skip to main content

H.R. 2454 (115th): Department of Homeland Security Data Framework Act of 2018

The text of the bill below is as of May 16, 2017 (Introduced).


I

115th CONGRESS

1st Session

H. R. 2454

IN THE HOUSE OF REPRESENTATIVES

May 16, 2017

(for himself and Mr. McCaul) introduced the following bill; which was referred to the Committee on Homeland Security

A BILL

To direct the Secretary of Homeland Security to establish a data framework to provide access for appropriate personnel to law enforcement and other information of the Department, and for other purposes.

1.

Short title

This Act may be cited as the Department of Homeland Security Data Framework Act of 2017.

2.

Findings

Congress makes the following findings:

(1)

The Department of Homeland Security was established pursuant to the Homeland Security Act of 2002 (Public Law 107–296) and has the statutory mission to prevent terrorist attacks and reduce the vulnerability of the United States to terrorism, among other critical functions.

(2)

The Department is comprised of more than 22 component agencies and offices with different legal mandates and restrictions regarding collecting, storing, and sharing information.

(3)

In November 2013, the Department issued a privacy impact assessment for the Department of Homeland Security Data Framework, which is intended to be a scalable information technology program to connect numerous databases located in different Department component agencies.

(4)

The privacy impact assessment referred to in paragraph (3) stated that such Framework “will enable the implementation of efficient and cost-effective search and analysis across DHS databases in both classified and unclassified domains.”.

(5)

Given the size and purpose of such Framework, it is essential that the Department appropriately manages the timeline, budget, privacy, and security requirements for the system, as well as ensures the Department has the specialized and trained personnel to fully utilize the Framework.

3.

Department of Homeland Security data framework

(a)

In general

The Secretary of Homeland Security shall develop a data framework to integrate existing Department of Homeland Security datasets and systems, as appropriate, for access by authorized personnel in a manner consistent with relevant legal authorities and privacy, civil rights, and civil liberties policies and protections. In developing such framework, the Secretary shall ensure, in accordance with all applicable statutory and regulatory requirements, the following information is included:

(1)

All information acquired, held, or obtained by an office or component of the Department that falls within the scope of the information sharing environment, including homeland security information, terrorism information, weapons of mass destruction information, and national intelligence.

(2)

Any information or intelligence relevant to priority mission needs and capability requirements of the homeland security enterprise, as determined appropriate by the Secretary.

(b)

Data framework access

(1)

In general

The Secretary of Homeland Security shall ensure that the data framework required under this section is accessible to employees of the Department of Homeland Security who the Secretary determines—

(A)

have an appropriate security clearance;

(B)

are assigned to perform a function that requires access to information in such framework; and

(C)

are trained in applicable standards for safeguarding and using such information.

(2)

Guidance

The Secretary of Homeland Security shall—

(A)

issue guidance for Department of Homeland Security employees authorized to access and contribute to the data framework pursuant to paragraph (1); and

(B)

ensure that such guidance enforces a duty to share between offices and components of the Department when accessing or contributing to such framework for mission needs.

(3)

Efficiency

The Secretary of Homeland Security shall instruct components of the Department of Homeland Security to make available information through the data framework under this section in a machine-readable format, to the greatest extent practicable.

(c)

Exclusion of information

The Secretary of Homeland Security may exclude from the data framework information that the Secretary determines access to or the confirmation of the existence of could—

(1)

jeopardize the protection of sources, methods, or activities;

(2)

compromise a criminal or national security investigation;

(3)

be inconsistent with the other Federal laws or regulations; or

(4)

be duplicative or not serve an operational purpose if included in such framework.

(d)

Safeguards

The Secretary of Homeland Security shall incorporate into the date framework systems capabilities for auditing and ensuring the security of information included in such framework. Such capabilities shall include the following:

(1)

Mechanisms for identifying insider threats.

(2)

Mechanisms for identifying security risks.

(3)

Safeguards for privacy, civil rights, and civil liberties.

(e)

Deadline for implementation

Not later than two years after the date of the enactment of this Act, the Secretary of Homeland Security shall ensure the completion of the data framework required under this section and that such framework includes all appropriate information in existence within the Department of Homeland Security.

(f)

Notice to Congress

(1)

Operational notification

Not later than 60 days after the date on which the data framework required under this section is fully operational, the Secretary of Homeland Security shall provide notice to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate of such.

(2)

Regular status

The Secretary shall submit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate regular updates on the status of the data framework required under this section.

(g)

Definitions

In this section:

(1)

Finished analysis

The term finished analysis means any document, briefing, report, or presentation for which an analyst has evaluated, interpreted, integrated, or placed into context information that falls within the scope of the information sharing environment, including homeland security information, terrorism information, weapons of mass destruction information, and national intelligence.

(2)

Intelligence component of the Department

The term intelligence component of the Department has the meaning given such term in section 2(11) of the Homeland Security Act of 2002 (6 U.S.C. 101(11)).

(3)

National intelligence

The term national intelligence has the meaning given such term in section 3(5) of the National Security Act of 1947 (50 U.S.C. 3003(5)).