Privacy & Civil Liberties Experts' Library
More resources on setting up or refining privacy safeguards. These resources were developed by the DHS Privacy Office for DHS personnel. However, they provide samples of the processes, procedures, and guidelines that fusion centers may wish to put in place.
Privacy Incident Handling Guidance (PIHG) (September 2007) (109 pp. PDF) – “The Department of Homeland Security (DHS) has a duty to safeguard personally identifiable information (PII) in its possession and to prevent the breach of PII in order to maintain the public’s trust. The Privacy Incident Handling Guidance (PIHG) serves this purpose by informing DHS organizations, employees, senior officials, and contractors of their obligation to protect PII and by establishing procedures delineating how they must respond to the potential loss or compromise of PII.”
Handbook for Safeguarding Sensitive Personally Identifiable Information at DHS (October 2008) (21 pp. PDF) – “The DHS Privacy Office Handbook for Safeguarding Sensitive PII at DHS applies to every DHS employee, contractor, detailee and consultant. The document sets minimum standards for how personnel should handle Sensitive PII in paper and electronic form during their everyday work activities at DHS.”
The Department of Homeland Security and Department of Justice collaborate on “Fusion Process Technical Assistance Program and Services” (44 pp. PDF)
In addition, the DOJ Civil Rights Division handles complaints from the public about illegal discrimination and conducts an "Initiative to Combat Post 9/11 Discriminatory Backlash." Also see the "Guidance Regarding the Use of Race by Federal Law Enforcement Agencies." The DHS Office for Civil Rights and Civil Liberties also distributes a free training CD-ROM on this topic.
Privacy and Civil Liberties Policy Development and the Information Sharing Environment (ISE) – "The ISE Privacy Guidelines call for State, local, and tribal government to develop and implement protections that are at least as comprehensive as those contained in the ISE Privacy Guidelines... A number of resources have been developed for fusion centers and state and local governments for developing privacy and civil liberties policies... Note that the National Strategy for Information Sharing calls for the establishment of baseline operational standards for fusion centers, which are to build on the Global Justice Fusion Center Guidelines. Guideline 8 provides for the development of a privacy and civil liberties policy, and refers to many of the resources" available on this section of the ISE website.
Also see reports from the GAO and CRS.
National Commission on Terrorist Attacks upon the United States (9/11 Commission) – The Commission’s Final Report provides a full and complete account of the circumstances surrounding the September 11, 2001, terrorist attacks, including preparedness for and the immediate response to the attacks. It also includes recommendations designed to guard against future attacks.
The Full Report (585 pp. PDF) is posted as a single PDF file. However, the Government Printing Office created a user-friendly version optimized for screen-viewing and decreased the file size to a 2.3 MB. The report is also available as a collection of smaller PDFs arranged in a browse table based on the Final Report’s table of contents.
An Executive Summary (34 pp. PDF) of the Final Report is also available
Among other resources, the 9/11 Commission website contains the December 2003 testimony of a former General Counsel for the Department of Defense on the privacy and civil liberties safeguards needed as the 9/11 Commission’s Recommendations are implemented.
National Association of State Chief Information Officers (NASCIO), Keeping Citizen Trust: What Can A State CIO Do To Protect Privacy? (October 2006) (18 pp. PDF) – “[M]any states are still in the process of determining how best to address privacy across the state enterprise, and the state CIO’s involvement varies greatly from state-to-state. Regardless of where responsibility for privacy may reside in a given state, the one constant among all states is the need for the many privacy stakeholders to understand privacy’s importance and how citizen privacy can be protected. This brief provides state CIOs with a common frame of reference for the importance of citizens’ information privacy and some initial ways for states to implement and manage privacy protections.”
DHS Office of Inspector General, DHS’ Role in State and Local Fusion Centers Is Evolving (Report OIG-09-12) (December 2008) (62 pp. PDF) – “[DHS’s] fusion center program is intended to provide information, people, technology, and other resources to fusion centers to create a web of interconnected information nodes across the country…. Office of Intelligence and Analysis coordination efforts with fusion centers are improving and evolving, and its intelligence officers assigned to fusion centers have added value. However, challenges remain with internal [DHS] coordination, aligning fusion center activities and funding with the department’s mission, and deploying personnel to state and local fusion centers in a timely manner…. [The OIG is] making seven recommendations to assist… in improving the overall effectiveness of the… fusion center program.”