Skip to Content


Published Privacy Impact Assessments on the Web

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


Privacy Office, DHS.


Notice of Publication of Privacy Impact Assessments.


The Privacy Office of the Department of Homeland Security is making available eleven (11) Privacy Impact Assessments on various programs and systems in the Department. These assessments were approved and published on the Privacy Office's Web site between April 1, 2008 and June 30, 2008.


The Privacy Impact Assessments will be available on the DHS Web site until December 30, 2008, after which they may be obtained by contacting the DHS Privacy Office (contact information below).

Start Further Info


Hugo Teufel III, Chief Privacy Officer, Department of Homeland Security, Mail Stop 0550, Washington, DC 20528, or e-mail:

End Further Info End Preamble Start Supplemental Information


April 1, 2008 and June 30, 2008, the Chief Privacy Officer of the Department of Homeland Security (DHS) approved and published eleven (11) Privacy Impact Assessments (PIAs) on the DHS Privacy Office Web site,​privacy, under the link for “Privacy Impact Assessments.” Below is a short summary of each of those systems, including the DHS component responsible for the system, the name of system, and the date on which the PIA was approved. Additional information can be found on the Web site or by contacting the Privacy Office.

System: Law Enforcement Information Data Base/Pathfinder.

Component: United States Coast Guard.

Date of approval: March 31, 2008.

The United States Coast Guard (USCG), a component of the Department of Homeland Security, established the Law Enforcement Information Data Base (LEIDB)/Pathfinder. LEIDB/Pathfinder archives text messages prepared by individuals engaged in Coast Guard law enforcement, counterterrorism, maritime security, maritime safety and other Coast Guard missions enabling intelligence analysis of field reporting. USCG conducted this PIA because the LEIDB/Pathfinder system collects and uses personally identifiable information (PII).

System: Maritime Awareness Global Network.

Component: United States Coast Guard.

Date of approval: April 11, 2008.

USCG developed the Maritime Awareness Global Network (MAGNET) system. MAGNET uses information relating to vessels and activities within Start Printed Page 64977the maritime environment to accomplish the USCG's missions in the areas of Maritime Safety, Maritime Security, Maritime Mobility, National Defense, and Protection of Natural Resources. MAGNET is a new system that will replace the existing integrated intelligence sharing system known as the Joint Maritime Information Element Support System. This PIA was completed because MAGNET will process PII.

System: United States Visitor and Immigrant Status Indicator Technology (US-VISIT) Program In conjunction with the Notice of Proposed Rulemaking on the Collection of Alien Biometric Data upon Exit from the United States at Air and Sea Ports of Departure.

Component: United States Visitor and Immigrant Status Indicator Technology.

Date of approval: April 22, 2008.

The US-VISIT Program has been implemented in phases with each phase adding additional capabilities, locations of implementation, or subject populations. US-VISIT published this PIA in conjunction with the Notice of Proposed Rulemaking on Collection of Alien Biometric Data upon Exit from the United States at Air and Sea Ports of Departure. A revised PIA will be issued in conjunction with the Final Rule on Collection of Alien Biometric Data upon Exit from the United States at Air and Sea Ports of Departure.

System: Group Violent Intent Modeling (GVIM) Program.

Component: Science and Technology.

Date of approval: April 25, 2008.

This PIA describes the research and development objectives of DHS Science and Technology (S&T) Directorate's Human Factors Division Group Violent Intent Modeling (GVIM) project. The goal of GVIM is to determine whether including social and behavioral theories and concepts from established research in a software tool that is used to analyze group behaviors and motivations will improve the ability of analysts to identify indicators that could predict group violence. The project will develop a social and behaviorally based framework of theories and concepts that includes modeling and simulation tools to improve the efficiency and accuracy of intelligence analysts examining the likelihood of a group choosing violence to achieve its goals. This PIA is necessary because PII will be collected as part of the research and development effort.

System: Web Time and Attendance System.

Component: Department Wide.

Date of approval: May 1, 2008.

The DHS Office of the Chief Human Capital Officer procured a commercial off the shelf application and customized it to meet DHS standard requirements. This system is designed to implement an enterprise system that can efficiently automate the timesheet collection process and provide robust reporting features and a labor distribution capability. This PIA was conducted because WebTA utilizes PII.

System: Einstein 2.

Component: National Protection and Programs Directorate.

Date of approval: May 19, 2008.

This PIA is for an updated version of the EINSTEIN System. EINSTEIN is a computer network intrusion detection system (IDS) used to help protect federal executive agency information technology enterprises. EINSTEIN 2 will incorporate network intrusion detection technology capable of alerting the United States Computer Emergency Readiness Team (US-CERT) to the presence of malicious or potentially harmful computer network activity in federal executive agencies' network traffic. This network intrusion detection technology uses a set of pre-defined signatures based upon known malicious network traffic. The signatures are based upon malicious computer code and are not based upon PII. Nor is the IDS programmed specifically to collect or locate PII. While the IDS will collect some PII that is directly related to malicious code being transmitted to the federal networks, its main focus is to identify the malicious code and protect federal networks, not to collect PII.

System: Tactical Information Sharing System Update.

Component: Transportation Security Administration.

Date of approval: June 1, 2008.

The Transportation Security Administration (TSA) operates the Transportation Information Sharing System (TISS). TISS receives, assesses, and distributes intelligence information related to transportation security to Federal Air Marshals and other Federal, State, and local law enforcement. This PIA is being updated to reflect more clearly that TISS applies to all transportation modes, not just aviation modes as might have been assumed because the system involves Federal Air Marshals.

System: Security Threat Assessment for Airport Badge and Credential Holders.

Component: Transportation Security Administration.

Date of approval: June 2, 2008.

TSA is updating the PIA for the Security Threat Assessment (STA) for Airport Badge and Credential Holders to reflect an expansion of the covered population to include certain holders of airport approved badges, and to reflect the use of US-VISIT's Automated Biometrics Identification System (IDENT) database as part of the STA process, including enrollment of fingerprints in that database for recurring checks. This PIA is an updated and amended version of the PIA originally published by TSA on June 15, 2004, and subsequently amended on August 19, 2005 and on December 20, 2006. The requirements addressed in the previous PIAs are still in effect, including the requirement to conduct name-based STAs on all individuals seeking or holding airport identification badges or credentials and the requirement to conduct fingerprint-based criminal history record checks along with name-based checks on individuals seeking access to the Security Identification Display Area (SIDA) or Sterile Area of an airport.

System: Electronic System for Travel Authorization.

Component: Customs and Border Protection.

Date of approval: June 3, 2008.

CBP issued an Interim Final Rule to create regulations governing the submission of Electronic System for Travel Authorization (ESTA) data, a new system of records notice, and an associated PIA. The ESTA regulations will govern the collection and use of PII in determining the eligibility to travel of persons seeking to enter the United States under the Visa Waiver Program (VWP) by air or sea. The regulations will require nationals of VWP countries seeking to enter the United States by air or sea carriers to submit PII to an electronic system, ESTA, prior to travel. ESTA will run the applicant's information against various databases to determine whether there is a law enforcement or security reason to deem that a prospective traveler is ineligible to travel to the United States under the VWP. The ESTA system will serve to modernize and strengthen the security of the VWP as mandated by the “Implementing Recommendations of the 9/11 Commission Act of 2007” (9/11 Act), by providing automated vetting of travelers from VWP countries.

System: Critical Infrastructure Change Detection (CICD).

Component: Science and Technology.

Date of approval: June 19, 2008.

The Critical Infrastructure Change Detection (CICD) program is a DHS S&T research program that is examining novel technical approaches to provide wide area surveillance and change detection capabilities to protect the Nation's critical infrastructure. S&T Start Printed Page 64978proposes to test a high resolution, 360 degree field-of-view video system that will accommodate multiple simultaneous users and also have change detection and tracking capabilities. A PIA is being conducted because the system demonstration will be performed in a public area of New York City and will involve capturing images of persons and textual information in the public space.

System: Department of Homeland Security General Contact List.

Component: DHS Wide.

Date of approval: June 30, 2008.

Many Department of Homeland Security operations and projects collect a minimal amount of contact information in order to distribute information and perform various other administrative tasks. Department Headquarters conducted this privacy impact assessment because contact lists contain PII. The Department added the following systems to this PIA:

  • Science and Technology Cyber Security Research and Development Center Web Site,
  • U.S. Coast Guard Proceedings magazine online subscription request form,
  • Federal Emergency Management Agency National Fire Academy Long-Term Evaluation,
  • Federal Emergency Management Agency Port Security Grant Program,
  • National Protection and Programs Directorate Telecommunications Service Priority (TSP) Web.
Start Signature

Dated: October 21, 2008.

Hugo Teufel III,

Chief Privacy Officer, Department of Homeland Security.

End Signature End Supplemental Information

[FR Doc. E8-25962 Filed 10-30-08; 8:45 am]