Congress takes aim at US-VISIT

The Homeland Security Department continues to take it on the chin when it comes to the U.S. Visitor and Immigrant Status Indicator Technology program.The Senate expressed disappointment in the agency’s continued delay in creating the exit part of the system and cut $100 million from the president’s fiscal 2008 request. Meanwhile, the Government Accountability Office found that security weaknesses in the program put sensitive personal information at risk.“It appears as though the senior leadership at the department, especially the deputy secretary, is closing its eyes to the need — and legal requirements in the Intelligence Reform and Terrorism Prevention Act of 2004 and other laws — for an exit capability at all ports of entry and wishing it would just go away,” Senate lawmakers said in their report after passing the bill July 26. “Absent a functioning exit system, there will never be true control of our borders,” they said.The Senate recommended $362 million for US-VISIT in 2008, the same as in 2007.DHS would receive its full request of $228 million for the continued work to make the Automated Biometric Identification System, known as IDENT, and the Integrated Automated Fingerprint Identification System biometric databases interoperable and begin capturing 10 fingerprints of all visitors, the Senate bill states. The House version, passed June 15, recommends the full $462 million for US-VISIT but expresses similar concerns about the exit system.“If the program were to be assessed exclusively in terms of its contribution to capturing or identifying criminals and other high-threat individuals who seek to enter the U.S., the data would not be compelling: For 80 million travelers processed since the program’s inception, only 1,800 criminals and immigration violators have been intercepted,” the House report states.Meanwhile, congressional auditors said US-VISIT’s security problems include poor identification and authentication practices, insufficient limits on access to program information, bad network and physical security, inconsistent encryption, and inadequate logging and user accountability.“These weaknesses collectively increase the risk that unauthorized individuals could read, copy, delete, add and modify sensitive [and personally identifiable] information and disrupt the operations of the US-VISIT program,” GAO said in the Aug. 3 report.Steven Pecinovsky, director of the Homeland Security Department’s GAO/Office of Inspector General Liaison Office, said the Customs and Border Protection agency has taken steps to address some of the issues.