The IT Law Wiki
Advertisement

Overview[]

The Department of Homeland Security (commonly known as Homeland Security or DHS) is a Cabinet department of the U.S. federal government that is responsible for protecting the United States from terrorist attacks and respond to natural disasters. It was created by the Homeland Security Act of 2002. The department was formed from 22 existing federal agencies in response to the terrorist attacks of September 11, 2001 to provide the unifying core for the vast national network of organizations and institutions involved in efforts to secure the United States.

Responsibilities[]

The DHS was given lead responsibility for preventing terrorist attacks in the United States, reducing the vulnerability of the United States to terrorist attacks, and minimizing the damage and assisting in recovery from attacks that do occur. The Act assigned the DHS, among other things, a number of critical infrastructure protection responsibilities, including gathering of threat information, including cyber-related,[1] from law enforcement, intelligence sources, and other agencies of the federal, state, and local governments and private sector entities to identify, assess, and understand threats; carrying out assessments of the vulnerabilities of key resources to determine the risks posed by attacks; and integrating information, analyses, and vulnerability assessments in order to identify priorities for protection. In addition, the department is responsible for disseminating, as appropriate, information that it analyzes — both within the department and to other federal, state, and local government agencies and private sector entities — to assist in the deterrence, prevention, preemption of, or response to terrorist acts.

DHS has been authorized to collect information under 5 U.S.C. §301; 8 U.S.C. §§1103, 1225(d)(3), 1324(b)(3), 1357(a) and 1360(b); 19 U.S.C. §§1 and 1509. Additional authority is provided in 6 U.S.C. §202; 8 U.S.C. §1158, 1201, 1365a, 1365b, 1379, and 1732; and 19 U.S.C. §§2071, 1581-83, and 1461; and the Immigration Reform and Immigrant Responsibility Act of 1996.

Cybersecurity[]

Cyberspace is highly dynamic and the risks posed by malicious cyber activity often transcend sector and international boundaries. Today's threats to cybersecurity require the engagement of the entire society — from government and law enforcement to the private sector and most importantly, members of the public — to mitigate malicious activities while bolstering defensive capabilities.

DHS is the principal federal agency to lead, integrate, and coordinate the implementation of efforts to protect cyber-critical infrastructures. DHS's role in critical infrastructure protection is established by law and policy. The Homeland Security Act of 2002, Homeland Security Presidential Directive 7, and the National Infrastructure Protection Plan establish a cyber protection approach for the nation's critical infrastructure sectors — including communications — that focuses on the development of public-private partnerships and establishment of a risk management framework. These policies establish critical infrastructure sectors, including the communications sector; assign agencies to each sector (sector-specific agencies), including DHS as the sector lead for the communications and information technology sectors; and encourage private sector involvement through the development of sector coordinating councils, such as the Communications Sector Coordinating Council, and information-sharing mechanisms, such as the Communications Information Sharing and Analysis Center.

DHS is responsible for protecting the federal executive branch civilian agencies and guiding the protection of the U.S.'s critical infrastructure. This includes the "dot-gov" world, where the government maintains essential functions that provide services to the American people, as well as privately owned critical infrastructure which includes the systems and networks that support the financial services industry, the energy industry, and the defense industry.

Strategic goals[]

The strategic goals of the DHS are:

  • Awareness — Identify and understand threats, assess vulnerabilities, determine potential impacts and disseminate timely information to our homeland security partners and the American public.
  • Prevention — Detect, deter and mitigate threats to our homeland.
  • Protection — Safeguard our people and their freedoms, critical infrastructure, property and the economy of our Nation from acts of terrorism, natural disasters, or other emergencies.
  • Response — Lead, manage and coordinate the national response to acts of terrorism, natural disasters, or other emergencies.
  • Recovery — Lead national, state, local and private sector efforts to restore services and rebuild communities after acts of terrorism, natural disasters, or other emergencies.
  • Service — Serve the public effectively by facilitating lawful trade, travel and immigration.
  • Organizational Excellence — Value our most important resource, our people. Create a culture that promotes a common identity, innovation, mutual respect, accountability and teamwork to achieve efficiencies, effectiveness, and operational synergies.

Constitutionally protected activities[]

DHS is not authorized to collect or retain information solely for the purpose of monitoring activities protected by the U.S. Constitution, such as the First Amendment protected freedoms of religion, speech, press, and peaceful assembly and protest. If information has some connection to constitutionally protected activities, it may be collected only where such collection is incidental to the authorized purpose.

DHS is also not authorized to collect or retain information based solely on race, ethnicity, national origin, or religious affiliation.[2] If it is later discovered that information was collected and was subsequently disseminated, the originator should make reasonable efforts to ensure that recipients of the information are notified of the improper collection and delete or refrain from using the information.

Information based solely on race, ethnicity, national origin, or religious affiliation[]

DHS is also not authorized to collect or retain information based solely on race, ethnicity, national origin, or religious affiliation.[3] If it is later discovered that information was collected and was subsequently disseminated, the originator should make reasonable efforts to ensure that recipients of the information are notified of the improper collection and delete or refrain from using the information.

Geographic intelligence (GEOINT)[]

The DHS mission depends upon accurate and timely GEOINT focused across the United States. Much of the GEOINT data needed for DHS activities comes from local and state sources. Under certain conditions, however, DHS requests and receives GEOINT support from the national intelligence community, principally the NGA and through its relationship with U.S. Northern Command (USNORTHCOM).

References[]

  1. See Comprehensive National Cybersecurity Initiative, National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (January 8, 2008) and the Federal Information Security Management Act of 2002 (FISMA).
  2. See DHS Policy Against Racial and Ethnic Profiling (June 2004) (adopting the U.S. Department of Justice Guidance Regarding the Use of Race by Federal Law Enforcement Agencies (June 2003)).
  3. Id.

See also[]

  • DHS Privacy Act Regulations, January 27, 2003.
  • System of Records Notices Official Guidance, April 2008.
  • Privacy Act Statements ((e)(3) Statements) Guidance, April 2008.
  • Civil Rights and Civil Liberties Protection Guidance, August 2008.
Advertisement