Privacy Act; Systems of Records

Federal Register: August 5, 2009 (Volume 74, Number 149)

Notices

Page 39083-39087

From the Federal Register Online via GPO Access [wais.access.gpo.gov]

DOCID:fr05au09-84

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

Docket No. DHS-2009-0050

Privacy Act of 1974: U.S. Immigration and Customs Enforcement-- 005 Trade Transparency Analysis and Research (TTAR) System of Records

AGENCY: Privacy office, DHS.

ACTION: Notice of privacy act system of records.

SUMMARY: U.S. Immigration and Customs Enforcement (ICE) is re- publishing the system of records notice (SORN) for the Trade

Transparency Analysis and Research (TTAR) system. No comments were received through the Federal Register comment procedure. TTAR contains trade and financial data that is analyzed to generate leads for and otherwise support ICE investigations of trade-based money laundering, contraband smuggling, trade fraud, and other financial crimes. The data in TTAR is generally maintained in the ICE Data Analysis and Research

Trade Transparency System (DARTTS), a software application and data repository that conducts analysis of trade and financial data to identify statistically anomalous transactions that may warrant investigation for money laundering or other import-export crimes.

Additionally, a Privacy Impact Assessment for DARTTS has been posted on the Department's privacy Web site. (See www.dhs.gov/privacy and follow the link to ``Privacy Impact Assessments.'') A final rule is also being published in this issue of the Federal Register in which the Department exempts portions of this system of records from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements.

DATES: The established system of records was effective as of December 1, 2008, based upon the prior TTAR system of records notice published on October 31, 2008.

ADDRESSES: You may submit comments, identified by docket number DHS- 2009-0050 by one of the following methods:

Federal e-Rulemaking Portal: http://www.regulations.gov.

Follow the instructions for submitting comments.

Fax: 703-483-2999.

Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy

Office, Department of Homeland Security, Washington, DC 20528.

Instructions: All submissions received must include the agency name and docket number for this rulemaking. All comments received will be posted without change to http://www.regulations.gov, including any personal information provided.

Docket: For access to the docket, to read background documents, or comments received go to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Lyn Rahilly, Privacy Officer, (202- 732-3300), U.S. Immigration and Customs Enforcement, 500 12th Street,

SW., Washington, DC 20024, e-mail: ICEPrivacy@dhs.gov, or Mary Ellen

Callahan (703-235-0780), Chief Privacy Officer, Privacy Office, U.S.

Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

The Trade Transparency Analysis and Research (TTAR) system of records is owned by the ICE Office of Investigations Trade Transparency

Unit (TTU) and is maintained for the purpose of enforcing criminal laws pertaining to trade through trade transparency. Trade transparency is the concept of examining U.S. and foreign trade data to identify anomalies in patterns of trade. Such anomalies can indicate trade-based money laundering or other import-export crimes that ICE is responsible for investigating, such as contraband smuggling, trafficking of counterfeit goods, misclassification of goods, and the over- or under- valuation of goods to hide the proceeds of illegal activities. TTAR contains trade and financial data received from U.S. Customs and Border

Protection (CBP), U.S. Department of the Treasury Financial Crimes

Enforcement Network (FinCEN), other Federal agencies and foreign governments. TTAR data is primarily related to international commercial trade and contains little information on the normal day-to-day activities of individual consumers.

As part of the trade transparency investigative process, ICE investigators and analysts must understand the relationships between importers and exporters and the financing for a set of trade transactions to determine which transactions are suspicious and warrant investigation. If performed manually, this process often involves hours of analysis of voluminous data for a particular case or operation. To automate and expedite this process, the former U.S. Customs Service created the Data Analysis and Research Trade Transparency System

(DARTTS), a software application and data repository that conducts analysis of trade and financial data to identify statistically anomalous transactions that may warrant investigation for money laundering or other import-export crimes. DARTTS is specifically designed to make this investigative process more efficient by automating the analysis and identification of anomalies for the investigator. While DARTTS does increase the efficiency of data analysis, DARTTS does not allow ICE

Page 39084

agents and analysts to obtain any data they could not otherwise access in the course of their investigative activities.

DARTTS does not seek to predict future behavior or ``profile'' individuals, i.e., look for individuals who meet a certain pattern of behavior that has been pre-determined to be suspect. Instead, it analyzes and identifies trade and financial transactions that are statistically anomalous. Investigators gather additional facts, verify the accuracy of the DARTTS data, and use their judgment and experience to determine if the anomalous transactions are in fact suspicious and warrant further investigation. Not all anomalies lead to formal investigations. DARTTS can also identify links (relationships) between individuals or entities based on commonalities, such as identification numbers, addresses, or other information. These commonalities in and of themselves are not suspicious, but in the context of additional information they sometimes help investigators to identify potentially criminal activity and identify other suspicious transactions, witnesses, or suspects.

With the creation of the U.S. Department of Homeland Security (DHS) in 2003, the criminal investigative arm of the U.S. Customs Service, which included the TTU and the DARTTS system, was transferred to ICE.

As part of DHS's ongoing effort to ensure legacy records transferred to

DHS are maintained in compliance with the Privacy Act, ICE proposes to establish this new system of records to cover the data ICE maintains for trade transparency analysis, including the data maintained in

DARTTS. A Privacy Impact Assessment (PIA) was conducted on DARTTS because it maintains personally identifiable information. The DARTTS

PIA is available on the Department of Homeland Security (DHS) Privacy

Office Web site at www.dhs.gov/privacy.

Individuals may request information about records pertaining to them stored in DARTTS as outlined in the ``Notification Procedure'' section below. ICE reserves the right to exempt various records from release pursuant to exemptions 5 U.S.C. 552a(j)(2) and (k)(2) of the

Privacy Act.

Consistent with DHS's information sharing mission, information stored in the DARTTS may be shared with other DHS components, with foreign governments with whom DHS has entered into international information sharing agreements for trade data for the purpose of enforcing customs laws, and with appropriate Federal, State, local, tribal, foreign, or international government agencies. This sharing will only take place after DHS determines that the receiving component or agency has a need to know the information to carry out national security, law enforcement, immigration, intelligence, or other functions consistent with the routine uses set forth in this system of records notice.

Because TTAR contains information that relates to official DHS national security, law enforcement, immigration, and intelligence activities and is used in support of those activities, the Department published a proposed rulemaking seeking to exempt the TTAR system of records from various provisions of the Privacy Act, including the requirement that individuals be provided access to and correction of their own records. These exemptions are permitted by the Privacy Act and are needed to protect information relating to DHS law enforcement or intelligence activities from disclosure to subjects or others related to these activities. For a complete discussion of the specific exemptions proposed and the reasons they were claimed, please see the notice of proposed rulemaking in the Federal Register, 73 FR 64890

(Oct. 31, 2008). A final rulemaking is published concurrently to this notice in this issue of the Federal Register.

Public Comments

In the October 31, 2008 publication of the TTAR SORN, the

Department requested public comments on the SORN and the proposed rulemaking. ICE received no public comments and concluded that no changes to the SORN are warranted at this time.

II. Privacy Act

The Privacy Act embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses, and disseminates personally identifiable information. The Privacy Act applies to information that is maintained in a ``system of records.'' A ``system of records'' is a group of any records under the control of an agency for which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. In the Privacy Act, an individual is defined to encompass United States citizens and lawful permanent residents. As a matter of policy, DHS extends administrative Privacy Act protections to all individuals where systems of records maintain information on U.S. citizens, lawful permanent residents, and visitors. Individuals may request access to their own records that are maintained in a system of records in the possession or under the control of DHS by complying with DHS Privacy

Act regulations, 6 CFR Part 5.

The Privacy Act requires each agency to publish in the Federal

Register a description denoting the type and character of each system of records that the agency maintains, and the routine uses that are contained in each system in order to make agency record keeping practices transparent, to notify individuals regarding the uses to which personally identifiable information is put, and to assist individuals to more easily find such files within the agency. Below is the description of the TTAR system of records.

In accordance with 5 U.S.C. 552a(r), DHS has provided a report of this system of records to the Office of Management and Budget and to

Congress.

System of Records:

DHS/ICE-005.

System name:

Trade Transparency Analysis and Research (TTAR).

Security Classification:

Sensitive But Unclassified.

System Location:

Records are maintained at the Immigration and Customs Enforcement

Headquarters in Washington, DC.

Categories of Individuals Covered by the System:

Categories of individuals covered by this system include: (a)

Individuals who, as importers, exporters, shippers, transporters, brokers, owners, purchasers, consignees, or agents thereof, participate in the import or export of goods to or from the U.S. or to or from nations with which the U.S. has entered an agreement to share trade information; and (b) individuals who participate in financial transactions that are reported to the U.S. Treasury Department under the Bank Secrecy Act or other U.S. financial crimes laws and regulations (e.g., individuals who participate in cash transactions exceeding $10,000; individuals who participate in a reportable suspicious financial transaction).

Categories of Records in the System:

Categories of records in this system include:

Names;

Addresses (home or business);

Trade identifier numbers (e.g., Importer ID, Exporter ID,

Manufacturer ID);

Page 39085

Social Security/tax identification numbers;

Passport numbers;

Account numbers (e.g., bank account);

Description and/or value of trade goods;

Country of origin/export; and

Description and/or value of financial transactions.

Authority for Maintenance of the System: 18 U.S.C. 545 (Smuggling goods into the United States); 18 U.S.C. 1956 (Laundering of Monetary Instruments); and 19 U.S.C 1484 (Entry of

Merchandise).

Purpose:

The purpose of this system is to enforce criminal laws pertaining to trade, financial crimes, smuggling, and fraud, specifically through the analysis of raw financial and trade data in order to identify potential violations of U.S. criminal laws pertaining to trade, financial crimes, smuggling, and fraud and to support existing criminal law enforcement investigations into related criminal activities.

Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DHS as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. To the Department of Justice or other Federal agency conducting litigation or in proceedings before any court, adjudicative, or administrative body, when (1) DHS or any component thereof; (2) any employee of DHS in his/her official capacity; (3) any employee of DHS in his/her individual capacity where DOJ or DHS has agreed to represent the employee; or (4) the United States or any agency thereof, is a party to the litigation or has an interest in such litigation; and DHS determines that the records are both relevant and necessary to the litigation and the use of such records is compatible with the purpose for which DHS collected the records.

2. To a congressional office from the record of an individual in response to an inquiry from that congressional office made at the request of the individual to whom the record pertains.

3. To the National Archives and Records Administration or other

   Federal government agencies pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906.

4. To an agency, organization, or individual for the purpose of performing audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function.

5. To appropriate agencies, entities, and persons when: 1. DHS suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; 2. The Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by DHS or another agency or entity) that rely upon the compromised information, or harm to an individual; and 3. The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DHS's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

6. To contractors and their agents, grantees, experts, consultants, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for DHS, when necessary to accomplish an agency function related to this system of records.

   Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to DHS officers and employees.

7. To an appropriate Federal, State, tribal, local, international, or foreign law enforcement agency or other appropriate authority charged with investigating or prosecuting a violation or enforcing or implementing a law, rule, regulation, or order, where a record, either on its face or in conjunction with other information, indicates a violation or potential violation of law, which includes criminal, civil, or regulatory violations and such disclosure is proper and consistent with the official duties of the person making the disclosure.

8. To third parties during the course of a law enforcement investigation to the extent necessary to obtain information pertinent to the investigation, provided disclosure is appropriate to the proper performance of the official duties of the officer making the disclosure.

   I. To appropriate Federal, State, local, tribal, or foreign governmental agencies or multilateral governmental organizations responsible for investigating or prosecuting the violations of, or for enforcing or implementing, a statute, rule, regulation, order, license, or treaty where DHS determines that the information would assist in the enforcement of civil or criminal laws.

10. To a Federal, State, or local agency, or other appropriate entity or individual, or through established liaison channels to selected foreign governments, in order to provide intelligence, counterintelligence, or other information for the purposes of intelligence, counterintelligence, or anti-terrorism activities authorized by U.S. law, Executive Order, or other applicable national security directive.

11. To a Federal, State, tribal, local or foreign government agency or organization, or international organization, lawfully engaged in collecting law enforcement intelligence information, whether civil or criminal, or charged with investigating, prosecuting, enforcing or implementing civil or criminal laws, related rules, regulations or orders, to enable these entities to carry out their law enforcement responsibilities, including the collection of law enforcement intelligence.

    L. To international and foreign governmental authorities in accordance with law and formal or informal international agreements.

13. To Federal and foreign government intelligence or counterterrorism agencies when DHS reasonably believes there to be a threat or potential threat to national or international security for which the information may be useful in countering the threat or potential threat, when DHS reasonably believes such use is to assist in anti-terrorism efforts, and disclosure is appropriate to the proper performance of the official duties of the person making the disclosure.

14. To appropriate Federal, State, local, tribal, or foreign governmental agencies or multilateral governmental organizations where

    DHS is aware of a need to utilize relevant data for purposes of testing new technology and systems designed to enhance national security or identify other violations of law.

15. To the news media and the public, with the approval of the Chief

    Privacy Officer in consultation with counsel, when there exists a legitimate public interest in the disclosure of the information or when disclosure is necessary to preserve confidence in the integrity of DHS or is necessary to demonstrate the accountability of DHS's officers, employees, or individuals

    Page 39086

    covered by the system, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy.

    Disclosure to consumer reporting agencies:

    None.

    Policies and Practices for Storing, Retrieving, Accessing, Retaining and Disposing of Records in the System:

    Storage:

    Records in this system are stored electronically or on paper in secure facilities in a locked drawer behind a locked door. The records are stored on magnetic disc, tape, digital media, and CD-ROM.

    Retrievability:

    Records may be retrieved by any of the personal identifiers stored in the system including name, business address, home address, importer

    ID, exporter ID, broker ID, manufacturer ID, social security number, trade and tax identifying numbers, passport number, or account number.

    Records may also be retrieved by non-personal information such as transaction date, entity/institution name, description of goods, value of transactions, and other information.

    Safeguards:

    Records in this system are safeguarded in accordance with applicable rules and policies, including all applicable DHS automated systems security and access policies. Strict controls have been imposed to minimize the risk of compromising the information that is being stored. Access to the computer system containing the records in this system is limited to those individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances or permissions. The system maintains a real-time auditing function of individuals who access the system.

    Retention and Disposal:

    ICE is in the process of drafting a proposed record retention schedule for the information maintained in TTAR. ICE anticipates retaining the records in TTAR for five years and then archiving records for five additional years, for a total retention period of ten years.

    The five-year retention period for records is necessary to create a data set large enough to effectively analyze anomalies and patterns of behavior in trade transactions. Records older than five years will be archived for five additional years and will only be used to provide a historical basis for anomalies in current trade activity. The original

    CD-ROMs containing the raw data will be retained for five years for the purpose of data integrity and system maintenance.

    System Manager(s) and Address:

    Unit Chief, Trade Transparency Unit, ICE Office of Investigations, 500 12th Street, SW., Washington, DC 20024.

    Notification Procedures:

    The Secretary of Homeland Security has exempted this system from notification, access, and amendment because of the law enforcement nature of the information. However, ICE will review requests on a case by case and release information as appropriate. Thus, individuals seeking notification of and access to any record contained in this system of records, or seeking to contest its content, may submit a request in writing to the component's FOIA Officer, whose contact information can be found at http://www.dhs.gov/foia under ``contacts.''

    If an individual believes more than one component maintains Privacy Act records concerning him or her the individual may submit the request to the Chief Privacy Officer, Department of Homeland Security, 245 Murray

    Drive, SW., Building 410, STOP-0655, Washington, DC 20528.

    When seeking records about yourself from this system of records or any other Departmental system of records your request must conform with the Privacy Act regulations set forth in 6 CFR Part 5. You must first verify your identity, meaning that you must provide your full name, current address and date and place of birth. You must sign your request, and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. While no specific form is required, you may obtain forms for this purpose from the Director,

    Disclosure and FOIA, http://www.dhs.gov or 1-866-431-0486. In addition you should provide the following:

    An explanation of why you believe the Department would have information on you,

    Identify which component(s) of the Department you believe may have the information about you,

    Specify when you believe the records would have been created,

    Provide any other information that will help the FOIA staff determine which DHS component agency may have responsive records,

    If your request is seeking records pertaining to another living individual, you must include a statement from that individual certifying his/her agreement for you to access his/her records.

    Without this bulleted information the component(s) will not be able to conduct an effective search, and your request may be denied due to lack of specificity or lack of compliance with applicable regulations.

    Record Access Procedures:

    See ``Notification procedure'' above.

    Contesting Record Procedures:

    See ``Notification procedure'' above.

    Record Source Categories:

    (1) U.S. Customs and Border Protection (CBP) import data collecting using CBP Form 7501, ``Entry Summary.''

    (2) U.S. Department of Commerce export data collected using

    Commerce Department Form 7525-V, ``Shipper's Export Declaration.''

    (3) U.S. Exports of Merchandise Dataset (a publicly available aggregated U.S. export dataset purchased from the U.S. Department of

    Commerce).

    (4) Foreign import and export data provided by partner countries pursuant to a Customs Mutual Assistance Agreement (CMAA) or other similar agreement.

    (5) Financial Transaction Reports from Treasury Department's

    Financial Crimes Enforcement Network (FinCEN), specifically: (a)

    Currency Monetary Instrument Reports (CMIRs)--Declarations of currency or monetary instruments in excess of $10,000 made by persons coming into or leaving the United States; (b) Currency Transaction Reports

    (CTRs)--Deposits or withdrawals of $10,000 or more in currency into or from depository institutions; (c) Suspicious Activity Reports (SARs)--

    Information regarding suspicious financial transactions within depository institutions, casinos, and the securities and futures industry; and (d) Report of Cash Payments over $10,000 Received in a

    Trade or Business--Report of merchandise purchased with $10,000 or more in currency.

    Exemptions Claimed for the System:

    Pursuant to exemption 5 U.S.C. 552a(j)(2) of the Privacy Act, portions of this system are exempt from 5 U.S.C. 552a(c)(3) and (4);

    (d); (e)(1), (e)(2), (e)(3), (e)(4)(G), (e)(4)(H), (e)(5) and (e)(8);

    (f); and (g). Pursuant to 5 U.S.C. 552a(k)(2), this system is exempt from the following provisions of the Privacy Act, subject to the limitations set forth in those subsections: 5 U.S.C. 552a(c)(3), (d),

    (e)(1), (e)(4)(G), (e)(4)(H), and (f).

    Page 39087

    Dated: July 30, 2009.

    Mary Ellen Callahan,

    Chief Privacy Officer, Department of Homeland Security.

    FR Doc. E9-18623 Filed 8-4-09; 8:45 am

    BILLING CODE 9111-28-P