The IT Law Wiki
The IT Law Wiki

Overview[]

On November 2, 2006, the Department of Homeland Security posted a System of Records Notice (SORN) in the Federal Register regarding the deployment of the Automated Targeting System (ATS), to screen travelers entering the United States by car, plane, ship, or rail.[1] Originally developed to help identify potential cargo threats, ATS is a module of the Treasury Enforcement Communications System (TECS). TECS is described as an “overarching law enforcement information collection, targeting, and sharing environment.”

ATS is an intranet-based enforcement and decision support tool operated by the Bureau of Customs and Border Protection (CBP). It is the cornerstone for all CBP targeting efforts. ATS compares traveler, cargo, and conveyance information against intelligence and other enforcement data by incorporating risk-based targeting scenarios and assessments. CBP uses ATS to improve the collection, use, analysis, and dissemination of information that is gathered for the primary purpose of targeting, identifying, and preventing potential terrorists and terrorist weapons from entering the United States. CBP also uses ATS to identify other violations of U.S. laws that are enforced by CBP. In this way, ATS allows CBP officers charged with enforcing U.S. law and preventing terrorism and other crime to focus their efforts on travelers, conveyances, and cargo shipments that most warrant greater scrutiny.

ATS standardizes names, addresses, conveyance names, and similar data so these data elements can be more easily associated with other business data and personal information to form a more complete picture of a traveler, import, or export in context with previous behavior of the parties involved. Traveler, conveyance, and shipment data are processed through ATS and are subject to a real-time, rules-based evaluation.

ATS Modules[]

ATS itself consists of six modules that focus on exports, imports, passengers and crew (airline passengers and crew on international flights, and passengers and crew on sea carriers), private vehicles crossing at land borders, and import trends over time:

Additionally, CBP is developing IOFS — a new module for ATS.

As a legacy organization of CBP, the U.S. Customs Service traditionally employed computerized screening tools to target potentially high-risk cargo entering, exiting, and transiting the United States. ATS was originally designed as a rules-based program to identify such cargo; it did not apply to travelers. ATS-Inbound and ATS-Outbound became operational in 1997. ATS-P became operational in 1999. Currently, CBP collects this information to the extent collected by carriers in connection with a flight into or out of the United States, as part of its border enforcement mission and pursuant to the Aviation and Transportation Security Act of 2001 (ATSA).[3]

ATS receives various data in real time from the following CBP mainframe systems: the Automated Commercial System (ACS), the Automated Manifest System (AMS), the DHS Advanced Passenger Information System (APIS), the Automated Export System (AES), the Automated Commercial Environment (ACE), the DHS Electronic System for Travel Authorization (ESTA), the DHS Nonimmigrant Information System (NIIS), DHS Border Crossing Information (BCI), and the Treasury Enforcement Communications System (TECS). ATS also collects certain data directly from air carriers in the form of PNR.

ATS also collects data from foreign governments and certain express consignment services in conjunction with specific cooperative programs. ATS accesses data from these sources, which collectively include: electronically filed bills of lading, entries, and entry summaries for cargo imports; shippers’ export declarations and transportation bookings and bills for cargo exports; manifests for arriving and departing passengers; land-border crossing and referral records for vehicles crossing the border; airline reservation data; nonimmigrant entry records; and records from secondary referrals, incident logs, suspect and violator indices, seizures, and information from the TSDB and other government databases regarding individuals with outstanding wants and warrants and other high-risk entities. Finally, ATS uses data from Dun & Bradstreet, a commercially available data source, to assist with company identification through name and address matching.

In addition to providing a risk-based assessment system, ATS provides a graphical user interface (GUI) for many of the underlying legacy systems from which ATS pulls information. This interface improves the user experience by providing the same functionality in a more rigidly controlled access environment than the underlying system. Access to this functionality of ATS uses existing technical security and privacy safeguards associated with the underlying systems.

A large number of rules are included in the ATS modules, which encapsulate sophisticated concepts of business activity that help identify suspicious or unusual behavior. The ATS rules are constantly evolving to both meet new threats and refine existing rules. ATS applies the same methodology to all individuals to preclude any possibility of disparate treatment of individuals or groups. ATS is consistent in its evaluation of risk associated with individuals and is used to support the overall CBP law enforcement mission.

References[]

  1. Department of Homeland Security, Office of the Secretary, “Privacy Act of 1974; System of Records,” 71 Fed. Reg. 64543 (Nov. 2, 2006).
  2. Department of Homeland Security, Privacy Impact Assessment for the Automated Targeting System, at 3 (Nov. 22, 2006)[1]
  3. 49 U.S.C. §44909. The regulations implementing ATSA are codified at 19 C.F.R. §122.49d.