From: <Saved by Windows Internet Explorer 8>
Subject: FR Doc E6-511
Date: Wed, 19 Jan 2011 09:44:24 -0500
MIME-Version: 1.0
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Location: http://edocket.access.gpo.gov/2006/E6-511.htm
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5931

=EF=BB=BF<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>FR Doc E6-511</TITLE>
<META content=3D"text/html; charset=3Dutf-8" http-equiv=3DContent-Type>
<META name=3DGENERATOR content=3D"MSHTML 8.00.6001.18999"></HEAD>
<BODY><DOC><PRE>
[Federal Register: January 19, 2006 (Volume 71, Number 12)]
[Notices]              =20
[Page 3109-3112]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr19ja06-100]                        =20

-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

[DHS-2005-0054]

=20
Privacy Act of 1974; Systems of Records

AGENCY: Privacy Office; Department of Homeland Security.

ACTION: Notice of Privacy Act system of records.

-----------------------------------------------------------------------

SUMMARY: The Bureau of Customs and Border Protection proposes to revise=20
its system of records for collecting carrier, broker and importer/
exporter account information to both update the system and to add as a=20
category of records the customs declarations that postal mailers are=20
required to complete for international mail transactions.

DATES: The new system of records will be effective February 21, 2006=20
unless comments are received that result in a contrary determination.

ADDRESSES: You may submit comments, identified by DHS-2005-0054, by one=20
of the following methods:
    <BULLET> Federal eRulemaking Portal: <A =
href=3D"http://frwebgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3Dleavin=
gFR.html&amp;log=3Dlinklog&amp;to=3Dhttp://www.regulations.gov">http://fr=
webgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&amp;log=3D=
linklog&amp;to=3Dhttp://www.regulations.gov</A>.=20

Follow the instructions for submitting comments via docket number DHS-
2005-0054.
    <BULLET> Fax: 202-572-8727.
    <BULLET> Mail: Comments by mail are to be addressed to the=20
Regulations Branch, Office of Regulations and Rulings, Bureau of=20
Customs and Border Protection, 1300 Pennsylvania Avenue, NW. (Mint=20
Annex), Washington, DC 20229. Comments by mail may also be submitted to=20
Maureen Cooney, Acting Chief Privacy Officer, Department of Homeland=20
Security, 601 S. 12th Street, Arlington, VA 22202-4220.
    Instructions: All submissions received must include the agency name=20
and docket number for this rulemaking. All comments received will be=20
posted without change to <A =
href=3D"http://frwebgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3Dleavin=
gFR.html&amp;log=3Dlinklog&amp;to=3Dhttp://www.regulations.gov">http://fr=
webgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&amp;log=3D=
linklog&amp;to=3Dhttp://www.regulations.gov</A>, including any=20

personal information provided. For detailed instructions on submitting=20
comments and additional information on the rulemaking process, see the=20
``Public Participation'' heading of the SUPPLEMENTARY INFORMATION=20
section of this document.
    Docket: For access to the docket to read background documents or=20
comments received, go to <A =
href=3D"http://frwebgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3Dleavin=
gFR.html&amp;log=3Dlinklog&amp;to=3Dhttp://www.regulations.gov">http://fr=
webgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&amp;log=3D=
linklog&amp;to=3Dhttp://www.regulations.gov</A>. Submitted comments=20

may also be inspected during regular business days between the hours of=20
9 a.m. and 4:30 p.m. at the Regulations Branch, Office of Regulations=20
and Rulings, Bureau of

[[Page 3110]]

Customs and Border Protection, 799 9th Street, NW., 5th Floor,=20
Washington, DC. Arrangements to inspect submitted comments should be=20
made in advance by calling Mr. Joseph Clark at (202) 572-8768.

FOR FURTHER INFORMATION CONTACT: Laurence E. Castelli (202-572-8712),=20
Chief, Privacy Act Policy and Procedures Branch, Bureau of Customs and=20
Border Protection, Office of Regulations &amp; Rulings, Mint Annex, 1300 =

Pennsylvania Ave., NW., Washington, DC 20229.

SUPPLEMENTARY INFORMATION: The Bureau of Customs and Border Protection=20
(CBP) is engaged in a multi-year modernization effort to update its=20
information systems. As part of this modernization effort, CBP has=20
developed the Automated Commercial Environment (ACE) to streamline=20
business processes, to facilitate growth in trade, to ensure cargo=20
security, to provide means to combat terrorism through monitoring what=20
materials and which persons enter and leave the country, and to foster=20
participation in global commerce, while ensuring compliance with U.S.=20
laws and regulations. ACE replaces CBP's current Automated Commercial=20
System, a twenty-plus-year-old trade information database.
    The operation of ACE will require that CBP collect personally=20
identifiable information from importers, brokers, truck carriers, and=20
U.S. Postal Service customs declarations. The system will also include=20
personally identifiable information about CBP employees and employees=20
of other agencies. The information that is collected will be used to=20
operate the automated commercial environment in order to assist in=20
protecting the country's borders by monitoring and regulating incoming=20
cargo and people.
    The Privacy Act embodies fair information principles in a statutory=20
framework governing the means by which the United States Government=20
collects, maintains, uses and disseminates personally identifiable=20
information. The Privacy Act applies to information that is maintained=20
in a ``system of records.'' A ``system of records'' is a group of any=20
records under the control of an agency from which information is=20
retrieved by the name of the individual or by some identifying number,=20
symbol, or other identifying particular assigned to the individual. In=20
the Privacy Act, individual is defined to encompass United States=20
citizens and legal permanent residents. ACE involves the collection of=20
information that will be maintained in a system of records.
    The Privacy Act requires each agency to publish in the Federal=20
Register a description denoting the type and character of each system=20
of records that the agency maintains, and the routine uses that are=20
contained in each system in order to make agency recordkeeping=20
practices transparent, to notify individuals regarding the uses to=20
which personally identifiable information is put, and to assist the=20
individual to more easily find such files within the agency.
    DHS is here publishing a description of the Automated Commercial=20
Environment system of records. In accordance with 5 U.S,C. 552a(r), a=20
report concerning this record system has been sent to the Office of=20
Management and Budget and to the Congress.
    Interested persons are invited to participate in this rulemaking by=20
submitting written data, views, or arguments on all aspects of the=20
proposed rule. CBP also invites comments that relate to the economic,=20
environmental, or federalism affects that might result from this=20
proposed rule. Comments that will provide the most assistance to CBP in=20
developing these procedures will reference a specific portion of the=20
proposed rule, explain the reason for any recommended change, and=20
include data, information, or authority that support such recommended=20
change.
DHS/CBP-001

System Name:
    Automated Commercial Environment/International Trade Data System=20
(ACE/ITDS).

System Location:
    This computer database is located at the Bureau of Customs and=20
Border Protection (CBP) National Data Center in Washington, DC.=20
Computer terminals are located at Customhouses and ports throughout the=20
United States and at CBP Headquarters, Washington, DC, as well as=20
appropriate facilities for other participating government agencies.

Categories of Individuals Covered by the System:
    Individuals involved in the importation of merchandise, members of=20
the trade community, including but not limited to truck carriers,=20
vessel, vehicle, and aircraft operators or crew, Customhouse brokers,=20
importers and their authorized agents (i.e., trade users), persons=20
required to file Customs Declarations for international mail=20
transactions (including sender and recipient), DHS/CBP employees, and=20
employees of other Federal Government agencies.

Categories of Records in the System:
    The database is comprised of carrier, broker, and importer/exporter=20
account information (this includes personally identifying information=20
(name and address, phone and/or fax), as well as the Significant=20
Activity Log (a message log between the ACE Portal Account Owner and=20
CBP that tracks their communications sent through ACE) and the Action=20
Plans referenced in the Significant Activity Log), entry information,=20
and manifest information. The database also includes information=20
obtained from Customs declarations filed with the United States Postal=20
Service in connection with the import or export of goods through the=20
mail. System files may contain information about DHS/CBP employees,=20
other Federal employees, companies, and individuals involved in=20
commercial land, sea, and/or air border transactions.
    The following information may be stored in the database for the=20
establishment of an ACE Secure Data Portal truck carrier account:=20
Carrier name, Carrier address, Carrier identification (i.e., the truck=20
carrier identification SCAC code (the unique Standard Carrier Alpha=20
Code) assigned for each carrier by the National Motor Freight Traffic=20
Association), Department of Transportation number, Taxpayer ID number,=20
DUNS (Dun and Bradstreet Number), Organizational structure, Name of=20
Insurer, Policy number, Date of Issuance and Amount. The carrier can=20
create users and points of contact, and may also choose to store=20
details associated with driver/crew, conveyance, and equipment for=20
purposes of expediting the creation of manifests.
    The ACE database is also comprised of manifest information that=20
includes specific details regarding the crew or drivers as well as=20
passengers involved in a commercial land border crossing. For crew or=20
drivers, the system will include:
    (1) Person on arriving conveyance who is in charge; (2) Names of=20
all crew members; (3) Date of birth of each crew member; (4) Commercial=20
driver's license (CDL)/drivers license number for each crew member; (5)=20
CDL/driver's license State/province of issuance for each crew member;=20
(6) CDL country of issuance for each crew member; (7) Travel document=20
number for each crew member; (8) Travel document country of issuance=20
for each crew member; (9) Travel document State/province of issuance=20
for each crew member; (10) Travel document type for each crew member;=20
(11) Address for each crew member; (12) Gender of each crew member;=20
(13) Nationality/citizenship of each crew member; (14)

[[Page 3111]]

Hazmat endorsement for each crew member.
    For passengers, the information consists of: (1) Names of all=20
passengers; (2) Date of birth of each passenger; (3) Travel document=20
number for each passenger; (4) Travel document country of issuance for=20
each passenger; (5) Travel document State/province of issuance for each=20
passenger; (6) Travel document type for each passenger; (7) Gender of=20
each passenger; (8) Nationality of each passenger.
    Further, the ACE database includes specific details regarding=20
trips, equipment, conveyances, and shipments, but this information does=20
not primarily identify individuals, except those who might be shippers=20
or consignees.

Authority for Maintenance of the System:
    19 U.S.C. 66, 1448, 1481, 1483, 1484, 1505, 1624, and 2071.

Routine Uses of Records Maintained in the System, Including Categories=20
of Users and the Purposes of Such Uses:
    In addition to those disclosures generally permitted under 5 U.S.C.=20
552a(b) of the Privacy Act, all or a portion of the records or=20
information contained in this system may be disclosed outside DHS as a=20
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    (1) To the Bureau of the Census by providing magnetic tapes or=20
other form of electronic data transmission containing foreign trade=20
data;
    (2) To appropriate Federal, State, local, foreign, or tribal=20
agencies responsible for investigating or prosecuting the violations=20
of, or for enforcing or implementing, a statute, rule, regulation,=20
order, or license, where CBP becomes aware of an indication of a=20
violation or potential violation of civil or criminal law or=20
regulation;
    (3) To a Federal, State, local, tribal, territorial, foreign, or=20
international agency, maintaining civil, criminal or other relevant=20
enforcement information or other pertinent information, which has=20
requested information relevant to or necessary to the requesting=20
agency's or the bureau's hiring or retention of an individual, or=20
issuance of a security clearance, license, contract, grant, or other=20
benefit;
    (4) To a court, magistrate, or administrative tribunal in the=20
course of presenting evidence, including disclosures to opposing=20
counsel or witnesses in the course of civil discovery, litigation, or=20
settlement negotiations, in response to a subpoena, or in connection=20
with criminal law proceedings;
    (5) To third parties during the course of an investigation to the=20
extent necessary to obtain information pertinent to the investigation;
    (6) To an agency, organization, or individual for the purposes of=20
performing authorized audit or oversight operations;
    (7) To a congressional office from the record of an individual in=20
response to an inquiry from that congressional office made at the=20
request of the individual to whom the record pertains;
    (8) To contractors, grantees, experts, consultants, students, and=20
others performing or working on a contract, service, grant, cooperative=20
agreement, or other assignment for the Federal Government, when=20
necessary to accomplish an agency function related to this system of=20
records;
    (9) To the Department of Justice, the United States Attorney's=20
Office, or a consumer reporting agency for further collection action on=20
any delinquent debt when circumstances warrant;
    (10) To a former employee of the Department for purposes of:=20
responding to an official inquiry by a Federal, State, or local=20
government entity or professional licensing authority, in accordance=20
with applicable Department regulations; or facilitating communications=20
with a former employee that may be necessary for personnel-related or=20
other official purposes where the Department requires information and/
or consultation assistance from the former employee regarding a matter=20
within that person's former area of responsibility;
    (11) To an organization or individual in either the public or=20
private sector, either foreign or domestic, where there is a reason to=20
believe that the recipient is or could become the target of a=20
particular terrorist activity or conspiracy, to the extent the=20
information is relevant to the protection of life or property;
    (12) To the Department of Justice or other Federal agency=20
conducting litigation or in proceedings before any court, adjudicative=20
or administrative body, when: (a) DHS, or (b) any employee of DHS in=20
his/her official capacity, or (c) any employee of DHS in his/her=20
individual capacity where DOJ or DHS has agreed to represent the=20
employee, or (d) the United States or any agency thereof, is a party to=20
the litigation or has an interest in such litigation;
    (13) To the National Archives and Records Administration or other=20
federal government agencies pursuant to records management inspections=20
being conducted under the authority of 44 U.S.C. Sections 2904 and=20
2906;
    (14) To a Federal, State, local, tribal, territorial, foreign, or=20
international agency, if necessary to obtain information relevant to a=20
Department of Homeland Security decision concerning the hiring or=20
retention of an employee, the issuance of a security clearance, the=20
reporting of an investigation of an employee, the letting of a=20
contract, or the issuance of a license, grant or other benefit;
    (15) To a Federal agency, pursuant to the International Trade Data=20
System Memorandum of Understanding, consistent with the receiving=20
agency's legal authority to collect information pertaining to and/or=20
regulate transactions in international trade.

Policies and Practices for Storing, Retrieving, Accessing, Retaining,=20
Disposing of Records in the System:
Storage:
    The data is stored electronically at the CBP Data Center for=20
current data and offsite at an alternative data storage facility for=20
historical logs and system backups.

Retrievability:
    The data is retrievable by name or personal identifier from an=20
electronic database. Only individuals with a need to know can access=20
the data. The system manager, in addition, has the capability to=20
maintain system back-ups for the purpose of supporting continuity of=20
operations and the discrete need to isolate and copy specific data=20
access transactions for the purpose of conducting security incident=20
investigations.

Safeguards:
    Access to the computer area is controlled by a security pass=20
arrangement and personnel not connected with the operation of the=20
computer are prohibited from entering. The building security is=20
protected by a uniformed guard. Access at the ports is in the booths=20
and from any PC connected to the LAN. At the ports of processing,=20
terminal rooms are under close supervision during working hours and=20
locked after close of business. The system security officer issues a=20
unique private five digit identification code to each authorized user.=20
Access to the computer from other than system terminals is controlled=20
through a security software package. Users must input a unique=20
identification code and password during the terminal log-in procedure=20
to gain access to the system. The password is not printed or displayed=20
at the port of processing. The system validates the user ID by=20
transaction type, thereby limiting a

[[Page 3112]]

system user's access to information on a ``need-to-know'' basis. A=20
listing of identification codes of authorized users can be printed only=20
by request of the security officer. The passwords are changed=20
periodically to enhance security.

Retention and Disposal:
    Files are retained on-line in a system database. Personal=20
information collected in ACE as part of the regulation of incoming=20
cargo and people will be retained in accordance with the U.S. Customs=20
Records Schedules approved by the National Archive and Records=20
Administration for the forms on which the data is submitted. This means=20
that cargo, crew, driver, and passenger information collected from a=20
manifest presented in connection with the arrival of a vessel, vehicle=20
or aircraft will be retained for six years. Information collected in=20
connection with the submission of a Postal Declaration for a mail=20
importation will be retained for a maximum of six years and three=20
months (as set forth pursuant to NARA Authority N1-36-86-1, U.S.=20
Customs Records Schedule, Schedule 9 Entry Processing, Items 4 and 5).=20
Personal information collected in connection with the creation of a=20
carrier, broker, or importer/exporter account will be retained for up=20
to three years following the closing of the account either through=20
withdrawal by the individual or denial of access by CBP. Lastly,=20
information pertaining to CBP and PGA employees will be retained for as=20
long as the individual maintains her or his portal access to ACE and=20
authorization to access the information.

System Manager(s) and Address:
    Director, Office of Automated Systems, U.S. Customs and Border=20
Protection Headquarters, 1300 Pennsylvania Avenue, NW., Washington, DC=20
20229.

Notification Procedures:
    To determine whether this system contains records relating to you,=20
write to Customer Satisfaction Unit, Office of Field Operations, U.S.=20
Customs and Border Protection, Room 5.5-C, 1300 Pennsylvania Avenue,=20
NW., Washington, DC 20229 (phone: (202) 344-1850 and fax: (202) 344-
2791).

Record Access Procedures:
    Requests for notification or access must be in writing and should=20
be addressed to the Customer Satisfaction Unit, Office of Field=20
Operations, U.S. Customs and Border Protection, Room 5.5-C, 1300=20
Pennsylvania Avenue, NW., Washington, DC 20229. Requests should conform=20
to the requirements of 6 CFR part 5, subpart B, which provides the=20
rules for requesting access to Privacy Act records maintained by DHS.=20
The envelope and letter should be clearly marked ``Privacy Act Access=20
Request.'' The request should include a general description of the=20
records sound and must include the requester's full name, current=20
address, and data and place of birth. The request must be signed and=20
either notarized or submitted under penalty of perjury.
    Additionally, operational record access may be obtained through the=20
ACE Secure Data Portal for those individuals and entities who have been=20
approved access in accordance with the procedures published in the=20
Federal Register at 67 FR 21800 dated May 1, 2002.

Contesting Record Procedures:
    Same as ``Record Access Procedures.''

Record Source Categories:
    The system contains data received on authorized CBP forms or=20
electronic formats from individuals and/or companies incidental to the=20
conduct of foreign trade and required by CBP in administering the=20
tariff laws and regulations of the United States. The system also=20
contains information pertaining to International Mail Transactions,=20
which is obtained from the United States Postal Service by electronic=20
data transmission.

Exemptions Claimed for the System:
    None.

    Dated: December 22, 2005.
Maureen Cooney,
Acting Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E6-511 Filed 1-18-06; 8:45 am]

BILLING CODE 4410-10-P
</PRE></BODY></HTML>