The United States Visitor and Immigrant Status Indicator Technology program (US-VISIT) involves collecting digital fingerprints and photographs from most foreigners who visit the US. This biometric information is used to verify the identity of travelers, and is also checked against databases of known criminals and suspected terrorists.
Even though Congress in 2002 authorized the spending of $1.7 billion on US-VISIT, a recent report by the US Government Accountability Office (GAO) found that the computer systems that support US-VISIT have several weaknesses that could lead to the unauthorized disclosure, modification, misuse, or destruction of sensitive information stored in US government databases. The GAO report stated in part:
These weaknesses collectively increase the risk that unauthorized individuals could read, copy, delete, add, and modify sensitive information, including personally identifiable information, and disrupt the operations of the US-VISIT program. They make it possible for intruders, as well as government and contractor employees, to bypass or disable computer access controls and undertake a wide variety of inappropriate or malicious acts.For example, US Customs and Border Patrol (CBP) did not have measures in place to prevent, limit, and detect access to its computer networks, systems and information. Since the CBP computer networks that support US-VISIT are linked to other government security systems, weaknesses at the CBP could create vulnerabilities at other US government security systems. Robert Mocny, Director of US-VISIT, acknowledged the concerns raised in the GAO report but downplayed fears of security breaches. Mr. Mocny stated that the security issues are being addressed and that some concerns in the report are merely hypothetical or overstated because few outsiders can access those computer systems. For more information, see: http://tinyurl.com/3dbzer; and http://www.gao.gov/docsearch/abstract.php?rptno=GAO-07-870 Summary by: Andrei Edwards
E-TIPS® ISSUE
07 08 15
Disclaimer: This Newsletter is intended to provide readers with general information on legal developments in the areas of e-commerce, information technology and intellectual property. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information contained in this newsletter without seeking legal advice.
E-TIPS is a registered trade-mark of Deeth Williams Wall LLP.
