IMPORT SAFETY COMMERCIAL TARGETING AND ANALYSIS CENTER
MEMORANDUM OF UNDERSTANDING AMONG
THE IMPORT SAFETY COMMERCIAL TARGETING AND ANALYSIS CENTER, PARTNER GOVERNMENT AGENCIES
On July 17, 2007, Executive Order 13439 established an lnteragency Working Group on Import Safety to conduct a comprehensive review of current import safety practices and determine where improvements could be made. On September 10, 2007, the lnteragency Working Group on Import Safety issued a Strategic Framework outlining a risk-based approach to import safety that focuses on prevention with verification. The Strategic Framework approach was intended to ensure that identified risks were addressed and any risk mitigation was verified at the most appropriate point of production and distribution. In November 2007, the lnteragency Working Group on Import Safety issued an Import Safety Action Plan that consisted of several recommendations to improve import safety practices including recognizing the need to share certain import and export information (for purposes of this MOU the terms information and data will be employed interchangeably) between government agencies. The need for government agencies to share information and coordinate more effectively was also recommended by the Food Safety Working Group established by President Obama.
Federal agencies with authority governing the safety of products imported into the United States acknowledged the need to share information about the safety of those products. To advance that goal, the U.S. Department of Homeland Security (DHS), through U.S. Customs and Border Protection (CBP), and in coordination with the U.S. Immigration and Customs Enforcement (ICE), U.S. Consumer Product Safety Commission (CPSC), the Food Safety Inspection Service (FSIS), and the Animal Plant Health Inspection Service (APHIS), established the Import Safety Commercial Targeting and Analysis Center (CTAC) in Washington, DC. Pursuant to authority delegated to them, the Commissioner of CBP and Director of ICE are entering into this Memorandum of Understanding on behalf of DHS. Following upon its success, the CTAC broadened its participation to include the following agencies with import safety or border management responsibilities: the Pipeline and Hazardous Materials Safety Administration (PHMSA), the National Highway Traffic Safety Administration (NHTSA), Environmental Protection Agency (EPA), U.S. Food and Drug Administration (FDA), U.S. Fish and Wildlife Service (FWS) and the National Marine Fisheries Service (NMFS). All the members of the CTAC collectively are referred to herein as the "Parties" or "CTAC Partner Government Agencies" (PGAs).
This Memorandum of Understanding (MOU) establishes the parameters for the assignment of representative employee(s) (Representative(s)) from the PGAs to the CTAC. Furthermore, this MOU outlines the mission of the CTAC, recognizes the responsibilities of all PGAs, and memorializes the relationships among PGAs in order to maximize cooperation and to create a cohesive unit capable of addressing complex import safety issues and other border management authorities and responsibilities. For purposes of this MOU, the term "import safety" includes matters relating to the public health and safety of imported products, as well as matters ensuring compliance with those authorities that establish responsibilities for border management. This MOU supersedes all existing MOUs that address CTAC operations.
The mission of the CTAC is to provide a vehicle to facilitate the sharing of information and to leverage the collective resources of the PGAs for the prevention, preemption, deterrence, and investigation of violations of importation statutes and regulations that affect United States interest in import safety, and to facilitate other border management authorities and responsibilities of the PGAs. The sources of the information that may be shared at the CTAC include, but are not limited to, certain data located in systems controlled by PGAs. A listing of those systems with each controlling PGA is contained in Appendix A. Appendix A will be amended, as necessary, to recognize the inclusion of new systems or sources of information as they become available or, alternatively, to recognize the removal of existing systems or sources of information as they are deemed no longer necessary or available.
All CTAC activities, including the collection, retention, and dissemination of any information including personal information will be conducted in a manner consistent with U.S. law, this MOU, and applicable requirements and policies of the respective PGAs.
This MOU permits the implementation of provisions supporting the International Trade Data System, which is established by section 405 of the Security and Accountability For Every Port Act of 2006, ("Safe Port Act"), Public Law 109-347. Furthermore, this MOU implements the recommendations of the lnteragency Working Group on Import Safety, established under Executive Order 13439: lnteragency Working Group on Import Safety (July 18, 2007).
The CTAC shall consist of representative employees from CBP, ICE, CPSC, FSIS, APHIS, PHMSA, NHTSA, EPA, FDA, FWS and NMFS. As appropriate, other federal agencies may be added to the CTAC. Changes in membership will be done in accordance with section 17 of this MOU. PGA Representatives to the CTAC must have a cleared full field background investigation or a U.S. Office of Personnel Management (OPM) Type 25 (Public Trust) background investigation prior to participating in CTAC operations. CTAC Representatives must complete any non-disclosure forms required by participating PGAs and maintain such forms with Representatives' home agencies.
CTAC Representatives will provide these forms and documents related to background investigations upon written request by any PGA.
Each PGA agrees:
6.1 to provide each PGA Representative with access to data that fulfills the stated purpose of this MOU, to the extent consistent with applicable law and policy.
6.2 to assist and cooperate with other PGAs in effecting the purposes of this MOU.
6.3 to engage in timely exchanges of information, with and among PGAs as appropriate and necessary for the purposes of this MOU.
6.4 to recognize that information collected under their respective authorities and provided to the CTAC may include information restricted from disclosure by law, such as highly sensitive commercial, financial, and proprietary information, which may be exempt from disclosure pursuant to the Freedom of Information Act (FOIA) (5 U.S.C. § 552(b)(4)) and restricted from disclosure by the Trade Secrets Act (18 U.S.C. § 1905), or other authorities.
6.5 to be responsible for properly marking or identifying their respective data in such a manner as to effectively note the applicable PGA's ownership.
6.6 to coordinate with PGA(s) which provided the subject information (the "providing PGA") regarding requests made under the Freedom of Information Act (5 U.S.C.§ 552) and the Privacy Act of 1974, (5 U.S.C. § 552(a)) related to data collected from the providing PGA(s) via CTAC operations and, when appropriate, to refer the request to the providing PGA for processing.
6.7 to not disclose information received from a providing PGA to any third parties, public or private. All third party requests for data that are not owned by the PGA shall be forwarded to the appropriate PGA that owns the data for written authorization to release, as authorized under law. For purposes of this MOU, information shared with another PGA pursuant to this MOU, including any amendment thereof, is not considered a disclosure to a third party. Furthermore, each PGA and each of its components are not considered "third parties" for purposes of this MOU and, therefore, transfers of information within the PGAs including to any of their components, on a need to know basis, are not considered third party disclosures under the terms of this MOU.
6.8 to cooperate with the Department of Justice in defense of a judicial action, as appropriate, in the event that another PGA is sued as a result of an alleged unauthorized release by the PGA, or an employee or contractor of the PGA, of information shared pursuant to this MOU.
6.9 to consult with affected PGAs, as necessary and appropriate, with regard to the handling of media releases related to CTAC operations; such releases will be mutually agreed upon by each of the affected PGAs and jointly handled consistent with any PGA guidelines or directive regarding press releases.
6.10 to notify other PGAs of discrepancies identified in data provided to the CTAC, to the extent necessary and practicable.
6.11 to provide training to eligible PGA Representatives as necessary to accomplish the purpose of the CTAC. In particular, PGAs are to provide training (and to make PGA Representatives and their supervisors available for such training), both computer-based and in person, as deemed appropriate by the respective PGAs, with regard to the relevant systems to be accessed at CTAC, prior to providing access to such systems, as applicable.
6.12 to exercise due diligence that adequate security measures are in place and utilized to protect access to PGA data that is transferred to the CTAC, as necessary. The aforementioned security measures will meet the requirements of the transferring and receiving PGA.
7. MANAGEMENT, DIRECTION AND SUPERVISION
The management of the CTAC is the responsibility of CBP Headquarters. The PGAs will develop and implement joint procedures related to the operation and collaboration within the CTAC. Each PGA Representative to the CTAC will report to his or her home agency for personnel administrative matters. The home PGA of the PGA Representative shall be responsible for the pay, overtime, leave, performance appraisals, and other personnel matters relating to its employees assigned to the CTAC.
In order for CBP to manage the CTAC, each PGA must provide CBP with an annually updated list of its Representatives, and their respective supervisors, to the CTAC.
8. INFORMATION SHARING AND CONFIDENTIALITY
Each PGA is responsible for ensuring the integrity of records transferred to it from other PGAs, or accessed by it through the CTAC, pursuant to this MOU. Furthermore, each PGA is responsible for maintaining system safeguards to prevent any unauthorized disclosure of transferred or accessed data. Disclosure of any data will be consistent with all applicable laws and the terms of this MOU as well as any specific laws or requirements applicable to the disclosing PGA.
Each PGA agrees that in the performance of the CTAC functions, access to any other PGA's system(s) does not make said system(s) a "system of records" for that PGA for Privacy Act purposes. Each PGA agrees that the PGA which owns the system(s), is the system manager and is responsible for publishing any notifications concerning the system(s) that is required by law. Each PGA will publish Federal Register notifications as required by the Privacy Act, 5 U.S.C. §552a, concerning its system(s). Further, no PGA will place any record(s) accessed through another PGA's system into a separate systems of records", unless authorized pursuant to a separate written sharing agreement between the relevant PGAs.
8.1 Each PGA shall comply with the appropriate PGA administrative security provisions related to the use and dissemination of the information in another PGA's system(s) and to consider all information in said system(s) as "Sensitive But Unclassified, For Official Use Only" or 11Controlled Unclassified Information," unless otherwise specified by the other PGA.
8.2 Each PGA may monitor and audit the usage of its own system(s) to ensure the security of the network/data and to prevent its use for any purpose that constitutes a violation of applicable law or policy, or the terms of this MOU. Use of another PGA's system constitutes consent to such monitoring and auditing. Unauthorized attempts to gain access, to upload or change information in another PGA's system is strictly prohibited and may be subject to criminal prosecution, absent the express prior written authorization of the other PGA.
This MOU is not an obligation or commitment of funds, nor a basis for the transfer of funds. Each PGA shall bear its own costs in relation to this MOU. Obligations/expenditures by each PGA will be subject to federal budgetary processes and availability of funds pursuant to applicable laws, regulations, and policies. In the event that the transfer of funds is deemed necessary in the future, the affected PGAs may enter into specific lnteragency Agreements to meet such necessity outside of this MOU.
10. SEVERABILITY CLAUSE
Nothing in this MOU is intended to conflict with the statutes, regulations or policies of the PGAs. If a term of this MOU is inconsistent with such authority, then that term shall be invalid, but the remaining terms and conditions of this MOU shall remain in full force and effect. Unless particularly specified, this MOU is not intended to affect any existing MOUs or agreements between PGAs.
11. EMERGENCY SITUATIONS
During times of national emergency as indicated by changes in the Homeland Security Advisory System or otherwise separately defined by the PGAs, each PGA reserves the right to suspend, interrupt or modify as necessary access to their respective systems and CTAC operations provided for pursuant to this MOU. Notice of any such action will be communicated promptly to all PGAs, by the deciding PGA.
12. NO PRIVATE RIGHT OF ACTION CREATED
This MOU is an internal government understanding among the PGAs and does not explicitly or impliedly create, confer, grant or authorize any rights, privileges, benefits or obligations, substantive or procedural, enforceable at law or otherwise, by any PGA against the other, or by any third party against the PGAs, their parent agencies, the United States, or the officers, employees, agents or other associated personnel thereof.
The PGAs agree to review the terms of this MOU and its Appendices on a bi-annual basis or at such other interval as the PGAs mutually determine appropriate.
Pursuant to the Federal Tort Claims Act (FTCA), 28 U.S.C. § 2671 et seq., the head of each Federal agency or his designee may render a decision on any administrative claim for money damages against the United States for injury or loss of property or personal injury or death caused by the negligent or wrongful act or omission of any employee of the agency while acting within the scope of his office or employment. The PGAs do not intend, solely by virtue of this MOU, that the Representatives of one PGA to be considered employees or agents acting on behalf of any other PGA. Accordingly, the proper party to render a decision on administrative tort claims brought pursuant to the FTCA against a PGA Representative that arise from the Representative's participation in the CTAC is the Representative's employing agency. If an administrative tort claim is filed with a PGA that is not the Representative's employing agency, the claim will be referred to the Representative's employing agency for a decision.
15. DATE EFFECTIVE
This MOU shall become effective on March 15th, 2014, as evidenced by the signature of the authorized PGA representative, below.
This MOU may be amended only by written consent of all of the PGAs. The modifications shall have no force and effect unless such modifications are in writing and signed by an authorized representative of each PGA signatory.
17. ADDITION OF NEW PGAs TO THE CTAC
New PGAs may be added to the CTAC upon the written consent of all of the then existing PGAs and the new PGA's assent to the terms of this MOU which shall be confirmed in writing in an Appendix to this MOU. The Addendum shall be signed by CBP, as both representative of the existing PGAs to the CTAC MOU and in recognition of their expressed consent, and the new PGA.
Any PGA may terminate participation under this MOU and withdraw from the CTAC upon one· hundred twenty (120) days advance written notice to CBP, which will promptly disseminate such notice to all other PGAs. Termination of participation under this MOU by one PGA shall not result in the termination of the MOU with respect to the other PGAs. The terms of this MOU shall continue to apply with respect to any information provided by the withdrawing PGA to the CTAC, or accessed by the withdrawing PGA through CTAC operations.
MEMORANDUM OF UNDERSTANDING
THE IMPORT SAFETY COMMERCIAL TARGETING AND ANALYSIS CENTER
PARTICIPATING GOVERNMENT AGENCIES
This is an Addendum to the “Import Safety Commercial Targeting and Analysis Center Memorandum of Understanding Among the Import Safety Commercial Targeting and Analysis Center Partner Government Agencies” (MOU), effective October 21, 2010, as to the original signatories. The Alcohol and Tobacco Tax and Trade Bureau (TTB) is being added as a Party to the MOU pursuant to Sections 16 and 17 of the MOU, effective upon signature of Appendix C. By their signature to the Appendix C to the MOU and pursuant to Sections 16 and 17 of the MOU, the Parties to the MOU, including Alcohol and Tobacco Tax and Trade Bureau (TTB), consent to the changes described in this Addendum. TTB further consents to the terms of the MOU as amended by this Addendum. This Addendum shall become effective upon the date of signature by the authorized agency officials for CBP and TTB, respectively.
The last paragraph is revised to add Alcohol and Tobacco Tax and Trade Bureau (TTB) and reads as follows: “Following upon its success, the CTAC broadened its participation to include the following agencies with import safety or border management responsibilities: the Pipeline and Hazardous Materials Safety Administration (PHMSA), the National Highway Traffic Safety Administration (NHTSA), Environmental Protection Agency (EPA), U.S. Food and Drug Administration (FDA), U.S. Fish and Wildlife Services (FWS), National Marine Fisheries Service (NMFS) and the Alcohol and Tobacco Tax and Trade Bureau (TTB). All members of the CTAC collectively are referred to herein as the “Parties” or “CTAC Partner Government Agencies” (PGA).
The first sentence will be revised to add TTB and will read as follows: “CTAC shall consist of employees from CBP, ICE, CPSC, FSIS, APHIS, PHMSA, NHTSA, EPA, FDA, FWS, NMFS, and TTB.
7. MANAGEMENT, DIRCTION AND SUPERVISION
8. INFORMATION SHARING AND CONFIDENTIALITY
10. SEVERABILITY CLAUSE
11. EMERGENCY SITUATIONS
12. NO PRIVATE RIGHT OF ACTION CREATED
15. DATE EFFECTIVE
Automated Commercial System (ACS)
Automated Commercial Environment (ACE)
Automated Targeting System-N (ATS-N) 2 3
Integrated Field System (IFS) Import Examination Logbook
Risk Assessment Methodology (RAM) system
Assurance Net/In Commerce System (ICS)
Public Health Inspection System (PHIS)
Agriculture Quarantine Activity Systems (AQAS)
Agriculture Risk Management (ARM) System
SITC National Information, Communication, Activities System (SNICAS)
FDA (except where prohibited by law, such as by section 3010) or 520(c) of the Federal Food, Drug, and Cosmetic Act):
Mission Accomplishment and Regulatory Compliance Services (MARCS) Office of Regulatory Affairs Data Storage System (ORADSS)
Case Management System (CMS)
Law Enforcement Management Information System (LEMIS)
1 Access to TECS and access to any data maintained therein is conditioned upon the signing of a separate Memorandum of Understanding between DHS/CBP and each PGA.
2 Because of the unique nature of CBP's Automated Targeting System (ATS) a
separate appendix, Appendix B, is attached to address ATS access issues.
3 PGA ATS-N access is granted through ATS Government Client (GC).
Partner Government Agencies (PGA) -
Inbound Cargo Automated Targeting System (ATS) Access
Pursuant to the Import Safety Commercial Targeting Analysis Center (CTAC) Memorandum of Understanding between the Department of Homeland Security, U.S. Customs and Border Protection (DHS/CBP) and Participating Government Agencies (PGAs), (hereinafter "the MOU"), DHS/CBP intends to provide designated representatives from the respective PGAs (Representatives) with access to the functionality of, and the ability to view relevant data (including data derived through CTAC operations which may be incorporated into ATS with the authorization of the originating PGA), available through CBP's Automated Targeting System - N (ATS-N), Government Client (GC), for purposes of carrying out the activities contemplated by the MOU and this Appendix. DHS/CBP will review each PGA's ATS-N-GC access, at least annually, to determine if all PGA Representatives have a sufficient need for such access. DHS/CBP will notify PGA Representatives of any change in its ATS-N-GC access status.
Designated PGA CTAC Representatives will be provided access to relevant DHS/CBP manifest and supporting entry information, as well as information incorporated into targeting rule sets from DHS/CBP sources and PGA sources (including PGA), through ATS-N-GC (CTAC Data), for use by PGAs in the prevention and investigation of violations of U.S. importation laws that affect United States interests in the import safety environment, consistent with the terms of the MOU. Accordingly, PGA CTAC Representatives will be allowed access to such data as a means to implement the recommendations of the lnteragency Working Group on Import Safety, established under Executive Order 13439: (July 18, 2007). Any such access is subject to the terms of the MOU and this Appendix.
Each PGA will designate no more than two (2) employees as CTAC Representatives to be granted access to CTAC data through ATS-N-GC, consistent with the terms of the MOU and this Appendix, during their assignment to the CTAC, in Washington, DC. DHS/CBP Security Policy requires that all ATS users must have a completed, favorable full-field background investigation or U.S. Office of Personnel Management (OPM) Type 25 (Public Trust) background investigation. The designated PGA CTAC Representatives will not be granted access to ATS-N-GC without the required background investigation and approval of the PGA's request for system access (See CBP form 7300). Approval for ATS-N-GC access for the PGA CTAC Representatives will be conditioned upon satisfaction of all security criteria required for access to the relevant DHS/CBP systems. Access to ATS-N-GC by PGA CTAC Representatives imposes security requirements on PGAs to adhere to DHS/CBP procedures for security administration, incident reporting, and security training awareness. PGAs will take steps to ensure that their CTAC Representatives complete the appropriate annual security training as required by the Federal Information Security Management Act, through CSP-provided web-based training, annual agency security training, and other training required by DHS/CBP.
The PGAs acknowledge that information available through ATS-N-GC is provided to the PGAs, through their PGA CTAC Representatives, consistent with the terms of the MOU and this Appendix, and only for the prevention and investigation of Federal violations of importation laws that affect United States interests in the import safety environment, which fall within each PGA's mission to prevent import safety violations and to protect the American public. Furthermore, PGAs acknowledge that information made available to them through ATS-N-GC shall be employed only for uses consistent with the aforementioned purpose, shall be handled in a manner consistent with applicable DHS/CBP policies, and in accordance with the terms of this MOU and this Appendix. In particular, information provided to PGAs cannot be released to any third party, as defined under the MOU, without the express, written consent of DHS/CBP.
PGAs also acknowledges the following: by accepting access to DHS/CBP systems and the information available therein, PGAs agree to assist, cooperate, and intercede on DHS/CBP's behalf to address and deal with any unauthorized release by PGA of the provided information. In accordance with 44 U.S.C. 3510(b), if DHS/CBP provides a PGA with access to data pursuant to the MOU and this Appendix, all the provisions of law (including penalties) that relate to the unlawful disclosure of information, apply to the officers and employees of the PGA to the same extent and in the same manner as the provisions would apply to DHS/CBP. Contractors, their subcontractors, and agents requiring access to the information shared under this MOU will be required to sign an agreement by which they will commit to keep the information confidential. Furthermore, in the event that DHS/CBP and/or PGA are sued or held liable in a civil action arising from an unlawful release by either DHS/CBP or PGA of the information provided to PGA by DHS/CBP, each acknowledges its own responsibility for cooperating with the Department of Justice in defending such lawsuit, as appropriate.
The unauthorized disclosure of data accessed or provided pursuant to the terms of the MOU or this Appendix, and/or failure to abide by any term thereof, will result in immediate deactivation of the access provided.
Addition of Alcohol and Tobacco Tax and Trade Bureau (TTB) to the
Commercial Targeting and Analysis Center
Pursuant to Section 17 of the Commercial Targeting and Analysis Center (CTAC) Memorandum of Understanding (MOU) effective as to the original parties on October 21, 2010, the undersigned approve the addition of the Alcohol and Tobacco Tax and Trade Bureau (TTB) to the CTAC. The written consent of the undersigned authorizes CBP to sign an Addendum to the CTAC MOU with TTB on behalf of the CTAC Partner Government Agencies (PGA) to amend the CTAC MOU and allow the addition of TTB to the CTAC.