The protection of the privacy, civil rights, and civil liberties (P/CRCL) of individuals is a core tenet, foundational element, and enabler of the ISE. In 2005, the Administration called for the development of a protection framework. This resulted in PM-ISE, issuing in December 2006, the Guidelines to Ensure that the Information Privacy and Other Legal Rights of Americans are Protected in the Development and Use of the Information Sharing Environment (the ISE Privacy Guidelines) to provide uniform protections for P/CRCL in information sharing activities.

Since being appointed as the Program Manager for the ISE, I have consistently worked with ISE mission partners at all levels of government and across the domains to put in place safeguards to ensure the protection of privacy, civil rights, and civil liberties (P/CRCL) of citizens. Highlights of PM-ISE initiatives and activities related to the protection of P/CRCL include:

  • My service as the chair of the Information Sharing Council (ISC), a council charged with advising the President and the ISE on the development of ISE policies, procedures, guidelines, and standards, and to ensure proper coordination among federal departments and agencies participating in the ISE. Under the Obama Administration, the ISC was integrated into the White House policy process through the Information Sharing and Access Interagency Policy Committee (ISA-IPC).
  • As a co-chair of the ISA-IPC, the PM-ISE receives advice and support from the Privacy and Civil Liberties (P/CL) Subcommittee regarding the implementation of P/CRCL protections applicable to the sharing of protected information in the ISE. This consultative relationship has resulted in the development of resources addressing the implementation of the ISE Privacy Guidelines.
  • A recent example of such resources is the issuance of a framework which defines and supports a common methodology for developing Information Sharing and Access Agreements (ISAAs). 

The ISE Privacy Guidelines establish a P/CRCL protection framework, which requires both Federal entities and non-Federal entities seeking to access Protected Information in the ISE to:

  1. develop and adopt written privacy policies,
  2. designate a privacy and civil liberties officer,
  3. provide training to ISE personnel on P/CRCL protections, and
  4. integrate the P/CRCL protections and requirements into business processes and systems.

In addition, PM-ISE and mission partners periodically engage in outreach to P/CRCL advocates and stakeholder groups. At the federal level, fourteen federal ISE agencies have ISE privacy policies, with one department opting to rely on the existing directives and orders in place to provide the functional equivalent of a stand-alone ISE privacy policy. Moreover, state, local, tribal and territorial partners continue to demonstrate their commitment to protecting P/CRCL by prioritizing the development and implementation of privacy policies that are “at least as comprehensive as” the ISE Privacy Guidelines.  All operational fusion centers have privacy policies in place that have been reviewed by the P/CL Subcommittee.

Recent highlights of PM-ISE initiatives and activities related to the protection of P/CRCL include:

  • The issuance of a framework which defines and supports a common methodology for developing information sharing and access agreements (ISAAs). The rationale underlying the framework is that agencies that utilize a common methodology can significantly streamline the ISAA development process, promote best practices, and avoid delayed or derailed agreements. To that end, the framework identifies key process steps, stakeholders, and privacy, civil rights, and civil liberties issues to be considered early in the development of ISAAs. More specifically, the framework highlights common issues related to the acquisition, use, maintenance, and dissemination of personally identifiable information, including “Protected Information,” by ISE mission partners.
  • PM-ISE direct support of interagency governance efforts to update the Core Awareness Training (CAT). CAT will be useful for those who need to gain a general understanding of the underpinnings of the ISE, its mission partners, and its impact on the country’s national security and will provide an expanded discussion on P/CRCL protections for the ISE.

PM-ISE has also been a direct supporter and sponsor of much of the work, in partnership with the Bureau of Justice Assistance and other partners, completed by the Global Information Sharing Advisory committee to the Attorney General – as documented in the Global Information Sharing Toolkit. A related effort is the work of the Criminal Intelligence Coordinating Council (CICC) which has produced a host of useful guidelines and methodologies for the protection of privacy and civil liberties including such documents as the Privacy, Civil Rights, and Civil Liberties Compliance Verification document.

The National Network has conducted dozens of fusion center-based engagement efforts with local community-based advocacy organizations on P/CRCL issues. PM-ISE and our mission partners have understood from the inception of this office the importance of making privacy, civil rights, and civil liberties a cornerstone of responsible information sharing. We continue to promote a range of improvements in policy and process to ensure that this principle is never ignored.

News Source: 

Kshemendra Paul, ISE Program Manager, 23 October 2015