The Department of Homeland Security (DHS) Office of the General Counsel (OGC) and Component Offices of Chief Counsel (OCC) use commercial off-the-shelf electronic discovery software tools to facilitate the production of documents and disclosure of existing records during litigation or in response to a request for records. eDiscovery is a document processing method that supports the organization of paper and electronic documents for analysis, review, redaction, and production to meet litigation discovery requirements. DHS also uses eDiscovery tools to process agency records in response to subpoenas and Touhy requests (written requests for testimony or agency records or official information made in accordance with agency regulations in cases to which the United States is not a party. DHS is conducting this Privacy Impact Assessment (PIA) because this process collects, maintains, stores, and shares personally identifiable information (PII).
The Preventing Emerging Threats Act of 2018 grants the Department of Homeland Security statutory authority to counter credible threats from unmanned aircraft systems (UAS) to the safety or security of a covered facility or asset. This authority is paramount to the Department’s mission to protect and secure the Homeland from evolving threats. The Department is in the process of coordinating with Components and stakeholders regarding the need for additional counter-UAS (CUAS) authorities.
Beginning in 2016, the former DHS Office of Community Partnerships and the Federal Emergency Management Agency (FEMA) managed the Countering Violent Extremism Grant Program (CVEGP) to fulfill a congressional mandate to help states and local communities prepare for, prevent, and respond to emergent threats from violent extremism. The CVEGP Privacy Impact Assessment (PIA) discussed the privacy risks of the first iteration of this grant program. The PIA noted that the DHS Privacy Office (PRIV) would initiate a Privacy Compliance Review (PCR) to provide recommendations for improving the privacy protections inherent in deploying a security review process as part of the grant application process. While the CVEGP was not renewed from its initial 2016 funding, the findings reflected in this report serve as lessons learned that the Office of Terrorism Prevention Partnerships and the Office for Targeted Violence and Terrorism Prevention should carefully consider for any future CVEGP iterations, if applicable. Further, the FEMA Grant Programs Directorate, as the administrator and manager of DHS grants, should fully implement PRIV recommendations to improve privacy protections for any future grant program that includes a security review.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) National Biodefense Analysis and Countermeasures Center (NBACC) created the Genomics Informatics System (GIS) to analyze bio-forensic data for classified development projects and law enforcement casework. GIS processes deoxyribonucleic acid (DNA) and amino-acid sequences transferred to GIS from external sources. S&T uses GIS for the analysis of bio-forensic data that may include the DNA or amino-acid sequences of synthetic constructs, viruses, bacteria, plants, animals, and/or humans. GIS is not used to identify individuals, and the identity of an individual cannot be inferred from a DNA sequence or other information in the GIS database. S&T is conducting this PIA to analyze potential privacy risks in the collection, analysis, and storage of human DNA sequences by GIS.
The Office of the Chief Information Officer (OCIO) is responsible for implementing the programs necessary to align DHS’s Information Technology (IT) personnel, resources, and assets.
Notification to DHS contractors about a potential lapse in funding.
The National Biodefense Analysis and Countermeasures Center (NBACC) is a federally funded research and development center (FFRDC) and laboratory within the U.S. Department of Homeland Security’s (DHS) Science & Technology Directorate (S&T). NBACC develops and applies methods to identify the means, method, and forensic signatures associated with a biological agent, biocrime, or bioterror investigation. This work guides DHS investments in vaccines, drugs, detectors, and other countermeasures to protect against biological terrorism. NBACC uses the Laboratory Management System (LMS) to facilitate and maintain a state of mission-related laboratory compliance with International Organization for Standardization (ISO) Standard ISO 17025 (general requirements for the competence of testing and calibration laboratories) and its laboratory registration with the Centers for Disease Control (CDC) and the U.S. Department of Agriculture (USDA). LMS assists NBACC in meeting its compliance, verification, and registration obligations under ISO 17025; federal, state, and local regulations; and DHS policies; and in reducing the likelihood of records mismanagement in its mission- related laboratory operations. LMS collects personally identifiable information (PII) from or about DHS workforce members (both government and contractors) who work with NBACC.
Through National Security Presidential Memorandum (NSPM)-9, the President has mandated the Federal Government improve the manner in which executive departments and agencies (agencies) coordinate and use intelligence and other information to identify individuals who present a threat to national security, border security, homeland security, or public safety in accordance with their existing legal authorities and all applicable policy protections. To achieve this mandate, the President directed the establishment of the National Vetting Center (NVC) within the Department of Homeland Security (DHS), with the purpose of coordinating agency vetting efforts to locate and use relevant intelligence and law enforcement information to identify individuals who may present a threat to the homeland. The Secretary of Homeland Security has delegated this responsibility within DHS to U.S. Customs and Border Protection (CBP). DHS is conducting this Privacy Impact Assessment (PIA) to assess the risks to privacy, civil rights, and civil liberties presented by the NVC and the vetting programs that will operate using the NVC.
The Department of Homeland Security (DHS) Office of Immigration Statistics (OIS) is responsible for carrying out two statutory requirements: 1) collecting and disseminating to Congress and the public information useful in evaluating the social, economic, environmental, and demographic impact of immigration laws; and 2) establishing standards of reliability and validity for immigration statistics collected by the Department’s operational Components. To meet these requirements, OIS collects immigration-related data from across DHS and other federal immigration agencies, prepares the data for statistical purposes, and creates a variety of statistical products to inform the public, Congress, and Department leadership on key trends in immigration to the United States.