Privacy & Civil Liberties Experts' Library
More resources on setting up or refining privacy safeguards. These resources were developed by the DHS Privacy Office for DHS personnel. However, they provide samples of the processes, procedures, and guidelines that fusion centers may wish to put in place.
- Privacy Incident Handling Guidance (PIHG) (September 2007) (109 pp. PDF) – “The Department of Homeland Security (DHS) has a duty to safeguard personally identifiable information (PII) in its possession and to prevent the breach of PII in order to maintain the public’s trust. The Privacy Incident Handling Guidance (PIHG) serves this purpose by informing DHS organizations, employees, senior officials, and contractors of their obligation to protect PII and by establishing procedures delineating how they must respond to the potential loss or compromise of PII.”
- Handbook for Safeguarding Sensitive Personally Identifiable Information at DHS (December 2017) (20 pp. PDF) – “The DHS Privacy Office Handbook for Safeguarding Sensitive PII at DHS applies to every DHS employee, contractor, detailee and consultant. The document sets minimum standards for how personnel should handle Sensitive PII in paper and electronic form during their everyday work activities at DHS.”
The Department of Homeland Security and Department of Justice collaborate on “Fusion Process Technical Assistance Program and Services” (44 pp. PDF)
- privacy and civil liberties policy templates (71 pp. PDF) for justice info systems;
- a privacy and civil liberties policy development guide and implementation templates (162 pp. PDF);
- “10 steps to Privacy and Civil Liberties Policy“ (2 pp. PDF).
In addition, the DOJ Civil Rights Division handles complaints from the public about illegal discrimination and conducts an "Initiative to Combat Post 9/11 Discriminatory Backlash." Also see the "Guidance Regarding the Use of Race by Federal Law Enforcement Agencies."
Privacy and Civil Liberties Policy Development and the Information Sharing Environment (ISE) – "The ISE Privacy Guidelines call for State, local, and tribal government to develop and implement protections that are at least as comprehensive as those contained in the ISE Privacy Guidelines... A number of resources have been developed for fusion centers and state and local governments for developing privacy and civil liberties policies... Note that the National Strategy for Information Sharing calls for the establishment of baseline operational standards for fusion centers, which are to build on the Global Justice Fusion Center Guidelines. Guideline 8 provides for the development of a privacy and civil liberties policy, and refers to many of the resources" available on this section of the ISE website.
National Commission on Terrorist Attacks upon the United States (9/11 Commission) – The Commission’s Final Report provides a full and complete account of the circumstances surrounding the September 11, 2001, terrorist attacks, including preparedness for and the immediate response to the attacks. It also includes recommendations designed to guard against future attacks.
- The Full Report (585 pp. PDF) is posted as a single PDF file. However, the Government Printing Office created a user-friendly version optimized for screen-viewing and decreased the file size to a 2.3 MB. The report is also available as a collection of smaller PDFs arranged in a browse table based on the Final Report’s table of contents.
- An Executive Summary (34 pp. PDF) of the Final Report is also available
Among other resources, the 9/11 Commission website contains the December 2003 testimony of a former General Counsel for the Department of Defense on the privacy and civil liberties safeguards needed as the 9/11 Commission’s Recommendations are implemented.
National Association of State Chief Information Officers (NASCIO), Keeping Citizen Trust: What Can A State CIO Do To Protect Privacy? (October 2006) (18 pp. PDF) – “[M]any states are still in the process of determining how best to address privacy across the state enterprise, and the state CIO’s involvement varies greatly from state-to-state. Regardless of where responsibility for privacy may reside in a given state, the one constant among all states is the need for the many privacy stakeholders to understand privacy’s importance and how citizen privacy can be protected. This brief provides state CIOs with a common frame of reference for the importance of citizens’ information privacy and some initial ways for states to implement and manage privacy protections.”
DHS Office of Inspector General, DHS Office of Inspector General DHS' Role in State and Local Fusion Centers Is Evolving (Report OIG-11-04) (October 2010) (39 pp. PDF) – “DHS has made progress in its efforts to improve information sharing with fusion centers. Fusion center personnel indicated that information sharing had improved over time and the information received from the department met their needs primarily due to the deployment of DHS intelligence officers to the centers. As a result of improved information sharing, fusion centers have successfully collaborated with the department during numerous large-scale events and maintained situational awareness after attempted terrorist attacks or other incidents. However, DHS component collaboration in the information sharing process needs improvement, and some intelligence products could better meet state and local needs.”