of criminal, civil, and
administrative enforcement requirements.
DATES: The public is invited to submit comments by January 20, 2009.
ADDRESSES: You may submit comments, identified by docket number DHS-
2008-0195 by one of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 1-866-466-5370.
Mail: Hugo Teufel III, Chief Privacy Officer, Privacy
Office, Department of Homeland Security, Washington, DC 20528.
FOR FURTHER INFORMATION CONTACT: For general questions please contact:
Laurence E. Castelli (202-325-0280), Chief, Privacy Act Policy and
Procedures Branch, U.S. Customs and Border Protection, Regulations and
Rulings, Office of International Trade, 1300 Pennsylvania Ave., NW.,
Washington, DC 20229. For privacy issues please contact: Hugo Teufel
III (703-235-0780), Chief Privacy Officer, Privacy Office, U.S.
Department of Homeland Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
Background
The Department of Homeland Security (DHS), elsewhere in this
edition of the Federal Register, published a Privacy Act system of
records notice describing records in the Automated Commercial System
(ACS).
To help prevent terrorist weapons from being transported to the
United States, vessel carriers bringing cargo to the United States are
required to transmit certain information to Customs and Border
Protection (CBP) about the cargo they are transporting prior to lading
that cargo at foreign ports of entry. CBP is issuing an interim final
rule that requires both importers and carriers to submit additional
information pertaining to cargo to CBP before the cargo is brought into
the United States by vessel. This information must be submitted to CBP
by way of a CBP-approved electronic data interchange system. The
required information is necessary to improve CBP's ability to identify
high-risk shipments so as to prevent smuggling and ensure cargo safety
and security, as required by section 203 of the Security and
Accountability for Every (SAFE) Port Act of 2006 and section 343(a) of
the Trade Act of 2002, as amended by the Maritime Transportation
Security Act of 2002.
The proposed rule was known to the trade as both the ``Importer
Security Filing proposal'' and the ``10 + 2 proposal.'' The name ``10 +
2'' is shorthand for the number of advance data elements CBP was
proposing to collect. Carriers would be generally required to submit
two additional data elements--a vessel stow plan and container status
messages regarding certain events relating to containers loaded on
vessels destined to the United States--to the elements they are already
required to electronically transmit in advance (the ``2'' of ``10 +
2''); and importers, as defined in the proposed regulations, would be
required to submit ten data elements--an Importer Security Filing
containing ten data elements (the ``10'' of ``10 + 2'').
The Automated Commercial System (ACS) is the comprehensive system
used
[[Page 77549]]
by U.S. Customs and Border Protection to track, control, and process
all commercial goods imported into the United States. ACS is a
sophisticated and integrated large-scale business-oriented system which
employs multiple modules to perform discrete aspects of its
functionality: including receiving data transmissions from a variety of
parties involved in international commercial transactions, and
providing CBP with the capability to track both the transport
transactions and the financial transactions associated with the
movement of merchandise through international commerce. Through the use
of Electronic Data Interchange (EDI), ACS facilitates merchandise
processing, significantly cuts costs, and reduces paperwork
requirements for both Customs and the importing community.
ACS has two principal methods for electronic data interchange, the
Automated Broker Interface (ABI) and the Automated Manifest System
(AMS). Under the ``10 + 2'' program, importers who submit the Importer
Security Filing (ISF), will use either ABI or Vessel AMS to provide
their information to CBP. ACS, upon receipt of the ISF, will transfer
the data to the Automated Targeting System (ATS) for screening and
targeting purposes. Once screened the ISF data will be returned with
embedded targeting links to ACS to be maintained in accordance with the
ACS stated retention policy.
No exemption shall be asserted with respect to information
maintained in the system as it relates to data submitted by or on
behalf of a person who travels to visit the United States, nor shall an
exemption be asserted with respect to the resulting determination
(authorized to travel, not authorized to travel, pending).
This system may contain records or information pertaining to the
accounting of disclosures made from ACS to other law enforcement
agencies (Federal, State, local, foreign, international, or tribal) in
accordance with the published routine uses. For the accounting of these
disclosures only, in accordance with 5 U.S.C. 552a(j)(2) and (k)(2),
DHS will claim the original exemptions for these records or information
from subsection (c)(3), (e)(8), and (g) of the Privacy Act of 1974, as
amended, as necessary and appropriate to protect such information.
Moreover, DHS will add this exemption to Appendix C to 6 CFR part 5,
DHS Systems of Records Exempt from the Privacy Act. Such exempt records
or information may be law enforcement or national security
investigation records, law enforcement activity and encounter records,
or terrorist screening records.
DHS needs these exemptions in order to protect information relating
to law enforcement investigations from disclosure to subjects of
investigations and others who could interfere with investigatory and
law enforcement activities. Specifically, the exemptions are required
to: Preclude subjects of investigations from frustrating the
investigative process; avoid disclosure of investigative techniques;
protect the identities and physical safety of confidential informants
and of law enforcement personnel; ensure DHS's and other federal
agencies' ability to obtain information from third parties and other
sources; protect the privacy of third parties; and safeguard sensitive
information.
Nonetheless, DHS will examine each request on a case-by-case basis,
and, after conferring with the appropriate component or agency, may
waive applicable exemptions in appropriate circumstances and where it
would not appear to interfere with or adversely affect the law
enforcement or national security investigation.
Again, DHS will not assert any exemption with respect to
information maintained in the system that is collected from a person
and submitted by that person's air or vessel carrier, if that person,
or his or her agent, seeks access or amendment of such information.
List of Subjects in 6 CFR Part 5
Freedom of information, Privacy.
For the reasons stated in the preamble, DHS proposes to amend
Chapter I of Title 6, Code of Federal Regulations, as follows:
PART 5--DISCLOSURE OF RECORDS AND INFORMATION
1. The authority citation for Part 5 continues to read as follows:
Authority: Public Law 107-296, 116 Stat. 2135, 6 U.S.C. 101 et
seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.
2. At the end of Appendix C to Part 5, add the following new
paragraph ``14'':
Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy
Act
* * * * *
14. DHS/CBP-015, Automated Commercial System (ACS). A portion of
the following system of records is exempt from 5 U.S.C. 552a(c)(3),
(e)(8), and (g) pursuant to 5 U.S.C. 552a(j)(2) and (k)(2). Further,
no exemption shall be asserted with respect to information
maintained in the system as it relates to data submitted by or on
behalf of a person who travels to visit the United States and
crosses the border, nor shall an exemption be asserted with respect
to the resulting determination (approval or denial). After
conferring with the appropriate component or agency, DHS may waive
applicable exemptions in appropriate circumstances and where it
would not appear to interfere with or adversely affect the law
enforcement purposes of the systems from which the information is
recompiled or in which it is contained. Exemptions from the above
particular subsections are justified, on a case-by-case basis to be
determined at the time a request is made, when information in this
system of records may impede a law enforcement or national security
investigation:
(a) From subsection (c)(3) (Accounting for Disclosure) because
making available to a record subject the accounting of disclosures
from records concerning him or her would specifically reveal any
investigative interest in the individual. Revealing this information
could reasonably be expected to compromise ongoing efforts to
investigate a violation of U.S. law, including investigations of a
known or suspected terrorist, by notifying the record subject that
he or she is under investigation. This information could also permit
the record subject to take measures to impede the investigation,
e.g., destroy evidence, intimidate potential witnesses, or flee the
area to avoid or impede the investigation.
(b) From subsection (e)(8) (Notice on Individuals) because to
require individual notice of disclosure of information due to
compulsory legal process would pose an impossible administrative
burden on DHS and other agencies and could alert the subjects of
counterterrorism or law enforcement investigations to the fact of
those investigations when not previously known.
(c) From subsection (g) (Civil Remedies) to the extent that the
system is exempt from other specific subsections of the Privacy Act.
Dated: December 10, 2008.
Hugo Teufel III,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E8-29839 Filed 12-18-08; 8:45 am]
BILLING CODE 4410-10-P