Download:
pdf |
pdfU.S. Department of the Interior
PRIVACY IMPACT ASSESSMENT
Introduction
The Department of the Interior requires PIAs to be conducted and maintained on all IT systems whether
already in existence, in development or undergoing modification in order to adequately evaluate privacy
risks, ensure the protection of privacy information, and consider privacy implications throughout the
information system development life cycle. This PIA form may not be modified and must be completed
electronically; hand-written submissions will not be accepted. See the DOI PIA Guide for additional
guidance on conducting a PIA or meeting the requirements of the E-Government Act of 2002. See
Section 6.0 of the DOI PIA Guide for specific guidance on answering the questions in this form.
NOTE: See Section 7.0 of the DOI PIA Guide for guidance on using the DOI Adapted PIA template to
assess third-party websites or applications.
Name of Project: Migratory Bird Data Repository and Harvest Surveys
Bureau/Office: U.S. Fish and Wildlife Service
Date: February 18, 2022
Point of Contact
Name: Jennifer L. Schmidt
Title: FWS Privacy Officer
Email: FWS_Privacy@fws.gov
Phone: (703) 358-2291
Address: 5275 Leesburg Pike, MS: IRTM, Falls Church, VA 22041
Section 1. General System Information
A. Is a full PIA required?
ց Yes, information is collected from or maintained on
ց Members of the general public
ց Federal personnel and/or Federal contractors
տ Volunteers
տ All
տ No: Information is NOT collected, maintained, or used that is identifiable to the individual in
this system. Only sections 1 and 5 of this form are required to be completed.
B. What is the purpose of the system?
The Migratory Bird Data Repository (MBDR) stores data collected by various migratory bird
biological and survey monitoring programs conducted by, or overseen by the U.S. Fish and
Wildlife Service (FWS) Division of Migratory Bird (MB) management. The MBDR also
MBDR and Harvest Surveys
Privacy Impact Assessment
maintains limited Personally Identifiable Information (PII) on individuals who hunt migratory
game birds as part of FWS’ Harvest Information Program.
FWS’ Harvest Information Program (HIP) is a cooperative State-Federal program that requires
individuals who intend to hunt waterfowl, doves, band-tailed pigeons, woodcock, rails, snipe,
and/or sandhill cranes to identify themselves as migratory bird hunters to the State hunting
licensing authority when purchasing a hunting license. Pursuant to 50 CFR 20.20 (b), “hunters
must provide their name, address, and date of birth to the respective State hunting licensing
authority in each state in which they hunt, and must have on their person evidence, provided by
that State, of compliance with this requirement.”
States then share hunters’ PII with FWS in order that FWS may invite a random sampling of
these hunters to participate in FWS’ annual hunting or harvest surveys. A response to these
surveys is voluntary. Responses are used to generate reliable estimates of hunting activity and
the number of all migratory game birds harvested throughout the country.
The MBDR and Harvest Surveys are necessary for FWS biologists to make sound decisions
concerning hunting seasons, bag limits, and migratory bird population management pursuant to
FWS’ mission to work with others to conserve, protect and enhance fish, wildlife and plants and
their habitats for the continuing benefit of the American people.
C. What is the legal authority?
x
x
x
x
Migratory Bird Treaty Act (16 U.S.C. 703-712)
Migratory Bird Hunting, 50 CFR Part 20
Migratory Bird Conservation Act of 1929; 45 Stat. 1222
Executive Order 13186, Responsibilities of Federal Agencies to Protect Migratory Birds
D. Why is this PIA being completed or modified?
տ New Information System
տ New Electronic Collection
տ Existing Information System under Periodic Review
տ Merging of Systems
ց Significantly Modified Information System
տ Conversion from Paper to Electronic Records
տ Retiring or Decommissioning a System
ց Other: Describe
MBDR will consolidate multiple databases into one secure and centrally-managed repository. It
is expected that MBDR will eventually store most or all important scientific data assets collected
by migratory bird biological and survey monitoring programs.
E. Is this information system registered in CSAM?
2
MBDR and Harvest Surveys
Privacy Impact Assessment
տ Yes: Enter the UII Code and the System Security Plan (SSP) Name
ց No: MBDR and Harvest Surveys are in the process of CSAM registration.
F. List all minor applications or subsystems that are hosted on this system and covered under
this privacy impact assessment.
Subsystem Name
Purpose
Contains PII
(Yes/No)
Describe
If Yes, provide a
description.
None.
G. Does this information system or electronic collection require a published Privacy Act
System of Records Notice (SORN)?
ց Yes: List Privacy Act SORN Identifier(s)
INTERIOR/FWS-26, Migratory Bird Population and Harvest Surveys - 80 FR 27183 (May 12,
2015). This SORN is currently under revision to provide general updates and incorporate new
Federal requirements in accordance with OMB Circular A-108.
տ No
H. Does this information system or electronic collection require an OMB Control Number?
ց Yes: Describe
OMB Control Number 1018-0023, Migratory Bird Surveys, expires 4/30/2023. This collection
encompasses the FWS Migratory Bird Hunter Surveys (FWS Forms 3-2056) or
https://fws.gov/harvestsurvey/, Parts Collection Surveys (FWS Forms 3-165), the Sandhill Crane
Harvest Survey (Form 3-2056N) and the collection of hunters’ PII from the states. States collect
this PII for their own licensing and conservation programs and not solely to share with FWS for
the purposes of HIP; thus, FWS relies on the states to provide hunters adequate notice of all
purposes of collection and any standard disclosures made to third parties, including FWS.
տ No
Section 2. Summary of System Data
A. What PII will be collected? Indicate all that apply.
ց Name
ց Date of Birth (DOB) – collected by states pursuant to 50 CFR 20.20 (b).
3
MBDR and Harvest Surveys
Privacy Impact Assessment
ց Personal Email Address
ց Mailing/Home Address
ց Other: Specify the PII collected.
DOB is necessary to identify hunters with same or similar names in order to issue the survey to
the correct individual. Username and password is collected from online survey respondents.
This information as well as PII used to authenticate FWS users are maintained by the fws.gov
internet access control system (see DOI’s Enterprise Hosted Infrastructure (EHI) PIA at https:
//www.doi.gov/privacy/pia) and not in the MBDR.
B. What is the source for the PII collected? Indicate all that apply.
ց Individual
տ Federal agency
տ Tribal agency
տ Local agency
ց DOI records, in the case of the prior year’s survey participants.
տ Third party source
ց State agency
տ Other: Describe
C. How will the information be collected? Indicate all that apply.
ց Paper Format
ց Email
տ Face-to-Face Contact
ց Web site
տ Fax
տ Telephone Interview
տ Information Shared Between Systems: Describe
ց Other: Describe
State wildlife agencies send their licensed hunters’ identifying information, including DOB to
FWS by uploading files to a secure data portal within 30 days of collection.
D. What is the intended use of the PII collected?
The PII is used to administer migratory bird surveys to a random sample of hunters and help
FWS make sound decisions concerning hunting seasons, bag limits, and migratory bird
population management to support the FWS’ mission. The DOB collection is necessary in order
to correctly identify hunters with same or similar names and to ensure they receive the correct
surveys depending on the type or types of birds hunted. FWS may use their PII to contact them
4
MBDR and Harvest Surveys
Privacy Impact Assessment
about their survey data, if necessary, and to coordinate participation in future surveys. Username
and password is collected for online surveys in order to grant authorized access and monitor
usage.
E. With whom will the PII be shared, both within DOI and outside DOI? Indicate all that
apply.
ց Within the Bureau/Office: Describe the bureau/office and how the data will be used.
Contact information stored in the MBDR is shared routinely among authorized staff in the
Division of Migratory Bird Management. For example, survey coordinators may share survey
respondents PII with biologists so that the latter may, when necessary, contact the participant
about his or her survey submission.
DOB from migratory game bird hunters required to enroll in HIP is stored in the MBDR;
however, it is not routinely shared beyond authorized HIP staff.
տ Other Bureaus/Offices: Describe the bureau/office and how the data will be used.
տ Other Federal Agencies: Describe the federal agency and how the data will be used.
տ Tribal, State or Local Agencies: Describe the Tribal, state or local agencies and how the data
will be used.
ց Contractor: Describe the contractor and how the data will be used.
As part of HIP, a third party contractor prints the letters and the specified survey form which is
then mailed to randomly selected migratory game bird hunters via the U.S. Postal Service.
տ Other Third Party Sources: Describe the third party source and how the data will be used.
F. Do individuals have the opportunity to decline to provide information or to consent to the
specific uses of their PII?
ց Yes: Describe the method by which individuals can decline to provide information or how
individuals consent to specific uses.
All surveys are completely voluntary and include a Privacy Act statement to that affect.
To comply with HIP individuals who hunt waterfowl, doves, band-tailed pigeons, woodcock,
rails, snipe, and/or sandhill cranes must identify themselves as migratory game bird hunters and
provide their name, address, and DOB to their state wildlife agency at the time they purchase
5
MBDR and Harvest Surveys
Privacy Impact Assessment
their hunting license from the state in accordance with 50 CFR 20.20. Individuals may decline
to provide this information to the state but may be prevented from receiving a hunting license.
ց No: State the reason why individuals cannot object or why individuals cannot give or
withhold their consent.
When hunters indicate intent to hunt migratory birds, they are not provided an opportunity by
the states to “opt-out” of receiving an invitation from FWS to complete a Harvest Survey;
however, FWS invites a random sampling and not all hunters choose to participate. If an
individual requests to be removed from the survey invitation list, HIP will oblige but it may not
be possible to prevent the hunter from receiving an invite the following year if he or she renews
his or her license.
G. What information is provided to an individual when asked to provide PII data? Indicate
all that apply.
ց Privacy Act Statement: Describe each applicable format.
A Privacy Act statement is included on paper survey forms and survey websites. State wildlife
agencies are responsible for providing individuals required privacy and disclosure notices pursuant
to state law and regulation.
ց Privacy Notice: Describe each applicable format.
Notice is provided through publication of this PIA and the INTERIOR/FWS-26 SORN. More
information about the Department’s privacy program including compliance documents and how
to submit a request for agency records protected by the Privacy Act of 1974 is available at DOI’s
Privacy website at https: //www.doi.gov/privacy.
ց Other: Describe each applicable format.
State wildlife agencies are responsible for providing to hunters state agency privacy and
disclosure notices, such as sharing with FWS for the purpose of HIP and administering the
Harvest Surveys.
FWS will submit to OMB a non-substantial amendment to the Information Collection (IC) OMB
Control Number 1018-0023, once the SORN modification is published. Along with this PIA, the
SORN modification and ICR amendment will help to provide explicit notice that the MBDR
maintains hunters’ PII for the purposes of HIP.
General information about FWS Migratory Bird hunting regulations and HIP are available online
on the FWS website at www.fws.gov.
FWS users are provided with a DOI security warning banner upon network logon that they are
6
MBDR and Harvest Surveys
Privacy Impact Assessment
accessing a DOI system, that they are subject to being monitored, and there is no expectation of
privacy during use of the system.
տ None
H. How will the data be retrieved? List the identifiers that will be used to retrieve information
(e.g., name, case number, etc.).
Data in MBDR is generally stratified by hunter activity and responses to specific questions about
their harvests. Infrequently, information may need to be retrieved by a licensed hunter’s name
and DOB to confirm identity, data accuracy and to ensure the hunter receives the correct survey;
or so that a population survey respondent may be contacted for questions about their submission.
I. Will reports be produced on individuals?
տ Yes: What will be the use of these reports? Who will have access to them?
ց No
Section 3. Attributes of System Data
A. How will data collected from sources other than DOI records be verified for accuracy?
State wildlife agencies evaluate licensed hunters’ PII before sending to FWS. Contact
information of survey participants is submitted by the individual and is therefore assumed to be
correct. Participants may contact the Division of Migratory Bird Management to update or
correct their contact information at any time. Questions regarding the status of their license or
similar inquiries are directed to the state in which the individual hunts.
B. How will data be checked for completeness?
Manual verification by state wildlife agencies and FWS’ Division of Migratory Bird
Management staff as well as automated data checks within the MBDR ensures completeness.
The harvests surveys programming includes automated data checks related to harvest
information as part of its design (e.g., appropriate registration dates, number of records, relative
activity).
C. What procedures are taken to ensure the data is current? Identify the process or name the
document (e.g., data models).
Migratory bird hunters must register with their state each year. This requirement provides them
the opportunity to confirm that their information is current or update as necessary. Hunters’
information must be submitted to the FWS within 30 days of license issuance. Migratory bird
surveys occur at least annually which also helps to keep respondents’ PII current.
7
MBDR and Harvest Surveys
Privacy Impact Assessment
D. What are the retention periods for data in the system? Identify the associated records
retention schedule for the records in this system.
MBDR records are considered temporary. They are reviewed annually and destroyed when no
longer needed in accordance with FWS Record Schedules PROJ-229 Special Surveys (NC1-2278-1/40); PROJ-230 Migratory Webless Game Bird Management (NC1-22-78-1/34); and PROJ240 Statistical Information Files (NC1-22-78-1/41).
E. What are the procedures for disposition of the data at the end of the retention period?
Where are the procedures documented?
Records are disposed of by shredding or pulping for paper records, and degaussing or erasing for
electronic records in accordance with NARA guidelines and Departmental policy.
F. Briefly describe privacy risks and how information handling practices at each stage of the
“information lifecycle” (i.e., collection, use, retention, processing, disclosure and
destruction) affect individual privacy.
There is moderate privacy risk due to the amount of PII collected by the surveys and maintained
in the Migratory Bird Data Repository (MBDR). These privacy risks include lack of notice,
unauthorized access, unauthorized disclosure, and misuse of data in the system. These risks are
addressed and mitigated through a variety of administrative, technical and physical controls. For
example, MBDR maintains and protects DOB of all licensed migratory game bird hunters. DOB
is not shared outside the program and only used to verify identity of hunter respondents with the
same or similar name such as family hunting partners with the same address. The MBDR’s
annual records review schedule also helps to mitigate the risk that PII will be maintained longer
than necessary.
Migratory bird hunters may not receive explicit notice from the states that their PII will be shared
with and maintained by FWS. Hunters do not receive an opportunity to opt-out of this sharing.
FWS relies on the states to provide hunters with adequate notice of all the purposes of collection
and any standard disclosures made to third parties, including to FWS. States may collect the
same PII for their own licensing and conservation programs and not solely to share with FWS for
the purposes of HIP. States may choose not to share hunters PII with FWS but that would
prevent FWS from being able to gather sound data through the Harvest Surveys. If FWS did not
conduct these surveys, the lack of accurate assessment of migratory bird harvests may likely lead
to restrictive hunting regulations, which could result in lost hunting recreation.
In order to help mitigate the risk of lack of notice FWS is revising the SORN to include the
establishment of the MBDR and will submit to OMB a non-substantial amendment to the
Information Collection (IC) OMB Control Number 1018-0023, once the SORN modification is
published. Along with this PIA, the SORN modification and ICR amendment will help FWS
provide notice that the MBDR maintains hunters’ PII for the purposes of HIP. A Privacy Act
statement is also provided to the hunters on the survey forms and survey websites.
8
MBDR and Harvest Surveys
Privacy Impact Assessment
Unauthorized system access and misuse of the data are mitigated by authenticating all users and
controlling access. Only authorized HIP staff are granted access to the system via DOI’s Active
Directory based on user role. Online survey participants must create a user account through
which they are granted access to only their profile information and survey submissions. There is
limited risk of surveying children 13 or younger as states do not issue hunting licenses to
individuals under 16. All PII is removed before sharing statistical information or analysis of the
scientific data outside of the program.
The MBDR is undergoing a formal Assessment and Accreditation and expects to be granted
authority to operate in accordance with the Federal Information Security Modernization Act
(FISMA) and National Institute of Standards and Technology (NIST) standards. The system is
rated as Moderate based on the type of data and it requires the Moderate baseline of security and
privacy controls to protect the confidentiality, integrity and availability of the PII contained in
the system. The system is developing a System Security and Privacy Plan (SSPP) based on NIST
guidance and is a part of the FWS Continuous Monitoring program that includes ongoing
security control assessments to ensure adequate security controls are implemented and assessed
in compliance with DOI policy and standards.
Finally, the use of MBDR will be conducted in accordance with the appropriate DOI use policy.
IT systems, in accordance with applicable DOI guidance, will maintain an audit trail of activity
sufficient to reconstruct security relevant events. The audit trail will include the identity of each
account accessing the system; time and date of access; and activities that could modify, bypass or
negate the system's security controls. Audit logs are encrypted and are reviewed on a regular,
periodic basis and any suspected attempts of unauthorized access or scanning are reported to the
DOI Computer Incident Response Center (CIRC). FWS follows the principal of least privilege so
that only the least amount of access is given to a user to complete their required activity. All
access is controlled by authentication methods to validate the authorized user. DOI employees
and contractors are required to complete annual security and privacy awareness training, and
those employees authorized to manage, use, or operate a system are required to take additional
Role Based Security and Privacy Training. All employees are required to sign annually the DOI
Rules of Behavior acknowledging their security and privacy responsibilities.
Section 4. PIA Risk Review
A. Is the use of the data both relevant and necessary to the purpose for which the system is
being designed?
ց Yes: Explanation
The PII collected is directly relevant and necessary for FWS and Migratory Bird Management to
perform its statutory responsibilities.
տ No
9
MBDR and Harvest Surveys
Privacy Impact Assessment
B. Does this system or electronic collection derive new data or create previously unavailable
data about an individual through data aggregation?
տ Yes: Explain what risks are introduced by this data aggregation and how these risks will be
mitigated.
ց No
C. Will the new data be placed in the individual’s record?
տ Yes: Explanation
ց No, not applicable.
D. Can the system make determinations about individuals that would not be possible without
the new data?
տ Yes: Explanation
ց No, not applicable.
E. How will the new data be verified for relevance and accuracy?
Not applicable; no new data is derived or placed in an individual’s record.
F. Are the data or the processes being consolidated?
ց Yes, data is being consolidated. Describe the controls that are in place to protect the data
from unauthorized access or use.
The MBDR will consolidate multiple, locally stored databases of harvest information and survey
responses into one secure centrally managed system with access control and use limitations
based on system access privileges and user role.
տ Yes, processes are being consolidated. Describe the controls that are in place to protect the
data from unauthorized access or use.
տ No, data or processes are not being consolidated.
G. Who will have access to data in the system or electronic collection? Indicate all that apply.
ց Users - MBDR users are limited to authorized FWS staff Division or Migratory Bird
management. Respondents to online surveys will have access to only their submissions and
profile information.
10
MBDR and Harvest Surveys
Privacy Impact Assessment
ց Contractors
տ Developers
ց System Administrator
տ Other: Describe
H. How is user access to data determined? Will users have access to all data or will access be
restricted?
Access to the MBDR data is granted on a need-to-know basis using the principle of least
privilege. It is limited to authorized FWS employees and controlled via Active Directory group
which allows for an improved and more granular data access and security model.
I. Are contractors involved with the design and/or development of the system, or will they be
involved with the maintenance of the system?
ց Yes. Were Privacy Act contract clauses included in their contracts and other regulatory
measures addressed?
Yes, the contract includes the required Federal Acquisition Regulation (FAR) clauses for
privacy.
տ No.
J. Is the system using technologies in ways that the DOI has not previously employed (e.g.,
monitoring software, SmartCards or Caller ID)?
տ Yes. Explanation
ց No
K. Will this system provide the capability to identify, locate and monitor individuals?
ց Yes. Explanation
As part of information system security requirements an audit trail is enabled. The audit trail
collects who logged in and from where and what actions were taken. It provides the capability to
identify users in the event of inappropriate usage and is only accessible by system administrators
with elevated privileges. All users of DOI computer systems and networks are notified that their
activity may be subject to monitoring.
տ No
L. What kinds of information are collected as a function of the monitoring of individuals?
11
MBDR and Harvest Surveys
Privacy Impact Assessment
The audit log captures administrator activity, authentication checks, authorization checks, data
deletions, data access, data changes, permission changes and access history.
M. What controls will be used to prevent unauthorized monitoring?
FWS systems utilize the principle of least privilege, log monitoring, administrative account
control, effective account access controls, including account provisioning, account review, and
account removal, to prevent unauthorized monitoring.
N. How will the PII be secured?
(1) Physical Controls. Indicate all that apply.
ց Security Guards
ց Key Guards
ց Locked File Cabinets
ց Secured Facility
տ Cipher Locks
ց Identification Badges
տ Safes
տ Combination Locks
ց Locked Offices
տ Other. Describe
(2) Technical Controls. Indicate all that apply.
ց Password
ց Firewall
ց Encryption
ց User Identification
տ Biometrics
ց Intrusion Detection System (IDS)
ց Virtual Private Network (VPN)
ց Public Key Infrastructure (PKI) Certificates
ց Personal Identity Verification (PIV) Card
տ Other. Describe
(3) Administrative Controls. Indicate all that apply.
ց Periodic Security Audits
ց Backups Secured Off-site
ց Rules of Behavior
12
MBDR and Harvest Surveys
Privacy Impact Assessment
ց Role-Based Training
ց Regular Monitoring of Users’ Security Practices
ց Methods to Ensure Only Authorized Personnel Have Access to PII
ց Encryption of Backups Containing Sensitive Data
ց Mandatory Security, Privacy and Records Management Training
ց Other. Describe
O. Who will be responsible for protecting the privacy rights of the public and employees? This
includes officials responsible for addressing Privacy Act complaints and requests for
redress or amendment of records.
The Division Chief of Migratory Bird Management is responsible for the oversight and
management of the MBDR. The Information System Owner and the Information System
Security Officer, in consultation with implicated System Managers are responsible for ensuring
adequate safeguards are implemented to protect individual privacy and providing adequate notice
and making decisions on Privacy Act requests for notification, access and amendment, as well as
processing complaints, in consultation with the FWS Associate Privacy Officer. All users and
personnel are responsible for protecting individual privacy for the information collected,
maintained, and used in the system, and for meeting the requirements of the Privacy Act and
other Federal laws and policies.
P. Who is responsible for assuring proper use of the data and for reporting the loss,
compromise, unauthorized disclosure, or unauthorized access of privacy protected
information?
The System Owner is responsible for oversight and management of security and privacy
controls, and for ensuring to the greatest possible extent that DOI/FWS and customer agency
data in the system is properly managed and that access to data has been granted in a secure and
auditable manner. The Information System Owner is also responsible for ensuring that any loss,
compromise, unauthorized access or disclosure of customer agency and agency PII is reported to
DOI-CIRC within one hour of discovery in accordance with Federal policy and established
procedures. In accordance with the Federal Records Act, the FWS Records Officer is responsible
for reporting any unauthorized records loss or destruction to NARA per 36 CFR 1230.
13
MBDR and Harvest Surveys
Privacy Impact Assessment
Section 5. Review and Approval
Information System Owner
Name: Jerome Ford
Title: Assistant Director
Bureau/Office: FWS Division of Migratory Birds
Phone: (202) 208-1050
Email: jerome_ford@fws.gov
Digitally signed by JEROME
JEROME
FORD
Date: 2022.02.04 12:28:43
FORD
-05'00'
Signature: __________________________
Information System Security Officer
Name: Chris Peterson
Title: Information Security Specialist
Bureau/Office: FWS Information Technology and Resources Management
Phone: (303) 275-2407
Email: chris_peterson@fws.gov
signed by
CHRISTOPHE Digitally
CHRISTOPHER PETERSON
Date: 2022.02.05 11:59:51
R PETERSON -07'00'
Signature: __________________________
Privacy Officer
Name: Jennifer L. Schmidt
Title: Associate Privacy Officer
Bureau/Office: FWS Information Technology and Resources Management
Phone: (703) 398-2291
Email: jennifer_schmidt@fws.gov
Digitally signed by JENNIFER
JENNIFER
SCHMIDT
Date: 2022.02.04 13:33:14
SCHMIDT
-05'00'
Signature: __________________________
Reviewing Official
Name: Teri Barnett
Title: Departmental Privacy Officer
Bureau/Office: DOI, Office of the Chief Information Officer
Phone: (202) 208-1943
Email: teri_barnett@ios.doi.gov
Digitally signed by NGOC
THUY BARNETT
Date: 2022.02.18
16:13:21 -05'00'
Signature: __________________________
14
File Type | application/pdf |
File Title | Microsoft Word - MBDR and Harvest Surveys PIA for signature 8NOV21.docx |
Author | jschmidt |
File Modified | 2022-02-18 |
File Created | 2022-02-17 |