[Federal Register Volume 76, Number 124 (Tuesday, June 28, 2011)]
[Pages 37823-37824]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-16160]



Office of the Secretary

Published Privacy Impact Assessments on the Web

AGENCY: Privacy Office, DHS.

ACTION: Notice of Publication of Privacy Impact Assessments (PIA).


SUMMARY: The Privacy Office of the DHS is making available ten PIAs on 
various programs and systems in the Department. These assessments were 
approved and published on the Privacy Office's Web site between March 
31, 2011 and May 31, 2011.

DATES: The PIAs will be available on the DHS Web site until August 29, 
2011, after which they may be obtained by contacting the DHS Privacy 
Office (contact information below).

FOR FURTHER INFORMATION CONTACT: Mary Ellen Callahan, Chief Privacy 
Officer, Department of Homeland Security, Washington, DC 20528, or e-
mail: [email protected].

SUPPLEMENTARY INFORMATION: Between March 31, 2011 and May 31, 2011, the 
Chief Privacy Officer of the DHS approved and published ten Privacy 
Impact Assessments (PIAs) on the DHS Privacy Office Web site, http://www.dhs.gov/privacy, under the link for ``Privacy Impact Assessments.'' 
These PIAs cover ten separate DHS programs. Below is a short summary of 
those programs, indicating the DHS component responsible for the 
system, and the date on which the PIA was approved. Additional 
information can be found on the Web site or by contacting the Privacy 
    System: DHS/USCG/PIA-016 College Board Requirement Plus (CBRP).
    Component: United States Coast Guard (USCG).
    Date of approval: April 1, 2011.
    DHS United States Coast Guard Academy (USCGA or Academy) uses 
College Board's Recruitment PLUSTM (Recruitment PLUS) 
software application for college admissions and enrollment activities. 
The Recruitment PLUS system does the following things:
    1. Collects and stores prospective applicants' biographic and 
educational data,
    2. Collects USCGA admissions staff's and volunteers' biographical 
    3. Facilitates and tracks the application process, and
    4. Aligns admissions staff and volunteers to prospective 
    The purpose of this PIA is to document how Recruitment Plus 
collects and uses personally identifiable information (PII).
    System: DHS/NPPD/PIA-012 Critical Infrastructure Warning 
Information Network (CWIN).
    Component: National Protection & Programs Directorate (NPPD).
    Date of approval: April 11, 2011.
    The CWIN system has undergone a PIA 3-Year Review requiring no 
changes and continues to accurately relate to its stated mission. DHS 
NPPD examined the privacy implications for CWIN. DHS is responsible for 
protecting the national infrastructures and responsible for ensuring 
that in the event cyber or physical infrastructures are compromised, 
there is a means to collaborate and coordinate the necessary resources 
to restore impacted infrastructures. The mission of CWIN is to 
facilitate immediate alert, notification, sharing and collaboration of 
critical infrastructure and cyber information within and between 
Government and industry partners. CWIN provides a technologically 
advanced, secure network for communication and collaboration, and alert 
and notification. CWIN is DHS' only survivable, critical communications 
tool not dependent on the Public Switch Network or the public Internet 
that can communicate both data and voice information in a collaborative 
environment in support of infrastructure restoration. CWIN provides a 
survivable, dependable method of communication allowing DHS to 
communicate with other Federal agencies, state and local government, 
the private sector, and international organizations in the event that 
primary methods of communication are unavailable.
    CWIN members belong to one of the vital sectors of the national 
infrastructure as named in the National Response Plan, appears in the 
Interim National Infrastructure Protection Plan, or are a state 
Homeland Security Advisor. Only CWIN members have access to CWIN. CWIN 
membership is by invitation only, with invitations issued from the 
Infrastructure Coordination Division Director through a contractor. The 
CWIN operation consists of the collection of point of contact 
information for administrative purposes, and the placement of a CWIN 
terminal at member locations. Should an event occur where traditional 
communication methods are not operable, CWIN provides a communication 
method between key infrastructure sites across the country.
    System: DHS/NPPD/PIA-009 Chemical Facility Anti-Terrorism Standards 
(CFATS) Personnel Surety Program.
    Component: NPPD.
    Date of approval: May 4, 2011.
    The DHS/NPPD/Office of Infrastructure Protection (IP)/
Infrastructure Security Compliance Division (ISCD) is conducting this 
PIA to detail the privacy impact associated with the CFATS Personnel 
Surety Program and the required security assessments performed by high-
risk chemical facilities in fulfillment of Risk-Based Performance 
Standard  12 (6 CFR 27.230(a)(12)). This PIA describes the 
procedures for submitting PII on individuals impacted by this program 
to NPPD, and also describes NPPD's uses of that PII.
    System: DHS/S&T/PIA-022 Biodefense Knowledge Management System v. 
2.0 (BKMS).
    Component: Science & Technology (S&T).
    Date of approval: May 4, 2011.
    DHS S&T Biodefense Knowledge Center (BKC) developed and operates 
the BKMS. The current generation of the BKMS, version 1.0, enables 
approved users to access and analyze biological sciences topics and 
related biodefense information to assist with their efforts to better 
understand or characterize biological threats, by offering an 
integrated suite of tools for managing and indexing scientific 
documents and information. In BKMS 2.0, S&T intends to add a component 
to the system to include data derived from the intelligence community 
(IC) and law enforcement (LE)-sensitive data. S&T is conducting this 
PIA because such an

[[Page 37824]]

addition will allow for a new function of the system for selected BKMS 
users, who are authorized to explore IC/LE data (which may contain 
    System: DHS/TSA/PIA-033 Enterprise Search Portal (ESP).
    Component: Transportation Security Administration (TSA).
    Date of approval: May 5, 2011.
    DHS TSA is implementing a search capability to enable authorized 
users to search or discover data held by separate databases within TSA. 
The search function will be known as the ESP. TSA is conducting this 
PIA to assess privacy impacts associated with this capability to search 
across multiple databases. The systems being searched are covered by 
other PIAs or are otherwise compliant with the E-Government Act of 
    System: DHS/USCIS/PIA-030(b) E-Verify RIDE Update.
    Component: United States Citizenship and Immigration Services 
    Date of approval: May 6, 2011.
    USCIS Verification Division has developed a new enhancement to the 
E-Verify Program entitled Records and Information from Department of 
Motor Vehicles for E-Verify (RIDE). RIDE enhances the integrity of the 
E-Verify Program by verifying information from the most commonly 
presented identity documents (e.g. employee's driver's license, 
driver's permit, or state-issued identification card) for employment 
authorization, when the issuing state or jurisdiction of those 
documents has established a Memorandum of Agreement with the DHS to 
participate in RIDE. USCIS is conducting this PIA update to assess the 
privacy risks and mitigation strategies for this new enhancement.
    System: DHS/TSA/PIA-034 Enterprise Performance Management Platform 
    Component: TSA.
    Date of approval: May 10, 2011.
    TSA EPMP is designed to assist in performing security management 
functions using a wide variety of data associated with security, 
equipment, and screening processes from TSA's security activities. EPMP 
will now maintain PII about members of the public in excess of basic 
contact information, which requires TSA to conduct a new PIA. This PIA 
focuses on the portions of EPMP using PII.
    System: DHS/USCG/PIA-004 Law Enforcement Information Data Base 
    Component: USCG.
    Date of approval: May 11, 2011.
    The LEIDB/Pathfinder system has undergone a PIA 3-Year Review 
requiring no changes and continues to accurately relate to its stated 
mission. USCG, a component of DHS established the LEIDB/Pathfinder. 
LEIDB/Pathfinder archives text messages prepared by individuals engaged 
in USCG law enforcement, counter terrorism, maritime security, maritime 
safety and other USCG missions enabling intelligence analysis of field 
reporting. USCG has conducted this PIA because the LEIDB/Pathfinder 
system collects and uses PII.
    System: DHS/TSA/PIA-001 Vetting and Credentialing Screening Gateway 
System (CSG) .
    Component: TSA.
    Date of approval: May 18, 2011.
    The CSG system has undergone a PIA 3-Year Review and requires an 
update to accurately relate to its stated mission. The Consolidated 
Screening Gateway is the system of hardware, software and 
communications infrastructure used by the Transportation Security 
Administration to conduct security threat assessments on various 
transportation workers and other populations related to transportation.
    System: DHS/ICE/PIA-015(b) Enforcement Integrated Database (EID) 
ENFORCE Alien Removal Module (EARM 3.0) Update.
    Component: Immigration and Customs Enforcement (ICE).
    Date of approval: May 20, 2011.
    The EID is a DHS shared common database repository for several DHS 
law enforcement and homeland security applications. EID, which is owned 
and operated by U.S. ICE, captures and maintains information related to 
the investigation, arrest, booking, detention, and removal of persons 
encountered during immigration and criminal law enforcement 
investigations and operations conducted by ICE, U.S. Customs and Border 
Protection (CBP), and USCIS, agencies within DHS. DHS personnel access 
the data in EID using the ENFORCE suite of software applications: 
ENFORCE Apprehension Booking Module (EABM), ENFORCE Alien Detention 
Module (EADM), and ENFORCE Alien Removal Module (EARM). The PIA for EID 
was published in January 2010 and last updated in September 2010. ICE 
is now deploying an upgrade to the ENFORCE applications, referred to as 
EARM version 3.0 (EARM 3.0), to merge two of the ENFORCE applications, 
and to modify the data collected by DHS, the capabilities of the 
software, and certain system interfaces. These changes require an 
update to the EID PIA.

    Dated: June 20,2011.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2011-16160 Filed 6-27-11; 8:45 am]