Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The US Department of Homeland Security has removed multiple positions Customs and Border Protection Officials were dismissed from their roles this year after they objected to orders for the mislabeling of records monitoring Technologies and prevent their release under Freedom of Information ActWIRED has learned.
Since January, DHS leaders have reassigned two senior officials responsible for ensuring this CBP techniques Compliance with federal privacy law, according to multiple sources familiar with the situation. These sources have been granted anonymity because they fear government retaliation.
The reassignments followed orders in December from the DHS Privacy Office to treat routine compliance forms as legally privileged, and to label signed privacy assessments as “drafts” exempt from disclosure under federal records law.
Those removed included CBP’s chief privacy officer and one of the agency’s two privacy branch chiefs. The director of CBP’s Freedom of Information Act office was also removed last month.
DHS ordered the new confidentiality rules, sources say, after a CBP Freedom of Information Act officer lawfully issued a revised privacy assessment, sparking a backlash from DHS’s political leadership. The document — known as Privacy Threshold Analysis, or PTA — was Obtained by 404 Media Last fall, which provides the only official government record of Mobile fortificationa previously hidden face recognition application.
Preferential Trade Agreements is a required compliance form, which is a questionnaire that describes the basic mechanisms of new government systems that use or collect personal data. It also records whether privacy officials have approved the system or ruled that the government is legally obligated to look closely at how it affects people’s privacy.
In the case of Mobile Fortify, the public learned from the released PTA that the Department of Homeland Security had admitted that the app would capture people’s faces and fingerprints without their consent; that US citizens and lawful permanent residents will inevitably be among those photographed; Every photo taken, regardless of whether it matches anyone, will be stored for up to 15 years.
Classifying the document as a “draft” would ostensibly enhance the agency’s ability to bury such revelations using an exception in the Freedom of Information Act that protects “advisory opinions” and “recommendations.” Sources say the removed privacy officers saw the tactic as legally incoherent, arguing that a completed compliance form could not be signed and considered a draft at the same time.
“This policy change is illegal,” says Ginger Quintero-McCall, an attorney at the public interest law firm Free Information Group, and a former supervisory information law attorney at the Federal Emergency Management Agency, a component of the Department of Homeland Security. “There is nothing in the FOIA law — or any other law — that allows an agency to outright withhold privacy threshold analyses.”
Quintero-McCall says she witnessed retaliation while working firsthand before leaving government last year. “I would not be at all surprised to learn that management has reassigned employees who objected to this illegal secrecy policy.”
“Any claim that DHS has adopted a policy that makes privacy threshold analyzes exempt from FOIA is false,” a DHS spokesperson told WIRED on Monday.
Internal emails appear otherwise.
On December 3, the Department of Homeland Security’s Privacy Office announced a “major change” that would require all future PTAs to carry a disclaimer indicating they are exempt from public release. The full disclaimer reads:
“This is a pre-decision, draft document intended for official use only. It is subject to process privilege and attorney-client privilege. It may not be released, shared, or distributed outside of approved channels without prior consultation and approval from the Department of Homeland Security’s Office of Privacy. Unauthorized disclosure may result in administrative, civil, or criminal penalties.”
CBP privacy officials, like those reassigned, have historically not signed off on privacy reviews. Under previous administrations, this responsibility fell to an official at headquarters who worked directly with the department’s chief privacy officer. The current chief privacy officer, Roman Jankowski, delegated that authority downward in one of his first acts in office, as WIRED reported I mentioned previously.