Download:
pdf |
pdfPrivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
PRIVACY THRESHOLD ANALYSIS (PTA)
This form serves as the official determination by the DHS Privacy Office to
identify the privacy compliance requirements for all Departmental uses of
personally identifiable information (PII).
A Privacy Threshold Analysis (PTA) serves as the document used to identify
information technology (IT) systems, information collections/forms, technologies,
rulemakings, programs, information sharing arrangements, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined by
the Chief Privacy Officer, pursuant to Section 222 of the Homeland Security Act, and to
assess whether there is a need for additional Privacy Compliance Documentation. A PTA
includes a general description of the IT system, information collection, form, technology,
rulemaking, program, pilot project, information sharing arrangement, or other Department
activity and describes what PII is collected (and from whom) and how that information is
used and managed.
Please complete the attached Privacy Threshold Analysis and submit it to your
component Privacy Office. After review by your component Privacy Officer the PTA is sent
to the Department’s Senior Director for Privacy Compliance for action. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
PIA@hq.dhs.gov
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form and assess whether any privacy compliance documentation is required. If compliance
documentation is required – such as Privacy Impact Assessment (PIA), System of Records
Notice (SORN), Privacy Act Statement, or Computer Matching Agreement (CMA) – the DHS
Privacy Office or component Privacy Office will send you a copy of the relevant compliance
template to complete and return.
Privacy Threshold Analysis – IC/Form
Page 1 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis (PTA)
Specialized Template for
Information Collections (IC) and Forms
The Forms-PTA is a specialized template for Information Collections and Forms. This
specialized PTA must accompany all Information Collections submitted as part of the
Paperwork Reduction Act process (any instrument for collection (form, survey,
questionnaire, etc.) from ten or more members of the public). Components may use this PTA
to assess internal, component-specific forms as well.
Form Number:
Form Title:
Component:
I-901
Fee Remittance for Certain F, J and M Nonimmigrants
Immigration and
Office:
Student & Exchange
Customs Enforcement
Visitor Program (SEVP)
(ICE)
IF COVERED BY THE PAPERWORK REDUCTION ACT:
Collection Title:
Fee Remittance for Certain F, J and M Nonimmigrants
OMB Control
1653-0034
OMB Expiration
May 31, 2018
Number:
Date:
Collection status:
Revision
Date of last PTA (if
N/A
applicable):
Name:
Office:
Phone:
Name:
Office:
Phone:
PROJECT OR PROGRAM MANAGER
Bethany Powers
Student and Exchange
Title:
Project Lead
Visitor Program (SEVP)
(703) 603-3408
Email:
Bethany.Powers@ice.dhs.gov
COMPONENT INFORMATION COLLECTION/FORMS CONTACT
Scott Elmore
ICE OCIO
Title:
ICE Forms Manager
(202) 732-2601
Email:
Scott.A.Elmore@ice.dhs.gov
Privacy Threshold Analysis – IC/Form
Page 2 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
SPECIFIC IC/Forms PTA QUESTIONS
1. Purpose of the Information Collection or Form
a. Describe the purpose of the information collection or form.
ICE Form I-901, “Fee Remittance for Certain F, J and M Nonimmigrants,” OMB Control
No. 1653-0034, is mandated by Congress to support the Student and Exchange Visitor
Program and the automated system that keeps track of students (F and M) and exchange
visitors (J) and ensures that they maintain their status while in the United States.
Each student or exchange visitor issued an initial Form I-20 or DS-2019 is responsible
for paying the I-901 fee to SEVP. Schools and exchange visitor program sponsors have
the option of paying the SEVIS I-901 fee for prospective students or exchange visitors,
but are not required to pay the fee. There is no I-901 fee due for a dependent child or
spouse of a student or exchange visitor.
The I-901 fee must be paid before going to the United States embassy or consulate for a
visa interview. If the fee is not paid, the visa application will be denied by the
Department of State. Additionally, it is necessary to pay the I-901 fee before applying for
a change of status or reinstatement.
In addition to biographical information, the Form I-901 requests credit card information
from those paying the fee over the Internet (www.fmjfee.com). Banks require the
information on the Form I-901 in order to process the F, J or M nonimmigrant’s payment.
Form I-901 is being reviewed and revised.
b. List the DHS (or component) authorities to collect, store, and use this information.
If this information will be stored and used by a specific DHS component, list the
component-specific authorities.
Sections 1154, 1184, 1372, and 1258 of Title 8, U.S. Code
2. Describe the IC/Form
a. Does this form collect any
Personally Identifiable
Information” (PII 1)?
☒ Yes
☐ No
1
Personally identifiable information means any information that permits the identity of an individual to be directly or indirectly inferred, including
any other information which is linked or linkable to that individual regardless of whether the individual is a U.S. citizen, lawful permanent resident,
visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Page 3 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
b. From which type(s) of
individuals does this form
collect information?
(Check all that apply.)
c. Who will complete and
submit this form? (Check
all that apply.)
d. How do individuals
complete the form? Check
all that apply.
☒ Members of the public
☐ U.S. citizens or lawful permanent
residents
☒ Non-U.S. Persons.
☐ DHS Employees
☐ DHS Contractors
☐ Other federal employees or contractors.
☒ The record subject of the form (e.g., the
individual applicant).
☐ Legal Representative (preparer, attorney,
etc.).
☐ Business entity.
If a business entity, is the only
information collected business contact
information?
☐ Yes
☐ No
☐ Law enforcement.
☐ DHS employee or contractor.
☒ Other individual/entity/organization that is
NOT the record subject.
Schools and exchange visitor program sponsors
☐ Paper. (See attached. See Appendix A)
☐ Electronic. (ex: fillable PDF)
☒ Online web form. (available and submitted via
the internet)
Access via www.fmjfee.com
e. What information will DHS collect on the form? List all PII data elements on the
form. If the form will collect information from more than one type of individual,
please break down list of data elements collected by type of individual.
Nonimmigrant PII collected:
• Name (surname/primary name and given name)
Privacy Threshold Analysis – IC/Form
Page 4 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
•
•
•
•
•
•
•
•
•
Date of birth
Country of birth
Country of citizenship
Gender
Address
Email address
SEVIS Identification Number (SEVIS ID)
Passport number
Payment
o Credit card number (collected through the FMJfee website, but not
stored after transaction occurs)
f. Does this form collect Social Security number (SSN) or other element that is
stand-alone Sensitive Personally Identifiable Information (SPII)? Check all that
apply.
☐ Social Security number
☐ DHS Electronic Data Interchange
Personal Identifier (EDIPI)
☐ Alien Number (A-Number)
☐ Social Media Handle/ID
☐ Tax Identification Number
☐ Known Traveler Number
☐ Visa Number
☐ Trusted Traveler Number (Global
☒ Passport Number
Entry, Pre-Check, etc.)
☐ Bank Account, Credit Card, or other
☐ Driver’s License Number
financial account number
☐ Biometrics
☐ Other:
g. List the specific authority to collect SSN or these other SPII elements.
8 U.S.C. 1372
h. How will this information be used? What is the purpose of the collection?
Describe why this collection of SPII is the minimum amount of information
necessary to accomplish the purpose of the program.
The I-901 fee must be paid before going to the United States embassy or consulate for a
visa interview. The nonimmigrant must present proof of payment of the fee. This
payment is associated with the passport that is used to gain entry into the United States.
Privacy Threshold Analysis – IC/Form
Page 5 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
i.
Are individuals
provided notice at the
time of collection by
DHS (Does the records
subject have notice of
the collection or is
form filled out by
third party)?
☒ Yes. Please describe how notice is provided.
Privacy statement is provided on the first page of
the FMJfee website.
☐ No.
3. How will DHS store the IC/form responses?
a. How will DHS store
☐ Paper. Please describe.
the original,
Click here to enter text.
completed IC/forms?
☒ Electronic. Please describe the IT system that will
b. If electronic, how
does DHS input the
responses into the IT
system?
c. How would a user
search the
information
submitted on the
forms, i.e., how is the
information
retrieved?
store the data from the form.
I-901 Fee Collection Services System (I-901 System)
☐ Scanned forms (completed forms are scanned into
an electronic repository). Please describe the
electronic repository.
Click here to enter text.
☐ Manually (data elements manually entered). Please
describe.
☒ Automatically. Please describe.
Data is typed into fields by individual, which is
automatically captured in the I-901 System.
☒ By a unique identifier. 2 Please describe. Name,
SEVIS ID, date of birth
If information is retrieved by personal identifier,
please submit a Privacy Act Statement with this PTA.
Form I-901 does not require a Privacy Act Statement,
as non-U.S. Citizens or LPRs are providing their PII.
However, per ICE, we have developed a Privacy
Statement.
See Appendix A for a copy of the Privacy Statement.
2
Generally, a unique identifier is considered any type of “personally identifiable information,” meaning any information that permits the identity
of an individual to be directly or indirectly inferred, including any other information which is linked or linkable to that individual regardless of
whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Page 6 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
☒ By a non-personal identifier. Please describe.
For high level data searches, non-personal identifiers
such as country of birth, country of citizenship, and
gender may be used.
d. What is the records
retention
schedule(s)? Include
the records schedule
number.
Information is retained in the I-901 System, a DHS
Financial Management System. Under the existing
retention schedule and in accordance with NARA general
records schedules, the information will be maintained for
6 years from the date of the final payment or cancellation
and then deleted from DHS Financial Management
Systems. Retention of the information for this amount of
time is necessary in order to apply any additional
expenditures, make corrections to payments (i.e., for
overpayments) and account balances, and for reporting
and auditing purposes. Credit card and bank account
information is not stored in or retained by the I-901
system beyond the time it takes to settle the transaction.
This includes the name of the credit card holder.
DHS reminds DHS Financial Management System users
e. How do you ensure
through policy and training that they must follow the applicable
that records are
retention schedules for financial information, regardless of
disposed of or deleted
where it is stored.
in accordance with
the retention
schedule?
f. Is any of this information shared outside of the original program/office? If yes,
describe where (other offices or DHS components or external entities) and why.
What are the authorities of the receiving party?
☐ Yes, information is shared with other DHS components or offices. Please describe.
☒ Yes, information is shared external to DHS with other federal agencies, state/local
partners, international partners, or non-governmental entities. Please describe.
Confirmation of payment is sent to the Student and Exchange Visitor Information
System (SEVIS) and the SEVIS system connects to the Department of State’s Consular
database to send confirmation of the I-901 fee payment to an applicant’s record.
☐ No. Information on this form is not shared outside of the collecting office.
Privacy Threshold Analysis – IC/Form
Page 7 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Please include a copy of the referenced form and Privacy Act Statement (if
applicable) with this PTA upon submission.
Privacy Threshold Analysis – IC/Form
Page 8 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:
Date submitted to component Privacy
Office:
Date submitted to DHS Privacy Office:
Have you approved a Privacy Act
Statement for this form? (Only
applicable if you have received a
waiver from the DHS Chief Privacy
Officer to approve component Privacy
Act Statements.)
Michelle Escobar
December 7, 2017
December 19, 2017
☒ Yes. Please include it with this PTA
submission.
☐ No. Please describe why not.
Click here to enter text.
See Appendix A for a copy of the Privacy
Statement.
Component Privacy Office Recommendation:
Please include recommendation below, including what existing privacy compliance
documentation is available or new privacy compliance documentation is needed.
ICE Privacy recommends that the PTA is sufficient at this time. The information collected
by the Form I-901 is covered under DHS/ALL/PIA-053 DHS Financial Management
Systems and the DHS/ALL-008 Accounts Receivable System of Records.
Privacy Threshold Analysis – IC/Form
Page 9 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
PRIVACY THRESHOLD ADJUDICATION
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:
Max Binstock
PCTS Workflow Number:
Date approved by DHS Privacy Office:
PTA Expiration Date
1155365
January 2, 2018
January 2, 2021
DESIGNATION
Privacy Sensitive IC or
Form:
Yes If “no” PTA adjudication is complete.
DHS IC/Forms Review:
DHS PRIV has approved this ICR/Form.
Determination:
☐ PTA sufficient at this time.
☐ Privacy compliance documentation determination in
progress.
☐ New information sharing arrangement is required.
☐ DHS Policy for Computer-Readable Extracts Containing SPII
applies.
☒ Privacy Act Statement required.
☒ Privacy Impact Assessment (PIA) required.
☒ System of Records Notice (SORN) required.
☐ Specialized training required.
☐ Other. Click here to enter text.
Date IC/Form Approved January 2, 2018
by PRIV:
IC/Form PCTS Number: Click here to enter text.
Privacy Act
Privacy Notice is required
Statement:
Please change Privacy Statement to Privacy Notice.
PTA:
No system PTA required.
Click here to enter text.
PIA:
System covered by existing PIA
Privacy Threshold Analysis – IC/Form
Page 10 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
If covered by existing PIA, please list: DHS/ALL/PIA-053 DHS Financial
Management Systems
If a PIA update is required, please list: Click here to enter text.
SORN:
System covered by existing SORN
If covered by existing SORN, please list: DHS/ICE 001 Student and
Exchange Visitor Information System, January 5, 2010, 75 FR 412
If a SORN update is required, please list: Click here to enter text.
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
ICE Privacy is submitting this PTA because I-901 is mandated by Congress to support
the Student and Exchange Visitor Program and the automated system that keeps
track of students (F and M) and exchange visitors (J) and ensures that they maintain
their status while in the United States. Each student or exchange visitor issued an
initial Form I-20 or DS-2019 is responsible for paying the I-901 fee to SEVP. In
addition to biographical information, the Form I-901 requests credit card
information from those paying the fee over the Internet.
PRIV finds that is a privacy sensitive form and a PIA is required because the I-901
program collects PII from members of the public. PRIV agrees with ICE Privacy that
the DHS Financial Management Systems PIA provides coverage. DHS/ALL/PIA-053
specifically talks about the privacy risks and mitigations associated with the I-901
Fee Collection Services System in the appendix.
PRIV finds that a SORN is required because Form I-901 retrieves information by a
unique identifier. PRIV finds that the SEVIS SORN provides coverage for the I-901
program.
PRIV finds that a Privacy Notice is required because it is DHS policy to provide one
for all persons asked to provide personal information about themselves. The Privacy
Notice should be similar to the Privacy Act Statement, in that it should cite to ICE
Privacy documents for Routine Uses. In this case because the members of the public
asked to provide PII are non-US persons, ICE Privacy should cite to the PIA.
Privacy Threshold Analysis – IC/Form
Page 11 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Appendix A – Privacy Statement
Privacy Statement
Authority and Purpose: Sections 1154, 1184, 1372, and 1258 of Title 8, U.S. Code,
authorize ICE to collect this information. ICE collects your information to facilitate the
payment of the Student and Exchange Visitor Program fee for F, M, and J nonimmigrant's
(students, exchange visitors, and their dependents). This fee is mandated by Congress to
support the program office and the automated system that keeps track of students and
exchange visitors and ensures that they maintain their status while in the United States.
Furnishing your information is voluntary; however, failure to provide it may result in
denial of admission to the United States.
Routine Uses: Your information may be disclosed to other government agencies,
contractors, or financial institutions as may be necessary to facilitate the payment and
accounting of the Student and Exchange Visitor Program fee.
Privacy Threshold Analysis – IC/Form
Page 12 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Appendix B – Form I-901
SEE NEXT PAGE
Privacy Threshold Analysis – IC/Form
Page 13 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 14 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 15 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 16 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 17 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 18 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 19 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 20 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 21 of 22
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, pia@hq.dhs.gov
www.dhs.gov/privacy
Privacy Threshold Analysis – IC/Form
Page 22 of 22
Version number: 04-2016
File Type | application/pdf |
File Title | Information Collection-Forms PTA |
Author | marilyn.powell |
File Modified | 2018-04-23 |
File Created | 2018-01-02 |