AGENCY:

U.S. Customs and Border Protection, U.S. Department of Homeland Security.

ACTION:

Final rule.

SUMMARY:

The U.S. Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP), is issuing a final rule to amend its regulations to exempt portions of a newly established system of records titled “DHS/CBP-020 Export Information System (EIS) System of Records” from certain provisions of the Privacy Act. Specifically, the Department exempts portions of this system of records from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements.

DATES:

This final rule is effective January 18, 2023.

FOR FURTHER INFORMATION CONTACT:

For general questions please contact: Debra Danisek, Privacy.CBP@cbp.dhs.gov, (202) 344-1610, CBP Privacy Officer, U.S. Customs and Border Protection, 1300 Pennsylvania Avenue NW, Washington, DC 20229. For privacy issues please contact: Lynn Parker Dupree, (202) 343-1717, Chief Privacy Officer, Privacy Office, U.S. Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP), published a notice of proposed rulemaking in the Federal Register , 80 FR 53019, September 2, 2015, proposing to exempt portions of the system of records from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements. DHS issued the new “DHS/CBP-020 Export Information System (EIS) System of Records” in the Federal Register , 80 FR 53181, September 2, 2015, to provide notice of the records maintained by CBP concerning individuals who participate in exporting goods from the United States.

DHS/CBP invited comments on both the notice of proposed rulemaking (NPRM) and System of Records Notice (SORN).

II. Public Comments

DHS received one non-substantive comment on the NPRM and one non-substantive comment on the SORN. After consideration of the public comments, the Department will implement the rulemaking as proposed.

List of Subjects in 6 CFR Part 5

• Freedom of information
• Privacy

For the reasons stated in the preamble, DHS amends chapter I of title 6, Code of Federal Regulations, as follows:

PART 5—DISCLOSURE OF RECORDS AND INFORMATION

1. The authority citation for part 5 continues to read as follows:

Authority: 6 U.S.C. 101 et seq.;Pub. L. 107-296, 116 Stat. 2135; 5 U.S.C. 301; 6 U.S.C. 142; DHS Del. No. 13001, Rev. 01 (June 2, 2020).

Subpart A also issued under 5 U.S.C. 552.

Subpart B also issued under 5 U.S.C. 552a and 552 note.

2. In appendix C to part 5, add reserved paragraph 88 and paragraph 89 to read as follows:

Appendix C to Part 5—DHS Systems of Records Exempt From the Privacy Act

88. [Reserved]

89. The DHS/U.S. Customs and Border Protection (CBP)-020 Export Information System (EIS) System of Records consists of electronic and paper records and will be used by DHS and its components. CBP uses EIS to collect and process information to comply with export laws and facilitate legitimate international trade. CBP is charged with enforcing all U.S. export laws at the border and the exporting community is required to report export data to CBP that contains personally identifiable information (PII).

The Secretary of Homeland Security, pursuant to 5 U.S.C. 552a(j)(2), has exempted this system from the following provisions of the Privacy Act: 552a(c)(3); (e)(8); and (g)(1). Additionally, the Secretary of Homeland Security pursuant to 5 U.S.C. 552a(k)(2) has exempted records created during the background check and vetting process from the following provision of the Privacy Act, 5 U.S.C. 552a(c)(3).

Further, no exemption shall be asserted with respect to information maintained in the system as it relates to data submitted by or on behalf of a person who travels from the United States and crosses the border, nor shall an exemption be asserted with respect to the resulting determination (approval or denial). After conferring with the appropriate component or agency, DHS may waive applicable exemptions in appropriate circumstances and where it would not appear to interfere with or adversely affect the law enforcement purposes of the systems from which the information is recompiled or in which it is contained. Exemptions from these particular subsections are justified, on a case-by-case basis to be determined at the time a request is made, when information in this system of records may impede a law enforcement, intelligence-related, or national security investigation:

(a) From subsection (c)(3) (Accounting for Disclosures) because making available to a record subject the accounting of disclosures from records concerning him or her would specifically reveal any investigative interest in the individual. Revealing this information could reasonably be expected to compromise ongoing efforts to investigate a violation of U.S. law, including investigations of a known or suspected terrorist, by notifying the record subject that he or she is under investigation. This information could also permit the record subject to take measures to impede the investigation ( e.g., destroy evidence), intimidate potential witnesses, or flee the area to avoid or impede the investigation.

(b) From subsection (e)(8) (Notice on Individuals) because to require individual notice of disclosure of information due to compulsory legal process would pose an impossible administrative burden on DHS and other agencies and could alert the subjects of counterterrorism or law enforcement investigations to the fact of those investigations when not previously known.

(c) From subsection (g)(1) (Civil Remedies) to the extent that the system is exempt from other specific subsections of the Privacy Act.