The Department of Homeland Security has released the â€œ2013 Data Mining Report to Congressâ€ (DHS pdf; archive pdf). The DHS Privacy Office said, â€œThe Federal Agency Data Mining Reporting Act of 2007, 42 U.S.C. Â§ 2000ee-3, requires DHS to report annually to Congress on DHS activities that meet the Actâ€™s definition of data mining. For each identified activity, the Act requires DHS to provide the following: (1) a thorough description of the activity and the technology and methodology used; (2) the sources of data used; (3) an analysis of the activityâ€™s efficacy; (4) the legal authorities supporting the activity; and (5) an analysis of the activityâ€™s impact on privacy and the protections in place to protect privacy.â€ Hereâ€™s more from the reportâ€™s executive summary:
This yearâ€™s report, covering the period January 1, 2013, through December 31, 2013, provides updates on modifications, additions, and other developments that have occurred in the current reporting year including use of [the Automated Targeting System] by DHS components other than CBP. The report also presents two new programs currently in development that will include data mining capabilities: the DHS Data Framework, a DHS-wide pilot initiative, and FALCON-Roadrunner, which is administered by ICE. Additional information on DARTTS and on the Transportation Security Administrationâ€™s (TSA) Secure Flight Programâ€™s use of ATS is being provided separately to Congress in two annexes to this report that contain Law Enforcement Sensitive Information and Sensitive Security Information, respectively. […]
The DHS Privacy Officeâ€™s privacy compliance policies and procedures are based on a set of eight Fair Information Practice Principles (FIPPs) that are rooted in the tenets of the Privacy Act. The FIPPs have served as DHSâ€™s core privacy framework since the Department was established. […]
While each program described below engages to some extent in data mining, none makes decisions about individuals solely on the basis of data mining results. In all cases, DHS employees conduct investigations to verify (or disprove) the results of data mining, and then bring their own judgment and experience to bear in making determinations about individuals initially identified through data mining activities.