Selected Reports


Privacy & Civil Liberties Resources in the Creation of Strong Privacy and Civil Liberties Protections Affiliations and Associations \| Privacy Impact Assessment Guidance \| Selected Reports Department of Homeland Security (DHS) – The DHS Privacy Office and the Office for Civil Rights and Civil Liberties have created a “Fusion Center Privacy, Civil Rights and Civil Liberties (CRCL) Training Program.” Resources include: this on-line “one-stop-shop” web portal containing privacy, civil rights, and civil liberties resources, a training “toolkit” of resources, 2009 regional Training of Trainers sessions to help fusion centers conduct their own training in these areas, and on-site training in partnership with fusion centers. Interested in applying for on-site privacy, civil rights and civil liberties training or discussing other support? Contact us at FusionCenterTraining@dhs.gov In addition, the DHS Privacy Office offers “PIA Intensives.” In the December 2008 Privacy Impact Assessment (PIA) (42 pp. PDF) of DHS support for fusion centers, the DHS Privacy Office identified a number of risks to privacy presented by the fusion center program and recommended that fusion centers conduct “their own PIAs to understand the processes and authorities unique to their jurisdictions.” To assist fusion centers to conduct their own PIAs, the DHS Privacy Office will provide: an information packet and guidance on conducting PIA, and on-site or telephone coaching and training for fusion center Privacy Officers. Interested in a “PIA Intensive” session? Contact us at FusionCenterTraining@dhs.gov. More resources on how to conduct a PIA. Although these resources were developed by federal agencies, they offer comprehensive models for fusion centers seeking to conduct PIAs of new or existing programs and technology. DHS Privacy Threshold Analysis (July 2007) (5 pp. PDF) – This form is used by DHS to gather information necessary “to determine whether a Privacy Impact Assessment (PIA) is required under the E-Government Act of 2002 and the Homeland Security Act of 2002.” It provides an example for organizations creating an analysis process. DHS Privacy Impact Assessment Template (9 pp. PDF) – The template provides the format for a privacy impact assessment (PIA) and instructions on how to complete the sections of the PIA. DOJ Privacy Threshold Analysis (3 pp. PDF) – The form used by Department of Justice (DOJ) to gather information necessary to determine whether a Privacy Impact Assessment (PIA) is required, and if so, whether a short-form or full PIA is needed. Also see materials published by other federal agencies on their PIA procedures in the Privacy Impact Assessment Guidance page. More resources on setting up or refining privacy safeguards. These resources were developed by the DHS Privacy Office for DHS personnel. However, they provide samples of the processes, procedures, and guidelines that fusion centers may wish to put in place. Privacy Incident Handling Guidance (PIHG) (September 2007) (109 pp. PDF) – “The Department of Homeland Security (DHS) has a duty to safeguard personally identifiable information (PII) in its possession and to prevent the breach of PII in order to maintain the public’s trust. The Privacy Incident Handling Guidance (PIHG) serves this purpose by informing DHS organizations, employees, senior officials, and contractors of their obligation to protect PII and by establishing procedures delineating how they must respond to the potential loss or compromise of PII.” Handbook for Safeguarding Sensitive Personally Identifiable Information at DHS (October 2008) (21 pp. PDF) – “The DHS Privacy Office Handbook for Safeguarding Sensitive PII at DHS applies to every DHS employee, contractor, detailee and consultant. The document sets minimum standards for how personnel should handle Sensitive PII in paper and electronic form during their everyday work activities at DHS.” The Department of Homeland Security and Department of Justice collaborate on “Fusion Process Technical Assistance Program and Services” (44 pp. PDF) privacy and civil liberties policy templates (71 pp. PDF) for justice info systems; a privacy and civil liberties policy development guide and implementation templates (162 pp. PDF); “10 steps to Privacy and Civil Liberties Policy“ (2 pp. PDF). In addition, the DOJ Civil Rights Division handles complaints from the public about illegal discrimination and conducts an "Initiative to Combat Post 9/11 Discriminatory Backlash." Also see the "Guidance Regarding the Use of Race by Federal Law Enforcement Agencies." The DHS Office for Civil Rights and Civil Liberties also distributes a free training CD-ROM on this topic. Privacy and Civil Liberties Policy Development and the Information Sharing Environment (ISE) – "The ISE Privacy Guidelines call for State, local, and tribal government to develop and implement protections that are at least as comprehensive as those contained in the ISE Privacy Guidelines... A number of resources have been developed for fusion centers and state and local governments for developing privacy and civil liberties policies... Note that the National Strategy for Information Sharing calls for the establishment of baseline operational standards for fusion centers, which are to build on the Global Justice Fusion Center Guidelines. Guideline 8 provides for the development of a privacy and civil liberties policy, and refers to many of the resources" available on this section of the ISE website. Selected Reports Also see reports from the GAO and CRS. National Commission on Terrorist Attacks upon the United States (9/11 Commission) – The Commission’s Final Report provides a full and complete account of the circumstances surrounding the September 11, 2001, terrorist attacks, including preparedness for and the immediate response to the attacks. It also includes recommendations designed to guard against future attacks. The Full Report (585 pp. PDF) is posted as a single PDF file. However, the Government Printing Office created a user-friendly version optimized for screen-viewing and decreased the file size to a 2.3 MB. The report is also available as a collection of smaller PDFs arranged in a browse table based on the Final Report’s table of contents. An Executive Summary (34 pp. PDF) of the Final Report is also available Among other resources, the 9/11 Commission website contains the December 2003 testimony of a former General Counsel for the Department of Defense on the privacy and civil liberties safeguards needed as the 9/11 Commission’s Recommendations are implemented. Privacy Technology Focus Group, Final Report and Recommendations (September 2006) (83 pp. PDF) – “[I]n November 2005, the Bureau of Justice Assistance (BJA), Office of Justice Programs (OJP), U.S. Department of Justice (DOJ), gathered a group of public and private sector specialists to focus specifically on privacy technology (as opposed to privacy policy).This Privacy Technology Focus Group (Focus Group) was chartered to examine the use and exchange of personally identifiable information (PII) in the context of justice information systems and in the dissemination and aggregation of justice and public safety data…. Working teams addressed the following subject matters: Access and Authentication, Data Aggregation and Dissemination, Identity Theft, and Personal Safety and Protection. Each working team produced a report and recommendations for their selected topics.” See also this report’s Executive Summary. (8 pp. PDF) National Association of State Chief Information Officers (NASCIO), Keeping Citizen Trust: What Can A State CIO Do To Protect Privacy? (October 2006) (18 pp. PDF) – “[M]any states are still in the process of determining how best to address privacy across the state enterprise, and the state CIO’s involvement varies greatly from state-to-state. Regardless of where responsibility for privacy may reside in a given state, the one constant among all states is the need for the many privacy stakeholders to understand privacy’s importance and how citizen privacy can be protected. This brief provides state CIOs with a common frame of reference for the importance of citizens’ information privacy and some initial ways for states to implement and manage privacy protections.” DHS Office of Inspector General, DHS’ Role in State and Local Fusion Centers Is Evolving (Report OIG-09-12) (December 2008) (62 pp. PDF) – “[DHS’s] fusion center program is intended to provide information, people, technology, and other resources to fusion centers to create a web of interconnected information nodes across the country…. Office of Intelligence and Analysis coordination efforts with fusion centers are improving and evolving, and its intelligence officers assigned to fusion centers have added value. However, challenges remain with internal [DHS] coordination, aligning fusion center activities and funding with the department’s mission, and deploying personnel to state and local fusion centers in a timely manner…. [The OIG is] making seven recommendations to assist… in improving the overall effectiveness of the… fusion center program.” Source: Page created by the DHS/Office for Civil Rights and Civil Liberties and the DHS/Privacy Office in cooperation with the DOJ, Office of Justice Programs. Last date revised: 04/16/10

Privacy & Civil Liberties Resources

in the Creation of Strong Privacy and Civil Liberties Protections

Affiliations and Associations | Privacy Impact Assessment Guidance | Selected Reports

Department of Homeland Security (DHS) – The DHS Privacy Office and the Office for Civil Rights and Civil Liberties have created a “Fusion Center Privacy, Civil Rights and Civil Liberties (CRCL) Training Program.” Resources include:

this on-line “one-stop-shop” web portal containing privacy, civil rights, and civil liberties resources,
a training “toolkit” of resources,
2009 regional Training of Trainers sessions to help fusion centers conduct their own training in these areas, and
on-site training in partnership with fusion centers.

Interested in applying for on-site privacy, civil rights and civil liberties training or discussing other support? Contact us at FusionCenterTraining@dhs.gov

In addition, the DHS Privacy Office offers “PIA Intensives.” In the December 2008 Privacy Impact Assessment (PIA) (42 pp. PDF) of DHS support for fusion centers, the DHS Privacy Office identified a number of risks to privacy presented by the fusion center program and recommended that fusion centers conduct “their own PIAs to understand the processes and authorities unique to their jurisdictions.” To assist fusion centers to conduct their own PIAs, the DHS Privacy Office will provide:

an information packet and guidance on conducting PIA, and
on-site or telephone coaching and training for fusion center Privacy Officers.

Interested in a “PIA Intensive” session? Contact us at FusionCenterTraining@dhs.gov.

More resources on how to conduct a PIA. Although these resources were developed by federal agencies, they offer comprehensive models for fusion centers seeking to conduct PIAs of new or existing programs and technology.

DHS Privacy Threshold Analysis (July 2007) (5 pp. PDF) – This form is used by DHS to gather information necessary “to determine whether a Privacy Impact Assessment (PIA) is required under the E-Government Act of 2002 and the Homeland Security Act of 2002.” It provides an example for organizations creating an analysis process.
DHS Privacy Impact Assessment Template (9 pp. PDF) – The template provides the format for a privacy impact assessment (PIA) and instructions on how to complete the sections of the PIA.
DOJ Privacy Threshold Analysis (3 pp. PDF) – The form used by Department of Justice (DOJ) to gather information necessary to determine whether a Privacy Impact Assessment (PIA) is required, and if so, whether a short-form or full PIA is needed.

Also see materials published by other federal agencies on their PIA procedures in the Privacy Impact Assessment Guidance page.

More resources on setting up or refining privacy safeguards. These resources were developed by the DHS Privacy Office for DHS personnel. However, they provide samples of the processes, procedures, and guidelines that fusion centers may wish to put in place.

Privacy Incident Handling Guidance (PIHG) (September 2007) (109 pp. PDF) – “The Department of Homeland Security (DHS) has a duty to safeguard personally identifiable information (PII) in its possession and to prevent the breach of PII in order to maintain the public’s trust. The Privacy Incident Handling Guidance (PIHG) serves this purpose by informing DHS organizations, employees, senior officials, and contractors of their obligation to protect PII and by establishing procedures delineating how they must respond to the potential loss or compromise of PII.”
Handbook for Safeguarding Sensitive Personally Identifiable Information at DHS (October 2008) (21 pp. PDF) – “The DHS Privacy Office Handbook for Safeguarding Sensitive PII at DHS applies to every DHS employee, contractor, detailee and consultant. The document sets minimum standards for how personnel should handle Sensitive PII in paper and electronic form during their everyday work activities at DHS.”

The Department of Homeland Security and Department of Justice collaborate on “Fusion Process Technical Assistance Program and Services” (44 pp. PDF)

privacy and civil liberties policy templates (71 pp. PDF) for justice info systems;
a privacy and civil liberties policy development guide and implementation templates (162 pp. PDF);
“10 steps to Privacy and Civil Liberties Policy“ (2 pp. PDF).

In addition, the DOJ Civil Rights Division handles complaints from the public about illegal discrimination and conducts an "Initiative to Combat Post 9/11 Discriminatory Backlash." Also see the "Guidance Regarding the Use of Race by Federal Law Enforcement Agencies." The DHS Office for Civil Rights and Civil Liberties also distributes a free training CD-ROM on this topic.

Privacy and Civil Liberties Policy Development and the Information Sharing Environment (ISE) – "The ISE Privacy Guidelines call for State, local, and tribal government to develop and implement protections that are at least as comprehensive as those contained in the ISE Privacy Guidelines... A number of resources have been developed for fusion centers and state and local governments for developing privacy and civil liberties policies... Note that the National Strategy for Information Sharing calls for the establishment of baseline operational standards for fusion centers, which are to build on the Global Justice Fusion Center Guidelines. Guideline 8 provides for the development of a privacy and civil liberties policy, and refers to many of the resources" available on this section of the ISE website.

Selected Reports
Also see reports from the GAO and CRS.

National Commission on Terrorist Attacks upon the United States (9/11 Commission) – The Commission’s Final Report provides a full and complete account of the circumstances surrounding the September 11, 2001, terrorist attacks, including preparedness for and the immediate response to the attacks. It also includes recommendations designed to guard against future attacks.

The Full Report (585 pp. PDF) is posted as a single PDF file. However, the Government Printing Office created a user-friendly version optimized for screen-viewing and decreased the file size to a 2.3 MB. The report is also available as a collection of smaller PDFs arranged in a browse table based on the Final Report’s table of contents.
An Executive Summary (34 pp. PDF) of the Final Report is also available

Among other resources, the 9/11 Commission website contains the December 2003 testimony of a former General Counsel for the Department of Defense on the privacy and civil liberties safeguards needed as the 9/11 Commission’s Recommendations are implemented.

Privacy Technology Focus Group, Final Report and Recommendations (September 2006) (83 pp. PDF) – “[I]n November 2005, the Bureau of Justice Assistance (BJA), Office of Justice Programs (OJP), U.S. Department of Justice (DOJ), gathered a group of public and private sector specialists to focus specifically on privacy technology (as opposed to privacy policy).This Privacy Technology Focus Group (Focus Group) was chartered to examine the use and exchange of personally identifiable information (PII) in the context of justice information systems and in the dissemination and aggregation of justice and public safety data…. Working teams addressed the following subject matters: Access and Authentication, Data Aggregation and Dissemination, Identity Theft, and Personal Safety and Protection. Each working team produced a report and recommendations for their selected topics.” See also this report’s Executive Summary. (8 pp. PDF)

National Association of State Chief Information Officers (NASCIO), Keeping Citizen Trust: What Can A State CIO Do To Protect Privacy? (October 2006) (18 pp. PDF) – “[M]any states are still in the process of determining how best to address privacy across the state enterprise, and the state CIO’s involvement varies greatly from state-to-state. Regardless of where responsibility for privacy may reside in a given state, the one constant among all states is the need for the many privacy stakeholders to understand privacy’s importance and how citizen privacy can be protected. This brief provides state CIOs with a common frame of reference for the importance of citizens’ information privacy and some initial ways for states to implement and manage privacy protections.”

DHS Office of Inspector General, DHS’ Role in State and Local Fusion Centers Is Evolving (Report OIG-09-12) (December 2008) (62 pp. PDF) – “[DHS’s] fusion center program is intended to provide information, people, technology, and other resources to fusion centers to create a web of interconnected information nodes across the country…. Office of Intelligence and Analysis coordination efforts with fusion centers are improving and evolving, and its intelligence officers assigned to fusion centers have added value. However, challenges remain with internal [DHS] coordination, aligning fusion center activities and funding with the department’s mission, and deploying personnel to state and local fusion centers in a timely manner…. [The OIG is] making seven recommendations to assist… in improving the overall effectiveness of the… fusion center program.”

Source: Page created by the DHS/Office for Civil Rights and Civil Liberties and the DHS/Privacy Office in cooperation with the DOJ, Office of Justice Programs.

Last date revised: 04/16/10

Training Toolkit Privacy and Civil Liberties Guides and Templates Authorities and Guidance Federal Reports » Government Accountability Office Reports » Congressional Research Service Reports » Selected Reports Agencies and Organizations Biometric Privacy Resources Commonly Used Terms
Site Tools Events Calendar FAQ Document Library News Archive Site Map RSS Feeds & Podcasts Contact Us BJA Twitter

Training Toolkit

Privacy and Civil Liberties Guides and Templates

Authorities and Guidance

Federal Reports

» Government Accountability Office Reports

» Congressional Research Service Reports

» Selected Reports

Agencies and Organizations

Biometric Privacy Resources

Commonly Used Terms