The Data Privacy and Integrity Advisory Committee will hold a public meeting on October 27, 2020.

Federal agencies are required to provide what is commonly referred to as a “Privacy Act Statement” to all persons asked to provide personal information about themselves, which will go into a system of records (i.e., the information will be stored and retrieved using the individual’s name or other personal identifier such as a Social Security number).

The United States Secret Service (USSS) Investigative Support Division (ISD) uses the Comprehensive Financial Investigative System (CFIS) in support of data capture to maintain records for financial investigations from case initiation to completion. USSS is conducting this Privacy Impact Assessment (PIA) because CFIS collects and maintains personally identifiable information (PII) regarding subjects of criminal financial investigations.

The U.S. Department of Homeland Security (DHS) Counterintelligence (CI) Program is a Department-wide effort designed to detect, deter, and disrupt foreign intelligence threats directed at the United States. CI encompasses those activities that identify, deceive, exploit, disrupt, or protect against espionage, other intelligence activities, sabotage, or assassinations conducted for or on behalf of foreign powers, organizations, or persons, or their agents (including transnational criminal organizations and drug trafficking organizations conducting intelligence-related activities), or international terrorist organizations or activities, collectively hereinafter referred to as foreign intelligence entities (FIE).

The U.S. Department of Homeland Security (DHS) U.S. Immigration and Customs Enforcement (ICE) operates the ICE Angel Watch Program (AWP). The AWP mission is to proactively identify individuals who have been convicted of sexual crimes against children and have upcoming travel to a foreign country, in order to notify law enforcement and/or border security in the destination country.

S&T is conducting this Privacy Impact Assessment (PIA) to identify and mitigate privacy risks associated with DA-TC collecting, maintaining, and sharing personally identifiable information (PII) during research, development, testing, and evaluation (RDT&E) of advanced analytic and computational capabilities. This PIA also assesses the privacy risks associated with the two distinct computing environments: a physical on-premise environment and off-premise cloud environments.

This Privacy Impact Assessment (PIA) provides an in-depth analysis of the collection of information through the operation of the NCPS Core Infrastructure. CISA is in the process of developing separate PIAs to document the privacy implications for each of the NCPS’s capability areas (Intrusion Prevention, Intrusion Detection, Analytics, Core Infrastructure, and Information Sharing). Once published, these PIAs will eventually replace the currently published DHS/CISA/PIA-026 National Cybersecurity Protection System (NCPS).

The U.S. Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP), U.S. Border Patrol (USBP) conducts searches of electronic devices to identify violations of the laws CBP enforces and administers, including laws relating to the detection and apprehension of illicit goods and individuals entering and exiting the United States in between ports of entry (POE). Depending on the circumstances, CBP conducts searches of electronic devices pursuant to different legal authorities. CBP is publishing this Privacy Impact Assessment (PIA) update to analyze the privacy risks of expanded digital forensic tools and an enterprise-wide solution for managing and analyzing certain types of metadata that USBP collects from electronic devices across its digital forensic collection activities. In addition, this updated PIA will clarify that searches may be conducted pursuant to border search authority.

The U.S. Department of Homeland Security (DHS) Countering Weapons of Mass Destruction Office (CWMD) maintains the Medical and Public Health Information Sharing Environment (MPHISE) system. MPHISE is designed to provide a secure networking capability between DHS personnel and designated federal, state, local, territorial, tribal, and private sector medical and public health partners. This Privacy Impact Assessment (PIA) supports MPHISE to be used as a platform to enable information sharing across the extended medical and public health community in response to any chemical, biological, radiologic, and/or nuclear threat. Standard sharing includes anonymized health information, but in some cases, to be defined below, non-anonymized health data and sensitive personally identifiable information (SPII) will be shared.

The Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Federal Protective Service (FPS) is updating the Dispatch and Incident Record Management Systems (DIRMS) Privacy Impact Assessment (PIA).