DHS sets privacy policies for selected social media tools

The Homeland Security Department has trained its employees not to collect personal data from individuals with whom they interact via social media tools such as widgets, mobile applications, text messages and Real Simple Syndication feeds, according to a report from the department’s Office of the Chief Privacy Officer.

Given the nature of such tools, some personal data — such as user ZIP codes — may be collected and displayed by the systems during sign-on or may be published in a public profile of the user, states the March 8 report, titled “Privacy Impact Assessment for the Use of Unidirectional Social Media Applications Communications and Outreach.”

Related coversage:

To protect privacy, DHS officials are not collecting or storing such personal information, the report said.

The 19-page report gives an overview of DHS’s strategy for one-way social media communications, also including podcasts and video streams, in which it primarily pushes out messages to subscribers who request such services.

The messages include information on airport security processing, access and security at federal buildings, disaster preparedness, transportation security, pandemic illness preparedness and response, border access, border security and other public safety issues.

The report does not appear to cover policies for social networks such as Facebook and Twitter, which are not mentioned by name. An Appendix A that is supposed to include a list of all covered social media applications is blank.

The assessment also “does not cover users sending content to the department,” the report states.

If a component agency of DHS has an operational need to use unidirectional social media applications that is outside the scope of the requirements and analytical understanding outlined in the assessment, a separate assessment must be performed, the report added.

The report also outlines steps taken by DHS for greater transparency and security in its social media dealings, including:

• DHS said it will establish official social media accounts controlled only by authorized individuals in the public affairs department.
• Component agencies are directed to use the DHS official seal on all social media communications when technologically possible.
• DHS employees responsible for managing such applications should clearly identify themselves when interacting with the public.