A plan by U.S. Customs and Border Protection (CBP) to collect personal information on every traveler coming into the country and keep that information in a database for 15 years could have huge privacy implications for U.S. residents, one privacy group said.
The Center for Democracy and Technology (CDT), in comments filed Monday, said CBP's plan raises serious privacy concerns. CBP is part of the U.S. Department of Homeland Security.
[ Your source for the latest in government IT news and issues: Subscribe to InfoWorld's Government IT newsletter. ]
The CBP proposal , published as a federal notice in late July, represents a "vast scope of data collection," because data wasn't formerly kept for U.S. citizens crossing into the country by land, the CDT said.
In addition, the 15-year retention period for the data is "excessive," wrote Gregory Nojeim, senior counsel at CDT. "It cannot be justified as necessary for determining whether the record subject is admissible or is dangerous or is the subject of an outstanding criminal warrant," he wrote in the CDT filing.
The CBP plan also allows for the agency to share the information with other federal, state, local, tribal or foreign government agencies for a wide variety of reasons, Nojeim wrote. The CBP proposal allows information to be shared with government agencies responsible for investigating, prosecuting, enforcing or implementing a "statute, rule, regulation, order or license" when CBP believes that information would help the enforcement of civil or criminal laws or regulations.
In the past, CBP could only share information when it became aware of a violation or potential violation of laws or regulations, Nojeim noted.
A DHS spokeswoman discounted the privacy concerns, saying the traveler database is not new. Border officials have collected information on some travelers in the past, and the July notice is an attempt for CBP to be more transparent about its information-collection practices, said spokeswoman Amy Kudwa.
"This is not something new," she said. "We are not using the information in a new way."
The CBP lays out the reasons for the changes in information collection in its proposal. "The priority mission of U.S. Customs and Border Protection is to prevent terrorists and terrorists' weapons from entering the country while facilitating legitimate travel and trade," the CBP proposal said. The information will be used for multiple purposes, including screening people "who may be or are suspected of being a terrorist or having affiliations to terrorist organizations, have active warrants for criminal activity ... or have been otherwise identified as potential security risks or raise a law enforcement concern."
CDT also raised concerns that there are no additional restrictions on sharing information from secondary inspections, usually done when border officials believe the person has committed a crime or is a foreigner not eligible to enter the U.S. "Release of this information can cast a cloud on a person who has done nothing wrong," Nojeim said.
CBP has also come under fire by privacy advocates in recent months for searches of laptops at U.S. borders without having specific suspicions of criminal behavior. CBP and DHS officials have defended the practice of searching a small number of laptops by saying it helps catch terrorists and other criminals.