U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. News
  3. Publications Library
  4. Privacy

Privacy

The DHS Privacy Office is responsible for evaluating the Department programs, systems, and initiatives for potential privacy impacts, and providing strategies to reduce the privacy impact.

  • DHS/ALL/PIA-027 Watchlist Service

    DHS receives a copy of the TSDB, the U.S. Government’s database maintained by the DOJ FBI TSC, to facilitate counterterrorism, law enforcement, border security

  • DHS/CBP/PIA-035 Compliments, Questions, Complaints and Comments Management System (CQC2MS)

    The U.S. Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP) Compliments, Questions, Complaints and Comments Management System (CQC2MS) is a customer-service system designed to address a broad spectrum of complaints and comments voluntarily submitted by members of the public. Although these complaints and comments may involve any type of interaction with CBP, the majority of complaints and comments focus on travel, such as incidents involving passengers at a checkpoint or trade, in connection with the entry and examination of goods into the United States. CBP is publishing this reissuance of the Privacy Impact Assessment (PIA) to provide notice and document the system name change from the Complaint Management System to Compliments, Questions, Complaint and Comments Management System (CQC2MS), which more accurately describes the type of complaints and inquiries CBP addresses through this system; to document the transition of the system to an internally hosted cloud platform; to discuss updates to the complaints and inquiries process; and to add the additional data elements collected through the online system.

  • DHS/CBP/PIA-049 CBP License Plate Reader Technology

    The U.S. Department of Homeland Security (DHS) U.S. Customs and Border Protection (CBP) uses a combination of surveillance systems, including license plate reader technology, to provide comprehensive situational awareness along the United States border to assist CBP in detecting, identifying, apprehending, and removing individuals illegally entering the United States at and between ports of entry or otherwise violating U.S. law. In 2017, CBP published a Privacy Impact Assessment (PIA) describing its use of commercially available fixed and mobile license plate reader technology. CBP is conducting this Privacy Impact Assessment (PIA) update to provide public notice of CBP’s use of license plate reader data procured from commercial vendors.

  • DHS/FEMA/PIA-051 FEMA Physical Access Control Systems (PACS)

    The U.S. Department of Homeland Security (DHS), Federal Emergency Management Agency’s (FEMA) Office of the Chief Security Officer (OSCO) owns and operates the Physical Access Control System (PACS). PACS supports a range of functions related to managing physical access by individuals to FEMA facilities. PACS allows authorized security personnel to simultaneously manage and monitor multiple entry points from a single, centralized location. FEMA is conducting this Privacy Impact Assessment (PIA) Update to provide notice and assess the privacy impacts of FEMA’s use of PACS in ways not addressed in the original PIA, including the collection of additional PII; the expansion of unescorted access to State, Local, Tribal, and Territorial emergency managers; the use of new Facility Access Request forms; and the classified portion of PACS.

  • Delegation to the Chief Privacy Officer

    This delegation vests the authorities of the Secretary of the Department of Homeland Security in the Chief Privacy Officer and Chief Freedom of Information Act (FOIA) Officer responsibilities.

  • Outstanding Recommendations for Privacy Compliance Reviews

    The DHS Privacy Office tracks implementation of PCR recommendations based on supporting evidence provided by the Component Privacy Office and/or Program reviewed. PCR recommendations that have yet to be implemented according to DHS Instruction 047-01-004 are listed here, and the list is updated periodically.

  • DHS/ALL/PIA-089 DHS International Biometric Interoperability Initiative for the Visa Waiver Program

    The Visa Waiver Program (VWP), administered by the U.S. Department of Homeland Security (DHS) in consultation with the Department of State (State), permits citizens of designated countries to travel to the United States for business or tourism for stays of up to 90 days without a visa. This Privacy Impact Assessment (PIA) considers the privacy risks and applicable mitigation strategies associated with implementing this Departmental policy.

  • DHS/CISA/PIA-034 Protected Critical Infrastructure Information Program

    The Protected Critical Infrastructure Information (PCII) Program, part of the Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), Infrastructure Security Division (ISD), Infrastructure Assessments and Analysis (IAA) Sub-Division, facilitates the sharing of PCII between the Government and the private sector. CISA has conducted this privacy impact assessment (PIA) to analyze and evaluate the privacy impact of the PCII Program’s overall operations, including the PCII submission and validation process, and user access management. Most of this work occurs on the Protected Critical Infrastructure Information Management System (PCIIMS). PCIIMS is an Information Technology (IT) system and the means by which PCII submissions from non-federal critical infrastructure owners and operators are received and cataloged, and PCII Authorized Users are registered, trained, and managed. This system receives, provides validation processes, and securely stores critical infrastructure information (physical and cyber systems and assets) meeting the PCII program definition for validation. This PIA replaces DHS/NPPD/PIA-006 Protected Critical Infrastructure Information Management System, published July 13, 2011.

  • DHS/ALL/PIA-078 Geospatial Information Infrastructure (GII)

    The Department of Homeland Security (DHS) Geospatial Information Infrastructure (GII) is a major application infrastructure, maintained by the Geospatial Management Office (GMO), representing the physical and logical implementation of the Department’s Geospatial Services Segment Architecture (GSSA). The purpose of the GII is to deliver a geospatial technology platform composed of geospatial enterprise applications, tools, and information to facilitate secure information-sharing between federal, state, local, tribal, territorial, private sector, international, and other non-governmental partners who support the homeland security mission. DHS is conducting this Privacy Impact Assessment (PIA) because the information viewed and shared in the GII may contain personally identifiable information (PII) on DHS personnel and members of the public.

  • DHS/CBP/PIA-061 Air Cargo Advance Screening

    U.S. Customs and Border Protection (CBP) requires air-cargo and shipping companies to submit their electronic manifest information in advance to CBP under the Air Cargo Advance Screening (ACAS) program. This advance information improves CBP’s ability to conduct risk assessments of incoming shipments in order to improve security and compliance with customs and other laws CBP enforces at the border. CBP is publishing this new Privacy Impact Assessment (PIA) to provide notice of the new mandatory requirements for ACAS participants, and to assess the privacy risks of its collection and use of personally identifiable information under this program.