On October 1, 2019, as authorized by Executive Order 13869, the missions, records, and personnel of three Freedom of Information Act (FOIA) and Privacy Act offices consolidated, and the Defense Counterintelligence and Security Agency (DCSA) FOIA and Privacy Office was created. This office is responsible for administering policies, programs, and procedures ensuring compliance with 5 U.S.C. § 552, the Freedom of Information Act, and 5 U.S.C. § 552(a), the Privacy Act.
The Office is comprised of three components, each with its own responsibilities:
The DCSA FOIA and Privacy Office for Investigations is responsible for responding to FOIA and Privacy Act requests for background investigation records. Please refer to Requesting Background Investigation Records for information on making the following types of requests:
- Requests for completed background investigations or previously completed SF/e-QIP forms;
- Requests for background investigations relating to civil or criminal law enforcement activities, Counterintelligence or Counterterrorism investigations, legal proceedings, employee relations matters, etc.; and
- Agency security / suitability representatives seeking a releasable copy of a subject’s background investigation for a due process or adjudicative hearing may refer to the DCSA Personnel Vetting webpage that speaks about Requesting Releasable Copies (External Dissemination).
The DCSA FOIA and Privacy Office for Adjudications is responsible for responding to Privacy Act requests for Department of Defense, Consolidated Adjudications Services (DoD CAS) adjudication records. Please refer to Requesting Adjudications Records for information on requesting security clearance eligibility and/or suitability determination records.
The DCSA FOIA and Privacy Office is primarily responsible for responding to the following types of requests:
- Requests for DCSA affiliated human resources and/or hiring action records;
- Requests for DCSA Inspector General records;
- Statements of work and contracts; and
- Coordinates records under the FOIA with the Diversity and Equal Opportunity office.
Refer to Amendment Requests for information on requesting the amendment, or correction, of a background investigation.
Refer to FOIA Requests for information on requesting DCSA records covered by the FOIA from each office component. Requests for agency records relating to the functions of the three components may be made directly to that office.
Requesters who wish to raise concerns about the service provided the Office may contact the DCSA FOIA Public Liaison by e-mailing: firstname.lastname@example.org. The Public Liaison can only address concerns about service provided, and not the status of an individual's FOIA or Privacy Act request.
The Privacy Act 1974-Title 5 of the United States Code, section 552a
The Privacy Act of 1974 (Act) regulates the collection, maintenance, use, and dissemination of personal information maintained in systems of records by Federal Executive Branch agencies. Generally speaking, the Act prohibits the disclosure of records contained in a system of records without the written consent of the individual on whom the records pertain, unless a condition of disclosure is met or the release is covered by a routine use of the SORN for the system.
The Office supports individual privacy rights in regards to the collection and re-dissemination of all information gathered during the investigative process. As mentioned above, DCSA maintains a record of all background investigations. Dissemination of DCSA background investigations are made in accordance with the Privacy Act of 1974 and Title 32, Code of Federal Regulations, Part 310.
DCSA integrates privacy into all activities by:
- Evaluating agency programs, systems, and initiatives for potential privacy impacts, and providing mitigation strategies to reduce the privacy impact;
- Conducting robust compliance and oversight programs to ensure adherence with federal privacy law and policy in all DCSA activities;
- Promoting privacy best practices and guidance to agency information sharing and intelligence activities;
- Operating an agency-wide Privacy Incident Response Program to ensure that incidents involving personally identifiable information are properly reported, investigated, and mitigated;
- Responding to complaints of privacy violations and providing redress, as appropriate; and,
- Training staff to sustain a culture of privacy across the organization.