DHS fine-tunes screening system

In response to more than 600 public comments, the Homeland Security Department has shortened the amount of time that it will retain data and made other changes to its Automated Targeting System.

Under the ATS, information on cargo destined to arrive in the United States, and on incoming U.S. and foreign travelers, is assessed against several terrorist threat databases to determine whether additional security checks are needed.

Formerly, the incoming passenger personal information in the system was to be held for 40 years, but now that time has been reduced to 15 years, the DHS said.

"Customs and Border Patrol has determined that it can continue to uncover and use information relating to terrorism within this shorter retention period," the Privacy Act notice states.

The department published a statement on Aug. 2, and four documents yesterday, to outline changes to the screening program, which is currently operated by Customs and Border Patrol. The program had functioned as a component of the Treasury Enforcement Communications System from 1999 until November 2006, when a separate Privacy Act notice was issued.

The Homeland Security Department, in responding to 641 public comments on the November 2006 privacy notice, said it made revisions to the program.

In addition to the shorter retention period, the department also is requesting an exemption for certain records in the system and also states that it will not collect information about passenger race, ethnicity, religion or sexual orientation. If such information is provided by an airline, it will be filtered out by DHS, according to the statement.

The targeting system has been controversial since it first drew widespread public attention when the Privacy Act notice was issued in November 2006. By that time, DHS had operated the system for several years.

The documents published on Aug. 6 are an updated System of Records Notice, a Discussion of Public Comments Received on the SORN, a Notice of Proposed Rulemaking for Privacy Act Exemptions and a Privacy Impact Assessment.