Privacy Impact Assessment for the Criminal Investigate Index and Files for the Office of Criminal Enforcement, Forensics and Training
On this page:
- I. Data in the System
- II. Access to the Data
- III. Attributes of the Data
- IV. Maintenance of Administrative Controls
I. Data in the System
Generally describe what data/information will be collected in the system.
CCRS is the Criminal Investigation Division's "official record" of all criminal investigation activites. As such, the system maintains information pertaining to individuals and companies associated with CID's criminal leads and cases, as well as other information related to the conduct of criminal investigations. CID's collection of this information is inherent in its investigative responsibilities as mandated by Title 18 United States Code, Section 3063 (18 USC 3063), enacted under Public Law 100-582 on November 1, 1988. The information collected in CCRS includes investigative activity reports, investigative summary reports, subject information (including PII information), and sentencing information. This information is obtained as a result of various investigative activities, including: tips, complaints, interviews, surveillance, records review, evidence collection and analysis, and judicial action.
CCRS is an EPA-only system and data entry is performed directly by CID employees. The Public has no direct input or access to CCRS data. Access to CCRS data is restricted and limited to OCEFT employees and Regional Criminal Enforcement Cousels (RCECs) who use the data to document, plan, manage, evaluate, and support CID's investigative functions. The system provides several output- and outcome-based performance measures which are tracked by the CID program and reported to OMB and the Public. These measures are designed to quantify the effectiveness of CID's investigative activities, and their affect on human health and the environment.
At present, the Public is allowed to obtain only select defendant data fields for closed, convicted cases via the Freedom of Information Act. These data fields include only public information for individual or corporate defendants.
Also note that some information contained in the electronic system is "mirrored" in paper files, secured at the appropriate investigating office.
What are the sources and types of the information in the system?
Information is entered into CCRS by CID's Special Agents and Administrative staff, based on the results of the agents' investigative activities, and is used to document the progress and results of their criminal investigations. The type of information found in CCRS includes tips, complaints, and allegations; investigative reports; subject information (including PII); judicial information; and geographic information.
How will the data be used by the Agency?
CCRS maintains and tracks case specific program and investigative information on over 8,200 active and archived criminal cases. This data supports the goals of EPA's GPRA program and the OMB Program Assessment Rating Tool, as well as Goal 5 of EPA's Strategic Plan. This data also supports the program's performance and efficiency goals. See answer to #1 for additional information.
Why is the information being collected? (Purpose)
This information is being collected to document, manage, evaluate, support and further the investigation of persons or organizations alleged to have criminally violated any environmental statute or regulation. Criminal violations of other federal statutes may have occurred in conjunction with such environmental violations and, therefore, may also be within the scope of an OCEFT/CID investigation and may be included in the record system. In addition, the information in CCRS is used to report the progress and results of CID's criminal investigations.
II. Access to the Data
Who will have access to the data/information in the system (internal and external parties)? If contractors, are the Federal Acquisition Regulations (FAR) clauses included in the contract (24.104 Contract clauses; 52.224-1 Privacy Act Notification; and 52.224-2 Privacy Act)?
The system is housed on a secure server at RTP. Remote access to the system is available only though a secure remote-access implementation that incorporates Secured-Socket-Layer encryption and RSA SecurID two-factor authentication method. Access to CCRS is generally limited to sworn law enforcemnet officers and other support personnel from EPA's Criminal Investigation Division. Regional Criminal Enforcement Counsels are provided read-only access for cases under their review
There are no external parties with access to CCRS.
The public does not have access to CCRS.
External users who require (and are authorized to receive) data extracts from CCRS are provided the appropriate information, as needed, by system users.
What controls are in place to prevent the misuse of data by those having authorized access?
CCRS does not provide direct public access and the system is protected to restrict access to authorized users. Access levels are controlled by user roles through the application. The role determines the level of data access available: no availability (screens are not accessible), read only, data-input, data-edit, or data-deletion. CCRS users must undergo applicable background checks in compliance with Agency IT and Security policies. The authentication mechanism is a two-factor authentication process that uses one-time dynamic passwords (RSA tokens) and a four-digit PIN number known only to the individual user. The CCRS application resides on a UNIX server physically housed at EPA's National Computer Center (NCC) in RTP. The NCC provides the physical and technical security to the server
All users are required to receive security training before they are granted access to the system, and they must abide by the following rules:
- Attend both Criminal Case Reporting System application and LAN security training.
- Be familiar with all security policies and practices involving the Criminal Case Reporting System application, especially those for law enforcement and confidentially-sensitive information. Criminal Case Reporting System security policies and practices are set forth in the Criminal Case Reporting System Security Policies and Procedures Manual.
- Maintain security for the application by correctly using established security mechanisms and practices when accessing the Criminal Case Reporting System application as well as the LAN.
- Notify the appropriate personnel of security incidents immediately.
- Notify the Criminal Case Reporting System application manager when staff have terminated or changed positions to have their access to the application terminated.
All Criminal Case Reporting System users are responsible and accountable for their use of the application and its data.
Failure to follow the rules listed above may result in one of more of the following actions:
- Suspension of access privileges.
- Suspension or removal.
In addition, especially for the unauthorized disclosure of law enforcement sensitive data, there may be criminal and civil penalties, including fines and/or prison terms. Consequences of non-compliance are based on the severity of the violation, at the discretion of management, and through due process of law.
Do other systems share data or have access to data/information in this system? If yes, explain who will be responsible for protecting the privacy rights of the individuals affected by the interface? (i.e., System Administrators, System Developers, System Managers)
Will other agencies, state or local governments share data/information or have access to data in this system? (Includes any entity external to EPA.)
The entire system is located within the EPA secure network infrastructure and is not available to other agencies to use or view. No other agency (State or Federal) has data access rights to the system. OCEFT management must first evaluate, approve, and authorize any request for information from Non-EPA entities prior to retrieval/sharing of data from CCRS
Do individuals have the opportunity to decline to provide information or to consent to particular uses of the information? If yes, how is notice given to the individual? (Privacy policies must clearly explain where the collection or sharing of certain information may be optional and provide users a mechanism to assert any preference to withhold information or prohibit secondary use.)
III. Attributes of the Data
Explain how the use of the data is both relevant and necessary to the purpose for which the system is being designed.
CCRS is the Criminal Investigation Division's "official record" of all criminal investigation activites, and the system maintains and tracks case-specific program and investigative information on over 8,200 active and archived criminal cases. The collection of this information is inherent in its investigative responsibilities as mandated by Title 18 United States Code, Section 3063 (18 USC 3063), enacted under Public Law 100-582 on November 1, 1988.
The information collected in CCRS includes investigative activity reports, investigative summary reports, subject information (including PII information), and sentencing information. This information is obtained as a result of various investigative activities, including: tips, complaints, interviews, surveillance, records review, evidence collection and analysis, and judicial action. This information is used by users at all levels to document, plan, manage, evaluate, support, and report the progress and results of CID's criminal investigations.
In addition, the information in CCRS is used to support the program's performance and efficiency goals. CCRS reports several output-based measures, such as: cases initiated; defendants charged; total fines, restitutions, and judicially-mandated projects sentenced; and total incarceration sentenced. The information in CCRS is also being used to develop and report several outcome-based measures, such as: pollutant impact, pollutant reduction, improved environmental management, and recidivism. This data supports the goals of EPA's GPRA program and the OMB Program Assessment Rating Tool, as well as Goal 5 of EPA's Strategic Plan.
If data are being consolidated, what controls are in place to protect the data from unauthorized access or use? Explain.
No data is being consolidated.
If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access? Explain.
No processes are being consolidated.
How will data be retrieved? Can it be retrieved by personal identifier? If yes, explain. (A personal identifier is a name, Social Security Number, or other identifying symbol assigned to an individual, i.e. any identifier unique to an individual.)
CCRS data can be retrieved by the title or system-assigned number of the criminal case or lead. Data can also be retrieved by the name of a subject individual or corporation. For example, an authorized user may query CCRS based on the name of an individual or company and retrieve records associated with that individual or company from CCRS. This display allows investigators to properly and correctly identify subjects of criminal investigations, while helping to prevent false-positive "matches" with unrelated subjects.
What achievements of goals for machine readability have been incorporated into this system? Where is the policy stated? (Machine readable technology enables visitors to easily identify privacy policies and make an informed choice about whether to conduct business with that site.)
There is NO direct public access to CCRS, and machine readable technologies are not incorportated into CCRS. CCRS data is restricted and access is limited to authorized OCEFT employees and RCECs, Regional and Headquarters Program managers who use the data to to document, plan, manage, evaluate, support, and report the progress and results of CID's criminal investigations. This policy is stated in the System Administration documentation as well as the CCRS Security Policies and Procedures Manual.
IV. Maintenance of Administrative Controls
Has a record control schedule been issued for the records in the system? If so, provide the schedule number. What are the retention periods for records in this system? What are the procedures for eliminating the records at the end of the retention period? (You may check with the record liaison officer (RLO) for your AA-ship, Tammy Boulware (Headquarters Records Officer) or Judy Hutt, Agency Privacy Act Officer, to determine if there is a retention schedule for the subject records.)
No. The electronic information contained in CCRS is permanent and will be maintained for the life of the system. Inactive records are permanently maintained to provide historical reference and statistical information.
The manner of Retention and Disposal of the system's paper files depends on how the information is used, and is divided into three categories:
- For cases investigated but not referred to the Department of Justice (DOJ) for criminal prosecution, files are retained in the applicable OCEFT/CID office for two years after the investigation is closed and then forwarded to the Federal Records Center (FRC) nearest the System Location for an additional three years. The FRC will normally destroy the files after three years.
- For cases referred to DOJ but DOJ declines to prosecute, files are retained by the applicable OCEFT/CID office for five years after DOJ declines to prosecute and then retired to the FRC, where they are normally destroyed after five years.
- For cases that become the subject of judicial action, files are retained by the applicable OCEFT/CID office for five years after completion of the judicial action and then forwarded to the FRC for an additional ten years of retention. The FRC normally destroys the case files after ten years.
While the data are retained in the system, what are the requirements for determining if the data are still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?
The data are reviewed annually and a determination is made as to its accuracy. The data is verified by comparing it to other case documentation such as judical indictments, judgement and commitment orders, personal information datasheets, case opening checklists, and case conclusion datasheets.
Will this system provide the capability to identify, locate, and monitor individuals? If yes, explain.
Yes, to a limited degree. An authorized user can identify individuals who are associated as subjects, victims, witnesses, suspects, and defendants in criminal investigations. The records provide information on these subjects that was current at the time of entry. No effort is made to update the information on "old" subjects, and there is no mechanism in CCRS to locate or monitor individuals after an investigation has been concluded.
Does the system use any persistent tracking technologies?
Under which System of Records (SOR) notice does the system operate? Provide the name of the system and its SOR number if applicable. For reference, please view this list of Agency SORs. (A SOR is any collection of records under the control of the Agency in which the data is retrieved by a personal identifier. The Privacy Act Officer will determine if a SOR is necessary for your system.)