The U.S. Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP), U.S. Border Patrol (USBP) conducts searches of electronic devices to identify violations of the laws CBP enforces and administers, including laws relating to the detection and apprehension of illicit goods and individuals entering and exiting the United States in between ports of entry (POE). Depending on the circumstances, CBP conducts searches of electronic devices pursuant to different legal authorities. CBP is publishing this Privacy Impact Assessment (PIA) update to analyze the privacy risks of expanded digital forensic tools and an enterprise-wide solution for managing and analyzing certain types of metadata that USBP collects from electronic devices across its digital forensic collection activities. In addition, this updated PIA will clarify that searches may be conducted pursuant to border search authority.

The U.S. Department of Homeland Security (DHS) Countering Weapons of Mass Destruction Office (CWMD) maintains the Medical and Public Health Information Sharing Environment (MPHISE) system. MPHISE is designed to provide a secure networking capability between DHS personnel and designated federal, state, local, territorial, tribal, and private sector medical and public health partners. This Privacy Impact Assessment (PIA) supports MPHISE to be used as a platform to enable information sharing across the extended medical and public health community in response to any chemical, biological, radiologic, and/or nuclear threat. Standard sharing includes anonymized health information, but in some cases, to be defined below, non-anonymized health data and sensitive personally identifiable information (SPII) will be shared.

The Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Federal Protective Service (FPS) is updating the Dispatch and Incident Record Management Systems (DIRMS) Privacy Impact Assessment (PIA).

The U.S. Department of Homeland Security (DHS) is leading efforts and coordinating across the federal government testing and evaluating technologies used to detect, identify, monitor, and, if needed, mitigate Unmanned Aircraft Systems (UAS) that pose a credible threat to covered facilities, assets, and other missions authorized to the it by law. These protective technologies are referred to as Counter-UAS (C-UAS). This Privacy Impact Assessment (PIA) discusses measures taken to mitigate privacy risks and protect personally identifiable information (PII) during DHS’s use of C-UAS technologies during testing, evaluation, and operational deployment.

Section 803 of the Implementing Recommendations of the 9/11 Commission Act of 2002 requires the DHS Privacy Office to report quarterly on the following activities: number and types of privacy reviews of Department actions undertaken; type of advice provided and the response given to such advice; and number and nature of privacy complaints received by DHS for alleged violations, along with a summary of the disposition of such complaints.

The Department of Homeland Security (DHS) U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement (ICE), as federal law enforcement agencies, are statutorily mandated to collect deoxyribonucleic acid (DNA) from certain individuals who come into their custody. CBP and ICE will begin to collect DNA from persons who are detained under the authority of the United States consistent with the DNA Fingerprint Act of 2005. To support this effort, the Federal Bureau of Investigations (FBI) Laboratory (“FBI Laboratory”) will provide Buccal Collection Kits to both CBP and ICE. CBP and ICE will use these kits collect the DNA via buccal cheek swab and will send the DNA samples to the FBI, which in turn will process them and store the resulting DNA profile in the FBI’s Combined DNA Index System (CODIS) National DNA Index System (NDIS) (CODIS/NDIS). NDIS contains DNA profiles contributed by federal and state agencies and participating forensic laboratories. CBP and ICE are conducting this joint Privacy Impact Assessment (PIA) to provide notice to the public of this biometric collection and to analyze the associated privacy risks. DHS is reissuing this PIA to note that CBP Office of Field Operations is expanding the minimum age for DNA collection from 18 to 14. July 2020

The U.S. Customs and Border Protection (CBP), Office of Professional Responsibility (OPR), Credibility Assessment Division (CAD) administers polygraph examinations as part of the hiring process for CBP Officers and Agents to assist in determining suitability for employment, and in support of internal and counterintelligence investigations. CAD uses the Credibility Assessment and Polygraph Services (CAPS) system in support of its polygraph examination program. CBP is conducting this Privacy Impact Assessment (PIA) on CAPS because the system ingests, uses, and maintains personally identifiable information (PII) from members of the public who are candidates for law enforcement positions with CBP or a partner agency.

The U.S. Department of Homeland Security’s (DHS) Office of Biometric Identity Management (OBIM) operates the Technical Reconciliation Analysis Classification System (TRACS), an information management tool used for reporting and analysis of the Automated Biometric Identification System (IDENT) records to support OBIM’s information sharing coordination activities with external agencies and foreign partners. These partners are charged with national security, immigration, or law enforcement responsibilities. OBIM is retiring and reissuing the previously published Privacy Impact Assessment (PIA) to identify new functionality supported by TRACS.

DHS receives a copy of the Terrorist Screening Database (TSDB), the U.S. Government’s consolidated database maintained by the Department of Justice (DOJ) Federal Bureau of Investigation (FBI) Terrorist Screening Center (TSC), to facilitate DHS mission-related functions, such as counterterrorism, law enforcement, border security, and inspection activities. In July 2010, DHS launched an improved method of transmitting TSDB data from TSC to DHS through a service called the DHS Watchlist Service (WLS). WLS maintains a synchronized copy of the TSDB, which contains personally identifiable information (PII) and disseminates TSDB records it receives to authorized DHS Components. DHS is updating this Privacy Impact Assessment (PIA) to add the United States Citizenship and Immigration Services (USCIS) Fraud Detection and National Security-Data System (FDNS-DS) as an authorized recipient of TSDB data via the WLS. 

U.S. Citizenship and Immigration Services (USCIS) oversees lawful immigration to the United States and is responsible for processing petitions, applications, and other requests for immigration benefits and requests. Executive Order 13780, "Protecting the Nation from Foreign Terrorist Entry into the United States" requires the U.S. Department of Homeland Security (DHS) to collect standard data on immigration forms and in case management systems. USCIS is now updating this Privacy Impact Assessment (PIA) to provide notice of USCIS updating certain immigration forms and associated systems, such as the Case and Activity Management for International Operations (CAMINO), in support of the Executive Order 13780. Upon publication of this PIA, CAMINO will collect additional biographic and social media data elements necessary for identity verification, vetting, public safety, and national security screening. Additionally, USCIS is updating this PIA to clarify that the entire Refugee, Asylum, and International Operations (RAIO) Directorate now uses CAMINO and to update appendices to include new source and interconnected systems. This PIA update evaluates the privacy risks and mitigations associated with these changes including the collection, use, and maintenance of additional personally identifiable information (PII).