CBP September 2021 Production Brennan Center DHS FOIA Social Media Monitoring

INFORMATION ISSUE PAPER
Office of Field Operations

National Targeting Center (NTC)
October 6, 2016
Action Required: Info1m ation Only
Time Constraint: None
Issue: Privacy and CRCL groups have opposed CBP's efforts, with the Departm ent, to modify
the ESTA application to include the voluntary provision of social media handles. CBP has gone
through a 60-day public comment period on its FRN proposing this voluntaiy provision, met
with 0MB to discuss and defend this request, added an additional 30-day comment period, and
responded in full to all public inquiries about this addition. This final 30-day comment period is
over and CBP will meet, with Depaiiment representation, with 0MB on 6 October 2016 to
advocate for the approval of the ESTA social media modification.
Executive Summary: Despite incorporating social media into many aspects of its operational
mission, CBP aims to fmi her enable and empower its officers, a ents, and anal sts to fuii her
inte ·ate social media throu out their o erational fuiictions.
•
•
•
(b) (7)(E), (b) (5)
Background:
Social media has become a powerful somce of communication and interaction in the past decade
and is likely to continue to evolve on a global scale as an integral component of individual
identity. Increases in social media usage and connectivity -- as well as in the prevalence of
mobile devices and their enabling of neai·-constant access to social media platfo1ms -- have
enabled adversaries to use social media platfo1ms for their recrnitment, communications,
strategy, and operations threatening national and border secm ity.
• SubsequentltDIUitalconducted mai·ket research, identified a suite of social media

tools to su 01i CBP's vai·ious fuiictions,
Submitted by: (b) (6), (b) (7)(C)

Date: 6 OCT 2016
001
USCBP000001
• ill December 2015, the CBP Deputy Commissioner directed the fonnation of a CBP-wide
working group designed to assess CBP's cmTent social media operational use footprint
and prepare a strategy for advancing those capacities in full consideration of legal,
privacy, and civil rights and civil liberties equities .
CBP will continue to test and develop new capabilities

in a deliberate and res onsible manner
• Worked extensively, both with the Depar tment's Social Media Task Force and
independently, to assess the efficacy of i n d u ~ -off-the-Shelf tools
that claim to suppo1t the use of social media- ; and,
• Allocated funds to develop agency-wide training programs on the safe, effective, and
legal use of social media in su ort of CBP's screenin vettin res onsibilities and the
use of social media in
ill FY 17, CBP will:
• Begin to deploy developed training across the agency, to include providing industiy -
leading advanced ti·aining to our most experienced and critical users;
• Develop position descriptions and allocate funds to hire full-time staff from the private
sector to suppo1t developments in this space;

Date: 6 OCT 2016
002
USCBP000002
• Execute
new tools and technology
• Implement lessons learned to date into th e workflow ofNTC screening/vetting, as

appropriate based on technological and legal constraints;
• Begin to make strategic investments in emerging technologies of value in this space;
Watch Out For/If Asked:
- ?
Is CBP cmTently using social media infonnation to support (b) (7)(E)
• CBP is working with the DHS Social Media Task Force and DHS Oversight bodies in
order to address the specific challenges associated wit (b) (7)(E), (b) (5)
Does CBP provide social media training to its officers, agents and analysts?
• In order to fmt her inco1porate open source collection and social media info1mation
into its various operational missions to the extent allowable by law and
technologically feasible, CBP empowers its operators to conduct successful social
media research through the establishment of and suppo11 for consistent training and
education programs.
• CBP cunently provides introductory and operational security awareness social media
training to any CBP employees who use social media for operational pmposes.
• CBP is in the process of establishing

- t raining cmTiculum.
Is there validity to the claim th at a Social Media Center of Excellence will be fo1med/founded at
th e NTC?
• CBP is cmTently paiticipating in the DHS Social Media Task Force chaired by the
Under Secretary for Intelligence and Analysis to support the creation, in a controlled,
th orough, and cost efficient manner, of a social media vetting capability for the
Depaitment. Social media has become a powerful source of collllllunication and
interaction in the past decade and continues to evolve on a global scale. Increases in

Date: 6 OCT 2016
003
USCBP000003
social media usage and connectivity have enabled adversaries to use social media
platforms for their recruitment, communications, strategy, and operations threatening
national and border security. The concept of a DHS Social Media Center of
Excellence recognizes the need to keep pace with these real world requirements by
centralizing DHS’s technology capabilities, authorities, and policy decisions, and
empower its members – without necessarily requiring a brick and mortar COE in one
centralized location.

Date: 6 OCT 2016
004
USCBP000004
Unclassified//For Official Use Only/Law Enforcement Sensitive
U.S. Customs and Border Protection

(b) (7)( E)
Use of Social Media
May 25, 2016
(U//FOUO) Social media has become a powerful source of communication and interaction in the past
decade and is likely to continue to evolve on a global scale as an integral component of individual
identity. Increases in social media usage and internet connectivity -- as well as in the prevalence of
mobile devices and their enabling of near-constant access to social media platf01ms -- have created a
myriad of new oppo1tunities for national secmity adversaries or border security threats to use social
media platfo1ms for their recmitment, communications, strategy, and operations. As John Cru·lin,
Assistant Attorney General for National Secmity, said on Mru·ch 1, 2016, "groups like the Islamic State of
fraq and the Levant (ISIL) ru·e using popular social media platfo1ms to propagate and recmit with greater
efficiency than ever before ... in addition to a prolific presence on media outlets [e.g., Twitter or
Facebook] ... well-produced propaganda has become a norm when it comes to drawing outsiders to their
cause ... what we're seeing is a group that's taking advantage of western-made technology."
Subsequently, Social Media has become a critical element for vetting travelers by U.S . Customs and
Border Protection (CBP)
(U//FOUO) The collection and screening of social media is
The info1mation provided in social media is cdtical to screening for imminent and emergent
threats to the United States from travelers who ru·e enabled through social media to rec1uit, plan, and
execute teno1ist acts via real-time communication platfo1ms. It is c1itical that social media info1mation be
made available to CBP immediately, not several months from now, in order to prevent, dismpt, and
dismantle current ten01ist plans, rather than react to them after it is too late. It would be unacceptable to
the American Public for the Department to miss an oppo1tunity to dismpt a teno1ist act when inf01mation
is readily available to support more robust screening.
(U//FOUO/LES) CBP will conduct social media
indicators that wruTant further review by a law enforcement offic r,
(U//FOUO/LES) Dming social media screening, there may be instances where it is appropriate and
(b) (7)(E)
- ( b) ( 7 )( E )
(b )(7)(E)
(Unclassified//For Official Use Only/Law Enforcement Sensitive)

005
USCBP000005
nt
CBP would only share info1mation on

and law enforcement partners that is necessa1y to complete the
mission. All these efforts add to the layered vetting approach to help ensure process oversight.
increased number ofVWP travelers for the upcoming summer season, it is imperative that the social
media collection not be delayed to ensure thorough vetting.

006
USCBP000006
(U//FOUO) The ability to collect and review social media is not only imperative due to ongoing threats
from ten orist organizations, but it is also c1itical to providing a complete picture of an ESTA applicant.
More completely developing this picture leads to numerous benefits, as highlighted
above, but also to significant benefits for many travelers as well. For one, collecting social media
incorporates into CBP's adjudication process info1mation that would not be othe1wise available and can
often help resolve identities and clruify information.
Therefore, social media se1ves not only as a vital

screening tool and additional selector for vetting, but it also provides the direct benefit to the applicant in
entity resolution and application suppo1t. In many circumstances, CBP will be unable to meet the
statuto1y requirements of the VWP Act to dete1mine the national security or law enforcement interests of
the United States without access to social media inf01mation that is collected through the Electronic
System for Travel Autho1ization (EST A). As stated by Secreta1y Johnson, "Social media can provide the
Depa1tment with cdtical info1mation related to the execution of our Inission."

007
USCBP000007
FOR OFFICIAL USE ONLY
Use of Social Media

September 26, 2016
Executive Summary:
(U//FOUO/LES) The Visa Waiver Program (VWP) hnprovement and Terrorist Travel Prevention Act
(The VWP Act) of 2015 established new travel and dual nationality restrictions for VWP applicants.
The restrictions include presence after March 1, 2011 in Iran , Iraq, Sudan, Syria, Libya, Somalia or
Yemen and dual nationality with Iran, Iraq, Sudan and Syria. The VWP Act also included a
provision that allows the Secretary of Homeland Security to waive VWP ineligibilities created by the
VWP Act, if the Secreta1y detennines such a waiver is in the law enforcement or national security
interests of th e United States. The was created to leverage
not available through other sources.
Social Media Use in the Electronic System for Travel Authorization
(U) All prospective Visa Waiver Program (VWP) trnvelers are required to submit biographic
identifiers through the online Electronic System for Travel Authorization (ESTA) application.
ESTA is th e primaiy means of obtaining identifying info1mation to vet against counterteITorism
and law enforcement databases for prospective inbound VWP travelers.
(U//FOUO) The Depaiiment of Homelan d Security (DHS) is seeking to add an optional data.
field requesting social media identifiers (or "handles") from foreign nationals applying for an
ESTA. 1 CBP published a proposed change to the ESTA application and I-94W in the Federal
Register to add an optional field for applicants to enter their social media handle and
provider/platfo1m . CBP has already responded to public comments from the 60-day comment
period and provided an additional 30 days for comments.
Current Social Media Use:
1 It will remain optional, as not eve1y applicant may use social media.

008
USCBP000008
-2-
vetting may be conducted concmTently and will be used

collectively to suppo1i an info1m ed decision process. Social media and o en som ce is used in a
multitude of wa s dmin the vettin
As mentioned above, DHS proposed additional changes to the ESTA application to

a ow the applicant to provide a social media platfo1m (e.g. Twitter, Facebook, etc.) and the
related identifier (i.e. usem ame, screen name, handle). These changes are cmTently in the public
comment period.
Threat Environment
(U//FOUO//LES) Te1rnrist groups including the Islamic State of fraq and the Levant (ISIL), al-
Qa'ida, and al-Qa'ida's affiliates use social media to disseminate official messa
otential members, and convince otential su orters to mobilize to violence.
(b) (7)(E)

009
USCBP000009
-3-
(b) (7)(E) This infonnation is particularly impo1i ant to combat a timely,
unexpected, and credible threat to public safety.
Applicability to Waiver Authority
~ U O) Social media serves not only as a vital screening tool (b) (7)(E)
- b u t it also rovides the direct benefit to the a licant in enti
SU Oii.
(U//FOUO) Collecting social media incorporates into CBP's adjudication process info1mation
that would not be othe1w ise available and can often hel resolve identities and clarif
Social Media Pilot:
(U//FOUO//LES) Social media screening will be done in two ways, in compliance with DHS and
CBP policies and directives regarding social media. Social media platforms and the definition of
"derogato1y info1mation" are constantly evolvin , so s ecific rocedmes for eve1 scenario
would not be ossible. However, in eneral,
(b) (7)(E)

010
USCBP000010
-4-
As it does today, CBP will review the totality of the info1mation available
prior to making a detennination re ardin a erson's ESTA
ss · 1 that infonnation
If the ESTA is approved or the waiver is granted, the

person will be able to travel to the United States under the VWP. If either are denied, the
individual must apply for a visa to travel to the United States.3
DHS Science and Technology (S&T)
(U//FOUO/LE~ iWWi
3 The denial of an ESTA does not prohibit travel to or adrnission into the United States.

011
USCBP000011
- 5-
Future State for Social Media:

012
USCBP000012
UNCLASSIFIED//FOR OFFICIAL USE ONLY
Social Media Briefing Paper

Summary
DHS has been at the forefront among Federal agencies in developing the capability to
incorporate social media data in its screening and vetting processes. CBP, along with USCIS
and TSA, has been developing, testing, and operationalizing the use of social media.
(b) (7)(E), (b) (5)
Through this work, CBP and the
Department more broadly have advanced our understanding of the challenges in screening non-
government maintained databases, including the dynamic nature and magnitude of social media
information.
(b) (7)(E)
(b) (7)(E)
(b) (7)(E)
(b) (7)(E)
Current Social Media Pilots/Operational Use
CBP began a social media pilot using ESTA data in early 2016, with the goal of (b) (7)(E)
In December 2016, CBP added a
voluntary question to the ESTA application to request social media handles, (b) (7)(E)
1
013
USCBP000013
(b) (7)(E)
(b) (7)(E), (b) (5) CBP is gathering meti·ics to
assess the of social media vetting, as well as the technological and
research quality of the tools cmTently being tested. CBP is leveraging the RAND Co1poration
for an external assessment and red-teaming effo1is to suppo1i CBP's analysis.
Also of note:
• Collecting
oppo1iunities for vetting agencies to detennine eligibility for h'avel or immigration

benefits and enhance identity resolution before they are allowed into the United States.
• The enhanced screening and vetting effo1is of DHS will include social media, as outlined
in the Executive Order 13780, Section 5 report, which identified "hi value data"
elements that should be aii of baseline screenin .
•
•
• DHS Privacy conducted a Privacy Compliance Review following CBP's collection of

social media handles.
Watch Out For
2
014
USCBP000014
(b) (5)
3
015
USCBP000015

June 2, 2016
Action Required: Info1mation Only
Issue:
1 11 (b)(7)(E),(b)(5)
Executive Summary:
Despite inc01porating social media into many aspects of its operational mission, CBP aims to
further enable and empower its officers, a ents, and anal sts to further inte ·ate social media
throu out their o erational functions.
•
•
•
(b) (7)(E}, (b) (5)
Background:
Social media has become a powerful source of communication and interaction in the past decade
identity. Increases in social media usage and connectivity - as well as increases in the
prevalence of mobile devices and their enabling of near-constant access to social media
platfo1ms - have enabled adversaries to use social media platfo1ms for their recmitment,
communications, strategy, and operations threatening national and border security.
• Subsequently.lQJIQilll:,onducted market research to identi

tools to su 011 CBP 's various functions
• In December 2015, the CBP Deputy Commissioner directed the fonnation of a CBP-wide
working group designed to assess CBP's cmTent social media operational-use footprint
Submitted by: (Name of Originator)

Date: (Date Document was Originated)
016
USCBP000016
privacy, and civil rights and civil libe1ties equities .
• - ocial media infonnation to suppo1t it .(b) (7)(E)
o CBP is working with the DHS Social Media Task and ~ dies in
order to address the specific challenges associated wit ~
• Does CBP provide social media training to its officers, agents and analysts?
o In order to fuither inco1p orate open source collection and social media
infonnation into its various operational missions, to the extent allowable by law
and technologically feasible, CBP will empower its operators to conduct
successful social media research through the establishment of, and suppo1t for,
consistent training and education programs.
o CBP cunently provides introductory and operational security awareness social

media training to any CBP employees who use social media for operational
pmposes.
o CBP is in the process of fonnalizing (b) (7)(E)

- training cmTiculum.
Submitted by: (Nam e of Originator)

Date: (Date Document was Originated)
017
USCBP000017

August 30, 2016
Action Required: Info1m ation Only
.•• .
(b) (7)( E), (b) (5)
. . I . I I I I II • I I
I I I (b) (7)(E)
mission, CBP aims to further enable and empower its officers, a ents, and anal sts to fuiiher
inte ·ate social media throu out th eir o erational fuiictions.
•
•
•
(b) (7)(E), (b) (5)
Background:
Social media has become a pow- source of communication an d interaction in the past decade
mobile devices and their enabling of near-constant access to social media platfo1ms -- have
strategy, and operations threatening national an d border security.
• SubsequentltiJIUila]conducted market research, identified a suite of social media

tools to su 011 CBP 's various fuiictions, and
working group designed to assess CBP 's cmTent social media operational use footprint
privacy, an d civil rights and civil liberties equities.

Date: 30 AUG 2016
018
USCBP000018
social media infonnation to support its (b) (7)(E)

?
o CBP is working with th e DHS Social Media Task and D~ dies in

order to address the specific challenges associated wit h -
• Is CBP using social media to monitor select individuals?
o No
• Does CBP provide social media training to its officers, agents and an alysts?
o In order to fmt her inco1porate open source collection and social media
infonnation into its various operational inissions to the extent allowable by law
and technologically feasible, CBP empowers its operators to conduct successful
social media research through the establishment of and support for consistent
training and education programs.
o CBP cunently provides introductory and operational security awareness social

pmposes.
o CBP is in the process of establishing (b) (7)(E)

- training cmTiculum.
Submitted by: (b) (6), (b) (?)(C)

Date: 30 AUG 2016
019
USCBP000019

April 20, 2017
Action Required: Info1mation Only
Issue: CBP cunently uses social media infonnation in a limited capacity in suppor· "'9
(b) (7)(E), (b) (5)
mission, CBP aims to enable and empower its officers, a ents, and anal sts to farther inte ·ate
social media throu out their o erational fonctions.
Background:
Social media has become a powerfol source of communication and interaction in the past decade
mobile devices and their enabling of near-constant access to social media platfo1ms -- have
strategy, and operations threatening national and border security.
• In March 2014, the CBP De u Commissioner directed the (b) (7)(E)
(b)(5)
. . . (b) (7)(E)
••
•• •
I . I
(b) (7)(E)
. I . I I I .
working group designed to assess CBP's cmTent social media operational use footprint
and prepare a strategy for advancing those capacities in foll consideration of legal,
privacy, and civil rights and civil libe1ties equities;
• In January 2016, CBP began to paiticipate in the DHS Social Media Task Force, stood up
to assess best practices and technologies for incorporating social media info1mation into
Depai·tment-wide vetting processes;

Date: 20 April 2017
020
USCBP000020
(b) (7)(E), (b) (5)

0
(b) (7)(E)
Pilot Efforts:
CBP is working on or preparing for a variety of pilot effo1ts in this space, including:
• A pilot utilizing the voluntarily provided social media infonnation collected from the
ESTA application;
•
• (b) (?)(E), (b) (5)
• i i i l i i i i l i i i~ocial media infonnation to suppo1t its (b) (7)(E)
o CBP is working with the DHS Social Media Task and DHS Oversight bodies, as
well as other Inter-A Pa1tners in order to address the specific challenges
associated with
• Is CBP using social media to monitor select individuals?

o No
• Does CBP provide social media training to its officers, agents and analysts?

Date: 20 April 2017
021
USCBP000021
o CBP currently provides introductory and operational security awareness social

purposes.
o CBP is in the process of formalizing (b) (7)(E)

training curriculum.

Date: 20 April 2017
022
USCBP000022
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
PRIVACY THRESHOLD ANALYSIS (PTA)
This form serves as the official determination by the DHS Privacy Office to
identify the privacy compliance requirements for all Departmental uses of
personally identifiable information (PII).
A Privacy Threshold Analysis (PTA) serves as the document used to identify

information technology (IT) systems, information collections/forms, technologies,
rulemakings, programs, information sharing arrangements, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined by
the Chief Privacy Officer, pursuant to Section 222 of the Homeland Security Act, and to
assess whether there is a need for additional Privacy Compliance Documentation. A PTA
includes a general description of the IT system, information collection, form, technology,
rulemaking, program, pilot project, information sharing arrangement, or other Department
activity and describes what PII is collected (and from whom) and how that information is
used and managed.
Please complete the attached Privacy Threshold Analysis and submit it to your
component Privacy Office. After review by your component Privacy Officer the PTA is sent
to the Department’s Senior Director for Privacy Compliance for action. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance

The Privacy Office
Tel: 202-343-1717
PIA@hq.dhs.gov
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form and assess whether any privacy compliance documentation is required. If compliance
documentation is required – such as Privacy Impact Assessment (PIA), System of Records
Notice (SORN), Privacy Act Statement, or Computer Matching Agreement (CMA) – the DHS
Privacy Office or component Privacy Office will send you a copy of the relevant compliance
template to complete and return.
Privacy Threshold Analysis – IC/Form Version number: 04-2016

Page 1 of 17
023
USCBP000023
Homeland Privacy Office
Security Washington. DC 20528

202-343-1717. pia@hq.dbs.gov
www.dhs.gov/ privacy
Pr ivacy Threshold Analysis (PTA)
Specialized Template for

Information Collections (IC) and Forms
The Forms-PTA is a specialized template for Information Collections and Forms. This
specialized PTA must accompany all Information Collections submitted as part of the
Paperwork Reduction Act process (any instrument for collection (form, survey,
questionnaire, etc.) from ten or more members of the public). Components may use this PTA
to assess internal, component-specific forms as well.
Form Number: N/ A
Form Title: Electronic Visa Update System (EVUS)
Component: Customs and Border Office: OFO/ APP/ EVUS

Protection (CBP)
IF COVERED BY THE PAPERWORK REDUCTION ACT:

Collection Title: Electronic Visa Update System (EVUS)
0MB Control 1651-0139 0MB Expiration April 30, 2017

Number: Date:
Collection status: Extension Date of last PTA (if Click here to enter
applicable): a date.
PROJECT OR PROGRAM MANAGER

Name: ■mtamltlB
Office: OFO/APP/EVUS Title: Director
Phone: (b) (6), (b) (7)(C) Email: @cbp.d
hs.gov
Name:
--]
COMPONENT INFORMATION COLLECTION/FORMS CONTACT
Privacy Threshold Analysis - JC/Form Version number: 04-2016

Page 2 of17
024
USCBP000024

202-343-1717. pia@hq.dbs.gov
www.dhs.gov/privacy
Office: Office of Trade/RR Title: Paperwork Reduction Act

Clearance Officer
Phone: (b) (6), (b) (7)(C) Email: @cbp.dhs.g
ov
SPECIFIC IC (Forms PTA QUESTIONS
1. Purpose of the Information Collection or Form

a. Describe the purpose of the information collection or form. Please provide a
general description of the project and its purpose, including how it supports the DHS
mission, in a way a non-technical person could understand (you may use
information from the Supporting Statement).
If this is an updated PTA, please specifically describe what changes or upgrades are
triggering the update to this PTA.
U.S. Customs and Border Protection (CBP) has a responsibility to balance trade and travel
while managing threats to the United States posed by people or cargo entering or exiting
the United States. When a nonimmigrant alien applies for a visa to travel to the United
States, the validity period of their visa can vary considerably depending on their home
country. Some visas remain valid for extended periods of up to ten years. Visas from
countries with a longer validity period do not enable the U.S. Government to receive
regular updated biographic information or other pertinent information from repeat
visitors who travel to the United States multiple times over the life-span of a visa. While
longer length visas allow travel to the United States with greater ease, they do not
inherently allow the United States to receive updated information over the life-span of the
visa.
Given these concerns and considerations, the Department of Homeland Security (DHS) has
developed the Electronic Visa Update System ("EVUS"), which provides a mechanism
through which information updates can be obtained from nonimmigrant aliens who hold
a passport issued by an identified country containing a U.S. nonimmigrant visa of a
designated category. By requiring enrollment in EVUS as well as the requirement to
update biographic and travel information, CBP is increasing the chances of identifying
people who may pose a threat to the United States.
The implementation of EVUS will maintain greater security as it will allow the United
States to receive updated traveler information over the life-span of the visa instead of only
at the application process.
PTA Update: Collection of Social Media Identifiers
DHS/CBP is expanding the EVUS application to match the previously approved
Electronic System for Travel Authorization (ESTA) application and request social media
identifiers from all EVUS applicants. DHS/CBP will use social media identifiers to conduct
Page 3 of17
025
USCBP000025
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
screening, vetting, and law enforcement checks of EVUS applicants using publicly available
information on social media. Terrorist groups, including the Islamic State of Iraq and the
Levant (ISIL), al-Qa’ida, and al-Qa’ida’s affiliates actively use open media (social media,
specifically) to disseminate official messaging, recruit potential members, and convince
potential supporters to mobilize to violence. Adding such a question to the EVUS
application will provide DHS with greater opportunities to inform a determination of
eligibility for travel to the United States.
While this field is optional, all information submitted may be used for national security
and law enforcement vetting purposes, and for EVUS eligibility determinations. Should an
individual choose to provide his or her social media identifier(s), (b) (7)(E)
DHS/CBP Officers already use publicly available

information, including social media information, as part of the existing EVUS screening
and vetting processes. Under no circumstance will DHS/CBP violate any social media
privacy settings in the processing of EVUS applications.
As with the collection of social media identifiers on the ESTA application, due to the
novel privacy risks surrounding this information collection, the DHS/CBP will employ
additional privacy risk mitigation strategies to evaluate this information collection:
(b) (7)(E), (b) (5)
DHS/CBP will memorialize these requirements in an updated EVUS PIA and SORN.
b. List the DHS (or component) authorities to collect, store, and use this information.
If this information will be stored and used by a specific DHS component, list the
component-specific authorities.
EVUS data collection falls under authorities provided to DHS by the Immigration and
Nationality Act (INA). Specifically, entry and admission authorities.

Page 4 of 17
026
USCBP000026

202-343-1717. pia@hq.dbs.gov
www.dhs.gov/privacy
INA§ 214(a)(1) specifically authorizes DHS to prescribe by regulation the conditions for
an alien's admission and additionally, aliens' entry into the United States may be limited
and conditioned by DHS under INA§ 215(a)(1).
Section 214(a)(1) of the INA provides that "[t]he admission to the United States of any
alien as a nonimmigrant shall be for such time and under such conditions as the Attorney
General may by regulations prescribe ...."
An applicant for admission has the burden to prove he or she is clearly and beyond doubt
entitled to be admitted and is not inadmissible under section 212 of the INA INA§§
240(c)(2), 291; 8 C.F.R. § 235.l(f)(l). Immigration officers determine whether any
grounds of inadmissibility apply at the time an alien is inspected. 8 C.F.R. § 235.l(a),
(f) (1 ). Moreover, an officer has the authority to require an alien to state under oath any
information sought by an immigration officer regarding the purposes and intentions of
the alien in seeking admission, including the alien's intended length of stay, intent to
remain permanently, and potential grounds of inadmissibility. INA§ 235(a)(5).
INA§ 215(a)(1) states "[u]nless otherwise ordered by the President, it shall be unlawful
for any alien to depart from or enter or attempt to depart from or enter the United States
except under such reasonable rules, regulations, and orders, and subject to such
limitations and exceptions as the President may prescribe." INA§ 215(a)(1) (emphasis
added). Subsequently, the President assigned his functions under INA§ 215 with respect
to aliens to the Secretary of Homeland Security. Exec. Order No. 13323, 69 Fed. Reg. 241
(Dec. 30, 2003). INA§ 215(a)(2) prohibits the transport from or into the United States of
individuals for which there is "knowledge or reasonable cause to believe that the
departure or entry of such other person is forbidden" by INA§ 215. INA§ 215(a)(1)
provides a basis for denial of entry, provided that restrictions "meet the test of
reasonableness." Immigration Laws and Iranian Students, 4A Op. Off. Legal Counsel 133,
140 (1979). Together, INA§ 215(a) and DOS visa revocation authorities under INA§
22 l(i) may permit the Government to require EVUS compliance in advance of travel.
2. Describe the IC/Form

Page S of17
027
USCBP000027
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
a. Does this form collect any ☒ Yes

Personally Identifiable ☐ No
Information” (PII1)?
b. From which type(s) of ☒ Members of the public
individuals does this form ☐ U.S. citizens or lawful permanent
collect information? residents
(Check all that apply.) ☒ Non-U.S. Persons.
☐ DHS Employees
☐ DHS Contractors
☐ Other federal employees or contractors.
c. Who will complete and ☒ The record subject of the form (e.g., the
submit this form? (Check individual applicant).
all that apply.) ☐ Legal Representative (preparer, attorney,
etc.).
☐ Business entity.
If a business entity, is the only
information collected business contact
information?
☐ Yes
☐ No
☐ Law enforcement.
☐ DHS employee or contractor.
☒ Other individual/entity/organization that is
NOT the record subject. Please describe.
The application allows for third parties to submit
an EVUS enrollment on behalf of an applicant (e.g.
travel agencies, family member)
d. How do individuals ☐ Paper.

complete the form? Check ☐ Electronic. (ex: fillable PDF)
all that apply. ☒ Online web form. (available and submitted via
the internet)
1
Personally identifiable information means any information that permits the identity of an individual to be directly or indirectly inferred, including
any other information which is linked or linkable to that individual regardless of whether the individual is a U.S. citizen, lawful permanent resident,
visitor to the U.S., or employee or contractor to the Department.

Page 6 of 17
028
USCBP000028
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Provide link:
www.EVUS.gov
e. What information will DHS collect on the form? List all PII data elements on the
form. If the form will collect information from more than one type of individual,
please break down list of data elements collected by type of individual.
As described in the previously issued PIA and SORN for EVUS, all foreign nationals of
designated countries in possession of B1/B2, B1 or B2 visas with a ten year validity, will
be required to submit the following information to EVUS:
 Name (English and Native Language)
 Date of Birth
 Other Name or Aliases (English and Native Language)
 Gender
 Travel Document Type
 Primary Passport Number – Current, unexpired passport
 Passport Number That Holds Visa
 Passport Country/Citizenship
 Passport Issuance Date
 Passport Expiration Date
 National ID Number
 Visa Foil2 Number
 City of Birth
 Country of Birth
 Country of Residence
 Parents Name (English and Native Language)
 Other Citizenship
 Home Address (English and Native Language)
 Home Telephone
 Cell Phone
 Work Telephone
 Primary Email
 Secondary Email
 Employer Name (English and Native Language)
2
The term “visa foil” refers to the actual physical visa that is affixed into a person’s passport. It is the same as a
visa number.

Page 7 of 17
029
USCBP000029
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
 Employee Address
 Employer City
 Employer State/Province/Region
 Employer Country
 Address While in the United States
 U.S. POC Name
 U.S. POC Address
 U.S. POC Phone Number
 Emergency POC Name
 Emergency POC Phone Number
 Emergency POC Email
 IP Address
PTA update:
CBP is submitting this PTA because DHS/CBP seek to add social media identifiers to the
EVUS application to match the same social media collections previously approved for the
Electronic System for Travel Authorization (ESTA) application. DHS/CBP seeks to add
the following information to the EVUS application:
 Social media identifiers, such as username(s) and platforms used;

 Publicly available information from social media Web sites or platforms
f. Does this form collect Social Security number (SSN) or other element that is
stand-alone Sensitive Personally Identifiable Information (SPII)? Check all that
apply.
☐ Social Security number ☐ DHS Electronic Data Interchange
☐ Alien Number (A-Number) Personal Identifier (EDIPI)
☐ Tax Identification Number ☒ Social Media Handle/ID
☒ Visa Number ☐ Known Traveler Number
☒ Passport Number ☐ Trusted Traveler Number (Global
☐ Bank Account, Credit Card, or other Entry, Pre-Check, etc.)
financial account number ☐ Driver’s License Number
☐ Other. Please list: National ID ☐ Biometrics

Page 8 of 17
030
USCBP000030

202-343-1717. pia@hq.dbs.gov
g. List the specific authority to collect SSN or these other SPII elements.
See above authorities in 1b.
h. How will this information be used? What is the purpose of the collection?
Describe why this collection of SPII is the minimum amount of information
necessary to accomplish the purpose of the program.
The information collected is used to assess (b)(7)(E)
MWIUitaWrhe timely and accurate capture of data, enables visa validation and helps
ensure alien compliance with United States law. DHS will use the information collected
through EVUS to determine whether (b) (7)(E)
pecifically, EVUS will vet non-
(b) (7)(E)
Specifically regarding the collection of social media identifiers, adding social media data
·ll h th · t" I ~ d I ·de DHS/CBP greater clarity and visibility to
(b) (7 )(E) by providing an additional tool set which
DHS/CBP may use to make better informed eligibility determinations. DHS/CBP's
collection of a s ubject's social media identifiers adds (b) (7)( E)
i. Are individuals ~ Yes. There is a security notification that user must

provided notice at the agree to prior to proceeding with the enrollment.
time of collection by There are also FAQs and a link to the Privacy Act
DHS (Does the records Statement.
subject have notice of □ No .
the collection or is
form filled out by
third party)?
3. How will DHS store the IC/ form responses?

a. How will DHS store □ Paper. Please describe.
the original, Click here to enter text.
completed IC/forms? ~ Electronic. All EVUS records are stored in the EVUS
information technology system, which is part of the E-

Page 9 of17
031
USCBP000031
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Business accreditation boundary. All EVUS

information is also replicated into the Automated
Targeting System (ATS) and used for vetting, law
enforcement, and national security purposes.
☐ Scanned forms (completed forms are scanned into
an electronic repository). Please describe the
electronic repository.
Click here to enter text.
b. If electronic, how ☐ Manually (data elements manually entered). Please

does DHS input the describe.
responses into the IT Click here to enter text.
system? ☒ Automatically. Please describe.
The traveler enters biographic and travel
information into the public facing website which is
stored within the EVUS system.
c. How would a user ☒ By a unique identifier.3 Please describe. If

search the information is retrieved by personal identifier, please
information submit a Privacy Act Statement with this PTA.
submitted on the There are two types of users. The public can
forms, i.e., how is the access their application information by entering
information either their enrollment number with their
retrieved? passport number, visa foil number (visa foil refers
to the actual physical visa that is affixed into a
person’s passport) and date of birth or with their
passport number, visa foil number, date of birth,
surname, first name and country of citizenship.
DHS users can access information with a single
biographic element or combination of data
elements (i. e. passport name, first and last name,
foil number).
The privacy statement can be accessed on the
EVUS web page through this link:
3
Generally, a unique identifier is considered any type of “personally identifiable information,” meaning any information that permits the identity
of an individual to be directly or indirectly inferred, including any other information which is linked or linkable to that individual regardless of
whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department.

Page 10 of 17
032
USCBP000032

202-343-1717. pia@hq.dbs.gov
www.dhs.gov/privacy
https://www.evus.gov/. and clicking on the

Privacy Act Statement at the bottom.
□ By a non-personal identifier. Please describe.
d. What is the records Enrollment information submitted to EVUS generally
retention expires and is deemed "inactive" two years after the
schedule(s )? Include initial submission of information by the enrollee. In the
event that a traveler's passport remains valid for less
the records schedule
than two years from the date of the EVUS notification of
number. compliance, the EVUS enrollment will expire
concurrently with the passport. Information in EVUS will
be retained for one year after the EVUS travel enrollment
expires. After this period, the inactive account
information will be purged from online access and
archived for 12 years. At any time during the 15-year
retention period (generally 3 years active, 12 years
archived) CBP will match data linked to active law
enforcement lookout records to enforcement activities,
and/or investigations or cases, including EVUS
enrollment attempts that are unsuccessful, which will
remain accessible for the life of the law enforcement
activities to which they may become related. NARA
guidelines for retention and archiving of data will apply
to EVUS (b)(5)
Records replicated on the unclassified and classified

networks will follow the same retention schedule.
Payment information is not stored in EVUS, but is

forwarded to Pay.gov and stored in CBP's financial
processing system, CDCDS, pursuant to the DHS/CBP-
018, CDCDS system ofrecords notice.
When a traveler's EVUS data is used for purposes of

processing his or her application for admission to the
United States, the EVUS data will be used to create a
corresponding admission record in the DHS/CBP-016
Non-Immigrant Information System (NIIS) (March 13,
2015, 80 FR 13398). This corresponding admission
record will be retained in accordance with the NIIS
retention schedule, which is 75 years.

Page 11 of17
033
USCBP000033
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
e. How do you ensure The system automatically purges records based on

that records are retention dates.
disposed of or deleted
in accordance with
the retention
schedule?
f. Is any of this information shared outside of the original program/office? If yes,
describe where (other offices or DHS components or external entities) and why.
What are the authorities of the receiving party?
☒ Yes, information is shared with other DHS components or offices. Please
describe.
Consistent with DHS’s information sharing mission, information stored in EVUS may be
shared with other DHS components that have a need to know of the information to carry
out their national security, law enforcement, immigration, intelligence, or other
homeland security functions.
☒ Yes, information is shared external to DHS with other federal agencies, state/local
partners, international partners, or non-governmental entities. Please describe.
Information stored in EVUS may also be shared with other Federal security and
counterterrorism agencies, as well as on a case-by-case basis to appropriate state, local,
tribal, territorial, foreign, or international government agencies. DHS completes an
information sharing and access agreement with Federal partners to establish the terms
and conditions of the sharing, including documenting the need to know, authorized users
and uses, and the privacy protections for the data.
☐ No. Information on this form is not shared outside of the collecting office.

Page 12 of 17
034
USCBP000034
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Please include a copy of the referenced form and Privacy Act Statement (if
applicable) with this PTA upon submission.

Page 13 of 17
035
USCBP000035

202-343-1717. pia@hq.dbs.gov
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer: (b) (6), (b) (7)(C)
Date submitted to component Privacy March 7, 2017

Office:
Date submitted to DHS Privacy Office: Mar ch 9, 2017
Have you approved a Privacy Act ~Yes. Please include it with this PTA
Statement for t his form? (Only submission.
applicable ifyou have received a □ No. Please describe w hy not.
waiver from the DHS Chief Privacy Click here to enter text.
Officer to approve component Privacy
Act Statements.)
Component Privacy Office Recommendation:

Please include recommendation below, including what existing privacy compliance
documentation is available or new privacy compliance documentation is needed.
(b)(5)

Page 14of17
036
USCBP000036

202-343-1717. pia@hq.dbs.gov
www.dhs.gov/privacy
PRIVACY THRESHOLD ADJUDICATION
(TO BE COMPLETED BY THE DUS PRIVACY OFFICE)
DHS Privacy Office Reviewer: (b) (6), (b) (7)(C)
PCTS Workflow Number: 1140114

Date approved by DHS Privacy Office: March 14, 2017
PTA Expiration Date March 14, 2018
DESIGNATION
Privacy Sensitive IC or Yes If "no" PTA adjudication is complete.

Form:
Determination: D PTA sufficient at this time.
D Privacy compliance documentation determination in
progress.
D New information sharing arrangement is required.
D DHS Policy for Computer-Readable Extracts Containing SPII
applies.
~ Privacy Act Statement required.
~ Privacy Impact Assessment (PIA) required.

~ System of Records Notice (SORN) required.
D Specialized training required.

D Other. Click here to enter text.
DHS IC/ Forms Review : Choose an item.
Date IC/ For m Approved Click here to enter a date.

by PRIV:
IC/Form PCTS Number : Click here to enter text.
Privacy Act e(3) statement not required.
Statement: Previously approved PAS for EVUS still valid.
PTA: No system PTA required.
PIA: PIA update is required.
Pr ivacy Thr eshold Analysis - JC/ Form Ve rsion number: 04-201 6

Page 15 o f 17
037
USCBP000037

202-343-1717. pia@hq.dbs.gov
If covered by existing PIA, please list: Click here to enter text.

If a PIA update is required, please list: DHS/CBP / PIA-033 Electronic Visa
Update System (EVUS)
SORN: SORN update is required.
If covered by existing SORN, please list: Click here to enter text.
If a SORN update is required, please list: DHS/CBP-02 2 Electronic Visa
Update System (EVUS) System of Records, September 1, 2016, 81 FR
60371
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
CBP is submitting this Forms-PTA to discuss Electronic Visa Update System (EVUS).
CBP is expanding the EVUS application to match the previously approved Electronic
System for Travel Authorization (ESTA) application and request social media
identifiers from all EVUS applicants. CBP will use social media identifiers to conduct
screening, vetting, and law enforcement checks of EVUS applicants using publicly
available information on social media.
This field is optional on the application, but the information offered may be used for
national security and law enforcement vetting purposes, and for EVUS eligibility
determinations. CBP Officers already use publicly available information, including
social media information, as part of the existing EVUS screening and vetting
processes. CBP will abide by all social media privacy settings in the processing of
EVUS applications.
The specific questions CBP wishes to add

• Social media identifiers, such as username(s) and platforms used; and
• Publicly available information from social media Web sites or platforms.
The DHS Privacy Office finds that the EVUS initiative is privacy-sensitive requiring
both PIA and SORN coverage. Both a PIA Update and an updated SORN to the
following artifacts is required.
• DHS/ CBP/ PIA-033 Electronic Visa Update System (EVUS)

• DHS/ CBP-022 Electronic Visa Update System (EVUS) System of Records
Privacy Threshold Analysis - JC/Form Version number: 04-201 6

Page16of17
038
USCBP000038
Privacy Office
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Please note, the PIA Update must be signed by the Chief Privacy Officer and the
updated SORN must clear OMB and be published in the Federal Registrar before the
social media questions can be put into operation.

Page 17 of 17
039
USCBP000039
Office of Internal Affairs: Use of Social Media for Criminal Investigations
DHS OPERATIONAL USE OF SOCIAL MEDIA

This template is used to assess the Department’s Operational Use of Social Media,
consistent with Management Directive 110-01.
The DHS Privacy Office has created this template to determine privacy compliance with
Management Directive 110-01, Privacy Policy for Operational Use of Social Media. For the purposes of the
Management Directive and this template, “Operational Use” means authorized use of social media to
collect personally identifiable information for the purpose of enhancing situational awareness,
investigating an individual in a criminal, civil, or administrative context, making a benefit determination
about a person, making a personnel determination about a Department employee, making a suitability
determination about a prospective Department employee, or for any other official Department purpose
that has the potential to affect the rights, privileges, or benefits of an individual. Operational use does not
include the use of search engines for general Internet research, nor does it include the use of social media
for professional development such as training and continuing education or for facilitating internal
meetings. The following uses of social media are exempt from the Management Directive and are not
subject to this requirement 1:
a) Communications and outreach with the public authorized by the Office of Public Affairs
(covered by the existing PIAs: DHS/ALL/PIA-031 - Use of Social Networking Interactions
and Applications Communications/Outreach/Public Dialogue and DHS/ALL/PIA-036 -
Use of Unidirectional Social Media Applications);
b) The conduct of authorized intelligence activities carried out by the Office of Intelligence
and Analysis, the intelligence and counterintelligence elements of the United States
Coast Guard, or any other Component performing authorized foreign intelligence or
counterintelligence functions, in accordance with the provisions of Executive Order
12333, as amended.
This template shall be used to document the process to be followed by all programs engaging in
operational uses of social media; to identify information technology systems, technologies, rulemakings,
programs, or pilot projects that involve PII and other activities that otherwise impact the privacy of
individuals as determined by the Chief Privacy Officer; and to assess whether there is a need for
additional Privacy Compliance Documentation. Components may appeal to the Deputy Secretary for
Homeland Security if there is disagreement over the DHS Privacy Office determination of privacy
compliance for the operational use of social media.
1Gathering information by the Office of Operations Coordination and Planning (OPS) to enhance situational awareness is exempt
from this requirement and is covered by the existing PIA: DHS/OPS/PIA-004(d) - Publicly Available Social Media Monitoring and
Situational Awareness Initiative Update.
040
USCBP000040

Please complete this form and send it to your Component Privacy Officer.
Upon receipt, your Component Privacy Officer and the DHS Privacy Office will review this
form and may request additional information.
SUMMARY INFORMATION
Date submitted for review: 09/18/2015

Name of Component: Customs and Border Protection
Contact Information: (b) (6), (b) (7)(C)
Counsel 2Contact Information: Marc Bennett Courey, Office of Chief Counsel, Enforcement
Section
IT System(s) where social media data is stored:

• Joint Integrity Case Management System (JICMS),
• Integrated Security Management System (ISMS).
Applicable Privacy Impact Assessment(s) (PIA):

• DHS/ALL/PIA-038(a), Integrated Security Management System Update September 16,
2014,
• JICMS PIA is currently being drafted
Applicable System of Records Notice(s) (SORN):

• DHS/ALL-020 - Department of Homeland Security Internal Affairs April 28, 2014, 79
FR 23361
2Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social
media.
041
USCBP000041
Office of Internal Affairs : Use of Social Media for Cri minal Investigations
SPECIFIC QUESTION S
1. Describe the category of use for collecting personally identifiable infonnation from social
media sources. Examples include: law enforcement intelligence, criminal investigations,
background investigations, administrative investigations, professional responsibility
investigati ons, benefit or employment determinations, or situational awareness. If use does
not fit into one of these categories, please describe in full below. If your component has
multiple categories of use, please submit separate template for each category.
The personnel anticipated to use social media under this SMOUT are Office of Internal
Affairs Investigative Operations Division and Credibili Assessment Division ersonnel.
This SMOUT encom asses usin
11 allegations against CBP employees are entered
through the Joint Intake Center (JIC) process. The CBP Office of Internal Affairs (IA) JIC and
Investigative Operations Division (10 0 ) vets those allegations to determine whether any
allegation of corruption and other misconduct rise to the level of criminal conduct. For those
alle ations determined b
some of which may be Personally Identifiable Information

(PII), per OHS Instruction 110-01-001, Section IV E), in publicly accessible/non-privacy
restricted social media forums. This publically accessib le/non-privacy restricted information
(b) (7)(E)
(b) (7)(E)
CBP IA will use social media to (b) (?)( E)
(b) (7)(E) IA will not be involved in the gratuitous gathering of
personal social media information or PII. IA does not collect or store as evidence any social
media information that is solely an exercise of political speech. IA's focus is solely on
(b) (7)(E)
(b) (7)(E)
Once an individual is the su ·ect of a criminal investi ation, IA will use social media to
The information is stored in the Joint Integrity Case Management System is the IT
system, which is covered under the D HS/ALL-20- Internal Affairs SORN.
042
USCBP000042
Office of Internal Affairs: Use of Social Media for Cri minal Investigations
(Note: While some IA investigations are clearly administrative, based on a lack of correlation
between activity and criminal statutes, some criminal investigations may become
administrative in nature. Once a competent prosecuting authority (i.e., the US Attorney's
Office) declines prosecution of an investigation, it may become an administrative matter.
This change in the character of the investigation is a function of prosecutorial discretion, and
not an arbitrary decision on the part of IA. Once prosecution of the matter is declined, IA
will conduct any further investigation of the matter pursuant to the Internal Affairs Non-
Criminal Investigation SMOUT.
2. Based on the operational use of social media listed above, please provide the
appropriate authorities.
Autho1ities to conduct (b) (7)(E) for criminal

investigations includes Title 19 of the U.S. Code, including but not limited to 19 U.S .C.
§§ 1589a and 2081, 8 U.S.C. § 1363a (c1iminal investigations for immigration violations)
and by viitue of the Commissioner's Delegation Order (Customs Order No. 09-007),
Section 287 of the Immigration and Nationality Act and its implementing regulations
regarding enforcement authorities and responsibilities. See 8 CFR 287.2 (initiating
criminal investigation for immigration violations); 8 CFR 287.4 (issue subpoenas in
criminal or civil investigations); 8 CFR 287.9 (obtaining search wanant p1ior to
conducting a search in a criminal investigation). Additionally, as of September 18, 2014,
the Secretaiy delegated auth ority to CBP IA to investigate its employees for alleged
criminal misconduct. See also CBP Directive No. 2130-016, "Roles and Responsibilities
for Internal Affairs Activities and Functions" (December 23, 2008) and CBP Delegation
Order 09-007 "Autho1ity to Designate Federal, State, Local, Tribal and Foreign Law
Enforcement Officers as "Customs Officers"; Customs Officer Authority, Immigration
Officer Authority (December 21 , 2009).
Has Counsel listed above reviewed these authorities for privacy issues and
determined that they pennit the Program to use social media for the listed operati onal use?
[8J Yes. 0 No.
3. Is this use of social media in development or operational?
D in development. [8:IOperational. Date first launched: 10/1/2004
4. Please attach a copy of the Rules of Behavior that outline the requirements below.
Attached. Also attached is the CBP Directive for Operational Use of Social Media, Section 5
5. Please describe the Rules of Behavior in effect for the lis ted operational use of social media. If
users do N OT follow a particular Rule, please detail reasoning for not following that Rule:
a) Equipment. Use only government-issued equipment when engaging in the operational

use of social media;
043
USCBP000043
~ Yes. D No. If not, please explain:

b) Email and accounts. Use online screen names or identities that indicate an official OHS
affiliation and use OHS email addresses to open accounts used when engaging in social
media in the performance of their duties;
~ Yes. ~ No. If not, please explain:
When IA investigators are conducting a criminal investigation, they may (as is common
law enforcement ractice in analo ous situations
This being
said, the viewing of publically availab le information/non-privacy restricted social media
information ma re uire no interaction with the individual under investi ation, so the
(b) (7)(E)
Y es- When CBP uses (b) (7)( E) BP personnel do not log in, so no profile is
created.
N o- When Office of Internal Affairs Investigative Operations Division and Credib ility
Assessment Division personnel conduct limited (b) (7)(E) •n social media
sites, they need to
c) Public inte:raction. Access publicly available information through social media only by
reviewing posted information w ithout interacting with any individual who posted the
information;
~Yes. D No. If not, please explain:

d) Privae1; settings. Respect individuals' privacy settings and access only information that is
publicly available;

e) PII collection: Collect the minimum PIT necessary for the proper performance of their
authorized duties except for systems subject to Final Rules for Exemption from certain
aspects of the Privacy Act;

f) PII safeguards. Protect PII as required by the Privacy Act (if applicable) and OHS privacy
policy;
044
USCBP000044
g) Documentation. Document operational use of social media, including date, site(s)

accessed, information collected and how it was used.
Yes. No. If not, please explain:
h) Training. Users complete annual privacy training which has been approved by
Component Privacy Officer (or Privacy Point of Contact) based upon training materials
provided by the DHS Privacy Office. Training must include, at minimum: legal
authorities, acceptable operational uses of social media, access requirements, and
requirements for documenting operational uses of social media.
Mechanisms are (or will be) in place to verify that users have completed training.
Yes, employees self-certify that they have read and understood their Component
Rules of Behavior.
Yes, Component Privacy Officers or PPOCs maintain a record of employee

attendance at privacy training that includes training on the Rules of Behavior.
No. If not, please explain:
045
USCBP000045
DHS SOCIAL MEDIA DOCUMENTATION

(To be C ompl eted b y the DHS Privacy Office)
DATE revi ewed by the DHS Priv a cy Office: January 28, 2016
N AME of the DHS Privacy Office Reviewer (b) (6), (b) (7)(C)
DESIGN ATION
DHS Pri vacy Office D e termination
□Program has met requirements to use social media for the stated authorized
operational purposes, and must continue compliance with the requirements above.
~ P rogram has not yet met requirements to utilize social media for operational
purposes.
D Program authorities do not authorize operational use of social media.

0 Rules of Behavior do not comply.<Please explain analysis.>
OTraining required.
~Incomplete privacy compliance documentation.
Additional Privacy compliance documentation is required:
~A PIA is required.
~ New.
D Updated. <Please include the name and number of PIA to be updated
here.>
~A SORN is required:
D New.
~ Updated. DH S/ALL-020 - Department of H omeland Security Internal

Affairs April 28, 2014, 79 FR 23361
DHS PRIVACY OFFICE COMMENTS

The OHS Privacy Office finds that CBP' s operational use of social media for internal affairs
criminal investigations purposes is consistent with their internal affairs investigatory authorities. CBP
Internal Affairs has authority to conduct investigations using open source, publicly available
information from social media as they would any other type of publicly available information
: : (b) (7)(E)
(b) (7)(E)
(b) (7)( E)
rules of behavior.
046
USCBP000046
However, the DHS Privacy Office also finds that the compliance documentation for this
program is incomplete and requires an immediate update. CBP must complete the (b) (5)
. In addition, DHS will update the DHS/ALL-020
Internal Affairs SORN to more clearly represent open source social media as a category of records
and record source.
These outstanding compliance requirements must be completed within six months (July 28,
2016).
PCTS # 1112054.
047
USCBP000047
U S Department of Homeland Security
Security Washington, DC 20528

202-343-1717, pia@dhs gov
www dhs gov/privacy
Privacy Threshold Analysis

Version number: 01-2014
Page 1 of 10
This form is used to determine whether

a Privacy Impact Assessment is required.
Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is required under
the E-Government Act of 2002 and the Homeland Security Act of 2002.
Please complete this form and send it to your component Privacy Office. If you do not have a component
Privacy Office, please send the PTA to the DHS Privacy Office:

The Privacy Office
Tel: 202-343-1717
PIA@hq.dhs.gov
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this form. If a
PIA is required, the DHS Privacy Office will send you a copy of the Official Privacy Impact Assessment
Guide and accompanying Template to complete and return.
A copy of the Guide and Template is available on the DHS Privacy Office website,
www.dhs.gov/privacy, on DHSConnect and directly from the DHS Privacy Office via email:
pia@hq.dhs.gov, phone: 202-343-1717.
048
USCBP000048
US Department of Homeland Security

202-343-1717, pia@dhs gov
www dhs gov/privacy

Pagel o/10
SUMMARY INFORMATION
Pro_ject or (b) (7)(E) Pilot Evaluation
Program Name:
Customs and Border Protection Office or
Component: (CBP) OFO ll;JIQI(IJ
Program:
Xacta FISMA Xacta FISMA
Name (if Click here to enter text. Number (if Click here to enter text.
applicable): applicable):
Pro_ject or
Type of Pro_ject or
Pilot program Pilot
Program:
status:
Date first November 5, 2016 Pilot launch March 13, 2017
develo ed: date:
Date of last PTA NIA December 31, 2017
Pilot end date:
u date
ATO
ATO Status (if Choose an item. Click here to enter a date.
expiration date
applicable)
if a licable :

Name:
Office: Title: Di.rector
Phone: Email: cbp.dhs.gov
INFORMATION SYSTEM SECURITY OFFICER (ISSO) (IF APPLICABLE)

Name: (b) (7)(E), (b) (6
Phone: (b) (6), (b) (7)(C) Email: associates.dhs. gov
049
USCBP000049

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page3 o/10
SPECIFIC PTA QUESTIONS
1. Reason for submitting the PTA: New PTA

U.S. Customs and Border Protection (CBP) is responsible for seeming the borders of the United States
while facilitating legitimate travel and trade to and from the same. CBP is entering into a testing and
evaluation pilot with MITRE to test and evaluate their (b) (7)( E) This
pilot will assess the b 5,b 7 E
(b) (7)( E ) , y
in use by CBP (and across DHS).
CBP cun ently uses publicly available social media information - consistent with previously approved
Social Media Operational Use Templates (SMOUTs) - to conduct social media analysis in support of its
d · · · n. In part icular, one of CBP's approved SMOUTs permits CBP to use •
to conduct thorough social media resear·ch in accordance with the terms of use of
varfous social media platforms and providers. In all cases involved in this pilot, CBP will only access
-publicly available information in accordance with the privacy policies of the underl in social media or
o en source latforms anal zed. This means that all searches will be conducted
Analysis dming this testing and evaluation pilot will be focused rimar·illin1Q>JQI191 However,
1
research using publicly available information may be conducted jDJU]JJursuant to CBP's law
enforcement authorities as deemed necessary to support CBP operations. As a pilot, this study will be
fluid and allow for a range of information to be resear·ched related to CBP 's mission.
(b) (7)(E)
2. Does this system employ any of the
following technologies:
D Closed Circuit Television (CCTV)
IZI Social Media
(b) (7)( E) is also used by S&T for its various social media pilots, including the ESTA Social Media
.
V tt' Pil t
(b) (7)(E)
050
USCBP000050

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 4 of10
Ifyou are using any of these technologies and IZJ Web port al3 (e.g., SharePoint)
want coverage under the respective PIA/or that
technology p lease stop here and contact the DHS D Contact Lists
Privacy Office for f urther guidance.
D None of these
D This program does not collect any personally

identifiable information4
IZI Members of the public
3. From whom does the Project or
Program collect, maintain, use, or IZI DHS employees/contractors (list components):
disseminate information? IZJ Contractors working on behalf of DHS
Please check all that apply.
D Employees of other federal agencies
4. What specific information about individuals is collected, generated or retained?
Information collected from DHS employees/contractors (CBP only) and contractors working on behalf of
DHS will consist of email addresses their work email address and/or a Gmail address) and log-in
information to the
Publicly available information regarding subjects of interest to this pilot study may include tt:)IUita■
Such information may be collected during the course of the pilot in support of the CBP border security
mission. Any derogatory information collected from social media and deemed operationally necessary
will be stored in the ATS Tar·geting Framework (ATS-TF) pursuant to existing data retention policy and
the approved SMOUT.
Fmt her examples of elements of publicly available PIT that may be collected dming this pilot, if available,
include:
1 Infomiational and collaboration-based po,tals in operation at DHS and its components that collect, use, niaintain, and share
limited personally identifiable infomiation (PII) about individuals who are "members" of the portal or "potential members" who
seek to gain access to the po,tal.
2 DHS defines personal infomiation as ''Personally Identifiable Infomiation" or PII, which is any infomiation that pe,mits the
identity of an individual to be directly or indirectly infeffed, including any infomiation that is linked or linkable to that individual,
regardless of whether the individual is a U.S. citizen, lawful pe,manent resident, visitor to the U.S., or employee or contra ctor to
the Depa,tment. "Sensitive PII" is PII, which if lost, compromised, or disclosed without authorization, could result in substantial
ham i, emba!1'assment, inconvenience, or unfaimess to an individual. For the pmposes of this PTA, SPII and PII are treated the
same.
051
USCBP000051

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page5 o/10
Data collected from publicly available social media is covered under ATS:
1. DHS/CBP/PIA-006(b) Automated Targeting System (ATS) Update, June 1, 2012. Per the ATS
PIA, ATS maintains the official record "for ce1tain law enforcement and/or intelligence data,
rep01ts, and projects developed by CBP analysts that may include public source info1mation;"
2. DHS/CBP-006 - Automated Targeting System May 22, 2012, 77 FR 30297. Categories of

records includes "Operational and analytical repo1ts and/or projects developed that may include
public source information and/or classified info1mation obtained by users/analysts for reference
or incorporation into the repo1t or project."
4(a) Does the project, program, or system

IZI No. Please continue to next question.
retrieve information by personal identifier?
D Yes. If yes, please list all personal identifiers
used:
4(b) Does the project, program, or system IZI No.
use Social Security Numbers (SSN)? D Yes.
4(c) If yes, please provide the specific legal
basis and purpose for the collection of Click here to enter text.
SSNs:
4(d) If yes, please describe the uses of the
SSNs ,vithin the project, program, or Click here to enter text.
system:
4(e) If this project, program, or system is
an information technology/system, does it
IZI No. Please continue to next question.
relate solely to infrastructure? D Yes. If a log kept of communication traffic,
please answer the following question.
For examp le, is the system a Local Area Network
(LAN) or Wide Area Network {WAN)?
052
USCBP000052

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page6of 10
4(1) If header or payload data 5 is stored in the communication traffic log, please detail the data
elements stored.
□ No.
5. Does this project, program, or system
connect, receive, or share PII with any [:gl Yes. If yes, please list
other DHS programs or systems4?
Any identified PIT or potentially derogato1y
information will be stored within ATS-TF.
6. Does this project, program, or system
[:gl No.
connect, receive, or share PII with any
external (non-DHS) partners or D Yes. If yes, please list
systems?
6(a) Is this external sharing pursuant to

new or existing information sharing
access agreement (MOU, MOA, LOI, NIA
etc.)?
□ No.
7. Does the project, program, or system
provide role-based training for [:gl Yes. If yes, please list MITRE has available
personnel who have access in addition documentation on the use of the (b) (7)(E)
to annual privacy training required of
all DHS personnel?
8. Per NIST SP 800-53 Rev. 4, Appendix

□
J, does the project, program, or system
[:gl Yes. In what fo1mat is the accounting
maintain an accounting of disclosures
of PII to individuals/agencies who have maintained: DHS 191 Fo1m which will be provided
requested access to their PII? to the CBP Privacy and Diversity Office should any
information from ATS-TF be disclosed.
3
When data is sent over the Internet, each unit transmitted includes both header infomiation and the actual data being sent. TI1e
header identifies the source and destination of the packet, while the actual data is referred to as the payload. Because header
infomiation, or overhead data, is only used in the transmission process, it is stripped from the packet when it reaches its destination.
TI1erefore, the payload is the only data received by the destination system
4
PII niay be shared, received, or connected to other DHS systems dit·ectly, autoniatically, or by nianual processes. Oft.en, these
systems are listed as "interconnected systems" in Xacta.
053
USCBP000053

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 7of 10
9. Is there a FIPS 199 determination?6

0 Unlmown.
□ No.
IZI Yes. Please indicate the detenninations for each
of the following:
Confidentiality:
D Low 1Z1 Moderate D High D Undefined
Integrity:
1Z1 Low D Moderate D High D Undefined
Availability:
1Z1 Low D Moderate D High D Undefined
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:

Date submitted to Component Privacy
March 13, 2017
Office:
Date submitted to DHS Privacy Office: March 14, 2017
Please include recommendation below, includin what new riva com liance documentation is needed.
(b) (7)(E), (b) (5)
6 FIPS 199 is the Federal Infonnation Processino Standard Publication 199, Standards for Security Categorization of Federal
Info1mation and Info1mation Systems and is used to establish sectu-ity catego1-ies of info1mation systems.
054
USCBP000054

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page8of10
055
USCBP000055

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page9of10
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:

Date approved by DHS Privacy Office: March 16, 2017
PTA Expiration Date March 16, 2020
DESIGNATION
Privacy Sensitive System: Yes If "no" PTA adjudication is complete.

IT System
Category of System:
If "other" is selected, please describe: Click here to enter text.

D P1ivacy compliance documentation detennination in progress.
D New info1mation sharing anangement is required.
D DHS Policy for Computer-Readable Extracts Containing Sensitive PIT
applies.
D P1ivacy Act Statement required.
IZJ P1ivacy Impact Assessment (PIA) required.
1ZJ System of Records Notice (SORN) required.
D Pape1work Reduction Act (PRA) Clearance may be required. Contact
your component PRA Officer.
D A Records Schedule may be required. Contact your component Records
Officer.
System covered by existing PIA
If covered by existing PIA, please list: DHS/CBP/PIA-006 Automated Targeting System
PIA: (ATS)
SORN:
056
USCBP000056

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 10 of10
If covered by existing SORN, please list: DHS/ALL-004 General Info1mation Technology

Access Account Records System (GITAARS), November 27, 2012, 77 FR 70792
DHS/CBP-006 Automated Targeting System, May 22, 2012, 77 FR 30297
Please describe rationale or riva com liance detennination above.
CBP is submitting this PTA to discuss its use of the (b) (7)(E)
t t' • d 1 t' I ·1 t •
(b) (7)(E)
The pilot will assess the (b) (7)( E) and the quality and effectiveness of it when used to sf io1t CBP
operations. Analysis dming this testing and evaluation pilot will be focusedmima1iilonll;>I UJ
However, research using publicly available information may be conducted ~ u rsuant to CBP's
law enforcement authorities as deemed necessa1y to suppo1t CBP operations. As a pilot, this study will
be fluid and allow for a range of info1mation to be researched related to CBP's mission.
CBP cun ently uses publicly available social media info1mation to conduct analysis in suppo1t of its
border secmity mission. In pa1t icular, one of CBP's approved SMOUTs pe1mits CBP to use{mmD]
(b) (7)( E) to conduct thorough social media research in accordance with the te1ms of use of
various social media platfo1ms and providers. In all cases involved in this pilot, CBP will only access
publicly available info1mation in accordance with the privacy policies of the underlying social media or
open source platfo1ms analyzed.
CBP may collect PIT from publicly available info1mation regarding su~jects of interest to this pilot in
suppo1t of the CBP border secmity mission. Any derogato1y info1mation collected from social media and
deemed operationally necessary will be stored in the ATS Tai·geting Framework (ATS-TF) pursuant to
existing data retention policy and the approved SMOUT. The collection of this info1mation is covered by
the DHS/CBP/PIA-006 Automated Tai·geting System and the DHS/CBP-006 Automated Tai·geting
System SORN.
Additionally, in order to access the (b) (7)(E) DHS collects email addresses and log-in
information from DHS employees/contractors. This collection of info1mation is covered by the
DHS/ALL-004 GITAARS SORN.
[t:>IIDOJID
057
USCBP000057
U.S. CUSTOMS AND BORDER PROTECTION DIRECTIVE
CBP DIRECTIVE NO. 5410-003 DATE: January 2, 2015

ORIGINATING OFFICE: OC-PDO
REVIEW DATE: January 2018
SUBJECT: OPERATIONAL USE OF SOCIAL ~DIA

•
1 PURPOSE
To assign responsibilities and establish general rules of behavior for the operational uses
of social media for U.S. Customs and Border Protection (CBP), in compliance with all
applicable statutes, regulations, and Department of Homeland Security (OHS) or
government-wide policies.
2 SCOPE
This Directive applies to all CBP employees, contractors, and to persons using CBP
systems in furtherance of the CBP mission. However, this Directive does not apply to the
operational use of social media for communications and outreach with the public
authorized by the DHS Office of Public Affairs. Moreover, this Directive does not apply
to the operational use of social media to the extent that CBP is utilizing social media for
situational awareness purposes on behalf of the OHS National Operations Center.
3 POLICY
It is the policy of CBP to collect, maintain, use, and disseminate PII through the
operational use of social media only when there is an authorized need to know the
information. CBP will protect PU collected during the authorized operational use of
social media, and comply with OHS privacy policy, applicable privacy laws, federal
government-wide policies, and other statutory authorities. The procedures set forth in
this directive must be followed before PII may be collected by CBP through the use of
social media, stored in a CBP system of records, or shared with another party.
4 AUTHORITIES/REFERENCES
4.1 Public Law 107-347, "E-Govemment Act of2002," as amended, Section 208 [44
U.S.C. § 3501 note];
4.2 Title 5, U.S. Code, Section 552a, "Records maintained on individuals" [The
Privacy Act of 1974, as amended];
4.3 Title 6, U.S. Code, Section 142, "Privacy Officer;"
4.4 Title 8, U.S. Code, Section 1363a;

FOUO
1
058
USCBP000125
4.5 Title 19, U.S. Code, Section 2081;
4.6 Title 44, U.S. Code, Chapter 35, Subchapter 111, "lnfonnation Security" [The
Federal Information Security Management Act of 2002, as amended (FISMA)];
4.7 Title 6, C.F.R., Chapter 1, Part 5, "Disclosure of records and information;"
4.8 DHS Delegation 13001, "Delegation to the Chief Privacy Officer;"
4.9 OHS Sensitive Systems Policy Directive 4300A;
4.10 DHS Directive 047-01 "Privacy Policy and Compliance" (July 7, 2011) and
Instruction 047-01-001 "Privacy Policy and Compliance" (July 25, 2011);
4.11 OHS Directive 110-01 "Privacy Policy for Operational Use of Social Media" (June
8, 2012) and Instruction 110-01-001 "Privacy Policy for Operational Use of Social
Media" (June 8, 2012);
4.12 CBP Memorandwn "Privacy Compliance and U.S. Customs and Border
Protection" (February 10, 2012);
4.13 CBP Memorandwn "Executive Agent Appointment for a CBP Integrated

Intelligence, Surveillance, and Reco1U1aissance (ISR) Capability" {July 20, 2011);
4.14 CBP Information Systems Security Policies and Procedures Handbook 1400-05D;
and
4.15 CBP Delegation Order 11-001 "Delegation of Authority for Discipline and Adverse
Actions" (April 6, 2011).
S DEFINITIONS
5.1 Business Owner means the CBP employee responsible for the planning and
operation of a CBP project, operation, or program that collects PII.
5.1 Fair Information Practice Principia means the policy framework adopted by
DHS in Directive 047-01, "Privacy Policy and Compliance," regarding the
collection, use, maintenance, disclosure, deletion, or destruction of PII.
5.3 Individual means a natural person, including United States citizens and aliens (e.g.,
lawful permanent residents and nonimmigrants).
5.4 Masked Monitoring means using identities or credentials on social media that do
not identify a DHS/CBP affiliation, or otherwise concealing a government
affiliation, to conduct research or general, operational awareness. Masked
FOUO
2
059
USCBP000126
monitoring includes logging in to social media, but does not include engaging or
interacting with individuals on or through social media (which is defined as
Undercover Engagement, below).
5.5 Operational Awareness means information gathered from a variety of sources

that, when communicated to emergency managers and decision makers, can form
the basis for incident management or readiness state decision making.
5.6 Overt Research means collecting information from social media without logging in
or otherwise interacting with individuals through social media. Overt research does
not include creating identities or credentials on social media, nor does it include
concealing a government affiliation to conduct research or general, operational
awareness (e.g., non-OHS affiliated IP address).
5.1 Overt Engagement means logging in to social media using DHS/CBP-branded

credentials or otherwise indicating an official agency presence and engaging or
interacting with individuals on or through social media.
5.8 Overt Monitoring means logging in to social media using DHS/CBP-branded

credentials or otherwise indicating an official agency presence, but does not include
engaging or interacting with individuals on or through social media (which is
defined as Overt Engagement, above).
5.9 Operational Use means use of social media to collect PII for the purpose of
enhancing general operational awareness, investigating an individual in a criminal,
civil, or administrative context, assist in making a benefit determination about a
person, assist in making a personnel determination about a CBP employee or
contractor, assist in making a suitability detennination about a prospective CBP
employee or contractor, or for any other official CBP purpose that has the potential
to affect the rights, privileges, or benefits of an individual or CBP employee or
contractor. Operational use does not include the use of search engines for general
Internet research, the use of social media for professional development (e.g.,
training and continuing education), or the use of social media for facilitating
internal meetings, assigning or trading work shifts, or other internal ru:lmini!;trative
efficiencies.
5.10 Personally Identifiable Information (Pll) means any information that pennits the
identity of an individual to be directly or indirectly inferred, including other
information that is linked or linkable to an individual.
5.11 Privacy Compliance Documentation means any document required by statute or by

the ChiefPrivacy Officer that supports compliance with OHS privacy policy,
procedures, or requirements, including but not limited to the Social Media
Operational Use Template (SMOUT), Privacy Impact Assessments (PIAs), System
of Records Notices (SORNs), Notices of Proposed Rulemaking for Exemption from
FOUO
3
060
USCBP000127
certain aspects of the Privacy Act (NPRM), and Final Rules for Exemption from
certain aspects of the Privacy Act.
5.12 Privacy Liaison means the CBP employee responsible for serving as a point of
contact and initial identifier of privacy issues in a CBP office.
5.13 Project Manager means the CBP employee or contractor in the Office of
Infonnation and Technology or other Office responsible for building and
technically maintaining an authorized system with privacy implications.
5.14 Social Media means the sphere of websites, applications, and web-based tools that
connect users to engage in dialogue, share infonnation and media, collaborate, and
interact. Social media take many different forms, including but not limited to web-
based communities and hosted services, social networking sites, video and photo
sharing sites, biogs, virtual worlds, social bookmarking, and other emerging
technologies. This definition does not apply to internal Department intranets or
applications.
5.15 Social Media Operational Use Template (SMOUT) means the document that each
office must submit to the CBP Privacy and Diversity Office for approval by the
OHS Privacy Office that describes the current or proposed category of operational
uses(s) of social media, identifies the appropriate authorities for the current or
proposed category ofuse(s), describes what Pil, if any, is or would be collected
(and from whom or by what method), how that information is used, where the
information would be stored, and if that collection, storage, and usage is consistent
with the current SORN, and any appropriate training. The Template is used to
identify information technology systems, technologies, rulemakings, programs, or
pilot projects that involve collecting PII from social media for the current or
proposed category of use(s) and to assess whether there is a need for additional
Privacy Compliance Documentation. Through submission to the CBP Privacy and
Diversity Office, templates will be reviewed and adjudicated by the OHS Chief
Privacy Officer, and every three years thereafter for accuracy.
5.16 System ofRecords Notice (SORN) means the official public notice of a OHS or
CBP system of records as required by the Privacy Act of 1974 (as amended). The
SORN identifies (1) the purpose for the system of records, (2) the individuals
covered by information in the system of records, (3) the categories of records
maintained about individuals, (4) the sow-ce of the records and (5) the ways in
which the information is generally shared by OHS and CBP. The SORN also
provides notice of the mechanisms available for individuals to exercise their
Privacy Act rights to access and correct the PII that OHS and CBP maintains about
them.
5.17 Undercover Engagement means using identities or credentials on social media that
do not identify a DHS/CBP affiliation, or otherwise concealing a government
affiliation, to engage or interact with individuals on or through social media.
FOUO
4
061
USCBP000128
6 RESPONSmILIT.IES
6.1 AD CDP employees, contractors, and persons using CDP systems in

furtherance of the CDP mission are responsible for:
6.1.1 Using social media for operational purposes only when activities are authorized
by statute, executive order, regulation, or policy and approved through the
procedures in this Directive; ·
6.1.2 Using only government-issued equipment, internet connections authorized to

access social media through the DHS/CBP network (i.e., no "stand-alone"
connections), and government-approved accounts when engaging in the
operational use of social media, unless otherwise specifically authorized and
approved;
6,1.3 Use screen names or identities that indicate an official DHS/CBP affiliation and
use DHS/CBP email addresses to open accounts used when engaging in the
operational use of social media, unless otherwise specifically authorized and
approved;
6.1.4 Accessing publicly available infonnation through social media only by reviewing
posted infonnation without interacting with any individual who posted the
infonnation, unless otherwise specifically authorized and approved;
6.1.5 Respecting individuals' privacy settings and access only information that is
publicly available unless the individual whose information the employee seeks to
access has given consent to access it, or as otherwise authom.ed and approved;
6.1.6 Collecting only the minimwn PII necessary for the proper performance of their
authorized duties;
6.1.7 Protecting PII as required by the Privacy Act and OHS privacy policy;
6.1.8 Documenting operational use of social media, including date, site(s) accessed,
information collected, and how it was used in the same manner that CBP would
document information collected from any source in the nonnal course of business;
6.1.9 Complying with OHS Directive 110-01 and Instructions 110-01..001, with privacy
policies and procedures issued by the OHS Chief Privacy Officer, and with
applicable CBP policies on operational use of social media; and
6.1.10 Completing training on the operational use of social media and signing the CBP
Operational Use of Social Media Rules of Behavior before any social media use
and annually thereafter, if operational use of social media is a continuing
requirement in the perfonnance of their responsibilities.
FOUO
5
062
USCBP000129
6.2 ne Assistant Commissioner for the Office of Information and Technology is
responsible for:
6.2.l Providing web technology services, security, and technical assistance for the
operational use of social media within CBP; and
6.2.2 Ensuring that any technical system providing Masked Monitoring and/or
Undercover Engagement accurately documents user login credentials and profiles
and maintains sufficient audit logs for each user.
6.3 The Assistant Commissioner for the Office of Intelligence and Investigative
Liaison is responsible for serving as the Business Owner governing the provision
of intelligence, surveillance, and reconnaissance (]SR) capabilities, including
Masked Monitoring and Undercover Engagement of Social Media. This includes
ensuring Masked Monitoring and Undercover Engagement of Social Media meet
operational and intelligence needs and providing direction to Office of Information
and Technology (01'1) regarding intelligence related technologies available to be
leveraged for all aspects of ISR to be used within CBP.
6.4 The CDP Privacy Officer is responsible for:
6.4.l Maintaining an accurate accounting of all CBP categories of operational use of

social media using the SMOUT to identify collection and use of PII, the authority
for such collection and use, and any other attendant privacy impacts, and ensuring
CBP implements DHS privacy policy with respect to the operational use of social
media;
6.4.2 Coordinating with CBP Business Owners and Project Manage~ as appropriate,
together with the DHS Chief Privacy Officer and the Office of Chief Counsel to
complete a SMOUT and any other required Privacy Compliance Documentation
for (1) for all proposed categories of operational use of social media, and {2) for
any changes to the categories of operational use of social media ;
6.4.3 Developing and reviewing CBP policies and directives related to Operational Use
of social media, and CBP Rules. of Behavior consistent with the adjudicated
Template, to ensure compliance with DHS privacy policy, privacy Jaws applicable
to DHS, and federal government-wide privacy policies;
6.4.4 Overseeing CBP privacy training for operational use of social media and
providing educational materials, consistent with privacy training for operational
use of social media developed by the OHS Chief Privacy Officer;
6.4.S Reviewing documentation required in 6.1.8 to ascertain compliance with this

Directive as needed; and
FOUO
6
063
USCBP000130
6.4.6 Collaborating with the OHS Chief Privacy Officer in conducting Privacy
Compliance Reviews.
6.5 CDP Office of Chief Counsel is responsible for:
6.5.1 Providing advice to Business Owners or Project Managers, as appropriate, to

ensure that appropriate authority exists to engage in categories of operational use
of social media before CBP employees engage in those uses, and to ensure that
the Template generally documents that authority;
6.5.2 Providing legal guidance to the CBP Privacy Officer, Business Owners, or Project
Managers, as appropriate, in the drafting ofCBP Operational Use of Social Media
Rules ofBehavior Rules of Behavior for operational use of social media.
6.6 CDP Business Owners and Project Managers, as appropriate, are responsible
for:
6.6.1 Coordinating with the CBP Privacy Officer to ensure that privacy is appropriately
addressed when proposing, developing, implementing, or changing any ·
operational use of social media;
6.6.2 Coordinating with the CBP Privacy Officer and the Office of Chief Counsel to
prepare draft Templates and CBP Operational Use of Social Media Rules of •
Behavior, and, as appropriate, all Privacy Compliance Documentation required
when proposing, developing, or implementing or changing any category of
6.6.3 Monitoring the design, deployment, operation, and retirement of programs

involving the operational use of social media to ensure that the use of PII, if any,
is limited to those uses described in the Privacy Compliance Documentation;
6.6.4 Ensuring oversight mechanisms, including, for example, audit trails and/or
privacy compliance reviews, as appropriate, are built into the design of programs
and systems involving·the operational use of social media;
6.6.S Coordinating with the CBP Privacy Officer to establish adminhrtrative, technical,
and physical controls for storing and safeguarding PII consistent with DHS
privacy, security, and records management requirements to ensure the protection
of PII from unauthorized access, disclosure, or destruction in the course of
operational use of social media; and
6.6.6 Supporting the CBP Privacy Officer in developing and implementing privacy
procedures and job-related privacy training to safeguard PII in operational uses of
social media.
FOUO
7
064
USCBP000131
6.7 Supervisors are responsible for:
6.7.1 Reviewing request(s) for Overt Research of social media, considering the purpose
of the request, and determining whether granting approval would serve an
appropriate authorized purpose for an operational need that has been approved by
the Chief Privacy Officer through a SMOUT; and
6.7:J,, Approving or denying such requests.
6.8 Second Level Supervisors, or higher, are responsible for:
6.8.1 Reviewing request(s) for Overt Monitoring, Overt Engagement, and Masked
Monitoring of social media, considering the purpose of the request, and
determining whether granting approval would serve an appropriate authorized
purpose for an operational need that has been approved by the Chief Privacy
Officer through a SMOUT; and
6.9 Supervisors in the Senior Executive Service, and Second Level Supervisors at
the GS-15 Level, or higher, delegated by the Office oflntemal Affairs Director
of Investigative Operations Division are responsible for:
6.9.1 Reviewing request(s) for Undercover Engagement of social media, considering

the purpose ofthe request, and determining whether granting approval would
serve an appropriate authorized purpose for an operational need that has been
approved by the Chief Privacy Officer through a Template; and
7 PROCEDURES
7.1 GeneralProcedures
7.1.1 Each CBP Office must complete a Template. That Template must identify which
parts of the Office engages in operational use of social media, the type of
operational use and the purposes achieved through the program(s). This must be
completed before engaging in any operational uses of social media, including
Overt Research, Overt Monitoring, Overt Engagement, Masked Monitoring, or
Undercover Engagement.
7.1:J,, The Office must provide the completed Template to the CBP Privacy and
Diversity Office via its Privacy Liaison (if the office has a designated Privacy
Liaison) or directly to the CBP Privacy Officer.
FOUO
8
065
USCBP000132
7.1.3 The CBP Privacy and Diversity Office, with appropriate coordination with the
Office of Chief CoW1Sel, must review and approve the Template before
submitting it to the DHS Chief Privacy Officer for review and approval.
7.1.4 If directed by the OHS Chief Privacy Officer, the CBP Privacy Officer and the
Office must complete any Privacy Compliance Documentation to address the
particular operational use of social media stated in the completed Template.
7.1.5 The Office must complete any other additional steps outlined in Sections 7.2, 7.3,
7.4, 7.5, or 7.6 of this Directive, as appropriate.
7.1.6 Authorized CBP employees, contractors, and persons using CBP systems in
:furtherance of the CBP mission who plan to use social media under this directive,
after a Template is approved, must complete training regarding the Operational
Use of social media. These persons must also sign and comply with the CBP
Operational Use of Social Media Rules of Behavior before engaging in any of the
activities listed in Sections 7.2, 7.3, 7.4, 7.5, or 7.6 of this Directive, and annually
thereafter.
7.1.7 All CBP employees, contractors, and persons using CBP systems in furtherance
of the CBP mission who have created and used social media log-in credentials or
profiles for operational use prior to the promulgation of this Directive must
submit a request as specified in Sections 7.2, 7.3, 7.4, 7.5, or 7.6 of this Directive
and must also complete training and sign the CBP Operational Use of Social
Media Rules of Behavior within 90 days ofthe implementation date of this
Directive to continue utilizing the credential or profile.
7.1.8 All infonnation collected through social media must be recorded in the
appropriate system of records, including date, site(s) accessed, infonnation
collected, and how the information was used, in the same manner that CBP would
document information collected from any source in the normal course of business.
All information collected through social media must be protected in the
appropriate system of records to the same extent as other PII in that system and
follow any chain of custody requirements for that system, as appropriate.
7:J. Overt Research
7.2.1 CBP employees, contractors, and persons using CBP systems in :furtherance of the
CBP mission must obtain approval from a CBP supervisor before conducting
Overt Research of social media.
7.2:J. CBP employees, contractors, and persons using CBP systems in furtherance of the
CBP mission may conduct Overt Research of social media, after obtaining
approval, if the research is necessary for an authorized purpose with a clear nexus
to their assigned duties after a properly approved Template is in place.
FOUO
9
066
USCBP000133
7.3 Overt Monitoring of Social Media
7.3.1 CBP employees, contractors, and persons using CBP systems in furtherance of1he
CBP mission must obtain approval from a second level CBP supervisor, or higher,
before Overt Monitoring of social media.
7,3.2 Requests for approval for Overt Monitoring of social media must describe the
authorized mission, the CBP employees, contractors, and persons using CBP
systems in furtherance of the CBP mission authorized to use social media, the
nexus to their assigned duties, the social media and any log-in credentials and
profile information (including names, email addresses, photographs, etc.) used,
and the authority to conduct the program.
7.3.3 Approved employees, contractors, and persons using CBP systems in furtherance
of the CBP mission must identify themselves as associated with CBP by applying
appropriate branding and disclaimers to distinguish the agency's activities from
those ofnongovemment actors. For example, Business Owners or Project
9
Managers should add the CBP seal or emblem to the program. s profile page on a
social media website to indicate that it is an official agency presence.
7.4 Overt Engagement of Social Media

7.4.1 CBP employees, contractors, and persons using CBP systems in furtherance of the
CDP mission must obtain approval from a second level CBP supervisor. or higher,
before Overt Engagement of social media.
7.4.2 Requests for approval for Overt Engagement of social media must describe the
authorized mission, the CBP employees contractors, and persons using CBP
systems in furtherance of the CBP mission authorized to use social media, the
nexus to their assigned duties, the social media and any log-in credentials and
profile information (including names, email addresses, photographs, etc.) used,
and the authority to conduct the program.
7.4.3 Approved employees, contractors, and persons using CBP systems in furtherance
of the CBP mission must identify themselves as associated with CBP by applying
appropriate branding and disclaimers to distinguish the agency's activities from
those of nongovemment actors. For example, Business Owners or Project
Managers should add the CBP seal or emblem to the program's profile page on a
social media website to indicate that it is an official agency presence.
7.5 Masked Monitoring
7.5.1
FOUO
10
067
USCBP000134
7.S.l liroval ofMasked Monitoring ofsocial media must be re-approved every ■
75.3
7.5.4 . Requests for Approval for Masked Monitoring of social media must describe the
authorized purpose for an operational need, the CBP employees, contractors, and
persons using CBP systems in furtherance of the CBP mission authorized to
conduct the Masked Monitoring of social media. the nexus to their assigned
duties, the social media sites to be accessed, log-in credentials ~d profile
infonnation (mcluding names, email addresses, hotographs, etc.) used, and the
authori to conduct the ro
7.S.S Approved employees, contractors, and persons using CBP systems in furtherance
ofthe CBP mission must comply with the specific tenns for "Undercover
Operational Use of Social Media and the Public Internet" as set forth in the
attached CBP Operational Use of Social Media Rules of Behavior.
7.6 Undercover Engagement of Social Media.

7.6.1 CBP employees, contractors. and peISons using CBP systems in furtherance of the
CBP mission may obtain approval to use social media for Undercover
Engagement only when necessary for authorized law enforcement purposes with a
clear nexus to their assigned duties and in conformance with existing undercover
operations policies.
7.6.2
7.6.3
■
7.6.4 ~val of Undercover Engagement of Social Media must be re-approved every
- through the procedures in 7.6.2.
7.6.S Requests for Approval for Undercover Engagement of Social Media must
describe the authorized purpose for an operational need, the CBP employees,
contractors, and to persons using CBP systems in furtherance of the CBP mission
authorized to use social media under cover, the social media sites used, log-in
credentials and profile infonnation (including names, email addresses,
photographs, etc.) used, and the authority to conduct the program.
FOUO
11
068
USCBP000135
7.6.6 Approved employees, contractors, and to persons using CBP systems in
furtherance of the CBP mission must comply with the specific terms for "Under
cover Operational Use of Social Media and the Public Internet" as set forth in the
attached CBP Operational Use of Social Media Rules of Behavior.
8 PRIVACY INCIDENT HANDLING
8.1 Unauthorized use of social media will be considered a Privacy Incident.
8.2 In accordance with the OHS Privacy Incident Handling Guidance, all Privacy
Incidents are to be immediately reported, as appropriate, to the DHS Security
Operations Center (SOC) or CBP Computer Security Incident and Response Center
(CSIRC) for review, investigation, mitigation, and remediation, as necessary.
8.3 Pursuant to CBP Delegation Order 11-001 "Delegation of Authority for Discipline and
Adverse Actions" (April 6, 2011 ), unauthorized use of social media may be grounds for
appropriate disciplinary action, as detennined by the employee's supervisor.
9 MEASUREMENT/INSPECTION
9.1 CBP's Office of Internal Affairs, Management Inspections Division, shall develop
and periodically, or at a minimwn once each calendar year, administer an
inspection mechanism to determine whether CBP Offices are in full compliance
with this Directive.
10 DISCLOSURE
10.1 This Directive is for internal use only and may not be shared with the public.
11 NO PRIVATE RIGHT CREATED
This document is for internal CBP use only. and does not create or confer any rights,
privilegc5» or benefits for any person or entity.
R. Gil Kerlikowske
Commissioner
FOUO
12
069
USCBP000136
Interim SOP for CBP Access to Social Media 20150608
FOUO
Interim Standard Operating Procedure for CBP Access to

Operational Use of Social Media
I. Purpose: This Interim Standard Operating Procedure (SOP) for CBP Access to
Operational Use of Social Media establishes the implementation process for U.S.
Customs and Border Protection (CBP) employees and contractors to access social media
for operational purposes. Implementation will occur through coordination between the
Privacy and Diversity Office and Office of Information and Technology.
II. Authorities/References:
a. DHS Directive 047-01, “Privacy Policy and Compliance” (July 7, 2011)
b. DHS Instruction 047-01-001, “Privacy Policy and Compliance” (July 25, 2011)
c. DHS Directive 110-01, “Privacy Policy for Operational Use of Social Media”
(June 8, 2012)
d. CBP Directive 2120-010, “Privacy Policy, Compliance, and Implementation”
(January 2, 2015)
e. CBP Directive 5410-003, “Operational Use of Social Media” (January 2, 2015)
f. Memorandum from the Deputy Secretary to Component Heads, “Designation of
Component Privacy Officers” (June 5, 2009
III. Definitions:
a.
(b) (7)(E)
b. Masked Monitoring means using identities or credentials on social media that do
not identify a DHS/CBP affiliation, or otherwise concealing a government
affiliation to conduct research or general, operational awareness. Masked
monitoring includes logging in to social media, but does not include engaging or
070
USCBP000137
FOUO
interacting with individuals on or through social media (which is defined as
Undercover Engagement).
c. Operational Awareness means information gathered from a variety of sources,

that when communicated to emergency managers and decision makers, can form
the basis for incident management or readiness state decision making.
d. Operational Use means use of social media to collect personally identifiable

information (PII) for the purpose of enhancing general operational awareness,
investigating an individual in a criminal, civil, or administrative context, assist in
making a benefit determination about a person, assist in making a personnel
determination about a CBP employee or contractor, assist in making a suitability
determination about a prospective CBP employee or contractor, or for any other
official CBP purpose that has the potential to affect the rights, privileges, or
benefits of an individual or CBP employee or contractor. Operational use does
not include the use of search engines for general Internet research, the use of
social media for professional development (e.g., training and continuing
education), or the use of social media for facilitating internal meetings, assigning
or trading work shifts, or other internal administrative efficiencies.
e. Overt Research means collecting information from social media without logging
in or otherwise interacting with individuals through social media. Overt research
does not include creating identities or credentials on social media, nor does it
include concealing a government affiliation to conduct research or general,
operational awareness (e.g., non-DHS affiliated IP address).
f. Overt Engagement means logging in to social media using DHS/CBP-branded

credentials or otherwise indicating an official agency presence and engaging or
interacting with individuals on or through social media.
g. Overt Monitoring means logging in to social media using DHS/CBP-branded

credentials or otherwise indicating an official agency presence, but does not
include engaging or interacting with individuals on or through social media
(which is defined as Overt Engagement).
h. Personally Identifiable Information (PII) means any information that permits the
identity of an individual to be directly or indirectly inferred, including other
information that is linked or linkable to an individual.
i. Social Media means the sphere of websites, applications, and web-based tools that
connect users to engage in dialogue, share information and media, collaborate,
and interact. Social media takes many different forms, including but not limited
to web-based communities and hosted services, social networking sites, video and
photo sharing sites, blogs, virtual worlds, social bookmarking, and other emerging
technologies. This definition does not apply to internal Department intranets or
applications.
071
USCBP000138
FOUO
J. Social Media Operational Use Template (SMOUT) means the doclllllent that each
office must submit to CBP Privacy Office for approval by the DHS Privacy
Office that describes the cmTent or proposed categ01y of operational use(s) of
social media, identifies the appropriate authorities for the cunent or proposed
catego1y of use(s), describes what PII, if any, is or would be collected (and from
whom or by what method), how that info1mation is used, where the info1mation
would be stored, and if that collection, storage, and usage is consistent with the
cunent SORN, and any appropriate training. The SMOUT is used to identify
info1mation technology systems, technologies, rnlemaking, programs, or pilot
projects that involve collecting PII from social media for the cunent or proposed
catego1y of use(s) and to assess whether there is a need for additional Privacy
Compliance Documentation. Through submission to the CBP Privacy Office,
templates will be reviewed and adjudicated by the DHS Chief Privacy Officer,
and eve1y three years thereafter for accuracy.
k. Undercover Engagement means using identities or credentials on social media

that do not identify a DHS/CBP affiliation, or othe1wise concealing a government
affiliation, to engage or interact with individuals on or through social media.
IV. Procedures:
a. A CBP em lo ee com letes an online application through the -
, requesting access to social m ~ t h e .
form. Info1mation in the online application must
me u e a eta1 e u[-itification as to why the employee needs access to
social media through • .
b. After review of theBJUIMapplication, the CBP Office of Infonnation and

Technoloo , Securi . 0 erations Center CBP SOC , fo1wards information from
th ame of employee, phone
nlllllber, email address, location, supervisor infonnation, and business
justification, to the CBP Privacy Office' s email address
(b) (7)(E) for review and CBP Privacy Officer approval.
c. The CBP Privacy Officer and/or designee verifies that the individual has
completed the mandat01y training and signed the CBP Operational Use of Social
Media Rules of Behavior, and reviews the provided business justification to
dete1mine if it is appropriate for the requested use and is authorized by an
approved Social Media Operational Use Template (SMOUT).
The dete1mination made by the CBP Privacy Office and provided to CBP SOC
will be one of the following:
(i) Approved: all required training has been completed, a copy of the signed
Rules of Behavior has been provided to CBP Privacy, and the business
072
USCBP000139
FOUO
justification is in accordance with assigned job duties and authorized by
an approved SMOUT.
(ii) Additional information required: employee has either not completed
training or signed the Rules of Behavior (or both), or additional
info1mation is needed regarding the business justification.
(iii) Disapproved: the business justification is not in accordance with
assigned job duties and/or an approved SMOUT.
d. After receipt of the CBP Privacy Office's dete1mination, the CBP SOC fo1wards
the application to CBP Office oflnfo1mation and Technology, Chieflnfo1mation
Secmity Officer (CISO), for fmther review.
The CISO verifies approval of the individual 's request with the employee's
Supervisor based on the type of use as outlined by the requirements described
below and responds to CBP SOC with either an approval or disapproval:
1. First Line Supervisors:
a. Review requests for Ove1t Research use of social media, considers
the purpose of the requests, and dete1mines whether granting
approval would serve an appropriate authorized purpose for an
operational need; and
b. Approve or deny the requests.
11. Second Level Supervisors, or higher:
a. Review requests for Ove1t Monitoring, Ove1i Engagement, and
Masked Monitoring use of social media, considers the purpose of
the request, and dete1mines whether granting approval would serve
an appropriate authorized purpose for an operational need; and
m. Supervisors in the Senior Executive Service, and Second Level
Supervisors at the GS-15 Level, or higher, delegated by the Office of
Internal Affairs Director of Investigations Division:
a. Review requests for Undercover Engagement use of social media,
considers the purpose of the request, and dete1mines whether
granting approval would se1ve an appropriate authorized purpose
for an operational need; and
e. After receipt of the CISO's review and response (approval or disapproval), CBP
SOC forwards the to the DHS SOC for final approval and
implementation of access to the •
f. After implementation by the DHS SOC, CBP SOC fo1wards the (b) (7)(E)
number and date of implementation to the CBP Privacy Office for accounting
purposes.
073
USCBP000140
Interim SOP for CBP Access to Social Mectia
FOUO
V. Questions: Questions concemin be directed to the CBP Privacy and
Diversity Office at

Office oflnfonnation and Technology
(b) (6), (b) (7)(C)
Phil Landfried, Deputy Assistant Commissioner
074
USCBP000141
Office u/Professio11al Responsibility
Department of Homeland Secu rity
1300 Pennsylvania Avenue NW
Washington, D.C. 20229
U.S. Customs and

Border Protection
FEB 15 2018
MEMORAND UM FOR: Investigative Operations Division (100)
FROM: E rick K. Funn

(b) (6), (b) (7)(C)
Executive Directo
Investigative Operations Di vision
SUBJECT: Operational Use of Social Medi a for IOD
The purpose of this memorandum is to provide guidance to the 100 SAC Offices when IOD
Special Agents use social media during the course of an investigation.
Effective February 12, 2018, OHS approved fO D's documentation which pe1mits the use of
social media in criminal and administrative investigations. Al l agents must read, acknowledge,
and comply with the requirements in this memorandum , as well as, applicable DHS and CBP
operational use of social media directives and Rules of Behavior. Al l agents must sign the
attached Operational Use of Social Media for 100 Acknowledgement of Receipt. All agents
must be mindful that pursuant to CBP Directive l 440-026A, Reporting Allegations of
Misconduct dated April 17, 20 17, or any superseding CB P Directive, any violation of a CBP
Directive or policy shall be immediately documented and repo1ted to the JIC.
Operational Use of Social Media Investigations
General
OPR IOD may use social media during the course of both criminal and administrative
investigations. It is incumbent upon each SA to understand the below governing documents and
comply when using social media for operational purposes. Direct any questions regarding the
use of social media to an OP R 100 Headquarters Director.
SAs will conduct all social media investigations in accordance with the CBP Operational Use of
Social Media Directive 54 10-003 , the CBP Operational Use of Social Media Rules of Behavior,
the OHS Directive 110-01 -00 1 " Privacy Policy for Operational Use of Social Media, the
approved lOD Crim inal Investigations Social Media Operational Use Template, and the
approved IOD Administrative Social Media Operational Use Template.
075
USCBP000142
Approval Process
Special Agents: Prior to using social media during the course of an investigation, SAs must
complete the training on the Operational Use of Social Media, located on Sharepoint. SAs must
read and understand the lOP, the CBP Operational Use of Social Media Directive 5410-003, the
CBP Operational Use of Social Media Rules of Behavior, and DHS Directive 110-01 -001
"Privacy Policy for Operational Use of Social Media. Signed acknowledgements for the training
and Operational Use of Social Media Rules of Behavior are ke t in the SA 's local personnel file,
as well as forwarded to the CBP Privacy Office at
The online
approval request shall be submitted every six months. The signed acknowledgements for the
training and Operational Use of Social Medi.a Rules of Behavior must be submitted annually
after initial approval is received.
First Level Supervisors : Review requests for - f Social Media. Consider the
purpose of the request and determine whether a~ erve an appropriate authorized
purpose for an operational need that has been approved by the OHS Privacy Office through a
Social Media Operational Use Template (SM OUT) and approve or deny such requests.
Second Level Supervisors or Higher: Review req11ests for of social media.

Consider the purpose of the request and detennine whether granting approval would serve an
appropriate authorized purpose for an operational need that has been approved by the DHS
Privacy Office through a SM OUT and approve or deny such requests.
Documentation
All info1mation collected through social med ia must be recorded in the appropriate system of
record. In the case of OPR IOD, JI CMS is the approp1iate system of record. The infonnatioo
obtained must be documented in an ROl for each operational use of social media. Each ROI
must contain the follow in infonnation:
•
•
•
•
(b) (?)(E)
All infonn ation collected through social media must be protected to the same extent as other
PU in JICMS and must follow any chain of custody requirements for that system, as
appropriate.
Types of Operational Use
roved for use in criminal and administrative investigations. SAs are

permitted to use techniques in relation to Social Media
investigations.
076
USCBP000143
CBP employees, contractors, and persons using CBP systems in furtherance of the CBP mission
may conduct f social media, after obtaining approval, if the research is
necessary for rpose with a clear nexus to their assigned duties after a properly
approved Template is in place.
PROWBITED SOCIAL MEDIA ENGAGEMENT BY SAs
and is not able to

conduct
077
USCBP000144
Approved IOD employees using the CBP systems in furtherance of the CBP mission must
co11.'i'ith the specific terms for (b) (7)(E)
M Q a s set forth in the CBP Operational Use of Social Media Rules of Behavior.
his requires approval from a second level supervisor or

higher.
Approved employees, contractors, and persons using CBP systems in furtherance of the CBP
mission must identify themselves as associated with CBP by applying appropriate branding and
disclaimers to distinguish the agency's activities from those of nongovernment actors. For
example, Business Owners or Project Managers should add the CBP seal or emblem to the
program's profile page on a social media website to indicate that it is an official agency presence.
is requires approval from a second level supervisor or higher.
Approved employees, contractors, and persons using CBP systems in furtherance of the CBP
mission must identify themselves as associated with CBP by applying appropriate branding and
disclaimers to distinguish the agency's activities from those of nongovernment actors. For
example, Business Owners or Project Managers should add the CBP seal or emblem to the
program's profile page on a social media website to indicate that it is an official agency presence.
078
USCBP000145
U.S. Customs & Border Protection
Office of Professional Responsibility
Investigative Operations Division
Operational Use of Social Media for 10D

Acknowledgement of Receipt
As a CBP Special Agent/Investigator who is authorized to carry out the

investigative function of the Office of Profe iona l Re pon ibility you are
required to comply with and be thorough ly familiar with all aspects of the attached
10D memorandum on Operational U e of Social Media for IOD.
You have been provided a complete copy of the JOD memorandum on Operational
Use of Social Media for IOD and the opportunity to di cu s the contents with your
supervisor or other management officials.
By signing this statement you acknowledge that you have read, understand, and
agree to comply with alJ parts and a pects of the JOD memorandum on Operational
U e of Social Media for 1OD.
Employee s ame (Printed) Employee 's Signature Date
Employee's Duty Location
Supen1 i ors Name (Printed) Supervi sor s Signature Date
This signed acknowledgment shall be included in the employee ' s local personnel
fi le, subject to 10D Inspection Program review. The acknowledgement form hall
also be forwarded by the supervisor to
079
USCBP000146
(b) (6) , (b) (7)(C)
From: @fb.com>
Sent: Wd d M h27201911:15AM
To: (b) (6), (b) (7)(C)
Cc:
Subject: Re: Question-DHS/CBP Privacy Assessment
Thank you-or the quick follow up.
HijPf?'li!
Our concern is we receive quite a bit of outreach from governments, advocacy groups, and our users about our
companies doing more to stop the fraudu lent account creation by scam me rs and terrorist groups ... As such, the creation
of fake profiles by any sector, includ ing law enforcement, violates our standards.
When possible, we wou ld like to speak to you and the team about our concerns and also hear your perspectives.
Best,
JCD&D
Sent from my iPhone
On Mar 27, 2019, at 10:49 Arvi,Mm•QltDIQIW&a,g,dhs.gov>wrote:
Hi(G)JOD
Thanks for reaching out. This was a privacy impact assessment of an existing policy regarding the review
of publicly available information on platforms, not new pol icy or an expansion of existing policy. PIAs are
required at regular intervals.
For furthe r context from the PIA: "If necessary, CBP may create accounts on social media sites in order
to view publicly available information. CBP employees then review the posts captured by the monitoring
tools in order to determine whether they are re levant for situational awareness and th reat mon itoring.
CBP is permitted by policy to establish user names and passwords to create profiles and follow relevant
government, media, and subject matter experts on social media sites in order to use search too ls unde r
established criteria and search terms for monitoring that supports providing situational awareness."
I'm connecting you here withtmmlQ>mKlat CBP who can answer additiona l questions.
Thanks,
11?11!
(b) (6 ), (b) (7)(C )
Director, Cybersecurity and Innovation

DHS Private Sector Office
(b) (6), (b) (7)(C)
1
080
USCBP000147
From: @fb .com >
Sent: Tuesday, March 26, 2019 6:48:16 PM
To·PWWJI
Subject: Question-DHS/CBP Privacy Assessment
H-rrrn:e
We noticed th is doc posted on a OHS website today describing how Customs and Border
Protection is now expanding its use of social med ia platforms:
"If necessary, CBP may create accounts on social media sites in order to
view publicly available information ..."
"Some CBP personnel, consistent with CBP policy and procedures, 20

may conceal their identity when viewing social media for operational
security purposes ... "
Would you provide additiona l context on this policy?
Best,
IUQ)I
2
081
USCBP000148

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 1 of 12
This form is used to determine whether

a Privacy Impact Assessment is required.
Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is
required under the E-Government Act of 2002 and the Homeland Security Act of 2002.
Please complete this form and send it to your component Privacy Office. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:

The Privacy Office
Tel: 202-343-1717
PIA@hq.dhs.gov
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form. If a PIA is required, the DHS Privacy Office will send you a copy of the Official Privacy
Impact Assessment Guide and accompanying Template to complete and return.
A copy of the Guide and Template is available on the DHS Privacy Office website,
www.dhs.gov/privacy, on DHS Connect and directly from the DHS Privacy Office via email:
pia@hq.dhs.gov, phone: 202-343-1717.
082
USCBP000149

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 2 o_f 12
SUMMARY INFORMATION
Pro_ject or
Program Name:
(b) (?)(E)
Office of Intelligence
Customs and Border Office or and The Office of
Component:
Protection (CBP) Program: Professional
Responsibility
Xacta FISMA Xacta FISMA
Name (if NIA Number (if N/A
applicable): applicable):
Project or
Type of Project
Program pro2Tam Operational
or Program:
status:
Date first Pilot launch
March 12, 2018 March 12, 2018
develo ed: date:
Date of last PTA
March 12, 2018 Pilot end date: May 31, 2018
u date
ATO
ATO Status (if Click here to enter a date.
Not started expiration date
applicable)
if a licable :

Name: (b) (6), (b) (7)(C)
Office: Office of Intelligence Title: Program Manager

Phone: Email: @cbp.dhs.gov
INFORMATION SYSTEM SECURITY OFFICER (ISSO) (IF APPLICABLE)

Name: Click here to enter text.
Phone: Click here to enter text. I Email: I Click here to enter text.
Specific PTA Questions

1. Reason for submitting the PTA: New PTA
083
USCBP000150

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 3 o_f 12
This PTA provides and overview of CBP' s sa

collaborative effmt between CBP's Office of Intelli ence O and the Office of Professional
Res onsi ·
Partners include,
but are not limited to the United States Marshal Service, other Department of Homeland Security
components, The Federal Bureau of Investigation, State and Local Law Enforcement, the
Intelligence Community and the Interagency. In order to (b) (7)(E)
require the collection of Personall Identifiable Infmmation P
limited to individuals
not limited to screennames social media handles and IP address will be retained unless it is in
suppo11 of (b) (7)(E) Under this effo11, CBP
elements s1 (b) (7)(E) will provide the infmmation
to both OPR, and O{ who will coordinate its upload into the (b) (7)(E)
BP necessarily collects info1mation on individuals who, upon further investigation, do
.o CBP employees or assets. In such c ~
fmther action, but ma continue to retain the information as necessary -
Additionally, • ill mi on First Amendment rotected s eech or activities,

however, if such activities a repoit will be
generated and sent to the All personnel suppmiing this eff011 am trained law
enforcement officers/agents intellig ecialist and are familiar with the rotections afforded
084
USCBP000151

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 4 o_f 12
(b) (5) • ill be augmented with personnel specifically trained to access,

use, and protect PIT when accessing social media llfll ersonnel will respect privacy settings on
all platfo1ms, and will only access publicly avail~o1mation.
2. Does this system employ any of the

followin~ technolo~es: □ Closed Circuit Television (CCTV)
Ifyou are using any of these technologies and [Z] Social Media
want coverage under the respective PIA for
that technology please stop here and contact □ Web pmial 1 (e.g. SharnPoint)
the DHS Privacy Office for further guidance.
□ Contact Lists
□ None of these
D This program does not collect any

personally identifiable info1mation 2
3. From whom does the Project or [Z] Members of the public
Program collect, maintain, use, or
disseminate information? [Z] DHS employees/contractors (list
Please check all that apply. components):
D Contractors working on behalf of DHS
D Employees of other federal agencies
4. What specific information about individuals is collected, generated or retained?
(b) (?)(E)
1 Infonnational and collaboration-based portals in operation at DHS and its components that collect, use, maintain, and share
linnted personally identifiable infomiation (PIT) about individuals who are "members" of the portal or "potential members" who
seek to gain access to the portal.
2 DHS defines personal information as "Personally Identifiable Infomiation" or PII, which is any infomiation that pennits the
identity of an individual to be dire.ctly or indirectly inferred, including any infonnation that is linked or linkable to that individual,
regardless of whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to
the Department. 'Sensitive PIT" is PIT, which if lost, compromised, or disclosed without authorization, could result in substantial
harm, embarrassment, inconvenience, or unfairness to an individual. For the pmposes of this PTA, SPIT and PIT are treated the
same.
085
USCBP000152

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 5 o_f 12
D No. Please continue to next question.

~ Yes. If yes, please list all personal
identifiers used: include but not limited to:
4(a) Does the project, program, or
system retrieve information by personal
identifier?
(b) (7)(E)
086
USCBP000153

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 6 o_f 12
4(b) Does the project, program, or □ No.

system use Social Security Numbers
IZJ Yes. Entered as a case file witb:r r
received as part of existing paitner agency case
(SSN)?
file
Collection will be used for identi
as part of a CBP
or received as part of a partner agency case file.
Authorities are outlined in CBP Directive No.
5410-003;CBP Directive 1440-027 Security
4(c) If yes, please provide the specific
Liaison Program; Paiticipation under CBP
legal basis and purpose for the Directive 4220-003A- Program for Fugitives
collection of SSNs: wanted by U.S Customs; Title 18, Section 111 ,
Assaulting, Resisting, or Impeding Ce1tain
Officers or Employees, and Section 1114,
Protection of Officers and Employees of the
United States; Executive Order 9397 ..
4(d) If yes, please describe the uses of
the SSNs within the project, program, Identity verification.
or system:
4(e) If this project, program, or system IZJ No. Please continue to next question.
is an information technology/system,
does it relate solely to infrastructure? D Yes. If a log kept of communication traffic,
please answer the following question.
087
USCBP000154

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 7 o_f 12
For example, is the system a Local Area

Network (LAN) or Wide Area Network
(WAN)?
4{f) If header or payload data 3 is stored in the communication traffic log, please detail
the data elements stored.
5. Does this project, program, or

system connect, receive, or share PII 0 No.
with any other DHS programs or i:gj Yes. If yes, please list: (b) (7)(E)
systems 4?
(b) (7)(E)
0 No.
6. Does this project, program, or [2'.l Yes. If yes please list: Federal State,
system connect, receive, or share PII Local Government & Law Enforcement
with any external {non-DHS) Agencies. Foreign Government Law
partners or systems? Enforcement Partners omes from
outside of the Continental United States.
Existing
Please describe applicable info1mation sharing
6{a) Is this external sharing pursuant to governance in place: For sharing inf01mation
new or existing information sharing
access agreement (MOU, MOA,
outside of DH~ IJMvill follow CBP's
process for sharing inf01mation (written request
LOI, etc.)?
for authorization submitted to the CBP Privacy
Office, followed by the submission of the DHS
F01m 191 to Privacy after the information has
been released). In exigent circumstances
3 When data is sent over the Intemet, each unit b:ansmitted includes both header information and the actual data being sent. The
header identifies the source and destination of the packet, while the actual data is refeffed to as the payload. Because header
infonnation, or overhead data, is only used in the transmission process, it is stripped from the packet when it reaches its destination.
TI1erefore the payload is the only data received by the destination system.
4 PII may be shared, received or connected to other DHS systems directly. automatically, or by manual processes. Often. these
systems are listed as "interconnected systems" in Xacta.
088
USCBP000155

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 8 o_f 12
(b) (7)(E) , ay pass the

inf01mation prior to coordinating with CBP
Privacy, but will follow up no later than the
next business day.[@Jgluay enter into
Information Sharing Agreements or
Memorandums of Understanding with Federal
Partners. These agreements will follow OI
Staffing requirements and will involve OI
Policy, CBP' s Office of Chief Counsel and
CBP Privacy.
7. Does the project, program, or □ 0.

system provide role-based training
[XI Yes. If yes, please list:W>IUBa}nay
for personnel who have access in
addition to annual privacy training assist with access to social media information
required of all DHS personnel? and provide specific training related to access,
use, and protection of PIT.
8. Per NIST SP 800-53 Rev. 4,
Appendix J, does the project, D No. What steps will be taken to develop and
program, or system maintain an maintain the accounting:
accounting of disclosures of PII to D Yes. In what f01mat is the accounting
individuals who have requested maintained:
access to their PII?
9. Is there a FIPS 199 determination? 4
[XI Unknown.
□ No.
D Yes. Please indicate the dete1minations for
each of the following:
Confidentiality:
D Low D Moderate D High D
Undefined
Integrity:
Undefined
4 FIPS 199 is the Federal hlfomIBtion Processing Standard Publication 199, Standards for Security Categorization of Federal
hlfo1mation and hlfonnation Systems and is used to establish security categories of info1mation systems.
089
USCBP000156

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 9 o_f 12
Availability:
Undefined
(IO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer: (b) (6) , (b) (7)(C)

Date submitted to Component Privacy
Office: May 29, 2018
Date submitted to DHS Privacy

Jlllle 13, 2018
Office:
Please include recommendation below, including what new privacy compliance documentation
is needed.
090
USCBP000157

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 10 of12
(IO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:

Date approved by DHS Privacy
July 2, 2018
Office:
PTA Expiration Date September 2, 2018
DESIGNATION
Privacy Sensitive System: Yes If "no" PTA adjudication is complete.

IT System
Category of System:
If "other" is selected, please describe: Click here to enter text.

D Privacy compliance documentation determination in progress.
D New infonnation sha1ing arrangement is required.
D DHS Policy for Computer-Readable Extrncts Containing Sensitive
PII applies.
D Privacy Act Statement required.
~ Privacy Impact Assessment (PIA) required.
~ System of Records Notice (SORN) required.
D Pape1work Reduction Act (PRA) Clearance may be required.
Contact your component PRA Officer.
D A Records Schedule may be required. Contact your component
Records Officer.
New PIA is required.
PIA:
If covered by existing PIA, please list:
SORN coverage To Be Determined during the development of the PIA
SORN: If covered by existing SORN, please list: DHS/CBP-024 Intelligence Records
System (CIRS) System of Records, September 21 , 2017, 82 FR 44198
091
USCBP000158

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 11 o_f12
Please describe rationale for privacy compliance detennination above.

CBP Privacy is submitting this PTA because CBP' ilflls a collaborative effort between CBP's
Office of Intelli ence O and the Office of Professional Res onsibili OPR to identi
es
ained unless it is in support of th
The DHS Privacy Office agrees that this initiative is privacy-sensitive, requiring PIA and SORN
coverage. CBP Privac is re uired to com lete a New PIA to discuss the new information
collection used to
(b) (7)(E)
The DBS Privacy Office requires that a trainin~ be created for all individuals supportin~
the search and analysis of social media for CBP employees who are trained as Law
Enforcement Officers/Agents, who access, use, and protect PII to determine what is and is
not a 1st Amendment protected activity.
092
USCBP000159

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page 12 o.fl2
CBP should understand the prohibitions sun-ounding collection of 1st Amendment-protected

speech and activities, such as protest, pursuant to 5 U.S.C. § 552a(e)(7) requiring that agencies
"maintain no record describing how any individual exercises 1ights guaranteed by the First
Amendment unless expressly authorized by stah1te or by the individual about whom the record is
maintained or unless pertinent to and within the scope of an authorized law enforcement
activity." During this use case, CBP will exercise the ·udicial "law enforcement activity"
tion due to a the limited nature in which s collectino inf01mation in order to
This PTA will expire on September 2nd , 2018 due to the reliance of a PIA and potentially a
SORN.
093
USCBP000160
Homeland The Privacy Office

202-343-1717, pia@dhs gov
www dhs gov/privacy
Version date: July 24, 2012

Page 1 of 9

This template is used to assess the Department’s Operational Use of Social
Media, consistent with Management Directive 110-01.
The DHS Privacy Office has created this template to determine privacy
compliance with Management Directive 110-01, Privacy Policy for Operational Use of
Social Media. For the purposes of the Management Directive and this template,
“Operational Use” means authorized use of social media to collect personally
identifiable information for the purpose of enhancing situational awareness,
investigating an individual in a criminal, civil, or administrative context, making a
benefit determination about a person, making a personnel determination about a
Department employee, making a suitability determination about a prospective
Department employee, or for any other official Department purpose that has the
potential to affect the rights, privileges, or benefits of an individual. Operational use
does not include the use of search engines for general Internet research, nor does it
include the use of social media for professional development such as training and
continuing education or for facilitating internal meetings. The following uses of social
media are exempt from the Management Directive and are not subject to this
requirement1:
a) Communications and outreach with the public authorized by the Office of

Public Affairs (covered by the existing PIAs: DHS/ALL/PIA-031 - Use of
Social Networking Interactions and Applications
Communications/Outreach/Public Dialogue and DHS/ALL/PIA-036 - Use
of Unidirectional Social Media Applications);
b) The conduct of authorized intelligence activities carried out by the Office

of Intelligence and Analysis, the intelligence and counterintelligence
elements of the United States Coast Guard, or any other Component
performing authorized foreign intelligence or counterintelligence
1 Gathering information by the Office of Operations Coordination and Planning (OPS) to enhance situational awareness is exempt
094
USCBP000161

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 2 of 9
functions, in accordance with the provisions of Executive Order 12333, as

amended.
This template shall be used to document the process to be followed by all

programs engaging in operational uses of social media; to identify information
technology systems, technologies, rulemakings, programs, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined
by the Chief Privacy Officer; and to assess whether there is a need for additional
Privacy Compliance Documentation. Components may appeal to the Deputy Secretary
for Homeland Security if there is disagreement over the DHS Privacy Office
determination of privacy compliance for the operational use of social media.
095
USCBP000162

202-343-1717, pia@dhs gov
www dbs gov/privacy

Page3 o/9

Upon receipt, your Component Privacy Officer and the DHS Privacy Office will
review this form and may request additional information.
SUMMARY INFORMATION
Date submitted for review:
Contact Information: - · Director,, - m J Q l l 9 - Office of

Intelligence and Investigative Liaison , faW _
Counsel2 Contact Information: Marc Bennett Courey, Office of Chief Counsel,
Enforcement Section

• Automated Targeting System - Targeting Framework.

DHS/CBP/PIA-006(b) Automated Targeting System (ATS) Update, June 1, 2012. Per the ATS
PIA, ATS maintains the official record "for ce1tain law enforcement and/or intelligence data,
reports, and projects developed by CBP analysts that may include public source infmmation;"

DHS/CBP-006 - Automated Targeting System May 22, 2012, 77 FR 30297. Categories of
records includes "Operational and analytical repmts and/or projects developed that may include
public source information and/or classified infonnation obtained by users/analysts for reference
or incmporation into the report or project."
2Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social
media.
096
USCBP000163
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy

Page4of9
SPECIFIC QUESTIONS
1. Describe the category of use for collecting personally identifiable information
from social media sources. Examples include: law enforcement intelligence,
criminal investigations, background investigations, administrative
investigations, professional responsibility investigations, benefit or
employment determinations, or situational awareness. If use does not fit into
one of these categories, please describe in full below_ If your component has
The personnel anticipated to use social media under this Border
Encounter SMOUT include CBP Officers (~ e r Patrol
Agents (BPA). This SMOUT enconlaasses IIIWIUllla only, as
defined in CBP Directive 5410-003.■jlUDJ After determining a
traveler requires additional inspection, CBP Officers and Border Patrol
Agents perform checks on biographic information provided by the
traveler at or between Ports of Entry. CBP personnel who -
- 1111 - may access and review
information, at their discretion, to perform queries on travelers'
biographic information as they are undergoing secondary examination
at a Port of Entry or between the ports of entry. Information gained
through these operations may only be used by CBP personnel
consistent with the legal authority of CBP, including admissibility
determinations and other decisions as part of the i n s ~
Information gained via social media as revealed by -
may be retained in records of examinations or case files
in the Automated Targeting System's Targeting Framework (ATS-TF),
if deemed necessary (b) (7)(E)
097
USCBP000164
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy

Page5of9
CBP personnel may use mechanisms, such as the (b) (?)(E)

QIUUJto access social media websites normally restricted from CBP
workstations.
Under section 235 of the Immigration and Nationality Act and its
implementing regulations, CBP Officers and Border Patrol Agents have several
enforcement authorities and responsibilities associated with inspections at a port
of entry. 8 U.S.C. § 1225; see also 8 CPR 287.2 (stating that a special agent in
charge, port director, or chief patrol agent shall initiate an investigation when he
has reason to believe there has been a criminal immigration violation); 8 CPR
287.4 (stating that several positions within Border Patrol may issue subpoenas to
be used in criminal or civil investigations); 8 CPR 287.9 (stating that Border Patrol
agents must obtain a search warrant prior to conducting a search in a criminal
investigation unless a specific exemption to the warrant requirement is
authorized by statute or recognized by courts). See also 19 U.S.C. §§ 482, 1467,
1496, 1582, and 1589a, and 19 CPR Part 162.

D In development. ~ Operational. Date first launched:
Unknown
4. Please attach a copy of the Rules of Behavior that outline the requirements
below.
Attached are the CBP Directive and Rules of Behavior.
098
USCBP000165
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy

Page6of9
5. Please describe the Rules of Behavior in effect for the listed operational use of
social media. If users do NOT follow a particular Rule, please detail reasoning
for not following that Rule:
a) Equipment. Use only government-issued equipment when engaging in the
b) Email and accounts. Use online screen names or identities that indicate an
official DHS affiliation and use DHS email addresses to open accounts
used when engaging in social media in the performance of their duties;
Access publicly available information through social

c) Public interaction.
media only by reviewing posted information without interacting with any
individual who posted the information;
d) Privacy settings. Respect individuals' privacy settings and access only

information that is publicly available;
e) PI! collection: Collect the minimum PIT necessary for the proper
performance of their authorized duties except for systems subject to Final
Rules for Exemption from certain aspects of the Privacy Act;

f) PI! safeguards. Protect PIT as required by the Privacy Act (if applicable) and
DHS privacy policy;
099
USCBP000166

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 7 of 9
Yes.
□ No. If not, please explain:
g) Documentation. Document operational use of social media, including date,
site(s) accessed, information collected and how it was used.
Yes.
h) Training. Users complete annual privacy training which has been

approved by Component Privacy Officer (or Privacy Point of Contact)
based upon training materials provided by the DHS Privacy Office.
Training must include, at minimum: legal authorities, acceptable
operational uses of social media, access requirements, and requirements
for documenting operational uses of social media.
Yes, employees self-certify that they have read and understood their
Component Rules of Behavior.
Yes, Component Privacy Officers or PPOCs maintain a record of

employee attendance at privacy training that includes training on the
Rules of Behavior.
100
USCBP000167

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 8 of 9

(To be Completed by the DHS Privacy Office)
DATE reviewed by the DHS Privacy Office: December 17, 2015

NAME of the DHS Privacy Office Reviewer: (b) (6), (b) (7)(C)
DESIGNATION
This program is covered by the following Privacy Impact Assessment and
Privacy Act System of Records Notice:
PIA: DHS/CBP/PIA-006(b) Automated Targeting System (ATS) Update (June 1, 2012)

SORN: DHS/CBP-006 - Automated Targeting System May 22, 2012, 77 FR 30297
DHS Privacy Office Determination

Program has met requirements to use social media for the stated
authorized operational purposes, and must continue compliance with the
requirements above.
□ Program has not

operational purposes.
yet met requirements to utilize social media for
□ Program
media.
authorities do not authorize operational use of social
□ Rules of Behavior do not comply. <Please explain analysis.>

□ Training required.
□ A PIA is required.
□ New.
□ Updated. <Please include the name and number of PIA to
be updated here.>
101
USCBP000168
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy

Page9of9
D A SORN is required:
D New.
D Updated. <Please include the name and number of SORN
to be updated here.>

The DHS Privacy office finds that CBP' s use of social media for Border
Encounter Research is consistent with existing privacy compliance documentation
and the DHS MD 110-01 requirements.
CBP will conduct attributable, (b) (7)(E) only. CBP
Officers and Border P A .. (b) (7)(E)
~ snot
Any information collected from social media will be stored within the CBP
Automated Targeting System (ATS), Targeting Framework (TF) module. Per the
2012 ATS PIA,
102
USCBP000169

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 1 of 8

12333, as amended.
103
USCBP000170

202-343-1717, pia@dbs gov
www dbs gov/privacy

Page2of8

Upon recei pt, your Component Privacy O fficer and the OHS Privacy Office will review this
SUMMARY INFORMATION

Contact In~or~atio~; ~ i r e c t o r , (b) (7)(E) Office of Intelligence

and Inveshgahve Liaison • • • @1
Counsel2 Contact Information: Marc Bennett Courey, Office of Chief Counsel, Enforcement
Section

• Automated Targeting System- Targeting Framework.

DHS/CBP/PIA-006(b) Automated Targeting System (ATS) Update, June 1, 2012. Per the ATS PIA, ATS
maintains the official record "for certain law enforcement and/or intelligence data, reports, and projects
developed by CBP analysts that may include public source infmmation;"

DHS/CBP-006 - Automated Targeting System May 22, 2012, 77 FR 30297. Categories of records
includes "Operational and analytical repmts and/or projects developed that may include public source
information and/or classified info1mation obtained by users/analysts for reference or incorporation into
the report or project."
• Analytical Framework for Intelligence
DHS/CBP/PIA-010 - Analytical Framework for Intelligence (AFI) , June 1, 2012. Per the AFI
PIA § 2. 1 Identify the information the project collects. uses. disseminates. or maintains: " ...
DHS AFI analysts may upload information that the user believes is relevant to a project,
including information publicly available on the Internet."
DHS/CBP-017 - Analytical Framework for Intelligence Svstem June 7, 2012 77 FR 13813. Per the
Record Source Categories: "Additionally, A FI permits analysts to upload and store any
information from any source including public and commercial sources, which may be relevant
to projects, responses to RFis, or final intelligence products."
2Counsel listed here must cerlify that appropriate authority exists to engage in parli.cular operational activities involving social
media.
104
USCBP000171

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page3 o/8
OHS OPERATIONAL USE OF SOCIAL MEDIA
SPECIFIC QUESTIONS
1. Describe the category of use for collecting personally identifiable information from social
investigations, benefit or employment determinations, or situational awareness. If use does
The personnel anticipated to use social media under this SMOUT include CBP
Intelligence Research Specialists, CBP Officers, Border Patrol A ents, and Air &
aw,
Marine i'sonnel. This SMOUT encompasses both
CBP personnel who receive specific prior supervisory approval may
(b) (7)(E)
(b) (7)(E)
personnel may use mechanisms, (b) (7)(E)
(b) (7)(E)
(b) (7)(E) I
gained through these operations may only be used consistent with the legal
authorities of CBP. For exam le, this may include
. This information may be stored in AFI or A TS-TF.
2. Based on th e operational use of social media listed above, please provide the appropriate
authorities.
Under 235 of the Immigration and Nationality Act and its implementing
regulations CBP Officers and Border Patrol Agents have several enforcement
authorities and responsibilities associated with inspections at a port of entry. 8
U.S_C. § 1225; see also 8 CFR 287.2 (stating that a special agent in charge, port
105
USCBP000172

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page4 o/8
director, or chief patrol agent shall initiate an investigation when he has reason
to believe there has been a criminal immigration violation); 8 CFR 287.4 (stating
that several positions within Border Patrol may issue subpoenas to be used in
criminal or civil investigations); 8 CFR 287.9 (stating that Border Patrol agents
must obtain a search warrant prior to conducting a search in a criminal
investigation unless a specific exemption to the warrant requirement is
authorized by statute or recognized by courts)- See also 19 U.S.C. § 482, 1467,
1496, 1582, and 1589a, and 19 CFR Part 162.

D In development. ~ Operational. Date first launched: Unknown
4. Please attach a copy of th e Rules of Behavior that outline the requirements below.

5. Please describe the Rules of Behavior in effect for the listed operational use of social media. If
users do NOT follow a particular Rule, please detail reasoning for not following that Rule:


affiliation and use OHS email addresses to open accounts used when engaging in social
106
USCBP000173

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page5 o/8
c) Public interaction. Access publicly available information through social media only by
reviewing posted information without interacting with any individual who posted the
information;
d) Privacy settings. Respect individuals' privacy settings and access only information that is
ublicl available;
e) Pl! collection : Collect the minimum PII necessary for the proper performance of their
1:8'.! Yes. D No. If not, please explain:
f) PII safeguards. Protect PII as required by the Privacy Act (if applicable) and OH S privacy
policy;
1:8'.J Yes. D No. If not, please explain:

1:8'.J Yes. D No. If not, please explain:
107
USCBP000174

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 6 of 8
Rules of Behavior.

108
USCBP000175

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page 7 of 8

DATE reviewed by the DHS Privacy Office: May 13, 2015
DESIGNATION
This program is covered by the following Privacy Impact Assessment and Privacy Act
System of Records Notice:
PIA: DHS/CBP/PIA-006 ATS

SORN: DHS/CBP-006 ATS

Program has met requirements to use social media for the stated authorized
□
Program has not yet met requirements to utilize social media for operational
□
purposes.
□ Program authorities do not authorize operational use of social media.

A PIA is required.
□ New.
□ Updated.
here.>
<Please include the name and number of PIA to be updated
A SORN is required:
□ New.
□ Updated.
here.>
<Please include the name and number of SORN to be updated
109
USCBP000176

202-343-1717, pia@dhs gov
www dhs gov/privacy

Page8 o/8
CBP's use of social media for Operational Awareness is compliant with the DHS social media
directive MD 110-01-011.
This SMOUT is intended to address . The ATSPIA

referenced references CBP's use of information e Operational
Use of Social Media, CBP defines
110
USCBP000177

202-343-1717, pia@dhs gov
www dhs gov/privacy

This template is used to assess the Department’s Operational Use of Social Media, consistent with
Management Directive 110-01.
Management Directive 110-01, Privacy Policy for Operational Use of Social Media. For the purposes of
the Management Directive and this template, “Operational Use” means authorized use of social media to
subject to this requirement:
Communications and outreach with the public authorized by the Office of Public Affairs
The conduct of authorized intelligence activities carried out by the Office of Intelligence
and Analysis, the intelligence and counterintelligence elements of the United States Coast
Guard, or any other Component performing authorized foreign intelligence or
12333, as amended.
111
USCBP000178
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy
Please complete this form and send it to your Component Privacy Officer. Upon receipt, your Component
Privacy Officer and the OH S Privacy Office will review this form and may request additional
information.
Summai:y Infonnation
N ame of SMOUT: Border Patrol Intelligence -
D ate submitted for review: November 23, 2015
N ame of Component: U.S. Customs and Border Protection
Contact Information: Assistant Chie (b) (6), (b) (7)(C) United States Border Patrol.
@cCBP.DHS.GOV.
Counsel Contact Information: Marc Bennett Courey, Office of Chief Counsel, Enforcement
IT System(s) where social media data is stored: Automated Targeting System-Targeting Framework and
the Analytical Framework for Intelligence (if included in a finished intelligence product)
Applicable Privaci; Impact A ssessment(s) (PIA):
• DH S/CBP/PIA-006(e) Automated Tar~etin~ System (ATS) U12date. January 13, 2017. Per the ATS
PIA, ATS maintains the official record "for certain law enforcement and/or intelligence data,
reports, and projects developed by CBP analysts that may include public source information;"
• DH S/CBP/PIA-0lOa - Analytical Framework for Intelligence (AFI), September 1, 2016. Per the
AFI PIA§ 2.1 Identify the information the project collects, uses, disseminates, or maintains: " .. .
OHS AFI analysts may upload information that the user believes is relevant to a project,
including information publicly available on the Internet."
Raw intelligence collecte d by CBP is covered b y: DH S/CBP-024 Intelligence Records System (CIRS),
September 21, 2017 82 FR 44198. This system of records allows CBP to collect and consolidate
information from multiple sources, including law enforcement agencies and agencies of the U.S.
Intelligence Community, in order to enhance CBP's ability to: Identify, apprehend, or prosecute
individuals who pose a potential law enforcement or security risk; aid in the enforcement of the customs
and immigration laws, and other laws enforced by OHS at the border; and enhance U .S. border security.
Records maintained within the CIRS system of records include information collected by CBP for
an intelligence purpose that is not covered by an existing OHS SORN and finished intelligence products.
This information may include:
112
USCBP000179

202-343-1717, pia@dhs gov
www dhs gov/privacy
 Biographic information (name, date of birth, Social Security number, alien registration number,
citizenship/immigration status, passport information, addresses, phone numbers, etc.);
 Records of immigration enforcement activities or law enforcement investigations/activities;
 Information (including documents and electronic data) collected by CBP from or about
individuals during investigative activities and border searches;
 Records of immigration enforcement activities and law enforcement investigations/activities that

have a possible nexus to CBP's law enforcement and immigration enforcement responsibilities or
homeland security in general;
 Law enforcement, intelligence, crime, and incident reports (including financial reports under the
Bank Secrecy Act and law enforcement bulletins) produced by DHS and other government
agencies;
 U.S. visa, border, immigration, and naturalization benefit data, including arrival and departure
data;
 Terrorist watchlist information and other terrorism-related information regarding threats,

activities, and incidents;
 Lost and stolen passport data;
 Records pertaining to known or suspected terrorists, terrorist incidents, activities, groups, and
threats;
 CBP-generated intelligence requirements, analysis, reporting, and briefings;
 Information from investigative and intelligence reports prepared by law enforcement agencies
and agencies of the U.S. foreign intelligence community;
 Articles, public-source data (including information from social media), and other published
information on individuals and events of interest to CBP;
 Audio and video records retained in support of CBP's law enforcement, national security, or
other homeland security missions;
 Records and information from government data systems or retrieved from commercial data
providers in the course of intelligence research, analysis, and reporting;
 Reports of suspicious activities, threats, or other incidents generated by CBP or third parties;
 Additional information about confidential sources or informants; and
 Metadata, which may include but is not limited to transaction date, time, location, and frequency.
Finished Intelligence Products produced by CBP are covered by: DHS/CBP-017 – Analytical Framework
for Intelligence System, June 7, 2012 77 FR 13813. The purpose of this system is to enhance DHS's ability
to: Identify, apprehend, and/or prosecute individuals who pose a potential law enforcement or security
113
USCBP000180

202-343-1717, pia@dhs gov
www dhs gov/privacy
risk; aid in the enforcement of the customs and immigration laws, and other laws enforced by DHS at the
border; and enhance United States security. AFI uses data to:
(1) Identify individuals, associations, or relationships that may pose a potential law enforcement or
security risk, target cargo that may present a threat, and assist intelligence product users in the
field in preventing the illegal entry of people and goods, or identifying other violations of law;
(2) Allow analysts to conduct additional research on persons and/or cargo to understand whether
there are patterns or trends that could identify potential law enforcement or security risks; and
(3) Allow finished intelligence product users with a need to know to query or receive relevant
finished intelligence products.
114
USCBP000181

202-343-1717, pia@dhs gov
www dbs gov/privacy
SPECIFIC QUESTIONS
CBP is submitting this SMOUf to request access to social media for (b) (7)(E) as
defined by the CBP Operational Use of Social Media Policy 1 for Border Patrol agents assigned to the
Border Patrol Sector Intelligence Units (SIU), and the USBP Headquarters Intelligence Division (Border
Patrol Intelligence Agents (BPA-Is), Supervisory Border Intelligence Agents (SBPA-Is) or Border Patrol
Intelligence Enterprise (BPIE) intelligence analysts). The Sector Intelligence Unit (SIU) operates primarily
at the tactical level, working in coordination with the HQ Intelligence Division, sector command staff and
stations. l11e four primary functions of the SIU are to collect information that provides current
intelligence, conduct targeted enforcement operations, provide analysis, and provide support to ongoing
intelligence operations. Tilis allows the SIU to produce sector level intelligence products for wider
consumption, including federal, state, local, and tribal stakeholders.
The SIU will support sector command staff and respond to intelligence collection requirements
both at the sector and national level. The SIU strives for integration with all stations within their
respective sectors by working with station staff and collateral intelligence agents to address the station
commander's objectives, gather information, and produce intelligence products for local and national
consumption. In addition, SIU agents assigned to Border Patrol stations will act as subject matter experts
to educate station personnel as to their role within the BPIE. The SIU has the following responsibilities:
• Understand intelligence priorities
• Produce quality, finished, information and intelligence products
• Ensure constant flow of information and intelligence
• Protect and promote intelligence integrity and objectivity
• Integrate intelligence into operational activities to reduce uncertainty
• Drive sector and station operations with collections and analytical support
• Understand and operate within intelligence doctrine, capabilities and limitations
(b) (7)(E)
(b) (?)(E)
115
USCBP000182

202-343-1717, pia@dhs gov
www dbs gov/privacy
• Receive and incorporate feedback from agents, station staff and sector management
TI1e primary mission of the SIU is to gather and synthesize information. To do so, Border Patrol
agents who are assigned to the SIU or Headquarters Intelligence Division undergo specific training for
the intelligence enterprise. All SIU personnel are trained and certified to perform the intelligence
collection, management, and analytical functions necessary for their respective roles. Individuals
responsible for providing that information must have the necessary skills and competencies necessary to
provide that intelligence.
To accomplish their intelligence functions, these specialized USBP intelligence personnel must
use (b) (?)(E)
(b) (7)(E)
General Procedures
Consistent with the CBP Operational Use of Social Media Policy, 2 once this SMOUT has been
approved by the OHS Privacy Office, there are additional procedural requirements for (b) (7)(E)
(b) (7)(E) 1:order Patrol agents who are assigned to Sector Intelligence Units or the USBP
Headquarters Intelligence Division must obtain approval to use social media for (b) (7)(E)
only when necessary for authorized law enforcement purposes with a clear nexus to their assigned duties
and in conformance with existing (b) (?)(E)
Individual A ccess R equests
Border Patrol agents who are assigned to
(b) (7)(E)
(b) (?)(E)
116
USCBP000183

202-343-1717, pia@dhs gov
www dbs gov/privacy
Upon approval of this template and in accordance with the individual access procedures outlined
in CBP Directive 5410-003, USBP intelligence personnel may use the (b) (7 )( E)
(b) (7)(E)
2. Based on the operational use of social media listed above, please provide the appropriate
authorities.
6 U.S.C. § 211(e) establishes the Border Patrol in CBP and sets forth certain statutory duties,
including the responsibility to: "{A) serve as the law enforcement office of U.S. Customs and Border
Protection with primary responsibility for interdicting persons attempting to illegally enter or exit the
United States or goods being illegally imported into or exported from the United States at a place other
than a designated port of entry; (B) deter and prevent the illegal entry of terrorists, terrorist weapons,
persons, and contraband; and (C ) carry out other duties and powers prescribed by the Commissioner."
Under section 287(b) of the Immigration and Nationality Act (INA) (8 U.S.C. § 1357(b)),
authorized Border Patrol agents "have the power and authority . . . to take and consider evidence
concerning the privilege of any person to enter, reenter, pass through, or reside in the United States, or
concerning any matter which is material or relevant to the enforcement of [the INA] . . .." See also 8 CFR
287.2 (stating that a special agent in charge, port director, or chief patrol agent shall initiate an
investigation when he has reason to believe there has been a criminal immigration violation).
Additionally, 19 U.S.C. § 1589a provides enforcement authority to customs officers, including Border
Patrol agents.
(b) (5)
IZ] In development. D Operational. Date first launched:

USBP use of social media for (b) (7)( E) is pending the approval of this SMOUT.
117
USCBP000184
The Privacy Office
202-343-1717, pia@dhs gov
www dhs gov/privacy
Equipment. Use only govenunent-issued equipment when engaging in the operational use of social media;

Email and accounts. Use online screen names or identities that indicate an official OHS affiliation and use
OHS email addresses to open accounts used when engaging in social media in the performance of their
duties;
(b) (7)(E)
Public interaction. Access publicly available information through social media only by reviewing posted
information without interacting with any individual who posted the information;
Privacy settings. Respect individuals' privacy settings and access only information that is publicly
available;
PII collection: Collect the minimum PIT necessary for the proper performance of their authorized
duties except for systems subject to Final Rules for Exemption from certain aspects of the Privacy Act;

PII safeguards. Protect PIT as required by the P rivacy Act (if applicable) and OHS privacy policy;

Documentation. Document operational use of social media, including date, site(s) accessed, information
collected and how it was used.

Training. Users complete annual privacy training which has been approved by Component Privacy
Officer (or Privacy P oint of Contact) based upon training materials provided by the OHS Privacy Office.
118
USCBP000185

202-343-1717, pia@dhs gov
www dhs gov/privacy
Training must include, at minimum: legal authorities, acceptable operational uses of social media, access
requirements, and requirements for documenting operational uses of social media.
Yes, employees self-certify that they have read and understood their Component Rules of
Behavior.
Yes, Component Privacy Officers or PPOCs maintain a record of employee attendance at

privacy training that includes training on the Rules of Behavior.
119
USCBP000186
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy

(To be completed by the DHS Privacy Office )
DATE reviewed by the DHS Privacy Office: 11/27/2017
N AME of the DHS Privacy Office Reviewer· \WNJPW

DESIGNATION
This program is covered by the following Privacy Impact As s essment and Privacy Act
Sys tem of Records Notice:
PIA:
DHS/CBP/PIA-006 Automated Targeting System (ATS)

DHS/CBP/PIA-010 Analytical Framework for Intelligence (AFI)
SORN:
DHS/CBP-017 Analytical Framework for Intelligence System, June 7, 2012 77 FR 13813
DHS/CBP-024 Intelligence Records System (CIRS) System of Records, September 21,
2017, 82 FR 44198
3. Rules of Behavior Content: (Check all items that apply.)
120
USCBP000187
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy
a. Equipment.
issued equipment. (b) (7)(E)
b. Email and accounts.
(b) (7)(E)
c. Public interaction.
(b) (7)(E)
d . Privaci; settings.
D Users may disregard privacy settings.

IZJ Users must respect individual privacy settings. (b) (?)( E)
e. PII storage:
IZJ PIT is maintained in an exempted Privacy Act System of Records.

Please list applicable SORN here: DH S/CBP-017 Analytical Framework
for Intelligence (AFI) System
DHS/ CBP-024 Intelligence Records System (CIRS)
D PIT is maintained in a Privacy Act Systems of Records.

Please list applicable SORN here:
£. PII safeguards.
IZJ PIT is protected as required by the Privacy Act and D HS privacy policy.
D Only a minimal amount of PIT is collected and safeguarded, consistent with
121
USCBP000188

202-343-1717, pia@dhs gov
www dhs gov/privacy
g. Documentation.
Users must appropriately document their use of social media, and collection
of information from social media website.
□ Documentation is not expressly required.

h. Training.
All users must complete annual privacy training that has been approved by
Component Privacy Officer. Training includes:
C8J Legal authorities;

C8J Acceptable operational uses of social media;
C8J Access requirements;
C8J Applicable Rules of Behavior; and
C8J Requirements for documenting operational uses of social media.
Mechanisms are (or will be) in place to verify that users have completed
training.

Rules of Behavior.
□ No, certification of training completion cannot be verified.
~ Program has met requirements to use social media for the stated authorized
□ Program has not yet met requirements to utilize social media for operational
purposes.

122
USCBP000189
Homeland
;i,~,t;;,.
The Privacy Office
~
. . . 't:
~~
~
202-343-1717, pia@dhs gov
www dhs gov/privacy
D A PIA is required.
D New.
here.>
D A SORN is required:
D New.
D Updated. <Please include the name and number of SORN to be updated
here.>

CBP is submitting this SMOUT to discuss the request for access to social media for
as defined by the CBP Operational Use of Social Media Policy for U.S. Border Patrol (USBP)
agents assigned to the Border Patrol Sector Intelligence Units (SIU), and the USBP H eadquarters
Intelligence Division. The primary mission of the SIU is to gather and synthesize information. ■•>
Border P atrol agents who are assigned to SIU or the USBP Headquarters Intelligence Division-
Any information collected from social

media will be stored within the Automated Targeting System-Targeting Framework (ATS-IF) and the
Analytical Framework for Intelligence (AFI) (if included in a finished intelligence product). Per the ATS
PIA, ATS-IF allows authorized users to attach public source information, such as responsive Internet
links and related documents, to an assigned report and/or project and search for any text contained
within the system via full text search functionality . Per the AFI PIA, analysts may upload information
that the user believes is relevant to a project, including information publicly available on the Internet.
SORN coverage for raw intelligence collected b y CBP is covered b y DH S/CBP-024 Intelligence Records
System (CIRS), which covers the collection and consolidation of information from multiple sources,
including law enforcement agencies and agencies of the U.S. Intelligence Community, in order to enhance
CBP's ability to: identify, apprehend, or prosecute individuals who pose a potential law enforcement or
123
USCBP000190

202-343-1717, pia@dhs gov
www dhs gov/privacy
security risk; aid in the enforcement of the customs and immigration laws, and other laws enforced by
DHS at the border; and enhance U.S. border security. Records maintained within the CIRS may include
“articles, public-source data (including information from social media), and other published information
on individuals and events of interest to CBP.” SORN coverage for finished intelligence products
produced by CBP is provided by DHS/CBP-017 Analytical Framework for Intelligence System, which
covers the collection of information to enhance DHS's ability to: identify, apprehend, and/or prosecute
individuals who pose a potential law enforcement or security risk; aid in the enforcement of the customs
and immigration laws, and other laws enforced by DHS at the border; and enhance U.S. security.
124
USCBP000191
Operational Use of Social Media
Rules of Behavior
The following rules of behavior apply to all U.S. Customs and Border Protection (CBP)
employees, contractors, and persons using CBP systems in furtherance of the CSP
mission with access to social media sites and the public internet for the purposes of
overseeing or conducting operational activities related to the mission of CBP. These
activities may include, but are not limited to: detennining admissibility, identity
resolution, reconciling screening and targeting matches, counter-terrorism investigations,
counter-narcotics investigations, smuggling investigations, trade and credential fraud
investigations, interdictions, border and event security, enhancing general, operational
awareness, and assisting in making benefit, personnel, or suitability determinations.
These rules of behavior are separate and apart from those rules of behavior which cover
accessing social media sites and the public internet for the purpose of communications
and outreach with the public.
l. Social Media Access, Generally:
a. I understand that all activities of accessing restricted internet sites or access to

social media sites will be in accordance with applicable law and DHS and CBP
guidance.
b. I understand that my access to social media under these specific rules of behavior
does not include conducting communications and outreach with the public, and in
connection with the Office of Public Affairs as directed in CBP Directive 5410-
001 B, Office of Public Affairs Roles, Functions and Responsibilities.
c. I will only access those sites for which I require access to perfonn mission-related
tasks as part of my official duties and for purposes that are authorized by statute,
executive order, regulation, or policy. I will not attempt to access sites or perform
actions that I am not authorized to access or perform.
d. I understand that I must complete all required privacy training prior to receiving
access to social media sites and that I will complete annual refresher training as
long as access is still needed and approved by a Template.
c. I understand that my access requirements will be reviewed on an annual basis and

that my access can be terminated at any time if it is no longer needed due to a
change in official duties, if I am no longer authorized to conduct activities
requiring the access, if I run serving a suspension due to misconduct,, if I am
under a suspension of law enforcement authority, if I separate from CBP, or if I
misuse my access.
125
USCBP000192
2. Overt Operational Use of Social Medin and the Public Internet (Overt Research,
Monitoring, and Engagement):
a. I will use only government-issued equipment, internet connections authorized to

access social media through the DHS/CBP network (i.e., no "stand-alone"
connections), government-approved accounts and government-approved email
addresses when engaging in the overt operational use of social media and the
public internet on behalf of CBP.
b. I will only use screen names or identities that indicate an official DHS or CBP
affiliation.
c. I will not engage in the use of social media on government equipment or use any
account created on behalf of CBP, for unofficial purposes.
d. I will not use vulgar or abusive language, engage in personal attacks of any kind,
or use offensive terms targeting individuals or groups while using social media or
the public internet on behalf of OHS.
c. I will not knowingly endorse commercial products. services or entities. nor will I
knowingly endorse political parties. candidates or groups while using social
media or the public internet on behalf of DHS. 1
f. I will not lobby members of Congress using DHS or any other appropriated
resource via social media or the public internet.
g. I will not use government resources to foster commercial interests or for

individual profit.
b. I will log off of or otherwise restrict access to any social media session when I am
not personally attending to it.
3. Data Protection for Overt Use:
a. I will not access information that is not publicly available, without consent.
b. I will not interact with individuals who post the information, unless there is a
specific and clearly articulated operational necessity to interact with individuals
who post the information as defined in my authorized mission responsibilities.
1 'Knowingly' is included here because there is the possibility on social media sites like
Facebook that one may be trying to click on another item and unknowingly click on a
commercial product or political candidate, thereby endorsing the product or the political
candidate.
2
126
USCBP000193
c. I will only use the minimum amount of personally identifiable information (PII)
necessary for the defined operational use of social media or the public internet.
d. I will protect any PII in accordance with the Privacy Act ( where applicable) and
OHS and CBP privacy policy (e.g., PII obtained from a SORN and disclosed for a
use in research, monitoring, or engagement will be accounted for on a DHS-191).
e. I will not search social media sites or the public internet for or by PII unless this
search is necessary for the purpose defined by my authorized operational use of
social media.
f. I will not access or post classified or otherwise protected information {e.g. For
Official Use Only (FOUO)) using social media or the public internet (e.g.,
).
g. I will document my operational use of social media, including date, site(s)

accessed, infonnation collected, information disclosed for purposes of access, and
how it was used in the same manner that CBP would document infonnation
collected during each of its operational activities.
4. Undercover Operational Use of Social Media and the Public Internet (Masked
Monitoring and Undercover Engagement):
a. I will use government-issued equipment, internet connections authorized to access

social media through the DHS/CBP network (i.e., no "stand-alone" connections),
government-approved accounts and government-approved email addresses, unless
authorized by the tenns of my assigned mission responsibilities, when engaging in
the undercover operational use of social media and the public internet on behalf of
CBP.
b. I will not engage in use of social media on government equipment or use any
account created on behalf of CBP for unofficial purposes.
c. I will refrain from using vulgar or abusive language, engaging in persona) attacks
of any kind, or using offensive terms targeting individuals or groups while using
social media or the public internet, unless it is necessary as defined by the scope
of my masked or assumed identity in the context of my authorized mission
responsibilities.
d. I will not knowingly endorse commercial products, services or entities. nor will I
knowingly endorse political parties, candidates or groups while using social
127
USCBP000194
media or the public internet on behalf of OHS, unless authorized by the terms of
the SM OUT for my undercover engagement. 2
e. I will not lobby members of Congress using OHS or any other appropriated
resource via social media or the public internet, unless authorized by the terms of
the SMOUT for my undercover engagement.
f. I will not use government resources to foster commercial interests or for the
appearance of individual profit, unless authorized by the terms of the SMOUT for
my undercover engagement.
g. I will log off of or otherwise restrict access to any social media session when I run
not personally attending to it.
5. Data Protection for Undercover Use:
a. I will not access information that is not publicly available, without consent, unless
authorized in the execution of the terms of my assigned mission responsibilities.
b. I will not interact with individuals who post the information, unless there is a
specific and clearly articulated operational necessity to interact with individuals
who post the information as defined in my authorized mission responsibilities.
c. I will only use the minimum amount of personally identifiable information (PII)
necessary for the defined operational use of social media or the public internet.
d. I will protect any PU in accordance with the Privacy Act (where applicable) and
OHS and CBP privacy policy (e.g., PII obtained from a SORN and disclosed for a
use in monitoring or engagement will be accounted for on a DHS-191 ).
c. l will not search social media sites or the public internet for or using Pll unless
this search is necessary for the purpose defined by my authorized operational use
of social media.
f. I will not access or post classified or otherwise protected information (e.g.,

FOUO) using social media or the public internet (e.g.,
g. I will document my operational use of social media, including date, site(s)

accessed, information collected, and how it was used in the same manner that
2'Knowingly' is included here because there is the possibility on social media sites like
Facebook that one may be trying to click on another item and unknowingly click on a
commercial roduct or olitical candidate, thereb endorsin the roduct or the political
candidate.
128
USCBP000195
CBP would document information collected during each of its operational
activities.
6. Incident Reporting:
• I will promptly report suspected or confirmed IT security incidents (e.g.,
, and per the DHS Handbook for Sateguarding Sensitive PII

and the Privacy Incident Handling Guide (PIHG), report any privacy incidents
(e.g., loss or compromise of sensitive PH) to the OHS IT Help Desk a 1(b) (?)(E)
tWQiind my supervisor.
7. Accountability:
a. I understand that I have no expectation of privacy while using government

Information Technology (IT) systems or any accounts created on behalf of CBP
or in furtherance of CBP' s missfon.
b. I understand that I will be held accountable for my actions while accessing and
using government IT systems and social media sites and may face disciplinary
action and/or criminal or civil prosecution for misuse. Additionally, misuse may
lead to removal from position and/or tennination.
Acknowledgment Statement
I acknowledge that I have read the rules of behavior; I understand them, and I wiJI
comply with them. I understand that failure to comply with these rules could result in
verbal or written warning, removal of access to social media on behalf of CBP,
reassignment to other duties, criminal or civil prosecution, or termination.
Employee Signature Date
Participating in the CBP Operational Use ofSocial Media Training is required and
serves as acknowledgement and acceptance ofthese Rules of Behavior.
Date Training Completed: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ __
Upon completing the signnture, date, and training completion date portion, submit
this to the Privacy and Diversity Office at privacy.cbp<@.cbp.dhs.gov.
129
USCBP000196
Homeland The PrivaC)' Office
U.S. Department of Homeland Secu1ity
Security Washington. OC 20528

202m r , 9dhs.gov
www .d hs.gov/privacy

Page 1 of
10

This template is u se d to assess the Department's Operational U se of Social Media,
consistent with Management D irective 110-01.
The DH$ Privacy Office has created this template to determine privacy compliance with
Management Directive 110-01, Privacy Polia; for Operational Use of Social Media. For the purposes of the
Management Directive and this template, "Operational Use" means authorized use of social media to
collect personally identifiable information for the purpose of enhancing si tuational awareness,
subject to this requirementl:
and Applica tions Communications/Outreach/Public Dialogue and DHS/ALL/PIA-036 -
b) The conduct of authorized intelligence activities carried out by the Office of IntelJigence
12333, as amended.
Homeland Security if there is disagreement over the OHS Privacy Office determination of privacy
from this requirement and is covered by the existing PIA: DHS/OPS/PIA-004/d) - Publicly Available Social Media Moni toring and
130
Security washin~ton. OC 20528

202PDIUXmdhs.gov

Page 2 of
10

Please complete this form and send it to y our Component Priv acy Officer.
Upon receipt, your Component Priv acy O fficer and the OHS Privacy Office w ill rev iew this
fo rm and may request additional in fo rmati on.
SUMMARY INFORMATION

Name of Component: U.S. Customs and Border Protection
Contact Information: (b) (6), (b) (?)(C)
Counsel 2 Contact Information: (b) (6), (b) (7)(C) Deputy Associate Chief Counsel,
Enforcement & Operations, Office of Chief Counsel, U.S. Customs and Border Protection,-
pppffiMain)
IT System(s) where social media data is s tored: The information may be store d on CBP
SharePoint sites, CBP workstations, or in OHS electronic mail.
Applicable Privacy Impact Assess m ent(s) (PIA):

• The CBP Privacy Office finds that overarching PIA coverage for this effort is provided
by:
o DHS/ALL/PIA-056 OHS and Component Network IT Security Operations and
Privacy and IT Security Incident Response, which outlines the Department's
efforts to protect the confidentiality, integrit y, and availability of OHS
information and information assets.
• Coverage under this PIA includes situations where C BP OIT identifies
an issue of concern on Social Media in which the PII of the individual
that posted it is not rel evant or necessary. In those instances, CBP OIT
would redact PII from any notifications or work products that ar e
produced or stored.
o DHS/CBP/PIA-OlO(a) Analytical Framework for Intelligence, which outlines
CBP's efforts to identify, apprehend, and prosecute individuals who pose a
potential law enforcement or security risk, and aids in the enforcement of
customs, immigration, and other laws enforced by OHS.
• Coverage under this PIA includes situations where CBP OIT identifies
a social media post in which a cyber-threat actor indicates an intent to
conduct an attack on or hack of CBP. In these in stances, the PII of the
2 Counsel listed here must certify that appropriate authori ty exists to engage in particular operational activities involving social media.
131

202mJPitl>dhs.gov

Page 3 of
10
individual that created the post is relevant and would be included in

notifications and work products, and would be retained in AFI.
• The CBP Privacy Office is working with the Department and other Components to
develop more specific coverage in the future, however DHS/ALL/PIA-056 and
DHS/CBP/PlA-OlO(a) cover all aspects o f this effort, including the collection and use
of social media.
The CBP Privacy Office find s that SORN coverage for this effort is provided by DHS/CBP-024
Intelligence Record s System (CIR$) System of Records, September 21, 2017, 82 FR 44198, which
describes CBP's collection, m ain tenan ce, and use of records in order to identify, apprehend, or
p rosecute individuals who pose a potential law enforcement or security risk; aid in the
enforcemen t of the cu stoms and immigration laws, and other laws enforced by DHS at the
border; and enhance U.S. bor der security.
132

20a m i l 9dhs.gov

Page 4 of
10

SPECIFIC QUESTIONS
This SMOUT addresses the operational use of social media in support of the protection and
cybersecurity of CBP information systems and networks. The personnel using social media
under this SMOUT are Cyber Threat Analysts employed in CBP's Cyber Threat Intelligence
(CTI) team in the Office of Information and Technolo OIT . C bersecurit Directorate.
Security Operations Division.
(b) (7)(E)
CTI's mission statement is to "enhance the cybersecurity posture of CBP information
systems and networks through the aggregation, correlation, and dissemination of intelligence
and information on cyberspace threats."
• Aggregation and Correlation: The primary role of the operational use of social
media is to enable CTI team to identify and collect information on cyberspace threats
either currently impacting CBP's information technology environment or with the
potential to impact that environment. When a threat is identified, the CTI team
• In some cases. the CTI team will receive info1mation from the CBP Security
Operations Center that CBP was affected by specific cyber threat activity (e.g. ,
phishing emails targeting CBP employees, malware on employee workstations,
recom1aissance activities against CBP's network). In other cases, the CTI team will
receive or identify a report, article, blog, or other open source information suggesting
that a cyber-threat actor is conducting malicious activity against U.S. Government or
133

2021e,mmdhsgov

Page 5 of
10
other relevant entity. And in other cases, the CTI team will receive an alert related to
a suspicious website related to CBP that warrants further investigation using a
secured Internet browsing capability. Regardless of the situation, the CTI team will
NOTE: The sole purpose of the CTI team maintaining access to social media is to
view the publicly-available posts in the event that such posts contain information
related to cyber threat activity; not to engage with individuals on social media. In
addition, (b) (7)(E)
• Storage: Once the CTI team identifies specific information of interest, the team will
typically either save a screenshot of the resulting website or create a PDF copy of the
res ulting website, including social media posts. Typically, CTI will save the file to
their workstation and upload the file to an internal, restricted-access SharePoint
website on CBPNet that contains CTI's investigation information. The infom1ation
posted on the website is restTicted to personnel within the Cybersecurity Directorate
with a need-to-know (i.e., the CTI team, CBP Security Operations Center personnel,
Security Operations Division leadership, and the Chief Information Security Officer).
The purpose of uploading this information to the site is to ensure that it is available to
all CTI and other cybersecurity analysts during ongoing investigation activities. In
addition, the site also provides a historical record in the event that the CTI team must
conduct retroactive analysis of the related investigation. The information is stored
subject to the applicable records retention policies.
Dissemination: Other than the SharePoint site, the dissemination of information

gathered will almost always be limited to email communications. The vast majority of
information gathered and shared is between the CTI team and the CBP Security
Operations Center personnel. It is also possible that the CTI team would share
information outside of CBP or DHS, such as the FBI or other U.S. Government
134

2021QJmtmdhsgov

Page 6 of
10
Departments or Agencies with cyber threat intelligence and/or cybersecurity missions.

The CTI team will be required to mark the information with proper handling
instructions before sharing, whether inside or outside of DHS. The CTI team
understands the need-to-know concept, and ensures that operational information
r elated to ongoing investigations is retained for the duration of that investigation.
authorities.
• Homeland Security Act of 2002, as amended, 6 U.S.C. § 101, et seq.

• Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. §
3551, et seq.
• OHS Directive 110-01, Privacy Policy for Operational Use of Social Media
(June 8, 2012), and Instruction 110-01-001, Privacy Policy for Operational
Use of Social Media (June 8, 2012)
• CBP Directive No. 5410-003, Operational Use of Social Media (January 2,
2015)

~ In development. D Operational. Date first launched:
u se of social media;
b) Email and accounts. Use online screen names or identities th at inclicate an official DHS
affiliation and use DHS email addresses to open accounts used when engaging in social
135

20{0IDil9>dhsgov
www .dhs.gov/privacy

Page 7 of
10
(b) (7)(E)
information;
(b) (7)(E)
d) Privact; settings. Respect individuals' privacy settings and access only information that is
publicly available;
(b) (7)(E)
e) PII collection: Collect the minimum PII necessary for the proper performance of their

fl PII safeguards. Protect PII as required by the Privacy Act (if applicable) and DHS privacy
policy;

accessed, information collected and how it was used in the same manner as the
component would document information collected from any source in the normal course
of business.

provided by the OHS Privacy Office. Training must include, at minimum: legal

~ Yes, employees self-certify that they have read and understood their Component
Rules of Behavior.
136
Security WashinuD OC 20528

202!1PJPlJdhs.gov

Page 8 of
10
[81 Yes, Component Privacy Officers or PPOCs maintain a record of employee

D No. If not, please explain:
137

202,[ ~dhs.gov

Page 9 of
10
OHS SOCIAL MEDIA DOCUMENTATION

(To be Completed by the OHS Privacy Office)
DATE reviewed by the OHS Privacy Office: 04/26/2019
NAME of the OHS Privacy Office Reviewer: (b) (6), (b) (7)(C)
OHS Privacy Office Determination

~ Program has met requirements to use social media for the stated authorized
D Program has not yet m et requirements to utilize social media for operational
purposes.
D Program authorities do not authorize operational use of social media.
D Rules of Behavior do not comply. <Please explain analysis.>
D Training required.
D A PIA is required.
[8J Cove red by existing PIA. DHS/ALL/PIA-056 DHS and Component
Network IT Security Operations and Privacy and IT Security Incident
Response; DHS/CBP/PIA-OlO(a) Analytical Framework for Intelligence
D New.

here.>
~ A SORN is required:
[8J Covered by existing SORN. DHS/CBP/PIA-OlO(a) Analytical Framework
for Intelligence
D New.
D Updated. <Please include the name and number of SORN to be updated
here.>
OHS PRIVACY OFFICE COMMENTS
138

202-~ dhs.gov

Page 10 of
10
CBP is submitting this PTA to discuss OIT use of social m e d i a ~

and cybersecurity of CBP information systems and networks. ~
(b )(7)(E)
(b) (7)( E)
OIT identifies an issue of concern in which PU of an individual that posted it is not
necessary, the PII will be redacted from any notifications or products that are produced
or stored. If PII is deemed relevant, the notifications and work products containing the
PII will be retained in AFI.
The DHS Privacy Office finds this is a privacy sensitive use of social media, and
requires PIA coverage. Coverage for instances where CBP would identify an issue of
concern on social media in which PII is not relevant or necessary is provided by
DHS/ALL/PIA-056 OHS and Component Network IT Security Operations and Privacy
and IT Security Incident Response, which outlines the Department's efforts to protect
the confidentiality, integrity, and availability of OHS information and information
assets. In the event that PII is relevant and would be included in notifications and work
products, coverage is provided by DHS/CBP/PIA-OlO(a) Analytical Framework for
Intelligence, which discusses information collected as part of CBP's efforts to identify,
apprehend, and prosecute individuals who pose a potential law enforcement or
security risk, and aids in the enforcement of customs, immigration, and other laws
enforced by DHS.
SORN coverage is also required, and is p rovided by DHS/CBP-024 CIRS, which cove rs
information collected to identify, apprehend, or prosecute individuals who pose a
potential law enforcement or security risk.
139
Office of Professional Responsibility: Use of Social Media for Administrative Investigations

This template is used to assess the Department’s Operational Use of S ocial Media,
consistent with Manage ment Directive 110-01.
12333, as amended.
1Gathering information by the Office of Operations Coordination and Planning (OPS) to enhance situational awareness is exempt from
this requirement and is covered by the existing PIA: DHS/OPS/PIA-004(d) - Publicly Available Social Media Monitoring and
140
USCBP000097

Please complete this for m and se nd it to your Co mpone nt Pri vacy Officer.
Upon receipt, your Component Pri vacy Officer and the DHS Privacy Offi ce will review this
form and may re quest additional information.
SUMMARY INFORMATION

Contact Information:(b) (6), (b) (7)(C)Senior Special Agent, (b) (6), (b) (7)(C)
Counsel 2Contact Information: (b) (6), (b) (7)(C) Associate Chief Counsel, Enforcement
and Operations


• DHS/CBP/PIA-044, Joint Integrity Case Management System (JICMS), July 18, 2017

• DHS/ALL -020 - Department of Ho meland Security Internal Affairs, April 28, 2014, 79
FR 23361
Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social
2
media.
141
USCBP000098
SPECIFIC QUESTIONS
This SMOUT addresses the operational use of social media for administrative investigations in
a professional responsibility context. The personnel anticipated to use social media under this
SMOUT are assigned to the Office of Professional Responsibility (OPR) Investigative Operations
Division (IOD). All allegations against CBP employees are entered through the Joint Intake
Center (JIC) process. The CBP OPR JIC and IOD vet the allegations to determine whether any
allegation of corruption or misconduct rise to the level of criminal activity. If an allegation is
determined to rise to the level of criminal activity, the investigation will proceed under the CBP
OPR SMOUT for criminal investigations. If an allegation does not rise to the level of criminal
activity, or if a prosecutor determines that a case cannot viably be criminally prosecuted, then
OPR IOD will treat it as an administrative investigation. OPR IOD conducts administrative
investigations for employee misconduct (improper fraternization, neglect of duty,
mismanagement, etc.) in order to ensure compliance with CBP rules and prevent against
corruption. In the process of these investigations OPR IOD will use the internet, including social
media, to investigate, gather evidence, and gather information on activities by CBP employees
-
or contractors that is pertinent to allegations of misconduct by an employee or contractor. (b)
(7)
(E)
OPR IOD will not be involved in the gratuitous gathering of personal social media information
or PII. OPR IOD’s focus is solely on identifying information that is germane to either proving or
disproving allegations of misconduct. All OPR IOD investigations are predicated on specific
allegations or articulable facts that are prima facie indicators of misconduct.
Once an individual is the subject of an investigation, OPR IOD will use the Internet, including
social media as defined in DHS Instruction 110‐01‐001, Privacy Policy for the Operational Use of
Social Media (Privacy Policy), for administrative investigations in a professional responsibility
context that do not rise to the level of criminal misconduct or where prosecution is declined to
gather evidence and relevant information related to misconduct. (b) (7)(E)
(b) (7)(E)
- The information is stored in the Joint Integrity Case Management System (JICMS), which
is covered under the DHS/ALL-20- Internal Affairs SORN and the JICMS PIA.
This use of the Internet, including social media, involves activities to gather information
pertinent to allegations of misconduct by an employee or contractor, such as (b) (7)(E)
(b) (7)(E) This information is gathered and
used by CBP OPR IOD personnel in the same manner as information gathered from non‐Internet
142
USCBP000099
and non‐social media sources such as information gathered in person, on the phone, or through
research of hard copy documents. Information gathered in this fashion may be used in
administrative investigations of employees or contractors of CBP.
2. Based on the operational use of social media listed above, please provide
the appropriate authorities.
 Homeland Security Act of 2002 § 411(c) & (j), Pub. L. No. 107‐296, 116 Stat. 2135 (2002) as
amended by section 802 of the Trade Enforcement and Trade Facilitation Act of 2015, Pub. L.
No. 114-25 (2016) (codified at 6 U.S.C. § 211(c) & (j))
 Inspector General Act of 1978, Pub. L. 95–452, 92 Stat. 1101 (1978), as amended (codified at 5
U.S.C. App.)
 DHS Delegation No. 7010.3, Delegation of Authority to the Commissioner of U.S. Customs and
Border Protection
 DHS Management Directive 0810.1, The Office of Inspector General
 CBP Directive No. 2130-016, Roles and Responsibilities for Internal Affairs Activities and
Functions (December 23, 2008)
(b) (5)
□ In development. Operational. Date first launched: July 18, 2017
5. Please describe the Rules of Behavior in effect for the listed operational use of social media.
If users do NOT follow a particular Rule, please detail reasoning for not following that Rule:
a) Equipment. Use only government-issued equipment when engaging in the
Yes.
b) Email and accounts. Use online screen names or identities that indicate an official DHS
affiliation and use DHS email addresses to open accounts used when engaging in
social media in the performance of their duties;
(b) (7)(E)
143
P000100
(b) (7)(E)
reviewing posted information without interacting with any individual who posted
the information;
(b) (7)(E)
d) Privacy settings. Respect individuals’ privacy settings and access only information that
is publicly available;
(b) (7)(E)
authorized duties except for systems subject to Final Rules for Exemption from
certain aspects of the Privacy Act;
Yes.
f) PII safeguards. Protect PII as required by the Privacy Act (if applicable) and DHS
privacy policy;
Yes.
□
No. If not, please explain:
Yes.
Yes.
Rules of Behavior.


H
S
144
USCBP000101

NAME of the DHS Privacy Office Reviewer (b) (6), (b) (7)(C)
DESIGNATION
This program is covered by the following Privacy Impact Assessment and Privacy Act
System of Records Notice:
PIA: DHS/CBP/PIA-044 Joint Integrity Case Management System (JICMS)

SORN: DHS/ALL-020 Department of Homeland Security Internal Affairs, April 28, 2014, 79 FR
23361
1. Category of Use:
Law Enforcement Intelligence;
Criminal law enforcement investigations;
Background investigations;
Professional responsibility investigations;
Administrative or benefit determinations (including fraud detection);
Situational awareness; and
Other. <Please explain "other" category of use here.>
(b) (5)
a. Equipment.
(b) (7)(E)
Users must use government-issued equipment. Equipment may be non-

attributable and may not resolve back to DHS/US IP address.
■
(b) (7)(E)
Users must use government-issued equipment. Equipment must resolve

back to DHS/US IP address.
b. Email and accounts. 145
USCBP000102
■
(b) (7)(E)
Users do not have to use government email addresses or official DHS
accounts online.
■
(b) (7)(E)
sers must use government email addresses or official DHS accounts
online.
■
(b) (7)(E)
Users may interact with individuals online in relation to a specific law

enforcement investigation.
■Users may NOT interact with individuals online.

(b) (7)(E)
d. Privacy settings.
Users may disregard privacy settings.
Users must respect individual privacy settings.

e. PII storage:
PII is maintained in an exempted Privacy Act System of Records.
Please list applicable SORN here: DHS/ALL-020 Department of

Homeland Security Internal Affairs, April 28, 2014, 79 FR 23361
□ PII is maintained in a Privacy Act Systems of Records.

f. PII safeguards.
PII is protected as required by the Privacy Act and DHS privacy policy.
Only a minimal amount of PII is collected and safeguarded, consistent with

DHS/OPS-004 – Publicly Available Social Media Monitoring and
Situational Awareness Initiative.
g. Documentation.

h. Training.
Legal authorities;
Acceptable operational uses of social media;
Access requirements;
146
USCBP000103
Applicable Rules of Behavior; and
Requirements for documenting operational uses of social media.
training.

Rules of Behavior.

Program has not yet met requirements to utilize social media fo r operational
purposes.
□ Program
a ational use of social media.
u
t □ Rules of Behavior do not comply. <Please explain analysis.>
h
o Additional Privacy compliance documentation is required:
r
i A PIA is required.
t Covered by existing PIA. DHS/CBP/PIA-044 Joint Integrity
i Case Management System (JICMS)
e
s New.
d Updated. <Please include the name and number of PIA to be
o updated here.>
n
A SORN is required:
o
t Covered by existing SORN. DHS/ALL-020 Department of
a Homeland Security Internal Affairs, April 28, 2014, 79 FR 23361
u
New.
t
h Updated. <Please include the name and number of SORN to
o be updated here.>
r
i
z DHS PRIVACY OFFICE COMMENTS
e
o
p
e
147
USCBP000104
r
CBP is submitting this SMOUT to discuss the operational use of social

media for administrative investigations in a professional responsibility
context. Office of Professional Responsibility (OPR) Investigative
Operations Division (IOD) personnel will use social media to investigate
allegations against CBP employees to vet the allegations to determine
whether any allegation of corruption or misconduct rise to the level of
criminal activity. If an allegation does not rise to the level of criminal
activity, or if a prosecutor determines that a case cannot viably be criminally
prosecuted, then OPR IOD will treat it as an administrative investigation.
OPR IOD conducts administrative investigations for employee misconduct
(improper fraternization, neglect of duty, mismanagement, etc.) in order to
ensure compliance with CBP rules and prevent against corruption.
CBP OPR IOD will use social media to gather evidence directly relevant to
the activity that predicates its investigation. OPR IOD will not gather PII
that is not relevant to the investigation pursuant to OPR IOD investigation
training standards and guidelines, the CBP Directive for Operational Use
of Social Media, the CBP Rules of Behavior, and the DHS Privacy Policy for
the Operational Use of Social Media. OPR IOD’s focus is solely on
identifying information that is germane to either proving or disproving
allegations of administrative violations or misconduct. (b) (7)(E)
(b) (7)(E)
The information is stored in the Joint Integrity Case

Management System (JICMS).
While some investigations are clearly administrative, some criminal

investigations may become administrative in nature. Once a prosecuting
authority declines prosecution of an investigation, it may become an
administrative matter. This change in the character of the investigation is a
function of prosecutorial discretion, and not an arbitrary decision on the
part of OPR.
The DHS Privacy Office finds that CBP’s operational use of social media for
internal affairs administrative investigations purposes is consistent with
their internal affairs investigatory authorities. PIA coverage is provided by
DHS/CBP/PIA-044 Joint Integrity Case Management System (JICMS).
SORN coverage is provided by DHS/ALL-020 Department of Homeland
Security Internal Affairs.
148
USCBP000105

202 (b) (7)(E)@dhs gov
www dhs gov/privacy

Page 1 of 9

12333, as amended.
149
USCBP000088

202 (b) (7)(E) @dhs gov
www dhs gov/privacy

Page 2 of 9

SUMMARY INFORMATION
Contact Information: International Trade Specialist, Office of Trade,

(b) (6), (b) (7)(C)
(b) (6), (b) (7)(C) International Trade Specialist, Office of Trade (b) (6), (b) (7)(C)
(b) (6), (b) (7)(C) International Trade Specialist, Office of Trade (b) (6), (b) (7)(C)
(b) (6), (b) (7)(C)
International Trade Specialist, Office of Trade, (b) (6), (b) (7)(C) Management and
Program Analyst, Office of Trade (b) (6), (b) (7)(C)
- Counsel 2 Contact Information:

(b) (6), (b) (7)(C)
(b) (6), (b) (7)(C) Director
IT System(s) where social media data is stored: Information will be stored in users shared
Forced Labor Division
-
(b) (6), (b) (7)(C)
drive

• The CBP Privacy Office finds that overarching PIA coverage for this effort is provided
by the DHS/CBP/PIA-010(a) Analytical Framework for Intelligence, which outlines
CBPs efforts to identify, apprehend, and prosecute individuals who pose a potential
law enforcement or security risk, and aids in the enforcement of customs, immigration,
and other laws enforced by DHS. The CBP Privacy Office is working to develop more
specific coverage in the future, however AFI covers all aspects of this effort, including
the collection and use of social media.

• The CBP Privacy Office finds that SORN coverage for this effort is provided by
DHS/CBP-017 – Analytical Framework for Intelligence System (June 7, 2012 77 FR
13813), which describes CBP’s collection, maintenance, and use of records in order to
identify, apprehend, and/or prosecute individuals who pose a potential law
enforcement risk and aid in the enforcement of the customs laws.
• The CBP Privacy Office finds that SORN coverage for this effort is provided by
DHS/CBP-001 Import Information System (July 26, 2016, 81 FR 48826), which describes
2 Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social media.
150
USCBP000089

20211:JIDilibdhs gov
www dhs gov/privacy

Page 3 o/ 9
CBP's collection, maintenance, and u s e of records on all commercial goods imported

into the United States, along with carrier, broker, importer, as well as other
inform ation that fa cilitates the flow of legitimate shipments, and assi s ts DHS/ CBP in
s e curing U . S . borders and targe ting illicit goods.
SPECIFIC QUESTION S
investigations, benefit or employment determinations, or situational awareness. If us e does
CBP is submitting this SMOUT to outline the Office of Trade, Forced Labor Division' s (FLO) operational
use of social media, including apabilities to identify and support
FLO cases. The Commissioner of CBP established the Forced Labor Division in 2018 to focus solely on
developing forced labor enforcement cases. These cases are
FLO may take notes containing PIT from the social media that is reviewed, but it
will not be retrievable by a personal identifier. All notes would be stored in password protected files on a
shared drive. Because FLO investigates entities, this information will be stored for the length of the
investigation.
authorities.
Under the authority of 19 CFR § 12.42 Findings of Commissioner of Customs.

(a) If any port director or other principal Customs officer has reason to believe that any class of
merchandise that is being, or is likely to be, imported into the United States is being produced, whether
by mining, manufacture, or other means, in any foreign locality with the use of convict labor, forced
labor, or indentured labor under penal sanctions, including forced child labor or indentured child labor
under penal sanctions, so as to come within the purview of section 307, Tariff Act of 1930, he shall
communicate his belief to the Commissioner of Customs. Every such communication shall contain or be
accompanied by a statement of substantially the same information as is required in paragraph (b) of this
151
USCBP000090

202IU)IDIB}tdhs gov
www dhs gov/privacy

Page 4 o/9
section, if in the possession of the port director or other officer or readily available to him. Also, under 19
U.S. Code § 1307 - Convict-made goods; importation prohibited. All goods, wares, articles,
and merchandise mined, produced, or manufactured wholly or in part in any foreign country by convict
labor or/and forced labor or/and indentured labor under penal sanctions shall not be entitled to entry at
any of the ports of the United States, and the importation thereof is hereby prohibited, and the Secretary
of the Treasury is authorized and directed to prescribe such regulations as may be necessary for the
enforcement of this provision.
"Forced labor", as herein used, shall mean all work or service which is exacted from any person under
the menace of any penalty for its nonperformance and for which the worker does not offer himself
voluntarily. For purposes of this section, the term "forced labor or/and indentured labor" includes forced
or indentured child labor.
3. Is this us e of social media in development or operational?
[8J In development. D Operational. Date first launched :

• See attached Rules of Behavior (RoB)
a) Equipment. Use only government-issued equip m ent when engaging in the operational
[8J Yes. D No. If not, please explain:
affiliation and use O HS email addresses to open accounts used when engaging in social
m ed ia in the performance of their duties;
152
USCBP000091

202laBIIB)bdhs gov
www dhs gov/privacy

Page 5 o/ 9
c) Public inte:raction. Access publicly available information through social media only by
information;
d) Privae1; settings. Respect individuals' privacy settings and access only information that is
publicly available;
(b) (?)(E)
e) PII collection: Collect the minimum PIT necessary for the proper performance of their
[8'.I Yes. D No. If not, please explain:

f) PII safeguards. Protect PII as required by the Privacy Act (if applicable) and O HS privacy
policy;
[8'.i Yes. D No. If not, please explain:

accessed, information collected and how it was used in the same manner as the
component would document information collected from any source in the normal course
of business.

provided by the OHS Privacy Office. Training must include, at minimum: legal
153
USCBP000092

202 (b) (7)(E) @dhs gov
www dhs gov/privacy

Page 6 of 9
Rules of Behavior.

154
USCBP000093

202 (b) (7)(E) @dhs gov
www dhs gov/privacy

Page 7 of 9


[8J Program has met requirements to use social media for the stated authorized
Program has not yet met requirements to utilize social media for operational
□
purposes.

A PIA is required.
[8J Covered by existing PIA. DHS/CBP/PIA-010(a) Analytical Framework for
Intelligence
□ New.
Updated. <Please include the name and number of PIA to be updated
□
here.>
A SORN is required:
Covered by existing SORN. DHS/CBP-001 Import Information System,
July 26, 2016, 81 FR 48826; DHS/CBP-017 Analytical Framework for
Intelligence System, June 7, 2012, 77 FR 13813
□ New.
□ Updated.
here.>
<Please include the name and number of SORN to be updated
155
USCBP000094

202laBIIBbdhs gov
www dhs gov/privacy

Page 8 o/ 9
CBP Office of Trade, Forced Labor Division's (FLO ) is submitting this SMOUT to
discuss the re uest for access to social media for certain instances to useMG)mD■
Under no circumstance will O HS/ CBP violate any social media privacy settings
PIA coverage for this collection is provided by the O HS/CBP/PIA-0lO(a) Analytical

Framework for Intelligence, which outlines CBPs efforts to identify, apprehend, and
prosecute individuals who pose a potential law enforcement or security risk, and aids
in the enforcement of customs, immigration, and other laws enforced by O HS. The
O HS Privacy Office agrees with CBP Privacy that they should work to develop more
specific coverage in the future .
SORN coverage for collection, maintenance, and sharing of information by FLO is

provided by O HS/ CBP-017 Analytical Framework for Intelligence System (June 7, 2012
77 FR 13813), which describes CBP' s collection, maintenance, and use of records in
order to identify, apprehend, and/or prosecute individuals who pose a potential law
enforcement risk and aid in the enforcement of the customs laws.
156
USCBP000095

202 (b) (7)(E) @dhs gov
www dhs gov/privacy

Page 9 of 9
Additional SORN coverage is provided by DHS/CBP-001 Import Information System

(July 26, 2016, 81 FR 48826), which describes CBP’s collection, maintenance, and use of
records on all commercial goods imported into the United States, along with carrier,
broker, importer, as well as other information that facilitates the flow of legitimate
shipments, and assists DHS/CBP in securing U.S. borders and targeting illicit goods.
157
USCBP000096
Office of Professional Responsibility: Use of Social Media for Background Investigations and Periodic
Reinvestigations

12333, as amended.
1Gathering information by the Office of Operations Coordination and Planning (OPS) to enhance situational awareness is exempt
158
USCBP000116
Reinvestigations

SUMMARY INFORMATION

-
Contact Information:
(b) (6), (b) (7)(C)
(b) (6), (b) (7)(C) Director, Personnel Security Division (b) (6), (b) (7)(C)
Counsel Contact Information: (b) (6), (b) (7)(C) Associate Chief Counsel, Ethics, Labor &
Employment
2
-
• Integrated Security Management System (ISMS)

• DHS/ALL/PIA-038(c) Integrated Security Management System (ISMS), June 26, 2017
• Forthcoming Background Investigations PIA

• DHS/ALL-023 - Department of Homeland Security Personnel Security
Management, February 23, 2010, 75 FR 8088
2Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social media.
159
USCBP000117
Office of Professional Responsibility : Use of Social Media for Background Investigations and Periodic
Reinvestigations
SPECIFIC QUESTION S
1. Describe the category of use for collecting personally identifiable infonnation from social
This SMOUT addresses the operational use of social media during background investigations
and adjudications for determining initial or continued suitability for employment, eligibility
to occupy a national security position, eligibility for access to classified information, eligibility
for unescorted access to DHS/CBP facilities, or access to D HS/ CBP information technology
systems. The personnel using social media under this SMOUT are Office of Professional
Responsibility (OPR), Personnel Security Division (PSD), employees and persons contracted
by O PR PSD to support the background investigation, periodic reinvestigation, and
continuous evaluation process.
sharing information w ith O PR 100 , O PR PSD may also share information w ith other entities
as required by regulation.
\U) (?)(E)
160
USCBP000118
Reinvestigations
will be stored in the Integrated Security Management

System (ISMS), which is covered under the OHS/ALL-023 Department of H omeland Security
Personnel Security Management SORN. OPR PSD is not involved in the gratuitous gathering of
'al d ' inf ti th t. 11 f . ; ht .

personal social media information or PIT. In addition, O PR does not collect or store as evidence
t t db th F' t
(b) (?)(E)
authorities.
• Executive Order (E.O .) 10450; E.O. 12968; E.O. 13467; E.O. 13488; E.O. 13764
• 5 CFR Parts 731, 732, 736, and 1400; 32 CFR Part 147
• Security Executive Agent Directive 4, National Security Adjudicative Guidelines
• Security Executive Agent Directive 5, Collection, Use, and Retention of Publicly Available
Social Media Information in Personnel Security Background Investigations and Adjudications
• Director of Central Intelligence Directive 6/4
• OHS Delegation No. 12000, Delegation for Security Operations Within the Department of
H omeland Security
• OHS Directive 110-01, Privacy Policy for Operational Use of Social Media (June 8, 2012), and
Instruction 110-01-001, Privacy Policy for Operational Use of Social Media (June 8, 2012).
• CBP Directive No. 2130-016, Roles and Responsib ilities for Internal Affairs Activities and
Functions (December 23, 2008)
• CBP Directive No. 5410-003, Operational Use of Social Media (January 2, 2015)

J:8'.i in development. D 0perational.
Attached. Also attached is the CBP Directive for Operational Use of Social Media.
(b) (7)(E)
161
USCBP000119
Reinvestigations
(b) (7)(E)
information;
d) (b) (7)(E) Privacy settings. Respect individuals’
privacy settings and access only information that is publicly available;
(b) (7)(E)
e) PII collection: Collect the minimum PII necessary for the proper performance of
Yes.
f) PII safeguards. Protect PII as required by the Privacy Act (if applicable) and DHS privacy
policy;
Yes.

Yes.
Yes.
Rules of Behavior.

162
USCBP000120
Reinvestigations

(To be C ompleted by the DHS Privacy Office)
D ATE reviewe d b y the DHS Privacy Office: 5/16/2018
NAME of the O H S Privacy Office Reviewer : (b) (6), (b) (7)(C)
DESIGNATION
This program is covere d b y the following Priv acy Impact Asse ssmen t an d Priv acy Act
System of Records N otice:
PIA: New CBP Background Investigations PIA
SORN: Update to D HS/ALL-023 Department of Homeland Security Personnel Security

Management, February 23, 2010, 75 FR 8088
1. Category of Use:
0 Law Enforcement Intelligence;
0 Criminal law enforcement investigations;
[8'.!Background investigations;
[8'.!Professional responsibility investigations;
D Administrative or benefit determinations (including fraud detection);

D Situational awareness; and
D Other. <Please explain "other" category of use here.>
(b) (5)
a. Equipment.
163
USCBP000121
Reinvestigations

(b) (7)(E)
(b) (7)(E)

e. PII storage:
□ PII is maintained in an exempted Privacy Act System of Records.

PII is maintained in a Privacy Act Systems of Records.
Please list applicable SORN here: DHS/ALL-023 Department of

Homeland Security Personnel Security Management, February 23, 2010, 75 FR
8088 - SORN must be updated with social media information as a Category of
Record.
f. PII safeguards.

DHS/OPS-004 – Publicly Available Social Media Monitoring and Situational
Awareness Initiative.
g. Documentation.

h. Training.
164
USCBP000122
Reinvestigations
Legal authorities;
training.

Rules of Behavior.

Program has not yet met requirements to utilize social media for operational purposes.

□ Rules of Behavior do not comply.<Please explain analysis.>
A PIA is required.
New. CBP Background Investigations PIA
Updated.
A SORN is required:
New.
Updated. DHS/ALL-023 Department of Homeland Security Personnel
Security Management, February 23, 2010, 75 FR 8088
165
USCBP000123
Reinvestigations

CBP Privacy is submitting this SMOUT to discuss the operational use of social media
during background investigations and adjudications for determining initial or
continued suitability for employment, eligibility to occupy a national security position,
eligibility for access to classified information, eligibility for unescorted access to
DHS/CBP facilities, or access to DHS/CBP information technology systems.
The personnel using social media under this SMOUT are Office of Professional
Responsibility (OPR), Personnel Security Division (PSD), employees and persons
contracted by OPR PSD to support the background investigation, periodic
reinvestigation, and continuous evaluation process.
This SMOUT encompasses both (b) (7)(E), (b) (5) OPR PSD’s use
of social media for (b) (7)(E), (b) (5)
(b) (7)(E), (b) (5)

OPR PSD will use the (b) (7)(E), (b) (5)
(b) (7)(E), (b) (5)

The DHS Privacy Office finds that CBP’s operational use of social media by OPR PSD
is consistent with its background investigation responsibilities and authorities.
A new CBP Background Investigations PIA will be required to discuss the collection
of social media information by OPR PSD to support the background investigation,
periodic reinvestigation, and continuous evaluation process. SORN coverage is
provided by the DHS/ALL-023 Department of Homeland Security Personnel Security
Management SORN, which will need to be updated to include social media
information as a Category of Records.
166
USCBP000124
Office of Professional Responsibility: Use of Social Media for Criminal Investigations

This template is used to assess the Department’s Operational Use of S ocial Media,
consistent with Manage ment Directive 110-01.
12333, as amended.
1Gathering information by the Office of Operations Coordination and Planning (OPS) to enhance situational awareness is exempt from
this requirement and is covered by the existing PIA: DHS/OPS/PIA-004(d) - Publicly Available Social Media Monitoring and
167
USCBP000106

Please complete this for m and se nd it to your Co mpone nt Pri vacy Officer.
Upon receipt, your Component Pri vacy Officer and the DHS Privacy Offi ce will review this
form and may re quest additional information.
SUMMARY INFORMATION

Contact Information: (b) (6), (b) (7)(C)

Counsel 2Contact Information: (b) (6), (b) (7)(C) Associate Chief Counsel, Enforcement
and Operations


• DHS/CBP/PIA-044, Joint Integrity Case Management System (JICMS), July 18, 2017

• DHS/ALL -020 - Department of Ho meland Security Internal Affairs, April 28, 2014, 79
FR 23361
Counsel listed here must certify that appropriate authority exists to engage in particular operational activities involving social
2
media.
168
USCBP000107
SPECIFIC QUESTIONS
This SMOUT addresses the operational use of social media for criminal investigations in a
professional responsibility context. The personnel anticipated to use social media under
this SMOUT are assigned to the Office of Professional Responsibility (OPR) Investigative
Operations Division (IOD). This SMOUT encompasses using (b) (7)(E)
(b) (7)(E) All allegations against
CBP employees are entered through the Joint Intake Center (JIC) process. The CBP OPR JIC
and IOD vet the allegations to determine whether any allegation of corruption or misconduct
rise to the level of criminal activity. For those allegations determined to be criminal in nature,
OPR requires the use of cutting edge investigative methodologies to collect evidence that may
be unavailable through traditional investigative means. CBP OPR IOD investigators are aware
that targets of criminal investigations may place information, (b) (7)(E)
in
publicly accessible/non-privacy restricted social media forums. This publicly accessible/non-
privacy restricted information has the potential to serve as evidence germane to the criminal
activity under investigation. (b) (7)(E)
The evidentiary potential of this publicly
accessible/non-privacy restricted social media information may be derogatory or mitigating,
depending the investigation.
CBP OPR IOD will use social media to gather evidence directly relevant to the criminal activity
that predicates their investigations. OPR IOD will not gather PII that is not relevant to the
investigation pursuant to OPR IOD investigation training standards and guidelines, the CBP
Directive for Operational Use of Social Media, the CBP Rules of Behavior, and the DHS Privacy
Policy for the Operational Use of Social Media. OPR IOD’s focus is solely on identifying
information that is germane to either proving or disproving allegations of criminal
violations or misconduct. All OPR IOD investigations are predicated on specific allegations or
articulable facts that are prima facie indicators of misconduct or criminal violations.
Once an individual is the subject of an investigation, OPR IOD will use social media to
gather evidence and relevant information related to the criminal conduct. (b) (7)(E)
(b) (7)(E)
. The information is stored in the Joint Integrity

Case Management System (JICMS), which is covered under the DHS/ALL-20- Internal Affairs
SORN and the JICMS PIA.
169
USCBP000108
(Note: While some OPR IOD investigations are clearly administrative, based on a lack of
correlation between activity and criminal statutes, some criminal investigations may
become administrative in nature. Once a competent prosecuting authority (i.e., the U.S.
Attorney’s Office) declines prosecution of an investigation, it may become an administrative
matter. This change in the character of the investigation is a function of prosecutorial
discretion, and not an arbitrary decision on the part of OPR. Once prosecution of the matter
is declined, OPR IOD will conduct any further investigation of the matter pursuant to the
Office of Professional Responsibility Administrative Investigation SMOUT.
 Homeland Security Act of 2002 § 411(c) & (j), Pub. L. No. 107‐296, 116 Stat. 2135
(2002) as amended by section 802 of the Trade Enforcement and Trade Facilitation Act
of 2015, Pub. L. No. 114-25 (2016) (codified at 6 U.S.C. § 211(c) & (j)
 19 U.S.C. § 1589a, Enforcement authority of customs officers
 8 U.S.C. § 1357, Powers of immigration officers and employees
 8 C.F.R. § 287.2, Disposition of criminal cases
 DHS Delegation 7010.3, Delegation of Authority to the Commissioner of U.S. Customs
and Border Protection
 Memorandum, Authorization to the Commissioner of CBP to Investigate Allegations of
Criminal Misconduct by CBP Employees and to Convert CBP Internal Affairs GS-1801
Employees to GS-1811 Series to Conduct such Investigations (Aug. 29, 2014)
 CBP Directive No. 2130-016, Roles and Responsibilities for Internal Affairs Activities
and Functions (December 23, 2008)
 CBP Office of Internal Affairs Order 14-001, Designation Order, Immigration Officer and
Customs Officer Authority (Sept. 25, 2014)
 8 C.F.R. § 2.1, Authority of the Secretary of Homeland Security
(b) (5)
□ In development. Operational. Date first launched: July 18, 2017
170
USCBP000109
Office of Professional Responsibility : Use of Social Media for Criminal Investigations
(b) (7)(E)
information;
(b) (7)(E)
d) Privaci; settings. Respect individuals' privacy settings and access only information that is
pub licly available;
(b) (?)(E)
f) PII safeguards. Protect PII as required b y the Privacy Act (if applicab le) and DHS privacy
policy;

171
USCBP000110

Yes.
As described in Section 1, all documentation of the operational use of social media for
OPR IOD’s criminal investigations is done (and stored) within the individual JICMS case
file. JICMS has privacy compliance coverage under the DHS/ALL-20- Internal Affairs
SORN and the JICMS PIA (DHS/CBP/PIA-044).
Yes.
Rules of Behavior.

172
USCBP000111

NAME of the DHS Privacy Office Reviewer (b) (6), (b) (7)(C)
DESIGNATION
This program is covered by the following Privacy Impact Assessment and Privacy Act System
of Records Notice:
PIA: DHS/CBP/PIA-044 Joint Integrity Case Management System (JICMS)

SORN: DHS/ALL-020 Department of Homeland Security Internal Affairs, April 28, 2014, 79 FR
23361
1. Category of Use:
Law Enforcement Intelligence;
Criminal law enforcement investigations;
Background investigations;
Professional responsibility investigations;
Administrative or benefit determinations (including fraud detection);
Situational awareness; and
Other. <Please explain "other" category of use here.>
(b) (5)
a. Equipment.
(b) (7)(E)
Users must use government-issued equipment. Equipment may be non-
attributable and may not resolve back to DHS/US IP address.
(b) (7)(E)
Users must use government-issued equipment. Equipment must resolve

back to DHS/US IP address.
■
(b) (7)(E)
Users do not have to use government email addresses or official DHS accounts
online.
173
USCBP000112
■
(b) (7)(E)
Users must use government email addresses or official DHS accounts online.
■
(b) (7)(E)
Users may interact with individuals online in relation to a specific law

enforcement investigation.
■
(b) (7)(E)
Users may NOT interact with individuals online.

e. PII storage:
PII is maintained in an exempted Privacy Act System of Records.
Please list applicable SORN here: DHS/ALL-020 Department of Homeland

Security Internal Affairs, April 28, 2014, 79 FR 23361
□ PII is maintained in a Privacy Act Systems of Records.

f. PII safeguards.

DHS/OPS-004 – Publicly Available Social Media Monitoring and
Situational Awareness Initiative.
g. Documentation.
Users must appropriately document their use of social media, and collection of
information from social media website.

h. Training.
Legal authorities;

174
USCBP000113
training.

employee attendance at privacy training that includes training on the Rules
of Behavior.

Program has met requirements to use social media for the stated authorized operational
purposes, and must continue compliance with the requirements above.
Program has not yet met requirements to utilize social media for operational purposes.

A PIA is required.
Covered by existing PIA. DHS/CBP/PIA-044 Joint Integrity Case
Management System (JICMS)
New.
Updated. <Please include the name and number of PIA to be updated here.>
A SORN is required:
Covered by existing SORN. DHS/ALL-020 Department of Homeland
Security Internal Affairs, April 28, 2014, 79 FR 23361
New.
Updated. <Please include the name and number of SORN to be updated
here.>
DHS PRIVACY OFFICE COMMENTS:
CBP is submitting this SMOUT to discuss the operational use of social media for criminal investigations in a
professional responsibility context. Office of Professional Responsibility (OPR) Investigative Operations
Division (IOD) personnel will use social media to investigate allegations against CBP employees to vet the
allegations to determine whether any allegation of corruption or misconduct rise to the level of criminal
activity. CBP OPR IOD will use social media to gather evidence directly relevant to the criminal activity that
predicates their investigations. OPR IOD will not gather PII that is not relevant to the investigation pursuant
to OPR IOD investigation training standards and guidelines, the CBP Directive for Operational Use of Social
Media, the CBP Rules of Behavior, and the DHS Privacy Policy for the Operational Use of Social Media.
OPR IOD’s focus is solely on identifying information that is germane to either proving or disproving
allegations of criminal violations or misconduct.
175
14
(b) (7)(E)
(b) (7)(E)
(b) (7)(E) The information
is stored in the Joint Integrity Case Management System (JICMS).
While investigations are clearly administrative, some criminal investigations may become
administrative in nature. Once a prosecuting authority declines prosecution of an investigation, it may
become an administrative matter. This change in the character of the investigation is a function of
prosecutorial discretion, and not an arbitrary decision on the part of OPR. Once prosecution of the matter is
declined, OPR IOD will conduct any further investigation of the matter pursuant to the Office of
Professional Responsibility Administrative Investigation SMOUT.
The DHS Privacy Office finds that CBP’s operational use of social media for internal affairs criminal
investigations purposes is consistent with their internal affairs investigatory authorities. PIA coverage is
provided by DHS/CBP/PIA-044 Joint Integrity Case Management System (JICMS). SORN coverage is
provided by DHS/ALL-020 Department of Homeland Security Internal Affairs.
176
USCBP000115

CBP September 2021 Production Brennan Center DHS FOIA Social Media Monitoring

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CBP September 2021 Production Brennan Center DHS FOIA Social Media Monitoring

Uploaded by

Copyright:

Available Formats

INFORMATION ISSUE PAPER

Office of Field Operations

Action Required: Info1m ation Only

Time Constraint: None

• SubsequentltDIUitalconducted mai·ket research, identified a suite of social media

Submitted by: (b) (6), (b) (7)(C)

CBP will continue to test and develop new capabilities

ill FY 17, CBP will:

Submitted by: (b) (6), (b) (7)(C)

• Implement lessons learned to date into th e workflow ofNTC screening/vetting, as

• Begin to make strategic investments in emerging technologies of value in this space;

Watch Out For/If Asked:

• CBP is in the process of establishing

Submitted by: (b) (6), (b) (7)(C)

Submitted by: (b) (6), (b) (7)(C)

U.S. Customs and Border Protection

(Unclassified//For Official Use Only/Law Enforcement Sensitive)

CBP would only share info1mation on

(Unclassified//For Official Use Only/Law Enforcement Sensitive)

Therefore, social media se1ves not only as a vital

(Unclassified//For Official Use Only/Law Enforcement Sensitive)

Use of Social Media

not available through other sources.

Social Media Use in the Electronic System for Travel Authorization

Current Social Media Use:

FOR OFFICIAL USE ONLY

vetting may be conducted concmTently and will be used

As mentioned above, DHS proposed additional changes to the ESTA application to

FOR OFFICIAL USE ONLY

Applicability to Waiver Authority

Social Media Pilot:

FOR OFFICIAL USE ONLY

If the ESTA is approved or the waiver is granted, the

DHS Science and Technology (S&T)

FOR OFFICIAL USE ONLY

Future State for Social Media:

FOR OFFICIAL USE ONLY

Social Media Briefing Paper

oppo1iunities for vetting agencies to detennine eligibility for h'avel or immigration

• DHS Privacy conducted a Privacy Compliance Review following CBP's collection of

Watch Out For

Office of Field Operations

Action Required: Info1mation Only

Time Constraint: None

• Subsequently.lQJIQilll:,onducted market research to identi

Submitted by: (Name of Originator)

Watch Out For/If Asked:

• - ocial media infonnation to suppo1t it .(b) (7)(E)

o CBP cunently provides introductory and operational security awareness social

o CBP is in the process of fonnalizing (b) (7)(E)

Submitted by: (Nam e of Originator)

Office of Field Operations

Action Required: Info1m ation Only

Time Constraint: None

• SubsequentltiJIUila]conducted market research, identified a suite of social media

Submitted by: (b) (6), (b) (7)(C)

Watch Out For/If Asked:

social media infonnation to support its (b) (7)(E)

o CBP is working with th e DHS Social Media Task and D~ dies in

• Is CBP using social media to monitor select individuals?

o CBP cunently provides introductory and operational security awareness social

o CBP is in the process of establishing (b) (7)(E)

Submitted by: (b) (6), (b) (?)(C)