Skip to main content

DHS rescinds the Privacy Act protections of non-citizens and non-LPRs

  1. Date Announced

    April 27, 2017

    DHS issues new privacy policy guidance making clear that Privacy Act protections will no longer extend to persons other than U.S. citizens and LPRs in accordance with Executive Order (EO) No. 13,768, which states that agencies may no longer extend Privacy Act protections to those who are not U.S. citizens or LPRs. However, decisions regarding the use and protection of information held by DHS must still conform to Fair Information Practice Principles (FIPPs). FIPPs consist of the following principles: Transparency, Individual Participation, Purpose Specification, Data Minimization, Use Limitation, Data Quality and Integrity, Security, and Accountability and Auditing. [ID #854]

    View Policy Document
  2.  
Status: Final/Actual
Subject Matter: Enforcement
Agencies Affected: DHS

Prior Policies

  • In January 2007, DHS announced that it would treat all persons’ personally identifiable information, regardless of citizenship, the same under the Privacy Act and extend its protections accordingly (“Mixed Systems policy”). On January 25, 2017, President Trump issued Executive Order (E.O.) No. 13,768, Enhancing Public Safety in the Interior of the United States , which states that agencies may no longer extend the protections of the Privacy Act to those other than U.S. citizens and Lawful Permanent Residents (LPR). Accordingly, DHS must change its 2007 policy. Instead, DHS will now treat all persons, regardless of immigration status, consistent with the Fair Information Practice Principles (FIPPs) and applicable law

    DHS Privacy Policy Guidance Memorandum No. 2007-01

We require registration to leave feedback. You may either:

  • Sign in with your current user name and password.

  • Register if you don't have a user name and password.