Browse: Departments   Dates   Agencies  

Docket ID: [Docket Number: DHS-2007-0016]

NOTICE: NOTICES

DOCUMENT ACTION: Notice of Privacy Act system of records.

SUBJECT CATEGORY: Privacy Act of 1974; U.S. Customs and Border Protection--Non- Federal Entity Data System, Systems of Records

DATES: Comments must be provided by August 25, 2008. The new system of records will be effective August 25, 2008.

DOCUMENT SUMMARY: In accordance with the Privacy Act of 1974, U.S. Customs and Border Protection, Department of Homeland Security proposes to add the following system of records to its inventory of records systems, the NonFederal Entity Data System. Certain States, Native American Tribes, Canadian Provinces and Territories, and other nonFederal Governmental Authorities may make available travel documents, such as Enhanced Driver's Licenses (EDLs), that may be deemed by the Secretary of DHS as denoting identity and citizenship for purposes of the Western Hemisphere Travel Initiative (WHTI), upon implementation, as mandated by the Intelligence Reform and Terrorism Prevention Act of 2004, Pub. L. 108458, 118 Stat. 3638 (2004). It is anticipated that all such documents will utilize facilitative technology such as Radio Frequency Identification (RFID), and contain a Machine Readable Zone (MRZ) using Optical Character Recognition (OCR) technology. In certain instances, other nonfederal and foreign government authorities may provide to CBP biographical information and photographs that have been voluntarily submitted to the issuing entity by individuals choosing to apply for such travel documents, with the understanding that this information will be provided to DHS and CBP. DHS will use this information to facilitate the validation of travel documents when an individual crosses the border.

SUMMARY: Privacy Act; Systems of Records,

SUPPLEMENTAL INFORMATION

The priority mission of U.S. Customs and Border Protection (CBP) is to prevent terrorists and terrorist weapons from entering the country while facilitating legitimate travel and trade. In response to this mission, Congressionally mandated, and as part of its efforts to secure the border, CBP and the Department of Homeland Security (DHS) plan to implement the Western Hemisphere Travel Initiative (WHTI), which eliminates a historical exemption that allowed certain travelers, notably U.S. and Canadian citizens, to enter the United States from within the Western Hemisphere without presenting a valid passport or other approved travel document. In advance of full WHTI implementation, DHS is working to close existing security gaps at the earliest possible opportunity, such as the implementation of new procedures for U.S. and Canadian citizens entering the U.S. that became effective January 31, 2008, and to prepare new secure travel document requirements that are expected to go into effect upon full WHTI implementation on June 1, 2009.

To facilitate border crossing for their citizens, certain states, Native American tribes, Canadian provinces and territories and other nonfederal governmental authorities may make available to CBP biographical information and photographs associated with travel documents, such as Enhanced Driver's Licenses (EDLs). EDLs utilize facilitative technology such as RFID and contain a Machine Readable Zone (MRZ) using Optical Character Recognition (OCR) technology; they denote both identity and citizenship for bordercrossing purposes. In certain instances, nonfederal governmental authorities are choosing to provide to CBP biographical information and photographs that applicants for EDLs or similar travel documents have provided voluntarily to the issuing entity, with the understanding that such information will be stored by CBP for purposes of facilitating the document holder's crossing of the border. When a traveler presents such a document for purposes of entering the United States, CBP may validate this document and the information provided by the traveler, against the information provided to CBP by the issuing authority. Therefore, in accordance with the Privacy Act of
[[Page 43463]]
1974, the Department of Homeland Security, U.S. Customs and Border Protection, proposes to add the following system of records to its inventory of records systems, the NonFederal Entity Data System (NEDS).

II. Current Process for Border Crossing

Upon arrival, all individuals crossing the border are required to submit to inspection and be cleared for admission by CBP. As part of this clearance process, each traveler entering the United States must first establish his or her identity, nationality/citizenship, and admissibility to the satisfaction of a CBP officer. Additionally, CBP records the fact that the individual has been admitted or paroled into the United States. This record is maintained in a newly created Privacy Act System of Records, Border Crossing Information (BCI), which is being concurrently published in today's Federal Register. DHS has determined that certain border crossing travel documents enabled with RFID, MRZ and OCR technology will be accepted as proof of identity and citizenship and, further, may be accepted as WHTIcompliant travel documents upon implementation of WHTI.

The purpose of the NonFederal Entity Data System (NEDS) is to have available to the CBP officer at the border the data related to certain border crossing travel documents. This will enable the CBP officer to quickly access the traveler's biographic information and photograph, when the traveler presents his or her border crossing travel document, to validate the authenticity of the travel document. Certain non federal governmental authorities will choose to provide CBP with a copy of information derived from their EDL (or other traveler document) database, that denotes identity and citizenship, and can be used by CBP to validate the travel document. The datasets from each issuing authority will be kept separately such that information from one issuing authority is not commingled with another's information.

CBP may electronically validate the following information, where available, and record this information as part of the traveler's border crossing record: Full name (first, middle, and last), date of birth, gender, travel document type (e.g., EDL) and number or identifier, expiration date, issuing country or jurisdiction, country of citizenship, and photograph (when available). Where the issuing entity provides CBP with an advance copy of information from their travel document database, that data will be maintained in NEDS.

Upon arrival at the border, a person presenting proof of identity or citizenship issued by a nonfederal governmental authority will have the identifier associated with her or his border crossing travel document read by the appropriate technology, such as an RFID reader, or the document information will be read using the MRZ or will be entered manually by the CBP officer. The identifier associated with this travel document will be transmitted through secure CBP computer networks to NEDS, where the unique number will be associated with the respective biographic information and photograph held in that system. The associated biographic information and photograph is then transmitted back through secure CBP computer networks to the port of entry and inspection terminal where the border crossing travel document was first read for confirmation that the document is a valid document and belongs to the person presenting the document to the CBP officer.

In cases where a traveler presents a federally issued travel document, such as a Visa, Passport or Passport card, or Border Crossing Card (BCC) issued by Department of State, or an I551 Permanent Resident Card issued by U.S. Citizenship and Immigration Services (USCIS), DHS will validate the travel document through the use of systems or databases other than NEDS. NEDS is only employed when the travel document is issued by a nonfederal government authority and that authority has provided CBP with advance information for purposes of validating such documents at the time of a U.S. border crossing. The data housed in NEDS is then used to populate biographical data fields contained in two other CBP systems, BCI (to record the entry of a traveler into the United States) and, where applicable, the Treasury Enforcement Communications System (TECS) (in the event some enforcement action is taken with regard to that traveler).

The traveler information held in NEDS is used by CBP to facilitate implementation of its mandates pursuant to the Enhanced Border Security and Visa Reform Act of 2002, Aviation and Transportation Security Act of 2001, the Intelligence Reform and Terrorism Prevention Act of 2004, the Tariff Act of 1930, as amended (19 U.S.C. 66, 1433, 1459, 1624, and 2071), and the Immigration and Nationality Act, as amended (8 U.S.C. 1185).

The information held within NEDS will be maintained and used in accordance with the individual memorandum of understanding/agreement with each issuing authority.

III. Privacy Act

The Privacy Act embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses and disseminates personally identifiable information. The Privacy Act applies to information that is maintained in a ``system of records.'' A ``system of records'' is a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual. In the Privacy Act, an individual is defined to encompass United States citizens and lawful permanent residents. DHS extends administrative Privacy Act protections to all persons, whether they are U.S. citizens, lawful permanent residents, or nonimmigrant aliens. The NonFederal Entity Data System involves the collection of information that will be maintained in a system of records.

The Privacy Act requires each agency to publish in the Federal Register a description denoting the type and character of each system of records that the agency maintains, and the routine uses that are applicable to each system to make agency recordkeeping practices transparent, to notify individuals regarding the uses to which personally identifiable information is put, and to assist the individual to more easily find such files within the agency.

In consideration of privacy, CBP has limited the sharing of NEDS data to the statutory disclosures permitted under 5 U.S.C. 552a(b) of the Privacy Act, and has chosen not to publish any routine uses pursuant to 5 U.S.C. 552a(b)(3). This provides an individual possessing an approved travel document, such as EDL, whose data is shared with CBP prior to crossing the border with a similar level of privacy as the individual whose data is shared at the time of crossing with CBP.

DHS is hereby publishing a description of the NonFederal Entity Data System, system of records. In accordance with 5 U.S.C. 552a(r), a report concerning this record system has been sent to the Office of Management and Budget and to the Congress.
DHS/CBP008

FOR FURTHER INFORMATION CONTACT For general questions please contact: Laurence E. Castelli (2025728790), Chief, Privacy Act Policy and Procedures Branch, U.S. Customs and Border Protection, Office of International Trade, Regulations & Rulings, Mint Annex, 1300 Pennsylvania Ave., NW., Washington, DC 20229. For privacy issues contact: Hugo Teufel III (7032350780), Chief Privacy Officer, Privacy Office, U.S. Department of Homeland Security, Washington, DC 20528.