Skip to main content
Content Starts Here GSA Federal Advisory Committee Act (FACA) Database Skip to main content

Committee Detail

Note: An Annual Comprehensive Review, as required by §7 of the Federal Advisory Committee Act, is conducted each year on committee data entered for the previous fiscal year (referred to as the reporting year). The data for the reporting year is not considered verified until this review is complete and the data is moved to history for an agency/department. See the Data From Previous Years section at the bottom of this page for the committee’s historical, verified data.

Details on agency responses to committee recommendations can be found under the Performance Measures section for each committee in the fields “Agency Feedback” and “Agency Feedback Comment.”


DHS - 21492 - Data Privacy and Integrity Advisory Committee - Authorized by Law
Hide Section - GENERAL INFORMATION

GENERAL INFORMATION

Committee NameData Privacy and Integrity Advisory CommitteeAgency NameDepartment of Homeland Security
Fiscal Year2022Committee Number21492
Original Establishment Date4/26/2004Committee StatusChartered
Actual Termination Date Committee URLhttps://www.dhs.gov/privacy-advisory-committee
New Committee This FYNoPresidential Appointments*No
Terminated This FYNoMax Number of Members*15 or more
Current Charter Date8/9/2022Designated Fed Officer Position Title*Chief of Staff
Date Of Renewal Charter8/9/2024Designated Federal Officer PrefixMs.
Projected Termination Date Designated Federal Officer First Name*Sandra
Exempt From Renewal*NoDesignated Federal Officer Middle NameL
Specific Termination AuthorityDesignated Federal Officer Last Name*Taylor
Establishment Authority*Authorized by LawDesignated Federal Officer Suffix
Specific Establishment Authority*6 USC 451Designated Federal Officer Phone*(202) 343-1731
Effective Date Of Authority*4/26/2004Designated Federal Officer Fax*202-343-4010
Exempt From EO 13875 Discretionary CmteNot ApplicableDesignated Federal Officer Email*sandra.taylor@hq.dhs.gov
Committee Type*Continuing
Presidential*No
Committee Function*Other Committee
Hide Section - RECOMMENDATION/JUSTIFICATIONS

RECOMMENDATION/JUSTIFICATIONS

Agency Recommendation*Continue
Legislation to Terminate RequiredNot Applicable
Legislation StatusNot Applicable
How does cmte accomplish its purpose?*The Committee provides advice at the request of the Secretary and the Chief Privacy Officer of the Department of Homeland Security (DHS) (hereinafter “the Chief Privacy Officer”) on programmatic, policy, operational, administrative, and technological issues within DHS that relate to personally identifiable information, as well as data integrity, transparency and other privacy-related matters.
How is membership balanced?*As the Committee Charter requires, members must be specially qualified to serve on the Committee by virtue of their education, training, and experience in the fields of data protection, privacy, and/or emerging technologies. Membership is balanced among individuals from the following fields:(A) Individuals who are currently working in the areas of higher education or research in public (except Federal) or not-for-profit institutions; and(B) Individuals currently working in non-governmental industry or commercial interests, including at least one who must be familiar with the data concerns of small to medium enterprises.
How frequent & relevant are cmte mtgs?*The Committee is required to hold at least one public meeting per calendar year. Meeting agendas include presentations to the Committee on cutting-edge privacy, security, and transparency issues affecting the Department of Homeland Security (DHS) and on DHS programs that collect and/or use Personally Identifiable Information, including the steps taken to address privacy and challenges faced in providing those protections. These presentations are intended to inform members on the department's activities so they can better assess privacy best practices in their recommendations.
Why advice can't be obtained elsewhere?*The establishment of this Committee and the subject matter experts appointed therein demonstrate the Department’s commitment and efforts to increase transparency and to protect the privacy of individuals and protect the personal data held by the Department. The Committee remains relevant and necessary as it has provided advice on a variety of Department programs and proposals from the Department and the impact of those programs on individual privacy. Public hearings would not be an appropriate venue for obtaining this type of expert advice, and there is no other committee within the Department that addresses privacy, security, transparency and data integrity issues.
Why close or partially close meetings?Subcommittee meetings were closed because the information discussed is pre-decisional.
Recommendation RemarksSince its inception, the DHS Data Privacy and Integrity Advisory Committee has provided relevant and timely guidance on implementing privacy in a variety of DHS programs and systems, and on best practices for the Department’s collection, use, sharing, and retention of personally identifiable information (PII). The Committee has set out its guidance in 20 public reports posted on the Committee’s webpage at https://www.dhs.gov/privacy-advisory-committee.

The Committee’s work is integral the Department of Homeland Security’s mission to secure America while protecting constitutional rights and American values. The Committee has a significant impact by providing guidance on programmatic, policy, operational, security, administrative, and technological issues within DHS that relate to personally identifiable information (PII), as well as data integrity, transparency, openness, and other privacy-related matters.

The Committee serves to enhance the transparency of DHS programs, and public trust, by publicly discussing privacy, security, and data integrity issues associated with DHS programs and systems and identifying steps the Department can take to mitigate any negative effects those programs or systems may have on an individual's privacy. The Committee’s meetings also provide the public an opportunity to hear how the Department has acted on Committee recommendations.

The Committee has had a direct impact on Department operations in a number of ways. The Committee’s guidance has informed the Department’s efforts generally to ensure that DHS programs and systems are operated consistent with the Privacy Act of 1974, the E-Government Act of 2002, and OMB guidance related to the privacy and security of personal information. More specifically, the Committee’s recommendations on the Secure Flight and E-Verify Programs (Report Nos. 2005-02 and 2008-02, respectively) led directly to changes in how those programs use personal information – and, in the case of E-Verify, how program users’ identities are authenticated – that have streamlined the Department’s interactions with program users.

In response to the Committee’s two reports on the use of commercial data (Report Nos. 2005-01 and 2006-03), the Department amended its Privacy Impact Assessment (PIA) template – used to analyze the potential effects on privacy of every DHS program, system, technology, or rulemaking that involves PII – to include a section on risks to privacy related to the collection and use of commercial data and how those risks have been mitigated. The Committee’s report on Radio Frequency Identification (RFID)-enabled credentials (Report No. 2006-02) includes a framework for analyzing how RFID can affect privacy and a set of best practices for using RFID in a privacy-protective manner, both of which have been implemented by the Department. On February 22, 2022, Chief Privacy Officer Lynn Parker Dupree tasked the Committee to provide their views and recommendations on a governance policy and framework related to the use of commercial data in federal programs. The Committee's final report will be published when completed.

he DHS Privacy Office also incorporated the Committee’s recommendations on improving the Privacy Impact Assessment (PIA) process for Service Oriented Architecture and created (1) a new Privacy Threshold Analysis (PTA) to conduct initial assessments of the privacy impacts of Department Enterprise Service Buses (ESB) and (2) a template PIA to standardize privacy protections for ESBs used across the Department.
The Committee submitted DPIAC Recommendations Paper 2012-01 on November 7, 2012 that set forth recommendations for DHS to consider when evaluating the effectiveness of cybersecurity pilots, and for specific privacy protections DHS can consider when sharing information from a cybersecurity pilot with other agencies. The report included 41 recommendations for DHS to consider. The Privacy Office parsed the recommendations into a list of discrete actions DHS and implemented the recommendations – according to four categories (which match the privacy organization within the department). We continue to work through the recommendations and are coordinating with the Component Privacy Offices throughout the Department.

In September 2015, Department of Homeland Security (DHS) Chief Privacy Officer asked the Data Privacy and Integrity Advisory Committee to provide written guidance on best practices for notifying individuals impacted by a large-scale data breach. In February 2017, the Committee issued Report 2017-01, Best Practices for Notifying Affected Individuals of a Large-Scale Data Breach, which provided four recommendations. Those recommendations were included in our updated Privacy Incident Handling Guide.

In September 2017, the Department of Homeland Security (DHS) Chief Privacy Officer asked the Data Privacy and Integrity Advisory Committee to identify best practices for protecting data linked for statistical purposes, including "crosswalk" files containing identifiers, from both an Information Technology and policy perspectives; and identify data disclosure methods, and whether it is advisable to considerable variable controls for releases to different audiences/mediums. If such controls were utilized, what policy controls should be considered? Recommendations are forthcoming. The Committee issued Report 2018-02, Immigration Statistics Data Dissemination Practices, which recommended that the the DHS Office of Immigration Statistics (OIS) conduct data re-identification testing to determine whether any publicly-provided statistical information could be positively re-identified to a unique individual. OIS took this under advisement and pursued all reasonable de-identification techniques to prevent the re-identification of individuals’ personal information.

In September 2017, the Department of Homeland Security (DHS) Chief Privacy Officer asked the Data Privacy and Integrity Advisory Committee to provide best practices for the use of biometrics, specifically facial recognition technology. Recommendations are forthcoming. The Committee issued Report Number 2019-01, Privacy Recommendations in Connection with the Use of Facial Recognition Technology, which included 13 recommendations for the Department to consider and concluded that the use of facial scanning biometrics to screen travelers both entering and leaving the U.S. is a technology that enhances the overall security of the U.S., speeds up screening processes, and may identify security risks. The DPIAC believes that the introduction of biometric screening technology should continue to be open and transparent, focus on mitigating privacy concerns of onward/third party use for other purposes, be operationally sound from an efficacy and screening perspective, and ensure the data security of all travelers. The DHS Privacy Office is working in coordination with the CBP Privacy Officer to implement and track these recommendations.
Hide Section - PERFORMANCE MEASURES

PERFORMANCE MEASURES

Outcome Improvement To Health Or Safety*NoAction Reorganize Priorities*Yes
Outcome Trust In GovernmentYesAction Reallocate ResourcesYes
Outcome Major Policy ChangesYesAction Issued New RegulationsNo
Outcome Advance In Scientific ResearchNoAction Proposed LegislationNo
Outcome Effective Grant MakingNoAction Approved Grants Or Other PaymentsNo
Outcome Improved Service DeliveryYesAction OtherNo
Outcome Increased Customer SatisfactionYesAction CommentThe department is actively incorporating and tracking all DPIAC recommendations.
Outcome Implement Laws/Reg RequirementsYesGrants Review*No
Outcome OtherYesNumber Of Grants Reviewed0
Outcome CommentThe Committee serves to enhance the transparency of DHS programs, and public trust, by publicly discussing privacy issues associated with DHS programs and systems and identifying steps the Department can take to mitigate any negative effects those programs may have on privacy. The Committee’s meetings also provide the public an opportunity to hear how the Department has acted on Committee recommendations.Number Of Grants Recommended0
Cost Savings*Unable to DetermineDollar Value Of Grants Recommended$0.00
Cost Savings CommentN/AGrants Review CommentNot Applicable
Number Of Recommendations* Access Contact Designated Fed. Officer*Yes
Number Of Recommendations CommentSince its inception in 2005, the Committee has issued approximately 214 recommendations, the most recent being Report 2017-01, Best Practices for Notifying Affected Individuals of a Large-Scale Data Breach. This report contained four (4) recommendations which were incorporated in our updated Privacy Incident Handling Guide; Report 2018-02, Immigration Statistics Data Dissemination Practices, which contained two (2) recommendations for the Office of Immigration Statistics (OIS) to consider to include data re-identification testing to determine whether any publicly-provided statistical information could be positively re-identified to a unique individual; and that OIS consider that anonymization and aggregation actions alone may not be sufficient to protect privacy in data sharing agreements (e.g. the MOU provided to the Subcommittee) where other readily available variables, such as aggregated demographic data or geographic data, might be included in the data file. The Privacy Office continues to work with OIS to implement these recommendations in their testing program. Lastly, Report 2019-01 Privacy Recommendations in Connection with the Use of Facial Recognition Technology, included 13 recommendations for the Department to consider to include ensure notice readability and effectiveness by different learning levels, languages, and nationalities through testing and evaluation; CBP partner with both DHS Science & Technology (S&T) and NIST to draw from additional research of existing standards and practices regarding biometric facial recognition; reporting requirements from vendors and partners described above, DHS should provide additional auditing around these requirements and the performance of all biometric systems; DHS should aggregate these reports into one report that can be released to the public on at least an annual basis. and continue to work with other DHS Components and Industry Stakeholders to rapidly explore new technologies in a privacy and security forward manner. The Privacy Office is working with the CBP Privacy Officer to implement these recommendations.Access Agency WebsiteYes
% of Recs Fully Implemented*75.00%Access Committee WebsiteYes
% of Recs Fully Implemented CommentAccess GSA FACA WebsiteYes
% of Recs Partially Implemented*25.00%Access PublicationsYes
% of Recs Partially Implemented CommentThe Privacy Office continues to work with all programs and the Component Privacy Officers to implement the Committee's recommendations.Access OtherNo
Agency Feedback*YesAccess CommentPursuant to the Federal Advisory Committee Act, the DPIAC posts all materials presented to the Committee. All Committee reports and recommendations, and minutes of all Committee meetings and transcripts of most are on its web page on the DHS Privacy Office website, http://www.dhs.gov/privacy-office-dhs-data-privacy-and-integrity-advisory-committee.
Agency Feedback Comment*The Committee regularly invites representatives of DHS programs that are the subjects of Committee reports to appear before the Committee during its public meetings to discuss progress in the implementation of the Committee’s recommendations.Narrative Description*The DHS Data Privacy and Integrity Advisory Committee (DPIAC) advises the Secretary of the Department of Homeland Security (DHS) and the DHS Chief Privacy Officer on programmatic, policy, operational, administrative, and technological issues within DHS that relate to personally identifiable information, as well as data integrity, transparency and other privacy-related matters. Since its inception, the DPIAC has provided relevant and timely guidance on implementing privacy in a variety of DHS programs and systems, and on best practices for the Department’s collection, use, sharing, and retention of PII. The Committee has set out its guidance in 20 public reports posted on the Committee’s webpage at http://www.dhs.gov/privacy-office-dhs-data-privacy-and-integrity-advisory-committee.The Committee’s work is integral to implementation of the Department of Homeland Security’s core missions.
Hide Section - COSTS

COSTS

Payments to Non-Federal Members*$0.00Est Payments to Non-Fed Members Next FY*$0.00
Payments to Federal Members*$0.00Est. Payments to Fed Members Next FY*$0.00
Payments to Federal Staff*$365,581.00Estimated Payments to Federal Staff*$438,697.00
Payments to Consultants*$0.00Est. Payments to Consultants Next FY*$0.00
Travel Reimb. For Non-Federal Members*$0.00Est Travel Reimb Non-Fed Members nextFY*$40,000.00
Travel Reimb. For Federal Members*$0.00Est Travel Reimb For Fed Members*$0.00
Travel Reimb. For Federal Staff*$0.00Est. Travel Reimb to Fed Staff Next FY*$30,000.00
Travel Reimb. For Consultants*$0.00Est Travel Reimb to Consultants Next FY*$0.00
Other Costs$3,000.00Est. Other Costs Next FY*$4,000.00
Total Costs$368,581.00Est. Total Next FY*$512,697.00
Date Cost Last Modified11/7/2022 9:11 AMEst. Fed Staff Support Next FY*1.60
Federal Staff Support (FTE)*1.60Est Cost RemarksThese costs are estimates only. We anticipate one in-person public meeting in 2023 to include a site visit (location not yet determined.) In addition, other costs include transcription services for the public meeting. Also, the costs were calculated using a 20% cost increase over 2022 numbers.
Cost RemarksThe one public meeting conducted this year was done virtually. Other related costs are for transcription services required for public meetings. In addition, we have four staff members supporting this Committee's activities all at .40. The staff are GS-14 and GS-15's.  
Hide Section - Interest Areas

Interest Areas

Category
Area
Computer Technology
Information Technology
Technology
Data
Data Integrity
Data Quality
Privacy
Government
Federal Government
Internal Federal Government
Justice
Law Enforcement
Legislation
Regulations
Hide Section - MEMBERS,MEETINGS AND ADVISORY REPORTS

MEMBERS,MEETINGS AND ADVISORY REPORTS

To View all the members, meetings and advisory reports for this committee please click here
Hide Section - SUBCOMMITTEES

SUBCOMMITTEES

Committee

Subcommittees

ActionCommittee System IDSubcommittee NameFiscal Year
 COM-032388Cybersecurity Subcommittee2022
 COM-031664The Policy Subcommittee2022
 COM-030159The Technology Subcommittee2022
Hide Section - CHARTERS AND RELATED DOCS

CHARTERS AND RELATED DOCS

No Documents Found
Hide Section - DATA FROM PREVIOUS YEARS

DATA FROM PREVIOUS YEARS

Committee

Data from Previous Years

 
ActionCommittee System IDCommittee NameFiscal Year
 COM-039299Data Privacy and Integrity Advisory Committee2021
 COM-038447Data Privacy and Integrity Advisory Committee2020
 COM-036203Data Privacy and Integrity Advisory Committee2019
 COM-032819Data Privacy and Integrity Advisory Committee2018
 COM-001270Data Privacy and Integrity Advisory Committee2017
 COM-003002Data Privacy and Integrity Advisory Committee2016
 COM-003403Data Privacy and Integrity Advisory Committee2015
 COM-005135Data Privacy and Integrity Advisory Committee2014
 COM-005523Data Privacy and Integrity Advisory Committee2013
 COM-007285Data Privacy and Integrity Advisory Committee2012
 COM-007620Data Privacy and Integrity Advisory Committee2011
 COM-009420Data Privacy and Integrity Advisory Committee2010
 COM-009716Data Privacy and Integrity Advisory Committee2009
 COM-011363Data Privacy and Integrity Advisory Committee2008
 COM-011589Data Privacy and Integrity Advisory Committee2007
 COM-013216Data Privacy and Integrity Advisory Committee2006
 COM-013378Data Privacy and Integrity Advisory Committee2005
 COM-015132Data Privacy and Integrity Advisory Committee2004