| Home | Information Sharing & Analysis | Prevention & Protection | Preparedness & Response | Research | Commerce & Trade | Travel Security & Procedures | Immigration |
| About the Department | Open for Business | Press Room |
The threat level in the airline sector is High or Orange. Read more.
Like the Department of Homeland Security (DHS), the department's US-VISIT program has made a clearly articulated commitment to comply with U.S. privacy laws and maintain a culture where privacy is valued and fundamental to how we do business. In fact, safeguarding privacy is one of US-VISIT's four goals.
Through its biometrics based technological solutions, US-VISIT provides identity management services to agencies throughout the federal government, as well as to state and local law enforcement agencies. Advanced technologies such as biometrics require equally advanced, responsible methods to ensure the highest levels of protection for the information the public entrusts to us. From conception through execution, the protection of privacy is an essential component of the program and is ensured by the US-VISIT Privacy Team.
On the US-VISIT Web site and in other documentation, the US-VISIT Privacy Team defines its mission clearly, as follows: To uphold the privacy of individuals while protecting our national borders by adhering to the letter and the spirit of U.S. privacy laws. US-VISIT has adopted and complies with the fair information practices of notice, choice, access, security and redress, by treating individuals and their personal information with respect, and by ensuring a high standard of privacy protection.
US-VISIT's policies extend to non-U.S. citizens most of the same privacy protections we give by law to U.S. citizens. US-VISIT has a dedicated Privacy Officer who is responsible not only for ensuring compliance with privacy laws and procedures, but also for creating a culture within the program where privacy is inherently valued, treated as a fundamental right and obligation, and embedded into US-VISIT's enterprise planning and development process. In fact, the US-VISIT Privacy Officer reports to the DHS Chief Privacy Officer, as well as to the US-VISIT Office of the Director. This dual reporting function ensures the necessary oversight.
As a government-wide identity management service provider, US-VISIT adheres to the highest level of privacy protections by maintaining public transparency, a well-managed and articulated redress policy and strict data storage protocols.
Through ongoing public information and education efforts, coupled with the development and publication of Privacy Impact Assessments (PIA) and System of Records Notices (SORN), US-VISIT maintains accountability and transparency with regard to personal information.
US-VISIT participates in numerous outreach events with travel industry, border community and other interested stakeholders, including privacy groups and experts. US-VISIT’s Privacy Officer and outreach personnel regularly coordinate with their counterparts within the government regarding federal privacy policies and initiatives. Through advertisements, distribution of informational materials in multiple languages and its Web site (www.dhs.gov/US-VISIT ), US-VISIT offers a wide array of guidance, explanations of the program and information about our privacy policies, principles and redress procedures.
US-VISIT publishes PIAs for each new initiative the program undertakes. The PIAs serve as a valuable resource for persons seeking a comprehensive and detailed look into US-VISIT privacy protections. US-VISIT conducts PIAs of its systems and program developments, and makes them available to the public via www.dhs.gov. Privacy advocates have publicly recognized US-VISIT’s Privacy Impact Assessments as models for providing a transparent view of what information we collect, how we store it and our policies and practices to ensure it is not abused.
Since its inception in 2003, US-VISIT has published 13 PIAs and PIA updates, as well as three SORNs providing detailed accounts of systems containing personally identifiable information. As the US-VISIT program provides its identity management services to additional entities, these PIAs and SORNs will continue to be updated and published, giving the public advance notice and continued insight into the program.
DHS developed and implemented a centralized and well-publicized redress process to provide persons with a fast and easy way for review of the personal information collected about them, to have information corrected as appropriate and, if desired, appeal redress decisions to the DHS Chief Privacy Officer.
To facilitate efficient processing of redress requests, US-VISIT developed a Redress Request form (available on the US-VISIT Web site) for requestors to complete and submit. US-VISIT also established a dedicated privacy e-mail address -- usvisitprivacy@dhs.gov-- to enable more expeditious redress processing. However, US-VISIT no longer encourages the submission of redress requests containing personally identifying information by e-mail, recognizing that the sending of such information via non-secure e-mail could lead to such information being intercepted or compromised. Requestors will now be asked to send personally identifying information via mail or fax. The e-mail address is still useful for answering basic questions about the program and sending out the Redress Request form.
While millions of persons have interacted with US-VISIT identity management services, US-VISIT has received only 175 petitions for redress. Furthermore, the vast majority of these have largely centered on requests for information about the program, or an attempt to correct information to ensure a person is not routinely selected for secondary inspection.
In addition to US-VISIT's own redress process, US-VISIT also supports the Traveler Redress Inquiry Program or DHS TRIP. Established cooperatively by DHS and the Department of State as part of the Rice-Chertoff Joint Vision, DHS TRIP was launched in February 2007 to provide a single point of contact for persons who have inquiries or seek resolution regarding difficulties they experienced during the U.S. travel screening process, including: 1) denied or delayed airline boarding, 2) denied or delayed entry into and exit from the United States at a port of entry or border checkpoint, and/or 3) continuously referred to additional (secondary) screening. Even with the launch of DHS TRIP, US-VISIT will continue to respond to inquiries it receives directly and ensure that those inquiries are coordinated with DHS TRIP.
Data about persons processed through US-VISIT is securely stored on systems that have been certified and accredited and made available only to authorized officials and selected law enforcement agencies. US-VISIT storage protocols provide for the adequate security of data collected and ensure the availability of the data stored. US-VISIT vigilantly protects the personal information from misuse by anyone within or outside the government. US-VISIT information can be stored in case file folders, cabinets, safes, or a variety of electronic or computer databases and storage media.
Detailed and carefully monitored systems and security protocols are in place to govern access to personal information. Under the leadership of its privacy officer, US-VISIT has developed requirements for privacy-compliant activities and operations including the development of data usage agreements between US-VISIT and other agencies.
The initial information storage capability of US-VISIT is based on the integration of three core legacy systems: the Arrival and Departure Information System (ADIS); ENFORCE/IDENT, the fingerprinting collection and matching system, the passenger processing component of the Treasury Enforcement Communications System (TECS), which provides access to Interpol and National Crime Information Center (NCIC) databases; and the Advanced Passenger Information System (APIS) which receives airline passenger manifest information. As of July 2006, IDENT and ENFORCE have been managed separately. US-VISIT manages IDENT and Immigration and Customs Enforcement (ICE) manages ENFORCE. TECS is managed by Customs and Border Protection (CBP).
Each of the core systems provided mature, existing functionality. Each of these systems has data safeguards in place and has been certified and accredited as being secure. The protective strategies are physical, technical, administrative and environmental in nature and provide access control to sensitive data, physical access control to DHS facilities, confidentiality of communications, authentication of sending parties and personnel screening to ensure that all personnel with access to data are screened through background investigations commensurate with the level of access required to perform their duties. The specific access controls for each use of information is described in the PIA relating to that use of information.
US-VISIT continues to work closely with the FBI to make complete a plan to ensure mission-critical interoperability between US-VISIT's IDENT database and the FBI's IAFIS (Integrated Automated Fingerprint Identification System) database. US-VISIT's Privacy Team has been closely engaged in this effort from the beginning. DHS and the Department of Justice each conducted the PIA for the IDENT/IAFIS interoperability project, and both parties have put in place the necessary safeguards to ensure that all information exchanges comply with the Privacy Act and existing privacy policies.
The biographic and biometric data collected by the US-VISIT program for which the statute of limitations has expired for all criminal violations or that are older than 75 years will be purged as specified under the following three SORNs published in the Federal Register: ADIS and IDENT on December 12, 2003, and an update to IDENT on July 27, 2006. Testing and training data is purged when the data is no longer required. Fingerprint cards, created for the purpose of entering records in the database, will be destroyed after data entry.
Questions about US-VISIT's privacy practices can be sent to: US-VISIT Privacy Officer, US-VISIT Program, U.S. Department of Homeland Security, Washington, D.C. 20528, USA or send by facsimile to 100-1-202-298-5201. Additionally, the privacy officer can be reached for questions at 100-1-202-298-5200 or by e-mail at usvisitprivacy@dhs.gov.
This page was last modified on May 24, 2007