[Federal Register: February 16, 2011 (Volume 76, Number 32)]
[Notices]
[Page 9034-9038]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr16fe11-78]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
[Docket No. DHS-2011-0007]
Privacy Act of 1974; Department of Homeland Security United
States Citizenship and Immigration Services--DHS/USCIS--013 E-Verify
Self Check System of Records
AGENCY: Privacy Office, DHS.
ACTION: Notice of Privacy Act system of records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act of 1974, the Department of
Homeland Security proposes to establish a new Department of Homeland
Security system of records titled, ``Department of Homeland Security/
United States Citizenship and Immigration Services--SORN DHS/USCIS--013
E-Verify Self Check System of Records.'' The U.S. Citizenship and
Immigration Services E-Verify Self Check is voluntary and available to
any individual who wants to check his own work authorization status
prior to employment and facilitate correction of potential errors in
federal databases that provide inputs into the E-Verify process. When
an individual uses E-Verify Self Check, he will be notified either that
1. his information matched the information contained in federal
databases and he would be deemed work-authorized, or 2. his information
was not matched to information contained in federal databases which
would be considered a ``mismatch.'' If the information was a mismatch,
he will be given instructions on where and how to correct his
record(s). This newly established system will be included in the
Department of Homeland Security's inventory of record systems.
DATES: Submit comments on or before March 18, 2011. This new system
will be effective March 18, 2011.
ADDRESSES: You may submit comments, identified by docket number DHS-
2011-0007 by one of the following methods:
Federal e-Rulemaking Portal: http: //www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 703-483-2999.
Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy
Office, Department of Homeland Security, Washington, DC 20528.
Instructions: All submissions received must include the
agency name and docket number for this rulemaking. All comments
received will be posted without change to http://www.regulations.gov,
including any personal information provided.
Docket: For access to the docket to read background
documents or comments received go to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: For general questions please contact:
Janice M. Jackson, Acting Privacy Branch Chief, Verification Division,
U.S. Citizenship and Immigration Services, Department of Homeland
Security, Washington, DC 20529. For privacy issues please contact: Mary
Ellen Callahan (703-235-0780), Chief Privacy Officer, Privacy Office,
Department of Homeland Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
I. Background
In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the
Department of Homeland Security (DHS) United States Citizenship and
Immigration Services (USCIS) proposes to establish a new DHS system of
records titled, ``DHS/USCIS--013 E-Verify Self Check System of
Records.''
E-Verify was mandated by the Illegal Immigration Reform and
Immigrant Responsibility Act of 1996 (IIRIRA), Public Law (Pub. L.)
104-208, September 30, 1996. The E-Verify Program is a free and mostly
voluntary DHS program implemented by the USCIS Verification Division
and operated in collaboration with the Social Security Administration
(SSA) to determine work authorization. It compares information provided
by employees on the Employment Eligibility Verification, Form I-9,
against information in SSA, DHS, and Department of State (DoS)
databases in order to verify an employee's work authorization. Section
404(d) requires that the system be designed and operated to maximize
the reliability and ease of use. Therefore, DHS has developed E-Verify
Self Check.
USCIS developed E-Verify Self Check to enable an individual to
check his work authorization status prior to employment and facilitate
correction of
[[Page 9035]]
potential errors in federal databases that provide inputs into the E-
Verify process. Through the E-Verify Self Check secure web portal, an
individual will be able to check his work authorization status by first
providing information to authenticate his identity, and subsequently
providing work authorization information based in part on information
normally provided on Form I-9 employment documentation. Prior to E-
Verify Self Check, only employers could verify work authorization for
newly hired employees. With the introduction of E-Verify Self Check,
upon successful identity authentication, an individual will be able to
query E-Verify directly. If the information provided by the individual
matches the information contained in federal databases (SSA, DHS, DoS)
a result of ``work authorization confirmed'' is displayed to the
individual. If the information was a mismatch, E-Verify Self Check will
provide the individual a result of ``Possible mismatch with SSA'' or
``Possible mismatch with Immigration Information.'' E-Verify Self Check
will also provide the individual instructions on how to request
correction of these potential errors in records contained in these
federal databases should the individual choose to do so prior to any
formal, employer run E-Verify query process. In rare cases, an
individual may still receive a potential mismatch during a normal E-
Verify query because the record cannot be changed. The individual is
not required to correct the record mismatches that were identified by
E-Verify Self Check.
E-Verify Self Check Process Details
E-Verify Self Check involves a two-step process: (1) Identity
authentication of the individual; and (2) an E-Verify query to confirm
the individual's current work authorization status. The first step,
identity authentication, utilizes a third party Identity Proofing (IdP)
service to generate knowledge-based questions based on commercial
identity verification information, collected by third party companies
from financial institutions, public records, and other service
providers. The information accessed by the IdP may include information,
such as the individual's commercial transaction history, mortgage
payments, or past addresses. An individual must correctly answer these
knowledge-based questions generated by the IdP in order to authenticate
his identity and enable him to use E-Verify Self Check. In order to
generate these knowledge-based questions, the IdP service collects
basic personally identifiable information (PII) from the individual
including name, address of residence, date of birth, and optionally the
individual's Social Security number (SSN). Each individual will be
asked a minimum of two and a maximum of four knowledge-based questions.
If there is not enough commercial identity verification information
from financial institutions, public records, and other service
providers to generate two questions, the individual's identity cannot
be authenticated and he will not be able to continue through E-Verify
Self Check. The fact that an individual was unable to use the IdP
service will be sent to E-Verify, but no other information. The IdP
will send a transaction number, the fact that knowledge based questions
could not be generated and the date and time of the transaction, so
that USCIS may keep a statistic of how many individuals are unable to
use the IdP.
If there is sufficient information to generate two to four
questions, the IdP will evaluate the answers to the questions and
return a pass/fail indicator to USCIS. If the individual does not
successfully answer the questions generated by the IdP, he will not be
authenticated and he will not be able to continue through E-Verify Self
Check. Neither the questions asked by the IdP service nor the answers
provided by the individual are retained by the IdP. The IdP will send a
transaction number, the reason for failure, the date and time of the
transaction, and an error code to E-Verify, to facilitate
troubleshooting and system management and improvement so that USCIS may
keep statistics of how many individuals are unable to use the IdP and
therefore Self Check. All PII entered by the individual during the IdP
session and any questions that might have been generated by the IdP are
deleted at the end of the session. Nothing is stored or retained in E-
Verify Self Check. This information cannot be linked back to the
individual.
If the individual is able to answer the questions; his identity is
authenticated, a pass indicator is returned to E-Verify, and the
individual will continue through E-Verify Self Check. E-Verify will
receive a pass indication and the name, date of birth, and SSN (if
provided) will be provided back to E-Verify. Residence address will not
be passed to E-Verify.
When there are multiple attempts to authenticate an individual,
which indicates possible fraud, the DHS contract authorizes the IdP to
notify the provider of the information of potential fraud and to
terminate access to E-Verify Self Check.
The Fair Credit Reporting Act (FCRA) requires the IdP to retain the
fact of an inquiry. The IdP maintains the time/date stamp and inquiry
type (credit check, identity check, etc.) so that the inquiry is noted
in the individual's credit record and can be audited at a later date.
The E-Verify Self Check inquiry is an identity check, and therefore
will not affect an individual's credit score. These types of inquiries
are not shown to third parties who may request copies of credit
reports.
Under FCRA, an individual has the right to know who has reviewed
his credit report and the individual can place a fraud alert on his
credit file. If an individual has placed a fraud alert on his credit
file, the individual will not be able to authenticate for E-Verify Self
Check purposes.
Upon identity authentication, the individual moves to step 2: an E-
Verify query to identify current work authorization status. The IdP
passes the name, date of birth and SSN (if provided). In order to
ensure that the information belongs to the individual who originally
passed the identity authentication step, these data elements cannot be
altered. The individual will be required to enter additional
information based on the documentation he would present to an employer
for the Form I-9 process. The additional information collected from an
individual depends on his citizenship status and the document chosen to
present for work authorization. This could include: citizenship status;
Alien Number (if non-citizen); passport number; Form I-94 number; and/
or lawful permanent resident card or work authorization document (EAD)
number. This represents the same information that is collected for the
Form I-9 process and the basic E-Verify query.
E-Verify Self Check will query E-Verify through a web service
connection and will present either an indication that an individual's
information matched government records and that E-Verify would have
found the individual work-authorized or that the information is a
possible mismatch to government records. If the individual receives a
``possible mismatch with SSA/Immigration Information'' response, E-
Verify Self Check will provide guidance on how to correct potential
errors in the records. The individual will be asked whether they would
like to resolve the mismatch or not. If the individual chooses not to
resolve the mismatch, E-Verify will close the case. If the individual
chooses to resolve the SSA mismatch, a form will be generated that
contains the individual's first and last
[[Page 9036]]
name, the date and time of the E-Verify query, the E-Verify case
number, and detailed instructions on how to resolve the mismatch. If
the individual decides to resolve an Immigration Information mismatch,
E-Verify Self Check provides instructions to contact E-Verify Customer
Contact Office (CCO) to assist in the correction of immigration records
72 hours after the initial query to speak with a status verification
representative. If the representative is unable to correct the record,
the individual will be advised of actions necessary to correct the
error.
The main benefit of E-Verify Self Check is to facilitate the
identification and correction of potential errors in federal databases
that provide inputs into the E-Verify system thereby improving the E-
Verify process for both the employee and the employer. Prior to the
introduction of E-Verify Self Check, an individual did not have the
ability to identify potential issues associated with his work
authorization status until after receiving adverse notification from
employers. E-Verify Self Check provides a vehicle for an individual to
proactively check work authorization status prior to the employer
conducting the E-Verify inquiry.
There may be instances when an individual is unable to authenticate
his identity using the IdP service. For example, the IdP may not be
able to generate knowledge-based questions if sufficient data
pertaining to him cannot be located or if he has placed a lock or alert
on his information. In addition, an individual may not receive a
passing score because the IdP information maintained is incorrect. If
someone is unable to authenticate through the IdP but still wants to
determine work authorization status prior to hire, USCIS will provide
information on how to visit an SSA field office, access Social Security
yearly statements, call USCIS, or submit a Freedom of Information Act/
Privacy Act request to access work authorization records. The
individual will also be advised to check the information at the various
credit bureaus and through a free credit check site.
This newly established system will be included in DHS's inventory
of record systems.
II. Privacy Act
The Privacy Act embodies fair information practice principles in a
statutory framework governing the means by which the U.S. Government
collects, maintains, uses, and disseminates individuals' records. The
Privacy Act applies to information that is maintained in a ``system of
records.'' A ``system of records'' is a group of any records under the
control of an agency for which information is retrieved by the name of
an individual or by some identifying number, symbol, or other
identifying particular assigned to the individual. In the Privacy Act,
an individual is defined to encompass U.S. citizens and lawful
permanent residents. As a matter of policy, DHS extends administrative
Privacy Act protections to all individuals where systems of records
maintain information on U.S. citizens, lawful permanent residents, and
visitors.
Below is the description of the DHS/USCIS--013 E-Verify Self Check
System of Records.
In accordance with 5 U.S.C. 552a(r), DHS has provided a report of
this system of records to the Office of Management and Budget and to
Congress.
System of Records:
DHS/USCIS--013 E-Verify Self Check.
System name:
DHS/USCIS--013 E-Verify Self Check.
Security classification:
Unclassified, sensitive.
System location:
Records are maintained at the USCIS Headquarters in Washington,
D.C. and field offices.
Categories of individuals covered by the system:
Individuals seeking to check employment eligibility under the
Immigration and Naturalization Act (INA). This includes U.S. citizens
as well as non-U.S. citizens.
Categories of records in the system:
E-Verify Self Check is a two-step process: (1) identity
authentication and (2) confirmation of work authorization status. The
first step of the process is the identity authentication. E-Verify Self
Check will use a third party commercial identity assurance service
provider (IdP) using commercial identity verification information,
collected by third-party companies from financial institutions, public
records, and other service providers to verify an individual's
identity. The IdP will collect information about the individual who has
elected to use E-Verify Self Check.
The IdP will collect the following information from all individuals
in order to generate the questions:
Name (last, first, middle initial, and maiden);
Date of birth;
Address of Residence; and
SSN(if provided).
The questions asked by the IdP and the answers provided by the
individual are not provided to USCIS. If an individual fails the
identity authentication portion of E-Verify Self Check and therefore is
unable to proceed to an actual query in E-Verify, none of the
information listed above is provided to or retained by E-Verify Self
Check. Only the transaction number, the reason for failure, the date
and time of the transaction, and error code are retained by the IdP to
facilitate troubleshooting and system management.
In the individual passes identity authentication, he will be
redirected to the DHS/USCIS E-Verify Self Check screen to begin the E-
Verify Self Check. The individual's name, date of birth, and SSN (if
provided) that were entered during identity authentication is
automatically pre-populated in E-Verify Self Check (E-Verify will not
receive the address of residence). This information will be
unchangeable to ensure that the information represents the individual
whose identity has been authenticated. To begin the E-Verify Self Check
process, the individual will be asked for additional information. This
information will be based the on individual's citizenship status and
the document chosen to prove work authorization. Documents chosen could
include:
SSN (if not previously provided);
Document(s) type, associated number, and associated
expiration date that demonstrates work authorization. These may include
U.S. Passport, employment authorization document, I-495 Lawful
Permanent resident card, or other documents and associated numbers as
listed as acceptable Form I-9 verification documents.
This process is the same process as the basic E-Verify query and is
described in the E-Verify PIA, dated May 4, 2010, and System of Records
Notice dated May 19, 2010, 75 FR 28035.
Authority for maintenance of the system:
The Illegal Immigration Reform and Immigrant Responsibility Act of
1996 (IIRIRA), Public Law 104-208, dated September 30, 1996.
Purpose(s):
An individual will use E-Verify Self Check to determine work
authorization status. E-Verify Self Check contracts with an IdP in
order to provide identity authentication.
[[Page 9037]]
Routine uses of records maintained in the system, including categories
of users and the purposes of such uses:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed outside DHS as a
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice (DOJ), including U.S. Attorney
Offices, or other federal agency conducting litigation or in
proceedings before any court, adjudicative or administrative body, when
it is necessary to the litigation and one of the following is a party
to the litigation or has an interest in such litigation:
1. DHS or any component thereof;
2. Any employee of DHS in his/her official capacity;
3. Any employee of DHS in his/her individual capacity where DOJ or
DHS has agreed to represent the employee; or
4. The U.S. or any agency thereof, is a party to the litigation or
has an interest in such litigation, and DHS determines that the records
are both relevant and necessary to the litigation and the use of such
records is compatible with the purpose for which DHS collected the
records.
B. To a congressional office from the record of an individual in
response to an inquiry from that congressional office made at the
request of the individual to whom the record pertains.
C. To the National Archives and Records Administration (NARA) or
other federal government agencies pursuant to records management
inspections being conducted under the authority of 44 U.S.C. 2904 and
2906.
D. To an agency, organization, or individual for the purpose of
performing audit or oversight operations as authorized by law, but only
such information as is necessary and relevant to such audit or
oversight function.
E. To appropriate agencies, entities, and persons when:
1. DHS suspects or has confirmed that the security or
confidentiality of information in the system of records has been
compromised;
2. DHS has determined that as a result of the suspected or
confirmed compromise there is a risk of harm to economic or property
interests, identity theft or fraud, or harm to the security or
integrity of this system or other systems or programs (whether
maintained by DHS or another agency or entity) or harm to the
individual that rely upon the compromised information; and
3. The disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with DHS's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
F. To contractors and their agents, grantees, experts, consultants,
and others performing or working on a contract, service, grant,
cooperative agreement, or other assignment for DHS, when necessary to
accomplish an agency function related to this system of records.
Individuals provided information under this routine use are subject to
the same Privacy Act requirements and limitations on disclosure as are
applicable to DHS officers and employees.
G. To an appropriate federal, state, tribal, local, international,
or foreign law enforcement agency or other appropriate authority
charged with investigating or prosecuting a violation or enforcing or
implementing a law, rule, regulation, or order, where a record, either
on its face or in conjunction with other information, indicates a
violation or potential violation of the E-Verify Program, which
includes possible fraud, discrimination, or employment based identity
theft and such disclosure is proper and consistent with the official
duties of the person making the disclosure.
H. To an individual utilizing E-Verify Self Check in order to
determine his own work authorization in the United States.
I. To a third party commercial identity assurance provider (IdP)
under contract with the Department, but only the name, date of birth,
address of residence, and Social Security number (if provided), for the
purposes of authenticating an individual who is seeking to access the
USCIS E-Verify Self Check for employment eligibility.
When there are multiple attempts to authenticate an individual,
which indicates possible fraud, the DHS contract authorizes the IdP to
notify the provider of the information of potential fraud and to
terminate access to E-Verify Self Check. The IdP will share the fact of
the inquiry with the appropriate credit bureau and monitor for
potential fraudulent access in accordance with the Fair Credit
Reporting Act (FCRA).
Disclosure to consumer reporting agencies:
DHS is using the services of a third party IdP to authenticate an
individual's identity. The third party IdP uses commercial identity
verification information which is collected by third party companies
from financial institutions, public records, and other service
providers to create the knowledge-based questions used to authenticate
identity. This information does not belong to DHS nor will information
from other sources relied upon by the third party provider be collected
and/or retained by DHS. FCRA requires the IdP to retain the fact of an
inquiry. The IdP will maintain time/date stamp and inquiry type (credit
check, identity check, etc.) so that the inquiry is noted in the
individual's credit record and can be audited at a later date. The E-
Verify Self Check inquiry is an identity check, and therefore will not
affect an individual's credit score. These types of inquiries are not
shown to third parties who may request copies of credit reports. Under
FCRA, an individual has the right to know who has reviewed his credit
report and the individual can place a fraud alert on his credit file.
If an individual has placed a fraud alert on his credit file, the
individual will not be able to authenticate for E-Verify Self Check
purposes.
Policies and practices for storing, retrieving, accessing, retaining,
and disposing of records in the system:
Storage:
Records in this system are stored electronically, on magnetic disc,
tape, digital media, and CD-ROM. All personal information entered by
the individual as part of the IdP process and any questions that might
have been generated by the third party data IdP are deleted at the end
of the session. Nothing is stored or retained in E-Verify Self Check.
Only the transaction number, the reason for failure, the date and time
of the transaction, and error code are retained to facilitate
troubleshooting and system management. Because the IdP accesses an
individual's credit history to perform the authentication, it will
retain audits of the individual's E-Verify Self Check inquiry to comply
with legal obligations, specifically, the FCRA. The FCRA requires that
an inquiry be noted in the individual's credit record.
Retrievability:
Records related to the IdP portion of the program can be retrieved
by the following fields:
E-Verify Self Check unique transaction ID;
IdP Unique Transaction ID;
E-Verify Self Check transaction time/date stamp;
Failure of the IDP transaction; and
Reason for Failure (i.e., could not generate questions/
answered incorrectly/system error)
For the actual E-Verify Self Check query, the information will be
retrieved
[[Page 9038]]
by name, Alien Number, I-94 Number, Receipt Number, Passport (U.S. or
Foreign) Number, or Social Security number of the individual as
discussed in the E-Verify SORN dated May 19, 2010.
Safeguards:
Records in this system are safeguarded in accordance with
applicable rules and policies, including all applicable DHS automated
systems security and access policies. Strict controls have been imposed
to minimize the risk of compromising the information that is being
stored. Access to the computer system containing the records in this
system is limited to those individuals who have a need to know the
information for the performance of their official duties and who have
appropriate clearances or permissions.
Retention and disposal:
The retention schedule is currently under development with the
National Archives and Records Administration (NARA). The proposed
retention schedule for the query and response to the query is for one
(1) year in order to allow time for management analysis and proper
reporting.
System Manager and address:
Chief, Verification Division, U.S. Citizenship and Immigration
Services, Washington, DC 20529.
Notification procedure:
Individuals seeking notification of and access to any record
contained in this system of records, or seeking to contest its content,
may submit a request in writing to the USCIS FOIA Officer, whose
contact information can be found at http://www.dhs.gov/foia under
``contacts.'' If an individual believes more than one component
maintains Privacy Act records concerning him or her the individual may
submit the request to the Chief Privacy Officer and Chief Freedom of
Information Act Officer, Department of Homeland Security, 245 Murray
Drive, SW., Building 410, STOP-0655, Washington, DC 20528.
When seeking records about yourself from this system of records or
any other Departmental system of records, your request must conform
with the Privacy Act regulations set forth in 6 CFR part 5. You must
first verify your identity, meaning that you must provide your full
name, current address and date and place of birth. You must sign your
request, and your signature must either be notarized or submitted under
28 U.S.C. 1746, a law that permits statements to be made under penalty
of perjury as a substitute for notarization. While no specific form is
required, you may obtain forms for this purpose from the Chief Privacy
Officer and Chief Freedom of Information Act Officer, http://
www.dhs.gov or 1-866-431-0486. In addition you should provide the
following:
An explanation of why you believe the Department would
have information on you;
Identify which component(s) of the Department you believe
may have the information about you;
Specify when you believe the records would have been
created;
Provide any other information that will help the FOIA
staff determine which DHS component agency may have responsive records;
and
If your request is seeking records pertaining to another
living individual, you must include a statement from that individual
certifying his/her agreement for you to access his/her records.
Without this bulleted information the component(s) may not be able
to conduct an effective search, and your request may be denied due to
lack of specificity or lack of compliance with applicable regulations.
Record access procedures:
See ``Notification procedure'' above.
Contesting record procedures:
See ``Notification procedure'' above.
Record source categories:
Records are obtained from several sources including: (A)
Information collected from individuals requesting their work
authorization status; (B) information collected from federal databases
for work authorization, (C) information created by E-Verify, including
its monitoring and compliance activities; and (D) pass notification
from the IdP when an individual has successfully completed identity
authentication.
Exemptions claimed for the system:
None.
Dated: February 10, 2011.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2011-3490 Filed 2-15-11; 8:45 am]
BILLING CODE 9117-97-P
Add new comment