AGENCY:

Privacy Office, DHS.

ACTION:

Notice of proposed rulemaking.

SUMMARY:

The Department of Homeland Security (DHS), U.S. Immigration and Customs Enforcement, is giving concurrent notice of a new system of records pursuant to the Privacy Act of 1974 for the U.S. Immigration and Customs Enforcement Visa Security Program Records (VSPR) and this proposed rulemaking. In this proposed rulemaking, the Department proposes to exempt portions of the system of records from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements.

DATES:

Comments must be received on or before October 30, 2009.

ADDRESSES:

You may submit comments, identified by DHS-2009-0105 by one of the following methods:

• Federal e-Rulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• Fax: 703-483-2999.
• Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy Office, U.S. Department of Homeland Security, Washington, DC 20528.
• Instructions: All submissions received must include the agency name and docket number for this rulemaking. All comments received will be posted without change to http://www.regulations.gov,, including any personal information provided.
• Docket: For access to the docket to read background documents or comments received go to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT:

Lyn Rahilly, (202-732-3300), Privacy Officer, U.S. Immigration and Customs Enforcement, 500 12th Street, SW., Washington, DC 20536; or Mary Ellen Callahan, (703-235-0780), Chief Privacy Officer, Privacy Office, U.S. Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

The Visa Security Program Records (VSPR) system of records is owned and maintained by the ICE Office of International Affairs (OIA). It consists of paper and electronic records created in support of the Visa Security Program, the purpose of which is to identify persons who may be ineligible for a U.S. visa because of criminal history, terrorism association, or other factors and convey that information to the State Department, which decides whether to issue the visa. VSPR contains records on visa applicants for whom a visa security review is conducted. The Visa Security Program Tracking System (VSPTS-Net) is a new OIA application scheduled to deploy in September 2009 that supports the management of ICE's Visa Security Program. ICE Special Agents use VSPTS-Net to record, track, and manage all visa security reviews performed by ICE. The VSPR system of records describes records maintained in VSPTS-Net and associated paper records.

In support of Section 428 of the Homeland Security Act of 2002, ICE deploys agents to U.S. embassies and consulates (“consular posts”) in high-risk areas worldwide to conduct security reviews of visa applications. ICE agents assigned to the Visa Security Program examine visa applications, initiate investigations of applicants who may be ineligible for a visa, coordinate with other law enforcement entities, and provide advice and training to the State Department staff. Through its Visa Security Program, ICE also participates in the Security Advisory Opinion (SAO) process, which is a U.S. Government mechanism to coordinate third-agency checks on visa applicants about whom the State Department has security-related concerns. Upon request from the State Department, ICE provides information from DHS record systems about visa applicants who are selected to undergo the SAO process. The State Department in turn provides the results of SAO checks to consular officers to aid in adjudicating visa applications. Like the ICE Special Agents located at consular posts abroad, ICE agents and analysts supporting SAO operations identify persons who may be ineligible for a U.S. visa because of criminal history, terrorism association, or other factors and convey that information to the State Department, which decides whether to issue the visa.

VSPTS-Net will be used to support the Visa Security Program activities described above by recording, tracking, and managing the SAOs and visa security reviews and documenting the results that are communicated to the State Department. VSPTS-Net will provide ICE agents with an intranet-based application that manages the workflow associated with visa security reviews and will provide the necessary analytical, reporting and data storage capabilities. VSPTS-Net will also allow users (ICE employees and contractors) to records relevant visa application data, derogatory information about applicants, visa recommendation data. It also supports the generation of performance metrics for the Visa Security program as a whole. Ultimately, the system helps the Visa Security Program and the State Department prevent known and suspected terrorists, criminals, and other ineligible persons from obtaining U.S. visas. A PIA was conducted on VSPTS-Net because it is a new system that will maintain PII information. The VSPTS-Net PIA is available on the Department of Homeland Security (DHS) Privacy Office Web site at http://www.dhs.gov/​privacy.

The DHS/ICE-012 VSPR system of records will collect, use, disseminate, and maintain PII on persons who apply for a visa and undergo a visa security review. This collection of this information is necessary for ICE to conduct visa security reviews and to provide the State Department with a visa recommendation and/or information that is relevant to the applicant's eligibility for a visa under Federal law.

Consistent with DHS's information sharing mission, information stored in the VSPR system of records may be shared with other DHS components, as Start Printed Page 50149well as appropriate Federal, State, local, Tribal, foreign, or international government agencies. This sharing will only take place after DHS determines that the receiving component or agency has a need-to-know the information to carry out national security, law enforcement, immigration, intelligence, or other functions consistent with the routine uses set forth in the VSPR system of records notice, also published in this issue of the Federal Register.

II. Privacy Act

In this notice of proposed rulemaking, DHS now is proposing to exempt DHS/ICE-012 VSPR, in part, from certain provisions of the Privacy Act. The Privacy Act embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses, and disseminates personally identifiable information. The Privacy Act applies to information that is maintained in a “system of records.” A “system of records” is a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual. Individuals may request their own records that are maintained in a system of records in the possession or under the control of DHS by complying with DHS Privacy Act regulations, 6 CFR part 5.

The Privacy Act requires each agency to publish in the Federal Register a description of the type and character of each system of records that the agency maintains, and the routine uses that are contained in each system in order to make agency recordkeeping practices transparent, to notify individuals regarding the uses to which personally identifiable information is put, and to assist individuals in finding such files within the agency. The Privacy Act also allows Government agencies to exempt certain records from the access and amendment provisions. If an agency claims an exemption, however, it must issue a notice of proposed rulemaking to make clear to the public the reasons why a particular exemption is claimed.

DHS is claiming exemptions from certain requirements of the Privacy Act for VSPR. Some information in VSPR relates to official DHS national security, law enforcement, and intelligence activities. These exemptions are needed to protect information relating to DHS activities from disclosure to subjects of inquiry or others related to these activities. Specifically, the exemptions are required to preclude subjects of these activities from frustrating these processes; to avoid disclosure of law enforcement sensitive information and investigative techniques; to protect the identities and physical safety of confidential informants and of border management and law enforcement personnel; to ensure DHS's ability to obtain information from third parties and other sources; to protect the privacy of third parties; and to safeguard classified information. Disclosure of information to the subject of the inquiry could also permit the subject to frustrate the purpose of the visa review process or to avoid detection or apprehension.

The exemptions proposed here are standard law enforcement and national security exemptions exercised by a large number of Federal law enforcement and intelligence agencies. In appropriate circumstances, where compliance would not appear to interfere with or adversely affect the law enforcement purposes of this system and the overall law enforcement process, the applicable exemptions may be waived on a case by case basis.

A notice of system of records for the Department's VSPR system is also published in this issue of the Federal Register.

List of Subjects in 6 CFR Part 5

• Freedom of information; Privacy

For the reasons stated in the preamble, DHS amends Chapter I of Title 6, Code of Federal Regulations, as follows:

PART 5—DISCLOSURE OF RECORDS AND INFORMATION

1. The authority citation for Part 5 continues to read as follows:

Authority: Pub. L. 107-296, 116 Stat. 2135, 6 U.S.C. 101 et seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.

2. At the end of Appendix C to Part 5, add the following new paragraph “41” to read as follows:

Appendix C to Part 5—DHS Systems of Records Exempt From the Privacy Act

41. The Visa Security Program Records (VSPR) system of records consists of electronic and paper records and will be used by the Department of Homeland Security (DHS) U.S. Immigration and Customs (ICE). VSPR consists of information created in support of the Visa Security Program, the purpose of which is to identify persons who may be ineligible for a U.S. visa because of criminal history, terrorism association, or other factors and convey that information to the State Department, which decides whether to issue the visa. VSPR contains records on visa applicants for whom a visa security review is conducted. VSPR contains information that is collected by, on behalf of, in support of, or in cooperation with DHS and its components and may contain personally identifiable information collected by other Federal, State, local, Tribal, foreign, or international government agencies. Pursuant to exemption 5 U.S.C. 552a(j)(2) of the Privacy Act, portions of this system are exempt from 5 U.S.C. 552a(c)(3) and (4); (d); (e)(1), (e)(2), (e)(3), (e)(4)(G), and (e)(4)(H), (e)(5) and (e)(8); (f); and (g). Pursuant to 5 U.S.C. 552a(k)(1) and (k)(2), this system is exempt from the following provisions of the Privacy Act, subject to the limitations set forth in those subsections: 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (e)(4)(H), and (f). Exemptions from these particular subsections are justified, on a case-by-case basis to be determined at the time a request is made, for the following reasons:

(a) From subsection (c)(3) and (4) (Accounting for Disclosures) because release of the accounting of disclosures could alert the individual to the existence of an investigation in the form of a visa security review predicated on classified, national security, law enforcement, foreign government, or other sensitive information. Disclosure of the accounting would therefore present a serious impediment to ICE's Visa Security Program, immigration enforcement efforts and/or efforts to preserve national security. Disclosure of the accounting would also permit the individual who is the subject of a record to impede the investigation, thereby undermining the entire investigative process.

(b) From subsection (d) (Access to Records) because access to the records contained in this system of records could alert the individual to the existence of an investigation in the form of a visa security review predicated on classified, national security, law enforcement, foreign government, or other sensitive information. Revealing the existence of an otherwise confidential investigation could also provide the visa applicant an opportunity to conceal adverse information or take other actions that could thwart investigative efforts; and reveal the identity of other individuals with information pertinent to the visa security review thereby providing an opportunity for the applicant to interfere with the collection of adverse or other relevant information from such individuals. Access to the records would therefore present a serious impediment to the enforcement of Start Printed Page 50150Federal immigration laws, law enforcement efforts and/or efforts to preserve national security. Amendment of the records could interfere with ICE's ongoing investigations and law enforcement activities and would impose an impossible administrative burden by requiring investigations to be continuously reinvestigated. In addition, permitting access and amendment to such information could disclose classified and other security-sensitive information that could be detrimental to national or homeland security.

(c) From subsection (e)(1) (Relevancy and Necessity of Information) because in the course of investigations of visa applications, the accuracy of information obtained or introduced occasionally may be unclear or the information may not be strictly relevant or necessary to a specific investigation. In the interests of effective enforcement of Federal immigration laws, it is appropriate to retain all information that may be relevant to the determination whether an individual is eligible for a U.S. visa.

(d) From subsection (e)(2) (Collection of Information from Individuals) because requiring that information be collected from the visa applicant would alert the subject to the fact of an investigation in the form of a visa security review, and to the existence of adverse information about the individual, thereby interfering with the related investigation and law enforcement activities.

(e) From subsection (e)(3) (Notice to Subjects) because providing such detailed information would impede immigration enforcement activities in that it could compromise investigations by: Revealing the existence of an otherwise confidential investigation and thereby provide an opportunity for the visa applicant to conceal adverse information, or take other actions that could thwart investigative efforts; reveal the identity of other individuals with information pertinent to the visa security review thereby providing an opportunity for the applicant to interfere with the collection of adverse or other relevant information from such individuals; or reveal the identity of confidential informants, which would negatively affect the informant's usefulness in any ongoing or future investigations and discourage members of the public from cooperating as confidential informants in any future investigations.

(f) From subsections (e)(4)(G) and (H) (Agency Requirements), and (f) (Agency Rules) because portions of this system are exempt from the individual access provisions of subsection (d) for the reasons noted above, and therefore DHS is not required to establish requirements, rules, or procedures with respect to such access. Providing notice to individuals with respect to existence of records pertaining to them in the system of records or otherwise setting up procedures pursuant to which individuals may access and view records pertaining to themselves in the system would undermine investigative and immigration enforcement efforts as described above.

(g) From subsection (e)(5) (Collection of Information) because in the collection of information for law enforcement purposes it is impossible to determine in advance what information is accurate, relevant, timely, and complete. Compliance with (e)(5) would preclude DHS agents from using their investigative training and exercise of good judgment to both conduct and report on investigations.

(h) From subsection (e)(8) because to require individual notice of disclosure of information due to compulsory legal process would pose an impossible administrative burden on DHS and other agencies and could alert the subjects of counterterrorism, law enforcement, or intelligence investigations to the fact of those investigations when not previously known.

(i) From subsection (g) to the extent that the system is exempt from other specific subsections of the Privacy Act relating to individuals' rights to access and amend their records contained in the system. Therefore DHS is not required to establish rules or procedures pursuant to which individuals may seek a civil remedy for the agency's: Refusal to amend a record; refusal to comply with a request for access to records; failure to maintain accurate, relevant timely and complete records; or failure to otherwise comply with an individual's right to access or amend records.