ICE August 2020 Production Brennan Center DHS FOIA Social Media Monitoring

From: ~b)(6); (b)(?
)(C)
Se nt: 19 Aug 2019 13:19:40 +0000
To: r )(6); (b)(?)(C) I
Cc: b)(6); (b)(?)(C)
l(b)(6); (b)(7)(C)
Subject: RE: ICE SMOUTs
Attachme nts: CIU White Paper - Unattributed Browser Licenses 08022019 track changes.doc
l(b)(6);
kb)(6): !provided the attached draft last Friday (8/ 16). OPLA will now review. Not sure how long
it will take, as I have other priority tasks already on the queue. I may need until next week. Do
you want to take a look at the attached and let me know if you have specific concerns? Thank
you.
Kb)(6);
Associate Legal Advisor
Enforcement and Removal Operations Law Division
Office of the Principal Legal Advisor
U.S. Immigration and Customs Enforcement
(Desk) 202-732~(b)(6);1
(iPhone) 202-787-fliillfill
Kb)(6); (b)(?)(C)
---ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT---

This communication and any attachments may contain confidential and/or sensitive attorney/client
privileged information or attorney work product and/or law enforcement sensitive information. It is not
for release, review, retransmission, dissemination, or use by anyone other than the intended recipient.
Please notify the sender if this email has been misdirected and immediately destroy all originals and
copies. Furthermore do not print, copy, re-transmit, disseminate, or otherwise use t his information.
Any disclosure of this communication or its at tachments must be approved by the Office of the Principal
Legal Advisor, U.S. Immigration and Customs Enforcement. This document is for INTERNAL
GOVERNMENT USE ONLY and may be exempt from disclosure under the Freedom of Information Act, 5
USC§§ 552(b)(S), (b)(7).
From: l(b)(6); (b)(7)(C) I

Se nt: M onday, August 19, 2019 9: 12 AM
To (b)(6); (b)(?)(C)
Cc
b)(6); (b)(?)(C)
Good Morning Everybody,

I just wanted to follow up on the ER- procurement. Has there been any resolution? Thanks in
advance.
Best,
2020-ICLl-00023 1054
l(b)(6); (b)(?)(C) I
Mobile: 202-879~~~~~~:,J
From :Kb)(6); (b)(?)(C)

Sent: Friday, July 26, 2019 8:33 AM
To1(b)(6); (b)(7)(C) ~
Cc:
- ----=========-~
l(b)(6); (b)(7)(C)
Subje ct: RE: ICE SMOUTs
Thanks so much everybody!
Best,
l(b)(6); (b)(7)(C)
Mobile: 202-870Kb)(6);
From: !rh)fn) · f h)f7)fC:)

Se nt: Friday, July 26, 2019 8:32 AM
To: b)(6); (b)(?)(C)
Cc:
(b)(6); (b)(7)(C)
Subje ct: RE: ICE SMOUTs
IMany apologies - I should have sent an update yesterday.

A draft of the white paper was finished yesterday and sent to ERO OPLA. ERO OPLA had a few
suggestions before considering it final and indicated a two week lead time would be needed for an OPLA
determination . I contacted the procurement folks and explained the situation, so they are aware. I'm
sorry I failed to follow-up with Privacy, too.
Thanks for the concern and interest!
b)(S)
Have a nice weekend - and thanks again!
From~b)(6); (b)(?)(C)
Date: Friday, Jul 26, 2019, 7:54 AM
To b)(6); (b)(7)(C)
Cc
b)(6); (b)(7)(C)
Good Morningl(b)(6); I
2020-ICLl-00023 1055
I just wanted to check on the status of t he w hite paper. I know we agreed to a deadline of today to
have Privacy Office's approval for your procurement. To do that I'll need the white paper and OPLA's
confirmation that the program operates w it hin ERO's authorities and I can take it to the ICE Privacy
Officer for a final determination. If there is anything I can help with, please just let me know.
Best,
~b)(6); (b)(?)(C) I
Mobile: 202-870~(b)(6); I
From:kb)(6): ( b )(7)(C)
Sent: Tuesday, July 23, 2019 4: 17 PM
To b)(6); (b)(7)(C)
Cc:
b)(6); (b)(?)(C)
l(b)(6);
Please express my appreciation to the HSI Open Source Team for sharing their white paper!
I've read t hrough each of the five (5) SMOUTs, the Directive, and the Instruction.
I am better understanding the document s, the requirements, and appreciate the guidance!
Thank you!
Kb)(6); I
From: l(b)(6); (b)(?)(C) I
Se nt: Tuesday, July 23, 2019 8:59 AM
To: b)(6); (b)(7)(C)
Cc:
b)(6); (b)(7)(C)
Thanks~ kb~)(_6)~; - ~
An HSI Open Source Team has cleared us to share their white paper for their use of social media. They
have been monitoring social media l(b)(7)(E) I
Kb)(7)(E) !They are governed by the Crimi nal
and Administrative Immigration Law Enforcement SM OUT as well.
Best,
kh)(R ) · ( h )(7 )(r.) !
Mobile: 202-870{b)(6):
From:~kb_)(_6_
): - - ~
Sent: M onday, July 22, 2019 4:39 PM
To: kb)(6): (b)(7)(C)
2020-ICLl-00023 1056
Cc:l(b)(6); (b)(?)(C) I
(b)(6); (b)(?)(C)
Subject: ICE SMOUTs
Hello (b)(6);
/ h \ /7 \/f ' \
As discussed, attached please find an email which includes all the ICE Social Media Operational
Use Templates (SMOUTs), as well as DHS Directive and Instructions on operational use of
social media.
The SMOUTs were used by DHS Privacy to find out the operational purposes for which ICE
needs to access social media, and to determine whether those uses are authorized under DHS
policies. Most relevant to ERO 's operational use of social media is the ' Criminal and Admin
Immigration LE' SMOUT. I've identified below portions of this SMOUT that may help CIU in
framing a document explaining ERO's intended useKb)(?)(E) ~o surveille publicly-available
social media sites.
b)(5)
2020-ICLl-00023 1057
b)(5)
I believe!~ )(?)( lhas audit functions, based on the attached Authentic8 overview document you
kindly provided this morning.
The Privacy folks may also be interested in whether ERO will download any personally
l
identifying info (PII) and/or sensitive PII from social media usinj _!:>)(7)( and if so, where the
downloads will be maintained, and how they will be secured. See ICE responses to Q 5(e) - (g)
on pp. 7-8.
Please let me know if you have any questions about the above. Thank you!
l(b )(6);
(Desk) 202-732~(b)(6): I
(iPhone) 202-787-lliEfil]
l(b )(6); (b )(7)(C)
--- ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

This communication and any attachments m ay contain confidential and/or sensitive attorney/client
2020-ICLl-00023 1058
copies. Furthermore do not print, copy, re-transmit, disseminate, or otherwise use this information.
Any disclosure of this communication or its attachments must be approved by the Office of the Principal
USC§§ 552(b)(S), (b)(7).
2020-ICLl-00023 1059
From: ~b)(6); (b)(?)(C) I
Sent: 5 Sep 2019 20:21:49 +0000
To: !fb)(6): !
Cc: Kb)(6); (b)(?)(C)
Kb )(6); (b)(7)(C)
Good afternoonl(b)(6):
My apologies for the delay. (b)(?)(E)
b)(?)(E)
b)(?)(E)
(b)(S)
Best,
l(b)(6); (b)(7)(C)I
2020-ICLl-00023 1067
Mobile: 202-870J(b)(6);
Best,
l(b)(6);
Mobile: 202-870-~
From :l(b)(6); (b)(7)(C)

Se nt: Monday, August 19, 2019 9:20 AM
To: Vb)(6): (b)(7)(C) I
Cc:l(b)(6); (b)(7)(C) I
b)(6); (b)(7)(C)
~b)(6); _,
Kb)(6); !provided the attached draft last Friday (8/ 16). OPLA will now review. Not sure how long
you.
fo)(6):
(Desk) 202-732~(b)(6); I
(iPhone) 202-787-llliRfil]
~b)(6): (b)(7)(C)
---ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

USC§§ 552(b)(S), (b)(7).
From=Kb)(6); (b)(7)(C) I
Se nt: Monday, August 19, 2019 9:12 AM
Toi(b)(6); (b)(7)(C)
2020-ICLl-00023 1068
Cc: l(b)(6): (b)(7)(C)
l(b)(6); (b)(7)(C)

I just wanted to follow up on the ER~ rocurement. Has there been any resolution? Thanks in
advance.
Best,
l(b )(6); (b )(7)(C) j
Mobile: 202-870~(b)(6): I
From:kb)(6); (b)(7)(C)
To:l(b)(6); (b)(7)(C)
Cc:_
l(b)(6); (b)(7)(C)
Best,
l(b)(6): ( b )(7)(C) I
Mobile: 202-870{ b)(6): I
From: l(b)(6); (b)(7)(C) I
~~J b)(6); (b)(7)(C) I;
r-
kb-)(-==
6)=; (=b= ===) =======================,--~
)(7==)(C
Hi Kb)(6); IMany apologies - I should have sent an update yesterday.

determination . I contacted the procurement folks and explained the situation, so they are aware. I'm
(b)(5)
2020-IC Ll-00023 1069

From: !<b)(6): (b)(7)(C)
~:r
)(6); (b)(7)(C)
kh )(R )· (h ) (7)(r.)
Good Morningl(b)(6):
I just wanted to check on the status of the white paper. I know we agreed to a deadline of today to
confirmation that the program operates within ERO's authorities and I can take it to the ICE Privacy
Best,
Kb)(6); (b)(?)(C) I
Mobile: 202-870f b)(6); I
From: l(b)(6); (b)(?)(C)

Sent: Tuesday, July 23, 2019 4: 17 PM
To:l(b)(6); (b)(?)(C)
Cc: _
l(b)(6); (b)(7)(C)
l(b)(6);
I've read through each of the five (S) SMOUTs, the Directive, and the Instruction.
I am better understand ing the documents, the requirements, and appreciate the guidance!
Thank you!
l(b)(6); _ , I
From:kb)(6): ( b )(7)(C)
Sent: Tuesday, July 23, 2019 8:59 AM
To:l(b)(6); (b)(7)(C)
Cc:_
l(b)(6); (b)(7)(C)
Than ksJ(b)(6);
have been monitoring social media l(b)(?)(E) I
Kb)(?)(E) [They are governed by the Criminal
and Administrative Immigration Law Enforcement SMOUT as well.
2020-ICLl-00023 1070
Best,
kb)(6): (b)(7)(C)!
Mobile: 202-870.Yh)fn)· !
From:l(b)(6);
Sent: Monday, July 22, 2019 4:39 PM
rTo: f b)(6); (b)(7)(C)

Cc:
)(6); (b)(7)(C)
Subject: ICE SMOUTs
Hellol(b)(6);
social media.
policies. Most relevant to ERO 's operational use of social media is the 'Criminal and Admin
framing a document explaining ERO' s intended use of SILO to surveille publicly-available
social media sites.
(b)(5)
2020-ICLl-00023 1071
b)(5)
I believel(b)(7)( lhas audit functions, based on the attached Authentic8 overview document you
The Privacy folks may also be interested in whether ERO will do µ..u.............,any personally
identifying info (PII) and/or sensitive PII from social media usin ~b)(?)(E and if so, where the
on pp. 7-8.
l(b)(6): (b)(7)(C) I
2020-ICLl-00023 1072
(Desk) 202-732 (b)(6)
(iPhone) 202-78 (b)(6):
Kb)(6); (b)(?)(C)

USC§§ 552(b)(S), (b)(7).
2020-ICLl-00023 1073
From: l(b)(6);
Sent: 18 Sep 2019 22:05:41 +0000
To: rb)(6); (b)(7)(C)
Cc:
Hellol~(b_)(_6)_; _ _.
I am on AIL this week. I came in to pick up something and saw your email below. I've not had
a chance to discuss withl(b)(6); l(Gov' t Information Law Division - GILD), but this is my take off
the top of my head (this is not an official OPLA opinion).
(b)(5)
l(b)(6);
(Desk) 202-732¥ b)(6)1
(iPhone) 202-787-llliRfil]
kb)(6); (b)(7)(C)

for release, review, retransmission, dissem ination, or use by anyone other than the intended recipient.
2020-ICLl-00023 1074
USC§§ 552(b)(S), (b)(7).
From:Kb)(6); (b)(7)(C)
Se nt: Monday, September 16, 2019 12:05 PM
To: Kb)(6); (b)(?)(C)
Subject: FW: ICE SMOUTs
Hi l(b)(6); (b)(?)(C) I
I just wanted to check back in if EROLD had any insight to the below. I'm hoping to put a bow on the
approval for the procurement that'll set us on the right foot in the PTA process.
Best,
kh ) (n) · ( h)(7 ){(;) !
Mobile: 202-870~(b)(6); I
From:l(b)(6): (b)(7)(C) I
Se nt: Thursday, September 5, 2019 4:22 PM
To:l(b)(6); (b)(?)(C)
Cc: _
r (6); (b)(7)(C)
Good afternoon~b)(6);
My apologies for the delay.l(b)(7)(E)
l(b)(7)(E)
(b )(5)
b)(5)
2020-ICLl-00023 1075
b)(5)
Best,
i(b)(6):
Mobile: 202-87q (b)(6); I
Best,
(b)(6);
(h)(7 )(<;)
Mobile: 202-870-@Eill
From:l(b)(6); (b)(?)(C)
Sent: Monday, August 19, 2019 9:20 AM
To:j(b)(6); (b)(7)(C)
Cc: I I
(b)(6); (b)(7)(C)
Kb)(6);
Kb)(6); Iprovided the attached draft last Friday (8/16). OPLA will now review. Not sure how long
you.
(b)(6); (b)(?)(C)
Associate Lega Advisor
2020-ICLl-00023 1076
(Desk) 202-732~
(iPhone) 202-787l(b)(6): I
l(b)(6): (b )(7)(C)

USC§§ 552(b)(S), (b)(7).
From;Kb)(6); (b)(7)(C) I
Sent: Monday, August 19, 2019 9:12 AM
To: b)(6); (b)(7)(C)
Cc:
(b)(6); (b)(7)(C)

I just wanted to follow up on the ERc{filillprocurement. Has there been any resolution? Thanks in
advance.
Best,
l(b)(6): (b)(7)(C)
Mobile: 202-8701(b)(6):I
From jrh\fR\· f h \f7 \rr., I

~~J b)(6); (b)(7)(C) f>
k....:b:..:
)<.:..::
6)=: =<b=)<:::::
7)=<c= )= ===============================================:::::;-- ___.
Best,
kb)(6): (b)(7)(C) I
Mobile: 202-870i(b)(6); I
From:l(b)(6): (b)(7)(C)
2020-ICLl-00023 1077
To: kb)(6): (b)(7)(C)
Cc:l(b)(6); (b)(7)(C)
kb )(6): ( b )(7)(C)
Hil(b)(6): I Many apologies - I should have sent an update yesterday.

determination. I contacted the procurement folks and explained the situation, so they are aware. I'm
(b)(5)
From: !{b)(6): (b)(7)(C)

Date : Friday, Jul 26, 2019, 7:54 AM
To: b)(6); (b)(7)(C)
Cc:
(b)(6); (b)(7)(C)
Good Morningl(b)(6);
I just wanted to check on the status of the w hite paper. I know we agreed to a deadline of today to
confirmation that the program operates w it hin ERO's authorities and I can take it to the ICE Privacy
Best,
kb )(6 ) : ( b )(7 )(C )I
Mobile: 202-87 (b)(6);

/ L \ / ~ \ / r,.
From:l(b)(6 ): ( b )(7 )(C )

Se nt: Tuesday, July 23, 2019 4 :17 PM
~~J b)(6); (b)(7)(C) ~;
.---=====================================;.----___.
Kb)(6); (b)(7)(C)
b)(6);
/ L-..\ / "7\ / 1"'\
I've read t hrough each of the five (5) SMOUTs, the Directive, and the Instruction.
2020-ICLl-00023 1078
I am better understanding the documents, the requirements, and appreciate the guidance!
Thank you!
Kb)(6); I
Fromf b)(6); (b)(7)(C)
To b)(6); (b)(?)(C)
Cc:
(b)(6); (b)(7)(C)
Than ksl(b)(6);
have been monitoring social media !rh)f7 )fF) I
foV7)(E) [They are governed by the Criminal
and Administrative Immigration Law Enforcement SMOUT as well.
Best,
kb)(6):
Mobile: 202-870~(b)(6): I
From:Kb)(6);
ToKb)(6); (b)(?)(C)
Cc~ I
b)(6); (b)(7)(C)
Subject: ICE SMOUTs
HelloKb)(6);
social media.
framing a document explaining ERO's intended use of SILO to surveille publicly-available
social media sites.
2020-ICLl-00023 1079
b)(5)
I believe ~ )(7)( ~as audit functions, based on the attached Authentic8 overview document you
identifying info (PII) and/or sensitive PII from social media usin~ and if so, where the
downloads will be maintained, and how they will be secured. See ICE responses to Q 5(e)-(g)
on pp. 7-8.
l(b)(6);
(Desk) 202-732~(b)(6): I
(iPhone) 202-787~
Kb)(6); (b)(7)(C)

USC§§ 552(b)(S), (b)(7).
2020-ICLl-00023 1081
U.S. Immigration and
Customs Enforcement
ACTIONABlE INTELUGENCE
'-
U.S. Immigration and Law Enforcement Justification
Customs Enforcement
• Open source information is any type of lawfully and ethically obtainable

information that describes persons, locations, groups, events or trendsNo legal
process or clandestine collection techniques are required to obtain the dataOS
information about individuals must meet the criminal predicate requirement
to be retained in bureau files - Cannot collect information on US Persons
unless there is a needWhen raw open source information is evaluated,
integrated and analyzed, it provides new insight about intelligence targets and
trends to become open source intelligenc
Social media collection is permitted, prov
•~~~7.:::::::
~~~•..._.l!l..
Definitions and P.rocess, ChaRte ri s
1:
collectionlnformation is publicly availableCollection is not person-to-person It is

in line with mission authorities
U NC LASS I Fl ED//FOUO
Customs Enforcement
Open Source Fundamentals
Open Source Information Open Source Intelligence

• Publicly available • Becomes intelligence when
information that can be information is: (1) collected,
obtained lawfully by anyone exploited, and disseminated
via request, registration, or in a timely manner (2)
observation disseminated to an
appropriate officia I
audience (3) addresses a
specific intelligence
requirement.
ICE Rules of Behavior
(ROB) for Non-Law
Enforcement
Activities
ICE ROB for Online Non-Law Enforcement
Customs Enforcement Activities
• Established in a Memorandum from John

Morton to ICE Personnel, Use of Public Online
Information for Non-Law Enforcement Work-
Related Activities (May 17,
U.S. Immigration and ICE ROB for Non-LE Activities
Customs Enforcement
• Public interactionYou may access

publicly available information only by
reviewing posted information without
interacting (e.g., "friending," "fanning,"
"liking") with any individual who posted
the information. Privacy settingsYou
must respect individual privacy settings
and access only information that is
publicly available unless the individual
whose information you seek to access
has given you consent to access it.
Customs Enforcement
Goals of Open Source
• Varies dependent on the capacity in which

you are searching LTM leads: generally
(b) (?)(E)
searching for a new viable address
reports: will be given direction. Sometimes
the requester wants the report to focus on the
location of the target, associates, or want to
know everything possible
Customs Enforcement
Customs Enforcement
Customs Enforcement
From: i(b)(6): (b)(7)(C)
Se nt: 11 Jul 2019 17:48:09 +0000
To: k"--b-"-'
)(_6)";'-("b-'-'-
'-)(--'
7)-'-
(C--'-)_ _ _ _ __,
Subject: Policies
Attachme nts: ASl Signed Memo- First Amendment Protected Activities.pdf, lnstruction_ll0-
01-00l_Privacy_Policy_for_Operationa I_Use_of_Social_Media (Signed).pdf, Directive_l 10-
0l_Privacy_Policy_for_Operational_Use_of_Social_Med ia.pdf, ICE Policy on
use_of_public_non_public_online_information.pdf
Hello again.
As discussed, attached are the referenced documents regarding guidance for on-line behavior.
Prior to issuance of a kb)(7)(E) L each Field Intelligence Officer (FIO) will be provided these documents
and reminded of appropriate use and limitations for their actions in the system.
If you see that something is missing, please let me know. We are open to implementing necessary steps
to work within the guidelines to provide this valuable tool to our FIOs.
Thank you for the interact ion!

l(b)(6); I
Combined Intelligence Unit (CIU)
Special Operations Division (SOD)
Immigration & Customs Enforcement
Headquarters, Office of Intelligence
500 12th Street SW, Washington, DC 20536
Office: (202) 732-lli@]
Cell: (970) 403-l(b)(6); I
release
Warning:under [ the
T~h1s Freedom
d~o~c~
um of§
~ e~n~ ~ Information
~~~ E~Act
D ~
//F~OfR~O
~F~F5IC
~ l~A~ S·s~
L ~U~ Eto beLY
O~N~ ~controlled,
(U~//~F~
O~ Ostored,
U~ ~nhandled,
)~- ~lt~co ~transmitted,
~taiin~si intfo m~at]io~n~th~a~tdistributed,
r~ ~ eand
mayi b~e~e~x~ mpt disposed of
from public
in accordance with DHS policy relating to FOUO information and is no the ublic or other personnel who do not have a
valid "need-to-know" without prior approval of an authorized DHS official. No portion of this rep ished to the media, either in
written or verbal form.
2020-ICLl-00023 1115
Policy Number: 10082.1 Office ofthe Director
FEA Number: 360- l 12-002b
U.S. Department or Homeland Security
500 12'h Street, SW
Washington, DC 20536
U.S. Immigration
and Customs
JUN 2·8 2012 Enforcement
MEMORANDUM FOR:
FROM:
Directo
SUBJECT: Use of Public and Non-Publ ic Online Information
Purpose
This memorandum provides U.S. Immigration and Customs Enforcement (ICE) law enforcement
personnel guidance on the acceptable use of online infom1ation within the scope of their law
enforcement duties.
Background
On December 8, 2010, Secretary Napolitano approved a decision memorandum titled, "Use of

Public and Non-Public Online Information for Law Enforcement, Situational Awareness, and
lnte!Jigence Purposes," ("The Online Information Memorandum") that adopted a
recommendation whereby the Department of Homeland Security (DHS), except members of the
Intelligence Community governed by Executive Order 12333, would "follow the Department of
Justice (DOJ) 1999 guide lines for online investigative and situational awareness activities." The
Online Information Memorandum also suggested that DHS Components develop supplementary
guidance, as necessary, for their mission-specific purposes consistent with DHS policy.
Discussion
(b)(5)
1
Law enforcement personne l are ICE employees who conduct and support criminal, civil, and administrative law
enforcement investigations and operations. Examples include special agents and other law enforcement officers,
law enforcement investigative support personnel, intelligence research specialists, criminal research specialists, and
attorneys prosecuting criminal, civil or administrative matters.
2020-ICLl-00023 111 6
The principles that address the use of the Internet for undercover activities apply only to ICE
personnel with the authority to conduct undercover investigations.
Personnel who conduct civil and criminal law enforcement activities for Enforcement and
Removal Operations should also adhere to the above principles when using information gathered
online in support of their law enforcement activities. Such personnel should remain mindful that
the principles that address the use of the Internet for undercover activities apply only to those
vested with such authority.
Attorneys with the Office of the Principal Legal Advisor should also adhere to the above
principles, except those that are applicable to undercover activities, when using information
gathered online in support of their handling of criminal, civil, or administrative matters.
No Private Right of Action
Tb.is memorandwn is not intended to, does not, and may not be relied upon to create any right or
benefit, substantive or procedural, enforceable at law by any party in any administrative, civil, or
criminal matter.
2020-ICLl-00023 1119
From: ERO Taskings
Sent: Wednesday, November 07, 2012 3:01 PM
Subject: Amended Message: ICE directive, Use of Public and Non- Public Online Information
The following message is being sent by Gary Mead, Executive Associate Director,
Enforcement and Removal Operations
To: Field Office Directors and Deputy Field Office Directors
Subject: Amended Message: ICE directive, Use of Public and Non-Public Online
Information
On June 28, 2012, Director Morton issued Directive 10082.1, Use ofPublic and Non-Public Online
Information . The memorandum provides ICE law enforcement personnel guidance on the
acceptable use of online information within the scope of their law enforcement duties. On Thursday,
July 5, 2012 ICE distributed this Directive to all employees via an ICE Info Broadcast.
b)(7)(E) On
Tuesday, July 17, 2012, I provided a summary of this Directive, together with the directive itself and
associated operating procedures, to all ERO managers by distribution message dated July 17, 20 12
(attached below).
In part this Directive addresses public and private space on the Internet and specifies that law
enforcement personnel may passively observe and log real-time electronic communications open to
the public but may not access restricted online sources or facilities absent legal authority. Because
ERO Officers do not have undercover authority, they may not create fictitious online identities in
order to communicate with targets or other individuals, entities, or organizations. This prohibited
activity includes "friending," "fanning," or "liking" members of the public or organizations on the
Internet.
Please discuss this directive with all ofyour employees and send notification to the ERO Operation
Center mailbox a 4(b)(6); (b)(7)(C) Ito certifY completion ofthose discussions no
later than Wednesday, November 21, 2012.
Gary Mead
Executive Associate Director
2020-ICLl-00023 1120
From: l(b)(6): (b)(7)(C) I
Se nt: 19 Nov 2019 22:02:24 +0000
To: l(b)(6); (b)(7)(C) I
Cc: Kb)(6); (b)(7)(C)
l(b)(6): (b )(7)(C)
Subject: RE: ERO Use o* b)(7)(E I
Attachme nts: Amended Message ICE directive, Use of Public and Non- Public Online
Information (11.7.2012).pdf
l(b)(6);
To the extent that the ERO BM is an interpretation/application of an ICE directive (10082.1 ), I

believe b)(5)
kb)(5)
l(b)(5) IThank you.
kb)(6):
(Desk) 202-732j(b)(6):I
(iPhone) 202-787kb)(6): I
Kb)(6); (b)(7)(C)
--- ATTORNEY/CLIENT PRIVILEGE --- ATTORNEY WORK PRODUCT ---

USC§§ 552(b)(S), (b)(7).
From;Kb)(6); (b)(7)(C)
Se nt: Tuesday, November 19, 2019 4:57 PM
To:l(b)(6); (b)(7)(C)
Cc:1 I
(b)(6); (b)(7)(C)
Subject: RE: ERO Use o~ )(7)( I
2020-ICLl-00023 1121
10-4! Understood. Thank you! So what authorities would need to be granted in order to allow this type
of activity? Does the memorandum need to be updated?
From: l(b)(6): (b)(7)(C)

To:Kb)(6); (b)(7)(C)
Cc: I I
b)(6); (b)(7)(C)
Subject: RE: ERO Kb)(7)(E) I

b)(6);
h \ /7\ / ("\
(b)(5)
Thank you.
Kb)(6);
(Desk) 202-732J(b)(6); I
(iPhone) 202-787~
* b )(6); (b )(7)(C)

USC§§ 552(b)(S), (b)(7).
From: !<b)(6): (b)(7)(C)

Sent: Tuesday, November 19, 2019 4:49 PM
2020-ICLl-00023 1122
To:l(b)(6); (b)(7)(C) I
Cc: I
b)(6); (b)(7)(C)
Subject: RE: EROl(b)(7)(E) I
Thank you for the attachment. I'll read it through carefully.
(b)(5)
From: !rh)fn) · f h)f7)f(;)

To:l(b)(6); (b)(7)(C)
Cc:
(b)(6); (b)(7)(C)
Subject: RE: EROl(b)(7)(E) I
(b)(5)
kb )(6); (b )(7)(C)I
Enforcement and Remova l Operations Law Division
2020-ICLl-00023 1123
(Desk) 202-732 (b)(6):
(iPhone) 202-787 b)(6);
l(b )(6); (b )(7)(C)
--- ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT---

USC§§ 552(b)(S), (b)(7).
From:Kb)(6); (b)(7)(C)
To:l(b)(6); (b)(7)(C) I
b)(6); (b)(7)(C)
Cct;b)(6); (b)(7)(C) I
Subject: RE: ERO kb)(7 )(E )
Good afternoon . Trust this finds you all doing well! Hard to believe it's already November!
I was redirected to another project for a few weeks but am back and hoping to re-engage the topic of
unattributable browser licenses for ERO. To re-cap, I believe this is where we stand:
b)(5)
2020-ICLl-00023 1124
b)(5)
Thank you for continuing this conversation!
From:kb)(6); (b)(7)(C)
Se nt: Friday, October 18, 2019 8:45 AM
To: kb)(6): (b)(7)(C)
rb)(6); (b)(7)(C)
Cq(b)(6) ; (b )(7)(C)
Subject: RE: ERO !th \(7 \r~ \
Hil(b)(6);
Thanks very much for putting this together.
One point building upor{b)(6); Iclarification below: your discussion points indicate there are
b)(7)(C); (b)(5); (b)(6)
It was nice to meet everyone in-person and I look forward to working with you all on t his.
Best,
kb)(6):I
I
l(b)(6); (b)(7)(C)
Homeland Security Investigations Law Division
202-732 b)(6); office)
202-839 ~ )(7)( cell)
From: l(b)(6): (b)(7)(C)

Se nt: Thursday, October 17, 2019 5:03 PM
To: kb)(6): (b)(7)(C)
l(b)(6); (b)(7)(C)
2020-ICLl-00023 1125
fb)(6); (b)(7)(C)
Cc:l(b)(6) ; (b)(7)(C)
l(b)(6) : (b )(7)(C)
Subject: RE: ERq(b)(7)(E)
I
Thank you l~~~~~t~, Your summary of today's meeting is very helpful.
There are just 2 points I would like to elaborate on.
b)(5)
Thank you everyone for a very successful meeting today!
l(b)(6); (b)(7)(C) I
(Desk) 202-732~
(iPhone) 202-787 (b)(6);
(b)(6); (b)(7)(C)
2020-ICLl-00023 1126
privileged information or attorney work product and/or law enforcement sensitive information . It is not
USC§§ 552(b)(S), (b)(7).
From : l(b)(6); (b)(?)(C)

Sent: Thursday, October 17, 2019 3:43 PM
To: Kb)(6); (b)(7)(C) I
(b)(6); (b)(7)(C)
Subject: EROl(b)(7)(E) I
Good afternoon everyone,
Thank you very much for meeting with us to discuss ERO'skb)(7)(E) I Privacy is
prepared to approve the acquisition of this tool, but I would like to ensure we're on the same page
regarding next steps before ERO begins operational use. Below, please find a summary of today's major
points and next steps. If I've stated anything incorrectly, don't hesitate to correct me.
M a jor Discussion Points
(b)(5)
Next Steps
b)(5)
2020-ICLl-00023 1127
I'm happy to revise these bullets as necessary. Thanks again!
I~Privacy
~!~~\__OfficerI
Office of Information Governance and Privacy
Desk: 202-732 ~~!~~\
Mobile: 202-701- (b)(6);
Main: 202-732 (b)(6);
2020-ICLl-00023 1128
From: ERO Taskings
Information
J(b)(7)(E) I
On
(attached below).
Internet.
Center mailbox atkb)(6); (b)(7)(C); (b)(7)(E) Ito certifY completion ofthose discussions no
Gary Mead
2020-ICLl-00023 1129
From: l(b)(6); (b)(7)(C)
Se nt: 20 Nov 2019 13:54:08 +0000
To: rb)(6); (b)(?)(C)
Cc:
b)(6): (b)(7)(C)
Subject: RE: ER (b)(?)(E)
Thanks so much for your helpf h)fR)· !As for Privacy, we are going to be updating our policies and
SMOUTs regarding the use of fictitious accounts for passive on line surveillance, and when that is
complete updating our generic Privacy training on PALMS. We would like to review the ROBs and SOPs
for ERO to ensure they are in line with the SMOUTs/policies.
rb)(5); (b)(7)(E)
Best,
l(b)(6); __
Mobile: 202-870i (b)(6): I

From: !rb)(6): ( b)(7)(C)
To:l(b)(6); (b)(7)(C)
Cc:i I
b)(6); (b)(7)(C)
,ubJect: RE: ERO l(b)(7)(E) I

b)(6);
L...\ /'7\ /r,.\
To the extent that the ERO BM is an interpretation/application of an ICE directive (10082.1 ), I

believe Kb)(7)(E) I
Kb)(7)(E)
l<b)(7)(E) I Thank you.
kb)(6);
(Desk) 202-73Li(b)(6); I
2020-ICLl-00023 1130
(iPhone) 202-787Kb)(6); I
l(b )(6); (b )(7)(C) I
USC§§ 552(b)(S), (b)(7).
From:kb)(6) ; (b )(7)(C)
To:l(b)(6); (b)(7)(C)
Cc: _
rb)(6); (b)(7)(C)
Subject: RE: ERO l(b)(7)(E)
10-4! Understood. Thank you! So what authorities would need to be granted in order to allow this type
of activity? Does the memorandum need to be updated?
From: !( b)(6) : ( b)(7)(C)

To~(b)(6); (b)(7)(C)
Cc:1
r (6); (b)(7)(C)
Subject: RE: ERO~b)(7)(E)
~b)(6); - · I
b)(5)
1nanK you.
2020-ICLl-00023 1131
(b)(6); (b)(7)(C
(Desk) 202-732l(b)(6); _I
(iPhone) 202-78/!f1-,v i=;,-
~b)(6); (b)(7)(C)

USC§§ 552(b)(S), (b)(7).
From¥b)(6); (b)(7)(C)
To:Kb)(6); (b)(7)(C) I
Cc:l(b)(6); (b)(7)(C) I
(b)(6); (b)(7)(C)
Subject: RE: ERO~b)(7)(E) I

Thank you for the attachment. I'll read it through carefully.
b)(5)
2020-ICLl-00023 1132
From:kb)(6): (b)(7)(C)
To:l(b)(6); (b)(7)(C)
Cc: I I
b)(6); (b)(7)(C)
Subject: RE: ERO l(b )(7)(E)
b)(5)
l(b)(6);
{Desk) 202-732~(b)(6); I
{iPhone) 202-787-Kfil@I
kb)(6): (b)(7)(C)

USC§§ 552{b){S), (b){7).
From: kb)(6): (b)(7)(C)

To:!<b)(6): (b)(7)(C)
r (6); (b)(7)(C)
c f b)(6); (b)(7)(C)
)(;;::::E"') ""-
SuoJect: RE: ER9(1i'Lb~)(r=;7~ ~ -----------------------__J
2020-ICLl-00023 1133
Good afternoon. Trust this finds you all doing well! Hard to believe it's already November!
unattributable browser licenses for ERO. To re-cao I believe this is where we stand:
b)(5)
From: { b)(6): (b)(7)(C)

Se nt: Friday, October 18, 2019 8:45 AM
To: Kb)(6); (b)(7)(C)
rb)(6); (b)(7)(C)
Cc: fo)(6): (b)(7)(C)

Subject: RE: ERO~b)(7)(E)
HiKb)(6);
One point building upon (b)(6); clarification below: your discussion points indicate there are
b)(5)
2020-ICLl-00023 1134
b)(5)
It was nice to meet everyone in-person and I look forward to working with you all on this.
Best,
l(b)(6); I
!( b )(6 ) : ( b )(7 )(C ) !

202-73 (b)(6); office)
202-83 (b)(?)(
,..., cell)
From: l(b)(6); (b)(7)(C)

To:l(b)(6); (b)(7)(C)
(b)(6); (b)(7)(C)
Cc:l(b)(6); (b)(7)(C) I
b)(6); (b)(7)(C) I
Subject: RE: ERO Use of Silo
Thank youl(b)(6); IYour summary of today's meeting is very helpful.

(b)(5)
2020-ICLl-00023 1135
(b)(5)
l(b)(6); I
(Desk) 202-732-kh,r~,I
(iPhone) 202-787~(b)(6)I
l(b)(6); (b)(7)(C)

USC§§ 552(b)(S), {b)(7).
From:Kb)(6); (b)(7)(C)
To: kb)(6); (b)(7)(C)
l'b)(6); (b)(7)(C)
Subject: ERO l<b)(7)(E)
2020-IC Ll-00023 1136

Thank you very much for meeting w ith us to discuss ERO1(b)(7)(E) I Privacy is
(b)(5)
Next Steps
(b)(5)
Kb)(6); I
Privacy Officer
Desk: 202-732f b)(6):I
Mobile: 202-7011aillfil]
Main: 202-732Kb)(6); I
2020-ICLl-00023 1137
From: !fh )(R ) · ( h ) (7)(r.) I
Sent: 21 Nov 2019 13:39:02 +0000
To: r b)(6); (b)(?)(C)
Cc:
Kb)(6); (b)(?)(C)
Subject: RE: EROl(b)(7)(E)
Hil(b)(6);
Yes Privacy will take the lead on putting together new training. We're currently writing an agency-wide
PIA on ICE's use of social media, so the information that we learn during that process will help us create
training materials. I agree that ERO should draft any RoBs/SOPs, and Privacy, Policy, and OPLA can
review.
kb)(6); (b )(7)(C)I
Privacy Officer
Desk: 202-732 (b)(6);
Mobile: 202-7
From: l(b)(6); (b)(?)(C)

To: h V l'l) · f h ) f7V r')
Kb)(6); (b)(7)(C)
Cc~b)(6); (b)(7)(C) I
(b )(6) ; (b )(7)(C)
Subject: RE: EROl(b)(?)(E) I

One more thing - I am not clear who is responsible for developing the RoB, SOP, and the PALMS training
course. In my 10/17/19 email to the group after our last meeting, I shared a draft training that ICE
Privacy created back in 2013 and suggested that ICE Privacy review it to see whether it needs an update
(to reflect changes in technology since 2013). See attached.
I was thinking that ICE Privacy would draft the PALMs training and that the 2013 draft training PPP
would serve as a starting point. I defer to ICE Privacy but it seems like ICE Privacy would be more logica l
party for drafting the training since it is the SM Es on privacy; not ERO.
With respect to the RoB and SOP, it makes sense that ERO would draft it and ICE Privacy/ICE
Policy/OPLA would review for clearance. But perhaps ICE Privacy can provide a go-by as an example to
ERO? Thank you all!
l(b )(6);
2020-ICLl-00023 1138
(Desk) 202-732fb)(6): I
(iPhone) 202-787 b)(6);
(b)(6); (b)(?)(C)

USC§§ 552(b)(S), (b)(7).
From:kb)(6): (b)(7)(C)
To:l(b)(6); (b)(7)(C)
Cc:I I
(b)(6); (b)(7)(C)
Subject: RE: EROKb)(?)(E) I

b)(5)
l(b)(6); (b)(7)(C) I
(Desk) 202-732
(iPhone) 202-7,.i--,-(b-)(-6)....,
:
~b)(6); (b)(7)(C)

2020-ICLl-00023 1139
USC§§ 552(b)(S), (b)(7).
From:l(b)(6); (b)(7)(C)
r(6);
To:!rb)(6): (b)(7)(C)
(b)(7)(C)
Cc: (b)(6); (b)(7)(C)

Subject: RE: ERO (b)(7)(E)
b)(5)
2020-ICLl-00023 1140
From:l(b)(6); (b)(7)(C)
Sent: Friday, October 18, 2019 8:45 AM
To:kb)(6): (b)(7)(C)
b)(6); (b)(7)(C)
Cc: Kb )(6); (b)(7)(C)

Subject: RE: ERO~b)(7)(E) I
Hil(b)(6);
One point building uponl(b)(6): !clarification below: your discussion points indicate there are
b)(5)
It was nice to meet everyone in-person and I look forward to working with you all on this.
Best,
b)(6);
/ 1...\ /"'7\ /r"\
l(b)(6); (b)(7)(C) I
202-732 (b)(6) (office)
202-839 (._ " -" (cell)
From:l(b)(6): (b)(7)(C)
rSent: Thursday, October 17, 2019 5:03 PM

To: kb)(6); (b)(7)(C)
)(6); (b)(7)(C)
c d b)(6) ; (b)(7)(C)
l(b)(6) ; (b)(7)(C)
Subject: RE: EROKb)(7)(E)
Thank youl(~)(6\ __ !Your summary of today's meeting is very helpful.
2020-ICLl-00023 1141
b)(S)
kb)(6): (b)(?)(Cj
(Desk)202-732kbK6t I
(iPhone) 202-787j(b)(6);1
r b)(6); (b)(7)(C)

2020-ICLl-00023 1142
USC§§ 552(b)(S), (b)(7).
From: l(b)(6): (b)(7)(C)

Tof b)(6): (b)(7)(C)
rb)(6); (b)(7)(C)
Subject: ERO l(b)(?)(E)
Thank you very much for meeting with us to discuss ERO'i(b)(?)(E) I Privacy is
Major Discussion Points
b)(5)
Next Steps
(b)(5)
l(b)(6); (b)(?)(C)I
Privacy Officer
2020-ICLl-00023 1143
I
Desk: 202-732~(b)(6);
Mobile: 202-701{b)(6):!
I
Main: 202-732f b)(6);
2020-ICLl-00023 1144
From: !<b)(6):
Se nt: 19 Nov 2019 21:28:38 +0000
To: fb)(6): (b)(7)(C) I
Cc: l(b)(6); (b)(7)(C)
kb)(6): (b)(7)(C)
Subject: RE: ERO!rh)f7VF)
Attachme nts: Amended Message ICE directive, Use of Public and Non- Public Online
Information (11.7.2012).pdf
(b)(5)
f b)(6):
(Desk) 202-732-l(b)(6)1
(iPhone) 202-787~
Kb)(6); (b)(7)(C)

Any disclosure of this communication or its at tachments must be approved by the Office of the Principal
USC§§ 552{b)(S), (b)(7).
From: !<b)(6): (b )(7)(C)

Tof b)(6): (b)(7)(C)
(b)(6); (b)(7)(C)
Cc: l(b)(6); (b)(7)(C) I

Subject: RE: ERq_b)(7)(E) I
2020-ICLl-00023 1145
I was redirected to another project for a few weeks but am back and hoping to re-engage the t opic of
b)(5)
From:kb)(6); (b)(7)(C)
Sent: Friday, October 18, 2019 8:45 AM
To: kb)(6); (b)(7)(C)
[ b)(6); (b)(7)(C)
Ccfb )(6); (b )(7)(C)

Subject: RE: EROl(b)(7)(E)
Hil(b)(6); I
One point building uponkh\fR\· k larification below: your discussion points indicate t here are
2020-ICLl-00023 1146
It was nice to meet everyone in-person and I look forward to working with you all on t his.
Best,
Kb)(6); I
kb)(6): (b)(7)(C)
Office of t he Principal Legal Advisor
202-73 b)(6); office)
202-83 b)(7)( cell)
'
From:l(b)(6): (b)(?)(C)
To:!fh)(R) · fh)f7)fr.)
rb)(6); (b)(7)(C)
Cc: l(b)(6); (b)(7)(C) I

l(b
L:.;.;..;..
)(:...;:;.
6.a.:,.
): ..:.;.;
(b"'-' )(..;_
7)'-'-
(C-=--=)- - - - ; : : = = = = , - - - - - - - - - - - - - - - - 'p
Subject: RE: ERO ,(b)(7)(E)
Thank you ~b)(6); __!Your summary of today's meeting is very helpful.

b)(5)
2020-ICLl-00023 1147
b)(5)
Kb )(6); (b)(7)(C) I
(Desk) 202-732 (b 6
L..r.,~c:--,
(iPhone) 202-787 (b)(6);
l(b)(6); (b)(7)(C)

USC§§ 552(b)(S), (b)(7).
Fromf b)(6); (b)(7)(C)

To¥b)(6); (b)(7)(C) I
(b)(6); (b)(7)(C)
Subject: ERO Kb )(7)(E)
Thank you very much for meeting with us to discuss ERO'5Kb)(7)(E) !Privacy is
2020-ICLl-00023 1148
(b)(5)
Next Steps
- (b)(5)
I'm happy to revise t hese bullets as necessary. Thanks again!
l(b)(6): (b)(7)(C)I
Privacy Officer
Desk: 202-732 b)(6);
Mobile: 202-701 b)(6)
Main: 202-73 b)(6);
/ 1,..\ / 7 \ /,-..
2020-ICLl-00023 1149
From: ERO Taskings
Information
l(b)(7)(E) I On
(attached below).
Internet.
Center mailbox atK b)(7)(E) Ito certifY completion ofthose discussions no
Gary Mead
2020-ICLl-00023 1150
From : kh) (n) · ( h )(7 )(r.)
Sent: 26 Jul 2019 12:31:49 +0000

To: kb)f6)· (h)f7)(C)
Cc: l<b)(6); (b)(7)(C)
Hil(b)(6); I Many apologies - I should have sent an update yesterday.

suggestions before considering it final and indicated a two week lead time would be needed for
an OPLA determination. I contacted the procurement folks and explained the situation, so they
are aware. I'm sorry I failed to follow-up with Privacy, too.
From: kb )(6) ; (b)(7)(C)

Tol(b)(6); (b)(7)(C)
4(b) (6): ( b )(7)(C)
Cc:kb )(6) ; (b )(7)(C)
tb)(6); (b)(7)(C)
Good Morningl(b)(6);
I just wanted to check on the status of the white paper. I know we agreed to a deadline of
today to have Privacy Office's approval for your procurement. To do that I'll need the white
paper and OPLA's confirmation that the program operates within ERO's authorities and I can
take it to the ICE Privacy Officer for a final determination. If there is anything I can help with,
please just let me know.
Best,
l(b)(6); (b)(7)(C) I
Mobile: 202-870~fb)(6): I
From:l(b)(6); (b)(7)(C) I
Sent: Tuesday, July 23, 2019 4:17 PM
To (b)(6); (b)(7)(C)
Cc:
b)(6); (b)(7)(C)
2020-ICLl-00023 1151
j(b)(6); (b)(7)(C)
(b)(6);
(h )(7 )(r,)
I've read through each of the five (5) SMOUTs, the Directive, and the Instruction.
I am better understanding the documents, the requirements, and appreciate the guidance!
Thank you!
~~ ~~6~;_- . I
From: Kb)(6); (b)(7)(C)
To: kb)(6): (b)(7)(C)
Vb) (6) : (b)(7)(C)
Cc:!rh) fR ) · ( h ) (7 )(r,)
l(b)(6); (b)(7)(C)
Thanks Kb)(6);
An HSI Open Source Team has cleared us to share their white paper for t heir use of social
media. They have been monitoring social media l<b)(7)(E) I
~ )(7)(E) !They don't create alias accounts but have discussed doing so in the near f uture.
hey are governed by t he Criminal and Administrat ive Immigrat ion Law Enforcement SMOUT as
well.
Best,
Kb)(6); (b)(7)(cj
Mobile: 202-870~(b)(6) 1
From:!{b)(6):
To:kb)(6): ( b )(7)(C)
Cc: l(b)(6); (b)(7)(C)
r b)(6); (b)(7)(C)
Subject: ICE SMOUTs
Hello Kb)(6);
As discussed, attached please find an email which includes all the ICE Social Media
Operational Use Templates (SMOUTs), as well as DHS Directive and Instructions on
operational use of social media.
2020-ICLl-00023 1152
The SMOUTs were used by DHS Privacy to find out the operational purposes for which
ICE needs to access social media, and to determine whether those uses are authorized
under DHS policies. Most relevant to ERO 's operational use of social media is the
'Criminal and Admin Immigration LE' SMOUT. I've identified below portions of this
SMOUT that may help CIU in framing a document explaining ERO's intended use of
SILO to surveille publicly-available social media sites.
(b)(5)
2020-ICLl-00023 1153
(b)(5)
I believeKb)(7)( lhas audit functions, based on the attached Authentic8 overview document
you kindly provided this morning.
I
identifying info (PII) and/or sensitive PII from social media using(b)(7)( and if so, where
the downloads will be maintained, and how they will be secured. See ICE responses to Q
5(e)- (g) on pp. 7-8.
Kb)(6);
(Desk) 202-732!(b)(6):!
(iPhone) 202-7871lliRfil]
l(b)(6); (b)(7)(C)

This communication and any attachments may contain confidential and/or sensitive
attorney/client privileged information or attorney work product and/or law enforcement
sensitive information. It is not for release, review, retransmission, dissemination, or use by
anyone other than the intended recipient. Please notify the sender if this email has been
misdirected and immediately destroy all originals and copies. Furthermore do not print, copy,
re-transmit, disseminate, or otherwise use this information. Any disclosure of this
communication or its attachments must be approved by the Office of the Principal Legal
Advisor, U.S. Immigration and Customs Enforcement. This document is for INTERNAL
2020-ICLl-00023 1154
GOVERNMENT USE ONLY and may be exempt from disclosure under the Freedom of
Information Act, S USC§§ 552(b)(S), (b)(7).
2020-ICLl-00023 1155
From: kb)(6); (b)(7)(C)
Sent: 1 Oct 2019 14:02:38 +0000
To: !(b)(6): (b)(7)(C) !
Subject:
Attachments:
RE: Rules of Behavior
NSU Open Source Rules of Behavior • 10.01.19).docx
Find enclosed. This all looks good, let me know if you have any questions. If you could ship me the final
product for a final review and our files I would be greatly appreciative. Thanks!
Best,
kb)(6):
Mobile: 202-870Kb)(6); I
From:Kb)(6); (b)(7)(C)
Sent: Friday, September 27, 2019 2:58 PM
To:l(b)(6); (b)(7)(C)
Subject: Rules of Behavior
Kb)(6);
I forgot to forward you the current NSU RoB. Please see attached.
Thank you,
kb)(6); (b)(7)(C)
Management & Program Analyst
ICE - Homeland Security Investigation
National Security Investigation Division - National Security Unit
(703) 235{b)(6)lphone
(703) 864-l__Jwork cell
WARNING: The information disclosed may be subject to specific nondisclosure provisions and other limitations on
use under existing law and policy, including but not limited to sections 222(f) (Department of State visa records) and
244(c)(6) (temporary protected status) of the Immigration and Nationality Act; 8 U.S.C. § 1367 (Violence Against
Women Act claims and T and U non-immigrant claims); and 8 C.F.R. § 208.6 (asylum information; protections
afforded to refugee data as a matter ofDHS policy). You must receive pennission from ICE before (I) sharing this
infotmation outside of your organization or (2) sharing this infonnation with individuals within your organization
who will use it for a purpose other than your original approved purpose (e.g., law enforcement identification)
2020-ICLl-00023 1156
(b)(5) ,, (b)(5)
--
''
'''
'''
:'' ....., -----------'
''' '''
' '
'' ''
''' '''
'' ''
''' '''
'' ''
''' '''
' '
'' ''
'' ''
.I
Signature and date
2020-ICLl-00023 1157
Supervisor' s signature and date
2020-ICLl-00023 1158
From: kb)(6); (b)(7)(C)
Se nt: 23 Sep 2019 13:10:43 +0000
To: (b)(6); (b)(7)(C)
Cc:
Subje ct:
Attachments:
RE: Rules of Behavior/User Agreement
ICE RoB 2013.pdf, NSU Open Source Rules of Behavior • 9.23.19).docx
Good Mornin, b)(6); - · I

I think your ROB has a good foundation, I've made some suggested edits. The point of a ROB is to hold
an analyst responsible for misuse of the technology/program. This is what would allow you to revoke
access or point to when an employee says that they weren't aware of prohibited actions. So there
should be a lot of language as to whom the ROB applies to, what program it is, and the consequences
for misuse. I can't send you over CTCEU's ROB, but I did attach the ICE OCIO ROB for the DHS network so
you can leverage some of their language.
Once you've got this close to where you want it, please send it back to me so I can do a final review.
Feel free to send over your SOP and Training as well.
Best,
Kb)(6);_- ·
Mobile: 202-870tb)(6); I
From;kb)(6): ( b )(7)(C)
Se nt: Friday, September 20, 2019 9:45 AM
To: b)(6); (b)(7)(C)
Cc:
--~~~~~~~~~~~-------'
Subject: RE: Rules o Behavior User Agreement
kb)(6):
As soon as we get everyone to read and sign off on these can we have the start on OS for our reports?
Thanks,
J(b )(6); (b )(7)(C)

(703)287fb)(6)1phone
(703) 864 ; work cell
use under existing law and policy, including but not limited to sections 222(f) (Department of State visa records)
and 244(c)(6) (temporary protected status) of t he Immigration and Nationality Act; 8 U.S.C. § 1367 (Violence
Against Women Act claims and T and U non-immigrant claims); and 8 C.F.R. § 208.6 (asylum information;
protections afforded to refugee data as a matter of DHS policy). You must receive permission from ICE before (1)
sharing this information outside of your organization or (2) sharing this information with individuals within your
2020-ICLl-00023 1159
organization who will use it for a purpose other than your original approved purpose (e.g., law enforcement
identification)
From:Kb)(6); (b)(7)(C)
Sent: Thursday, September 19, 2019 4:27 PM
To:l(b)(6); (b)(7)(C)
Cc:
~--------------------~
Subject: RE: Rules of Behavior/User Agreement
HiKb)(6); I
Sorry for the delay, I got slammed with an unexpected amount of work yesterday and I'm digging out.
Hopefully I can get you something Tomorrow or Monday.
Best,
!(b)(6):
Mobile: 202-870kh1fn1· I
From:Kb)(6) ; (b )(7)(C)
Se nt: Wednesday, September 18, 2019 9:57 AM
To:l(b)(6); (b)(7)(C)
Cc:
~--------------------'
Subject: FW: Rules of Behavior/User Agreement
l(b)(6);
Please see the attached rules of behavior for NSU. Any help would be much appreciated.
Thanks,
l(b)(6 ); (b)(7)(C)
(703) 287 (b)(6) phone
(703) 864 (._, work cell
17
,
use under existing law and policy, including but not limited to sections 222(f) (Department of State visa records)
and 244(c)(6) (temporary protected status) of the Immigration and Nationality Act; 8 U.S.C. § 1367 (Violence
Against Women Act claims and T and U non-immigrant claims); and 8 C.F.R. § 208.6 (asylum information;
protections afforded to refugee data as a matter of OHS policy). You must receive permission from ICE before (1)
sharing this information outside of your organization or (2) sharing this information with individuals within your
organization who will use it for a purpose other than your original approved purpose (e.g., law enforcement
identification)
From:l(b)(6); (b)(7)(C)
Se nt: Tuesday, September 17, 2019 11:59 AM
2020-ICLl-00023 1160
To:l(b)(6); (b)(7)(C)
(b)(6); (b)(7)(C)
Cc:l(b)(6); (b)(7)(C) I
l(b)(6); (b)(7)(C) I
:SUbJect: Kules ot tsehav1or/User Agreement
Good afternoon,
Attached are the draft Open Source Rules of Behavior and User Agreement. Let me know if you have any
edits, thoughts, and/or suggestions.
Each person that conducts open source will need to read the Rules of Behavior and sign the User
Agreement.
Thanks,
fb)(6); (b)(7)(C)
Management and Program Analyst

National Security Unit
ICE I HSI I NSID
Desk: (703) 287{b)(6 ) : I

Cell: (202) 590~
Email: kb)(6): (b)(7)(C)
2020-ICLl-00023 1161
From: kb)(6): (b)(7)(C)
[:~?
Sent: 10 Sep 2019 15:16:22 +0000
To:
Cc:
(b)(7)(C)
b)(6); (b)(7)(C)
I
RE: 1(b) (7) ___
M__a___s-ke_d_A_c_c_o _
u n_t_s_R_u_
le_s _o _
fB_e_h_a_v-io-r _ _ _ _ _ _ _____.
Subject: ,,...,
Attachments: Facebook Masked Accounts SOP DRAFT.docx
kb)(6); I
I wanted to shoot this over to you as well. It's a draft of what the beginning and Facebook section of the
SOP could potentially look like. If you wouldn't mind looking this over when you a get a chance and
letting me know if we're on the right track, I' d really appreciate it .
Thank again,
Intelligence Research Specialist

(b) (7)(E)
ICE - Homeland Security Investigations
Office: 703-235~
Cell: 703-258-llli.Tifil]
Email :kbV6)· ' b)fJVC ' -
From:!(b)(6); (b)(7)(C)
Sent: Tuesday, September 10, 2019 9:53 AM
To:l(b)(6); (b)(7)(C)
Cc: .
r )(6); (b)(7)(C)
Subject: CTCEU Masked Accounts Rules of Behavior
Hikb)(6);!
Per our conversation, I've attached the first d raft o f (b) (7) Masked Accounts ROB. Please provide any
feedback/edits you see necessary. I will start puttingt ogether a draft SOP in the meantime.
Thanks!
f b)(6):
Intelligence Research Specialist
(b} (7)(E)
ICE - Homeland Security Investigations
Office: 703-235J(b)(6)!
Cell: 703-258~
Email : kb)(6); ( b)(?)(C)
2020-ICLl-00023 1168
From: l(b)(6); (b)(7)(C)
Se nt: 18 Jul 2019 13:33:43 +0000
To: l(b)(6); (b)(?)(C) I
Subject: RE: ERO IP Masking Tool for Social Media Review
I have calls from 10-12, but I should be free around noon if that works for you.
Best,
l(b )(6);
From: l(b)(6); (b)(?)(C) I

Sent : Thursday, July 18, 2019 9:33 AM
To:fo)(6): (b)(7)(C)
Subject: FW: ERO IP Masking Tool for Social Media Review
Hi~b)(6); _
Can we chat about this email in about an hour. I'm still waiting for confirmation from NCATC on whether
they're doing anything close to active monitoring ... I just sent them a reminder.
From;Kb)(6); (b)(7)(C) I
Se nt: Wednesday, July 17, 2019 2:27 PM
~~rb)(6); (b)(7)(C)
Subject: ERO IP Masking Tool for Social Media Review
Good afternoonkb)(6); I
I see that you are out of the office today. When you are back in the office, please let us know when you
are available to speak t q(b)(6); land I (both with EROLD) about ERO's request to join the HSI
contract with i(b)(7)/My understanding is that l(b)(6): I
is the HSI Privacy POC and that you would be the
ERO Privacy POC for this contract. If that is not the case, please let us know ASAP.
Thank you!
kb)(6): (b)(7)(C)
Desk: (202) 732{b)(6!
Cell: (202) 578kb)(6 !
~b)(6); (b)(?)(C)

This communication and any attachments may contain confidential and/or sensitive attorney/client privileged information or
attorney work product and/or law enforcement sensitive information. It is not for release, review, retransmission, dissemination,
2020-ICLl-00023 1173
or use by anyone other than the intended recipient. Please notify the sender if this email has been misdirected and immediately
destroy all originals and copies. Furthermore do not print, copy, re-transmit, disseminate, or otherwise use this information. Any
disclosure of this communication or its attachments must be approved by the Office of the Principal Legal Advisor, U.S.
Immigration and Customs Enforcement. Th is document is for INTERNAL GOVERNMENT USE ONLY and may be exempt
from disclosure under the Freedom oflnformation Act, 5 USC§§ 552(b)(5), (b)(7).
2020-ICLl-00023 1174
From: l~(b_)(_6)_; - ~
Se nt: 5 Sep 2019 16:24:01 +0000
To: kb)(6): (b)(7)(C) I
Subject: RE: ERO social media white paper
Attachme nts: CIU White Paper - Unattributed Browser licenses 08022019 track changes -
8.29.19). 9 OS 2019.doc
Hi [~)(6);___
Some responses to your comments in the attached. l(b)(5) I

b)(5)
Kb)(6);
Acting Privacy Officer
Desk: 202-732 (b)(6);
Mobile: 202-701 b)(6)
Main: 202-732 (b)(6);
From: !<b)(6): (b)(7)(C)

Se nt: Thursday, August 29, 2019 7:50 AM
To: kb )(6 ): ( b )(7)(C)
Subject: ERO social media white paper
Good Morning kb)(6): I

Find enclosed the white paper with our major questions regarding ERO's social media use. Like we
discussed last week, l(b)(5)
(b)(5)
l(b)(6): (b)(7)(C)I
Privacy Analyst, J.D., CIPP/US/G
Desk: 202-732j(b)(6):I
Mobile: 202-870 (b)(6
Main: 202-732 (b)(6);
2020-ICLl-00023 1175
From: I
l(b)(6); (b)(?)(C)
Se nt: 17 Oct 2019 21:03:23 +0000
To: kb)(6): (b)(7)(C)
l(b )(6 ): (b )(7)(C )
Cc: Kb)(6); (b)(7)(C)
Subject: RE: EROl(b)(?)(E)
Attachme nts: RE: Socal Media Training
Thank you l(b)(6); IYour summary of today's meeting is very helpful.

b)(5)
l(b)(6): (b)(7)(C) I
(Desk) 202-73~(b)(6);_ I
2020-ICLl-00023 1183
(iPhone) 202-78~(b)(6): I
Kb)(6); (b)(7)(C)

USC§§ 552(b)(S), (b)(7).
From:kh)fn)· f h)(7)(r.)
To:l(b)(6): (b)(7)(C)
rb)(6); (b)(7)(C)
Subject: ERO Kb)(7)(E)
Thank you very much for meeting with us to discuss ERO'1(b)(7)(E) I Privacy is
(b)(5)
Next Steps
(b)(5)
2020-ICLl-00023 1184
b)(6); (b)(7)(C)
Privacy O icer
Desk: 202-732 ,~~~~~~
2020-ICLl-00023 1185
From: l(b )(6);
Sent: 5 Dec 2013 17:06:49 -0500
To: !(b)(6): (b)(7)(C) I
Cc: l<b)(6): !Davis, Mike Pkb)(6): (b)(7)(C) IOPLA Taskin~ b)(6);
l(b )(6); (b )(7)(C) I
Subject: RE: Socal Media Training
Attachments: Social Media Training - Final (PRO 10 31 2013)(OPLA Cmts Edits 12 OS 2013).ppt
Hello,
Earlier this week, ERO requested OPLA clearance of the attached draft social media training PPP, which
was created by ICE Privacy. OPLA has reviewed and cleared with minor comments/edits on slides, 21-
23, and 25-27. We request that ERO please include these comments/edits in its response to ICE Privacy.
Thank you!
!<b )(6 ) : ( b )(7 )(C )

Enforcement Law Section
Off ice o f the Principal Legal Advisor
U. S . Immigration & Customs Enforcement
U . S . Depar tment of Homeland Secur i ty
500 12th Street , S . W., Room l(b)(6); I
Washington D. C . 20024
~~---~
(Email) kh)(fi) · ( h )(7 )((;)
(Office) 202 - 732 ( h )(R ) ·
(Blackberr y) 202-787- b)(6):
Notice : Attorney Work Product/Privileged Communication
*** Warning *** Attorney/Client Privilege *** Attorney Work Product***

privileged information or attorney work product and/or law enforcement sensitive information. It is not for
release, review, retransmission, dissemination, or use by anyone other than the intended recipient.
copies. Furthermore do not print, copy, re-transmit, disseminate, or otherwise use this information. Any
disclosure of this communication or its attachments must be approved by the Office of the Principal Legal
Advisor, U.S. Immigration and Customs Enforcement. This document is for INTERNAL GOVERNMENT
USE ONLY and may be exempt from disclosure under the Freedom of Information Act, 5 USC §§
552(b)(5), (b)(7) .
From: !fb)(6): (b)(7)(C)

Sent: Tuesday, December 03, 2013 9:06 AM
To: !rh)fR)· I
Subject: FW: Socal Media Training
l(b)(6):
Did OPLA have any issues with this training power point? I checked with ERO and we are fine with it, but
wanted to check with you to see if OPLA was ok before I send forward as the staff of the OD was asking
me about this.
Thank you
Kb)(6); I
2020-IC Ll-00023 1186

b)(6);
C ie o Sta
202.734 h)(R) !
kb)(6); (b)(7)(C)
From¥ b)(6 ); (b)(7)(C) I

To: !rh)fn)· fh)f7)rr., Barrera, Staci A; Ramlogan, Riah; k~b~)-<6~)~
: (=b~)<~7~)<_C~) _ _ _ _ _ _ _ _ _ _ _ ___,
l(b)(6) : ( b )(7)(C)I
Cc: !fh\/R) · f h \ 17\rr , I
Subject: Socal Media Training
Attached is the required training on using social media at ICE, which will deploy on the VU sometime in
the near future. As you might remember, DHS requires that components create policies (rules of
behavior) to govern employee use of social media for law enforcement, personnel, and other
operational uses. ICE has established two separate rules of behavior for use of social media - one for
law enforcement uses and one for all other uses. This training takes employees through the two sets of
rules.
Kb_)(_S_) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ___,I It will be required annually (per

....
DHS).
This email is for awareness and informational purposes only. Most of you or your staffs have already
reviewed the training and the rules of behavior that it is based on. However, if you have any concerns
about the training, please let me know as soon as possible.
The DHS directive on social media and ICE's two rules-of-behavior policies can be found on my social
media page here: i(b)(7)(E) I
Thanks.
~b)(6)· !
Privacy Officer
Assistant Director for Privacy & Records
U.S. Immigration & Customs Enforcement
Direct: (202) 732 ( b )(6)
Main: (202) 732 (b)(6
Questions? Please visit the Privacy & Records Office website ~~(h~)~(7~)~( F~)~ - - - - - - - - - - - - - ~
2020-ICLl-00023 1187
Privacy Requirements
for Operational Use of
Social Media
November 2013
a -.
,{
1
•
2
• U.S. Immigration
·•;. - ji · · and Customs
~ ' "l. · Enforcement
I
*
Training Goals & Objectives

• To ensure ICE personnel understand and
comply with the OHS Privacy Policy for
Operational Use of Social Media (June 8,
2012)
§ OHS Directive 110-01
§ OHS Instruction 110-01-001
• This course covers:

§ Key definitions
§ Rules of Behavior for Law Enforcement and

Non-Law Enforcement Activities
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 11 89
*
What Does This Policy Do?
• Regulates how OHS collects personally

identifiable information (PII) from "Social
Media" Internet sites for an "Operational
Use"
• Requires OHS components and offices to
establish Rules of Behavior that personnel
must follow
• Requires annual training of all personnel
who engage in this type of activity
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 11 90
*
Why Was This Policy Created?
• To address public and congressional

concerns about how OHS collects PII from
Social Media sites
• To ensure OHS is not engaging in an
unlawful or inappropriate collection of Pl I
from Social Media
• To ensure that there are clear "dos and
don'ts" for personnel to follow - these are
called the "Rules of Behavior"
• To ensure all OHS personnel are aware of
the rules through annual training
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 11 91
*
What is the "Operational Use"

of ''Social Media''?
When OHS is collecting PII about individuals
from a Social Media site for the purpose of:
§ Investigating them (criminal, civil, or
administrative)
§ Making a benefit decision about them
§ Making a personnel or suitability decision
about them
§ Enhancing situational awareness (to
support incident management decision
making)
§ Any other official purpose that potentially
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
may affect their rights, privileges, or benefits
I nlc lfll'llH'lll OHS Instruction 110-01-001, Section IV.D.
2020-ICLl-00023 11 92
*
This Policy Does Not Apply To:
• Agency use of Social Media for

communications and outreach to the public
• Personnel use of Social Media for
professional development, such as training
and continuing education
• Use of Social Media to facilitate internal
meetings
• Use of internal OHS intranets or
applications
• Use of search engines for general Internet
research
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 11 93
*
What is Personally Identifiable

Information (PII)?
"Any information that permits the identity of
an individual to be directly or indirectly
inferred, including other information that is
linked or linkable to an individual.
"For example, when linked or linkable to an
individual, such information includes a name,
Social Security Number, date and place of
birth, mother's maiden name, Alien
Registration Number, account number,
license number, vehicle identifier number,
license plate number, ... IP address,
biometric identifier, educational information,
financial information, medical information,
lJ.S. ln1111i:..:r.1ti(J11
criminal or employment information," etc.
,111d Cu-.l<J111-. OHS Instruction 110-01-001, Section IV.E.
I nlc lfll'llH'lll
2020-ICLl-00023 11 94
*
What is ''Social Media''?

"The sphere of websites, applications, and
web-based tools that connect users to
engage in dialogue, share information and
media, collaborate, and interact.
"Social media take many different forms,
including but not limited to web-based
communities and hosted services, social
networking sites, video and photo sharing
sites, biogs, virtual worlds, social
bookmarking, and other emerging
technologies.
"This definition does not apply to internal
lJ.S. ln1111i:..:r.1ti(J11 Department intranets or applications."
,111d Cu-.l<J111-.
I nlc lfll'llH'lll OHS Instruction 110-01-001, Section IV.K.
2020-ICLl-00023 11 95
*
How Do I Know When I Am on

a ''Social Media'' Site Online?
• Some sites are clearly Social Media, like
Facebook and Twitter
• Because of the trend toward including
interactive, Social Media-type features on
"regular" Internet sites, it is often hard to
know if you are on a "regular" Internet site
or a "Social Media" site
• Because of this, ICE has created local
policies (Rules of Behavior) that govern the
collection of Pl I on line at all Internet sites,
not just Social Media
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 11 96
*

• Because ICE's Rules of Behavior apply to
all online activity where you collect PII, you
do not have to be concerned about
whether you are on a Social Media site, or
a regular Internet site
• Simply follow the appropriate Rules of
Behavior anytime you collect PII online:
§ Collection for a law enforcement purpose -
follow the ICE Law Enforcement Rules of
Behavior
§ Collection for a non-law enforcement
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-. purpose - follow the ICE Non-Law
I nlc lfll'llH'lll
Enforcement Rules of Behavior
2020-ICLl-00023 11 97
*
ICE Rules of
Behavior (ROB)
for Non-Law
Enforcement
Activities
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 11 98
*
ICE ROB for Online Non-Law

Enforcement Activities
Morton to ICE Personnel, Use of Public
Online Information for Non-Law
Enforcement Work-Related Activities (May
17, 2013)
(b)(7)(E)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 11 99
*

• Applies to any ICE personnel conducting
non-law enforcement activities:
§ Where PII is collected
§ For a non-law enforcement purpose
§ From the Internet
• Law enforcement personnel will follow

these Rules when engaging in non-law
enforcement activities (e.g., mission
support, personnel, etc.) online.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1200
*
ICE ROB for Non-LE

Activities
• Use of equipment
§ You may use only government-issued
equipment, government accounts, and
government e-mail addresses.
• Use of email and accounts

§ You may use only online screen names or
identities that indicate an official OHS
affiliation and have been created using OHS
e-mail addresses.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1201
*
ICE ROB for Non-LE

Activities
• Public interaction
§ You may access publicly available
information only by reviewing posted
information without interacting (e.g.,
"friending," "fanning," "liking") with any
individual who posted the information.
• Privacy settings
§ You must respect individual privacy settings
and access only information that is publicly
available unless the individual whose
information you seek to access has given
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
you consent to access it.
I nlc lfll'llH'lll
2020-ICLl-00023 1202
*
ICE ROB for Non-LE

Activities
• PII collection
§ Collect the minimum PII necessary for your
authorized duties.
• PII safeguards
§ Protect PII as required by the Privacy Act
and OHS privacy policy.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1203
*
ICE ROB for Non-LE

Activities
• Documentation
§ Retain the contents of your use of the
Internet, including social media, if you would
have retained that information had it been
written on paper.
§ Preserve in appropriate ICE recordkeeping
systems in accordance with office
procedures and in a manner authorized by
the relevant records schedule.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1204
*
ICE ROB for Non-LE

Activities
• Online communications generally
§ You may use online services to communicate in
the same way that you are authorized to use
other types of communication tools, such as the
telephone and the mail.
• Activity during personal time
§ While not on duty, you are generally free to
engage in personal online pursuits.
§ If, however, the off-duty online activity on
government issued or personal equipment
directly and substantially relates to a work-
related matter, you are bound by the same
lJ.S. ln1111i:..:r.1ti(J11 restrictions regarding the use of online
,111d Cu-.l<J111-.
I nlc lfll'llH'lll information as would apply when on duty.
2020-ICLl-00023 1205
*
Non-LE Activities and LE

Activities
• Non-LE Activities
§ If you only engage in Non-Law Enforcement Activities
the training ends here.
§ Last slide of presentation contains contact information
for additional questions.
§ Memorandum from John Morton to ICE Personnel,
Use of Public Online Information for Non-Law
Enforcement Work-Related Activities (May 17, 2013)
rb)(7)(EJ
• LE Activities
§ If you engage in law enforcement activities, the
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-. training for Online Law Enforcement Activities
I nlc lfll'llH'lll
continues on the next slide.
2020-ICLl-00023 1206
*
ICE Rules of
Behavior (ROB)
for Online Law
Enforcement
Activities
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1207
*
ICE ROB for Online Law

Morton to Law Enforcement Personnel,
Use of Public and Non-Public Online
Information (June 28, 2012)
(b )(7)(E)
• Based on and consistent with the DOJ

Online Investigative Principles for Federal
Law Enforcement Agents (1999)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1208
*

• Apply to any ICE personnel conducting law
enforcement activities:
§ For a law enforcement purpose
• Apply to ICE law enforcement and other

support personnel engaging in a criminal,
civil, or administrative law enforcement
investigation, operation, or activity
§ Includes attorneys prosecuting criminal, civil
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
or administrative matters
I nlc lfll'llH'lll
2020-ICLl-00023 1209
*
ICE ROB for Online LE

Activities: Requirements
• Obtaining information from unrestricted
sources
§ You may obtain information from publicly accessible
online sources under the same conditions you may
obtain information from other sources generally open
to the public.
• Obtaining identifying information about

users or networks
§ You may use software tools to obtain PII about a user
or host computer network under same circumstances
in which ICE guidelines and procedures allow you to
look up similar information such as a phone number.
§ You may not use software tools to circumvent
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-. restrictions placed on system users.
I nlc lfll'llH'lll
2020-ICLl-00023 1210
*

• Real time communications
§ You may passively observe and log real-
time electronic communications open to the
public under the same circumstances in
which you may attend a public meeting.
• Accessing restricted sources
§ You may not access restricted online
sources absent legal authority permitting
entry into private space.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1211
*

• Online communications
§ You may use online services to
communicate as you may use other types of
communication tools, such as the telephone
and the mail.
• Record Retention
§ You shall retain contents of a stored
electronic message if you would have
retained that message had it been written
on paper.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1212
*

b)(?)(E)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1213
*

b)(7)(E)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1214
*

• International Issues
§ Unless gathering information from online
facilities configured for public access, e.g.,
Facebook and other social networking sites,
law enforcement personnel conducting
investigations should use reasonable efforts
to ascertain whether any pertinent computer
system, data, witness, or subject is located
in a foreign jurisdiction.
§ Whenever an item or person is located
abroad, law enforcement personnel should
follow ICE's policies and procedures for
lJ.S. ln1111i:..:r.1ti(J11 international investigations.
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1215
*

• Activity by Law Enforcement Personnel
during Personal Time
§ While not on duty, law enforcement
personnel are generally free to engage in
personal online pursuits.
§ If, however, the off-duty online activity
directly and substantially relates to a law
enforcement investigation, operation, or
prosecution, law enforcement personnel are
bound by the same restrictions regarding
the use of online information as would apply
when on duty.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1216
*
Contact & Resource Information

Questions? Contact the ICE Privacy &
Records Office, Privacy Branch
(202) 732-3300
ICEPrivacy@ice.dhs.gov
<b)<_7)<_E)_ _ _ _ _ _ _ _ _~
Website:~l
Links:
ICE Law Enforcement Rules of Behavior
l(b)(7)(E)
ICE Non-Law Enforcement Rules of Behavior

l(b)(7)(E)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1217
U.S. Immigration
and Customs
Enforcement
From: !
!rb)(6): (b)(7)(C)
Sent: 11 Jul 2019 12:53:13 +0000
To: fo)(6): I
Cc: ICE-OPLA-EROLD;k'=b~)<~6~
): ~<b~)<~7~
)<C
~ )~ - - - - - - - - - - - - - - ~
Subject: RE: ERO use of social media and IP masking tools
Thanks so much !rh)fR)· !

rb)(6); (b)(7)(C); (b)(5)
Best,
Kb)(6);
Mobile: 202-870Kb)(6);
From:l(b)(6): I
Sent: Thursday, July 11, 2019 8:50 AM
To: kb)(6): (b)(7)(C)
Cc: ICE-OPLA-EROLD < b)(6): (b)(7)(C)
(b)(6); (b)(7)(C)
Subject: FW: ERO use of social media and IP masking tools
Good morning, ~~~~~~~~,
b)(6); (b)(7)(C); (b)(S)
~b)(6); _ I
l(b)(6); !Associate Legal Advisor

Detention and Removal Law Section
U.S. Department of Homeland Security
Phone: (202) 732fo )(6) I
iPhone: (202) 6501aillfil]
E-mail: l(b)(6); (b)(7)(C)
*** Warning*** Attorney/Client Privilege*** Attorney Work Product***

This communication and any attachments may contain confidential and/or sensitive attorney/client privileged
2020-ICLl-00023 1219
information or attorney work product and/or law enforcement sensitive information. It is not for release, review,
retransmission, dissemination, or use by anyone other than the intended recipient. Please notify the sender if this
email has been misdirected and immediately destroy all originals and copies. Furthermore do not print, copy, re-
transmit, disseminate, or otherwise use this information. Any disclosure of this communication or its attachments
must be approved by the Office of the Principal Legal Advisor, U.S. Immigration and Customs Enforcement. This
document is for INTERNAL GOVERNMENT USE ONLY and may be exempt from disclosure under the Freedom
oflnformation Act, 5 USC§§ 552(b)(5), (b)(7).
From: l(b)(6); (b)(7)(C) I

Sent: Thursday, July 11, 2019 7:48 AM
To: ICE-OPLA-EROLD 4.-
(b-)(-6)-; (-b-)(-7 )-(C_)_ _ _ _ ___,
Cc:!(b)(6): ( b)(7)(C)
Subject: ERO use of social media and IP masking tools
Good Morning,
(b)(5)
Best,
b)(6);
' '- '-
,/~,,...,
'\
(b)(7)(C)
fo) (6):
Privacy Analyst, J.D ., CIPP/US/G
Desk: 202-7321(b)(6):I
Mobile: 202-870{b)(6);1
Main: 202-732t b)(6); I
2020-ICLl-00023 1220
From: l<b)(6 ):
Se nt: 30 Sep 2019 13:21:38 +0000
To: !rh 'l(R'l· ( h )(7 'lfr.1 !
Subject: RE: Fictitious Accounts materials
Thank you l~(b_)(_6)_; - ~
l<b)(6):
(Desk) 202-732.fhVn)· I
(iPhone) 202-787filillfilJ
~ h \/~ \ · / h \/7 \/('\

USC§§ 552(b)(S), (b)(7).
From:kb)(6): (b)(7)(C)
Se nt: Monday, September 30, 2019 7:52 AM
To: kb)(6): (b)(7)(C)
Subject: Fictitious Accounts materials
Good Morning Kb)(6); I

See below for the links to the USCIS PIA on the use of fictitious accounts and the 9 th circuit decision
ruling about the applicability of the Computer Fraud and Abuse Act on web scraping, but opining that
Linkedln information is considered "publicly available" and a service provider's terms of service can't
limit an individual's access to the information.
https://www.dhs.gov/sites/defa ult/files/publications/privacy-pi a-uscis-013-01-fd ns-j u ly2019 0.pdf

http://cdn.ca9.uscourts.gov/datastore/opinions/2019/09/09/17-16783.pdf
Kb)(6); (b)(7)(C) I
Desk: 202-732l(b)(6): I
Mobile: 202-870~(b)(6); I
2020-ICLl-00023 1221
Main: 202-732- (b)(6);
f l,...\ I I \ /
2020-ICLl-00023 1222
From: !(b)(6 ); ( b)(7 )(C)
Sent: 23 Jul 2019 12:59:12 +0000
To: rb)(6); (b)(? )(C)
Cc:
Attachments: (b) (7)(E) >eial Media White Paper_July 2018.pdf
Than ks kb )(6);
have been monitoring social media khVR\ · fh\f7 \f<:\ I
fb)(? )(E)
Best,
l(b)(6); (b)(7)(C) I
Mobile: 202-870i (b)(6) I
From: ..,_!
(b-'-)(;....
6.;.:..
); _ ___,
To:l(b)(6); (b)(? )(C)
Cc: _
I'')(6); (b)(7)(C)
Subject: ICE SMOUTs
Hello !(b )(6);
social media.
framing a document explaining ERO 's intended use of SILO to surveille publicly-available
social media sites.
(b)(S)
2020-ICLl-00023 1223
I believe l(b)(?)(~as audit functions, based on the attached Authentic8 overview document you
identifying info (PII) and/or sensitive PII from social media using SILO, and if so, where the
on pp. 7-8.
Kb)(6); I
(Desk) 202-73* b)(6);I
(iPhone) 202-787l(b)(6); I
fb)(6); (b)(7)(C)
USC§§ 552(b)(S), (b)(7).
2020-ICLl-00023 1225
From: l(b)(6); (b)(7)(C) I
Sent: 16 Jul 2019 14:19:11 +0000
To: I
l(b)(6); (b)(7)(C)
Subject: RE: Policies
Good Morningl(b)(6); I
(b)(5)
Best,
~b)(6);
Mobile: 202-870~(b)(6:I
From:l(b)(6); (b)(?)(C) I
To:l(b)(6); (b)(7)(C)
Subject: FW: Policies
I'm very confused about these email .... I wasn't involved in any ofthe telephone conferences, but they
seem to be addressing issues that!(b)(6); (b)(?)(C) land others (not even on the email list) and I are
already working on, i.e., social media issues involving ERO. I don't want to duplicate efforts.
Or are the conferences you've part icipated in about something else altogether? Thanks.
kb)(6); (b)(?)(C) I, JD, CIPP/ G

Privacy Analyst
US Immigration and Customs Enforcement
Desk: 202-7321(b)(6): I
Mobile: 202-897fb)(6): I
Main: 202-732{b)(6); I
Questions? Please visit our website af~b_)(_?_)(_E_) - - - - - - - - - - - - - - ~
2020-ICLl-00023 1228
Froml(b)(6); (b)(7)(C)
To:l(b)(6); (b)(7)(C)
kn" ~' · rn\f7 \fr ,
Cc: !<b)(6): ( b )(7)(C)
kb )(6); (b)(7)(C)
l(b)(6); ~ CLEAR was not mentioned by name on the phone call this morning, so I do not know for sure.
NCATC is currently working on identifying the Privacy POC for the contract as well tracking down the
Statement of Work (SOW).
l(b)(6); (b)(7)(C) ~ thank you again for talking t q(b)(6); land I this morning. We both found it very
helpful. CIU is interested in discussing NCATC's operations with respect to reviewing publicly avai lable
information on targets' social media as well.
Is everyone available tomorrow (Tuesday) at 10:30am for a conference call? I'll send an Outlook invite
with call in information once a date and time is agreed upon.
kb)(6); (b)(7)(C)
Enforcement and Removal Operations Law D ivision
Desk: (202) 732khVn)· I
Cell: (202) 578 (b)(6)
(b)(6); (b)(7)(C)

attorney work product and/or law enforcement sensitive in formation. It is not for release, review, retransmission, dissemination,
or use by anyone other than the intended recipie nt. Please notify the sender if this email has been misdirected and immediately
disclosure of this corrmrnnication or its attachments must be approved by the Office of the Principal Legal Advisor, U.S.
Immigration and Customs Enforcement. This document is for INTERNAL GOVERNMENT USE ONLY and may be exempt
from disclosure under the Freedom oflnformation Act, 5 USC§§ 552(b)(5), (b)(7).
From:kb)(6); (b)(7)(C)
To~(b)(6); (b)(7)(C)
i(b )(6): ( b )(7)(C)
Cc:kb)(6): ( b )(7)(C)
2020-ICLl-00023 1229
Ht b)(6);
Is the service you are referring to CLEAR? Thanks for the follow up.
Best,
l(b)(6); (b)(7)(C) I
Mobile: 202-870Kb)(6);
From: !rh\lR\· rh\(7 \rr., • I

To:l(b)(6); (b)(7)(C)
l~(b-)(-=
6=
) :=(b=)(=7)=(C
=):::::::::::::::============-1-----------------'
r;
cd <bH6): <bH7)<C) I
Hi. Good aft ernoon!
Yes, the CIU is aware of the NCATC utilization of these types of services - generally, not specifically.
I would be very interested in participating in a conference call!
We have tossed around the idea of making a trip to the NCATC, but funding always seems to be an issue,
so a call would be ideal!
I will be at the NTC in Sterling all day on Wednesday of this week, but any other day- at any time -
would work for me.
From:l(b)(6); (b)(7)(C)
Se nt: M onday, July 15, 2019 2:44 PM
To: (b)(6); (b)(7)(C)
(b)(6); (b)(7)(C)
Cc: kb)(6): (b)(7)(C)
Good afternoon,
This morningkh)(R)· land I reached out to the National Criminal Analysis and Targeting Center
I
{NCATC) and spoke tol(b)(6); (b)(7)(C) Director) and l(b)(6); t Deputy Director) and learned t hat their
office utilizes similar services to view publicly available information on social media platforms through a
contract with Thomas Reuters.
Is the CIU aware that NCATC is already engaged in similar efforts? If not, are you amenable to
participating in a conference call this week to discuss the simi larit ies and differences in their operations
and what you envision FIO's would do with Silo's services?
2020-ICLl-00023 1230
Kb)(6); (b)(?)(C)
Enforcement and Removal Operations Law D ivision
U.S. Inunigration and Customs Enforcement
Desk: (202) 73 (b)(6);
Cell: (202) 578 (b)(?)(C
(b)(6): (b)(7)(C)

attorney work product and/or law enforcement sensitive information. It is not for release, review, retransmission, dissemination,
or use by anyone other than the intended recipient. Please notify the sender if this email has been misdirected and immediately
disclosure of this communication or its attachments must be approved by the Office of the Principal Legal Advisor, U.S.
Immigration and Customs Enforcement. This document is for INTERNAL GOVERNMENT USE ONLY and may be exempt
from disclosure under the Freedom of lnfom1ation Act, 5 USC§§ 552(b)(5), (b)(7).
From: i(b)(6); (b)(?)(C)

Se nt: Thursday, July 11, 2019 4:08 PM
To : kb)(6): (b)(7)(C)
Kb)(6): (b)(7)(C)
That sounds great!
Since kf,,ri:;, lmight not have been on the line today, maybe it would be helpful to outline how we would
like to use SILO.
I can certainly engage other CIU staff to better explain, but as a big-picture description:
The Combined Intelligence Unit (CIU) at HQ is comprised of both ERO and HSI employees working in
conjunction to share valuable intelligence from ERO's detained population.
The CIU utilizes trained Field Intelligence Officers (FIO) located at detention facilities across the nation.
These FIOs are Deportation Officers (1801) who graduate from a two-week advanced training course at
FLETC entitled Enforcement and Removal Intelligence Collection (ERIC).
The course curriculum is taught by members of the intelligence community, OPLA, ERO, HSI, and other
federal law enforcement entities and covers:
Law Review
Introduction to Intelligence
Foreign Threat Awareness
Terrorism
TOC / Gangs
Open-Source Intelligence
HSI Reports Officer Program
Intro to HUM INT Tradecraft
ERO Collection Management
DROLeads
KSTEP Protocols
2020-ICLl-00023 1231
Interviewing Techniques
Practical Exercises
The ERIC course trains the FIO to return to their office with the ability to identify, prepare to interview,
and interview ICE detainees in consensual settings to gather raw intelligence.
The intelligence gathered is documented by the FIO in the DROLead which is submitted to the Combined
Intelligence Unit (CIU) to be analyzed for potential intelligence value.
According to ERO's Priority Intelligence Requirements (PIR), topics that are of potential intelligence
value from the detained population include:
National Security Threats (PIR 1)
Transnational Organized Crime and Criminal Street Gangs (PIR 2)
Human Trafficking and Smuggling (PIR 3)
Operations and Force Protection (PIR 4)
Because detained populations are so vast, prior to an interview, cursory ICE database, open-source
database, and (potentially) social media checks are deemed important to aid in determining individuals'
activities that might have intelligence value. After an interview is conducted, it is helpful to be able to
utilize these same systems to check the truthfulness of the information provided during the interview -
which also goes to the value of the intelligence provided.
As we understand it, 1801s are not able to interact with individuals on social media but can look at
publicly available information (information the person has allowed to be viewed without interaction).
In order to view said information, it is necessary to establish program accounts. We have no intention
of the FIOs establishing back-stopped UC accounts, etc.
Our plan is to roll out training and the licenses together so they understand the capabilities and the
limitations.
I am very interested in knowing the next steps or what other information might be helpful to keep the
ball rolling.
Thank you!
b)(6);
202-732 (b)(6) desk)
From:jih\fR\· f h \ f7v r., I

Sent: Thursday, July 11, 2019 2:17 PM
To b)(6); (b)(7)(C)
(b)(6); (b)(7)(C)
Cc b)(6); (b)(7)(C)
Subject: RE: Po icies
HiKb)(6);
Thanks so much for this and thank you for coming on the call today, it was really helpful. These
documents are overarching policy documents as to how to institute a privacy sensitive social media
monitoring program, instead of operational documents. If ERO does have the authorities to collect this
type of information we will have to work up Rules of Business in line with these documents and have the
FIOs trained on them prior to implementation. We will also have to conduct a privacy threshold analysis
2020-ICLl-00023 1232
to determine what further compliance requirements we might have for the program as a whole. I'm
CCing Anne, our ERO privacy lead on this, as she will be assisting you through most of this process.
Once we figure out what authorities allow ERO to collect social media we can move from there. Thanks
everybody for your help!
Best,
(b )(6);
I L... \1"'7\ lr" \
Mobile: 202-870f ~~~6\ I

FromJ(b)(6); (b)(7)(C) I
Sent: Thursday, July 11, 2019 1:48 PM
To:l(b)(6); (b)(7)(C)
Subject: Policies
Hello again.
As discussed, attached are the referenced documents regarding guidance for on-line behavior.
Prior to issuance of aKb)(7)(E) I

each Field Intelligence Officer (FIO) will be provided these documents
and reminded of appropriate use and limitations for their actions in the system.
If you see that something is missing, please let me know. We are open to implementing necessary steps
to work within the guidelines to provide this valuable tool to our FIOs.
Thank you for the interact ion!

Kb)(6); I
Combined Intelligence Unit (CIU)
Special Operations Division (SOD)
Immigration & Customs Enforcement
Headquarters, Office of Intelligence
500 12th Street SW, Washington, DC 20536
Office: (202) 732~
Cell: (970) 403~~~~~~;, I
Warnin . CLASSIFIED//FOR OFFICIAL USE ONLY (U//FOUO). It contains information that may be exempt from public
release under the Freedom of lnforma 10n ·s to be controlled, stored, handled, transmitted, distributed, and disposed of
in accordance with DHS policy relating to FOUO information and is not o or other personnel who do not have a
valid "need-to-know" without prior approval of an authorized DHS official. No portion of this report shoul e · either in
written or verbal form.
2020-ICLl-00023 1233
From: l(b )(6); (b )(7)(C)
Se nt: 27 Aug 2019 18:33:41 +0000
To: kh\/~ \· / h \ /7\/("'\ I
Subject: RE: privacy training
Thank you!
(b)(6); (b)(?)(C)
Spec1a Assistant
National Security Investigations Division
Homeland Security Investigations
Cell: 202.425l(b)(6);!
From:j(b)(6); (b)(7)(C)
Se nt: Tuesday, August 27, 2019 2:24 PM
To :l(b)(6): (b)(7)(C)
Here you go!

title: d isclosure t raining (just a suggestion, pick whatever you want)
b)(5)
Best,
Kb)(6);
Mobile: 202-870~
From:Kb)(6) : (b )(7)(C)
Se nt: Tuesday, August 27, 2019 1:56 PM
To:l(b)(6): (b)(7)(C)
Perfect, I will set it up!
Do you mind sending me a sentence or two about the training so I can include it in t he meeting invite,
that way folks have an understanding about what they aer attending?
kb)(6): (b)(7)(C)
Special Assistant
Cell: 202.425¥b)(6); I
2020-ICLl-00023 1234
From: Kb)(6); (b)(7)(C)
Sent: Tuesday, August 27, 2019 9:54 AM
To: kb)(6): (b)(7)(C)
Both are good, if Sept 25 th works better for you all let's do that.
Best,
l(b)(6);
Mobile: 202-870~(b)(6): I
From:!(b)(6 ) : (b )(7)(C)
To:!{b)(6): (b)(7)(C)
Subject: RE: privacy t raining
Just to confirm - September 25 th works best or October 2?
Than ks ~(b)(7)(E)
Special Assistant
I
Cell: 202.425.l(b)(§);
From:kb)(6); (b)(7)(C)
To:l(b)(6): (b)(7)(C)
Good Morningl(b)(6):
That works for me! Thanks.
Best,
Kb)(6);
Mobile: 202-870kb)(6):
From:Kb)(6); (b )(7)(C)
Se nt: Tuesday, August 27, 2019 9:42 AM
To~(b)(6); (b)(7)(C)
Subject: RE: privacy t raining
HiKb)(6);
2020-ICLl-00023 1235
I'm thinking we need to do a Wednesday to get the most participation - the 18th has our large
conference rooms blocked with another big event. Can you do the 25th at lpm? If not, we can also do
October 2 at 10am (the following week).
Let me know what you think!
l(b)(6): (b)(7)(C) I
Special Assistant
Homeland sy urity T vestigations
Cell: 202.425 b)(6);
From: !rb )(6 ) : ( b)(7 )(C )

Se nt: Friday, August 23, 2019 8:10 AM
To~b)(6); (b)(7)(C)
cc:l
kb )(6) ; (b)(7)(C)
Good Morningirh\rn\·
Will mid-September work? I'm relatively free any day around that t ime.
Best,
l(b)(6 ):
Mobile: 202-870fb)(6): I
From: l(b)(6): (b)(7)(C)
Se nt: Thursday, August 22, 2019 4:24 PM
To:l(b)(6); (b)(7)(C)
Cc:.
!<b)(6): (b)(7)(C)
Subject: privacy training
H1l(b)(6);
Hope all is w ell!
Reaching out regarding the Privacy Training you mentioned in the Staff meeting last Monday - when ca n
we schedule this for NSID?
Thanks!
i(b)(6): (b)(7)(C)
Special Assistant
2020-ICLl-00023 1236
I
Cell: 202.42Sfb)(6);
2020-ICLl-00023 1237
From: l(b)(6); (b)(7)(C) I
Sent: 22 Jul 2019 19:53:48 +0000
To: (b_)(_6)_; (_b)_(7_)(_C_) - - - - - - - - - - - - - ~!Estrada,
~l
Rafael
Cc: kb)(6); (b)(7)(C)
Subject: RE: SILO Contract
Attachments: [4300A HB Att X] Social Media v14 (DHS Connect 12 14 2018).pdf,
lnstruction_ll0-01-00l_Privacy_Policy_for_Operational_Use_of_Social_Media_0.pdf, SM OUT, ICE -
Criminal Law Enforcement, 20130620 PRIV Final.pdf, SMOUT, ICE - Criminal and Admin Immigration LE,
20170103, PRIV Final.pdf, SMOUT, ICE - Undercover Criminal Law Enforcement, 20121106 PRIV
Final.pdf, 192119IHQRQNXXXX - Privacy and Security Checklist.doc, Base Contract Format - HUBZone
Socio-Economic Category.pdf
Good Afternoon everyone,

Thanks again for the talk. Find enclosed some documents that might shed some of t he DHS policies
that provide a baseline of what is expected by them in our social media monitoring. I sent along the
SMOUTs for ICE's social media monitoring for criminal work, for administrative law enforcement, and for
undercover operations. I've also attached the procurement documents that privacy received for ERO's
use of SILO. I'll try to make contact with an HSI open source team tomorrow and see what work
products I can glean from them for your use when writing up the white paper. Let me know if you have
any questions.
Best,
kb)(6);
From:!(b)(6 ) :
To:l(b)(6); (b)(7)(C)
kb)(6); (b)(7)(C)
(b)(6); (b)(7)(C) ; Estrada, Rafael (b)(6); (b)(7)(C)
Cc (b)(6); (b)(7)(C)
Subject: RE: SILO Contract
Hello All,
Attached is the DAIP training PPP which is part of the ERIC officer training at FLETC.
(b)(5)
2020-ICLl-00023 1238
Director of National Intelligence the authority to render advisory tasking to intelligence elements
of those agencies and depaitments not within the National Intelligence Program."
What is the relevance of these references to the Intel Community with respect to ERIC's work
that involves the use of HAG/SILO? Thank you.
l(b)(6);
(Desk) 202-732--thlZ6J
(iPhone) 202-787 (b)(6);
(b )(6) ; (b )(7)(C)

USC§§ 552(b)(S), (b)(7).
-----Original Appointment-----
Fromtb)(6); (b)(7)(C) I
Cc-
Sent: Monday, July 22, 2019 9:27 AM
To~ ~ - - - - - - - - - - - - - - - - - - - - - '
Subject: SILO Contract

When: Monday, July 22, 2019 2:00 PM-2:30 PM (UTC-05:00) Eastern Time (US & Canada).
Where: Teleconfernce
EROLD Conference Line

l(b)(7)(E)
2020-ICLl-00023 1239
Homeland
Security
DHS 4300A
Sensitive Systems Handbook
Attachment X
Social Media
Version 14
July 24, 2018
2020-ICLl-00023 1240
OHS 4300A SENSITIVE SYSTEMS HANDBOOK ATTACHMENT X- SOCIAL MEDIA
Document Change History
Version Date Description
0.6 March 25, 2010 Final Draft for Comment
0.7 May 12, 2011 Final Draft for Review; Includes Component Comments
8.0 May 23, 2011 Final
9.1 July 24, 2012 Stylistic and formatti ng changes throughout the document
11.0 August 5, 2014 Additional stylistic changes throughout.
Thoroughly revised to conform to current standards and best practices.

Thoroughly updated with regard to Privacy issues.
14.0 July 24, 2018
Version numbered to coincide with current 4300A Policy edition (No
version 11, 12, nor 13 of this Attachment was published.
vl4.0, July 24, 2018 ii
2020-ICLl-00023 1241
OHS 4 30 0A S ENSIT IVE SYSTEMS H ANDBOOK A TTACHMENT X- SOCIAL M EDIA
Contents
1.0 Introduction ............................................................................................................................................. 1
1.1 Background ......... .................... .................... ........................................ .................... .................... ......... 1
1.2 Purpose and Scope ............................................................................................................................... 2
1.3 Application .......... .................... .................... ........................................ .................... .................... ......... 2
2.0 Use of Social M edia .................................................................................................................................. 3

2.1 Official Public Affairs Use of Social Media ........................................................................................... 3
2.1.1 Governance ................ .................... .................... .................... .................... .................... ......... 3
2.1.2 Privacy lssues ........................................................................................................................... 3
2.1.3 Standards of Conduct ..................... .................... ........................................ .................... ........ .4
2.2 Operational Use ofSocial Media ........................................ .................... .................... .......................... 5
2.2.1 Authority.................. ... ..................................... ................................................ ........................ 5
2.2.2 Privacy Compliance Documentat ion ....................................................................................... 5
2.2.3 Access ..... .................... .................... ............................................................ .................... ......... 6
2.2.4 Rules of Behavior ..................................................................................................................... 6
2.2.5 Privacy Training ....... ... ..... ............... ................. ... ..... ............ ... ..... ............ ... ..... ............... ......... 7
2.2.6 Retention of Pll .. .................... .................... ........................................ .................... .................. 7
2.3 Unofficial or Personal Use of Social Media on Government Equipment .............................................. 7
2.4 Unofficial or Personal Use of Social Media on Non-Government Equipment ...................................... 7
3.0 Risks and Attack Techniques Associated with Social Media ..................................................................... 9
3.1 Common Risks of Cyber Attacks .................. .................... .................... .................... .................... ......... 9
3.2 Common Cyber Attack Techniques .................................................................................................... 10
3.2.1 Spear Phishing ....................................................................................................................... 10
3.2.2 Social Engineering ....... .................... ........................................ ............................................... 10
3.2.3 Web Application Attacks ....................................................................................................... 11
4.0 Best Practices for Social Media Use ........................................................................................................ 12

4.1 Personal Use of Social Media ............................................................................................................. 12
4.2 Never Post Classified or Sensitive lnformation ................................................................................... 12
4.3 Never Speak for the Department without Authorization ................................................................... 12
4.4 Avoid Posting Personal Information ............................................. ..................................................... 12
4.5 Use Privacy and Security Settings ................................................. ..................................................... 12
4.6 Be Wary of Location-Based Services .................................................................................................. 13
4. 7 Use Strong Pass words ........................................................................................................................ 13
4.8 Be Suspicious about Installing Applications ....................................................................................... 14
4.9 Be Wary of All Links ................................................................................ ............................................ 14
4.10 Have No Expectation of Privacy ......................................................................................................... 14
4.11 Protect Your Privacy ........................................................... .................... ........................................ .... 15
4.12 Be Professional ................................................................................................................................... 15
4.13 Use Disclaimers ................................................................................... ............................................... 15
4.14 Be the First to Respond t o Your Own Mistakes ............................. .................... ................................. 15
4.15 Be Yourself ...................................................................... ................................................................... 15
4.16 Avoid Being Offensive ........................................................................................................................ 16
4.17 Do Not Breach Trademarks ..... .................... .............. ...... .................... .................... .................... ....... 16
4.18 Respect Copyright, Fair Use, and Financial Disclosure Laws .............................................................. 16
4.19 If in Doubt, Seek Guidance ...... .................... .................... .................... .................... .................... ....... 16
5.0 Unofficial Internet Posting Guidelines.................................................................................................... 17
vl 4.0, July 24 , 20 18 iii
2020-ICLl-00023 1242
OHS 4300A SENSITIVE SYSTEMS H ANDBOOK ATTACHMENT X - SOCIAL M EDIA
Glossary ............................................................................................................................................................... 19
References ........................................................................................................................................................... 25
vl4.0, July 24, 2018 iv
2020-ICLl-00023 1243
1.0 INTRODUCTION
Social media such as Facebook, Twitter, and Instagram have become ubiquitous in our daily life.
According to a study by the Pew Research Center, nearly two-thirds (65%) of all American
adults use social network sites- a nearly tenfold jump in the past decade 1. Due to extensive
casual Internet use, it comes as no surprise that Federal employees and contractors may have
difficulty deciding what constitutes acceptable and security-conscious behavior in using social
media.
Even as Government organizations consider how best to leverage the interactivity enabled by
social media, they must also ensure a common understanding of how employees are expected to
use those media.
Issued under the authority of the Department of Homeland Security (DHS) Chief Information
Officer (CIO), through the Office of the Chief Information Security Officer (OCISO), this
document expands on existing DHS policy as provided in Section 3. 16, "Social Media," of DHS
Sensitive Systems Policy Directive 4300A, and in DHS Management Directive (MD) 4400.1,
"Web (Internet, Intranet, and Extranet Information) and Information Systems."
This document is applicable under the following guidelines:
• Whether or not the use is official (work-related) or unofficial (personal)
• Whether or not the use occurs on sanctioned "official" social media sites or on
commercially managed sites
• Whether or not use is accomplished using Government-issued equipment or on electronic
devices owned by the employee or other third-party.
1.1 Background
Cyber attacks on and via social media are rapidly increasing because of the abundance of
personal information available on social media sites that is of interest to cybercriminals such as
home address, family names, friends ' names, and current employer. Due to the high threat of
malware infiltration and the sensitive nature of the information maintained at DHS, social media
host sites are blocked at the Department's Trusted Internet Connections (TIC). 2 The Assistant
Secretary, Office of Public Affairs (OPA), as well as Component public or external affairs
offices, however, do permit limited social media use "by exception," through sanctioned
Government and commercial social media sites and social networking services. These limited
uses of social media make information and services more widely available. Sanctioned social
media can:
• Provide additional sources that the public can use to obtain supplemental information
about the Department's activities
1
"Social Media Usage: 2005-2015", Pew Research Center, October 6, 2016,
http://www.pewinternet.org/2015/ 10/08/social-networking-usage-2005-2015/
2
Section 3.16, DHS Sensitive Systems Policy Directive 4300A.
vl4.0, July 24, 2018
2020-ICLl-00023 1244
OHS 4300A SENSITIVE SYSTEMS H ANDBOOK ATTACHMENT X- SOCIAL M EDIA
• Provide opportunities for participation and collaboration on Department activities

• Reach a wider audience more efficiently through the use of social media capabilities
• Showcase the Department's work and integration
• Support Department and Component missions
Unofficial (personal) social media usage can easily make DHS personnel and the Department
victims of social engineering or other forms of cyber-attack. Employees need guidance to help
minimize the risks their social media use poses to the Department and its missions.
1.2 Purpose and Scope

This document provides guidance regarding official (work-related) and unofficial (personal)
social media use whether occurring within or outside the Department network, the risks and
attack techniques associated with social media, and best practices for social media use.
1.3 Application
This document applies to all DHS Federal employees and contractors, describes the governance
of social media sites across DHS, and addresses the use and associated risks of social media
technologies in three scenarios:
• Required work-related use
• Unofficial or personal use on Government equipment
• Unofficial or personal use on non-Government equipment
The term equipment includes both non-portable devices such as desktop computers as well as
mobile devices such as laptop computers smartphones and tablets.
Commonly used social media terms are in bold italics throughout this attachment and are defined
in the Glossary.
vl4.0, July 24, 2018 2
2020-ICLl-00023 1245
OHS 4300A SENSITIVE SYSTEMS H ANDBOOK ATTACHMENT X - SOCIAL M EDIA
2.0 USE OF SOCIAL MEDIA
2.1 Official Public Affairs Use of Social Media

Many Federal Departments and agencies are required to publish Government information for
public engagement or external affairs purposes. Component offices of public or external affairs
publish materials on dhs.gov, which is the official website and presence of DHS. In addition,
some Components maintain their own websites, subject to departmental oversight.
Instructions for using dhs.gov and commercial or third party social media are provided at the
DHS Web Center (see www.dhs.gov/webcenter).
As a result of these technological relationships between the Department and the public, it is
imperative that DHS engage the public in a manner that complies with Federal accessibility,
privacy, information security, and records requirements.
2.1.1 Governance
The DHS Office of Public Affairs (OPA) serves as the primary account holder for all DHS and
Component social media websites, approves and manages all content posted, and when necessary
acts as the final authority on comment acceptability. OPA will ensure that posted content meets
the requirements for publicly available information and materials.
2.1.2 Privacy Issues

To protect Personally Identifiable Information (PII) internally and when engaging the public,
DHS employees must comply with Federal privacy laws, Office of Management and Budget
(0MB) g uidance, and DHS privacy policies when using social media in a n official capacity. The
Privacy Office is responsible for ensuring that DHS use of social media sustains and does not
erode privacy protections concerning the use, collection, and disclosure of PII.
It is imperative that the Department be transparent about its use of social media to avoid
concerns about unauthorized surveillance. Therefore, DHS must engage social media websites
in a manner that protects privacy and respects users' intent. The public user fully expects
privacy protections while interacting with the Department. In order to address these and other
concerns, the DHS Privacy Office has set forth specific requirements for using social media in a
privacy- sensitive manner.
Each social media website provides its own privacy policy, and while users are typically required
to submit some PII during the registration process, the Department will neither solicit nor collect
such PII. The D epartment will examine the social media website or application privacy policy
and evaluate the risks to determine whether or not the website is appropriate for the
Department's use. If an agency posts a link that leads to a social media website, the agency will
provide an alert to the visitor, either a statement adjacent to the link or a "pop-up," explaining
that visitors are being directed to a non-government website that may have different privacy
policies from those of the agency's official website.
The Department will o nly collect the minimum information necessary for the performance of
official functio ns. Official DHS accounts on social media websites will be identified by the
Department or Component seal and an easily identifiable account user name indicating DHS
presence, such as "DHS Jane Q. Employee."
vl4.0, July 24, 2018 3
2020-ICLl-00023 1246
As part of the Department's privacy compliance process, the DHS Privacy Office has developed
two Department-wide Privacy Impact Assessments (PIA), both found at www.dhs.gov/privacy.
to identify and mitigate privacy risks for the Department's use of social media for public
engagement or external affairs:
• "Use of Social Networking Interactions and Applications
(Communications/Outreach/Public Dialogue)," September 16, 2010
• "Use of Unidirectional Social Media Applications," March 8, 2011
These two PIAs and the DHS privacy policies, including those that are social media specific,
govern the Department's use of social media from a privacy standpoint. The DHS privacy policy
as well as privacy policies specific to social media can be found at www.dhs.gov.
PIA determination is made on a case by case basis through the social media privacy threshold
analysis (SMPTA). Components should work with their Component Privacy Office to ensure
compliance with privacy requirements. DHS Headquarters should contact the DHS Privacy
Office directly atKb)(7)(E) I
Approved PIAs are published on the Department's Privacy Impact Assessment Web page (see
www.dhs.gov/topic/privacy) unless they are classified. DHS has issued a PIA detailing the PII
to which the Department may have access because of its use of social networking applications,
how it will use the information, what information is retained and shared, and how individuals can
gain access to and correct their information.
If PII is posted on a social media site, the Department will attempt to delete it. If that is not
possible, the Department will disregard the PII and it will not be maintained in agency files. It
should be noted, however, that PII posted on a social media website or sent to the Department in
connection with the transaction of public business may become part of a Federal record and will
have to be maintained in accordance with appropriate records retention policies.
Note that this privacy compliance framework does not apply to the Department's "operational
use of social media." See section 2.2 for details.
2.1.3 Standards of Conduct

DHS employees and contractors are responsible for knowing and following the guidelines in
DHS Directive) 262-04, "DHS Web (Internet and Extranet Information)" (Revision 00) and
Executive Branch conduct guidelines, such as "Standards of Ethical Conduct for Employees of
the Executive Branch," when using social media in an official capacity. These standards cover
topics of prohibited activities such as:
• Engaging in vulgar or abusive language, personal attacks of any kind, or offensive terms
targeting individuals or groups
• Endorsement of commercial products, services, or entities
• Endorsement of political parties, candidates, or groups
• Lobbying members of Congress using DHS or any other appropriated resource
• Use of Government resources to foster commercial interests or individual profit
vl4.0, July 24, 2018 4
2020-ICLl-00023 1247
Federal employees often inadvertently fail to comply with the stringent requirements of the
Hatch Act of 1939, which governs political speech by Federal employees. The U.S. Office of
Special Counsel (OSC) issued "Hatch Act Social Media and Email Guidance" regarding the
applicability of the Hatch Act to social media engagement in the workplace by Federal
employees 3. The Hatch Act's restrictions may determine whether or not Federal employees are
allowed to post content that could be interpreted in a political light. Employees should
understand the Hatch Act, and Sections 4 and 5 of this document, before posting on social media
or revealing professional titles or political affiliations.
2.2 Operational Use of Social Media

As part of the Department's homeland security missions, DHS personnel may engage in the
operational use social media to meet their mission requirements, consistent with their existing
authorities and subject to the approval of the Chief Privacy Officer.
Pursuant to the DHS Management Directive 110-01, "Privacy Policy for Operational Use of
Social Media" (June 8, 2012), "operational use" means the authorized use of social media to
collect personally identifiable information for the purpose of enhancing situational awareness,
investigating an individual in a criminal, civil, or administrative context, making a benefit
determination about a person, making a personnel determination about a Department employee,
making a suitability determination about a prospective Department employee, or for any other
official Department purpose that has the potential to affect the rights, privileges, or benefits of an
individual. Operational use does not include the use of search engines for general Internet
research, nor does it include the use of social media for professional development such as
training and continuing education or for facilitating internal meetings.
2.2.1 Authority
Program Managers and System Managers must consult with counsel to ensure that appropriate
authority exists to engage in categories of operational use of social media before Component
employees engage in those activities.
2.2.2 Privacy Compliance Documentation

Before engaging in, or contracting for, new or modified categories of operational use of social
media (which as defined includes investigatory purposes), Program Managers and System
Managers, in consultation with Component Privacy Officers or Privacy Points Of Contact and
counsel must complete a Social Media Operational Use Template (SMOUT) to document the
authority and purpose(s) of those uses as well as a description of those uses, and to determine
whether all of the Rules of Behavior discussed below will apply to the particular uses(s) covered
by the SMOUT.
Please contact the DHS Privacy Office at ....
l(b_,_
)(,_
7.:...,.E)_ _ __.lfor a blank SMOUT form.
)("""'
SMOUTs are submitted to the Chief Privacy Officer for a prompt review and determination as to
whether a new or updated PIA or SORN is required. SMOUTs are also completed to document
3
Official of Special Counsel, "Hatch Act Social Media and Email Guidance", https://osc.gov/Pages/Hatch-Act-
Social-Media-and-Email-Guidance.aspx
vl4.0, July 24, 2018 5
2020-ICLl-00023 1248
categories of operational use of social media in existence prior to this Instruction to ensure
compliance with this Instruction. Once a SMOUT is approved for a category of operational use,
a new SMOUT is not required for additional use of social media within that category unless there
is a material modification of the Rules of Behavior applicable to that category. Components may
appeal to the Deputy Secretary of Homeland Security if there is a disagreement over the OHS
Ptivacy Office determination of privacy compliance for the operational use of social media.
2.2.3 Access
OHS employees who are authorized to use social media by their Component heads renew their
access authority annually, consistent with annual training requirements. Access is contingent
upon an employee's successfully completing privacy training for operational use of social media.
2.2.4 Rules of Behavior

Component Privacy Officers or PPOCs, in coordination with counsel and Program Managers, or
System Managers as appropriate, draft Rules of Behavior for operational use of social media
(either separately or as part of a broader policy document) and submit them with the Template to
the Chief Privacy Officer for review and approval. Personnel granted access to use social media
certify annually that they have read and understand the Component Rules of Behavior. Where
certification is not practicable, Component Privacy Officers and PPOCs maintain records of
employee attendance at privacy training that includes training on Rules of Behavior.
Rules of Behavior must include requirements for operational use of social media and the
consequences of failure to adhere to those requirements. Where a federal policy establishes
guidelines that apply to a Component' s operational use of social media, the Component's Rules
of Behavior incorporate that policy and that fact is noted in the Template.
Unless otherwise noted in the Template adjudication process, the Rules of Behavior provide, at a
minimum, that OHS employees:
1. Use social media for operational purposes only when activities are authorized by statute,
executive order, regulation, or policy.
2. Use only government-issued equipment, government accounts, and only government
email addresses when engaging in the operational use of social media.
3. Use online screen names or identities that indicate an official OHS affiliation and use
OHS email addresses to open accounts used when engaging in social media in the
performance of their duties.
4. Access publicly available information through social media only by reviewing posted
information without interacting with any individual who posted the information.
5. Respect individuals' privacy settings and access only information that is publicly
available unless the individual whose information the employee seeks to access has given
consent to access it.
6. Collect the minimum PIT necessary for the proper performance of their authorized duties;
7. Protect PIT as required by the Privacy Act and DHS privacy policy.
vl4.0, July 24, 2018 6
2020-ICLl-00023 1249
8. Document operational use of social media, including date, site(s) accessed, information
collected, and how it was used in the same manner that the Department would document
information collected from any source in the normal course of business. For instance,
where information obtained through authorized operational use of social media is used in
whole or in part to make decisions regarding an individual's rights, benefits or privileges,
employees document that fact in relevant records.
9. When use of the social media site is completed, always log out of the site.
2.2.5 Privacy Training

Component Privacy Officers or PPOCs tailor privacy training for the operational use of social
media to Component-specific needs, based upon training materials provided by the Chief Privacy
Officer. Completion of this privacy training is a prerequisite for obtaining access to social media
for operational use. Upon completion of this training, employees will certify that they have read
and understand their Component's Rules of Behavior. Where certification is not practicable,
Component Privacy Officers and PPOCs maintain records of employee attendance at privacy
training that includes training on Rules of Behavior. Employees also complete refresher training
and recertify they have read and understand their Component's Rules of Behavior annually
thereafter. Privacy training content includes, at a minimum, legal authorities, acceptable
operational uses of social media, access requirements, applicable Rules of Behavior, and
requirements for documenting operational uses of social media.
2.2.6 Retention of PII

Component Program Managers or System Managers where appropriate, maintain PII collected
through authorized operational uses of social media in the applicable Privacy Act system of
records in accordance with approved records retention schedules.
2.3 Unofficial or Personal Use of Social Media on Government Equipment

Social media is an attack vector routinely exploited by cybercriminals, whose activities may
expose the Department to unacceptable risk. Additionally, social network activity consumes
bandwidth and can negatively impact employee productivity. DHS prohibits personal access to
social media from Government equipment unless an exception to policy has been granted.
Although DHS employees are authorized limited personal use of DHS office equipment in
accordance with DHS Management Directive (MD) No. 4600.1, "Personal Use of Government
Office Equipment," such authorization does not apply to the use of DHS equipment for personal
use of social media. This restriction also applies to contractors and other individuals using DHS
equipment.
2.4 Unofficial or Personal Use of Social Media on Non-Government Equipment

Employee activities potentially affect DHS job performance, the performance of others, and
DHS business interests. Any information posted on the Internet incurs a level of risk, because
that information is exposed indefinitely with no reliable methods for deletion or retraction. In
addition, because of the connected nature of the Internet, even information presumed to be
posted in a venue with restricted access is potentially accessible to anyone.
vl4.0, July 24, 2018 7
2020-ICLl-00023 1250
"Unofficial Internet posts" result when DHS personnel express OHS-related thoughts, ideas,
knowledge, experience, and opinions on any Internet site, whether or not the site is DHS-
controlled. Unofficial Internet posts are personal expressions developed and released by an
employee or contractor that have not been initiated by any official part of the DHS organization
or reviewed through an official DHS approval process. Employees must remember that any
information about another individual is almost surely protected by the Ptivacy Act and should
not be shared.
Social networks are of particular concern because of the potential for users to disseminate
personal information about themselves and others. Unless strict privacy controls are applied to
online profiles, the information posted is viewable by a wide range of strangers. Normally
adversaries would have to engage in determined information gathering in order to collect
sensitive information, but social networks can easily provide them an opportunity to gather
sensitive information with relative ease. Even seemingly harmless facts can be collected and
used by adversaries to assemble profiles and select targets. Even with privacy controls in place,
DHS employees and contractors should not post any content that they would not be comfortable
disclosing to the public.
Employees must remember that any information that is work-related is sensitive and cannot be
repeated outside the workplace without appropriate approval. In addition, further limits are in
place if you identify yourself, whether directly or indirectly, as a DHS employee.
Consistent with the risks detailed above, the recent guidance issued by the U.S. Office of Special
Counsel (OSC) regarding social media outside the workplace does not differ substantially from
guidance for the workplace, although more latitude is given for employees to express political
thoughts and candidate advocacy and support on their personal websites. See Sections 4 and 5 of
this document for additional best practices and guidelines applicable to social media use.
vl4.0, July 24, 2018 8
2020-ICLl-00023 1251
OHS 4300A S ENSITIVE SYSTEMS H ANDBOOK ATTACHMENT X- SOCIAL M EDIA
3.0 RISKS AND ATTACK TECHNIQUES ASSOCIATED WITH SOCIAL MEDIA

Adversaries look for opportunities to easily target persons of interest on the Internet in order to
develop footholds for long-term surveillance and exploitation. Social media sites are attractive
to hackers since the same technologies that invite user participation make user systems easy to
corrupt with malware such as worms that can shut down networks, spyware, or keystroke
loggers that can steal sensitive data. For example, the availability of widgets makes it easier for
social networkers to share links, insert pictures, etc., but it also makes it easier for an attacker to
slip in malicious code or to link to off-site content that contains malware.
3.1 Common Risks of Cyber Attacks

The risks associated with social networking fall into a few broad categories:
• Accidentally releasing sensitive information
• Hackers gaining information through a social networking site that will allow the hacker
to attack the enterprise network
• Having the social networking account itself hacked
• Identity theft
• Users picking up ma/ware through the social networking site
Government use of social media also poses potential privacy risks. Social media users
voluntarily provide PII in their user profiles (examples are hometown and employer), making
such information available to other registered users, including DHS. The availability of this PII
does not give the Department the authority or right to collect, use, or disclose that information
absent a separate authority to do so.
The emergence of Location-Based Services (LBS) (geo-location) poses additional privacy
concerns. Research undertaken by Carnegie Mellon University in 2009 and 20104 found that
"currently available location-sharing services do not, for the most part, do a good job of
informing [users] about how their location information will be used or provide users with
expressive location privacy controls and privacy-protective default settings." Furthermore,
although Section 222(f) of the Communications Act 5 generally prohibits wireless carriers from
using location-based information for commercial purposes without the express prior consent of
the consumer, these prohibitions do not currently apply to LBS providers even though their
applications are being downloaded on the devices of wireless can-iers.
Consumers may mistakenly conclude that application providers are subject to the same
prohibitions as wireless can-iers and that no action by consumers is necessary to ensure that their
4
"Location-Sharing Technologies: Privacy Risks and Controls", Carnegie Mellon University, February 1010,
http://cups.cs.cmu.edu/LBS pri vacy/files/TsaiKelleyCranorS adeh 2009.pdf
5
"Communications Act of 1934", Federal Communications Commission,
https://transition. fee.gov/Reports/ l 934new.pdf
vl4.0, July 24, 2018 9
2020-ICLl-00023 1252
privacy is protected. 6 The DHS Privacy Office requires all projects, programs, or systems
contemplating the use of LBS to submit a PTA.
3.2 Common Cyber Attack Techniques

According to the Guidelines for Secure Use ofSocial Media by Federal Departments and
Agencies 7, social media technologies such as wikis, biogs, and social networks are especially
vulnerable to the following cyber-attack techniques:
• Spear phishing
• Social engineering
• Web application attacks
3.2.1 Spear Phishing

Spear phishing is an attack targeting a specific user or group of users, attempting to deceive the
user into performing an action that launches an attack, such as opening a document or clicking a
link. Spear phishers rely on knowing some personal piece of information about their target, such
as an event, interest, travel plans, or current issues. Sometimes this information is gathered by
hacking into the targeted network, but often it is easier to look up the target on a social media
network.
In April 2009, the Federal Bureau of Investigation (FBI) released a Headline Alert citing social
networking sites as a mechanism for attackers to gather information on their targets by
harvesting information from publically accessible networks and using the info1mation as an
attack vector 8. Spear phishers use social media as an alternative way to send phishing messages,
as the social media platform bypasses traditional email security controls. Security teams have
already observed multiple social media websites used as a propagation mechanism to trick users
into opening a document or clicking a link. DHS daily receives many specific attacks via email
targeting specific employees by name and position.
3.2.2 Social Engineering

The second concern regarding social media use by Federal employees is social engineering,
which relies on exploiting the human tendency to trust. T he attacker's first step in any social
engineering attack is to collect information about the target. Social networking websites can
reveal many details of personal info1mation, including resumes, home addresses, phone numbers,
employment information, work locations, family members, education, and photos. Social media
websites may share more personal information than users expect, need, or realize. For example,
a study by the University of Virginia cites that out of the top 150 Facebook applications, all of
which are externally hosted, over 90% needed nothing more than publicly available information
6
Joint Hearing o n "The Collection and Use of Location Information for Commercial Purposes", February 24, 2010.
7"Guidelines for Secure Use of Social Media by Federal Departments and Agencies," Version 1.0, Federal CIO
Council, September 2009.
8"Spear Phishers: Angling to Steal Your Financial Info", FBI, April 2009,
https://archi ves.fbi.gov/archi ves/news/stories/2009/april/spearphishing 040 109
vl4.0, July 24, 2018 10
2020-ICLl-00023 1253
from members in order to operate. In every case, however, users needlessly granted the
applications total access to their account and therefore full access to all personal information.
When DHS employees join a social media website, they may identify themselves as DHS
employees. Their self-identification creates a DHS Internet footprint, which is valuable
information to adversaries. As more Federal employees self-identify on social media websites,
the Federal footprint on social networking will grow, creating a target-rich environment to help
adversaries target specific individuals to launch various social engineering attacks.
To learn personal information about an individual, an attacker can express a common interest in
a topic and build a trust relationship with the victim. This positions the attacker to influence the
victim's friends and co-workers or even to collect sufficient information to pose as the victim,
providing an easy avenue for penetrating the trust of the Department or of other DHS personnel.
High-profile Federal employees with greater name recognition are an especially prime target for
a social engineer seeking to exploit trust relationships in social networks.
3.2.3 Web Application Attacks

Malicious content on social networking sites is easy to disguise as valid content. Developers of
user-generated games and applications on some sites have the option of going through an
approval process, but the application's code is not always locked in the state in which it was
submitted for approval. This creates a situation in which apparently vetted software can be
injected with malicious code at a later time.
Finally, while a hijacked personal social media account may be annoying and personally costly
or embairnssing, the hijacked account of a Federal user or a hijacked Federal account can have
more serious implications. Unauthorized posts, tweets or messages may be seen by the public as
official messages, or may be used to spread malware by encouraging users to click links or
download malware and unwanted applications.
vl4.0, July 24, 2018 11
2020-ICLl-00023 1254
4.0 BEST PRACTICES FOR SOCIAL MEDIA USE

Online activities often blur the line between individuals' personal and professional lives. Real-
world social and business rules have counterparts in digital environments. DHS employees or
contractors, in or outside of the workplace, may affect their job performance, the performance of
others, or DHS business interests, so they are a proper audience for best practice guidance. The
following guidelines are intended to assist DHS employees and contractors in protecting their
personal information and reputation while interacting online. These best practices are based on
guidelines established by other Federal and commercial organizations.
4.1 Personal Use of Social Media

Use social media only on personal time using your personal computer and email account. You
should not be logged onto external social networking sites while at work.
4.2 Never Post Classified or Sensitive Information

Posting classified or sensitive information on a social media site will lead to significant adverse
action and penalties. DHS Management Directive No. 11042.1, "Safeguarding Sensitive But
Unclassified (For Official use Only) Information" establishes DHS policy regarding the
identification and safeguarding of sensitive but unclassified information originated within DHS,
and other sensitive but unclassified information received by DHS from other Government and
nongovemment activities. Do Not Communicate DHS Policies
4.3 Never Speak for the Department without Authorization

Never answer questions or make statements about or on behalf of DHS on a social networking
site without explicit authorization from the DHS Office of Public Affairs, the DHS Office of
General Counsel, or their Component equivalent.
4.4 Avoid Posting Personal Information

Limit the amount of personal information you post to social networks. Avoid posting personal
information such as your home address, personal phone numbers, or details about your schedule
or routine. This type of information gives cybercriminals the baseline they need for more
targeted activities. Assume that anything you post to a social network can be seen by anyone
and act accordingly. Also be wary of the type of information - including photographs - that
you post about your friends and family, since that information can put them at risk.
4.5 Use Privacy and Security Settings

When accessing social networking sites, you can limit disclosure by using the site's Privacy
settings. The default settings for some sites may allow anyone to see your profile. You can
customize your settings to restrict access to only certain people. Also be aware of any changes to
the site's privacy or security options. For example, Facebook is constantly improving user
privacy settings that users should be aware of and implement as soon as possible9. Users should
9
"Facebook Privacy: 10 Settings to Check", Information Week, June 5, 2014,
http://www.information week.com/software/social/ facebook-pri vacy-10-settin gs-to-check/did-id/ 1269438
vl4.0, July 24, 2018 12
2020-ICLl-00023 1255
monitor the plivacy policies for social networking sites as they change often and without
warning. Remember though, there is a risk that even private information can be exposed, so do
not post anything that you would not want the public to see.
4.6 Be Wary of Location-Based Services

Be aware of privacy and security issues when using location-based services (LBS). LBS offers
many conveniences such as keeping track of family and friends, getting directions, finding
restaurants, and assisting in law enforcement. But LBS may make information about your
location accessible to unintended recipients. Employees should understand that use of LBS
introduces significant privacy and personal security risks with their use. The most common
example is using a location check-in service (for example, Foursquare). If you check in from
your couch at home, the precise Global Positioning System (GPS) coordinates of your couch are
published. If you later check in from your office, it can be seen that you are no longer at your
home, which is now an excellent target, and your own personal security can be compromised.
Carefully consider any request by any application to allow use of your location or any other
personal information. In Snapchat and in other applications that can show your location or that
of your contacts, always use a "ghost" mode that disallows showing your location. You should
also be aware that this information may leak unintentionally. For example, smartphones can
attach GPS coordinates to pictures you take. Posts made to social media sites such as Facebook
or Twitter may also contain this detailed geo-location data that could also compromise your
personal security and possibly your workplace security. The location attached to the picture may
be metadata that is uploaded without your knowledge.
Be sure to examine your phone's privacy, security, and location settings to ensure that GPS
coordinates are not automatically associated with LBS. Be sure never to check in from sensitive
locations and avoid establishing patterns when possible.
4.7 Use Strong Passwords

Protect your account with passwords that cannot be easily guessed. Avoid using passwords such
as your dog' s name, the word "password" plus a digit, or your favorite sports team name.
A strong password resists guessing. Hackers and computer intruders use automated software as
a way to submit hundreds of guesses per minute to access your account. These software tools are
called 'dictionary' or 'brute force repetition' tools, because they will use English dictionaries to
sequentially guess your password. These password-guessing tools can submit up to 1000
attempts per minute. The less that your password resembles regular word patterns, the longer it
will take for a repetition tool to guess it.
These password variations below purposely avoid using complete English word
patterns. Passwords that use combinations of characters that include numerals, symbols, and
capital letters as well as lower case letters will create an exponentially longer task for attackers
using dictionary programs and brute force.
Do not use the same password for multiple applications.
Even strongly constructed passwords are vulnerable to keystroke loggers and password cracking
tools. In the final analysis, passwords do little to deter a determined attacker.
vl4.0, July 24, 2018 13
2020-ICLl-00023 1256
According to NIST (National Institute of Standards and Technology), a strong password should
contain no fewer than 12 characters, a rule adopted by the U.S. government in 2007 and further
defined in the U.S . Government Configuration Baseline. Admin passwords should be 15
characters. Readers may sigh at those lengths, but they have been the recommended minimum
for half a decade. Anything shorter is not considered secure.
4.8 Be Suspicious about Installing Applications

Applications from social media sites are very often given complete access to your account- not
just to what is necessary for the application to run. "Quizzes" are also problematic. For
example, Facebook users taking quizzes can reveal far more personal information to the
applications than they realize. This is mostly due to the fact that Facebook's default privacy
settings allow access to all your profile information whether or not your profile is set to
"private."
Even if you do not take quizzes yourself, your profile info1mation may be revealed when one of
your friends takes a social media or Internet quiz. Almost everything on your profile, even if
you use privacy settings to limit access, is available to the quiz.
4.9 Be Wary of All Links

Vigilance is the best defense against phishing. Phishing scams can arrive in e-mails that look as
though they come from real companies or trusted individuals. For example, you may receive an
e-mail message announcing that your bank account will be closed unless you confirm your
personal identification number, or that you need to provide your credit card information to
confirm an order, or requesting verification of your social security number for billing purposes.
Legitimate companies do not ask for your account or personal information via e-mail. To find
out whether the message is legitimate, contact the company directly by telephone or letter using
contact information from a trusted source, such as your account statements.
Never reply to suspect emails or click on any links they contain. This could expose you to
clickjacking, in which a web page will trick you into perfo1ming undesired actions by clicking on
concealed buttons or links that are on a web page hidden by the visible one. For example, the
page may list what appears to be a valid DHS web page address, such as www.dhs.gov; however
it hides the link to a web site set up by a cybercriminal. To find out whether the message is
legitimate, contact the sending company directly by telephone or letter using data from a trusted
source, such as your account statements or the back of your credit/debit card. Another way to
verify the validity of the web page is, instead of clicking on an embedded link, manually enter
the URL into the navigation bar of your web browser to avoid clickjacking.
Phishing attempts can also come in Twitter "tweets", Facebook wall postings, videos, or pictures
sent via email. Get into the habit of not clicking on hyperlinks, especially those for videos or
news-related events from unfamiliar sources and senders. In many cases, these are linked to
phishing and social engineering attacks.
4.10 Have No Expectation of Privacy

Assume that your thoughts are in the public domain. Remember that social networking sites are
generally public and permanent, even if you delete the information you posted. You should
understand the security and privacy features available for the social networking sites you use,
vl4.0, July 24, 2018 14
2020-ICLl-00023 1257
and exercise discretion and common sense. Most social networks offer settings to keep profiles
private and restrict access to personal photographs or other personally identifiable details;
however, opting for privacy does not guarantee that others will not see your content. Content
can be forwarded or hacked.
Facebook has found itself at the center of privacy breakdown controversies numerous times, and
confusing Twitter interfaces have resulted in private messages being inadvertently posted to
public feeds. Hackers can force access and friends can forward your content to others. In short,
do not post anything that you do not want the public to see.
4.11 Protect Your Privacy

Do not share personal or contact information about your family, friends, co-workers, clients, or
businesses without their explicit consent. Do not post or tag pictures of family, friends, co-
workers, clients, or business without their consent. Respect the privacy of others at all times.
Always protect your PII.
4.12 Be Professional
If you identify yourself as a DHS employee or have a public-facing position so that your DHS
association is known to the general public, ensure that your profile and related content are
consistent with how you wish to present yourself as a DHS professional, even if the information
is of a personal and unofficial nature. Ensure that all your posts and interactions are consistent
with the public trust associated with your position, and conform to existing standards such as
"Standards of Ethical Conduct for Employees of the Executive Branch."
If you establish online profiles, you may provide your DHS title and contact information. You
may also indicate that DHS is your employer, and you may describe your past and present job
responsibilities (as you would on your resume) if you do not disclose any DHS sensitive
information or the personal information of others.
4.13 Use Disclaimers

Be aware of your DHS association in online social networks. If your profile reveals your
employment relationship with DHS, you should include a disclaimer stating that your activity
and posts represent your personal opinions and do not represent those of DHS. An example of an
appropriate disclaimer is "The postings on this site are my own and do not represent the
positions, strategies, or opinions of the Department of Homeland Security."
4.14 Be the First to Respond to Your Own Mistakes

If you make an error, be up front about your mistake and correct it quickly. In a blog, if you
choose to modify an earlier post, make it clear that you have done so.
4.15 Be Yourself
Do not forge or manipulate identities in your posts in an attempt to disguise, impersonate, or
misrepresent your identity or affiliation with any other person or entity.
vl4.0, July 24, 2018 15
2020-ICLl-00023 1258
OHS 4300A S ENSITIVE SYSTEMS H ANDBOOK ATTACHMENT X- SOCIAL M EDIA
4.16 Avoid Being Offensive

Do not post defamatory, libelo us, vulgar, obscene, abusive, profane, threatening, racially and
ethnically hateful, or otherwise offensive or illegal information or material.
4.17 Do Not Breach Trademarks

Do not use any word, logo, or other mark that would infringe on a trademark, service mark,
certification mark, or other intellectual property rights of the owners of such marks without the
permission of such owners.
4.18 Respect Copyright, Fair Use, and Financial Disclosure Laws

Do not post any information or other material protected by copyright without the permission of
the copyright owner. Also, consider using a Creative Commons license to protect your own
work. Creative Commons offers a flexible copyright model through a collection of free
copyright licenses written in plain language . Creators can select several of these licenses to
communicate which rights they reserve, and which they wai ve, when their intellectual property is
used by others. W ikipedia is one of the most notable web-based projects using a Creative
Commons license. See www.creativecommons.org for additional details.
4.19 If in Doubt, Seek Guidance

Seek guidance from the DHS Office of Public Affairs or the DHS Office of General Counsel, or
Component equivalent, prior to publicly sharing any personal opinions or statements based on
your role within DHS. Those with leadership responsibilities, by virtue of their position,
especially must understand that personal thoughts they publish, even in clearly personal venues,
inadvertently may be interpreted as expressions of official DHS positions. They should assume
that their co-workers, employees, and those outside of DHS will read what they have written.
vl4.0, July 24, 2018 16
2020-ICLl-00023 1259
5.0 UNOFFICIAL INTERNET POSTING GUIDELINES IO

Department of Homeland Security (DHS) personnel who post content about DHS on the Internet
are responsible for ensuring that any information disclosed (including personal comments) is
accurate and appropriate. DHS personnel should keep in mind how their posts will reflect upon
themselves and their organization, and also be aware that some individuals and groups use public
networking forums to gain information that will help them advance their own causes or agendas
at the expense of others. DHS personnel who engage in unofficial posting on the Internet should
observe the following guidelines:
(1) You may not release DHS e-mail addresses, telephone numbers, or fax numbers not
already publicly released. You may not release the content manager's or content
provider's work contact information.
(2) You may not post or disclose the existence of internal DHS documents or information
that DHS has not officially released to the public. This policy applies no matter you
obtained the information. Examples include, but are not limited to, the following:
memos, e-mails, meeting notes, articles for publications, white papers, Public Affairs
guidance, and all pre-decisional materials. Do not release any For Official Use Only
(FOUO) information or PII in unofficial Internet posts.
(3) You, as a DHS Federal employee or contractor, are always responsible for adhering to
DHS policies concerning information security, physical security, and to the Privacy Act
in all forms of communication. Unauthorized disclosure of protected information,
including sensitive but unclassified (SBU) information may result in disciplinary action.
(4) You may not release information about or pertaining to another DHS employee. Release
of classified, operational, proprietary, law enforcement sensitive, or investigatory
information is not authorized.
(5) Any photo, video, or sound recording made by DHS personnel of an official DHS
function is considered official DHS media. Newsworthy items should be released
officially to news organizations and other media with the knowledge and approval of
OPA or the Component office of public or external affairs before being posting
unofficially.
(6) DHS-related media made by DHS personnel while they are in a non-working status in
public areas, (e.g., photo of a U.S. Coast Guard cutter taken from a public pier while on
liberty) is considered private imagery and is not subject to these guidelines.
(7) Use of official or protected DHS statements or symbols (for example, the DHS logo)
must be approved OPA. This prevents the impression of official or implied
endorsements.
(8) You may not release, intentionally or unintentionally, location-based (geospatial)
information related to a DHS mission. This prohibition includes, for example, disclosing
the location of the employee and/or DHS assets at a particular point in time. Auto-
10
Based on US OHS, ALCOAST 548/08, COMDTNOTE 5700. SUBJ: SOCIAL MEDIA - UNOFFICIAL
INTERNET POSTS.
vl4.0, July 24, 2018 17
2020-ICLl-00023 1260
tweeting, geospatial coordinates while driving, or reporting via a location-based social

media tool such as Foursquare are examples of violations of this guideline.
(9) As with other forums of personal public engagement, DHS personnel shall avoid off-duty
behavior that negatively impacts, or conflicts with, their ability to execute their duties for
DHS, such as the prohibited personal conduct described in Standards of Ethical Conduct
for Employees of the Executive Branch.
vl4.0, July 24, 2018 18
2020-ICLl-00023 1261
GLOSSARY
Terms commonly used in relation to social media are defined below.
Term Explanation
Blog An abbreviation of "weblog." A blog is a web-based forum where individual
content providers contribute regular entries or "posts" in the form of
commentary, descriptions of events, or other materials on the website.
Visitors to the blog may add their own comments to posts. Biogs may be
"moderated" with the blog owner overseeing removal of any objectionable
material, or they may be "unmoderated," in which case there is no control
over the posted material.
Clickjacking A malicious technique of tricking a user into revealing confidential
information or of taking control of their computer when they click links on
seemingly harmless web pages. On a clickjacked page, the attacker shows a
set of dummy buttons or links, then loads another page over it in a
transparent layer. Users think they are clicking on the visible page while
they are actually performing actions on the hidden page which the users
never intended, such as changing privacy settings on a social networking site
or following someone on Twitter.
Commercialffhird Party Social media hosted on servers over which OHS has no control. This
Social Media includes proprietary social networking sites such as Facebook and MySpace,
as well as collaboration services such as Wikipedia, BlogSpot, and
Delicious.
Content Manager Any individual designated to manage web content for OHS or a Component.
The duties of the Web Content Manager include ensuring compl iance with
accessibility standards for persons with disabilities. This individual is the
organization's primary point of contact for Web issues. 11
Content Provider Any individual who creates content for publ ication to OHS websites.12
Enterprise Network The communications backbone that interconnects every computer and
associated device at every location under the j urisdiction of an organization,
such as OHS.
External Hosting Provision by an external organization or company of access, on a fee-per-
service basis, to the equipment, technology and support to needed to
establish and run a website, as opposed to an organization's using its own in-
house resources.
Farming See Pharming
Fishing See Phishing
11
DHS 4300A, IV Definitions, J
12
OHS 4300A, IV Definitions, K
vl4.0, July 24, 2018 19
2020-ICLl-00023 1262
Term Explanation
Foursquare A location-based social networking website and appl ication for mobile
devices. Users "check in" or report their location by accessing a mobile
website, text messaging or a device-specific application, so that their
whereabouts can be discovered by others. Foursquare also incorporates
elements of a game by awarding users points for being the first to visit a new
place, and for adding new info1mation about the locations they visit.
Hacker A person who uses their proficiency with electronics, computers and/or
programming skills to gain illegal access to others' digital resources,
including personal handheld devices, files, computers and networks.
Internet footprint The collective activities and behaviors recorded as an individual interacts in
a digital environment, including device usage, system logins and logouts,
website visits, files, transmitted emails, and posted messages. "Passive
footprints" are created when data are collected about individuals' activities
without any deliberate action on their part, such as tracking which products
customers are visiting on a vendor's website regardless of whether purchases
occur. " Active footprints" are created when personal data is released
intentionally by individuals for the purpose of sharing information with
others online. Footprints are sometimes used as a rough measure of an
individual's "web presence."
Keystroke loggers Also called a "key logger," It it is can be a hardware device or a program that
monitors and records each keystroke a user types on a computing device's
keyboard. Although sometimes used for legitimate purposes, such as
diagnostics or monitoring a child's Internet activity, a more typical use of
keystroke loggers is for the unauthorized capture of security credentials such
as passwords and personal identification numbers.
Malware Derived from the phrase "malicious software," this term is a generic term for
any program whose purpose is to cause harm to a computer system.
Typica)ly, malware is installed without the user's knowledge or consent,
although it is often packaged with other software the user does in fact choose
to install or download. Viruses and worms are examples of malware.
Mashup A web page or application that enables the fast, easy combination of data
and/or functionality from multiple sources to create a new, enriched result
that was not necessarily the reason for producing the original sources. Most
mashups use publicly-accessible resources. For example, a mashup might
supe1impose on a Google map of a neighborhood the average housing prices
drawn from a city assessor's online database.
Metadata Information abo ut the meaning of other informat ion. Metadata can describe
or summarize key attributes of a piece of information to facilitate finding
that information when needed. An example of metadata is a time stamp that
specifies when a piece of info1mation was created.
Micro-Blog Extremely shmt blog posts similar to text messaging. The messages can
either be viewed by anyone or by a restricted group that is chosen by the
user. Twitter, a popular micro-blog client, allows posts of up to 140
characters to be uploaded and read using instant messaging or mobile
devices via text messaging.
vl4.0, July 24, 2018 20
2020-ICLl-00023 1263
Term Explanation
Operational Use The authorized use of social media to collect personally identifiable
information for the purpose of enhancing situational awareness,
investigating an individual in a criminal, civil, or administrative context,
making a benefit determination about a person, making a personnel
determination about a Department employee, making a suitability
determination about a prospective Department employee, or for any other
official Department purpose that has the potential to affect the rights,
privileges, or benefits of an individual.
Password Attack An attempt to obtain a legitimate user's password. Hackers can use common
password lists, dictionaries, cracking programs, and password sniffers in
password attacks.
Personally Identifiable Any information that permits the identity of an individual to be
Information (PU)
directly or indirectly inferred, including other information that is
linked or linka ble to an individual regardless of whether the individual
is a United States citizen, legal permanent reside nt, or a visitor to the
United States. Examples of PII include, but are not limited to name,
date of birth, mailing address, telephone number, Social Security
Number, email address, zip code, account numbers, certificate/license
numbers, vehicle identifiers including license plates, uniform resource
locators (URLs), IP addresses, biometric identifiers (e.g., fingerprint,
voiceprint, iris scan, photographic facial images, or any other unique
identifying number or characteristic), and any information where it is
~-easonably foreseeable that the information w ill be linked with other
information to identify the individual. Also, Sensitive Personally
Identifia ble Information (SPII) that permits the identity of an
individual to be directly or indirectly inferred, including other
information that is linked or linkable to an individual. 13
Pharming An action whereby a hacker subverts a user's attempt to visit a legitimate
website by instead redirecting the111.1· to a counterfeit or "spoofed" website.
The spoofed site is designed to trick users into revealing personal
information such as usemames, passwords, and account information.
Phishing An attempt to fraudulently acquire a user's personal information, such as
passwords and credit card details, by masquerading as a trustworthy person
or business in an apparently official electronic communication. Phishing is
common in e-mail and instant messaging. For example, you might receive
an e-mail that appears to come from an official at your bank that instructs
you to "confirm" your Internet banking credential by clicking on a link. The
"spoofed" website to which you would be directed would capture your
credentials in order to enable a third party to access and withdraw all funds
from your bank account.
13
OHS 4300A, IV Definitions, H
vl4.0, July 24, 2018 21
2020-ICLl-00023 1264
Term Explanation
Sensitive Personally Sensitive PIT is personally identifiable information, which if lost,
Identifiable Information compromised, or disclosed without authorization, could result in substantial
(SPIT) harm, embanassment, inconvenience, or unfairness to an individual.
Sensitive PIT requires stricter handling guidelines because of the increased
risk to an individual if the data are compromised. SPII includes Social
Security Number, d1iver' s license or State ID number, passport number,
Alien Registration Number, fiancial acocunt number, and biometric
identifisers.
Social Bookmarking A Web-based service where users create and store links to information on
topics of particular interest to them. Although web browsers have the ability
to bookmark links to "favorite" pages, those links are tied to an individual
browser on a single computer. Social bookmarking, by contrast, stores links
in an online account which can be made public. These bookmarks can be
shared and discovered by others who are interested in finding information on
similar topics. Examples of social bookmarking sites include Delicious,
Digg, and Reddit.
Social Engineering The act of deceiving or tricking people into performing actions or divulging
confidential infonnation, rather than obtaining such information by breaking
in or using technical means. For example, someone posing as a help desk
representative might telephone you and claim to be diagnosing a connection
problem; the caller requests that you verify your login ID and password or
other personal information so it can be checked against the items on file.
Social Media Internet-based applications that build on the foundations of Web 2.0 to allow
the creation and exchange of user-generated content. Social media can take
many different forms, including but not limited to Web-based communities
and hosted services, social networking sites, video and photo sharing sites,
wikis, blogs, podcasts, virtual worlds, social bookmarking, and many
emergent technologies.
Social Networking Services Web-based services that connect people who share the same interests and/or
activities, or who are interested in exploring the interests and activities of
others. Social networking services provide a variety of ways for users to
interact. For example, Facebook is used as a place to socialize with friends,
whereas Linkedln caters to those who wish to make professional
connections.
Spam Unsolicited or undesired electronic messages. Spam includes legitimate
advertisements, misleading advertisements, and phishing messages- any
unsolicited message can be spam.
Spear Fishing See Spear Phishing
Spear Phishing A technique by which the attacker generates an e-mail message or prompts
linking to a website. The attack's target is a specific individual or small
group. The goal is to convince the targets to take action, which gives the
attacker access to their system by presenting them with text, images, or
URLs that they could actually expect and therefore mistake for legitimate.
vl4.0, July 24, 2018 22
2020-ICLl-00023 1265
Term Explanation
Spoofed Webs.ite An impostor website that mimics a real company's website in order to steal
personal information from site visitors. Victims are often directed to these
spoofed sites through phishing e-mails. Spoofed sites can look extremely
convincing, but often contain small flaws such as spelling errors or "slightly
wrong" logos.
Spyware Any software that covertly gathers users' information through their
computing devices and/or their Internet connection without their knowledge
for unauthorized use. Spyware applications are typically hidden components
that users inadvertently download together with legitimate material.
Spyware may gather information such as e-mail addresses for advertising
purposes, or even passwords and credit card data.
Trusted Internet A DHS initiative implementing 0MB Memorandum M-08-05, to optimize
Connections (TIC) and standardize the security of individual external network connections
including connections to the Internet that are currently in use by the Federal
Government. A "TIC" is a physical location an agency uses to meet the
objectives of the TIC Initiative.
Twitter A social networking micro-blogging service that enables its users to send
and read other users' messages, called " tweets." Users ("followers") may
subscribe to ("follow") other users' tweets. Twitter is sometimes called the
"Short Message Service of the Internet" because of the compatibility of its
interface with smart phones. Tweets are limited to 140 characters.
Uniform Resource Locator In computing, the identifier that specifies where a resource is located and the
(URL) mechanism for retrieving it. The best-known example of the use of URLs is
for the addresses of web pages on the Internet, such as www.dhs.gov.
Video Sharing Websites on which users post video they have taken for others to view and
comment on. Such sites allow viewers to "embed" or display others' video
on their own sites. YouTube is probably the most widely known video
sharing site.
Virtual world Online communities where users or their digital representations (called
"avatars") can socialize, connect, and interact with one another using text
and voice chat. The term is used more specifica]ly to refer to an online
community such as Second Life that features a computer-based simulated
three-dimensional environment where users can not only interact but also
create and use virtual objects.
Virus A form of malware that can copy itself and spread from one computer to
another in the form of executable code when its host is taken to a target
computer. For example, a user might send an infected file over a network,
or c~my it on a removable medium such as a CD or thumb drive, or the virus
might send an instant message to all the contacts on the infected machine
which, when opened by the addressee, infects the recipient's computer.
While some viruses are benign, often a virus will cause a computer to
"hang," rendering it inoperable by corrupting and/or disabling key operating
system files and tools.
vl4.0, July 24, 2018 23
2020-ICLl-00023 1266
Term Explanation
Web 2.0 Although there is no agreed-upon definition of the term Web 2.0, it term
generally refers to the move toward a more social, interactive, collaborative,
and responsible Web. It can be characterized by capabilities and tools
fac ilitating social media dialog.
Whaling Phishing attacks targeted at high-ranking personnel in an organizational
hierarchy, such as Chief Executive Officers (CEO) and other top executives.
Widget A self-contained tool that can be embedded in a website or program to
deliver a single-purpose service, such as displaying the latest news and
weather, maps, or photos, or allowing a user to play interactive games with
other website visitors. Users of social networking sites often take advantage
of widgets as an easy way to make their sites more interesting to visitors;
care must be taken, however, since hackers often use widgets as malware
entry points.
Wiki A technology for creating collaborative websites. From the Hawaiian word
meaning "quick," a wiki is a collection of Web pages that encourages users
to contribute or modify the content. By using a simple Web interface, a
community can collaborate to develop a document or Web page, no matter
where the members of the community are located. By far the best-known
wiki is Wikipedia, a multilingual, web-based, free content encyclopedia
project.
Worm Self-replicating malware that uses a computer network to send copies of
itself from one computer system to another. Worms can cause excessive
network traffic and other malicious disruptions such as file deletion and
sending junk mail to every e-mail address it discovers on every computer
system as it spreads throughout a network.
vl4.0, July 24, 2018 24
2020-ICLl-00023 1267
REFERENCES
Federal Regulations
"Standards of Ethical Conduct for Employees of the Executive Branch," 5 CFR 2635
DHS Directives)
Directive 110-0 I, "Privacy Policy for the Operational Use of Social Media," June 8, 2012
MD No. 11042.1, "Safeguarding Sensitive But Unclassified (For Official Use Only) Information," January 6,
2005
Directive 139-05, "O ffice of Accessible Systems and T echnology," January 29, 2016
MD 262-04, "DHS Web (Internet, and Extranet Information)" (Revision 00), April 13, 2015
MD 4600. 1, "Personal Use of Government Office Equipment," April 14, 2003
MD 4900, "Individual Use and Operation of DHS Information Systems/Computers," undated DHS Privacy
Office Publicatio ns
MD 110-01, "Privacy Policy for the Operational Use of Social Media," June 8, 2012
Instruction 110-01-001, "Privacy Policy for Operational Use of Social Media," June 8, 2012
DHS Privacy Office Publications
" OHS Privacy Impact Assessment for Use of Social Networking Interactions and Applications," OHS Privacy
Office, April 2010
"Government 2.0: Privacy and Best Practices: Report on the OHS Privacy O ffice Public Workshop, OHS
Privacy Office, November 2009
Congressional Proceedings
Joint Hearing, "Collection and Use of Location Information for Commercial Purposes," U.S. House of
Representatives, Energy and Commerce Committee, Subcommittee on Communications, Techno logy and the
Internet, and Subcommittee on Commerce, Trade, and Consumer Protection, February 24, 2010
Other Government Sources
"CIO Council Guidelines for Secure Use of Social Media by Federal Departments and Agencies," Federal CIO
Council, Versio n 1.0, September 2009
"Communications Act of 1934", Federal Communications Commission,
https://transition. fee. gov/Reports/ 1934new.pdf
"GSA Social Media Policy and Handbook," CIO 2 106. l , General Services Administration, July 17, 2009
"Hatch Act Social Media and Email Guidance," Office of Special Counsel, https://osc.gov/Pages/Hatch-Act-
Social-Media-and-Email-Guidance.aspx
"New Media and the Air Force," U.S. Air Force Public Affairs Agency, E merging T echnology Division, April
6, 2009
"Social Media and the Federal Government: Perceived and Real Barriers and Potential Solutions," Federal Web
Managers Council," December 23, 2008
"Social Media Security Mitigations," Version 1.1 , U.S. Centers for Disease Control and Preventio n, December
3,2009
Articles and White Papers
"Security Threat Report: 2010," Sophos Group , 2010
vl4.0, July 24, 20 18 25
2020-ICLl-00023 1268
"The Application Usage and Risk Report: An Analysis of End User Application Trends in the Enterprise," Palo
Alto Networks, Fall 2009
"Location-based Social Media Has Legal Implications for Employers & Employees,"
www.thesocialworkplace.com, April 16, 2010
" Location-Sharing Technologies: Privacy Risks and Controls", Carnegie Mellon University, February 1010,
http://cups.cs.cmu.edu/LBSprivacy/files/TsaiKelleyCranorSadeh 2009.pdf
"Spear Phishers: Angling to Steal Your Financial Info", FBJ, April 2009,
https://archives. fbi. gov/archives/news/stories/2009/april/spearphishing 040 I 09
vl4.0, July 24, 2018 26
2020-ICLl-00023 1269
Department of Homeland Security
DHS Directives System
Instruction Number: 110-01-001
Revision Number: 00
Issue Date: 6/8/2012
PRIVACY POLICY FOR
OPERATIONAL USE OF SOCIAL
MEDIA
I. Purpose
This Instruction implements Department of Homeland Security (OHS) Directive 110-01 ,
Privacy Policy for Operational Use of Social Media.
II. Scope
This Instruction applies throughout OHS regarding the access to and collection, use,
maintenance, retention , disclosure, deletion, and destruction of Personally Identifiable
Information (PII) in relation to operational use of social media, with the exception of
operational use of social media for: (a) communications and outreach with the public
authorized by the Office of Public Affairs; (b) situational awareness by the National
Operations Center; (c) situational awareness by Components other than the National
Operations Center, upon approval by the Chief Privacy Officer following completion of a
Social Media Operational Use Template; and (d) the conduct of authorized intelligence
activities carried out by the Office of Intelligence and Analysis, the intelligence and
counterintelligence elements of the United States Coast Guard, or any other
Component performing authorized foreign intelligence or counterintelligence functions,
in accordance with the provisions of Executive Order 12333, as amended. This
Instruction does not apply to the Office of the Inspector General ; however, the OIG will
comply with the spirit of the Instruction.
Ill. References
A. Public Law 107-347, "E-Government Act of 2002," as amended, Section
208 [44 U.S.C. § 3501 note]
B. Title 5, United States Code (U.S.C.), Section 552a, "Records maintained

on individuals" [The Privacy Act of 1974, as amended)
C. Title 6, U.S.C., Section 142, "Privacy officer"
D. Title 44, U.S.C., Chapter 35, Subchapter Ill, "Information Security" [The
Federal Information Security Management Act of 2002, as amended (FISMA)]
-1-
Instruction# 110-01 -001
Revision # 00
2020-ICLl-00023 1270
E. Title 6, C.F.R., Chapter 1, Part 5, "Disclosure of records and information"
F. Directive 047-01 , "Privacy Policy and Compliance"
G. DHS Sensitive Systems Policy Directive 4300A
H. Privacy-related memoranda issued by the Office of Management and

Budget, including:
1. 0MB Memorandum 10-22, "Guidance for Online Use of Web

Measurement and Customization Technologies" (June 25, 2010)
2. 0MB Memorandum 10-23, "Guidance for Agency Use of Third-

Party Websites and Applications" (June 25, 2010)
3. 0MB Memorandum 07-16, "Safeguarding Against and Responding

to the Breach of Personally Identifiable Information" (May 22, 2007)
4. 0MB Memorandum 06-20, "FY 2006 Reporting Instructions for the

Federal Information Security Management Act and Agency Privacy
Management" (July 17, 2006)
5. 0MB Memorandum 06-19, "Reporting Incidents Involving

Personally Identifiable Information and Incorporating the Cost for Security
in Agency Information Technology Investments" (July 12, 2006)
6. 0MB Memorandum 06-15, "Safeguarding Personally Identifiable

Information" (May 22, 2006)
7. 0MB Circular No. A-130, "Transmittal Memorandum #4,

Management of Federal Information Resources" (November 28, 2000)
I. Privacy policy guidance and requirements issued (as updated) by the

Chief Privacy Officer and published on the Privacy Office website, including:
1. Privacy Policy Guidance Memorandum 2008-02, OHS Policy

Regarding Privacy Impact Assessments (December 30, 2008)
2. Privacy Policy Guidance Memorandum 2008-01 , The Fair

Information Practice Principles: Framework for Privacy Policy at the
Department of Homeland Security (December 29, 2008)
3. Handbook for Safeguarding Sensitive Personally Identifiable

Information at OHS (March 2012)
-2-
Revision # 00
2020-ICLl-00023 1271
IV. Definitions
A. Counsel means the Office of the General Counsel attorney, from either the
Immediate Office of the General Counsel or component counsel, assigned to
provide legal advice to the component covered by this Instruction.
B. Fair Information Practice Principles means the policy framework

adopted by the Department in Directive 047-01 , Privacy Policy and Compliance,
regarding the collection, use, maintenance, disclosure, deletion, or destruction of
Personally Identifiable Information.
C. Individual means a natural person, including a United States citizen,

Legal Permanent Resident, visitor to the United States, alien, DHS employee, or
DHS contractor.
D. Operational Use means authorized use of social media to collect

personally identifiable information for the purpose of enhancing situational
awareness, investigating an individual in a criminal, civil, or administrative
context, making a benefit determination about a person, making a personnel
determination about a Department employee, making a suitability determination
about a prospective Department employee, or for any other official Department
purpose that has the potential to affect the rights, privileges, or benefits of an
individual. Operational use does not include the use of search engines for
general Internet research, nor does it include the use of social media for
professional development such as training and continuing education or for
facilitating internal meetings.
E. Personally Identifiable Information (PII) means any information that

permits the identity of an individual to be directly or indirectly inferred, including
other information that is linked or linkable to an individual.
For example, when linked or linkable to an individual, such information includes a

name, Social Security number, date and place of birth, mother's maiden name,
Alien Registration Number, account number, license number, vehicle identifier
number, license plate number, device identifier or serial number, internet protocol
address, biometric identifier (e.g., facial recognition photograph, fingerprint, iris
scan, voice print), educational information, financial information, medical
information, criminal or employment information, information created specifically
to identify or authenticate an individual (e.g., a random generated number).
F. Privacy Compliance Documentation means any document required by

statute or by the Chief Privacy Officer that supports compliance with DHS privacy
policy, procedures, or requirements, including but not limited to the Social Media
Operational Use Template (Template), Privacy Impact Assessments (PIAs),
System of Records Notices (SORNs), Notices of Proposed Rulemaking for
-3-
Revision # 00
2020-ICLl-00023 1272
Exemption from certain aspects of the Privacy Act (NPRM), and Final Rules for
Exemption from certain aspects of the Privacy Act.
G. Privacy Compliance Review (PCRJ means both the OHS Privacy Office
process to be followed and the document designed to provide a constructive
mechanism to improve a OHS program's ability to comply with assurances made
in existing Privacy Compliance Documentation including Privacy Impact
Assessments (PIAs), System of Records Notices (SORNs) and/or formal
agreements such as Memoranda of Understanding or Memoranda of Agreement.
H. Privacy Impact Assessment (PIA) means both the OHS Privacy Office
process to be followed and the document required whenever an information
technology (IT) system , technology, rulemaking, program, pilot project, or other
activity involves the planned use of PII or otherwise impacts the privacy of
individuals as determined by the Chief Privacy Officer. A PIA describes what
information OHS is collecting, why the information is being collected, how the
information will be used, stored, and shared, how the information may be
accessed, how the information will be protected from unauthorized use or
disclosure, and how long it will be retained. A PIA also provides an analysis of
the privacy considerations posed and the steps OHS has taken to mitigate any
impact on privacy. As a general rule, PIAs are public documents. The Chief
Privacy Officer may, in coordination with the affected component and the Office
of the General Counsel, modify or waive publication for security reasons, or to
protect classified, sensitive, or private information included in a PIA.
I. Program Manager means the OHS employee who is responsible for the
planning and operation of a OHS program.
J. Situational Awareness means information gathered from a variety of

sources that, when communicated to emergency managers and decision makers,
can form the basis for incident management decision making.
K. Social Media means the sphere of websites, applications, and web-based

tools that connect users to engage in dialogue, share information and media,
collaborate, and interact. Social media take many different forms, including but
not limited to web-based communities and hosted services, social networking
sites, video and photo sharing sites, biogs, virtual worlds, social bookmarking,
and other emerging technologies. This definition does not apply to internal
Department intranets or applications.
L. Social Media Operational Use Template (Template) means the

document that describes the current or proposed category of operational uses(s)
of social media, identifies the appropriate authorities for the current or proposed
category of use(s), describes what PII, if any, is collected (and from whom) , and
how that information is used. The Template is used to identify information
technology systems, technologies, rulemakings, programs, or pilot projects that
-4-
Revision # 00
2020-ICLl-00023 1273
involve collecting PII from social media for the proposed category of use(s) and
to assess whether there is a need for additional Privacy Compliance
Documentation. Templates are initially reviewed and adjudicated by the Chief
Privacy Officer, and every three years thereafter for accuracy.
M. System Manager means the OHS employee identified in a System of
Records Notice who is responsible for the operation and management of the
system of records to which the System of Records Notice pertains.
N. System of Records Notice (SORN) means the official public notice of a

OHS system of records as required by the Privacy Act of 1974 (as amended).
The SORN identifies (1) the purpose for the system of records, (2) the individuals
covered by information in the system of records , (3) the categories of records
maintained about individuals, (4) the source of the records and (5) the ways in
which the information is generally shared by the Department. The SORN also
provides notice of the mechanisms available for individuals to exercise their
Privacy Act rights to access and correct the PII that OHS maintains about them.
V. Responsibilities
A. All DHS employees are responsible for complying with Directive 110-01 ,
with privacy policies and procedures issued by the Chief Privacy Officer, and with
applicable Component policies on operational use of social media and for
protecting PII from unauthorized use or disclosure.
B. Chief Information Officer is responsible for providing web technology

services, security, and technical assistance for the operational use of social
media within the Department.
C. Counsel is responsible for:
1. Providing advice to Program Managers or System Managers, as

appropriate, to ensure that appropriate authority exists to engage in
categories of operational use of social media before Component
employees engage in those uses, and to ensure that the Template
generally documents that authority; and
2. Providing legal guidance to the Component Privacy Officers or

PPOCs and Program Managers or System Managers, as appropriate, in
the drafting of Rules of Behavior for operational use of social media.
D. Component Privacy Officers are responsible for:
1. Maintaining an accurate accounting of all Component categories of

operational use of social media using the Template to identify collection
and use of PII, and any other attendant privacy impacts, and ensuring
-5-
Revision # 00
2020-ICLl-00023 1274
Components implement DHS privacy policy with respect to the operational
use of social media;
2. Coordinating with Program Managers or System Managers, as

appropriate, together with the Chief Privacy Officer and counsel to
complete a Template and any other required Privacy Compliance
Documentation (1) for all proposed categories of operational use of social
media, and (2) for any changes to the categories of operational use of
social media;
3. Developing and reviewing Component policies and directives

related to operational use of social media, and Component Rules of
Behavior consistent with the adjudicated Template, to ensure compliance
with OHS privacy policy, privacy laws applicable to OHS, and federal
government-wide privacy policies;
4. Overseeing Component privacy training for operational use of

social media and providing educational materials, consistent with privacy
training for operational use of social media developed by the Chief Privacy
Officer.
5. Reviewing documentation required in Section VI.D.8 to ascertain

compliance with this Instruction as needed; and
6. Collaborating with the Chief Privacy Officer in conducting Privacy

Compliance Reviews.
E. Privacy Points of Contact (PPOCs) are responsible for assuming the

duties of Component Privacy Officers in Components that do not have Privacy
Officers.
F. Program Managers, or System Managers, as appropriate, are

responsible for:
1. Coordinating with the Component Privacy Officer or PPOC to

ensure that privacy is appropriately addressed when proposing,
developing, implementing, or changing any operational use of social
media;
2. Coordinating with the Component Privacy Officer or PPOC and

counsel to prepare drafts of the Template and, as appropriate, all Privacy
Compliance Documentation required when proposing, developing, or
implementing or changing any category of operational use of social media;
3. Monitoring the design, deployment, operation, and retirement of

programs involving the operational use of social media to ensure that the
-6-
Instruction# 110-01-001
Revision # 00
2020-ICLl-00023 1275
use of PII, if any, is limited to those uses described in the Privacy
Compliance Documentation;
4. Ensuring oversight mechanisms are built into the design of

programs and systems involving the operational use of social media;
5. Coordinating with the Component Privacy Officer or PPOC to

establish administrative, technical, and physical controls for storing and
safeguarding PII consistent with OHS privacy, security, and records
management requirements to ensure the protection of PII from
unauthorized access, disclosure, or destruction in the course of
operational use of social media; and
6. Supporting the Component Privacy Officer or PPOC in developing

and implementing privacy procedures and job-related privacy training to
safeguard PII in operational uses of social media.
VI. Content and Procedures

A. Authority to Engage in Operational Use of Social Media: Program
Managers and System Managers consult with counsel to ensure that appropriate
authority exists to engage in categories of operational use of social media before
Component employees engage in those activities.
B. Privacy Compliance Documentation: Before engaging in, or contracting

for, new or modified categories of operational use of social media (which as
defined includes investigatory purposes), Program Managers and System
Managers, in consultation with Component Privacy Officers or PPOCs and
counsel complete a Template to document the authority and purpose(s) of those
uses as well as a description of those uses, and to determine whether all of the
Rules of Behavior discussed in Section VI.D of this Instruction will apply to the
particular uses(s) covered by the Template. Templates are submitted to the
Chief Privacy Officer for a prompt review and determination as to whether a new
or updated PIA or SORN is required. Templates are also completed to document
categories of operational use of social media in existence prior to this Instruction
to ensure compliance with this Instruction. Once a Template is approved for a
category of operational use, a Template is not required for additional use of
social media within that category unless there is a material modification of the
Rules of Behavior applicable to that category. Components may appeal to the
Deputy Secretary of Homeland Security if there is a disagreement over the OHS
Privacy Office determination of privacy compliance for the operational use of
social media.
C. Access: OHS employees who are granted access to use social media by
their Component heads renew their access authority annually, consistent with
-7-
Revision # 00
2020-ICLl-00023 1276
annual training requirements. Access is contingent upon an employee's
successfully completing privacy training for operational use of social media.
0. Rules of Behavior: Component Privacy Officers or PPOCs, in coordination

with counsel and Program Managers, or System Managers as appropriate, draft
Rules of Behavior for operational use of social media (either separately or as part
of a broader policy document) and submit them with the Template to the Chief
Privacy Officer for review and approval. Personnel granted access to use social
media certify annually that they have read and understand the Component Rules
of Behavior. Where certification is not practicable, Component Privacy Officers
and PPOCs maintain records of employee attendance at privacy training that
includes training on Rules of Behavior.
Rules of Behavior include requirements for operational use of social media and
the consequences of failure to adhere to those requirements. Where a federal
policy establishes guidelines that apply to a Component's operational use of
social media, the Component's Rules of Behavior incorporate that policy and that
fact is noted in the Template. Unless otherwise noted in the Template
adjudication process, the Rules of Behavior provide, at a minimum, that OHS
employees:
1. Use social media for operational purposes only when activities are
authorized by statute, executive order, regulation, or policy;
2. Use only government-issued equipment, government accounts, and

only government email addresses when engaging in the operational
3. Use online screen names or identities that indicate an official OHS

affiliation and use OHS email addresses to open accounts used
when engaging in social media in the performance of their duties;
4. Access publicly available information through social media only by

reviewing posted information without interacting with any individual
who posted the information;
5. Respect individuals' privacy settings and access only information

that is publicly available unless the individual whose information the
employee seeks to access has given consent to access it;
6. Collect the minimum PII necessary for the proper performance of

their authorized duties;
7. Protect PII as required by the Privacy Act and OHS privacy policy;
and
-8-
Revision # 00
2020-ICLl-00023 1277
8. Document operational use of social media, including date, site(s)
accessed, information collected, and how it was used in the same
manner that the Department would document information collected
from any source in the normal course of business. For instance,
where information obtained through authorized operational use of
social media is used in whole or in part to make decisions regarding
an individual's rights, benefits or privileges, employees document
that fact in relevant records.
E. Privacy Training: Component Privacy Officers or PPOCs tailor privacy

training for the operational use of social media to Component-specific needs,
based upon training materials provided by the Chief Privacy Officer. Completion
of this privacy training is a prerequisite for obtaining access to social media for
operational use. Upon completion of this training, employees will certify that they
have read and understand their Component's Rules of Behavior. Where
certification is not practicable, Component Privacy Officers and PPOCs maintain
records of employee attendance at privacy training that includes training on
Rules of Behavior. Employees also complete refresher training and recertify they
have read and understand their Component's Rules of Behavior annually
thereafter. Privacy training content includes, at a minimum, legal authorities,
acceptable operational uses of social media, access requirements, applicable
Rules of Behavior, and requirements for documenting operational uses of social
media.
F. Retention of PII: Component Program Managers or System Managers

where appropriate, maintain PII collected through authorized operational uses of
social media in the applicable Privacy Act system of records in accordance with
approved records retention schedules.
G. Privacy Compliance Reviews (PCR): The Chief Privacy Officer, in

collaboration with Component Privacy Officers or PPOCs, conducts PCRs of
approved operational uses of social media periodically, at the sole discretion of
the Chief Privacy Officer, to ascertain compliance with OHS privacy policy and
legal authorities. PCRs may include a determination as to whether the Privacy
Compliance Documentation for a particular operational use of social media is
accurate and up to date.
H. Implementation: Measured from the date Directive 110-01 and this

Instruction are signed and posted on OHS Connect:
1. the Chief Privacy Officer provides baseline training to the

Components within 45 days, and
-9-
Revision # 00
2020-ICLl-00023 1278
2. Components complete implementation of this Instruction, including
obtaining approval from the Chief Privacy Officer of Templates for
categories of operational use of social media in existence prior to
this Instruction, within 120 days, except that Components complete
training of all pertinent employees within 165 days.
VII. Questions
Address any questions or concerns regarding these Instructions to the OHS Privacy
Office or to the relevant Component Privacy Officer or PPOC.
(b)(6); (b)(7)(C)
J &Nl-~, 2.--6!2_
Date
Chief Privacy Officer
- 10 -
Revision # 00
2020-ICLl-00023 1279
Homeland The Privacy Office
U.S. Depan ment of Homeland Security
Security Washington. DC 20528

703-23!(b)(6 ); (b)(?)(C)
www.dhs.gov/privacy
I
Version date: June 12, 2012
Page 1 of
10
DHS OPERATIONAL USE OF SOCIAL MEDIA

This template is used to assess the D epartment's Operational U se of Social Media,
consistent with Manage ment Directive 110-01.
The DHS Privacy Office has created this template to determine privacy compliance with
Management Directive 110-01, Privae1; Policy for Operational Use of Social Media. For the purposes of the
Management Directive and this template, "Operational Use" means authorized use of social media to
investigating an individual in a criminal, civil, or administrative context, making a benefit determination
about a person, making a personnel determination about a Department employee, making a suitability
determination about a prospective Department employee, or for any other official Department purpose
that has the potential to affect the rights, privileges, or benefits of an individual. Operational use does not
include the use of search engines for general Internet research, nor does it include the use of social media
for professional development such as training and continuing education or for facilitating internal
meetings. The following uses of social med ia are exempt from the Management Directive and are not
subject to this requirementl:
a) Communications and outreach with the public authorized by the Office of Public Affairs
(covered by the existing PIAs: DHS/ALL/PIA-031 - Use of Social Networking Interactions
and Applications Communications/Outreach/Public Dialogue and DHS/ALL/PIA-036 -
Use of Unidirectional Social Media Applications);
b) The conduct of authorized intelligence activities carried out by the Office of Intelligence
and Analysis, the intelligence and counterintelligence elements of the United States
Coast Guard, or any other Component p erforming authorized foreign intelligence or
counterintelligence functions, in accordance with the provisions of Executive Order
12333, as amended.
This template shall be used to document the process to be followed by all programs engaging in
operational u ses of social media; to identify information technology systems, technologies, rulemakings,
programs, or pilot projects that involve PII and other activities that otherwise impact the privacy of
individuals as determined by the Chief Privacy Officer; and to assess whether there is a need for
additional Privacy Compliance Documentation. Components may appeal to the Deputy Secretary for
Homeland Security if there is d isagreement over the DHS Privacy Office determination of privacy
compliance for the operational use of social media.
1
Gathering information by the Office of Operations Coordination and Planning (OPS) to enhance situational awa reness is exempt
from this requirement and is covered by the existing PIA: DHS/OPS/PIA-004(d) - Publicly Available Social Media Monitoring and
Situational Awareness Initiative Update.
2020-ICLl-00023 1280

703-235-Vh )//::\ ·
www.dhs.gov/privacy
!

Page 2 of
JO

Please complete this form and send it to your Component Privacy Officer.
Upon receipt, your Component Privacy Officer and the OHS Privacy Office will review this
form and may request additional information.
SUMMARY INFORMATION
Date submitted for review:
Name of Component: U.S. Immigration and Customs Enforcement
Contact Information:l(b)(6); (b)(7)(C) !D eputy Pri vacy Officer, (202) 732-Kb)(6)1
Counsel2 Contact Information: b)(6); (b)(7)(C) Chief, Homeland Security Investigations

Division, (202) 732 (b)(6); (b)(7)(C) Chief, Enforcement and Removal Operations
Division, (202) 732J(b)(6); I
IT System(s) where social media data is stored: TECS, ICE Child Exploitation Tracking
System (CETS), Gen eral Counsel Electronic Management Sys tem (GEMS), Personnel Security
Activiti es Management System (PSAMS)/Integrated Security Managem ent System (ISMS), Joint
Integrity Case Management System (JICMS), Enforcement Integrated Database (EID), and
FALCON Search & Analysis System (FALCON-SA).
Applicable Privacy Impact Assessment(s) (PIA) :
DHS/ICE/PIA-017 - Immigration and Cus toms Enforcement Child Exploitation

Tracking Syste m (ICE-CETS)
DHS/ICE/PIA-032 - FALCON Search & Analysis System (FALCON-SA)
DHS/ICE/PIA-002(a) - General Counsel Electronic Management System (GEMS)
DHS/ICE/PIA-020 - Enforcement Integrated Database (EID)
DHS/ALL/PIA-00l(a) - Personnel Security Activities Management System

(PSAMS)/Integrated Security Managem ent System (ISMS)
2
Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social
media.
2020-ICLl-00023 1281
Homeland The Privacy O ffice

703-235Jrh ) <f\) ·
www.dhs.gov/privacy

Page3 of
JO
Applicable System of Records Notice(s) (SORN ):
OHS/ ICE-006 - ICE Inte lligence Records Syste m (HRS)
OHS/ ICE 008 - Search, Arrest, and Seizure Records
OHS/ICE-009 - External Investigations
OHS/ ALL-023 - OHS Personnel Security Management Records (PSAMS)
OHS/ ICE-003 - Gen eral Counsel Electronic Management Sys tem (GEMS)
OHS/ ICE-011 - Immig ration Enforcement Operational Record s Sys tem (ENFORCE)
OHS/ALL-020 - OHS Internal Affairs Records
2020-ICLl-00023 1282

703-235lfh )(R )·
www.dhs.gov/privacy
!

Page 4 of
JO
SPECIFIC QUESTIONS
1. Describe the category of use for collecting personally identifiable information from social
media sources. Examples include: law enforcement intelligence, criminal investigations,
background investigations, administrative investigations, professional responsibility
investigations, benefit or employment determinations, or situational awareness. If use does
not fit into one of these categories, please describe in full below. If your component has
multiple categories of use, please submit separate template for each category.
As the definition of social media in the DHS Instruction 110-01-001 Privacy Policy for the
Operational Use of Social Media (Privacy Policy) is drafted broadly so as to likely include
general use of the Internet and as social media technology is ever changing and evolving, this
submission addresses ICE's use of the Internet, to include social media as defined in the
Privacy Policy.
ICE uses the Internet, including social media as defined in the Privacy Policy, for criminal
law enforcement purposes. (This submission does not address the conduct of undercover
operations in the context of criminal law enforcement investigations. Those activities are
covered by a separately submitted document that covers undercover investigations only.)
This criminal law enforcement use of the Internet, including social media, falls into the
following three categories: (1) using the Internet, including social media, to assist in locating,
arresting, and adjudicatin g fugitives and assisting other law en forcemen t agencies with
investigations and adjudications related to the fugitive, (2) using the Internet, including social
media, to assist in investigating, gathering evidence, and gathering criminal intelligence on
criminal and potential criminal activity, and (3) pre-operational, operational, and situational
awareness uses related to officer safety or threats to the public at-large.
Category One: Locating, Arresting, and Adjudicating Fugitives
With regard to the use of the Internet, including social media, to locate and arrest fugitives
and criminals, ICE officers, agents, attorneys, and support personnel routinely use a variety
of government and commercial databases to identify, locate, and arrest fugitives. These
individuals could include members of the public or employees or contractors of ICE and CBP
su spected of committing crimes or other forms of misconduct. However, additional
information not available in these databases is available on the Internet, including social
media. The use of the Internet, including social media, will allow ICE to gather information
that assists in identifying, locating, and arresting fugitives wanted for crimes and assisting
other law enforcement agencies with identifying, locating, and arresting fugitives.
Category Two: Criminal Investigations and Law Enforcement Intelligence
ICE also uses the Internet, including social media, to assist in investigating, gathering
evidence, and gathering law enforcement intelligence on criminal and potential criminal
2020-ICLl-00023 1283

103.23s ~11-.\ la \ .
www.dhs.gov/privacy
I

Page 5 of
JO
activity. This use of the Internet, including social media, involves activities to gather
information such as Internet searches, reviewing social media sites, monitoring chat rooms,
and reviewing comments posted on websites. This information is gathered and used by ICE
officers, agents, attorneys, and support personnel in the same manner as information
gathered from non-Internet and non-social media sources such as information gath ered in
person, on the phone, or through research of hard copy documents. Information gathered in
this fashion may be used in criminal investigations of members of the public or employees or
contractors of ICE and CBP.
Category Three: Officer and Public Safety
ICE also uses the Internet, including social media, for pre-operational/operational/situational
awareness uses relating to officer safety or threats to the public at-large. Prior to conducting
tactical enforcement operations or otherwise initiating contact with a subject, ICE agents,
officers, and support personnel may collect information about the subject of the tactical
enforcement operation. This information gathering includes information available on the
Internet, including social media, such as firearms/weapons possession and
relatives/associates who may reside with them. This information assists officers with tactical
planning activities such as: number of officers required for the operation, any specialized
equipment that may be necessary for the operation, and intelligence on when and where the
operation should be conducted for officer safety and tactical efficiency.
2. Based on the operational use of social media listed above, please provide the appropriate
authorities.
• Homeland Security Act of 2002, as amended, Pub. L. No. 107-296, 116 Stat. 2135 (2002)
• OHS Delegation No. 7030.2, Delegation of Authority to the Assistant Secretary of U.S
Immigration and Customs Enforcement
• 19 U.S.C. § 1589a, Enforcement authority of customs officers
• 8 U.S.C. § 1357, Powers of immigration officers and employees
a) Has Counsel listed above reviewed these authorities for privacy issues and
determined that they permit the Program to use social media for the listed operational
use?
[:8'.] Yes. 0No.
3. Is this use of social media in development or operational?

D In development. [:8'.] Operational. Date first launched: Unknown.
The Internet has been in use at ICE's legacy agencies since it was publicly available.
4. Please attach a copy of the Rules of Behavior that outline the requirements below.
2020-ICLl-00023 1284

103-235fh ,rnv
www.dhs.gov/privacy
I

Page 6 of
JO
See Memorandum from John Morton, Use of Public and Non-Public Online Information, June 28,
2012.
s. Please describe the Rules of Behavior in effect for the listed operational use of social media. If
users do NOT follow a particular Rule, please detail reasoning for not following that Rule:
a) Equipment. Use only government-issued equipment when engaging in the operational
OYes. !SJ No. If not, please explain:
The nature of criminal investigations may require investigators to use non-
government-issued equipment when engaging in criminal investigations.
Investigators at times find themselves in rapidly evolving situations in the field that
call for the use of adaptive measures. In situations where government-issued
equipment is either not available, or is technologically insufficient to perform the
required task at hand, investigators may need to rely on non-government-issued
equipment. However, ICE is currently working to provide government-issued
equipment so as to not require the u se of non-government-issued equipment in these
circumstances.
b) Email and accounts. Use online screen names or identities that indicate an official OHS
affiliation and use OHS email addresses to open accounts u sed when engaging in social
media in the performan ce of their duties;
Because the activities described in Question 1 are for criminal law enforcement purposes,
the employees who engage in these activities will not identify themselves as ICE or OHS
personnel, or law enforcement personnel. This is necessary to ensure the safety of law
enforcement personnel, to avoid compromising law enforcement operations, to prevent
tipping off individuals who are sought by law enforcement for violations of law, and to
prevent disclosing litigation strategy and tactics.
c) Public interaction. Access publicly available information through social media only by
reviewing posted information without interacting with any individual who posted the
information;
!SJ Yes. D No. If not, please explain:

d) Privacy settings. Respect individuals' privacy settings and access only information that is
publicly available;
2020-ICLl-00023 1285

703-231(b )(6 ):
www.dhs.gov/privacy

Page 7 of
JO
Law enforcement personnel may not access restricted online sources or facilities absent
legal authority p ermitting entry into private space. Where legal authority exists, law
enforcement personnel may access restricted onJine information.
e) PII collection: Collect the minimum PII necessary for the proper performance of their
authorized duties except for systems subject to Final Rules for Exemption from certain
aspects of the Privacy Act;
0Yes. [gj No. If not, please explain:
The applicable SORNs cited above are aJl exempted by Final Rules from the Privacy Act
(e)(l) requirement (5 U.S.C. § 552a(e)(l)), w hich normally limits agencies to collecting
only information about individuals that is relevant and necessary to accomplish a
purpose of the agency required by statute or Executive Order. The exemption from the
(e)(l) requirement is necessary to ensure the integrity of law enforcem ent investigations,
as more fully detailed in the Final Rules.
f) PII safeguards. Protect PIT as required by the Privacy Act (if applicable) and DHS privacy
policy;
[gj Yes. D No. If not, please explain:

g) Documentation. Document operational u se of social media, including date, site(s)
accessed, information collected and how it was u sed.
0Yes. [gj No. If not, please explain:
ICE's rules of behavior state that law enforcem ent personnel should retain the
information they access on the Internet, including social media, if they would have
retained that content had it been written on paper. These contents should be preserved
in a manner authorized by ICE procedures governing the preservation of electronic
communications.
h) Training. Users complete annual privacy training which has been approved by
Component Privacy Officer (or Privacy Point of Contact) based upon training materials
provided by the OHS Privacy Office. Training must include, at minimum: legal
authorities, acceptable operational u ses of social m edia, access requirements, and
requirem ents for documenting operational u ses of social media.
[gj Yes. D No. If not, please explain:

D Yes, employees self-certify that they have read and understood their Component
Rules of Behavior.
2020-ICLl-00023 1286

703·235l(b)(6);
www.dhs.gov/pnvacy
I
Page 8 of
JO
~ Yes, Component Privacy Officers or PPOCs maintain a record of employee

attendance at privacy training that includes training on the Rules of Behavior.
D No. If not, please expJajn:
2020-ICLl-00023 1287

703-235!fh\fR) ·
www.dhs.gov/privacy
!

Page 9of
JO
DHS SOCIAL MEDIA DOCUMENTATION

(To be Completed b y the OHS Privacy Office)
DATE re vie w e d by the OHS Privacy Office: 11/6/2012
NAME o f the OHS Privacy Office Reviewer: l(b ) ( 6 ): ( b ) ( 7 )(C )
OHS Privacy Office Determination

j:gJ
Program has m e t requirements to u se social m e dia for the s tated authorize d
operational purposes, and must continue compliance with the requirements above .
D Program has not yet met requirements to utilize social media for operational
purposes.
D Program authorities do not authorize operational use of social media.
D Rules of Behavior do not comply. <Please explain analysis.>
D Training required .
Additional Privacy compliance documentation is required:
j:gJ A PIA is required.
[gJ Covered by existing PIA.
DHS/ ICE/PIA-017 - Immigration and Customs Enforcement Child
Exploitation Tracking System (ICE-CETS)
DHS/ ICE/PIA-032 - FALCON Search & Analysis System (FALCON-SA)
DHS/ ICE/PIA-002(a) - General Counsel Electronic Management System

(GEMS)
DHS/ ICE/PIA-020 - Enforcement Integrated Database (EID)
DHS/ A LL/PIA-00l(a) - Personnel Security Activities Management

System (PSAMS)/ Integrated Securi ty Management System (ISMS)
D New.
D Updated. <Please include the name and number of PIA to b e updated
here.>
2020-ICLl-00023 1288

103.23s -tn-.\ la \ .
www.dhs.gov/privacy
I

Page JO of
JO
~ A SORN is required:
~ Covered by existing SORN.
OHS/JCE-006 - ICE Intelligence Records System (URS)
OHS/ICE 008 - Search, Arrest, and Seizure Records
DHS/ALL-023 - OHS Personnel Security Management Records (PSAMS)
OHS/ICE-003 - General Counsel Electronic Management System (GEMS)
DHS/ICE-011 - Immigration Enforcement Operational Records System

(ENFORCE)

D New.
D Updated. <Please include the name and number of SORN to be updated
here.>
OHS PRIVACY OFFICE COMM ENTS

The DHS Privacy Office determines that ICE has provided sufficient documentation to demonstrate compliance
with the MD 110-0 I. The rules of behavior reference that Law Enforcement personnel shall follow ICE guidelines
and procedures whether the activities are online or oft1ine. ICE did not provide the "offline policy" that is
referenced in the Rules of Behavior because it is very close hold and distribution is limited. This policy, referred to
as the UC Ops Handbook governs ICE HSI undercover investigations. ICE PRIV has reviewed the document.
DHS PRIV also requested additional guidance on how the requirements to retain records were covered. ICE PRIV
advised that Section 5 of the ICE principles covers the retention of records. DHS PRIV concurs.
2020-ICLl-00023 1289
U.S. Depa11111en1 of Homeland Security

703-235!(b )(6 ) :
www .dhs.gov/privacy

Page 1 of
12

This template is used to assess the D epartment's Operational Use of Social Media,
consistent with M anagement Directive 110-01.
The OHS Privacy Office has created this template to determine privacy compliance with
meetings. The following uses of social media are exempt from the Management Directive and are not
subject to this requirementl:
and Applications Communications/Outreach/Pu blic Dialogu e and DHS/ALL/PIA-036 -
Coast Guard, or any other Component performing authorized foreign intelligence or
12333, as amended.
operational uses of social media; to identify information technology systems, technologies, rulemakings,
programs, or pilot projects that involve PU and other activities that otherwise impact the privacy of
individuals as determined by the Chief Privacy Officer; and to assess whether there is a n eed for
Homeland Security if there is disagreement over the OHS Privacy Office determination of privacy
1 Gathering information by the Office of Operations Coordination and Planning (OPS) to enhance situational awareness is exempt
from this requirement and is covered by the existi ng PIA: DHS/OPS/PIA-004/d) - Publicly Available Social Media Monitoring and
2020-ICLl-00023 1290

703-235 lt h \ I C:\ ·
www.dhs.gov/privacy
!

Page2 of
12

Upon receipt, your Component Privacy Officer and the OHS Privacy Office will review th is
SUMMARY INFORMATION
Date submitted for review: December 5, 2016
Name of Component: U.S Immigration and Customs Enforcement
Contact Information{ b)(6); (b)(7)(C) IPrivacy Officer, (202) 732J(b)(6);

Counsel2 Contact Information: Adam Loiacono, Chief, Enforcement and Removal operations
Law Division, OPLA; Erin Clifford, (A) Chief, Government Information Law Division,
OPLA
IT System(s) where social media data is stored: TECS Case Management, Fugitive Case
Management System, Enforcement Integrated Database, and Alien Criminal Response
Information Management System
Applicable Privacy Impact Assessment(s) (PIA):
DHS/ICE/PIA-009 - Fugitive Case Management System (FCMS)
DHS/ICE/PIA-011 - Visa Security Program Tracking System (VSPTS-Net)
DHS/ICE/PIA-020 - Alien Criminal Response Information Management System

(ACRIMe)
Applicable System of Records Notice(s) (SORN):
DHS/ICE-009 - External Investigations
DHS/ICE-007 - Alien Criminal Response Information Management (ACRIMe) SORN
2
media.
2020-ICLl-00023 1291

703-235!fh \(R\·
www.dhs.gov/privacy
!

Page 3 of
12
DHS/ICE-011 - Immigration and Enforcement Operational Records System

(ENFORCE) SORN
DHS/ICE-012 - Visa Security Program (VSP) SORN
DHS/USCIS-ICE-CBP-001- Alien File, Index, And National File Tracking System SORN
2020-ICLl-00023 1292

703-235-fo )(6) :

Page 4 of
12
OHS OPERATIONAL USE OF SOCIAL MEDIA
SPECIFIC QUESTION S
multiple categories of u se, please submit separate template for each category.
As the definition of social media in the OHS Instruction 110-01-001 PrivactJ Policy for the
Operational Use of Social Media (Privacy Policy) is drafted broadly so as to likely include general
use of the Internet and as social media technology is ever changing and evolving, this template
addresses ICE's use of the Internet, to include social media as defined in the Privacy Policy.
ICE uses the Internet, including social media as defined in the Pri vacy Policy, for criminaJ and
administrative immigration law enforcement purposes. (This template does not address the
conduct of undercover operations in the context of criminal immigration law enforcement
investigations. Those activities are covered by a separately submitted template that covers
undercover investigations only.) This immigration law enforcement use of the Internet including
social media, falls into the following four categories: (1) using the Internet, including social
media, to assist in locating, arresting, and adjudicating individuals who may be amenable to
removal under the Immigration and Nationality Act or are otherwise suspected of violations of
U.S. immigration law and assisting other law enforcement agencies with investigations and
adjudications related to individuals, (2) identify individuals who may be inadmissible to the
United States under the Immigration and Nationality Act, (3) pre-operational, operational, and
situational awaren ess u ses related to officer safety or threats to the public at-large, and (4) to
obtain information to assist in d etermining whether to exercise prosecutorial discretion.
Categor_y One: Basic Criminal and Administrative Enforcement of the Immigration and
Nationality Act
With regard to the u se of the Internet, including social media, to locate and arrest individuals,
ICE officers, agents, attorneys, and suppor t p ersonnel routinely u se a variety of government and
commercial databases to identify, locate, and arrest in dividuals who may be amenable to removal
and meet ICE's current enforcement p riorities. However, additional information not available in
these databases is available on the Internet, including social media. The use of the Internet,
including social media, will allow ICE to gather information that assists in identifying, locating,
and arresting individuals wanted for crimes and/or who may be amenable to removal, and
assisting other law enforcement agencies with investigations related to individuals where
necessary and appropriate. It will also allow ICE attorneys who represent the agency in civil
2020-ICLl-00023 1293

703 23
- ,~[~ )a~~~owpnvacy I
Page 5 of
12
immigration proceedings before the Executive Office for Immigration Review to conduct general
and specific case research and preparation.
Category Two: Inadmis sibility Recommendations under the Immigration and N ationality Act
ICE also uses the Internet, including social media, to identify individuals who may be
inadmissible to the United States u nder the Immigration and Nationality Act. As a function of the
Visa Security Program, ICE makes recommendations to the Department of State on the issuance
and status of non-immigrant visas. ICE may collect information about non-immigrant visa
applicants and their associated points of contact listed on their visa application in order to make
these recommendations. This includes gathering information publicly available on the Internet,
including social media, before and after visa approval. ICE may also collect information about
non-immigrant visa holders. If derogatory information about a non-immigrant visa holder is
uncovered, information may be shared with the Department of State and/or forwarded to the
appropriate ICE Homeland Security Investigations field office for appropriate action depending
on whether the non-immjgrant visa h older has entered the United States.
Category Three: Office r and Public Safe ty
tactical enforcement operations or o therwise initiating contact w ith a subject, ICE agents, officers,
or support personnel may collect information about the subject of the tactical enforcement
operation. This includes gathering information publicly available on the Internet, including social
media, such as firearms/weapons possession and relatives/associates who may reside with him.
This information assists agents and officers with tactical planning activities such as: number of
agents and officers reguired for the operation, any specialized equipment that may be necessary
for the operation, and intelligence on when and where the operation should be conducted for
agent and officer safety and tactical efficiency.
Category Four: Pros ecutorial Discretion
Finally, ICE also uses the Internet, including social media, to gather information related to the
possible exercise of prosecutorial discretion. Pursuant to Director Morton's June 17, 2011
memorandum relating to the exercising of prosecutorial discretion, ICE law enforcement
personnel are expected to consider a number of factors when deciding whether to exercise
prosecutorial discretion in various situations. Some of these factors include: whether the
su bject is a danger to the community or to national security, whether the subject is the
primary caregiver to a m inor, or a person with a physical or mental disability, a subject's
educational and military background, a subject's ties and con tributions to the community,
whether the subject (or the subject's spouse) is pregnant or nursing, whether the subject or
subject's spouse suffers from severe mental or physical illness. These factors can be difficult
to ascertain using routine government and commercial databases and the use of the Internet
2020-ICLl-00023 1294

703. 23s J11-. , ra,.
www.dhs.gov/privacy
I

Page 6 of
12
including social media serves as another tool to attempt to identify these unique factors.
Similarly, some of these same factors may also apply when setting conditions of release from
ICE custody. The Internet, including social media, provides a source of information that can
be used to help determine when it is appropriate to release an individual from ICE custody.
authorities.
• Immigration and Nationality Act of 1952, as amended, U.S. Code Title 8
• ICE Delegation No. 0001, Delegation of Authority to the Directors, Detention and Removal
and Investigations, and to Field Office Directors, Special Agents in Charge and Certain Other
Officers of the Bureau of Immigration and Customs Enforcement
• 8 C.F.R. § 2.1, Authority of the Secretary of Homeland Security
use?
IXJ Yes. ONo.
D In d evelopment. IXJ Operational. Date first launched: Unknown
2012.
5. Please describe the Rules of Behavior in effect for the listed operational use of social media. If
use of social m edia;
OYes. IXJ No. If not, please explain:
Because the activities described in Question 1 are for immigration law enforcement
purposes, the employees who engage in these activities will not identify themselves
as ICE or OH S personnel, or law enforcement personnel. This is necessary to ensure
the safety of law enforcement personnel, to avoid compromising law enforcement
operations, to prevent tipping off individuals who are sought by law enforcement for
violations of law, and to prevent d isclosing litigation strategy and tactics.
2020-ICLl-00023 1295

,rn,-
703. 2351r..,
www.dhs.gov/privacy
I

Page 7 of
12
affiliation and use OHS email addresses to open accounts used when engaging in social
med ia in the performance of their duties;
OYes. ~ No. If not, please explain:
purposes, the employees who engage in these activities will not identify themselves as
ICE or OHS personnel, or law enforcement personnel. This is necessary to ensure the
safety of law enforcement personnel, to avoid compromising law enforcement
c) Public interaction. Access publicly avail.able information through social med ia only by
reviewing p osted information without interacting with any individual who posted the
information;
~Yes. D No. If not, please explain:

publicly available;
~Yes. D No. If not, p lease explain:

Law enforcement personnel may not access restricted online sou rces or facilities absent
legal authority permitting entry into private s pace.
aspects o f the Privacy Act;
OYes. ~ No. If not, p lease explain:
The applicable S0RNs cited above are all exempted by Final Rules from the Privacy Act
(e)(l ) requirement (5 U.S.C. § 552a(e)(l)), which normally limits agen cies to collecting
(e)(l ) requirement is necessary to ensure the integrity of law enforcement investigations,
as more fully detailed in the Final Ru les.
f) PII safeguards. Protect PTT as required by the Privacy Act (if applicable) and OHS privacy
policy;
[8J Yes. D No. If not, please explain:
2020-ICLl-00023 1296

703-235-k h )(R)·
www.dhs.gov/privacy
!

Page 8 of
12

accessed, information collected and how it was used.
0Yes. [g] No. If not, please explain:
ICE's rules of behavior stated that law enforcement personnel should retain the
retained that content had it been written on paper. These contents should be preserved in
a manner authorized by ICE procedures governing the preservation of electronic
communications.
authorities, acceptable operational u ses of social media, access requirements, and
requirements for documenting operational u ses of social media.
[g] Yes. D No. If not, please explain:

All ICE users will complete the necessary training when it is available.
Mechanisms are (or will be) in place to verify that users have completed training.
Rules of Behavior.
[g] Yes, Component Privacy Officers or PPOCs maintain a record of employee

D No. If not, please explajn:
2020-ICLl-00023 1297

703-235!(b) (6):

Page 9 of
12

(To be Complete d by the OHS Privacy Office)
DATE re vie w e d b y the OHS Privacy Office: Janua ry 3, 2017
NAME o f the O H S P rivacy O ffice Rev iewer :,(b)(6); (b)(?)(C)
DESIGNATION
This program is covere d by the foll owing Privacy Impact Assessme nt and Privacy Act
System of Records N otice:
PIA: DHS/ICE/PIA-009 Fugitive Case Management System (FCMS)

DHS/ICE/PIA-015 Enforcement Integrated Database (EID)
DHS/ICE/PIA-011 Visa Securi ty Program Tracking System (VSPTS-Net)
DHS/ICE/PIA-020 Alien Criminal Response Information Management System (ACRIMe)
SORN: DHS/USCIS/ICE/CBP-001 Alien File, Index, and National File Tracking System of
Records, November 21, 2013, 78 FR 69864
DHS/ICE-007 Alien Criminal Response Information Management System, February 14,
2013, 78 FR 10623
DHS/ICE-009 External Investigations, January 5, 2010, 75 FR 404
DHS/ICE-011 Criminal Arrest Records and Immigration Enforcement Records (CARIER)
System of Records, October 19, 2016, 81 FR 72080
DHS/ICE-012 Visa Security Program (VSP), September 30, 2009, 74 FR 50228
1. Category of Use:
D Law Enforcement Intelligence;
~ Criminal law enforcement investigations;
D Background investigations;
D Professional responsibility investigations;
D Administrative or benefit determinations (including fraud detection);
D Situational awareness; and
2020-ICLl-00023 1298

703-235Jrh )(R)-
www.dhs.gov/privacy

Page JO of
12
D Other. <Please explain "other" category of use here.>
2. Has Component Counsel reviewed and determined that there is authority to engage in the
above Category of Use?
~ Yes. 0No.
3. Rules of Be havior Conte nt: (Che ck all ite ms that apply.)

a. Equipment.
~ Users must use government-issued equipment. Equipment may be non-
attributable and may not resolve back to DHS/US IP address.
D Users must use government-issued equipment. Equ ipment must resolve
back to DHS/US IP address.
b. Email and accounts.
~ Users do not have to use government email addresses or official OHS

accounts online.
D Users must use governmen t email addresses or official OHS accounts online.
c. Public interaction.
D Users may interact with individuals online in relation to a specific law

enforcement investigation.
~ Users may NOT interact with individuals online.
d . Privacy settings.
0 Users may disregard privacy settings.
~ Users must respect individual privacy settings.

e. PII storage:
~ PII is maintained in an exempted Privacy Act System of Records.
Please list applicable SORN here: DHS/USCIS/ICE/CBP-001 Alien File,

Index, and National File Tracking System of Records, November 21,
2013, 78 FR 69864; OHS/ICE-007 Alien Criminal Response Information
Management System, February 14, 2013, 78 FR 10623; OHS/ICE-009
2020-ICLl-00023 1299

703-235~/ h wn-
www.dhs.gov/privacy

Page 11 of
12
External Investigations, January 5, 2010, 75 FR 404; DHS/ICE-011

Criminal Arrest Records and Immigration Enforcement Records
(CARIER) System of Records, October 19, 2016, 81 FR 72080; DHS/ICE-
012 Visa Security Program (VSP), September 30, 2009, 74 FR 50228
D PII is maintained in a Privacy Act Systems of Records.

Please list applicable SORN here:
f. PI! safeguards.
cgj PII is protected as required by the Privacy Act and OHS privacy policy.
D Only a minimal amount of PII is collected and safeguarded, consistent with

DHS/OPS-004 - Publicly Av ailable Social Media Monitoring and Situational
Awareness Initiative.
g. Documentation.
D Users mus t appropriately docu men t their use of social media, and collection
of information from social media website.
D Documentation is not expressly required.

cgj ICE's rules of behavior stated that law enforcement personnel should retain
the information they access on the Internet, including social media, if they would
have retained th at content had it been written on paper.
h. Training.
cgj All u sers must complete annual privacy training that has been approved by
Component Privacy Officer. Training indudes:
cgj Legal authorities;

cgj Acceptable operational uses of social media;
cgj Access requirements;
D Applicable Rules of Behavior; and
cgj Requirements for documenting operational uses of social media.
2020-ICLl-00023 1300

703-235~/ h \/&:\ ·
www.dhs.gov/privacy
!

Page 12 of
12
~ Mechanisms are (or will be) in place to verify that users have completed
training.
D Yes, employees self-certify that they have read and tmderstood their
Component Rules of Behavior.
~ Yes, Component Privacy Officers or PPOCs maintain a record of

employee attendance at privacy training that includes training on the
Rules of Behavior.
D No, certification of training completion cannot be verified.
~ Program has met requirements to use social media for the stated authorized
operational purposes, and must continue compliance with the requirements above.
purposes.
D Training required .
D A PIA is required.
D New.
0 Updated.
D A SORN is required:
D New.
0 Updated.
OHS PRIVACY OFFICE COMMENTS
PRN d etermines that ICE h as p rovided su fficient documen tation to d emonstrate

compliance with the MD 110-01. OHS PRIV requests on a future update to DHS/ICE-
012 VSP SORN, to include "Open source information news articles or other data
available to the public on the Internet or in public records, including publicly
available information from social media" as a Record source category to further
specify social media use.
2020-ICLl-00023 1301
Homeland T he Privacy O ffice
Security Washington, DC 20528

703-235jr h wn•
I

Page 1 of
JO

This te mplate is used to assess th e D ep artment's Operational Use of Social Media,
consistent with Management D irective 110-01.
Management Directive 110-01, Privacy Policy for Operational Use of Social Media. For the purposes of the
subject to this requirement1:
and Applications Communications/Outreach/Public Dialogue and DHS/ALL/PIA-036 -
Use of Unid irectional Social Media Applications);
12333, as amended.
programs, or pilot projects that involve PII and other activities that otherwise impact the privacy of
individuals as determined by the Chief Privacy Officer; and to assess whether there is a need for
from this requirement and is covered by the existing PIA: DHS/OPS/PIA-004/d) - Publicly Available Social Media Monitoring: and
Situational Awa reness Initiative Update.
2020-ICLl-00023 1302

703-235-k b)(6):
I
Page2 of
10

Upon receipt, your Component Privacy Officer and the DHS Privacy Office will review this
SUMMARY INFORMATION
Date submitted for review:
Name of Component: U.S. Immigration and Customs Enforcement
Contact Information: l(b)(6); (b)(7)(C) p eputy Privacy Officer, (202) 732f~)(~);J
Counsel 2 Contact Information:l(b)(6); (b)(7)(C) I Chief, Homeland Security Investigations

Division, (202) 732i(b)(6); I
IT System(s) where social media data is stored: TECS, ICE Child Exploitation Tracking
System (CETS), General Counsel Electronic Management System (GEMS), Personnel Security
Activities Management System (PSAMS)/lntegrated Security Management System (ISMS), Joint
Integrity Case Management System (JICMS), Enforcement Integrated Database (EID), and
FALCON Search & Analysis System (FALCON-SA) .
DHS/ICE/PIA-017 - Immigration and Customs Enforcement Child Exploitation

Tracking System (ICE-CETS)
DHS/ICE/PIA-002(a) - Gene ra l Counsel Electronic Managem ent System (GEMS)
DHS/ICE/PIA-020 - Enforcemen t Integrated Database (EID)
DHS/ALL/PIA-0Ol(a) - Personnel Security Activities Management System

(PSAMS)/Integrated Security Management System (ISMS)
Applicable System of Records Notice(s) (SORN ):
2Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social
media.
2020-ICLl-00023 1303

703-235f b )(6 ):
www.dhs.gov/privacy
I
Page3 of
10
OHS/ICE-006 - ICE Intelligence Records System (IIRS)
OHS/ICE-008 - Search, Arrest, and Seizure Records
OHS/ALL-023 - OHS Personnel Security Management Records (PSAMS)
OHS/ICE-011 - Immigration Enforcement Operational Records System (ENFORCE)
2020-ICLl-00023 1304

703-235j/ h \/~ \-

Page4 of
10
SPECIFIC QUESTIONS
As the definition of social media in the OHS Instruction 110-01-001 Privacy Policy for the
Operational Use of Social Media (Privacy Policy) is drafted broadly so as to likely include
general use of the Internet and as social media technology is ever changing and evolving, thjs
template addresses ICE's use of the Internet, to include social media as defined in the Privacy
Policy.
With the enactment of the Homeland Security Act of 2002, Congress authorized ICE to
conduct certified undercover investigative operations to obtain evidence or information
concerning violations of laws enforced by ICE and stemming from the authorities of its
legacy agencies, the U.S. Customs Service (USCS) and the Immigration and Naturalization
Service (INS). Within ICE, investigations are only conducted by the Homeland Security
Investigations (HSI) component and the Office of Professional Responsibility (OPR). The
authority to certify undercover operations has been delegated to the Executive Associate
Director of HSI and the Assistant Director for OPR. HSI and OPR may also engage in limited
use of social media, when authorized, if an investigation does not otherwise warrant being
placed under a certified undercover operation. These activities are detailed in the templates
addressing Criminal Law Enforcement and Admjnistrative Law Enforcement.
Undercover activities and operations are undertaken for numerous potential objectives that
include: (1) determining if a violation of law has occurred or is in progress; (2) identifying
specific v iolations of law; (3) identifying criminal violators, conspirators, and their
methodologies; (4) disrupting and/or dismantling criminal organizations; (5) locating the
violation sites and equipment used; (6) locating assets for seizure and forfeiture; (7) obtainjng
eviden ce for prosecution; (8) determining the safest and most advantageous time to make
arrests, execute search warrants, and make seizures; (9) identifying witnesses and
cooperating individuals; (10) identifying associations between conspirators; (11) checking the
reliability of sources of information and cooperating defendants; and (12) gathering
intelligence that allows ICE management to evaluate threats, reallocate resources, and
organize enforcement activity. ICE may collect personally identifiable information from or
about individuals over the Internet, including via social media sites.
The nature of undercover operations often requires an ICE-HSI or OPR criminal investigator
to appear to be engaged in a criminal enterprise and to befriend or become business
2020-ICLl-00023 1305

703-235-h , W:\·
!

Pages of
10
associates with potential violators. This is crucial to the successful integration of undercover
operatives with those who commit illegal acts. As part of a certified undercover investigation
or operation, when authorized, undercover operatives may participate in activities that
would constitute a crime under federal, state, or .local law. This otherwise ill.egal activity
includes, for example, the purchase of stolen or contraband goods, the purchase of illegal
and/or fraudulent immigration documents, and the controlled delivery of drugs or other
contraband that will not enter the commerce of the United States. ICE-HSI and OPR review
and authorize, as appropriate, requests to engage in various otherwise illegal activities in
furtherance of undercover operations. In the course of carrying out these authorized
undercover activities, ICE-HSI or OPR criminal investigators may collect personally
identifiable information using the Internet. Any of these activities may take place in part
over the Internet, to include social media.
As the "rules" for undercover operations are different than non-undercover law enforcement
work, and may require agents to engage in activities that would otherwise be considered
prohibited or unauthorized, the rules of behavior for undercover criminal investigations are
different than for non-undercover investigations.
authorities.
USCS was vested with the authority to conduct certified undercover operations through the Anti-
Drug Abuse Act of 1986, which enacted 19 U.S.C. § 2081; INS received similar authority through
the Illegal Immigration Reform and Immigrant Responsibility Act of 1996, specifically 8 U.S.C. §
1363a. With the enactment of the Homeland Security Act of 2002, these statutory authorities
transferred to the newly created Department of Homeland Security (OHS) and were delegated to
the Assistant Secretary of ICE in OHS Delegation Number 7030.2, "Delegation of Authority to the
Assistant Secretary for U.S. Immigration and Customs Enforcement," and further redelegated to
the Directors of OI and OPR in ICE Delegation Order 04-002 entitled, "Authority to Certify the
Exemption of Undercover Operations From Certain Laws Within U.S. Immigration and Customs
Enforcement." ICE-HSI and OPR criminal investigators are granted their enforcement au thority
in 8 U.S.C. § 1357 and 19 U.S.C. § 1589a.
a) • Has Counsel listed above reviewed these authorities for privacy issues and
use?
IZ] Yes. 0No.

D In development. IZ] Operational. Date first launched: Unknown.
The Internet has been in use at ICE's legacy agencies since it was publicly available.
2020-ICLl-00023 1306

703-235j( h ) fn) ·

Page 6 of
10
2012.
IZJ Yes. D No. If not, please explain:
b) Email and accounts. Use online screen names or identities that indicate an official DHS
affiliation and use DHS email addresses to open accounts used when engaging in social
media in the performance of their duties;
OYes. IZ] No. If not, please explain:

Because the activities described in Question 1 are for undercover investigative purposes,
the employees who engage in these activities have assumed an undercover identity and
therefore will not identify themselves as ICE or DHS personnel, or law enforcement
personnel in general. This is necessary to ensure the safety of law enforcement
personnel, to avoid compromising undercover law enforcement operations, and to
prevent tipping off individuals who are sought by law enforcement for violations of law.
c) Public interaction. Access publicly available information through social media only by
reviewing posted information without interacting w ith any individual who posted the
information;
The nahire of undercover criminal investigations may result in agents interacting with
individuals who use social media sites. This interaction only takes place during
authorized undercover investigations.
d) Privaci; settings. Respect individuals' privacy settings and access only information that is
publicly available;
legal authority permitting entry into private space. Where legal authority exists, law
enforcement personnel may access restricted onJine information.
2020-ICLl-00023 1307

703-235!fh ) (n) ·
!

Page 7 of
10
e) PII collection: Collect the minimum PIT necessary for the proper performance of their
aspects of the Privacy Act;
0Yes. IZ] No. If not, please explain:
The applicable SORNs cited above are all exempted by Final Rules from the Privacy Act
(e)(l) requirement (5 U.S.C. § 552a(e)(l)), which normally limits agencies to collecting
(e)(l) requirement is necessary to ensure the integrity of law enforcement investigations,
f) PII safeguards. Protect PII as required by the Privacy Act (if applicable) and OHS privacy
policy;
IZJ Yes. D No. If not, please explain:

g) Documentation. Document operational use of social media, including date, site(s)
0Yes. IZ] No. If not, please explain:
ICE's rules of behavior state that law enforcement personnel should retain information
they access on their use of the Internet, including social media, if they would have
retained that content had it been written on paper. These contents should be preserved
in a manner authorized by ICE procedures governing the preservation of electronic
communications.
authorities, acceptable operational uses of social media, access requirements, and
requirements for documenting operational uses of social media.
IZJ Yes. D No. If not, p lease explain:

Rules of Behavior.
IZ] Yes, Component Privacy Officers or PPOCs maintain a record of employee

D No. If not, please explain:
2020-ICLl-00023 1308

703-235f h )ff,)-
!

Page8 of
10

(To be Completed by the OHS Privacy Office)
DATE reviewed by the OHS Privacy Office: 11/6/2012
NAME of the OHS Privacy Offic e Reviewer:~b)(6); (b)(?)(C)

IZJ Program has m et requirem ents to use social m edia for the stated authorized
0 Program has not yet met requirements to utilize social media for operational
purposes.
0 Program authorities do not authorize operational use of social media.
0 Rules of Behavior do not comply. <Please explain analysis.>
0 Training required.
IZJ A PIA is required .
IZJ Covered by existing PIA.
DHS/ICE/PIA-017 - Immigration and Customs Enforcement Child
Exploitation Tracking System (ICE-CETS)
DHS/ICE/PIA-002(a) - General Counsel Electronic Management System

(GEMS)
DHS/ALL/PIA-00l(a) - Personnel Security Activities Management

System (PSAMS)/Integrated Security Management System (ISMS)
0 New.
0 Updated. <Please include the name and number of PIA to be updated
here.>
IZJ A SORN is required:
2020-ICLl-00023 1309

703-23l(b )(6):

Page 9of
10
OHS/ICE-006 - ICE Intelligence Records System (IIRS)
OHS/ICE-008 - Search, Arrest, and Seizure Records
OHS/ALL-023 - OHS Personnel Security Management Records (P SAMS)
OHS/ICE-01 I - Immigration Enforcement Operational Records System

(ENFORCE)
O HS/ALL-020 - OHS Inte rnal Affairs Records
D New.
D Updated. <Please include the name and number of SORN to be updated
here.>

The DHS Privacy Office determines that ICE has provided sufficient documentation to demonstrate compliance
with the MD l l 0-0 l. The rules of behavior reference that Law Enforcement personnel shall follow ICE guidelines
and procedures whether the activities are online or offline. ICE did not provide the "offline policy" that is
referenced in the Rules of Behavior because it is very close hold and distribution is limited. This policy, referred to
as the UC Ops Handbook governs ICE HSI undercover investigations. ICE PRIY has reviewed the document.
ICE PRIY provided additional feedback on authorities to conduct UC Ops. Stating that ICE legal counsel advises
that UC authority is granted specifically by Congress to identified federal LE agencies - we are one of 6 federal LE
agencies that hold this authority. ICE's undercover authority is found in the authorities of its legacy agencies
(USCS and INS), the statutory language for which has not been updated to reflect ICE as the current agency.
However, through various transfer provisions in the Homeland Security Act and then a OHS delegation to ICE, the
authority now rests with ICE. It is a bit convoluted, but here is how it breaks down:
• 19 U.S.C. 2081 "Undercover investigative operations of Customs Service." This is the authority held by
the legacy USCS, and is now held by ICE HSI. For transfer of functions, personnel, assets, and liabilities
of the United States Customs Service of the Department of the Treasury, including functions of the
Secretary of the Treasury relating thereto, to the Secretary of Homeland Security, see sections 203( l ),
55l(d), 552(d), and 557 of Title 6, Domestic Security, and the Department of Homeland Security
Reorganization Plan of November 25, 2002, as modified, set out as a no te under section 542 of Title 6.
• 8 U.S.C. 1363a "Undercover investigation authority." This is the authority held by the legacy INS
investigative arm, and is now held by ICE HSI. For discussion of transfer of function, see 8 U.S.C. 1551
note: " ABOLITION OF IMMIGRATION AND NATURALIZATION SERVICE AND TRANSFER OF
FUNCTIONS The Immigration and Naturalization Service was abolished by section 291 (a) of Title 6,
Domestic Security, upon completion of all transfers from the Immigration and Naturalization Service as
2020-ICLl-00023 1310

103.23:,111,,,\ ta \ .
I

Page JO of
10
provided for by chapter J of Title 6. Functions of the Commissioner of Immigration and Naturalization
performed under the Border Patrol program, the detention and removal program, the intelligence program,
the investigations program, and the inspections program, and all personnel, assets, and liabilities pertaining
to such programs, were transferred to the Under Secretary for Border and Transportation Security of the
Department of Homeland Secmity by section 251 of Title 6 and the Department of Homeland Security
Reorganization Plan of November 25, 2002, as modified, set out as a note under section 542 of Title 6."
• OHS Delegation No 7030.2 "Delegation of Authority to the Assistant Secretary for U.S. Immigration and
Customs Enforcement." (link here:
http://dhsconnect.dhs.gov/policies/Documents/7030.2%20Delegation%20of%20Authority%20to%20the%2
0Assistant%20Secretary%20for%20the%20Bureau%20of%20Immigration%20and%20Customs%20Enfor
cement.pdf) Section 2(A) delegates the 19 U.S.C. 2081 authority to ICE. Section 2(DD) delegates the 8
U.S.C. 1363a authority to ICE.
OHS PRIV also requested additional guidance on how the requirements to retain records were covered.
ICE PRIV advised that Section 5 of the ICE principles covers the retention of records. OHS PRIV concurs.
2020-ICLl-00023 1311
From: l(b)(6); (b)(?)(C)
Se nt: 28 Oct 2019 19:48:22 +0000
To: Kb)(6); (b)(7)(C) I
Subject: ROB for WCH use
Attachme nts: NSU Open Source Rules of Behavior Final.docx, SMOUT, ICE - Criminal and
Admin Immigration LE, 20170103, PRIV Final.pdf
Hi~~~~6\ _, I
Here's a ROB I advised on that you can use as a template.Kb)(5)
b)(5)
b)(5) let me know and we can talk about updating the SMOUT or drafting
one specific to WCH.
!(b)(6): (b)(7)(C)
Desk: 202-732ill@l]
Mobile: 202-870Kb)(6);
Main: 202-732!<b)(6): I
2020-ICLl-00023 1312
Homeland Security lnves1igations
U.S. Immigration National Security Investigations Division
and Customs U.S. Department of Homeland Security

Enforcement 500 12th Street, SW
Washington, D.C. 20536
National Security Unit Rules of Behavior for Open Source Analysis
All National Security Unit (NSU) Open Source (OS) Team users will abide by the follow ing Rules of
Behavior when conducting open source research:
1. All open source searches will be conducted in an unattributable browser, under the user's
unattributable browser account as assigned by a NSU supervisor. Only in times of exigent
circumstances when the unattributed browser account is not available, the NSU Supervisor may
instruct the OS Team to use their attributed government equipment and browser to conduct urgent
narrowly defined searches.
2. Users may only access the NSU proxy server service using government furnished equipment, and
under the supervision of a designated supervisor. At no time w ill a user:
a. Create an email address or use an email address for personal or investigative purposes.
b. Log into any account, including but not limited to, personal or professional accounts.
c. Access login protected portions/pages of any website that require an email address, username,
or other sign-on information.
d. Interact with any member of the public online. This can include, but is not limited to
messaging, chatting, friending, liking, following, or subscribing to an individual.
3. Users will only conduct open source research on the subject of a submitted request and his or her
associates and linked businesses.
4. In addition to the restrictions regarding engagement with individuals online, users are also prohibited
from posting, creating, or sharing any content online. This includes, but is not limited to images, text,
locational identifiers, or links to other web content.
5. Users will not conduct any personal business or local address searches (ex: lunch near the office) that
would identify the actual location of the user while using the unattributable browser.
6. Users will not cross contaminate the unattributable browser with information that would be able to
identify the OHS Network (A-LAN).
a. Users will not download or upload anything onto the DHS network. Only supervisors have
the capability to download/upload files.
b. Users will not share information between the unattributable browser and the OHS Network
via email, USB connection, or other methods.
c. Users m ust understand accessing a website from an attributed browser within a certain time
period of an unattributed browser may reveal a relationship between the two.
This agreement will be utilized at all times when conducting open source research as an employee of the
NSU. Policies set forth in this agreement were established to ensure employee compliance with federal
and other business mandates, as well as abide by the code of ethics and conduct for OHS/ICE employees.
It is essential that all NSU open source users operate according to policies and guidelines referenced in
this agreement.
www.ice.gov
2020-ICLl-00023 1313
SUBJECT: NSU OS Rules of Behavior
Page 2
By signing below, I acknowledge that I have read, understand, and will comply with the National Security
Unit Rules of Behavior for Open Source Analysis. Additionally, I verify that I have taken the annual ICE
Social Media Privacy Training and ICE Computer Security Training. I understand that failure to comply
with the Rules of Behavior could result in verbal or written warning, removal of system access,
reassignment to other duties, criminal or civil prosecution, or termination.
Signature and date
Supervisor's signature and date
FOR OFFICIAL USE ONLY
2020-ICLl-00023 1314

703-235lfh )(R )·
www.dhs.gov/privacy

Page 1 of
12

This template is used to assess the D epartment's Operational Use of Social Media,
consistent with M anagement Directive 110-01.
subject to this requirement1:
and Applications Communications/Outreach/Pu blic Dialogu e and DHS/ALL/PIA-036 -
12333, as amended.
programs, or pilot projects that involve PU and other activities that otherwise impact the privacy of
individuals as determined by the Chief Privacy Officer; and to assess whether there is a n eed for
from this requirement and is covered by the existi ng PIA: DHS/OPS/PIA-004/d) - Publicly Available Social Media Monitoring and
2020-ICLl-00023 1315

703-235~/ h H /::\ ·
www.dhs.gov/privacy

Page2 of
12

Upon receipt, your Component Privacy Officer and the OHS Privacy Office will review th is
SUMMARY INFORMATION
Date submitted for review: December 5, 2016
Name of Component: U.S Immigration and Customs Enforcement
Contact Information:fo)(6): (b)(7)(C) IPrivacy Officer, (202) 732{ b)(6); I

Counsel2 Contact Information: Adam Loiacono, Chief, Enforcement and Removal operations
Law Division, OPLA; Erin Clifford, (A) Chief, Government Information Law Division,
OPLA
IT System(s) where social media data is stored: TECS Case Management, Fugitive Case
Management System, Enforcement Integrated Database, and Alien Criminal Response
Information Management System
DHS/ICE/PIA-009 - Fugitive Case Management System (FCMS)
DHS/ICE/PIA-011 - Visa Security Program Tracking System (VSPTS-Net)
DHS/ICE/PIA-020 - Alien Criminal Response Information Management System

(ACRIMe)
Applicable System of Records Notice(s) (SORN):
DHS/ICE-007 - Alien Criminal Response Information Management (ACRIMe) SORN
2
media.
2020-ICLl-00023 1316

703-235!fh ) fn)-
www.dhs.gov/privacy

Page 3 of
12
DHS/ICE-011 - Immigration and Enforcement Operational Records System

(ENFORCE) SORN
DHS/ ICE-012 - Visa Security Program (VSP) SORN
DHS/USCIS-ICE-CBP-001- Alien File, Index, And National File Tracking System SORN
2020-ICLl-00023 1317

703-235l{b )(6 ) : (b )(7 ) (C) !
www.dhs.gov/privacy

Page 4 of
12
SPECIFIC QUESTIONS
As the definition of social media in the OHS Instruction 110-01-001 PrivactJ Policy for the
Operational Use of Social Media (Privacy Policy) is drafted broadly so as to likely include general
use of the Internet and as social media technology is ever changing and evolving, this template
addresses ICE's use of the Internet, to inclu de social media as defined in the Privacy Policy.
ICE u ses the In ternet, in cluding social media as defined in the Pri vacy Policy, for criminaJ and
administrative immigration law enforcement purposes. (This template does not address the
conduct of undercover operations in the context of criminal immigration law enforcement
investigations. Those activities are covered by a separately submitted template that covers
undercover investigations only.) This immigration law enforcement use of the Internet including
social media, falls into the following four categories: (1) using the Internet, including social
media, to assist in locating, arresting, and adjudicating individuals who may be amenable to
removal under the Immigration and Nationality Act or are otherwise suspected of violations of
U.S. immigration law and assisting other law enforcement agencies with investigations and
adjudications related to individuals, (2) identify individuals who may be inadmissible to the
United States u nder the Immigration and Nationality Act, (3) pre-operational, operational, and
situational awareness uses related to officer safety or threats to the public at-large, and (4) to
obtain information to assist in determinin g whether to exercise prosecutorial discretion.
Categor_y One: Basic Criminal and Administrative Enforcement of the Immigration and
Nationality Act
With regard to the u se of the Internet, including social media, to locate an d arrest individu als,
ICE officers, agents, attorneys, and support personnel routinely use a variety of government and
comm ercial databases to identify, locate, and arrest in dividuals who may be amenable to removal
and meet ICE's current enforcement p riorities. However, additional information not available in
these databases is available on the Internet, including social media. The use of the Internet,
including social media, will allow ICE to gather information that assists in identifying, locating,
and arresting individuals wanted for crimes and/or who may be amenable to removal, and
assistin g other law enforcemen t agencies with investigations related to individuals where
necessary and appropriate. It will also allow ICE attorneys who represent the agency in civil
2020-ICLl-00023 1318

703-235'/h ,rn,-
www.dhs.gov/privacy
I

Page 5 of
12
immigration proceedings before the Executive Office for Immigration Review to conduct general
and specific case research and preparation.
Category Two: Inadmis sibility Recommendations under the Immigration and N ationality Act
ICE also uses the Internet, including social media, to identify individuals who may be
inadmissible to the United States u nder the Immigration and Nationality Act. As a function of the
Visa Security Program, ICE makes recommendations to the Department of State on the issuance
and status of non-immigrant visas. ICE may collect information about non-immigrant visa
applicants and their associated points of contact listed on their visa application in order to make
these recommendations. This includes gathering information publicly available on the Internet,
including social media, before and after visa approval. ICE may also collect information about
non-immigrant visa holders. If derogatory information about a non-immigrant visa holder is
uncovered, information may be shared with the Department of State and/or forwarded to the
appropriate ICE Homeland Security Investigations field office for appropriate action depending
on whether the non-immjgrant visa h older has entered the United States.
Category Three: Office r and Public Safe ty
tactical enforcement operations or o therwise initiating contact w ith a subject, ICE agents, officers,
or support personnel may collect information about the subject of the tactical enforcement
operation. This includes gathering information publicly available on the Internet, including social
media, such as firearms/weapons possession and relatives/associates who may reside with him.
This information assists agents and officers with tactical planning activities such as: number of
agents and officers reguired for the operation, any specialized equipment that may be necessary
for the operation, and intelligence on when and where the operation should be conducted for
agent and officer safety and tactical efficiency.
Category Four: Pros ecutorial Discretion
Finally, ICE also uses the Internet, including social media, to gather information related to the
possible exercise of prosecutorial discretion. Pursuant to Director Morton's June 17, 2011
memorandum relating to the exercising of prosecutorial discretion, ICE law enforcement
personnel are expected to consider a number of factors when deciding whether to exercise
prosecutorial discretion in various situations. Some of these factors include: whether the
su bject is a danger to the community or to national security, whether the subject is the
primary caregiver to a m inor, or a person with a physical or mental disability, a subject's
educational and military background, a subject's ties and con tributions to the community,
whether the subject (or the subject's spouse) is pregnant or nursing, whether the subject or
subject's spouse suffers from severe mental or physical illness. These factors can be difficult
to ascertain using routine government and commercial databases and the use of the Internet
2020-ICLl-00023 1319

703-235!th\(ea:\•
www.dhs.gov/privacy
!

Page 6 of
12
including social media serves as another tool to attempt to identify these unique factors.
Similarly, some of these same factors may also apply when setting conditions of release from
ICE custody. The Internet, including social media, provides a source of information that can
be used to help determine when it is appropriate to release an individual from ICE custody.
authorities.
• Immigration and Nationality Act of 1952, as amended, U.S. Code Title 8
• ICE Delegation No. 0001, Delegation of Authority to the Directors, Detention and Removal
and Investigations, and to Field Office Directors, Special Agents in Charge and Certain Other
Officers of the Bureau of Immigration and Customs Enforcement
• 8 C.F.R. § 2.1, Authority of the Secretary of Homeland Security
use?
IXJ Yes. ONo.
D In d evelopment. IXJ Operational. Date first launched: Unknown
2012.
use of social m edia;
OYes. IXJ No. If not, please explain:
purposes, the employees who engage in these activities will not identify themselves
as ICE or OH S personnel, or law enforcement personnel. This is necessary to ensure
the safety of law enforcement personnel, to avoid compromising law enforcement
2020-ICLl-00023 1320

703-235~/I-, \/&:\·
www.dhs.gov/privacy

Page 7 of
12
affiliation and use OHS email addresses to open accounts used when engaging in social
media in the performance of their duties;
purposes, the employees who engage in these activities will not identify themselves as
ICE or OHS personnel, or law enforcement personnel. This is necessary to ensure the
safety of law enforcement personnel, to avoid compromising law enforcement
violations of law, and to prevent disclosing litigation strategy and tactics.
c) Public interaction. Access publicly avail.able information through social media only by
reviewing p osted information without interacting with any individual who posted the
information;

publicly available;

legal authority permitting entry into private s pace.
aspects o f the Privacy Act;
The applicable S0RNs cited above are all exempted by Final Rules from the Privacy Act
(e)(l ) requirement (5 U.S.C. § 552a(e)(l)), which normally limits agen cies to collecting
(e)(l ) requirement is necessary to ensure the integrity of law enforcement investigations,
f) PII safeguards. Protect PTT as required by the Privacy Act (if applicable) and OHS privacy
policy;
[8J Yes. D No. If not, please explain:
2020-ICLl-00023 1321

703-235-fb ) (6) :

Page 8 of
12

0Yes. [g] No. If not, please explain:
ICE's rules of behavior stated that law enforcement personnel should retain the
retained that content had it been written on paper. These contents should be preserved in
a manner authorized by ICE procedures governing the preservation of electronic
communications.
authorities, acceptable operational u ses of social media, access requirements, and
requirements for documenting operational u ses of social media.
[g] Yes. D No. If not, please explain:

All ICE users will complete the necessary training when it is available.
Mechanisms are (or will be) in place to verify that users have completed training.
Rules of Behavior.
[g] Yes, Component Privacy Officers or PPOCs maintain a record of employee

D No. If not, please explajn:
2020-ICLl-00023 1322

703-235!fh\fR)-
www.dhs.gov/privacy

Page 9 of
12

(To be Complete d by the OHS Privacy Office)
DATE re vie w e d b y the OHS Privacy Office: Janua ry 3, 2017
NAME o f the O H S P rivacy O ffice Rev iewer :l(b)(6); (b)(7)(C)
DESIGNATION
This program is covere d by the foll owing Privacy Impact Assessme nt and Privacy Act
System of Records N otice:
PIA: DHS/ICE/PIA-009 Fugitive Case Management System (FCMS)

DHS/ICE/PIA-015 Enforcement Integrated Database (EID)
DHS/ICE/PIA-011 Visa Securi ty Program Tracking System (VSPTS-Net)
DHS/ICE/PIA-020 Alien Criminal Response Information Management System (ACRIMe)
SORN: DHS/USCIS/ICE/CBP-001 Alien File, Index, and National File Tracking System of
Records, November 21, 2013, 78 FR 69864
DHS/ICE-007 Alien Criminal Response Information Management System, February 14,
2013, 78 FR 10623
DHS/ICE-009 External Investigations, January 5, 2010, 75 FR 404
DHS/ICE-011 Criminal Arrest Records and Immigration Enforcement Records (CARIER)
System of Records, October 19, 2016, 81 FR 72080
DHS/ICE-012 Visa Security Program (VSP), September 30, 2009, 74 FR 50228
1. Category of Use:
D Law Enforcement Intelligence;
~ Criminal law enforcement investigations;
D Background investigations;
D Professional responsibility investigations;
D Administrative or benefit determinations (including fraud detection);
D Situational awareness; and
2020-ICLl-00023 1323

703· 235k b )(6 ):

Page JO of
12
D Other. <Please explain "other" category of use here.>
2. Has Component Counsel reviewed and determined that there is authority to engage in the
above Category of Use?
~ Yes. 0No.
3. Rules of Be havior Conte nt: (Che ck all ite ms that apply.)

a. Equipment.
~ Users must use government-issued equipment. Equipment may be non-
attributable and may not resolve back to DHS/US IP address.
D Users must use government-issued equipment. Equ ipment must resolve
back to DHS/US IP address.
b. Email and accounts.
~ Users do not have to use government email addresses or official OHS

accounts online.
D Users must use governmen t email addresses or official OHS accounts online.
c. Public interaction.
D Users may interact with individuals online in relation to a specific law

enforcement investigation.
~ Users may NOT interact with individuals online.
d . Privacy settings.
0 Users may disregard privacy settings.
~ Users must respect individual privacy settings.

e. PII storage:
~ PII is maintained in an exempted Privacy Act System of Records.
Please list applicable SORN here: DHS/USCIS/ICE/CBP-001 Alien File,

Index, and National File Tracking System of Records, November 21,
2013, 78 FR 69864; OHS/ICE-007 Alien Criminal Response Information
Management System, February 14, 2013, 78 FR 10623; OHS/ICE-009
2020-ICLl-00023 1324

703-23~(b )(6);
www.dhs.gov/prtvacy

Page 11 of
12
External Investigations, January 5, 2010, 75 FR 404; DHS/ICE-011

Criminal Arrest Records and Immigration Enforcement Records
(CARIER) System of Records, October 19, 2016, 81 FR 72080; DHS/ICE-
012 Visa Security Program (VSP), September 30, 2009, 74 FR 50228
D PII is maintained in a Privacy Act Systems of Records.

Please list applicable SORN here:
f. PI! safeguards.
cgj PII is protected as required by the Privacy Act and OHS privacy policy.
D Only a minimal amount of PII is collected and safeguarded, consistent with

DHS/OPS-004 - Publicly Av ailable Social Media Monitoring and Situational
Awareness Initiative.
g. Documentation.
D Users must appropriately docu men t their use of social media, and collection
of information from social media website.
D Documentation is not expressly required.

cgj ICE's rules of behavior stated that law enforcement personnel should retain
the information they access on the Internet, including social media, if they would
have retained th at content had it been written on paper.
h. Training.
cgj All u sers must complete annual privacy training that has been approved by
Component Privacy Officer. Training indudes:
cgj Legal authorities;

cgj Acceptable operational uses of social media;
cgj Access requirements;
D Applicable Rules of Behavior; and
cgj Requirements for documenting operational uses of social media.
2020-ICLl-00023 1325

703-235l(b )(6);
www.dhs.gov/prtvacy

Page 12 of
12
~ Mechanisms are (or will be) in place to verify that users have completed
training.
D Yes, employees self-certify that they have read and tmderstood their
Component Rules of Behavior.
~ Yes, Component Privacy Officers or PPOCs maintain a record of

employee attendance at privacy training that includes training on the
Rules of Behavior.
D No, certification of training completion cannot be verified.
~ Program has met requirements to use social media for the stated authorized
purposes.
D Training required.
D A PIA is required.
D New.
0 Updated.
D A SORN is required:
D New.
0 Updated.
PRN d etermines that ICE has provided sufficient documentation to d emonstrate

compliance with the MD 110-01. OHS PRIV requests on a future update to DHS/ICE-
012 VSP SORN, to include "Open source information news articles or other data
available to the public on the Internet or in public records, including publicly
available information from social media" as a Record source category to further
specify social media use.
2020-ICLl-00023 1326
From:
r b)(6); (b)(7)(C)
To:
Cc:
Subject: RE: SEVPAMS Cloud Migration Real Data Testing
Date: Tuesday, August 20, 2019 7:35:17 PM
Attachments: imaae001.jpa
imaaeoo2 ioa
Perfect! Sorry for the confusion.
Thanks,Kb)(6); I
l(b)(6); (b)(7)(C) l J.D./Joint M.S. Cybersecurity
M anagement and Program Ana lyst
Portfolio: Stu dent and Exchange Visitor Program (SEVP) I DHS/ICE/HSI/NSID
Office of Information Governa nce and Privacy
Mobile: 401-826kb)(6): I
b)(6); (b)(7)(C)
Fromf b)(6): (b)(7)(C)

Sent: Tuesday, August 20, 2019 3:25 PM
To:,(b)(6); (b)(7)(C)
Cc: _
~(b)(6) : (b )(7)(C)
Subject: RE: SEVPAMS Cloud M igrat ion Real Data Testing
(b)(6);
(b)(?VC)
Per ou r conversat ion, for your records, and so you can forward th is on, please read it ems 19 thru 22.
b)(5)
fb)(6); (b)(7)(C)
ITPM SEVPAMS & SitS
FAC-P/ PM (Mid-Level), COR Levi Ill
Systems Management Unit
2020-IC Ll-00023 1327

Student and Exchange Visitor Program
500 12th St SW MS 5600
Washington DC 20536-5600
Work: (703) 603l(b)(6); I
iPhone: (202) 652K~)(~t - I
EmaiiJ(b)(6); (b)(7)(C)
l J- l•
From: kb)(6): (b)(7)(C)

Sent: Tuesday, August 20, 2019 12:22 PM
ToKb)(6); (b)(7)(C)
Subject: FW: SEVPAMS Cloud M igration Real Dat a Test ing
Hi b)(6);
1,..\ /"7\ /r"'
Is SEVP cont inuing to use t he SEVP Cloud M igrat ion real data? If not , please forwa rd a completed
cert ificate of destruction because it appea rs th e authorization was until sometime in 2017
(attached).
Kb)(6); (b)(?)(C) IJ,D./Joint M .S. Cybersecurity

Portfolio: Student and Exchange Visitor Program (SEVP) I DHS/ICE/ HSI/NSID
Mobile: 401-826 (b)(6);
b)(6); ,..." 7 " r-
b)(7)(C)
From: l(b)(6); (b)(7)(C) I

Sent: Thursday, August 15, 20 19 12:4 1 PM
To: (b)(6); (b)(?)(C)
Cc:
b)(6); (b)(7)(C)
Subject: RE : SEVPAMS Cloud M igration Real Dat a Testing
I am not sure if t he dat a set was d estroyed and that there is a certificate of destruction as I was not
involved in t he process. I am add ingl(b)( land b)(6); eca use t hey w ere involved and likely know what
/ L ' 1 -,\ I
2020-ICLl-00023 1328
happened to t he test data set.
rb )(6); (b)(7)(C)
SEVPAMS Product Owner/Program Manager
Student and Exchange Visitor Program (SEVP)
202-497K~~~~\
1
From:!<b)(6): (b)(7)(C)
Sent: Thursday, August 15, 2019 12:31 PM
To: Kb)(6); (b)(?)(C)
Subject: FW: SEVPAMS Cloud M igration Real Data Testing
Hi Kb)(6);1
Can you assist me w ith this inq uiry?
Thanks, !~~~(~\ I
fb)(6); (b)(?)(C) ~ J.D./Joint M.S. Cybersecurity
Portfolio : Student and Exchange Visitor Program (SEVP) I DHS/ICE/HSI/NSID
Mobile: 401-826Kb)(6); I
(b)(6);
(b)(?)(C)
From:kb)(6); (b)(7)(C)
Sent: Frid ay, August 2, 2019 2:00 PM
To: Kb)(6); (b)(7)(C)
Subject: SEVPAMS Cloud M igration Real Data Testing
Hi i<b)(6):
Could you please find out if SEVP is cont inuing to use the SEVP Cloud M igration real data, or if not
we would like a completed cert ificate of destruction because it appea rs the authorization was until
sometime in 2017 (attached).
Thanks,
Privacy Compliance Specialist, CIPP/G

Information Governance and Privacy (IGP)
2020-ICLl-00023 1329
Direct: (202) 732-b)(6)
Main: (202) 732 (b)(6);
2020-ICLl-00023 1330
From: kb)(6); (b)(7)(C)
Se nt: 22 Aug 2019 15:23:39 +0000
To: l(b)(6); (b)(7)(C) I
Subject: Social Media Training
Attachme nts: Social Media Training - Final_Updated Links- 08 16 19).ppt
Find enclosed!
Here's the PALMS link for the individuals you need to on board between training sessions.
l(b)(7)(E)
l(b)(6); (b)(7)(C)
Desk: 202-732kb)(6): I
Mobile: 202-870f h\t~\- I
Main: 202-732l(b)(6); I
2020-ICLl-00023 1331
Privacy Requirements
for Operational Use of
Social Media
August 2019
a -.
,{
1
•
2
• U.S. Immigration
·•;. - ji · · and Customs
~ ' "l. · Enforcement
I
*
Training Goals & Objectives

• To ensure ICE personnel understand and
comply with the OHS Privacy Policy for
Operational Use of Social Media (June 8,
2012)
§ OHS Directive 110-01
§ OHS Instruction 110-01-001
• This course covers:

§ Key definitions
§ Rules of Behavior for Law Enforcement and

Non-Law Enforcement Activities
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1333
*
What Does This Policy Do?
• Regulates how OHS collects personally

identifiable information (PII) from "Social
Media" Internet sites for an "Operational
Use"
• Requires OHS components and offices to
establish Rules of Behavior that personnel
must follow
• Requires annual training of all personnel
who engage in this type of activity
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1334
*
Why Was This Policy Created?
I concerns about how

PII from Social Media
S is not engaging in
r inappropriate
II from Social Media
t there are clear "dos
r personnel to follow
led the "Rules of
OHS personnel are

rules through annual
2020-ICLl-00023 1
*
Applicable Laws
The Privacy Act of 1974
•A code of practices for the collection, maintenance, use, and
dissemination of information about individuals
The Electronic Communications Privacy Act

(1986)
• Law Enforcement requires a court order to intercept private
electronic communications in real time
The Stored Communications Act (1986)

• Creates Fourth Amendment-like privacy protection for digital
communications stored on the internet.
• It limits the ability of the government to compel an ISP to turn
over content information and non-content information
Other Country Privacy Laws

lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1336
*
What is the "Operational Use"

of ''Social Media''?
When OHS is collecting PII about individuals
from a Social Media site for the purpose of:
§ Investigating them (criminal, civil, or
administrative)
§ Making a benefit decision about them
§ Making a personnel or suitability decision
about them
§ Enhancing situational awareness (to
support incident management decision
making)
§ Any other official purpose that potentially
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
may affect their rights, privileges, or benefits
I nlc lfll'llH'lll OHS Instruction 110-01-001, Section IV.D.
2020-ICLl-00023 1337
*
This Policy Does Not Apply To:
• Agency use of Social Media for

communications and outreach to the public
• Personnel use of Social Media for
professional development, such as training
and continuing education
• Use of Social Media to facilitate internal
meetings
• Use of internal OHS intranets or
applications
• Use of search engines for general Internet
research
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1338
*
What is Personally Identifiable

Information (PII)?
"Any information that permits the identity of
an individual to be directly or indirectly
inferred, including other information that is
linked or linkable to an individual.
OHS Instruction 110-01-001, Section IV.E.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1339
*I *
Personally Identifiable
Information (PII)
Name
Who You Are Date of
ID Numbers
I Sensitive PII I DNA
Home Phone#
Medical Records
Immigration
Biometrics Status
Family Info Drivers Fingerprint
Other Info License # Ss . S . # Photograph
oc1a1 ecunty
About You Stand-
Passport#
Financial
Info
*This is not a comprehensive list.

**See the Handbook on Safeguarding Sensitive PII at OHS available on
the ICE Privacy intranet site for more information.
8
lJ.S. ln1111i:.,:r.1ti(JII
,111d Cu-.l<J111-.
( nlc lfll'l1H'11l
2020-ICLl-00023 1340
*
What is ''Social Media''?

"The sphere of websites, applications, and
web-based tools that connect users to
engage in dialogue, share information and
media, collaborate, and interact.
.....
VouTube
"This definition does not apply to internal

8
lJ.S. . . II i(JII
ln11111:..:1,
,\ 11( I Cu-.l<J111-.
( 11 Ic l rl l'llH'lll
Department intranets or applications."
OHS Instruction 110-01-001, Section IV.K.
2020-ICLl-00023 1341
*

• Because of the trend toward including interactive,
Social Media-type features on "regular" Internet
sites, it is often hard to know if you are on a
"regular" Internet site or a "Social Media" site
ac. ··••,' · ..... ·.

. - _... -.
.....
•:.n--.1 ,>.i 1:,1..(-;'fl., • · ••• "a'-1 ~ . ) I i , ~ ~ . - ,:tJ L•• ~ hill"l(-f ;"fl [ll ;,: F,:,,l pi>.ii in;.:,!T>-J,on.
lr._~;:,,lo!;., ~ llii)A'.I {ail lr.:ff"(ll 9»:I .,..-.:-.;-ffl •.,IIJ .,,.,,~ nTI ~ ,...,,¥,'.1):(I ~
'1~~ M[li. ~•°': I!' • ~ ~•,'!'.ill ,._~..,.I fllh.fl~• ,«~ 11)1:j!, ti! :llirl:llfl!JH
P.KII.Trp r.:i,i~ l:)119'-:- l,j r,'¥11 ."11,1~ !(iq!':'11"1'
,...
lJ.S. ln1111i:..:r.1ti(J11
Si"• •l'!i!'".'t.~ ~ • IToHl¥•.•~• i."'•.nl i:,tl,'Nl.;tlJ. 1,'1'.111~ ,1-. 'll ;,'.Ii NP.N"I
,111d Cu-.l<J111-.
QI'~
I nlc lfll'llH'lll
2020-ICLl-00023 1342',-'! ,..
*

• Because ICE's Rules of Behavior apply to
all online activity where you collect PII , you
do not have to be concerned about
whether you are on a Social Media site, or
a regular Internet site
• Simply follow the appropriate Rules of
Behavior anytime you collect PII online:
• Collection for a law enforcement purpose -
follow the ICE Law Enforcement Rules of
Behavior
• Collection for a non-law enforcement
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-. purpose - follow the ICE Non-Law
I nlc lfll'llH'lll
Enforcement Rules of Behavior
2020-ICLl-00023 1343
*
ICE Rules of
Behavior (ROB)
for Non-Law
Enforcement
Activities
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1344
*

Morton to ICE Personnel, Use of Public
Online Information for Non-Law
Enforcement Work-Related Activities (June
28,2012)
(b)(7)(E)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1345
*
ICE Rules of
Behavior (ROB)
for Online Law
Enforcement
Activities
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1346
*

Morton to Law Enforcement Personnel,
Use of Public and Non-Public Online
Information (June 28, 2012)
rb)(7)(E)
• Based on and consistent with the DOJ

Online Investigative Principles for Federal
Law Enforcement Agents (1999)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1347
*

• Apply to any ICE personnel conducting law
enforcement activities:
§ For a law enforcement purpose
• Apply to ICE law enforcement and other

support personnel engaging in a civil,
criminal, or administrative law enforcement
investigation, operation, or activity
§ Includes attorneys prosecuting criminal, civil
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
or administrative matters
I nlc lfll'llH'lll
2020-ICLl-00023 1348
*

• Obtaining information from unrestricted
sources
§ You may obtain information from publicly
accessible online sources under the same
conditions you may obtain information from
other sources generally open to the public.
• Accessing restricted sources

§ You may not access restricted online sources
absent legal authority permitting entry into
private space.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1349
*

• Obtaining identifying information about
users or networks
• You may use software tools to obtain PII about a
user or host computer network under same
circumstances in which ICE guidelines and
procedures allow you to look up similar
information such as a phone number.
• You may not use software tools to circumvent
restrictions placed on system users.
• Real time communications
• You may passively observe and log real-time
electronic communications open to the public
lJ.S. ln1111i:..:r.1ti(J11 under the same circumstances in which you may
,111d Cu-.l<J111-.
I nlc lfll'llH'lll attend a public meeting.
2020-ICLl-00023 1350
*

• Online communications
§ Law enforcement must disclose their
affiliation with law enforcement when ICE
guidelines would require such disclosure if
the communication were taking place in
person or over the telephone.
§ Law enforcement personnel may
communicate online under a non-identifying
name or fictitious identity only if ICE
guidelines and procedures would authorize
such communications in the physical world.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1351
*

• Appropriating Online Identity.
• "Appropriating online identity" occurs when
law enforcement personnel electronically
communicate with others by deliberately
assuming the known online identity (such as
the usemame) of a real person , without
obtaining that person's consent.
Appropriating identity is an intrusive law
enforcement technique that should be used
infrequently and only in serious criminal
cases.
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1352
*

Record Retention
§ Retain contents of a stored electronic message if
you would have retained that message had it been
written on paper.
• International Issues
§ Unless gathering information from online facilities
configured for public access, e.g., Facebook, law
enforcement personnel conducting investigations
should ascertain whether any pertinent computer
system, data, or subject is located in a foreign
jurisdiction.
§ Whenever an item or person is located abroad, law
enforcement personnel should follow ICE's policies
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-. and procedures for international investigations.
I nlc lfll'llH'lll
2020-ICLl-00023 1353
*
Contact & Resource Information

Questions? Contact the ICE Privacy &
Records Office, Privacy Branch
(202) 732-3300
ICEPrivacy@ice.dhs.gov
Website:
l(b)(7)(E)
Links:
ICE Law Enforcement Rules of Behavior
l(b)(7)(E)
ICE Non-Law Enforcement Rules of Behavior

l(b)(7)(E)
lJ.S. ln1111i:..:r.1ti(J11
,111d Cu-.l<J111-.
I nlc lfll'llH'lll
2020-ICLl-00023 1354
U.S. Immigration
and Customs
Enforcement
Federal Register /Vol. 75, No. 39/Monday, March 1, 2010/Notices 9233
Periodically, CDC estimates the food safety progress that cannot be DEPARTMENT OF HOMELAND
overall burden of foodborne illness. directly linked to health outcomes. SECURITY
CDC's estimate of the overall burden of These include measures of process
foodborne illness has a much larger control in food production, studies on Office of the Secretary
scope than CDC's annual reports and the prevalence of specific pathogens in [Docket No. DHS-2009- 0071]
draws heavily from FoodNet data as specific classes of food, and studies of
well as from a much wider variety of compliance with recommended or Privacy Act of 1974; U.S. Immigration
data sources, both inside and outside of required food safety practices in retail and Customs Enforcement-006
CDC. This estimate also includes and food-service operations. Intelligence Records System of
norovirus, a major contributor to the Records
Specifically, topics to be discussed
overall burden of foodbome disease,
include CDC's data sources and AGENCY: Privacy Office, DHS .
which can be transmitted not only by
foods, but also by environmental methods, including methods for
ACTION: Notice of Privacy Act system of
sources, and is not monitored by estimating the burden of foodborne
records.
FoodNet. CDC's last estimate of the illness, and their various limitations and
overall burden of foodborne illness was utilities; and FDA's and USDA's SUMMARY: In accordance with the
issued in 1999 and included unknown ongoing measures to gauge the success, Privacy Act of 1974, U.S. Immigration
causes of foodborne illness (Ref. 2). or implied success (i.e., via the kinds of and Customs Enforcement is modifying
Since then, advances in methodology proxy measures described in previously an existing system of records titled the
and data sources have improved mentioned examples; e.g., surveys for E. Immigration and Customs Enforcement-
capabilities in developing disease coli O157:H? and Salmonella in 006 Intelligence Records System (Dec. 9,
burden estimates; these will be reflected produce and tracking of specific 2008), to clarify the nature of the
in CDC's next estimate. pathogens in meat), of policies and personally identifiable information that
In addition to CDC estimates, FDA interventions, including the level of will be collected and maintained on
and USDA use other measures to gauge compliance with food safety regulations. individuals. In conjunction with its
the success, or implied success (i.e., via publication of the Privacy Impact
III. Transcripts
proxy measures), of policies and Assessment for the JCEGangs system,
interventions for reducing foodborne Please be advised that as soon as a Immigration and Customs Enforcement
illness. For example, although transcript is available, it will be is modifying the DHS/ICE-006
measurements of the food industry's accessible at http:!! Immigration and Customs Enforcement
compliance with a given food safety www.regulations.gov. It may be viewed Intelligence Records system of records
regulation cannot be used to directly at the Division of Dockets Management notice to more clearly explain the type
measure the regulation's impact on the (HFA- 305), Food and Drug of information it gathers on suspected
rate of foodborne illness, improved Administration, 5630 Fishers Lane, rm. and confirmed gang members and
compliance can be reasonably expected 1061, Rockville, MD 20852. A transcript associates. This OHS/Immigration and
to improve the likelihood that the foods will also be available in either h ardcopy Customs Enforcement-006 Intelligence
involved will be safer and, thus, the or on CD- ROM, after submission of a Records system of records notice
likelihood that fewer illnesses will Freedom of Information request. Written updates categories of individuals;
result. Examples include the tracking of requests are to be sent to Division of categories of records; purpose of the
E. coli O157:H? in ground beef and of Freedom of Information (HFI- 35), Office system; adding a routine use; and
Salmonella in meat, and surveys of both of Management Programs, Food and policies and practices for retaining and
domestic and imported produce, such as disposing of records in the system.
Drug Administration, 5600 Fishers
surveys conducted by FDA and USDA's Lane, rm. 6-30, Rockville, MD 20857. Immigration and Customs Enforcement
Microbiological Data Program, which is soliciting comments on this SORN
have targeted Salmonella and E. coli IV. References due to the clarifying changes that were
O157:H?. made since the original publication. A
Th e following references are on Privacy Impact Assessment on ICEGangs
II. Purpose of the Workshop and Topics display at the Division of Dockets
for Discussion that describes the system in detail is
Management (see Transcripts), between being published concurrently with this
The purpose of this initial 1-day 9 a.m. and 4 p.m., Monday through notice. In addition, this notice addresses
public workshop is to discuss current Friday. (FDA has verified the following one comment that was received in
and potential measurements for Web site address, but FDA is not response to the original publication of
assessing progress in food safety and to responsible for any subsequent changes the Immigration and Customs
provide workshop participants an to the Web site after this document Enforcement Intelligence Records SORN
opportunity to learn about metrics and publishes in the Federal Register.) on December 9, 2008. A final rule is
to consider and suggest metrics for 1. President's Food Safety Working Group being published concurrently with this
assessing the effects that policies and findings, http:/ lwwiv.foodsafetyworking notice in which the Department
interventions have on foodborne illness. group.gov/ContentKeyFindings/HomeKey exempts portions of this system of
The workshop will focus on the current Findings.htm. records from one or more provisions of
status and challenges involved in 2. Mead P.S., L. Slutsker, V. Dietz, et al., the Privacy Act because of criminal,
measuring foodborne illness and trends Food-Reloted Illness ond Death in the United civil, and administrative enforcement
over time, including incidence and States, Emerging Infectious Diseases, 5(5),
requirements.
trends in the overall burden of 607-625, 1999.
foodborne illness and illnesses DATES: This amended system of records
Dated: February 23, 2010.
associated with specific foodborne ·will be effective March 31, 2010.
Leslie Kux, Written comments must be submitted
pathogens and specific pathogens that
affect specific foods. The workshop will Acting Assistant Commissioner for Policy. on or before March 31, 2010.
include a discussion of other measures [FR Doc. 2010-4110 Filed 2- 26-10; 8:45 am) ADDRESSES: You may submit comments,
that are, or could be, used to measure BILLING CODE 4160- 01- S identified by docket number DHS-
2020-ICLl-00023 1356
9234 Federal Register /Vol. 75, No. 39/Monday, March 1, 2010/Notices
2009-0071 by one of the following Investigations concerning suspected or II. Public Comment
methods: confirmed gang members and associates One public comment was received,
• Federal e-Rulemaking Portal: http:// included in a database called ICEGangs. but as it did not pertain to the SORN or
www.regulations.gov. Follow the ICEGangs maintains personal proposed rule, it is not addressed here.
instructions for submitting comments. information about individuals wh o A final rule is published concurrently
• Fax: 703-483- 2999. qualify as suspected or confirmed gang lArith this notice in th is issue of the
• Mail: Mary Ellen Callahan, Chief members and associates under ICE Federal Register.
Privacy Officer, Privacy Office, criteria. ICEGangs stores the following
Department of Homeland Security, data about each gang member and III. Privacy Act
Washington, DC 20528. associate to the extent it is available: The Privacy Act embodies fair
• Instructions: All submissions Biographic information (name, date of information principles in a statutory
received must include the agency name birth, etc.), immigration status, gang framework governing the means by
and docket number for this rulemaking. affiliation, physical description, which the United States Government
All comments received will be posted government-issued identification collects, maintains, uses, and
without change to http:// numbers, photos of the individual, disseminates personally identifiable
www.regulations.gov, including any identities of gang associates, field information. The Privacy Act applies to
personal information provided. interview notes, and criminal history information th at is maintained in a
• Docket: For access to the docket to information. ICEGangs also stores "system of records." A "system of
read background documents or general comments entered by the ICE records" is a group of any records under
comments received go to http:// agent that created the gang member or the control of an agency for which
www.regulations.gov. associate record as well as a reference to information is retrieved by the name of
FOR FURTHER INFORMATION CONTACT: For
the official evidentiary system of an individual or by some identifying
general questions p lease contact Lyn M. records where official case files are number, symbol, or other identifying
Rahilly (202-732-3300), Privacy Officer, stored. particular assigned to the individual. In
ICEGangs h as two main purposes.
U.S. Immigration and Customs the Privacy Act, an individual is defined
First, it supplements the existing ICE
Enforcement, 500 12th Street, SW., to encompass United States citizens and
case management system by providing a
Washington, DC 20536. For privacy consolidated repository of information legal permanent residents. As a matter
issues please contact Mary Ellen on gang members and associates and of policy, OHS extends administrative
Callahan (703-235-0780). Chief Privacy Privacy Act protections to all
gang-related activity. ICEGangs allows
Officer, Privacy Office, U.S. Department ICE agents and support personnel to individuals where systems of records
of Homeland Security, Washington, DC search gang-oriented information in a maintain information on U.S. citizens,
20528. more efficient and effective manner th an lawful permanent residents, and
SUPPLEMENTARY INFORMATION: is possible in ICE's standard visitors. Individuals may request access
investigative case management system. to their own records that are maintained
I. Background in a system of records in the possession
For example, an ICE field agent can
The Immigration and Customs query ICEGangs for a list of members in or under the control of OHS by
Enforcement (ICE) Intelligence Records a specific gang. It is not currently compl)ring with DHS Privacy Act
(HRS) system of records was originally possible to perform the same sort of regulations, 6 CFR Part 5.
established on December 9, 2008 (73 FR query using ICE's investigative case The Privacy Act requires each agency
74735), and public comments were management system. As a matter of to publish in the Federal Register a
solicited for the SORN and the policy, ICE agents are required to create description denoting the type and
associated Notice of Proposed and/or update ICEGangs records for character of each system of records that
Rulemaking (73 FR 74633, Dec. 9, 2008) suspected and/or confirmed gang the agency maintains, and the routine
which proposed to exempt this system members and associates whenever they uses that are contained in each system
from one or more provisions of the encounter gang members and associates in order to make agency record keeping
Privacy Act because of criminal, civil, in the field during their official law practices transparent, to notify
and administrative enforcement enforcement activities. ICEGangs individuals regarding the uses to which
requirements. Due to urgent homeland records also contain references to tlie personally identifiable information is
security and law enforcement mission official evidentiary system of records, put, and to assist individuals to more
needs, ICE was already maintaining which allows ICE agents and support easily find such files within the agency.
these records when the original IIRS personnel to refer to official case Below is the description of the
SORN was published. Recognizing that records. Immigration and Customs Enforcement-
ICE published a system of records notice Second, ICEGangs facilitates the 006 Intelligence Records system of
for an existing system, ICE committed to sharing of gang information between ICE records.
reviewing and considering public and oth er law enforcement agencies. In In accordance with 5 U.S.C. 552a(r),
comments, apply appropriate revisions, particular, ICE currently provides the DHS has provided a report of this new
and republish th e !IRS system of records California Department of Justice system of records to the Office of
notice within 180 days of receipt of (CalDOJ) access to the data in ICEGangs. Management and Budget and to
comments. A new routine use is also CalDOJ users access ICEGangs through Congress.
proposed to allow data sharing between their own CalGangs application which SYSTEM OF RECORDS
ICE and other law enforcement agencies accesses the ICEGangs repository
for the purpose of collaboration, remotely. In the future, ICE anticipates DHS/ICE-006
coordination, and de-confliction of that it will share information with other SYSTEM NAME:
cases. State and local law enforcement ICE Intelligence Records System
In addition to the records described in agencies that use the GangNET software. (!IRS).
the initial publication of HRS, this ICE will require access controls for State
notice also consists of information and local agencies as a prerequisite to SECURITY CLASSIFICATION:
maintained by the ICE Office of gaining access to ICEGangs. Sensitive But Unclassified, Classified.
2020-ICLl-00023 1357
SYSTEM LOCATION: CATEGORIES OF RECORDS IN THE SYSTEM: PURPOSE(S):
Records are maintained at ICE Categories of records in this system The purpose of this system is:
Headquarters in Washington, DC, and include: (1) Biographic information (a) To maintain records that reflect
and generally support ICE's collection,
field offices. (name, date of birth, social security
analysis, reporting, and distribution of
number, alien registration number,
law enforcement, immigration
CATEGORIES OF INDIVIDUALS COVERED BY THE citizenship/immigration status, passport
administration, terrorism, intelligence,
SYSTEM: information, addresses, phone numbers,
and homeland security information in
Categories of individuals covered by etc.); (2) Records of immigration
support ofICE's law enforcement. and
this system include the following: (1) enforcement activities or law
immigration administration mission.
Individuals (e.g., subjects, witnesses, enforcement investigations/activities (b) To produce law-enforcement
associates) associated with immigration conducted by ICE, the former intelligence reporting that provides
enforcement activities or law Immigration and Naturalization Service, actionable information to ICE's law
enforcement investigations/activities or the former U.S. Customs Service; (3) enforcement and immigration
conducted by ICE, the former Information (including documents and administration personnel and to other
Immigration and Naturalization Service, electronic data) collected by DHS from appropriate government agencies.
or the former U.S. Customs Service; (2) or about individuals during (c) To enhance the efficiency and
individuals associated with law investigative activities and border effectiveness of the research and
enforcement investigations or activities searches; (4) Records of immigration analysis process for DHS law
conducted by other Federal, State, enforcement activities and law enforcement, immigration, and
Tribal, territorial, local or foreign enforcement investigations/activities intelligence personnel through
agencies where there is a potential that have a possible nexus to ICE's law information technology tools that
nexus to ICE's law enforcement and enforcement and immigration provide for advanced search and
immigration enforcement enforcement responsibilities or analysis of various datasets.
responsibilities or homeland security in homeland security in general; (5) Law (d) To facilitate multi-jurisdictional
general; (3) individuals known or enforcement, intelligence, crime, and informational exchange between ICE
appropriately suspected to be or have incident reports (including financial and other law enforcement agencies
been engaged in conduct constituting, in reports under the Bank Secrecy Act and regarding known and suspected gang
preparation for, in aid of, or related to law enforcement bulletins) produced by members and associates; and
terrorism; (4) individuals involved in, DHS and other government agencies; (6) (e) To identify potential criminal
associated with, or who have reported U.S. visa, border immigration and activity, immigration violations, and
suspicious activities, threats, or other naturalization benefit data, including threats to homeland security; to uphold
incidents reported by domestic and arrival and departure data; (7) Terrorist and enforce the law; and to ensure
foreign government agencies, watchlist information and other public safety.
multinational or non-governmental terrorism related information regarding
ROUTINE USES OF RECORDS MAINTAINED IN THE
organizations, critical infrastructure threats, activities, and incidents; (8) Lost
SYSTEM, INCLUDING CATEGORIES OF USERS AND
owners and operators, private sector and stolen passport data; (9) Records THE PURPOSES OF SUCH USES:
entities and organizations, and pertaining to known or suspected
In addition to those disclosures
individuals; (5) individuals who are the terrorists, terrorist incidents, activities, generally permitted under 5 U.S.C.
subjects of or otherwise identified in groups, and threats; (10) ICE-generated
552a(b) of the Privacy Act, all or a
classified or unclassified intelligence intelligence requirements, analysis,
reporting, and briefings; (11) Third party portion of the records or information
reporting received or reviewed by ICE; contained in this system may be
and (6) individuals who are known or intelligence reporting; (12) Articles,
public-source data, and other published disclosed outside DHS as a routine use
suspected gang members or associates, pursuant to 5 U.S.C. 552a(b)(3) as
including records maintained in the information on individuals and events
of interest to ICE; (13) Records and follows:
ICEGangs system. A. To the Department. of Justice or
IIRS includes an information information from government data
other Federal agency conducting
technology system known as the systems or retrieved from commercial
litigation or in proceedings before any
Intelligence Fusion System (IFS). In data providers in the course of
court, adjudicative or administrative
addition to the categories of individuals intelligence research, analysis and body, when (1) DHS or any component
listed above, IFS also includes the reporting; (14) Reports of suspicious
thereof; (2) any employee of DHS in his/
activities, threats, or other incidents
following: (1) Individuals identified in her official capacity; (3) any employee
law enforcement, intelligence, crime, generated by ICE and third parties; and
of DHS in his/her individual capacity
and incident reports (including (15) Additional information about
where DOJ or DHS h as agreed to
financial reports under the Bank known and suspected gang members
represent the employee; or (4) the
Secrecy Act and law enforcement and associates such as biographic
United States or any agency thereof, is
information (name, date of birth, etc.),
bulletins) produced by DHS and other a party to the litigation or has an interest
government agencies; (2) individuals immigration status, gang affiliation,
in such litigation; and DHS determines
identified in U.S. visa, border, physical description, government-issued
that the records are both relevant and
immigration and naturalization benefit identification numbers, photos of the
necessary to the litigation and th e use of
data, including arrival and departure individual, identities of gang associates,
such records is compatible with the
data; (3) individuals identified in DHS field interview notes, and criminal
purpose for which DHS collected the
law enforcement and immigration history information.
records.
records; (4) individuals not authorized AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
B. To the Department. of Justice (DOJ),
to work in the United States; (5) Civil Rights Division, for the purpose of
individuals whose passports have been 5 U.S.C. 301; 8 U.S.C. 1103, 1105, responding to matters within the DOJ's
lost or stolen; and (6) individuals 1225(d)(3), 1324(b)(3), 1357(a), and jurisdiction to include allegations of
identified in public news reports. 1360(b); 19 U.S.C. 1 and 1509. fraud and/or nationality discrimination.
2020-ICLl-00023 1358
9 236 Federal Register /Vol. 75, No. 39/Monday, March 1, 2010/Notices
C. To a congressional office from the requested such redress on behalf of enforcement responsibilities, including
record of an individual in response to another individual. the collection of law enforcement
an inquiry from that congressional office I. To a former employee of DHS, in intelligence.
made at the request of the individual to accordance with applicable regulations, N. To appropriate Federal, State,
whom the record pertains. for purposes of responding to an official local, Tribal, or foreign governmental
D. To the National Archives and inquiry by a Federal, St.ate or local agencies or multilateral government.al
Records Administration or other Federal government entity or professional organizations responsible for
government agencies pursuant to licensing authority; or facilitating investigating or prosecuting the
records management inspections being communications with a former violations of, or for enforcing or
conducted under the authority of 44 employee that may be necessary for implementing, a statute, rule,
U.S.C. 2904 and 2906. personnel-related or other official regulation, order, license, or treaty
E. To an agency, organization, or purposes where the Department requires where OHS determines that the
individual for the purpose of performing information or consultation assistance information would assist in the
audit or oversight operations as from the former employee regarding a enforcement of civil, criminal, or
authorized by law, but only such matter within that person's former area regulatory laws.
information as is necessary and relevant of responsibility. 0. To third parties during the course
to such audit or oversight function. ]. To an appropriate Federal, State, of an investigation by OHS, a
F. To appropriate agencies, entities, local, Tribal, foreign, or international proceeding within the purview of the
and persons when: (1) OHS suspects or agency. if the information is relevant immigration and nationality laws, or a
has confirmed that the security or and necessary to the agency's decision matter under DHS's jurisdiction, to the
confidentiality of information in the concerning the hiring or retention of an extent necessary to obtain information
individual or the issuance, grant, pertinent to the investigation, provided
system of records has been
renewal, suspension or revocation of a disclosure is appropriate to the proper
compromised; (2) the Department has
security clearance, license, contract, performance of the official duties of the
determined that as a result of the
grant, or other benefit; or if the officer making the disclosure.
suspected or confirmed compromise
information is relevant. and necessary to
there is a risk of harm to economic or P. To a Federal, State, or local agency,
a DHS decision concerning the hiring or
property interests, identity theft or or other appropriate entity or
retention of an employee, the issuance
fraud, or harm to the security or individual , or through established
of a security clearance, the reporting of
integrity of this system or other systems liaison channels to selected foreign
an investigation of an employee, the
or programs (whether maintained by governments, in order to provide
letting of a contract, or the issuance of
OHS or another agency or entity) that a license, grant or other benefit and intelligence, counterintelligence, or
rely upon the compromised when disclosure is appropriate to the other information for the purposes of
information, or harm to an individual; intelligence, counterintelligence, or
proper performance of the official duties
and (3) the disclosure made to such of the person receiving the information. antiterrorism activities authorized by
agencies, entities, and persons is K. To appropriate Federal, State, U.S. law, Executive Order, or other
reasonably necessary to assist in local, Tribal, or foreign governmental applicable national security directive.
connection with DHS's efforts to agencies or multilateral governmental Q . To Federal and foreign government
respond to the suspected or confirmed organizations for the purpose of intelligence or counterterrorism
compromise and prevent, minimize, or protecting the vital interests of a data agencies when OHS reasonably believes
remedy such harm. subject or other persons, including to there to be a threat or potential threat to
G. To contractors and their agents, assist such agencies or organizations in national or international security for
grantees, experts, consultants, and preventing exposure to or transmission which the information may be useful in
others performing or working on a of a communicable or quarantinable countering the threat or potential threat,
contract, service, grant, cooperative disease or to combat other significant when OHS reasonably believes such use
agreement, or other assignment for DHS, public health threats; appropriate notice is to assist in anti-terrorism efforts, and
when necessary to accomplish an will be provided of any identified health disclosure is appropriate to the proper
agency function related to this system of risk. performance of the official duties of the
records. Individuals provided L. To a public or professional person making the disclosure.
information under this routine use are licensing organization when such R. To an organization or individual in
subject to the same Privacy Act information indicates, either by itself or either the public or private sector, either
requirements and limitations on in combination with other information, foreign or domestic, where there is a
disclosure as are applicable to DHS a violation or potential violation of reason to believe that the recipient is or
officers and employees. professional standards, or reflects on the could become the target of a particular
H. To a Federal, State, territorial, moral, educational, or professional terrorist activity or conspiracy, to the
Tribal, local, international, or foreign qualifications of an individual who is extent the information is relevant to the
government agency or entity for the licensed or who is seeking to become protection of life or property and
purpose of consulting with that agency licensed. disclosure is appropriate to the proper
or entity: (1) To assist in making a M. To a Federal, State, Tribal, local or performance of the official duties of the
determination regarding redress for an foreign government agency or person making the disclosure.
individual in connection with the organization, or international S. To international and foreign
operations of a OHS component or organization, lawfully engaged in government.al authorities in accordance
program; (2) for the purpose of verifying collecting law enforcement intelligence ,,vith law and formal or informal
the identity of an individual seeking information, whether civil or criminal, international agreements.
redress in connection with the or charged with investigating, T. To the Department. of State in the
operations of a OHS component or prosecuting, enforcing or implementing processing of petitions or applications
program; or (3) for the purpose of civil or criminal laws, related rules, for benefits under the Immigration and
verifying the accuracy of information regulations or orders, to enable these Nationality Act, and all other
submitted by an individual who has entities to carry out their law immigration and nationality laws
2020-ICLl-00023 1359
including treaties and reciprocal number, or passport number. Records http://www.dhs.gov/foia under
agreements. may also be retrieved by non-personal "contacts." If an individual believes
U. To appropriate Federal, State, information such as transaction date, more than one component maintains
local, Tribal, or foreign governmental entity/institution name, description of Privacy Act records concerning him or
agencies or multilateral governmental goods, value of transactions, and other her the individual may submit the
organizations where DHS is aware of a information. request to the Chief Privacy Officer,
need to utilize relevant data for Department of Homeland Security, 245
SAFEGUARDS:
purposes of testing new technology and Murray Drive, SW., Building 410,
systems designed to enhance national Records in this system are STOP- 0550, Washington, DC 20528.
security or identify other violations of safeguarded in accordance with When seeking records about yourself
law. applicable rules and policies, including from this system of records or any other
V. To appropriate Federal, State, all applicable DHS automated systems Department.al system of records your
local, Tribal, or foreign government security and access policies. Strict request must conform with the Privacy
agencies or multinational government controls have been imposed to minimize Act regulations set forth in 6 CFR Part
organizations where DHS desires to the risk of compromising the 5. You must first verify your identity,
exchange relevant data for the purpose information that is being stored. Access meaning that you must provide your full
of developing new software or to the computer system containing the name, current address and date and
implementing new technologies for the records in this system is limited to those place of birth. You must sign your
purposes of data sharing to enhance individuals who have a need to know request, and your signature must either
homeland security, national security or the information for the performance of be notarized or submitted under 28
law enforcement. their official duties and who have U.S.C. 1746, a law that permits
W. To a criminal, civil, or regulatory appropriate clearances or permissions. statements to be made under penalty or
law enforcement authority (whether The system maintains a real-time perjury as a substitute for notarization.
Federal, State, local, territorial, Tribal, auditing function of individuals who While no specific form is required, you
international or foreign) where the access the system. Additional may obtain forms for this purpose form
information is necessary for safeguards may vary by component. and the Director, Disclosure and FOIA,
collaboration, coordination and de- program. http://www.dhs.gov or 1-866-431- 0486.
confliction of investigative matters, to In addition you should provide the
RETENTION AND DISPOSAL:
avoid duplicative or disruptive efforts following:
and for the safety of law enforcement ICE is in the process of drafting a • An explanation of why you believe
officers who may be working on related proposed record retention schedule for the Department would have information
investigations. the information maintained in IIRS, on you,
X. To the news media and the public, including system information stored in • Identify which component(s) of the
with the approval of the Chief Privacy IFS. ICE anticipates retaining the Department you believe may have the
Officer in consultation with counsel, records from other databases in IFS for information about you,
when there exists a legitimate public 20 years, records for which IFS is the • Specify when you believe the
interest in the disclosure of the repository ofrecord for 75 years, and records would have been created,
information or when disclosure is ICE-generated intelligence reports for 75 • Provide any other information that
necessary to preserve confidence in the years. The original electronic data ·will help the FOIA staff determine
integrity of DHS or is necessary to containing the inputs to IFS will be which DHS component agency may
demonstrate the accountability of DHS's destroyed after upload and verification have responsive records,
officers, employees, or individuals or returned to the source. • If your request is seeking records
covered by the system, except to the ICE is in the process of drafting a pertaining to another living individual,
extent it is determined that release of proposed record retention schedule for you must include a statement from that
the specific information in the context the information maintained in individual certifying his/her agreement
of a particular case would constitute an ICEGangs. ICE anticipates retaining for you to access his/her records.
unwarranted invasion of personal ICEGangs records for five years from the Without this bulleted information the
privacy. date the record was last accessed. component(s) will not be able to
SYSTEM MANAGER AND ADDRESS:
conduct an effective search, and your
DISCLOSURE TO CONSUMER REPORTING
request may be denied due to lack of
AGENCIES: Director, ICE Office of Intelligence, specificity or lack of compliance ,,vith
None. 500 12th Street, SW., Washington, DC
applicable regulations.
20536.
POLICIES AND PRACTICES FOR STORING,
RECORD ACCESS PROCEDURES:
RETRIEVING, ACCESSING, RETAINING, AND NOTIFICATION PROCEDURE:
DISPOSING OF RECORDS IN THE SYSTEM: See "Notification procedure" above.
The Secretary of Homeland Security
STORAGE: has exempted this system from the CONTESTING RECORD PROCEDURES:
Records in this system are stored notification, access, and amendment See "Notification procedure" above.
electronically or on paper in secure procedures of the Privacy Act because it
is a law enforcement system. However, RECORD SOURCE CATEGORIES:
facilities in a locked drawer behind a
locked door. The records are stored on ICE will consider individual requests to Federal, State, local, territorial, Tribal
magnetic disc, tape, digital media, and determine whether or not information or other domestic agencies, foreign
CD-ROM. may be released. Thus, individuals agencies, multinational or non-
seeking notification of and access to any governmental organizations, critical
RETRIEVABILITY: record contained in this system of infrastructure owners and operators,
Records may be retrieved by personal records, or seeking to contest its private sector entities and organizations,
identifiers such as but not limited to content, may submit a request in writing individuals, commercial data providers,
name, alien registration number, phone to the component's FOIA Officer, whose and public sources such as news media
number, address, social security contact information can be found at outlets and the Internet.
2020-ICLl-00023 1360
9238 Federal Register /Vol. 75, No. 39/Monday, March 1, 2010/Notices
EXEMPTIONS C LAIMED FOR THE SYSTEM: categories of records have been of records is being renamed DHS/ICE-
Pursuant to exemption 5 U .S.C. reviewed, and the purpose statement 011 Immigration and Enforcement
552a(j)(2) of the Privacy Act, portions of and routine uses of this system have Operational Records System of Records
this system are exempt from 5 U.S.C. been updated to b etter reflect th e (ENFORCE) to better reflect the nature
552a(c)(3) and (4); (d); (e)(l), (e)(2), current status of these records. and scope of the records maintained.
(e)(3), (e)(4)(G), (e)(4)(H), (e)(5) and Additionally, this notice includes non- DHS is updating this notice to include
(e)(8); (f); and (g). Pursuant to 5 U.S.C. substantive changes to simplify the the following substantive changes: (1)
552a (k)(2), this system is exempt from formatting and text of the previously An update to the categories of records
the following provisions of the Privacy published notice. This updated system to include clarifying language as well as
Act, subject to the limitations set forth will continue to be included in the to provide the Department of Justice
in those subsections: 5 U.S.C. 552a(c)(3), Department of Homeland Security's (DOJ) with DNA samples as required by
(d), (e)(l), (e)(4)(G), (e)(4)(H), and (f). inventory of record systems. 28 CFR Part 28; (2) th e addition of
Dated: February 24, 2010. DATES: Submit comments on or before routine uses to (a) incorporate the
Mary Ellen Callahan, March 31, 2010. This amended system routine uses that were already part of
will be effective March 31 , 2010. the published DHS/ICE-011
ChiefPrivacy Officer, Department of
Homeland Security. ADDRESSES : You may submit comments, Removable Aliens Records System of
[FR Doc. 2010-4102 Filed 2- 26- 10; 8:45 am] identified by docket number DHS- Records (RARS) (74 FR 20719, May 5,
2009-0144 by one of the following 2009) into this newly consolidated
BILLING CODE 9111- 28-P
methods: SORN, (b) provide information to
• Federal e-Rulemaking Portal: individuals in the determination of
DEPARTMENT OF HOMELAND http://www.regulations.gov. Follow the whether or not an alien has been
SECURITY instructions for submitting comments. removed from the U.S., (cl assist
• Fax: 703-483- 2999. agencies in collecting debts owed to
Office of the Secretary • Mail: Mary Ellen Callahan, Chief them or the U.S. Government, (d) allow
Privacy Officer, Privacy Office, sharing with the Department of State
[Docket No. DHS-200~144] Department of Homeland Security, (DOS) for immigration benefits and visa
Washington, DC 20528. activities, as well as when DOS is
Privacy Act of 1974; Department of • Instructions: All submissions
Homeland Security United States contacted by foreign governments to
received must include the agency name discuss particular matters involving
Immigration Customs and and docket number for this rulemaking. aliens in custody or other ICE
Enforcement-011 Immigration and All comments received will be posted enforcement matters that may involve
Enforcement Operational Records without change to http:// identified individuals, (e) allow the
System of Records www.regulations.gov, including any Office of Management and Budget
AGENCY: Privacy Office, DHS. personal information provided. (0MB) to review the private
• Docket: For access to th e docket to immigration relief bill process in
ACTION: Notice of amendment of Privacy read background documents or
Act system of records. Congress, (f) inform members of
comments received go to http:// Congress about an alien who is being
SUMMARY: In accordance with the www.regulations.gov. considered for private immigration
Privacy Act of 1974 the Department of FOR FURTHER INFORMATION CONTACT: Lyn relief, (g) share operational information
Homeland Security U.S. Immigration Rahilly (703- 732- 3300), Privacy Officer, with other law enforcement agencies to
and Customs Enforcement is updating U.S. Immigration and Customs prevent conflicting investigations or
an existing system of records titled, Enforcement, 500 12th Street, SW., activities, (h) coordinate the
Department of Homeland Security/U.S. Washington, DC 20536; or Mary Ellen transportation, custody, and care of U.S.
Immigration and Customs Callahan (703-235-0780), Chief Privacy Marshals Service (USMS) prisoners, (i)
Enforcement-011 Removable Alien Officer, Privacy Office, U.S. Department allow third parties to facilitate the
Records System of Records, January 28, of Homeland Security, Washington, DC placement or release of an alien who has
2009, and renaming it Department of 20528. been or are in the process of being
Homeland Security/U.S. Immigration SUPPLEMENTARY INFORMATION: released from ICE custody, (j) provide
and Customs Enforcement- 011 information about an alien who has or
Immigration and Enforcement I. Background is in the process of being released from
Operational Records System of Records. In accordance with the Privacy Act of ICE custody who may pose a health or
With the publication of this updated 1974, the Department of Homeland safety risk, (k) to provide information
system of records, the Department of Security is updating and reissuing facilitating the issuance of an
Homeland Security is also retiring an Department of Homeland Security immigration detainer on an individual
existing system of records titled, (DHS)/U.S. Immigration and Customs in custody or the transfer of an
Department of Homeland Security/U.S. Enforcement (ICE)-011 Removable individual to ICE or another agency, (1)
Immigration and Customs Alien Records System of Records (74 FR disclose DNA samples and related
Enforcement-Customs and Border 4965, Jan. 28, 2009) to include information as required by Federal
Protection- U.S. Citizenship and additional DHS records pertaining to the regulation, (m) to facilitate the
Immigration Services- 001- 03 investigation, arrest, booking, detention, transmission of arrest information to the
Enforcement Operational Immigration and removal of persons encountered Department of Justice for inclusion in
Records System of Records, March 20, during immigration and criminal law relevant law enforcement databases and
2006, and transferring certain law enforcement investigations and for the enforcement Federal firearms
enforcement and immigration records operations conducted by DHS. This licensing laws, and (n) to disclose
described th erein that are owned by system of records is also being updated information to persons seeking to post
U.S. Immigration and Customs to include records pertaining to fugitive or arrange immigration bonds. These
Enforcement to this updated system of aliens and aliens paroled into the updated routine uses are compatible
records. Categories of individuals and United States (U.S.) by ICE. The system with the purpose of this system because
2020-ICLl-00023 1361
~"''"'"~m9
INH;,•MAroc,)ls
G >O
72080 Federal Register /Vol. 81, No. 202/Wednesday, October 19, 2016/Notices
Freedom of Information Act Officer, • JUSTICE/FBI-002 The FBI Central DHS/ICE is updating this system of
http://www.dhs.gov/foia or 1-866-431- Records System, 72 FR 3410 (January records to: Change the system of records
0486. In addition, you should: 25, 2007); name to "DHS/ICE- 011 Criminal Arrest
• Explain why you believe the • DoDIA0025- 2 Defense Biometric Records and Immigration Enforcement
Department would have information on Services, 74 FR 48237, (September 22, Records (CARIER)" System of Records;
you; 2009); update and reorganize the categories of
• Identify which component(s) of the • DoD Detainee Biometric individuals for clarity; expand the
Department you believe may have the Information System, 72 FR 14534, categories of records to include
information about you; (March 28, 2007); and recordings of detainee telephone calls
• Specify when you believe the • DoDIA0025-2a Defense Biometric and information about these calls, as
records would have been created; and Identification Records System, 74 FR well as information related to detainees'
• Provide any other information that 17840, (April 17, 2009). accounts for telephone or commissary
will help the FOIA staff determine services in a detention facility; update
EXEMPTIONS CLAIMED FOR THE SYSTEM:
which DHS component agency may the system manager; clarify system
have responsive records; None. location; and add twenty-five routine
If your request is seeking records Dated: October 5, 2016. uses and modify twenty routine uses to
pertaining to another living individual, Jonathan R. Cantor, describe how the Department of
you must include a statement from that Acting ChiefPrivacy Officer, Department of Homeland Security may share
individual certifying his/her agreement Homeland Security. information from this system.
for you to access his/her records. [FR Doc. 2016- 25195 Filed 10- 18- 16; 8:45 am] Additionally, this notice includes non-
Without the above information, the BILLING CODE 9111 - 97- P
substantive changes to simplify the
component(s) may not be able to formatting and text of the previously
conduct an effective search, and your published notice.
request may b e denied due to lack of DEPARTMENT OF HOMELAND This updated system will be included
specificity or lack of compliance with SECURITY in the Department of Homeland
applicable regulations. Security's inventory ofrecord systems.
Office of the Secretary
RECORD ACCESS PROCEDURES: DATES: Submit comments on or before
[Docket No. DHS-2016-0073) November 18, 2016. This updated
See "Notification procedure" above.
system will be effective November 18,
CONTESTING RECORD PROCEDURES: Privacy Act of 1974; Department of 2016.
See "Notification procedure" above. Homeland Security United States
ADDRESSES: You may submit comments,
Immigration Customs and
Enforcement-011 Criminal Arrest identified by docket number DHS-
RECORD SOURCE CATEGORIES:
Records and Immigration Enforcement 2016-0073 by one of the following
DHS/USCIS obtains records from the methods:
applicant, and his or her accredited Records System of Records
• Federal e-Rulemaking Portal: http://
representative, preparer, or interpreter. AGENCY: Privacy Office, Department of www.regulations.gov. Follow the
Other information sources include Homeland Security. instructions for submitting comments.
family members, federal databases for ACTION : Notice of Privacy Act System of
security screening ch ecks, RSCs, the • Fax:202-343-4010.
Records.
DOS Refugee Processing Center, • Mail: Jonathan R. Cantor, Acting
resettlement agencies, international SUMMARY: In accordance with the Chief Privacy Officer, Privacy Office,
organizations, and local sources at Privacy Act of 1974, the Department of Department of Homeland Security,
overseas sites. DHS/USCIS personnel Homeland Security (DHS) proposes to Washington, DC 20528.
may input information as they process update, rename, and reissue a current Instructions: All submissions received
a case, including information from DHS system ofrecords titled, "DHS// must include the agency name and
internal and external sources to verify U.S. Immigration and Customs docket number for this rulemaking. All
whether a benefit requestor or family is Enforcement (ICE)- 011 Immigration and comments received will be posted
eligible for the refugee benefit Enforcement Operational Records without change to http:/ I
requested. Refugee Case Process and (ENFORCE)" system of records. DHS/ www.regulations.gov, including any
Security Screening also stores and uses ICE collects, uses, and maintains personal information provided.
information from the following USCIS, ENFORCE to support the identification, Docket: For access to the docket to
DHS, and other federal agency systems apprehension, and removal of read background documents or
of records: individuals unlawfully entering or comments received, please visit http://
• DHS/USCIS/ICE/CBP-001 Alien present in the United States in violation www.regulations.gov.
File, Index, and National File Tracking of the Immigration and Nationality Act,
System of Records, 78 FR 69864 including fugitive aliens. DHS/ICE also FOR FURTHER INFORMATION CONTACT: For
(November 21, 2013); uses ENFORCE to support the general questions, please contact:
• DHS/USCIS-002 Background Check identification and arrest of individuals Amber Smith, (202-732-3300), Privacy
Service, 72 FR 31082 (June 5, 2007); (both citizens and non-citizens) who Officer, U.S. Immigration and Customs
• DHS/USCIS- 003 Biometric Storage commit violations of federal criminal Enforcement, 500 12th Street SW., Mail
System, 72 FR 17172 (April 6, 2007); laws enforced by DHS. This system of Stop 5004, Washington, DC 20536. For
• STATE-05, Overseas Citizen records is being created from a privacy questions, please contact:
Services Records (May 2, 2008); previously issued system of records, Jonathan R. Cantor, (202-343-1717),
• STATE- 26, Passport Records, (Mar. DHS/ ICE 011- Immigration and Acting Chief Privacy Officer, Privacy
24, 2015)STATE- 39, DOS Visa Opinion Enforcement Operational Records Office, U.S. Department of Homeland
Information Service (VOIS), 77 FR (ENFORCE). See 80 FR 24,269 (Apr. 30, Security, Washington, DC 20528.
65245, (Oct. 25, 2012); 2015). SUPPLEMENTARY INFORMATION:
2020-ICLl-00023 1362
Federal Register/Vol. 81, No. 202/Wednesday, October 19, 2016/Notices 720 81
I. Background Fourth, the system location and national intelligence and security
security classification have been investigations or to assist in anti-
In accordance with the Privacy Act of updated to indicate that certain records terrorism efforts;
1974, 5 U.S.C. 552a, DHS/ICE is may be replicated from ICE's (P) To disclose information to the U.S.
updating, renaming, and reissuing a Enforcement Integrated Database (EID) Department. of Justice (DOJ) Executive
DHS system of records now titled, and stored on both DHS unclassified Office of Immigration Review (EOIR)
"DHS/Immigrat.ion and Enforcement. and classified networks to allow for and to the Board of Immigration
(ICE)- 011 Criminal Arrest Records and analysis and vetting consistent with Appeals (the entities that adjudicate
Immigration Enforcement Records existing DHS/ICE authorities and immigration cases), to the extent
(CARIER) System of Records." purposes and this published notice. necessary to carry out their authorized
The DHS/ICE update to CARIER Fifth, the title ofthe system manager duties pertaining to the adjudication of
includes several changes. First, the has been updated. matters arising under the INA;
system of records is being renamed to Finally, DHS is proposing to add new (DD) To DOJ and other law
better align it with the purpose of the routine uses that would allow ICE to enforcement or custodial agencies to
system. This system of records covers share information from the CARIER facilitate payments and reporting under
records documenting ICE's criminal system of records with the specified the State Criminal Alien Assistance
arrests, and also those documenting recipients for the specified purpose. Program or similar programs;
most of ICE's immigration enforcement DHS is also proposing to delete several (EE) To any law enforcement agency
actions, such as the issuance of routine uses and modify several others or custodial agency (such as a jail or
immigration det.ainers; the arrests, to clarify their meaning and/or to prison) to serve that agency with notice
charging, detention, and removal of expand or limit the scope of the of an immigration detainer, or to update
aliens for administrative immigration information shared. Several of the or remove a previously issued
violations; the search for and routine uses being added to or updated immigration detainer, for an individual
apprehension of fugitive aliens; and ICE in the CARIER SORN are the same believed to be in that agency's custody;
decisions concerning the grant or denial routine uses included in the Department (MM) To courts, magistrates,
of parole to aliens. This system of of Homeland Security/U.S. Customs and administrative tribunals, opposing
records is being created from a Immigration Services (USCIS)/ICE/ counsel, parties, and witnesses, in the
previously issued system of records Customs and Border Protection (CBP)- course of immigration, civil, or criminal
named, DHS/ICE 011-Immigration and 001 Alien File, Index, and National File proceedings (including discovery,
Enforcement Operational Records Tracking (A-File) SORN. 78 FR. 69,864, presentation of evidence, and settlement
(ENFORCE), 80 FR 24,269 (Apr. 30, (Nov. 21, 2013). Although both SORNs negotiations), and when DHS
2015). support the immigration enforcement determines that use of such records is
mission, they often contain different relevant and necessary to the litigation
Second, this update seeks to clarify
the types of individuals whose information about aliens that may need before a court or adjudicative body
to be shared. Therefore, identical or when any of the following is a party to
information is contained in this system
similar routine uses may be needed in or have an interest in the litigation:
of records. Some items in the category
both SORNs to ensure that immigration 1. DHS or any component thereof;
of individuals section have been
information can be shared as needed for 2. Any employee ofDHS in his/her
reorganized and edited to more clearly
law enforcement and other authorized official capacity;
identify the individuals whose records
purposes. 3. Any employee of DHS in his/her
may be present in this system of Below is a summary of the new
records. individual capacity when DOJ or DHS
routine uses and their corresponding has agreed to represent the employee; or
Third, the categories of records letter: 4. The United States, when DHS
section has been expanded to provide a (HJ To prospective claimants and determines that litigation is likely to
more detailed and complete list of the their attorneys for the purpose of affect DHS or any of its components.
types of information contained in the negotiating the settlement of an actual (NN) To federal, state, local, tribal,
system of records. The new categories of or prospective claim against DHS or its territorial, international, or foreign
records added to the system of records current or former employees, in advance government agencies or entities for the
are domestic and foreign criminal of the initiation of formal litigation or purpose of consulting with that agency
history information; information related proceedings; or entity:
to detainees' accounts for telephone or OJ To federal, state, local, tribal, or 1. To assist in making a determination
commissary services in a detention territorial government agencies, or other regarding redress for an individual in
facility; and video recordings of entities or individuals, or through connection with the operations of a DHS
detainees. The CARIER system of established liaison channels to selected component or program;
records also contains detainee foreign governments, in order to provide 2. To verify the identity of an
voiceprints used to verify identity when intelligence, counterintelligence, or individual seeking redress in
a detainee is released under an other information for the purposes of connection with the operations of a DHS
alternative to detention program, as well national security, intelligence, component or program; or
as the actual audio recordings of counterintelligence, or antiterrorism 3. To verify the accuracy of
detainee "check-in" telephone calls. activities authorized by U.S. law, E.O., information submitted by an individual
Additionally, the CARIER system of or other applicable national security who has requested such redress on
records contains recordings of detainee directive; behalf of another individual.
telephone calls made from a detention (K) To federal and foreign government (00) To federal, st.ate, local, tribal,
facility and information about these intelligence or counterterrorism territorial , or foreign governmental
calls such as the date, time, duration, agencies or components when DHS agencies; multilateral governmental
and telephone number called (Note: becomes aware of an indication of a organizations; or other public health
Information for protected telephone threat or potential threat to national or entities, for the purposes of protecting
calls, such as calls with an attorney, is international security, or when such the vi ta! interests of a data subject or
not recorded). disclosure is to support the conduct of other persons, including to assist such
2020-ICLl-00023 1363
72082 Federal Register/Vol. 81, No. 202/Wednesday, October 19, 2016/Notices
agencies or organizations during an (VV) To members of the public, with (DDO) To federal, state, local, tribal,
epidemiological investigation, in regard to disclosure of limited detainee territorial, foreign, or international
facilitating continuity of care, in biographical information for the agencies, after discovery of such
preventing exposure to or transmission purpose of facilitating the deposit of information, if DHS determines: (1) The
of a communicable or quarantinable monies into detainees' accounts for information is relevant and necessary to
disease of public health significance, or telephone or commissary services in a that agency's decision concerning the
to combat other significant public health detention facility; hiring or retention of an individual, or
threats. (WW) To federal, state, local, tribal, or issuance of a security clearance, license,
(PP) To foreign governments for the territorial government agencies seeking contract, grant, or other benefit; and (2)
purpose of providing information about to verify or ascertain the citizenship or Failure to disclose the information is
their citizens or permanent residents, or immigration status of any individual likely to create a substantial risk to
family members thereof, during local or within the jurisdiction of the agency for government facilities, equipment or
national disasters or health emergencies; any purpose authorized by law; personnel; sensitive information; critical
(QQ) To a coroner for purposes of (XX) To DOJ or other federal agency infrastructure; or public safety.
affirmatively identifying a deceased conducting litigation or in proceedings Below is a summary of the routine
individual (whether or not such before any court, adjudicative or uses that are proposed to be modified or
individual is deceased as a result of a administrative body, when necessary to deleted, and their corresponding letter:
crime) or cause of death; assist in the development of such (A) Expanded scope to include
(RR) To a former employee of DHS for agency's legal and/or policy position; sharing with the Offices of the United
purposes of responding to an official (YY) To federal, state, local, tribal, States Attorneys. Also removed sharing
inquiry by federal, state, local, tribal, or with a court, magistrate, administrative
and territorial courts or government
territorial government agencies or tribunal, opposing counsel, parties, and
agencies involved in criminal
professional licensing authorities; or witnesses because routine use LL now
investigation or prosecution, pre-trial,
facilitating communications with a permits sharing with these recipients.
sentencing, parole, probation, bail
former employee that may be relevant (C) Updated to note that records will
and necessary for personnel-related or bonds, or any other aspect of the
criminal justice process, and to defense be provided specifically to the General
other official purposes, when DHS Services Administration rather than to
counsel representing an individual in a
requires information or consultation other Federal Government agencies.
assistance from the former employee domestic criminal proceeding, in order
to ensure the integrity and efficiency of (O) Updated to clarify that records
regarding a matter within that person's will not be given to individuals, but to
former area of responsibility; the criminal justice system by informing
these recipients of the existence of an agencies or organizations performing the
(SS) To federal, state, local, tribal, audit.
territorial, foreign, or international immigration detainer or the individual's
(E) Updated to add the risk of identity
agencies, if the information is relevant status in removal proceedings,
theft or fraud , and harm to economic or
and necessary to a requesting agency's including removal or custodial status/
property interests as additional risks
decision concerning the hiring or location. Disclosure of the individual's
that OHS may determine may be a result
retention of an individual, or the Alien Registration Number (A-Number)
of the suspected or confirmed
issuance, grant, renewal, suspension or and country of birth is also authorized
compromise.
revocation of a security clearance, to facilitate these recipients' use of the Routine use H in the previous version
license, contract, grant, or other benefit; ICE Online Detainee Locator System for of the SORN, which authorized
or if the information is relevant and the purposes listed above; disclosure during court proceedings, has
necessary to a DHS decision concerning (ZZ) To a foreign government to notify been removed and replaced by new
the hiring or retention of an employee, it concerning its citizens or residents routine use MM. The new routine use
the issuance of a security clearance, the who are incapacitated, an contains improved wording that is
reporting of an investigation of an unaccompanied minor, or deceased; clearer about when disclosures may be
employee, the letting of a contract, or (AAA) To family members, guardians, made under these circumstances.
the issuance of a license, grant or other committees, friends, or other agents (I) Updated to enable OHS to share
benefit; identified by law or regulation to information when it deems that such
(TT) To a public or professional receive notification, decisions, and disclosure is necessary to carry out its
licensing organization when such other papers as provided in 8 CFR 103.8 functions and statutory mandates.
information indicates, either by itself or from DHS or EOIR following verification (J) Former routine uses J and K have
in combination with other information, of a familial or agency relationship with been removed and the sharing they
a violation or potential violation of an alien when DHS is aware of indicia permitted is now combined into one
professional standards, or reflects on the of incompetency or when an alien has routine use that authorizes disclosure
moral, educational, or professional been detern1ined to be mentally for the purposes of national security,
qualifications of licensed professionals incompetent by an immigration judge; intelligence, counterintelligence, or
or who those seeking to become (BBB) To an organization or person in antiterrorism activities.
licensed professionals; either the public or private sector, either Routine use L in the previous version
(UU) To an attorney or representative foreign or domestic, when there is a of the SORN has been removed and
(as defined in 8 CFR 1.2 , 202.1, reason to believe that the recipient is or replaced by a n ew routine use K
1001. l(f), or 1202.12) who is acting on could become the target of a particular permitting sharing with federal and
behalf of an individual covered by this terrorist activity or conspiracy, or when foreign government intelligence or
system of records in connection with the information is relevant to the counterterrorism agencies or
any proceeding before U.S. Citizenship protection of life, property, or other vital components in support of national
and Immigration Services (USCIS), ICE, interests of a person. intelligence and security investigations
U.S. Customs and Border Protection (CCC) To clerks and judges of courts or to assist in anti-terrorism efforts.
(CBP), or the EOIR, as required by law exercising naturalization jurisdiction for (N) Updated to clarify that in
or as deemed necessary in the discretion the purpose of granting or revoking disclosing custodial location to family
of the Department; naturalization. members, attorneys, and other agents
2020-ICLl-00023 1364
Federal Register /Vol. 81, No. 202/Wednesday, October 19, 2016/Notices 720 83
acting on the behalf of an alien, the the sharing to developing and citizens and lawful permanent
agency may also disclose if the alien implementing new software or residents. As a matter of policy, DHS
was released from ICE custody and/or technology when the purpose of the extends administrative Privacy Act
transferred to the custody of another software or technology is related to this protections to all individuals when
agency. This authority was implied but system of records. systems of records maintain information
not expressly stated in the previous (LL) (previously routine use GG) on U.S. citizens, lawful permanent
version of routine use N. Also modified Former routine use GG has been residents, and visitors.
to clarify that disclosure is authorized to removed and the sharing it permitted is Below is the description of the OHS/
attorneys representing the alien in any now contained in two new routine uses ICE- 011 Criminal Arrest Records and
legal proceeding, not only immigration to improve clarity: Routine use LL Immigration Enforcement Records
proceedings. permitting the disclosure of information (CARIER) System of Records.
(O) Updated to clarify that via the ICE Online Detainee Locator In accordance with 5 U.S.C. 552a(r),
information can be shared for other System or any successor system, and OHS has provided a report of this
purposes or activities within the scope routine use VV permitting the system of records to the Office of
of the EOIR contract. disclosure of information to facilitate Management and Budget and to
(R) (previously routine use Q) the deposit of monies into detainees' Congress.
Expanded scope to include sharing with accounts for telephone or commissary
services in a detention facility. System of Records
domestic courts and to clarify agencies
collecting the repayment of loans, or Finally, there have been changes Department of Homeland Security
fraudulently or erroneously secured regarding the retention period for some (DHS)/U.S. Immigration and
benefits. records. Retention periods h ave been Enforcement Operations (ICE)- 011
(V) (previously routine use U) added for records concerning paroled
SYSTEM NAME:
Expanded scope to include prosecutions aliens and fugitive aliens maintained in
and/or other law enforcement actions. certain ICE information systems. Also, DHS/ICE- 011 Criminal Arrest
(W) (previously routine use V) the fingerprints and photographs Records and Immigration Enforcement
Expanded scope to include sharing with collected using the booking application Records
federal, state, local, tribal, or territorial EID Arrest Guide for Law Enforcement SECURITY CLASSIFICATION :
law enforcement or correctional (EAGLE), previously known as Mobile Unclassified; Controlled Unclassified
agencies concerning individuals in ICE IDENT, originally were stored for up to
Information (CUI). The data may be
custody that are to be transferred to seven (7) days in the cache of an
retained on the classified networks, but
such agency's custody, in order to encrypted Government laptop or other
this does not change the nature and
coordinate th e transportation, custody, IT device. Now they are stored for up to
character of th e data until it is combined
and care of the individuals. fifty (50) days.
Consistent with DHS's information with classified inforniation.
(X) (previously routine use W)
Expanded scope to include sharing in sharing mission, information stored in SYSTEM LOCATION:
order to arrange other social services. the DHS/ICE-011 Criminal Arrest Records are maintained at DHS/ICE
(Y) (previously routine use X) Records and Immigration Enforcement information technology (IT) systems
Updated to replace ICE with DHS. Records may be shared with other DHS (e.g., the EID and the various ICE
(BB) (previously routine use CC) Components that have a need to know applications associated with it, Parole
Expanded the sharing of custodial the information to carry out their Case Tracking System (PCTS), Online
information to witnesses and national security, law enforcement, Detainee Locator System (DOLS),
in dividuals with a legal responsibility to immigration, intelligence, or other Electronic Travel Document (eTD)
act on behalf of or acting at the request homeland security functions. In System, the contractor-owned IT system
of a victim or witness, as well as addition, DHS/ICE may share supporting ICE's Alternatives to
external victim notification systems. information with appropriate federal, Detention (ATD) program) and
(CC) (previously routine use Y) Scope state, local, tribal, territorial, foreign, or associated electronic and paper files
is narrowed to exclude sharing in order international government agencies located at ICE Headquarters in
to place an immigration detainer on an consistent with the routine uses set Washington, DC, ICE field and attache
individual. Sharing in order to place a forth in this system of records notice. offices, contractor offices, an d detention
detainer is now covered by routine use Th is updated system will be included facilities operated by or on behalf of
DD. Additionally, this routine use in DHS's inventory ofrecord systems. ICE, or that otherwise house individuals
previously was used when ICE was arrested or detained by ICE. Records are
II. Priv acy Act
transferring an individual to another replicated from th e operational DHS/ICE
agency. It has been expanded to allow The Privacy Act embodies fair
IT systems and maintained on DHS
sharing during the course of transfer of information principles in a statu tory
unclassified and classified networks
custody of an individual either to or framework governing the means by
used for analysis and vetting.
from ICE's custody. which Federal Government agencies
(HH) (previously routine use BB) collect, maintain, use, and disseminate CATEGORIES OF INDIVIDUALS COVERED BY THE
Expanded scope to include sharing with individuals' records. The Privacy Act SYSTEM :
the attorney or guardian ad !item of an applies to information that is Categories of individuals covered by
individual's child for purposes of maintained in a "system ofrecords." A this system includ e (1) individuals
allowing the attorney/guardian to "system of records" is a group of any arrested, detained, or removed from the
identify th e location or status of the records under the control of an agency United States for criminal or
individual. from which information is retrieved by administrative violations of the
(KK) (previously routine use FF) the name of an individual or by some Immigration and Nationality Act, or
Expanded scope to includ e sharing with identifying number, symbol, or other individuals issued a Notice to Appear in
territorial government agencies or identifying particular assigned to the immigration court; (2) individuals who
entities or multinational governmental individual. In the Privacy Act, an are the subject of an immigration
agencies. It also expands the purposes of individual is defined to encompass U.S. detainer issued to another law
2020-ICLl-00023 1365
enforcement or custodial agency; (3) • Domestic and foreign criminal • Information related to prosecutorial
individuals arrested by ICE for history (e.g., arrest, charges, discretion determinations;
violations of criminal laws enforced by dispositions, and sentencing, • Property inventory and receipt;
ICE or DHS; (4) individuals who fail to corres_ponding dates, jurisdictions); • In formation related to disciplinary
leave the United States after receiving a • Physical Description (e.g., height, issues or grievances;
final order of removal, deportation, or weight, eye color, hair color, race, • Documents and video recordings
exclusion, or who fail to report to ICE ethnicity, identifying marks like scars, related to alleged misconduct and other
for removal after receiving notice to do tattoos, or birthmarks); incidents involving detainees; and
so (fugitive aliens); (5) individuals who • Biometric (i.e., fingerprints, • Other detention-related information
illegally re-enter the United States after voiceprints, iris images, photographs, (e.g., documentation of an allegation of
departing pursuant to an order of and DNA samples). DNA samples sexual abuse or assault, documentation
voluntary departure or being removed required by DOJ regulation (see 28 CFR of strip and body cavity searches,
from the United States (illegal re- part 28) are collected and sent to the documentation of reasons for
entrants); (6) individuals who request to FBI. DNA samples are not retained or segregation or oth er housing placement,
be removed at their own expense or are analyzed by DHS; and documentation of participation in the
eligible for voluntary removal from the • Information pertaining to ICE's orientation process).
United States pursmmt to sec. 250 of the collection of DNA samples, limited to Detention data for U.S. Marshals
Immigration and Nationality Act; (7) the date and time of a successful Service prisoners:
individuals who are granted parole into collection and confirmation from the • Full Name;
the United States under sec. 212(d)(5) of FBI that the sample was able to be • Date of birth;
the Immigration and Nationality Act sequenced. ICE does not receive or • Country of birth;
(parolees); (8) attorneys or maintain the results of the FBI's DNA • Identification numbers (e.g.,
representatives who represent analysis (i.e., DNA sequences). detainee, FBI, state);
Case-related data: • Book-in/book-out date and time;
individuals listed in the categories • Case number;
above; (9) other individuals whose and
• Record number; • Security classification.
information may be collected or • Case category;
obtained during the course of an Limited health information relevant to
• Charges brought and disposition; an individual's placement in an ICE
immigration enforcement or criminal • Case agent;
matter, such as witnesses, associates, detention facility or transportation
• Data initiated and completed; and
and relatives; (10) persons who post or • Other data describing an event requirements:
arrange bond for the release of an involving alleged violations of criminal • Medical alerts or general
or immigration law (i.e., location; date; information on physical disabilities or
individual from ICE detention, or
time; type of criminal or immigration other special needs or vulnerabilities to
receive custodial property of a detained
alien; and (11) prisoners of the U.S. law violations alleged; type of property facilitate placement in a facility or bed
Marshals Service held in ICE detention involved; use of violence, weapons, or that best accommodates these needs.
facilities. assault against DHS personnel or third Medical records about individuals in
parties; attempted escape; and other ICE custody (i.e., records relating to the
CATEGORIES OF RECORDS IN THE SYSTEM:
related information). diagnosis or treatment of individuals)
Biographic, biometric, descriptive, Information presented to or collected are maintained in DHS/ICE- 013 Alien
historical, and other identifying data, by ICE during immigration and law Medical Records System of Records.
including: enforcement proceedings or activities: Progress, status, and final result of
• Full Name; • Date of birth; removal, prosecution, and other DHS
• Alias(es); • Place of birth; processes and related appeals:
• A-Number; • Marital status; • Information relating to criminal
• Social Security number (SSN); • Education history; convictions;
• Date of birth; • Employment history; • Incarceration;
• Place of birth; • Travel history; and • Travel documents; and
• Nationality; • Other information derived from • Other information pertaining to the
• Fingerprint Identification Number affidavits, certificates, manifests, and actual removal of aliens from the United
(FIN); other documents. This data typically States.
• Federal Bureau of Investigation pertains to subjects, relatives, associates, Contact, biographical, and identifying
(FBI) number; and witnesses. data about Relatives, Attornevs or
• Other unique identifying numbers Detention data on aliens: Representatives, Associates ;,_. Witnesses
(e.g., federal, state, local and tribal • Immigration detainers issued; of an alien in proceedings initiated or
identification numbers); • Transportation information;
• Government-issued identification
conducted by DHS may include:
• Detention-related identification • Full Name;
(e.g., passport, drivers' license): numbers;
o Document type; • Date of birth;
• Detention facility; • Place of birth; and
o Issuing organization; • Security, risk, and custody
o Document number; • Contact or location information
classification;
o Expiration date; • Custody recommendation; (e.g., addresses, phone numbers,
• Visa information; • Flight risk indication; business, or agency name).
• Contact or location information • Book-in/book-out date and time; Data concerning personnel of other
(e.g., known or possible addresses, • Mandatory detention and criminal agencies that arrested, or assisted or
phone numbers); flags; participated in the arrest or
• Employment history; • Aggravated felon status; investigation of, or are maintaining
• Education history; • Other alerts; custody of an individual whose arrest
• Immigration history (e.g., • Information about an alien's release record is contained in this system of
citizenship/naturalization certificate from custody on bond, recognizance, or records may include:
number, removals, explanations); supervision; • Full Name;
2020-ICLl-00023 1366
Federal Register/Vol. 81, No. 202/Wednesday, October 19, 2016/Notices 72085
• Title; non-citizens) who commit violations of necessary and relevant to such audit or
• Contact or location information criminal laws enforced by ICE or DHS. oversight function.
(e.g., addresses, phone numbers, 3. To track the process and results of E. To appropriate agencies, entities,
business, or agency name); and administrative and criminal proceedings and persons when:
• Other information. against individuals who are alleged to 1. DHS suspects or has confirmed that
Data about persons who post or have violated the Immigration and the security or confidentiality of
arrange an immigration bond for the Nationality Act or other laws enforced information in the system ofrecords has
release of an individual from ICE by DHS. been compromised;
custody, or receive custodial property of 4. To support the grant or denial of 2. DHS has determined that as a result
an individual in ICE custody may parole, and tracking of individuals who of the suspected or confirmed
include: seek or receive parole into the United compromise, there is a risk of identity
• Full Name; States. theft or fraud, harm to economic or
• Address; 5. To provide criminal and property interests, harm to an
• Phone numbers; immigration history information during individual, or harm to the security or
• SSN; and DHS enforcement encounters, and to integrity of this system or other systems
• Other information. support background checks on or programs (whether maintained by
Recordings of detainee telephone calls applicants for DHS immigration benefits DHS or another agency or entity) that
when responding as part ofan (e.g., employment authorization and rely upon the compromised
alternative to detention program or of petitions). information; and
detainee calls made in detention 6. To identify potential criminal 3. The disclosure made to such
facilities. Information about these calls activity, immigration violations, and agencies, entities, and persons is
may include: threats to homeland security; to uphold reasonably necessary to assist in
• Date; and enforce the law; and to ensure connection with DHS' efforts to respond
• Time; public safety. to the suspected or confirmed
• Duration; and compromise and prevent, minimize, or
• Phone number called. (Note: ROUTINE USES OF RECORDS MAINTAINED IN THE remedy such harm.
Protected telephone calls, such as calls SYSTEM, INCLUDING CATEGORIES OF USERS AND F. To contractors and their agents,
THE PURPOSES OF SUCH USES: grantees, experts, consultants, and
with an attorney, are not recorded and
information about protected telephone In addition to those disclosures others performing or working on a
calls is not retained.) generally permitted under 5 U.S.C. contract, service, grant, cooperative
Information related to detainees' 552a(b) of the Privacy Act, all or a agreement, or other assignment for DHS,
accounts for telephone or commissary portion of the records or information when necessary to accomplish an
services in a detention facility. contained in this system may be agency function related to this system of
disclosed outside DHS as a routine use records. Individuals provided
AUTHORITY FOR MAINTENANCE OF THE SYSTEM: pursuant to 5 U.S.C. 552a(b)(3) as information under this routine use are
Authority for maintain this system is follows: subject to the same Privacy Act
in 8 U.S.C. 1103, 1225, 1226, 1324, A. To the Department of Justice (DOJ), requirements and limitations on
1357, 1360, and 1365(a)(b); Title 18, including Offices of the United States disclosure as are applicable to DHS
United States Code, Chapters 27, 77, 85, Attorneys, or other federal agency officers and employees.
95, 109A, 110, 113, and 117; Title 31, conducting litigation or in proceedings G. To an appropriate federal, state,
United States Code, Chapter 53, before any court, adjudicative, or local, tribal, territorial, international, or
Subchapter II; Title 50 Appendix, administrative body, when it is relevant foreign law enforcement agency or other
United States Code; The Tariff Act of or necessary to the litigation and one of appropriate authority charged with
1930; Justice for All Act of 2004 (Pub. the following is a party to the litigation investigating or prosecuting a violation,
L. 108-405); DNA Fingerprint Act of or has an interest in such litigation: enforcing, or implementing a law, rule,
2005 (Pub. L. 109-162); Adam Walsh 1. DHS or any component thereof; regulation, or order, when a record,
Child Protection and Safety Act of 2006 2. Any employee or former employee either on its face or in conjunction with
(Pub. L. 109- 248); and 28 CFR part 28, of DHS in his/her official capacity; other information, indicates a violation
"DNA-Sample Collection and Biological 3. Any employee or former employee or potential violation of law, which
Evidence Preservation in the Federal of DHS in his/her individual capacity includes criminal, civil, or regulatory
Jurisdiction;" DHS Delegation Number when DOJ or DHS has agreed to violations and such disclosure is proper
7030.2, Delegation of Authority to the represent the employee; or and consistent with the official duties of
Assistant Secretary for the Bureau of 4. The United States or any agency the person making the disclosure.
Immigration and Customs Enforcement thereof. H. To prospective claimants and their
and the Reorganization Plan B. To a congressional office from the attorneys for the purpose of negotiating
Modification for the Department of record of an individual in response to the settlement of an actual or
Homeland Security (January 30, 2003). an inquiry from that congressional office prospective claim against DHS or its
made at the request of the individual to current or former employees, in advance
PURPOSE{S): whom the record pertains. of the initiation of formal litigation or
The purposes of this system are: C. To the National Archives and proceedings.
1. To support the identification, Records Administration (NARA) or I. To federal, state, local, tribal,
arrest, charging, detention, and removal General Services Administration territorial, or foreign government
of individuals unlawfully entering or pursuant to records management agencies, as well as to other individuals
present in the United States in violation inspections being conducted under the and organizations during the course of
of the Immigration and Nationality Act, authority of 44 U.S.C. 2904 and 2906. an investigation by DHS or the
including fugitive aliens and illegal re- D. To an agency or organization for processing of a matter under DHS's
entrants. the purpose of performing audit or jurisdiction, or during a proceeding
2. To support the identification and oversight operations as authorized by within the purview of immigration and
arrest of individuals (both citizens and law, but only such information as is nationality laws, when DHS deems that
2020-ICLl-00023 1367
such disclosure is necessary to carry out information about aliens who are or may enforcement officers who may be
its functions and statutory mandates or be placed in removal proceedings so working on related law enforcement
to elicit information required by DHS to that EOIR may arrange for the provision matters.
carry out its functions and statutory of educational services to those aliens \IV. To the U.S. Marshals Service
mandates. under EOIR's Legal Orientation (USMS) concerning USMS prisoners
J. To federal, state, local, tribal, or Program, or for other purposes or that are or will be held in detention
territorial government agencies, or other activities within the scope of the EOIR facilities operated by or on behalf of
entities or individuals, or through contract. ICE, and to federal, state, local, tribal, or
established liaison channels to selected P. To disclose information to the DOJ territorial law enforcement or
foreign governments, in order to provide EOIR and to the Board of Immigration correctional agencies concerning
intelligence, counterintelligence, or Appeals, to the extent necessary to carry individuals in DHS custody that are to
other information for the purposes of out their authorized duties pertaining to be transferred to such agency's custody,
national security, intelligence, the adjudication of matters arising in order to coordinate the
counterintelligence, or antiterrorism under the INA. transportation, custody, and care of
activities authorized by U.S. law, E.O., Q. To attorneys or legal these individuals.
or other applicable national security representatives for the purpose of X. To third parties to facilitate
directive. facilitating group presentations to aliens placement or release of an individual
K. To federal and foreign government in detention that will provide the aliens (e.g., at a group home, homeless shelter)
intelligence or counterterrorism with information about their rights who has been or is about to be released
agencies or components when DHS under U.S. immigration law and from DHS custody but only such
becomes aware of an indication of a procedures. information that is relevant and
threat or potential threat to national or R. To federal, state, tribal, territorial, necessary to arrange housing,
international security, or when such or local government agencies or continuing medical care, or other social
disclosure is to support the conduct of domestic courts to assist such agencies services for the individual.
national intelligence and security in collecting the repayment of loans, or Y. To a domestic government agency
investigations or to assist in anti- fraudulently or erroneously secured or other appropriate authority for the
terrorism efforts. benefits, grants, or other debts owed to purpose of providing information about
L. To any federal agency to enable them or to the United States an individual who has been or is about
such agency to make determinations Government, or to obtain information to be released from DHS custody who,
regarding the payment. of federal that may assist DHS in collecting debts due to a condition such as mental
benefits to the record subject in owed to the United States Government. illness, may pose a health or safety risk
accordance with that agency's statutory S. To the Department of State in the to himself/herself or to the community.
responsibilities. processing of petitions or applications DHS will only disclose information
M. To foreign governments for the for benefits under the Immigration and about the individual that is relevant to
purpose of coordinating and conducting Nationality Act, and all other the health or safety risk they may pose
the removal of aliens from the United immigration and nationality laws and/or the means to mitigate that risk
States to other nations under the including treaties and reciprocal (e.g., the individual's need to remain on
Immigration and Nationality Act (INA); agreements; or when the Department of certain medication for a serious mental
and to international, foreign, State requires information to consider or health condition).
intergovernmental, and multinational provide an informed response to a Z. To a domestic law enforcement
agencies, authorities, and organizations request for information from a foreign, agency or other agency operating a sex
in accordance with law and formal or international, or intergovernmental offender registry for the purpose of
informal international arrangements. agency, authority, or organization about providing notice of an individual's
N. To family members and attorneys an alien or an enforcement operation release from DHS custody or removal
or other agents acting on behalf of an with transnational implications. from the United States, when the
alien in immigration or other legal T. To the Office of Management and individual is required to register as a sex
proceedings, to assist those individuals Budget (0MB) in connection with the offender, in order to assist those
in determining whether: (1) The alien review of private relief legislation as set agencies in updating sex offender
has been arrested by DHS for forth in 0MB Circular No. A- 19 at any registries and otherwise carrying out the
immigration violations; (2) the location stage of the legislative coordination and sex offender registration requirements
of the alien if in DHS custody; or (3) the clearance process as set forth in the within their jurisdictions.
alien has been removed from the United Circular. AA. To a domestic law enforcement
States, released from DHS custody, or U. To the U.S. Senate Committee on agency for the purpose of providing
transferred to the custody of another the Judiciary or the U.S. House of notice of an individual's release from
agency, provided however, that the Representatives Committee on the DHS custody or removal from the
requesting individuals are able to verify Judiciary when necessary to inform United States, when the individual has
the alien's date of birth or A-Number, or members of Congress about an alien a conviction(s) for a violent or serious
can otherwise present adequate who is being considered for private crime(s) and the agency receiving the
verification of a familial or agency immigration relief. notification has an interest in the
relationship with the alien, such as a V. To federal, state, local, territorial, individual due to: (1) A pending
Form G-514 or other proof of tribal, international, or foreign criminal, investigation or prosecution, (2) parole
representation in a legal proceeding civil, or regulatory law enforcement or other forms of supervision, or (3) the
(e.g., notice of appearance, court authorities when the information is individual's intended residence or
appointment). necessary for collaboration, location of release falling within the
0 . To the DOJ Executive Office of coordination and de-confliction of agency's jurisdiction.
Immigration Review (EOIR) or its investigative matters, prosecutions, and/ BB. To victims and witnesses
contractors, consultants, or others or other law enforcement actions to regarding custodial information, such as
performing or working on a contract for avoid duplicative or disruptive efforts transfer to another custodial agency or
EOIR, for the purpose of providing and to ensure the safety of law location, release on bond, order of
2020-ICLl-00023 1368
supervision, removal from the United loss of life or serious bodily injury, such 00. To federal, state, local, tribal,
States, or death in custody, about an as disclosure of custodial release territorial , or foreign governmental
individual who is the subject of a information to witnesses who have agencies; multilateral governmental
criminal or immigration investigation, received threats from individuals in organizations; or other public health
proceeding, or prosecution. This would custody. entities, for the purposes of protecting
also authorize disclosure of custodial JJ. To an individual or entity seeking the vital interests of a data subject or
information to individuals with a legal to post or arrange, or who has already other persons, including to assist such
responsibility to act on behalf of a posted or arranged, an immigration agencies or organizations during an
victim or witness (e.g., attorney, parent, bond for an alien to aid the individual epidemiological investigation, in
legal guardian) and individuals acting at or entity in (1) identifying the location facilitating continuity of care, in
the request of a victim or witness; as of the alien; (2) posting the bond; (3) preventing exposure to or transmission
well as external victim notification obtaining payments related to the bond; of a communicable or quarantinable
systems that make such information or (4) conducting other administrative disease of public health significance, or
available to victims and witnesses in or financial management activities to combat other significant public health
electronic form . related to the bond. threats.
CC. To the Federal Bureau of Prisons KK. To federal, state, local, tribal, PP. To foreign governments for the
(BOP) and other federal, state, local, territorial, or foreign government purpose of providing information about
territorial, tribal, and foreign law agencies or entities or multinational their citizens or permanent residents, or
enforcement or custodial agencies for governmental agencies when DHS family members thereof, during local or
the purpose of facilitating the transfer of desires to exchange relevant data for the national disasters or health emergencies.
custody of an individual to or from that purpose of developing, testing, or QQ. To a coroner for purposes of
agency. This will include the transfer of implementing new software or affirmatively identifying a deceased
information about unaccompanied technology whose purpose is related to individual (whether or not such
minor children to the U.S. Department this system of records. individual is deceased as a result of a
of Health and Human Services (HHS) to LL. Limited detainee biographical crime) or cause of death.
facilitate the custodial transfer of such information will be publicly disclosed RR. To a former employee of DHS for
children from DHS to HHS. via the ICE Online Detainee Locator purposes of responding to an official
DD. To DOJ and other law System or any successor system for the inquiry by federal, state, local, tribal, or
enforcement or custodial agencies to purpose of identifying whether a territorial government agencies or
facilitate payments and reporting under detainee is in ICE custody and the professional licensing authorities; or
the State Criminal Alien Assistance custodial location. facilitating communications with a
Program or similar programs. MM. To courts, magistrates, former employee that may be relevant
EE. To any law enforcement agency or administrative tribunals, opposing and necessary for personnel-related or
custodial agency (such as a jail or counsel, parties, and witnesses, in the other official purposes, when DHS
prison) to serve that agency with notice course of immigration, civil, or criminal requires information or consultation
of an immigration detainer, or to update proceedings (including discovery, assistance from the former employee
or remove a previously issued presentation of evidence, and settlement regarding a matter within that person's
immigration detainer, for an individual negotiations) and when DHS determines former area of responsibility.
who is believed to be in that agency's that use of such records is relevant and SS. To federal, state, local, tribal,
custody. necessary to the litigation before a court territorial, foreign, or international
FF. To DOJ, disclosure of DNA or adjudicative body when any of the agencies, if the information is relevant
samples and related information as following is a party to or have an and necessary to a requesting agency's
required by 28 CFR part 28. interest in the litigation: decision concerning the hiring or
GG. To DOJ, disclosure of arrest and 1. DHS or any component thereof; retention of an individual, or the
removal information for inclusion in 2. Any employee ofDHS in his/her issuance, grant, renewal, suspension or
relevant DOJ law enforcement databases official capacity; revocation of a security clearance,
and for use in the enforcement of federal 3. Any employee ofDHS in his/her license, contract, grant, or other benefit;
firearms laws (e.g., Brady Handgun individual capacity when DOJ or DHS or if the information is relevant and
Violence Prevention Act, as amended by has agreed to represent. the employee; or necessary to a DHS decision concerning
the NICS Improvement Amendments 4. The United States, when DHS the hiring or retention of an employee,
Act). determines that litigation is likely to the issuance of a security clearance, the
HH. To the attorney or guardian ad affect DHS or any of its components. reporting of an investigation of an
!item of an individual's child, or to NN. To federal, state, local, tribal, employee, the letting of a contract, or
federal, state, local, tribal, territorial, or territorial, international, or foreign the issuance of a license, grant or other
foreign governmental or quasi- government agencies or entities for the benefit.
governmental agencies or courts, to purpose of consulting with that agency TT. To a public or professional
confirm the location, custodial status, or entity: licensing organization when such
removal, or voluntary departure of an 1. To assist in making a determination information indicates, either by itself or
individual from the United States, in regarding redress for an individual in in combination with other information,
order to facilitate the recipients' connection with the operations of a DHS a violation or potential violation of
exercise of responsibilities pertaining to component or program; professional standards, or reflects on the
the custody, care, or legal rights 2. To verify the identity of an moral, educational, or professional
(including issuance of a U.S. passport) individual seeking redress in qualifications of licensed professionals
of the individual's children, or the connection with the operations of a DHS or those seeking to become licensed
adjudication or collection of child component or program; or professionals.
support payments or other similar debts 3. To verify the accuracy of UU. To an attorney or representative
owed by the individual. information submitted by an individual (as defined in 8 CFR 1 .2, 202.1,
II. To any person or entity to the who has requested such redress on 1001.l(f), or 1202.12) who is acting on
extent necessary to prevent immediate behalf of another individual. behalf of an individual covered by this
2020-ICLl-00023 1369
72088 Federal Register /Vol. 81, No. 202/Wednesday, October 19, 2016/Notices
system of records in connection with reason to believe that the recipient is or policies, including all applicable DHS
any proceeding before U.S. Citizenship could become the target of a particular automated systems security and access
and Immigration Services (USCIS), ICE, terrorist. activity or conspiracy, or when policies. Str ict controls have been
U.S. Customs and Border Protection the information is relevan t to th e imposed to minimize the risk of
(CBP), or the EOIR, as required by law protection of life, property, or other vital compromising th e information that is
or as deemed necessary in the discretion interests of a person. being stored. Access to the computer
of the Department. CCC. To clerks and judges of courts system containing the records in this
VV. To members of the public, with exercising naturalization jurisdiction for system is limited to those individuals
regard to disclosure of limited detainee the purpose of granting or revoking who have a need to know the
biographical information for the naturalization. information for th e performance of their
purpose of facilitating the deposit of DDD. To federal, state, local, tribal, official duties and wh o have appropriate
monies into detainees' accounts for territorial, foreign, or international clearances or permissions.
telephone or commissary services in a agencies, after discovery of such
detention facility. RETENTION AND DISPOSAL:
information, if DHS determines: (1) The
WW. To federal, state, local, tribal, or information is relevant and necessary to ICE retains records of arrests,
territorial government agencies seeking that agency's decision concerning the detentions, and removals in EID for one
to verify or ascertain the citizenship or hiring or retention of an individual, or hundred (100) years; records concerning
immigration status of any individual issuance of a security clearance, license, U.S. Marshals Service prisoners for ten
with in the jurisdiction of th e agency for contract, gran t, or other benefit; and (2) (10) years; fingerprints and photographs
any purpose authorized by law. Failure to disclose the information is collected using EAGLE application for
XX. To the Department of Justice likely to create a substantial risk to up to fifty (50) days in the cache of an
(including Offices of the United St.ates government facilities, equipment, or encrypted Governmen t laptop or other
Attorneys) or other federal agency personnel; sensitive information; critical IT device; Enforcement Integrated
conducting litigation or in proceedings infrastructure; or public safety. Database Data Mart (EID- DM),
before any court, adjudicative, or EEE. To the news media and the ENFORCE Alien Removal Module Data
administrative body, wh en necessary to p ublic, with the approval of the Chief Mart (EARM- DM), and ICE Integrated
assist in the development of such Privacy Officer in consultation with Decision Support (!IDS) records for
agency's legal and/or policy position. counsel, when there exists a legitimate seventy-five (75) years; user account
YY. To federal, st.ate, local, tribal, and management records (UAM) for ten (10)
territorial courts or government agencies public interest in the disclosure of the
information, wh en disclosure is years following an individual's
in volved in criminal in vestigation or separation of employment from federal
necessary to preserve confidence in th e
prosecution, pre-trial, sentencing, service; statistical records for ten (10)
integrity of DHS, or when disclosure is
parole, probation, bail bonds, or any years; audit files for fifteen (15) years;
necessary to demonstrate the
other aspect of the criminal justice and backup files for up to one (1)
account.ability of DHS's officers,
process, and to defense counsel month.
employees, or individuals covered by
representing an individual in a domestic ICE retain s records in the PCTS for 25
the system, except to the extent the
criminal proceeding, in order to ensure years from the termination of parole.
Chief Privacy Officer determines that
the integrity and efficiency of the The ODLS uses an extract of EID data
release of the specific information in the
criminal justice system by informing about current detainees and detainees
context of a particular case would
these recipients of the existence of an that were released during the last sixty
constitute an unwarranted invasion of
immigration detainer or the individual's (60) days. Records are retained in ODLS
personal privacy.
status in removal proceedings, for as long as they meet the extract
including removal or custodial status/ DISCLOSURE TO CONSUMER RE PORTING criteria. The eTD System stores travel
location. Disclosure of the individual's AGENCIES: documents for twenty (20) years. The
A-Number and country of birth is also None. ATD system's records are not yet the
authorized to facilitate these recipients' subject of a records schedule, however,
use of the ICE Online Detainee Locator POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
ICE is in the process of developin g one
System for th e purposes listed above. and will propose the records are
DISPOSING OF RECORDS IN THE SYSTEM:
ZZ. To a foreign government to notify retained for ten years from the end of
it concerning its citizens or residents STORAGE: the calendar year in which the alien is
who are incapacitated, an ICE may store information in case file removed from the ATD program.
unaccompanied minor, or deceased. fo lders, cabinets, safes, or a variety of
AAA. To family members, gu ardians, electronic or computer databases and SYSTEM MANAGER AND ADDRESS:
committees, friends, or other agents storage media. Executive Associate Director, Office of
identified by law or regulation to Homeland Security Investigations, U.S.
receive notification, decisions, and RETRIEVABILITY: Immigration & Customs Enforcemen t,
other papers as provided in 8 CFR 103.8 ICE may retrieve records by name, 500 12th Street SW., Wash ington, DC
from th e Department of Homeland biometric identifiers, identification 20536.
Security or Executive Office for numbers including, but not limited to,
Immigration Review following NOTIFICATION PROCEDURE:
A-Number, fingerprint identification
verification of a familial or agency number, SSN, case or record number if The Secretary of Homeland Security
relationship with an alien when DHS is applicable, case related data, or a has exempted this system from the
aware of indicia of incompetency or combination of other personal notification, access, and amendment
when an alien has been determined to identifiers including, but not limited to, procedures of the Privacy Act because it
be mentally incompetent by an date of birth, and nationality. is a law enforcement system. However,
immigration judge. ICE will consider in dividu al requests to
BBB. To an organization or person in SAFEGUARDS: determine wh eth er or not information
either the public or private sector, either ICE safeguards records in this system may be released. Thus, individuals
foreign or domestic, when there is a in accordance with applicable rules and seeking notification of and access to any
2020-ICLl-00023 1370
record contained in this system of is obtained from individuals covered by November 4, 2016, from 9 a.m.-3:30
records, or seeking to contest its this system, and other federal, state, p.m.
content, may submit a request in writing local, tribal, or foreign governments. ADDRESSES: Homeland Security, 1120
to ICE's Freedom of Information Act More specifically, DHS/ICE- 011 records
Vermont Ave. NW., 8th Floor,
(FOIA) Officer, whose contact derive from the following sources:
Washington, DC 20005.
information can be found at http:// (a) Individuals covered by the system
www.ice.gov/foia under "Contacts." and other individuals (e.g., witnesses, FOR FURTHER INFORMATION CONTACT:
When seeking records about yourself family members); Michel Kareis, HSSTAC Designated
from this system of records or any other (b) Other federal, state, local, tribal, or Federal Official, S&T IAO STOP 0205 ,
Departmental system of records your foreign governments and government Department of Homeland Security, 245
request must conform with the Privacy information systems; Murray Lane, Washington, DC 20528-
Act regulations set forth in 6 CFR part (c) Business records; 0205, 202- 254- 8778 (Office), 202- 254-
5. You must first verify your identity, (d) Evidence, contraband, and other 6176 (Fax) Michel.Kareis@hq.dhs.gov
meaning that you must provide your full seized material; and (Email).
name, current address, and date and (e) Public and commercial sources. SUPPLEMENTARY INFORMATION: Due to
place of birth. You must sign your EXEMPTIONS CLAIMED FOR THE SYSTEM: security requirements, screening pre-
request, and your signature must either registration is required for this event.
be notarized or submitted under 28 The Secretary of Homeland Security,
Please see the "REGISTRATION"
U.S.C. 1746, a law that permits pursuant to 5 U.S.C. 552a(j)(2), has
section below.
statements to be made under penalty of exempted this system from the
following provisions of the Privacy Act: The meeting may close early if the
perjury as a substitute for notarization. committee has completed its business.
While no specific form is required, you 5 U.S.C. 552a(c)(3), (c)(4); (d); (e)(l),
may obtain forms for this purpose from (e)(2), (e)(3), (e)(4)(G), (e)(4)(H), (e)(5), I. Background
the Chief Privacy Officer and Chief (e)(8); (f); and (g). Additionally, the
Secretary of Homeland Security, Notice of this meeting is given under
Freedom of lnformation Act Officer, the Federal Advisory Committee Act
http://www.dhs.gov!foia or 1- 866--431- pursuant to 5 U.S.C. 552a(k)(2), has
(FACA), 5 U.S.C. appendix (Pub. L. 92-
0486. In addition you should provide exempted this system of records from
the following provisions of the Privacy 463). The committee addresses areas of
the following: interest and importance to the Under
• Explain why you believe the Act: 5 U.S.C. 552a(c)(3); (d); (e)(l),
(e)(4)(G), (e)(4)(H); and (t). When a Secretary for Science and Technology
Department would have information on (S&T), such as new developments in
you; record received from another system has
been exempted in that source system systems engineering, cyber-security,
• Identify which component(s) of the knowledge management and hm,v best to
Department you believe may have the under 5 U.S.C. 552a(j)(2) or (k)(2), DHS
will claim the same exemptions for leverage related technologies funded by
information about you; other Federal agencies and by the
• Specify when you believe the those records that are claimed for the
original primary systems of records from private sector. It also advises the Under
records would have been created; and Secretary on policies, management
• Provide any other information that which they originated and claims any
additional exemptions set forth here. processes, and organizational constructs
will help the FOIA staff determine as needed.
which DHS component agency may Dated: October 5, 2016.
have responsive records. Jonathan R. Cantor, II. Registration
• If your request is seeking records Acting Chief Privacy Officer, Department of To pre-register for the virtual meeting
pertaining to another living individual, Homeland Security. (webinar) please send an email to:
you must include a statement from that [FR Doc. 2016-25197 Filed 10-18-16; 8:45 am] hsstac@hq.dhs.gov. The email should
individual certifying his/her agreement BILLING CODE 9111-28---P include the name(s), title, organization/
for you to access his/her records. affiliation, email address, and telephone
Without this bulleted information the number of those interested in attending.
component(s) may not be able to DEPARTMENT OF HOMELAND For information on services for
conduct an effective search, and your SECURITY individuals with disabilities or to
request may be denied due to lack of request special assistance at the
specificity or lack of compliance with [Docket No. DHS-2016-0084)
meeting, please contact Michel Kareis as
applicable regulations. Homeland Security Science and soon as possible.
In processing requests for access to If you plan to attend the meeting in-
Technology Advisory Committee
information in this system, DHS/ICE person you must RSVP by November 1,
will review not only the records in the AGENCY: Science and Technology 2016. To register, email hsstac@
operational system, but also the records Directorate, DHS. hq.dhs.gov with the following subject
that were replicated on the unclassified ACTION : Committee Management; Notice line: RSVP to HSSTAC Meeting. The
and classified networks, and based on of Federal Advisory Committee Meeting. email should include the name(s), title,
this notice provide appropriate access to organization/affiliation, email address,
the information. SUMMARY: The Homeland Security
and telephone number of those
Science and Technology Advisory interested in attending.
RECORD ACCESS PROCEDURES:
Committee (HSSTAC) will meet on
See "Notification procedure" above. November 3-4, 2016 in Washington, DC. III. Public Comment
CONTESTING RECORD PROCEDURES:
The meeting will be an open session At the end of each open session, there
with both in-person and webinar will be a period for oral statements.
See "Notification procedure" above. participation. Please note that the oral statement
RECORD SOURCE CATEGORIES: DATES: The HSSTAC will meet in- period may end before the time
Records in the system are supplied by person Thursday, November 3, 2016, indicated, following the last call for oral
several sources. In general, information from 10 a.m.-4:25 p.m. and Friday, statements. To register as a speaker,
2020-ICLl-00023 1371
From: ICE Privacy-General Mailbox
Se nt: 18 Apr 2018 17:35:14 +0000
To: l(b)(6 ): I
Subject: FW: Safeguarding Sensitive Personally Identifiable Information
Attachme nts: Fw: Safeguarding Sensitive Personally Identifiable Information
Will do. Please attached email.
!fh V R)·
Privacy Compliance Specialist
Direct: (202) 73 b )(6)
Main: (202) 73 b)(6):
From: l<b)(6 ) :
Se nt: Wednesday, April 18, 2018 1:27 PM
To: ICE Privacy-General Mailbox ~~(b-)-( 6_)_
: (-b-)(-7 )-(C
--
) --------~
Subject: Re: Safeguarding Sensitive Personally Identifiable Information
thanks, can you forward me the email and assign to me in POTS? I'll handle this one.

Sent: Wednesday, April 18, 2018 1:26:37 PM
To: Kb)(6); I
Subje ct: FW: Safeguarding Sensitive Personally Identifiable Information
This just came in from l~(b_)_(6_)_

; -~I from ERO. I am going to put it in POTS, and in the tracker.
!t h \ U::\ ·
Direct: (202) 732 ( b )(6 '
Main: (202) 732 b)(6
From:kh)(R)· fh)(7 )((;) I

Se nt: Wednesday, April 18, 2018 1:14 PM
To: ICE Privacy-General Mailbox -i(~~-)-(6-);-(-b)-(7-)-(C-)- - - - - - - - - ~
Subject: Fw: Safeguarding Sensitive Personally Identifiable Information
2020-ICLl-00023 1372
Good afternoon,
I'm an acting Unit Chief at Domestic Operations and we had a question about privacy issues and
PU or SPII as it relates to our High Profile Removal notifications and other
communication. These notifications are typically shared with government entities within DHS to
provide final notification that a high profile removal is imminent and the operation plan includes
specifics of the removal operation. The broadcast below from Mr. Albence raised some questions
about to whom these notices are sent and what we can have in the Subject line, etc ... I'm happy to
provide more background on the topic if you need to or if you need any additional information.
Thanks,
From: ERO Taskings

Sent: Tuesday, April 17, 2018 10:20 AM
Subject: Safeguarding Sensitive Personally Identifiable Information
The.following message is sent on behalfof Matthew T. Albence, Executive Associate Director

for Enforcement and Removal Operations:
To: All ERO Personnel
The purpose of this message is to remind all ERO employees of the importance of protecting
Sensitive Personally Identifiable Information (Sensitive PII).
In our mission to identify, arrest, and remove aliens that are a risk to public safety, ERO collects
Sensitive PII from aliens, citizens, legal residents and visitors, such as Names and Alien
Registration Numbers. We are obligated by law and DHS policy to protect this information to
prevent identity theft or other adverse consequences of a privacy incident or misuse of Sensitive
PU data.
The DHS Performance and Learning Management System (PALMS) offers a mandatory course
titled, "Privacy at DHS: Protecting Personal Information." This course is designed to raise
employee awareness of the importance of maintaining privacy in the workplace and sets out clear
methods for safeguarding Sensitive PII and for reporting any breach or loss of sensitive data.
2020-ICLl-00023 1373
All ERO employees are required to complete the PALMS course annually by September 30,
2018. Visit the PALMS home page a~(b)(?)(E) I In the interim, please take this
opportunity to review the attached DHS factsheet on how to properly collect, use, share and
dispose of Sensitive PII.
A few reminders:
• PII should not be included in the subject lines of email.
• When you send Sensitive PII in email to users with a need to know AND to a non-
dhs.gov account, DHS policy requires ICE employees and contractors to send
Sensitive PII in an encrypted or password protected attachment.
• When you send electronic files in the mail, DHS policy recommends any removable
media (e.g., CD, DVD) is password protected and it must be sent using a tracking number
or return receipt.
To obtain more detailed requirements and recommendations on the safe handling of PII,
download the "Handbook for Safeguarding Sensitive PII" at www.dhs.gov/privacy or contact the
ICE Office oflnformation Governance and Privacy at (202) 732l(b)(6); I
NOTICE: This communication may contain privileged or otherwise confidential information. If you arc not an intended recipient
or believe you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use this
information. Please infonn the sender that you received this message in error and delete the message from your system.
2020-ICLl-00023 1374
From: l(b)(6); (b)(?)(C)
Sent: 18 Apr 2018 17:14:23 +0000
To: ICE Privacy-General Mailbox
Attachments: How to Safeguard Sensitive PII.PDF
Good afternoon,
I'm an acting Unit Chief at Domestic Operations and we had a question about privacy
issues and PII or SPII as it relates to our High Profile Removal notifications and other
communication. These notifications are typically shared with government entities within
DHS to provide final notification that a high profile removal is imminent and the
operation plan includes specifics of the removal operation. The broadcast below from
Mr. Albence raised some questions about to whom these notices are sent and what we
can have in the Subject line, etc ... I'm happy to provide more background on the topic if
you need to or if you need any additional information.
Thanks,
From: ERO Taskings

The following message is sent on behalf of Matthew T. Albence, Executive Associate

Director for Enforcement and Removal Operations:
The purpose of this message is to remind all ERO employees of the importance of
protecting Sensitive Personally Identifiable Information (Sensitive PII).
In our mission to identify, arrest, and remove aliens that are a risk to public safety, ERO
collects Sensitive PII from aliens, citizens, legal residents and visitors, such as Names
and Alien Registration Numbers. We are obligated by law and DHS policy to protect this
information to prevent identity theft or other adverse consequences of a privacy incident
or misuse of Sensitive PII data.
The DHS Performance and Learning Management System (PALMS) offers a mandatory
course titled, "Privacy at DHS: Protecting Personal Information." This course is designed
to raise employee awareness of the importance of maintaining privacy in the workplace
2020-ICLl-00023 1375
and sets out clear methods for safeguarding Sensitive PII and for reporting any breach or
loss of sensitive data.
All ERO employees are required to complete the PALMS course annually by September
30, 2018. Visit the PALMS home page at kb)(7)(E) I In the interim, please
take this opportunity to review the attached DHS factsheet on how to properly collect,
use, share and dispose of Sensitive PII.
A few reminders:
• When you send Sensitive PII in email to users with a need to know AND to a
non-dhs.gov account, DHS policy requires ICE employees and contractors to
send Sensitive PII in an encrypted or password protected attachment.
• When you send electronic files in the mail, DHS policy recommends any
removable media (e.g., CD, DVD) is password protected and it must be sent using
a tracking number or return receipt.
download the "Handbook for Safeguarding Sensitive PII" at www.dhs. ov/ rivac or
contact the ICE Office oflnformation Governance and Privacy at (202) 732 (b)(6);
NOTICE: This communication may contain privileged or otherwise confidential information. If you are not an intended
recip ient or believe you have received this communication in error, please do not print, copy, retransmit, disseminate,
or otherwise use this information. Please infom1 the sender that you received th is message in error and delete the
message from your system.
2020-ICLl-00023 1376
The Privacy Office
Homeland U.S. Deparonent of Homeland Security

Security
HOW TO SAFEGUARD SENSITIVE PII
To protect the privacy of individuals, all DHS staff are required by law and DHS policy to proactively safeguard
Personally Identifiable Information (PII) when collecting, accessing, using, sharing, and destroying it. This
factsheet summarizes best practices and DHS policy requirements to prevent a privacy incident during the
information lifecycle, as detailed in the Handbook for Safeguarding Sensitive Pl/, available on the DHS website.
What is Sensitive PII?

Sensitive PII is PII, which, if lost, compromised, or disclosed without authorization, could result in substantial
harm, embarrassment, inconvenience, or unfairness to an individual. Examples include: Social Security
numbers, Alien Registration numbers, financial account numbers, and biometric identifiers (e.g., fingerprint,
iris scan). Other data elements such as citizenship or immigration status, account passwords, and medical
information, in conjunction with the identity of an individual, are also considered Sensitive PII. The context of
the PII may also determine its sensitivity, such as a list of employees with poor performance ratings.
COLLECTING, ACCESSING OR STORING SENSITIVE PII

• Before collecting or accessing Sensitive PII, confirm with your supervisor that you are authorized to do so.
Access is based on your having an official "need to know" the personal information for business purposes.
• Try to minimize the collection of Sensitive PII; use email addresses or case record numbers instead.
• Access it only via OHS-approved, encrypted media devices, kept locked and secured at all times while at
work, while teleworking, and in transit. Never share your username, password, or PIV card with anyone.
• Store Sensitive PII using technical safeguards and access controls to restrict access to staff with an official
" need to know."
USING SENSITIVE PII

• Secure your workspace in the office or while teleworking by protecting hard copy data, computers, IDs,
and badges.
• Don't leave Sensitive PII on printers, copiers, or fax machines.
• Obtain authorization from your supervisor before removing electronic or paper documents containing
Sensitive PII from the workplace.
SHARING SENSITIVE PII

• Do not share Sensitive PII with anyone outside of DHS before checking with your Component Privacy
Officer or Privacy Point of Contact, since several requirements must be met.
• Be wary of calls or emails from people posing as employees requesting Sensitive PII in your possession. Do
not provide it to anyone before confirming they have an official "need to know."
• Try to minimize the duplication and sharing of Sensitive PII in paper and electronic form, and redact when
possible before sharing.
2020-ICLl-00023 1377
DISSEMINATING SENSITIVE PII
• When mailing Sensitive PII externally, encrypt the data, if possible, and use a receipted delivery service
(i.e., Return Receipt, Certified or Registered mail) or a tracking service (e.g., "Track & Return") to ensure
secure delivery is made to the appropriate recipient.
• When emailing Sensitive PII:

• Externally: Never email Sensitive PII to or from a personal email account. In fact, never use your
personal email to conduct official business. l(b)(?)(E) I
b)(?)(E)
DISPOSING OF SENSITIVE PII
Sensitive PII, including that found in archived emails, must be disposed of when no longer required, consistent
with the applicable records retention schedule. If destruction is required, take the following steps:
• Printed material must be destroyed using an approved cross-cut shredder or burn bag, or secured in a
locked and properly-marked bin.
• Portable electronic devices and computers containing Sensitive PII must be sanitized according to your
Information System Security Manager's standards when no longer needed.
REPORTING A PRIVACY INCIDENT
You must report all privacy incidents immediately, whether suspected or confirmed, to your Component Help
Desk, Security Operations Center, Privacy Officer or Privacy Point of Contact, or to the DHS Privacy Office at
the phone number or email below.
FOR MORE INFORMATION

For more detailed guidelines on the safe handling of Sensitive PII, download the Handbook for Safeguarding
Sensitive Pl/ available on the DHS website below. Additional factsheets can be found here too.
Questions? Contact the DHS Privacy Office:
• PHONE: 202-343l(b)(6); I
• E-MAIL: (b)(6); (b)(?)(C)
• WEB:
OCTOBER 2017
2020-ICLl-00023 1378
From: Kb)(6); (b)(7)(C) I
Sent: 6 Nov 2018 14:33:35 +0000
To: (b)(6); (b)(7)(C)
Cc:
Subject: Information Sharing Disclosures~ Waiver
Attachments: g-28.pdf, g-639.pd.pdf, HIPAA and Privacy Act Waiver.doc
Good Morning ~(b)(6);

Cindy mentioned that you inquired about a waiver for information sharing. Depending on the
circumstances, the attached forms are acceptable when authorizing disclosures:
• USCIS Form G-639, Freedom oflnformation/Privacy Act Request

• DHS Form G-28, Notice of Entry of Appearance as Attorney or Accredited
Representative
• HIPAA and Privacy Act Waiver
I hope this is helpful. Please let me know if you have any questions or require assistance. Thank
you
Kind regards,
l(b)(6); (b)(7)(C) I
Privacy Analyst
CBP Detail to ICE Privacy Office
(202) 341~(b)(6)1Mobile
Questions? Please visit our website af~b_)(_7_)(_E_) - - - - - - - - - - - - - - ~
2020-ICLl-00023 1379
Notice of Entry of Appearance DHS
as Attorney or Accredited Representative Form G-28
0MB No. 1615-0105
Department of Homeland Security Expires 03/31/2018
Part 1. Information About Attorney or Part 2. Notice of Appearance as Attorney or

Accredited Representative Accredited Representative
1. USCIS ELIS Account Number (if any ) This appearance relates to immjgration matters before
(Select only one box):
•I I I I
l.a. 0 USCIS
Name and Address of Attorney or Accredited
l .b. List the form numbers
Representative
2.a. Family Name
(Last Name)
2.a. 0 ICE
2.b. Given Name
(First Name) 2.b. List the specific matter in which appearance is entered
2.c. Middle Name
3.a. Street Number 3.a. 0 CBP

and Name
3.b. Apt.
• Ste.
• Fir.
• 3.b. List the specific matter in which appearance is entered
3.c. City or Town

I enter my appearance as attorney or accredited representative at
3.d. StateLJ 3.e. ZIP Code the request of:
4. Select only one box:
3.f. Province
D Applicant D Petitioner D Requestor
3.g. Postal Code 0 Respondent (ICE, CBP)
3.h. Country
Information About Applicant, Petitioner,
Requestor, or Respondent
4. Daytime Telephone Number
5.a. Famjly Name
(Last Name)
5.b. Given Name
5. Fax Number (First Name)
5.c. Middle Name
6. E-Mail Address (if any)
6. Name of Company or Organization (if applicable)
7. Mobile Telephone Number (if any)
Form G-28 05/05/16 Y Page I of 4

2020-ICLl-00023 1380
Part 2. Notice of Appearance as Attorney or Part 3. Eligibility Information for Attorney or
Accredited Representative (continued) Accredited Representative
Information About Applicant, Petitioner, Select all applicable items.
Requestor, or Respondent (continued) I.a. D I am an attorney eligible to practice law in, and a
7. USCIS ELIS Account Number (if any) member in good standing of, the bar of the highest
courts of the following states, possessions, territories,
•I I I I I commonwealths, or the District of Columbia. (If you
8. Alien Registration Number (A-Number) or Receipt Number need additional space, use Part 6.)
Licensing Authority
9. Daytime Te lephone Number

I.b. Bar Number (if applicable)
10. Mobile Telephone Number (if any)

I.e. Name of Law Firm
11. E-Mail Address (if cmy)

l.d. I (choose one) D am not D am
subject to any order of any court or administrative agency
Mailing Address of Applicant, Petitioner, disbarring, suspending, enjoining, restraining, or otherwise
Requestor, or Respondent restricting me in the practice of law. If you are subject to
any orders, explain in the space below. (If you need
NOTE: Provide the mailing address of the applicant, petitioner, additional space, use Part 6.)
requestor, or respondent. Do not provide the business mailing
address of the attorney or accredited representative unless it
serves as the safe mailing address on the application, petition, or 2.a. D I am an accredited representative of the following
request being fi led with this Form G-28. qualified nonprofit religious, charitable, social
12.a. Street Number
service, or similar organization established in the
and Name United States, so recognized by the Department of
Justice, Board oflmmigration Appeals, in accordance
12.b. Apt. 0 Ste. 0 Fir. 0 with 8 CFR 292.2. Provide the name of the
organization and the expiration date of accreditation.
12.c. City or Town
2.b. Name of Recognized Organization
12.d. State LJ 12.e. ZIP Code ~'- - - - - - - ~
12.f. Province 2.c. Date accreditatio n expires
12.g. Postal Code

(mm/ddlyyyy) • ~'------~
12.h. Country
Form G-28 05/05/16 Y Page 2 of 4

2020-ICLl-00023 1381
Part 3. Eligibility Information for Attorney or If you do not want to receive original notices or secure
identity documents directly, but would rather have such
Accredited Representative (continued)
notices and documents sent to your attorney of record or
3. D I am associated with accredited representative, please select all applicable
boxes below:
the attorney or accredited representative ofrecord 2.a D I request DHS send any notice (including Form I-94)
who previously filed Form G-28 in this case, and my on an application, petition, or request to the U.S.
appearance as an attorney or accredited representative business address of my attorney of record or
is at his or her request. accredited representative as listed in this form. I
understand that I may change this election at any
NOTE: If you select this item, also complete Item
future date through written notice to DHS.
Numbers 1.a. - l.b. or Item Numbers 2.a. - 2.c. in
Part 3. (whichever is appropriate). 2.b. D I request that OHS send any secure identity document,
such as a Permanent Resident Card, Employment
4.a. D I am a law student or law graduate working under the Authorization Document, or Travel Document, that I am
direct supervision of the attorney or accredited approved to receive and authorized to possess, to the
representative of record on this form in accordance U.S. business address of my attorney of record or
with the requirements in 8 CFR 292.l(a)(2)(iv). accredited representative as listed in this fonn or to a
designated military or diplomatic address for pickup in a
4.b. Name of Law Student or Law Graduate foreign country (if permitted). I consent to having my
secure identity document sent to my attorney of record
or accredited representative's U.S. business address and
understand that I may request, at any future date and
through written notice to DHS, that DHS send any
Part 4. Applicant, Petitioner, Requestor, or secure identity document to me directly.
Respondent Consent to Representation, Contact
Information, and Signature
Consent to Representation and Release of Informati.on

1. I have requested the representation of and consented to
being represented by the attorney or accredited
..
3.a. Signature of Applicant, Petitioner, Requester, or
Respondent
3.b. Date of Signature (111111/ddly yyy) •

representative named in Part 1. of this form. According
to the Privacy Act of 1974 and DHS policy, I also consent Part 5. Signature of Attorney or Accredited
to the disclosure to the named attorney or accredited Representative
representative of any record pertaining to me that appears
in any system of records of USCIS, ICE or CBP.
I have read and understand the regulations and conditions
contained in 8 CFR 103.2 and 292 governing appearances and
When you (the applicant, petitioner, requester, or representation before the Department of Homeland Security.
respondent) are represented, DHS will send notices to both I declare under penalty of perjury under the laws of the United
you and your attorney or accredited representative either States that the information I have provided on this form is true
through mail or electronic delivery. and correct.
DHS will also send the Form 1-94, Arrival Departure 1. Signature of Attorney or Accredited Representative
Record, to you unless you select Item Number 2.a. in
Part 4. AU secure identity documents and Travel
Documents will be sent to you (the applicant, petitioner, 2. Signature of Law Student or Law Graduate
requester, or respondent) at your U.S. mailing address
unless you ask us to send your secure identity documents
to your attorney of record or accredited representative.
3. Date of Signature (mm/dd/yyyy) • I. . ________,
Form G-28 05/05/16 Y Page 3 of 4

2020-ICLl-00023 1382
!Part 6. Additional Information
Use the space provided below to provide additional information
pertaining to Part 3., Item Numbers I.a. - 1.d. or to provide
your U.S. business address for purposes ofreceiving secure
identity documents for your client (if your client has consented
to your receipt of such documents under Part 4.)
Form G-28 05/05/16 Y Page 4 of 4

2020-ICLl-00023 1383
Freedom of Information/Privacy Act Request USCIS
Form G-639
Department of Homeland Security 0MB No. 1615-0102
U.S. Citizenship and Immigration Services Expires 04/30/2020
NOTE: Use of this form is optional. USCIS accepts any written request, regardless of format, provided that the request complies
with the applicable requirements under the FOIA and the Privacy Act.
• START HE RE - Type or print in black ink.

IPart 1. Type of Request Requestor's Contact Information
Select only one box. 4. Requestor's Daytime Telephone Number
NOTE: If you are filing this request on behalf of another

individual, respond as it would apply to that individual.
5. Requestor's Mobile Telephone Number (if any)
1.a. D Freedom ofln formation Act (FOIA)/Privacy Act (PA)
1.b. D Amendment of Record (PA only)
6. Requestor's Email Address (if any)
!Part 2. Requestor Information

1. Are you the S ubject of Record for this request? Requestor's Certification
• Yes • No By my signature, I consent to pay all costs incurred for search,
duplication, and review of documents up to $25. (See Form
If you answered "No" to Item Number 1., provide the
G-639 Instructions for more information.)
information requested in Part 2. If you answered "Yes" to
Item Number 1., skip to Part 3. 7.a. Requestor's Signature
Requestor's Full Name

2.a. Family Name
•
7.b. Date of S ignature (mm/dd/yyyy) ~ I - - - - - - - ~
(Last Name)
2.b. Given Name
(First Name)
IPart 3. Description of Records Requested
2.c. Middle Name NOTE: While you are not required to respond to every item in
Part 3., failure to provide complete and specific information
may delay processing of your request or create an inability for
Requestor's Mailing Address U.S. Citizenship and Immigration Services (USCIS) to locate
the records or information requested.
3.a. In Care Of Name (if any)
l. Purpose (Optional: You are not required to state the
purpose of your request. However, providing this
3.b. Street Number information may assist USCJS in locating the records
and Name needed to respo nd to your request.)
3.c. 0 Apt.
• Ste. • Fir.
3.d. City or Town
3.e. State L J 3.1'. ZIP Code I
3.g. Province
Full Name of the Subject of Record
3.h. Postal Code
2.a. Family Name
3.i. Country (Last Name)
2.b. G iven Name
(First Name)
2.c. Middle N ame
Form G-639 04/17/ 17 N Page 1 of 4

2020-ICLl-00023 1384
Part 3. Description of Records Requested Family M ember 2
(continued) l l.a. Family Name
(Last Name)
Other Names Used by the Subject of Record (if any) l l.b. Given Name
(First Name)
Provide all other names you have ever used, including aliases,
maiden name, and nicknames. If you need extra space to 11.c. Middle Name
complete this section, use the space provided in Part 5.
Additional Information.
12. Relationship
3.a. Family Name

(Last Name)
3.b. Given Name Parents ' Names for the Subject of Record
(First Name)
Father
3.c. Middle Name
13.a. Family Name
(Last Name)
Full Name of the Subject of Record at Time of 13.b. Given Name
Entry into the United States (First Name)
4.a. Family Name 13.c. Middle Name

(Last Name)
4.b. Given Name Mother
(First Name)
14.a. Family Name
4.c. Middle Name (Last Name)
14.b. Given Name
(First Name)
Other Information About the Subject of Record
14.c. Middle Name
5. Form I-94 Number Arrival-Departure Record
• 14.d. Maiden Name (if applicable)
6. Alien Registration Number (A-Number) (if any)

• A- I
15. Description of Records Sought.
Provide a description of the records you are seeking. If
7. USCIS Online Account Number (if any)
you need additional space, use the space provided in Part
• ~-------------~
1 5. Additional Information.
8. Application, Petition, or Request Receipt Number

•
Information About Family Members that May
Appear on Requested Records
For example, provide the requested information about a spouse Part 4. Verification of Identity and Subject of
or children. If you need extra space to complete this section,
Record Consent
use the space provided in Part 5. Additional Information.
N OTE: Complete all applicable Item Numbers . In addition,
Family M ember 1
the Subject of Record M UST sign Part 4. of this request.
9.a. Family Name
(Last Name)
Full Name of the Subject of Record
9.b. Given Name
(First Name) I.a. Family Name
(Last Name)
9.c. Middle Name
1.b. Given Name
10. Relationship (First Name)
I.e. M iddle Name
Form G-639 04/ 17/ 17 N Page 2 of 4

2020-ICLl-00023 1385
Part 4. Verification of Identity and Subject of Signature and Notarized Affidavit or Declaration
Record Consent (continued) of the Subject of Record
Mailing Address for the Subject of Record Select only one box.
NOTE: The Subject of Record MUST provide a signature in
2.a. In Care Of Name (if any)
Item Number 8.a. Notarized Affidavit of Identity OR Item
Number 8.b. Declaration Under Penalty of Perjury. If the
Subject of Record is deceased, read Item Number 8.c.
2.b. Street Number
and Name Deceased Subject of Record and attach proof of death.
D
2.c. 0 Apt.
• Ste.
• Fir. 8.a. Notarized Affidavit of Identity
(Do NOT sign and date below until the notary public
2.d. City or Town provides instructions to you.)
2.e. StateLJ 2.f. ZIP Code I By my signature, I consent to USCIS releasing the
requested records to the requestor (if applicable)
2.g. Province named in Part 2. I also consent to pay all costs
incurred for search, duplication, and review of
2.h. Postal Code documents up to $25 (if filing this request for myselt).
2.i. Country
Signature of Subject of Record
Other Information for the Subj ect of Record Date of Signature (mm/dd/yyyy)
3. Date of Birth (mm/dd/yyyy)

Subscribed and sworn to before me on this ----
4. Country of Birth
day of _ _ _ _ _ __ in the year _ _ __
Daytime Telephone Number _ _ _ _ _ _ _ __

Contact Information for the Subject of Record
Providing this information is optional. Signature of Notary
5. Daytime Telephone Number
My Commission Expires on (mm/dd/yyyy)
6. Mobile Telephone Number (if any) 8.b. D Declaration Under Penalty of Perjury
By my signature, I consent to USCIS releasing the
requested records to the requestor (if applicable)
7. Email Address (if any)
named in Part 2. I also consent to pay all costs
incurred for search, duplication, and review of
documents up to $25 (if filing this request for myself) .
I ce1tify, swear, or affirm, under penalty of perjury
under the laws of the United States of America, that
the information in this request is complete, true, and
correct.
Signature of Subject of Record
Date of Signature (mm/dd/yyyy)

8.c. Deceased Subject of Record
(NOTE: You MUST attach an obituary, death certificate,
or other proof of death.)
FormG-639 04/17/ 17 N Page3of4

2020-ICLl-00023 1386
!Part 5. Additional Information S.a. Page Number S.b. Part Number S.c. Item Number
If you need extra space to provide any additional information I I

within this request, use the space below. If you need more S.d.
space than what is provided, you may make copies of this page
to complete and file with your request or attach a separate sheet
of paper. Type or print the name of the Subject of Record and
his or her A-Number (if any) at the top of each sheet; indicate
the Page Number, Part Number, and Item Number to which
the information refers; and sign and date each sheet.
l.a. Family Name
(Last Name)
1.b. Given Name
(First Name)
1.c. Middle Name
2. Alien Registration Number (A-Number) (if any)

• A-
3.a. Page Number 3.b. Part Number 3.c. Item Number
I I I I I
3.d.
I I
6.d.
I I
4.d.
Form G-639 04/17/ 17 N Page 4 of 4

2020-ICLl-00023 1387
AUTHORIZATION TO PROVIDE ACCESS TO MEDICAL INFORMATION
I, _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ __ , hereby authorize
[Medical Provider's Name] to disclose my
medical information, including but not limited to: diagnosis and patient history, office
notes, test results, consults, billing records, insurance records, to U.S. Customs and
Border Protection (CBP), Department of Homeland Security, or any person who is
authorized by CBP, relating to my treatment at the above-referenced medical provider,
during the dates of _ _ _ _ _ _ _ _ _ _ _. I understand that this medical
information is needed in connection with an investigation into my prior sick leave
requests.
By executing this authorization I knowingly and willfully waive the protections of the
Privacy Act and the Health Insurance Portability and Accountability Act of 1996
(HIP AA) with regard to communications with the medical provider specified herein for
the purposes set fo1ih above.
A photocopy of this authorization shall be considered as effective and valid as the

original.
[Employee's Name]
[Employee's Signature]
[Employee's Date of Birth]
Date:
---------------
2020-ICLl-00023 1388
Sent: 18 Apr 2018 17:26:37 +0000
To: l(b)(6); (b)(7)(C)I
Subject: FW: Safeguarding Sensitive Personally Identifiable Information
Attachments: How to Safeguard Sensitive PII.PDF
This just came in from rom ERO. I am going to put it in POTS, and in the tracker.
!fb)(6): (b)(7)(C)!
Direct: (202) 732 b )(6 )
Main: (202) 73 (b)(6);
From: l(b)(6); (b)(7)(C)

Sent: Wednesday, April 18, 2018 1:14 PM
To: ICE Privacy-General Mailbox <j....
(b-)-(6-);- (-b)-(7-)-(C_)_ _ _ _ _ _ _ _ _ ___,
Good afternoon,
I'm an acting Unit Chief at Domestic Operations and we had a question about privacy issues and
PU or SPII as it relates to our High Profile Removal notifications and other
communication. These notifications are typically shared with government entities within DHS to
provide final notification that a high profile removal is imminent and the operation plan includes
specifics of the removal operation. The broadcast below from Mr. Albence raised some questions
about to whom these notices are sent and what we can have in the Subject line, etc ... I'm happy to
provide more background on the topic if you need to or if you need any additional information.
Thanks,
From: ERO Taskings

2020-IC Ll-00023 1389

The following message is sent on behalfofMatthew T. Albence, Executive Associate Director
for Enforcement and Removal Operations:
The purpose of this message is to remind all ERO employees of the importance of protecting
Sensitive Personally Identifiable Information (Sensitive PII).
In our mission to identify, arrest, and remove aliens that are a risk to public safety, ERO collects
Sensitive PII from aliens, citizens, legal residents and visitors, such as Names and Alien
Registration Numbers. We are obligated by law and OHS policy to protect this information to
prevent identity theft or other adverse consequences of a privacy incident or misuse of Sensitive
PII data.
The DHS Performance and Leaming Management System (PALMS) offers a mandatory course
titled, "Privacy at OHS: Protecting Personal Information." This course is designed to raise
employee awareness of the importance of maintaining privacy in the workplace and sets out clear
methods for safeguarding Sensitive PII and for reporting any breach or loss of sensitive data.
All ERO employees are required to complete the PALMS course annually by September 30,
2018. Visit the PALMS home page at~b)(7)(E) I
In the interim, please take this
opportunity to review the attached DH factsheet on how to properly collect, use, share and
dispose of Sensitive PII.
A few reminders:
• When you send Sensitive PII in email to users with a need to know AND to a non-
dhs.gov account, DHS policy requires ICE employees and contractors to send
Sensitive PII in an encrypted or password protected attachment.
• When you send electronic files in the mail, DHS policy recommends any removable
media (e.g., CD, DVD) is password protected and it must be sent using a tracking number
or return receipt.
download the "Handbook for Safeguarding Sensitive PII" at www.dhs.gov/privacy or contact the
ICE Office oflnformation Governance and Privacy at (202) 732-3300.
NOTICE: This communication may contain privileged or otherwise confidential information. If you are not an intended recipient
or believe you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use this
information. Please inform the sender that you received this message in error and delete the message from your system.
2020-ICLl-00023 1390
The Privacy Office
Homeland U.S. Deparonent of Homeland Security

Security
HOW TO SAFEGUARD SENSITIVE PII
To protect the privacy of individuals, all DHS staff are required by law and DHS policy to proactively safeguard
Personally Identifiable Information (PII) when collecting, accessing, using, sharing, and destroying it. This
factsheet summarizes best practices and DHS policy requirements to prevent a privacy incident during the
information lifecycle, as detailed in the Handbook for Safeguarding Sensitive Pl/, available on the DHS website.
What is Sensitive PII?

Sensitive PII is PII, which, if lost, compromised, or disclosed without authorization, could result in substantial
harm, embarrassment, inconvenience, or unfairness to an individual. Examples include: Social Security
numbers, Alien Registration numbers, financial account numbers, and biometric identifiers (e.g., fingerprint,
iris scan). Other data elements such as citizenship or immigration status, account passwords, and medical
information, in conjunction with the identity of an individual, are also considered Sensitive PII. The context of
the PII may also determine its sensitivity, such as a list of employees with poor performance ratings.
COLLECTING, ACCESSING OR STORING SENSITIVE PII

• Before collecting or accessing Sensitive PII, confirm with your supervisor that you are authorized to do so.
Access is based on your having an official "need to know" the personal information for business purposes.
• Try to minimize the collection of Sensitive PII; use email addresses or case record numbers instead.
• Access it only via OHS-approved, encrypted media devices, kept locked and secured at all times while at
work, while teleworking, and in transit. Never share your username, password, or PIV card with anyone.
• Store Sensitive PII using technical safeguards and access controls to restrict access to staff with an official
" need to know."
USING SENSITIVE PII

• Secure your workspace in the office or while teleworking by protecting hard copy data, computers, IDs,
and badges.
• Don't leave Sensitive PII on printers, copiers, or fax machines.
• Obtain authorization from your supervisor before removing electronic or paper documents containing
Sensitive PII from the workplace.
SHARING SENSITIVE PII

• Do not share Sensitive PII with anyone outside of DHS before checking with your Component Privacy
Officer or Privacy Point of Contact, since several requirements must be met.
• Be wary of calls or emails from people posing as employees requesting Sensitive PII in your possession. Do
not provide it to anyone before confirming they have an official "need to know."
• Try to minimize the duplication and sharing of Sensitive PII in paper and electronic form, and redact when
possible before sharing.
2020-ICLl-00023 1391
DISSEMINATING SENSITIVE PII
• When mailing Sensitive PII externally, encrypt the data, if possible, and use a receipted delivery service
(i.e., Return Receipt, Certified or Registered mail) or a tracking service (e.g., "Track & Return") to ensure
secure delivery is made to the appropriate recipient.
• When emailing Sensitive PII:

• Externally: Never email Sensitive PII to or from a personal email account. In fact, never use your
personal email to conduct official business. Email Sensitive PII within an encrypted or password-
protected attachment using WinZip or Adobe Acrobat, and provide the password separately by phone
or email. Email only to individuals with an official "need to know."
• Internally: We strongly recommend that you redact, password- protect, or encrypt Sensitive PII
emailed internally, especially when emailing to distribution lists. Some Components may require
internal encryption.
DISPOSING OF SENSITIVE PII
Sensitive PII, including that found in archived emails, must be disposed of when no longer required, consistent
with the applicable records retention schedule. If destruction is required, take the following steps:
• Printed material must be destroyed using an approved cross-cut shredder or burn bag, or secured in a
locked and properly-marked bin.
• Portable electronic devices and computers containing Sensitive PII must be sanitized according to your
Information System Security Manager's standards when no longer needed.
REPORTING A PRIVACY INCIDENT
You must report all privacy incidents immediately, whether suspected or confirmed, to your Component Help
Desk, Security Operations Center, Privacy Officer or Privacy Point of Contact, or to the DHS Privacy Office at
the phone number or email below.
FOR MORE INFORMATION

For more detailed guidelines on the safe handling of Sensitive PII, download the Handbook for Safeguarding
Sensitive Pl/ available on the DHS website below. Additional factsheets can be found here too.
Questions? Contact the DHS Privacy Office:
• PHONE:
• E-MAIL:
• WEB:
OCTOBER 2017
2020-ICLl-00023 1392
From: kb)(6); (b)(7)(C)
Sent: 22 May 2018 14:09:43 +0000
To: l(b )(6); (b )(7)(C)
Cc:
Subject: Question regarding Test Fingerprints in EAGLE
Good Momin~ (b)(6);
b)(5)
Thank you,
rb)(6); (b)(7)(C)
Project Manager (EARM & EAGLE)

ICE-ERO-Field Operations
Law Enforcement Systems & Analysis
202-73 b)(6); (o)
202-27 b)(?)( (m)
\
From: Rapp, Marc A

Sent: Monday, May 21, 2018 2:49 PM
To~(b)(6); (b)(7)(C)
Cc:1
~------------------------------~
Subject: RE: Test Prints EAGLE
Thank you all.
Marc A. Rapp
DHS/ICE US Embassy Rome, Italy
(b)(6); (b)(7)(C)
+39 33 (b)(6);
From~(b)(6): (b)(7)(C)
Date: Monday, May 21, 2018, 8:44 PM
To: Rapp, Marc A i(b)(6): (b)(7)(C)
Cc: l(b)(6): (b)(7)(C)
Subject: FW: Test Prints EAGLE
2020-ICLl-00023 1393
Good Afternoon Marc,
Thank you for providing clarity. Per ou r discussionfb)(6); ~ nd I will work through this request and
provide feedback prior to Friday.
Thank you,
l(b)(6); (b)(7)(C)

202-732 (b)(6) (o)
202-276 ~h \f 7 \ (m)
From: Kb)(6); (b)(7)(C)

Sent: Monday, May 21, 2018 2:10 PM
To:l(b)(6); (b)(7)(C)
Cc: ....._ _ _ _ _ _ _ _ _ _ _ _ _ _ ____.
W ill do.
Thank you,
~b)(6); (b)(7)(C)

202-732j(b)(61(o)
202-276 ); (m)
From:Kb)(6); (b)(7)(C) I
Sent: M onday, May 21, 2018 11:51 AM
2020-ICLl-00023 1394
Tot b)(6); (b)(?)(C)
Cc:I
~-------------------------~
Subject: FW: Test Prints EAGLE
l(b)(6); (b)(?)(C) I
kh)fn)- !needs some help obtaining sample prints from EAGLE ""kb""')"'"'
(7....;.)""'
(E=)_ _ _ _ _ _ _ _ _ ___.I Can
you work with the team to obtain?
Thank you,
(b)(6); (b)(7)(C)
Office
Mobile
''The definition ofinsanity is doing the same thing over and over again, but expecting different results".
Unknown
Warning: Thi.s document is UNCLASSfflED//FOR OFFICIAL USE ONLY (U//FOUO). It contains information that may be exempt from public release under the Freedom of
Information Act (5 U.S.C. 552). II is to be controlled, stored, handled, transmitted, distributed, and disposed of in accordance with OHS policy relating to FOUO information and is
not to be released to the public or other perSonnel who do not ba,·e a \':JUd 11 need-to-k.now11 without prior approval of an aulhorized OHS official. No por1ion of lhi.s repor1 should be
furnished to the media. either in written or \'Crbal form
From: Rapp, Marc A

Sent: Monday, May 21, 2018 11:49 AM
Toh w:n-f h)f7)fr,)
That would be great thanks.

My meeting is on Friday.
Marc A. Rapp
DHS ICE US Embass Rome, Italy
(b)(6); (b)(?)(C)
+39 335 b)(6):
From: Kb)(6); (b)(7)(C)

Date: Monday, May 21, 2018, 5:19 PM
To: Rapp, Marc A l(b)(6); (b)(7)(C)
2020-ICLl-00023 1395
Marc,
I think b)(5)
~-------------------------------------------~ Do
you mind if I forward this to the PM in charge of EAGLE to obtain the images?
Thank you,
fb)(6); (b)(7)(C)
(202) 732 b)(6);
(202) 534 b)(7)( obile
(b)(6); (b)(7)(C)
"The definition ofinsanity is doing the same thing over and over again, but expecting different results".
U11k11ow11
Warning: This document is UNCLASSIFl~D/IFOR OF"f.lC IA L USE ONLY (U//f.'OUO). It contains information that may he exempt from public release under the Freedom of
Information Act (S U.S.C. 552). II is 10 be conlrolled, stored. handled, transmilted, distributed, and disposed of in accordance with DHS policy rel.aling to FOCO i_n formation and is
not to be released to the public or other personnel who do not hne a val.id "need-to-know" without prior apprnval of an authorized DHS official. No portion of th~ repol't should be
furnished to the mc<llo, either in wrincn or verbal form
From: Rapp, Marc A

Sent: Monday, May 21, 2018 8:11 AM
To: ~b)(6); (b)(7)(C)
Subject: Test Prints EAGLE
(b)(5)
Thanks.
Marc Rapp
Deputy Attache-Removal
ICE Attache Office- Rome
+39 335 65 (b)(6 cell)
(b)(6); (b)(7)(C) Email
2020-ICLl-00023 1396
Warning: This document is UNCLASSIFIED USE ONLY {U//FOUO). It contains information that may be exempt from public
release under the Freedom of Information Act (S U.S.C. 552). It 1s lled, stored, handled, t ransmitted, distributed, and d isposed of
in accordance w ith OHS policy relating to FOUO information and is not to be release · or other personnel who do not have a
valid " need-to-know" without prior approval of an authorized OHS official. No portion of this report sifhio
o~uffl"l~iwi:.i~~_!
in written or verbal form.
2020-ICLl-00023 1397
From: CTR)
Sent: ........--.------..-....................- s:Ol +0000
To:
Subject: Privacy Question
Kb)(6); _.
Is the video image of an individual considered PII?
v/r
kb)(6) ; (b)(7)(C)
Information Systems Security Officer

Office of Inspector General
Office of the Chief Information Officer
202-870 ~~~~~~~
2020-ICLl-00023 1398
From: l(b)(6); (b)(?)(C) JCTR)
Sent: 18 Jan 2018 20:35:01 +0000
To: l(b)(6); (b)(?)(C)I
Subject: Privacy Question
(b)(6);
( h )(7 )(r,)
Is the video image of an individual considered PII?
v/r
Vh)(fl) · (h)(7 )(r,)
Information Systems Security Officer

Office of Inspector General
Office of the Chief Information Officer
202-870l(b)(6);
2020-ICLl-00023 1399

ICE August 2020 Production Brennan Center DHS FOIA Social Media Monitoring

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ICE August 2020 Production Brennan Center DHS FOIA Social Media Monitoring

Uploaded by

Copyright:

Available Formats

From: ~b)(6); (b)(?

---ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT---

From: l(b)(6); (b)(7)(C) I

Good Morning Everybody,

From :Kb)(6); (b)(?)(C)

Thanks so much everybody!

From: !rh)fn) · f h)f7)fC:)

IMany apologies - I should have sent an update yesterday.

Thanks for the concern and interest!

Have a nice weekend - and thanks again!

Subject: RE: ICE SMOUTs

Subject: ICE SMOUTs

--- ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

From :l(b)(6); (b)(7)(C)

Subject: RE: ICE SMOUTs

---ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

Good Morning Everybody,

Thanks so much everybody!

Hi Kb)(6); IMany apologies - I should have sent an update yesterday.

Thanks for the concern and interest!

Have a nice weekend - and thanks again!

2020-IC Ll-00023 1069

Mobile: 202-870f b)(6); I

From: l(b)(6); (b)(?)(C)

Subject: RE: ICE SMOUTs

rTo: f b)(6); (b)(7)(C)

Subject: ICE SMOUTs

--- ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

--- ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

Subject: RE: ICE SMOUTs

Mobile: 202-87q (b)(6); I

Subject: RE: ICE SMOUTs

--- ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

Good Morning Everybody,

From jrh\fR\· f h \f7 \rr., I

Thanks so much everybody!

Hil(b)(6): I Many apologies - I should have sent an update yesterday.

Thanks for the concern and interest!

Have a nice weekend - and thanks again!

From: !{b)(6): (b)(7)(C)

Mobile: 202-87 (b)(6);

From:l(b)(6 ): ( b )(7 )(C )

Subject: RE: ICE SMOUTs

Subject: ICE SMOUTs

---ATTORNEY/CLIENT PRIVILEGE ---ATTORNEY WORK PRODUCT ---

• Open source information is any type of lawfully and ethically obtainable

collectionlnformation is publicly availableCollection is not person-to-person It is

Open Source Information Open Source Intelligence

• Established in a Memorandum from John

• Public interactionYou may access

• Varies dependent on the capacity in which

Thank you for the interact ion!

SUBJECT: Use of Public and Non-Publ ic Online Information

On December 8, 2010, Secretary Napolitano approved a decision memorandum titled, "Use of

No Private Right of Action

To: Field Office Directors and Deputy Field Office Directors

To the extent that the ERO BM is an interpretation/application of an ICE directive (10082.1 ), I

--- ATTORNEY/CLIENT PRIVILEGE --- ATTORNEY WORK PRODUCT ---

Subject: RE: ERO Use o~ )(7)( I

From: l(b)(6): (b)(7)(C)

Subject: RE: ERO Kb)(7)(E) I

--- ATTORNEY/CLIENT PRIVILEGE --- ATTORNEY WORK PRODUCT ---

From: !<b)(6): (b)(7)(C)

Subject: RE: EROl(b)(7)(E) I