OVERVIEW

The Foreign Labor Certification System - Permanent Online System (FLCS-PERM) application allows DOL to process permanent labor certifications for the permanent visa program. The Online System allows two types of users to submit online applications—namely, employers and their agents or attorneys who submit applications on behalf of employers.

The Permanent Online System has been developed by the Department of Labor (DOL), Employment and Training Administration, Office of Workforce Security, and Division of Foreign Labor Certification to allow U.S. employers who intend to hire foreign workers to work permanently in the United States the ability to file and submit applications for Permanent Employment Certification - Form ETA 9089 with DOL via the Web.

Additionally, the Permanent Online System is a web based application that resides on DOL's Local Area Network/Wide Area Network (DOL LAN/WAN) General Support System (GSS). Most of the servers, network, and security devices are stored in a secured Equinix Data Center managed by DOL OASAM. The Permanent Online System is located behind a DOL firewall within the demilitarized zone (DMZ). There are four Web-based MS IIS application servers located in the DMZ that enforce heightened security protection of the database servers and the internal network.

FLCS is comprised of the following module(s) of the system must be available for users during normal business hours:

Permanent Online and Case Management Systems

The Office of Foreign Labor Certification owns FLCS-PERM, which has been granted an Authority to Operate (ATO) until June 2023.

A Privacy Impact Assessment (PIA) is being conducted because the system stores and processes Personally Identifiable information (PII) of non-citizens seeking permanent employment. The PII collected includes name, date of birth, address, and educational records.

The legal authorities to operate the program or system include:

  • Immigration and Nationality Act, as amended, 8 U.S.C. 1101(a) (15)(H)(i), and (ii), 1184(c), 1182(m) and (n), 1182(a)(5)(a), 1188, and 1288. Section 122 of Pub. L. 101 - 649. 8 CFR 214.2(h). 20 CFR 655 Subpart A. 20 CFR 655.9; and
  • Privacy Act of 1974

CHARACTERIZATION OF THE INFORMATION

The following questions are intended to define the scope of the information requested and/or collected as well as reasons for its collection as part of the program, system, or technology being developed.
Specify whether the System collects personally identifiable information (PII) on DOL employees, other federal employees, contractors, members of the public (U.S. citizens), foreign citizens, or minor children.

From whom is information to be collected?

Employers and their agents sponsoring foreign workers for permanent labor certifications.

Why is the Information being collected?

The information is collected to enable the processing of permanent worker applications.

What is the PII being collected, used, disseminated, or maintained?

PII collected includes name, date of birth, mailing address, phone number, and education records.

How is the PII collected?

Employers seeking to sponsor foreign workers for permanent visas use the system for online submission of permanent labor certification applications to DOL.

How will the information collected from individuals or derived from the system be checked for accuracy?

The information is not checked for accuracy because that is not required.

What specific legal authorities, arrangements, and/or agreements define or allow the collection of PII?

  • Immigration and Nationality Act, as amended, 8 U.S.C. 1101(a)(15)(H)(i), and (ii), 1184(c), 1182(m) and (n), 1182(a)(5)(a), 1188, and 1288. Section 122 of Pub. L. 101 - 649. 8 CFR 214.2(h). 20 CFR 655 Subpart A. 20 CFR 655.9; and
  • Privacy Act of 1974

Privacy Impact Analysis

A PIA is conducted because the system processes and stores sensitive PII of aliens. DOL has implemented various controls including SSL/TLS enabled websites to mitigate the risk of a data breach.

DESCRIBE THE USES OF THE PII

The following questions are intended to clearly delineate the use of information and the accuracy of the data being used.

Describe all the uses of the PII

The information is used to determine the eligibility of the applicants for a given visa category.

What types of tools are used to analyze data and what type of data may be produced?

Not applicable. Tools are not used to analyze the data.

Will the system derive new data, or create previously unavailable data, about an individual through aggregation of the collected information?

FLCS-PERM does not derive new data through aggregation of collected information.

If the system uses commercial or publicly available data, please explain why and how it is used.

FLCS-PERM does not use publicly available data.

Will the use of PII create or modify a "system of records notification" under the Privacy Act?

The System of Records Notice (SORN) below has been published for the system.

  • DOL/ETA – 7 Employer Application and Attestation file for Permanent and Temporary Alien Workers

Privacy Impact Analysis

DOL has implemented various security controls to protect the data to include:

  • Enabling SSL/TLS on websites for collection of data;
  • Encrypting sensitive data at rest;
  • Deploying F5 Application firewalls to protect the system;
  • Conducting Application vulnerability scans and remediating findings; and
  • Conducting Security Impact Assessments prior to deploying code to Production

RETENTION

The following questions are intended to outline how long information will be retained after the initial collection.

What is the retention period for the data in the system?

Records are maintained for 5 years.

Is a retention period established to minimize privacy risk?

No

Has the retention schedule been approved by the National Archives and Records Administration (NARA)?

The retention schedule is approved by the DOL records officer. The Office of Foreign Labor Certification (OFLC) periodically submits requests (for records destruction) to National Archives and Records Administration (NARA).

Per M-O7-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information; what efforts are being made to eliminate or reduce PII that is collected, stored or maintained by the system if it is no longer required?

FLC Case Files are retained for a period of 5 years after close, in accordance with Records Schedule Number DAA-0369-2013-0002. Paper files are retained on-site at national processing centers for six months from the date of final determination. OFLC will continuously scan or convert paper records into OFLC Archive and Scan database(s). Paper copies of employer applications that are scanned will be destroyed once converted to an electronic medium and verified, or when no longer needed for legal or audit purposes in accordance with the records schedule.

Have you implemented the DOL PII Data Extract Guide for the purpose of eliminating or reducing PII?

No; however, OFLC follows NARA procedures in disposing retired systems and reducing PII.

How is it determined that PII is no longer required?

When no longer needed.

If you are unable to eliminate PII from this system, what efforts are you undertaking to mask, de-identify or anonymize PII.

FLCS-PERM does not store sensitive PII including Social Security numbers.

Privacy Impact Analysis

DOL encrypts sensitive data in the databases and keeps an audit trail of attempts to access and decrypt the data.

INTERNAL SHARING AND DISCLOSURE

The following questions are intended to define the scope of sharing within the Department of Labor.

With which internal organization(s) is the PII shared, what information is shared, and for what purpose?

PII is shared with the Wage and Hour Division and OIG as required for investigations.

How is the PII transmitted or disclosed?

PII is disclosed through system access to authorized users.

Does the agency review when the sharing of personal information is no longer required to stop the transfer of sensitive information?

Yes. There is a continuous need for information during investigations. Accounts that are not utilized in 90 days are deactivated.

Privacy Impact Analysis Not applicable.

EXTERNAL SHARING AND DISCLOSURE

The following questions are intended to define the content, scope, and authority for information sharing external to DOL which includes federal, state and local government, and the private sector.

With which external organization(s) is the PII shared, what information is shared, and for what purpose?

Data is shared with DHS USCIS for the purpose of business existence verification. The Form ETA-9089 data fields are shared through OCIO's Data as a Service secured connection between DOL and DHS.

Is the sharing of PII outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the PII outside of DOL.

Yes. The DHS Systems of Records (SORN) used for purposes of this information exchange are:

  1. DHS/USCIS-007 - United States Citizenship and Immigration Services Benefits Information System, September 29, 2008, 73 FR 56596.
  2. DHS/USCIS-014 - Electronic Immigration System-I Temporary Accounts and Draft Benefit Requests System of Records, April 5, 2013, 78 FR 20680.
  3. DHS/USCIS-015 - Electronic Immigration System-2 Account and Case Management System of Records, April 5, 2013, 78 FR 20673.
  4. DHS/USCIS-016 - Electronic Immigration System-3 Automated Background Functions System of Records, November 15, 2011, 76 FR 70735.
  5. DHS/NPPD-001 -Arrival and Departure Information System, May 28, 2013, 78

FR 31955.

The DOL System of Records (SORN) used for purposes of this information exchange is the DOL/ETA-7 - Foreign Labor Certification System and Employer Application Case Files.

How is the information shared outside the Department and what security measures safeguard its transmission?

Data is shared through OCIO's Data as a Service secured connection between DOL OFLC Systems and DHS USCIS' Validation Instrument for Business Enterprises (VIBE) system.

  • All traffic is routed through a DHS Secure VPN Tunnel
  • Access to the DOL DaaS service is controlled with a "White List" of allowed IP addresses
  • An assigned API Key is required to run the DOL DaaS service
  • Connection Protocol is Transport Layer Security (TLS) v1.2

How is the information transmitted or disclosed?

The VIBE system makes requests for data to the DOL DaaS service once per day. The DOL DaaS service responds with a JSON formatted message containing updated case data. The amount of case data varies depending on the DOL workload.

Is a Memorandum of Understanding (MOU), contract, or any agreement in place with any external organizations with whom information is shared, and does the agreement reflect the scope of the information currently shared? If yes, include who the agreement is with and the duration of the agreement.

An MOU with the Department of Homeland Security was finalized on February 2021. OFLC provides information submitted by employers through the Program Electronic Review Management (PERM) system to DHS/USCIS.

The MOUs will enable FLCS-PERM to share information with Department of Justice and Department of State.

How is the shared information secured by the recipient?

MOUs dictate how data is to be handled, processed and stored.

What type of training is required for users from agencies outside DOL prior to receiving access to the information?

The MOU dictates the type of training provided for external users.

USCIS and DOL, including all personnel with access to the information, will be appropriately trained regarding the proper handling of PII and proper care of the information systems to ensure the overall safeguarding and security of the information. USCIS and DOL will cross-train to ensure that each agency's employees, including contractors with access to any of the information, have completed privacy training on the handling of PII, which includes information on applicable laws, regulations, and policies related to information privacy and security, as well as on immigration-specific confidentiality protections as required.

Privacy Impact Analysis Not applicable.

NOTICE

The following questions are directed at notice to the individual of the scope of PII collected, the right to consent to uses of said information, and the right to decline to provide information.

Was notice provided to the individual prior to collection of PII? If yes, please provide a copy of the notice as an appendix. A notice may include a posted privacy policy, a Privacy Act notice on forms, or a system of records notice published in the Federal Register Notice. If notice was not provided, please explain.

The System of Records Notice (SORN) below has been published for the system.

DOL/ETA – 7 Employer Application and Attestation file for Permanent and Temporary Alien Workers

Do individuals have the opportunity and/or right to decline to provide information?

Individuals can withdraw from the program.

Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right?

No

Privacy Impact Analysis

Individuals voluntarily provide their information and have the option of withdrawing from the program.

INDIVIDUAL ACCESS, REDRESS, AND CORRECTION

The following questions are directed at an individual's ability to ensure the accuracy of the information collected about them.

What are the procedures that allow individuals to gain access to their own information?

Each application for a labor certification is identified by a case number and access to data on that case is restricted via user id and password.

What are the procedures for correcting inaccurate or erroneous information?

Users can update their own information only.

How are individuals notified of the procedures for correcting their own information?

Through mail, email and alerts

If no formal redress is provided, what alternatives are available to the individual?

Not applicable

Privacy Impact Analysis

Applicants have the right to withdraw from the program.

TECHNICAL ACCESS AND SECURITY

The following questions are intended to describe technical safeguards and security measures.

Which user group(s) will have access to the system? (For example, program managers, IT specialists, and analysts will have general access to the system and registered users from the public will have limited access.)

Program managers, IT Specialists, Analysts, and registered Users with limited access to their data.

Will contractors to DOL have access to the system? If so, please include a copy of the contract describing their role to the OCIO Security with this PIA.

External contractors who maintain the system does have access to the system.

Does the system use "roles" to assign privileges to users of the system? If yes, describe the roles.

Yes; there are different privileges for external users, data entry clerks, case processing analysts, center directors/certifying officers, and system administrators for PERM. External users may submit cases and review case statuses. Data entry clerks enter applications that were received by mail at the national processing centers (NPCs). Case processing analysts review cases and recommend decisions. Center directors or certifying officers review the recommendations and issue certifications or denials.

System administrators assign user permissions based on access request forms, and perform account maintenance tasks such as password resets or changes of email address.

What procedures are in place to determine which users may access the system and are they documented?

Yes; ETA/OFLC has developed the FLCS-PERM Access Request form, which documents the level of access and/or privileges assigned each user.

How are the actual assignments of roles and Rules of Behavior, verified according to established security and auditing procedures? How often training is provided? Provide date of last training.

DOL provides Security Awareness training, at least annually. The last training was provided in August 2020.

Describe what privacy training is provided to users, either generally or specifically relevant to the program or system?

DOL Privacy Security Awareness training.

What auditing measures and technical safeguards are in place to prevent misuse of data?

DOL keeps an audit trail of all attempts to access data in the databases.

Is the data secured in accordance with FISMA requirements? If yes, when was Security Assessment and Authorization last completed?

Yes; the last Security Assessment was performed in June 2020 and the system was last authorized to operate until June 2023.

Privacy Impact Analysis

The privacy risks identified include inadvertent disclosure and misuse of confidential information. ETA mitigates these risks by implementing adequate access controls, deploying solid encryption, and assigning users with least privileges.

TECHNOLOGY

The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, biometrics, and other technology.

Was the system built from the ground up or purchased and installed?

The system was built from the ground up.

Describe how data integrity, privacy and security were analyzed as part of the decisions made for your system.

DOL conducts annual/ad hoc security assessments (including PIAs) of the system.

What design choices were made to enhance privacy?

DOL encrypts FLCS-PERM data in transit and at rest and provides users with limited privileges commensurate with their job functions/roles.

For systems in development, what stage of development is the system in, and what project development life cycle was used?

FLCS-PERM is operational; the system development conforms to the computer security lifecycle defined in DOL System Development Lifecycle Management Manual (SDLCMM). Based on the criteria in the SDLCMM, the system is in the 'Operations and Maintenance' phase.

For systems in development, does the project employ technology which may raise privacy concerns? If so please discuss their implementation?

FLCS-PERM does not employ technologies that may raise privacy concerns.

DETERMINATION

As a result of performing the PIA, what choices has the agency made regarding the information technology system and collection of information?

  • DOL has completed the PIA for FLCS-PERM and determined that existing safeguards and controls adequately protect the information system.
  • DOL has determined that it is collecting the minimum necessary information for the proper performance of a documented agency function.