Docket Information Docket identifier: DHS-2007-0040 Long Title: Privacy Act; Systems of Records Notice, US Customs and Border Protection Border Crossing Information System (BCIS). Document Information Document identifier: DHS-2007-0040-0001 Document Title: Privacy Act of 1974; U.S. Customs and Border Protection--Border Crossing Information, Systems of Records This notice of the Border Crossing Information system of records (docket number DHS-2007-0040) contains a laundry list of permitted disclosures to third parties - governmental, private, and foreign - which institutionalises violations of privacy. It makes suspects of people who have neither committed nor contemplated any crime. Any disclosure ought to be motivated by specific and articulable facts that justify suspicion, subject to judicial review on a rapid and practical schedule, limited only to the records necessary for the investigation and directly pertinent to the individual(s) or organisations under investigation, and predicated on the receiver's ability and willingness to maintain the privacy of all records so disclosed, and to irretrievably delete all copies of such records as soon as the need for them no longer exists. The notice's stated standard that disclosed records be vaguely "pertinent to" an investigation is insufficient to protect privacy. Disclosure to "contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment" is particularly problematic as there is no way to ensure that use of the records would be limited to the purposes for which disclosure is authorised, and no way to ensure that the receiver of the records would irretrievably delete all copies of such records as soon as the service or consultation that they are performing were concluded. Failure to implement such safeguards and restrictions on disclosure will lead to accidental breaches of data protection, and will facilitate "data creep" in which records from the Border Crossing Information system will be mined and used for unforeseen purposes. Safeguards on disclosure are made all the more urgent by the stated intent to retain Border Crossing Information for seventy-five years for most people, and for fifteen years for United States citizens and permanent residents. These lengthy periods of retention invite the aggregation of large amounts of data on personal travel habits. Such data ought not to be disclosed, nor even retained, without probable cause to suspect that the individual to whom the data pertain has committed a crime. Most troubling is the stated exemption of Border Crossing Information from provisions of the Privacy Act 1974 which otherwise would confer on individuals the right to know whether records pertaining to them have been requested, and the right to sue for access and correction in such disclosures. These rights of individual review are fundamental in checking the police powers of a free state. Because of its absence of adequate safeguards on disclosures to third parties, its unwarranted period of data retention, and its lack of provision for individuals' complete access to and correction of records pertaining to them, the Border Crossing Information system described in this notice ought to be discontinued.