Who’s watching the watchers at the DHS “Privacy” Office?
The Identity Project has joined with more than two dozen other organizations and individual experts from the Privacy Coalition in a joint letter to the House Committee on Homland Security, criticizing the DHS Privacy Office and its annual report and calling for better Congressional oversight of privacy-invasive DHS practices and the DHS Privacy Office itself.
There’s more about the letter, and the DHS response, today in the Washington Post.
We’re pleased to be part of this joint effort, and we hope Congress does more to rein in the DHS — although of course we are disappointed that DHS noncompliance with the law, the Constitution, and international treaties has made such a campaign necessary. The DHS consistently tries to exempt itself from major requirements of the Privacy Act, such as:
- Obtaining personal information from the person affected, rather than from third parties.
- Making personal information accessible to the person affected.
- Giving people a serious opportunity to correct records about them at DHS (or collected and held by “private” entities at DHS behest and used by the DHS).
- Only collecting information that is relevant to lawful purposes.
- Only collecting information that is timely.
- Only collecting information that is accurate.
- Only collecting information about categories of individuals disclosed in formal “System of Records Notices” in the Federal Register.
- Not collecting information about the First Amendment protected activities of US persons — such as who they are associating with, the books they are carrying or reading, the art or slogans or expressive insignia on their clothing or possessions, or where, why, how, and with whom they are assembling.
DHS claims for itself the ability to “exempt” itself from these statutory requirements. They do not cite any statute or court case that allows them to do so.
The DHS Privacy Office has been intimately involved in producing Federal Register filings that claim these exemptions from fundamental statutory Federal record-keeping requirements, and fail to properly disclose the extent of DHS systems of travel records. DHS travel records include information about numerous categories of people not mentioned in the SORNs, from people who pay for other people’s tickets to people whose phone numbers where entered in reservations of houseguests reconfirming flights, as well other information prohibited form collection by the Privacy Act. In this way, the Privacy Office has actively undermined the Privacy Act that they are sworn to uphold, and has been a party to criminal violations of the Privacy Act in the continued operation of these systems of records. We’ve gotten no response whatsoever to our repeated formal complaints of these crimes filed with the DHS Privacy Office.