DHS published a meeting notice in Monday’s Federal Register (78 FR 34665-34666, available on line today) for a public teleconference of the Homeland Security Information Network Advisory Committee (HSINAC) to be held on June 25th, 2013. The major topic of the meeting will be the implementation of Release 3 of the Homeland Security Information Network (HSIN).
Specific topics to be addressed will be:
• Review the HSINAC members' HSIN Release 3 (R3) registration experiences;
• Discuss the results of the HSIN Policy/HSIN Development informal analysis and capture feedback from the HSINAC members;
• Identity Proofing (IDP) Process;
• HSIN Legacy to HSIN Release 3 Migration Process; and
• HSIN Release 3 Value Proposition.
Since one of the main purposes of the HSIN is the dissemination of sensitive but unclassified (SBU) information the system must have a means of verifying personal identity. According to this notice, HSIN R3 will use “knowledge-based questions pertaining to their [individual’s] personal financial history, credit history, etc. in order to successfully verify their identity before gaining access into HSIN Release 3”.
Now, for reasons pertaining my gadfly status (you have to agree not to release SBU information) I have not and will not seek access to the restricted information portions of HSIN, so this does not apply to me. Still, I would be very leery of sharing this information with DHS and would be concerned if DHS was collecting this information from other sources to ‘verify my identity’. I’m certainly not a privacy activist, but you do have to draw the line somewhere.
There are other ways of verifying identity for the level of security necessary to protect SBU. The CFATS program, for example, has a fairly effective method of providing access to their Chemical Security Assessment Tool (CSAT), a communications network for the sharing of Chemical-Terrorism Vulnerability Information (CVI), a specific subset of SBU. Surely the folks at the DHS Office of Operations Coordination and Planning can come up with a better method than collecting financial information on participants.
Public participation in this teleconference is being solicited by DHS. The public can monitor the teleconference via phone ( 1-800-320-4330 Conference Pin: 673978) or at a meeting room in Washington. Public comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket # DHS-2013-003). There is a 15-minute period near the end of the meeting set aside for oral public comments’ registration is required (Michael.email@example.com).