#This file is intended to show, in triples format, what KKW offered as the base logic is for determining if a data transfer was permissible under the Privacy Act
#The scenario only uses a subset of the rules (both internal to the Privacy Act and external to it) that actually would apply
# The Privacy Act applies to US government agencies and appears at 5 USC Section 552a
# A SORN is a "System of Records Notice" - a published statement about data activities of a federal agency
# A SOR is a "System of Records" - the physical repository of data
# Indents indicate the information needed and the answer to the preceding question
# Assumes the questions are fixed in code
# The lines finding the answers usually have subject and predicate pre-coded and are pulling object from transaction log or legal files
Data_transfers are permissible?
Data Covered_By Privacy_Act?
Data_Name has SORN?
Data_Name is Secure_Flight
SORN_citation is http://a257.g.akamaitech.net/7/257/2422/01jan20051800/edocket.access.gpo.gov/2005/05-12405.htm
Data_Name has SORN
Data Assumed_Covered_By Privacy_Act
#If there is not a SORN, I have provided the logic for determining if there should be one at the bottom of this file
Data has Valid_SORN?
SORN published_in Federal_Register?
SORN_citation is http://edocket.access.gpo.gov/2005/05-12405.htm
#ALTERNATE: SORN citation 70_FR_36319
SORN published_in Federal_Register
SORN lists Legal_Authority?
Legal_Authority is 49_USC_114
Legal_Authority is 49_USC_44901
Legal_Authority is 49_USC_44903
SORN lists Legal_Authority
SORN lists SORN_Source?
SORN_Source_1 is Airline
#For this case, Airline is limited to airlines that flew domestically in June 2004
SORN_Source_2 is TSDB
SORN_Source_3 is Commercial_Data_Vendor
SORN lists SORN_Source
SORN lists SORN_Category?
SORN_Category_1 is PNR
SORN_Category_2 is Possible_Terrorist
SORN_Category_3 is Commercial_Data
SORN lists SORN_Category
SORN lists SORN_Purpose?
SORN_Purpose_1 is "enhance the security of domestic air travel by
identifying passengers who warrant further scrutiny prior to boarding
an aircraft"
SORN lists SORN_Purpose
Routine_Use lists RU_Recipient?
RU_Recipient_1 is FBI
RU_Recipient_2 is Federal_Contractor
RU_Recipient_3 is Federal_Agency
RU_Recipient_4 is National_Archives
RU_Recipient_5a is Auditor
RU_Recipient_5b is Oversight_Authority
Routine_Use lists RU_Recipient
Routine_Use lists RU_Category?
RU_Category_1 is known_or_suspected_terrorist
RU_Category_2 is required_for_contracted_work
RU_Category_3a is related_to_claim
RU_Category_3b is related_to_complaint
RU_Category_3c is related_to_lawsuit
RU_Category_4 is
RU_Category_r5 is
Routine_Use lists RU_Category
Routine_Use lists Purpose?
RU_Purpose_1a is Counterterrorism_Law_Enforcement
RU_Purpose_1b is Counterterrorism_Intelligence
RU_Purpose_2 is government_efficiency
RU_Purpose_3 is legal_defense_of_government
RU_Purpose_4 is records_management
RU_Purpose_5a is audit
RU_Purpose_5b is oversight
Routine_Use lists Purpose
Data has Valid_SORN
Data_Received_1 is permitted?
Source is Authorized?
Transaction_Source is American_Airlines
American_Airlines is Airline
SORN_Source_1 is Airline
Source is Authorized
Category is Authorized?
Transaction_Category PNR
SORN_Category_1 is PNR
Category is Authorized
Purpose is Authorized?
Transaction_Purpose is Secure_Planes
SORN_Purpose_1 is "enhance the security of domestic air travel by
identifying passengers who warrant further scrutiny prior to boarding
an aircraft"
Secure is_like Security
Plane is_like aircraft
#Could we have something that performs the preceding thesaurus-like function?
Purpose is Authorized
Data_Received_1 is permitted
Data_Received_2 is permitted?
Source is Authorized?
Transaction_Source is TSDB
SORN_Source_2 is TSDB
Source is Authorized
Category is Authorized?
Transaction_Category is Possible_Terrorist
SORN_Category_2 is Possible_Terrorist
Category is Authorized
Purpose is Authorized?
Transaction_Purpose is Secure_Planes
SORN_Purpose_s1 is "enhance the security of domestic air travel by
identifying passengers who warrant further scrutiny prior to boarding
an aircraft"
#Secure is_like Security
#Plane is_like aircraft
Purpose is Authorized
Data_Received_2 is permitted
Data_Received_3 is permitted?
Source is Authorized?
Transaction_Source is Lexis
Lexis is Commercial_Data_Vendor
SORN_Source_3 is Commercial_Data_Vendor
Source is Authorized
Category is Authorized?
Transaction_Category is Commercial_Data
SORN_Category_3 is Commercial_Data
Category is Authorized
Purpose is Authorized?
Transaction_Purpose is Secure_Planes
SORN_Purpose_1 is "enhance the security of domestic air travel by
identifying passengers who warrant further scrutiny prior to boarding
an aircraft"
Secure is_like Security
Plane is_like aircraft
Purpose is Authorized
Data_Received_3 is permitted
Data_Transfer_1 is permitted?
Recipient is Authorized?
Transaction_Recipient is FBI
RU_Recipient_1 is FBI
Recipient is Authorized
Category is Authorized?
Transaction_Category is Possible_Terrorist
RU_Category_1 is known_or_suspected_terrorist
Terrorist is Terrorist
Possible is_like Suspected
Category is Authorized
Purpose is Authorized?
Transaction_Purpose is Counterterrorism_Law_Enforcement
Transaction_Purpose is Counterterrorism_Intelligence
RU_Purpose_1a is Counterterrorism_Law_Enforcement
RU_Purpose_1b is Counterterrorism_Intelligence
Purpose is Authorized
Consistent with Purpose for which it was Collected?
SORN_Purpose_1 is "enhance the security of domestic air travel by
identifying passengers who warrant further scrutiny prior to boarding
an aircraft"
RU_Purpose_1a is Counterterrorism_Law_Enforcement
RU_Purpose_1b is Counterterrorism_Intelligence
#Don't think we can do this through programming
#PRINT: It is unknown if Purpose_r1a; Purpose_r1b is consistent with Purpose_s1.
#PRINT: If "Counterterrorism_Law_Enforcement; Counterterrorism_Intelligence" is consistent with
#PRINT: "enhance the security of domestic air travel by identifying passengers who warrant further scrutiny prior to boarding an aircraft"
#PRINT: then Data_Transfer_1 is authorized.
Data_Transfer_1 permission_status unknown.
Data_Transfer_2 is permitted?
Recipient is Authorized?
Transaction_Recipient is FBI
RU_Recipient_1 is FBI
Recipient is Authorized
Category is Authorized?
Transaction_Category is Possible_Terrorist
RU_Category_1 is known_or_suspected_terrorist
Terrorist is Terrorist
Possible is_like Suspected
Category is Authorized
Purpose is Authorized?
Transaction_Purpose is Financial_Crime_Law_Enforcement
RU_Purpose_1a is Counterterrorism_Law_Enforcement
Law_Enforcement is Law_Enforcement
#Don't think we can handle this through programming
#PRINT: It is unknown if Transaction_Purpose is consistent with RU_Purpose_1a
#PRINT: If "Financial_Crime_Law_Enforcement is consistent with
#PRINT: "Counterterrorism_Law_Enforcement"
#PRINT: then Purpose is Authorized.
Purpose permission_status unknown
Consistent with Purpose for which it was Collected?
Transaction_Purpose is Financial_Crime_Law_Enforcement
SORN_Purpose_1 is "enhance the security of domestic air travel by
identifying passengers who warrant further scrutiny prior to boarding
an aircraft"
#Another one that code can't handle
#PRINT: It is unknown if Transaction_Purpose is consistent with SORN_Purpose_1.
#PRINT: If "Financial_Crime_Law_Enforcement; Counterterrorism_Intelligence" is consistent with
#PRINT: "enhance the security of domestic air travel by identifying passengers who warrant further scrutiny prior to boarding an aircraft"
#PRINT: then Data_Transfer_2 is authorized.
Data_Transfer_2 permission_status unknown
#BELOW IS Q&A FOR DETERMINING IF DATA IS SOR (I.E., IF THERE IS NO SORN)
Data_Name has SORN?
Data_Name is Secure_Flight
SORN ciration Not_Found
Is Data SOR?
Data held_by Agency?
Data held_by TSA
TSA is DHS
DHS is Executive_Branch
Executive_Branch is Agency
Data held_by Agency
Data about identifiable_individual?
Data includes Person_Name
Person_name related_to DOB
Person_name related_to Address
Data about identifiable_individual
Data includes US_person?
Person_name related_to Address
Address includes US_state (or US_zipcode)
Person not_known_as Temporary_Visa_Holder
Person assumed_to_be US_Person
Data is SOR
SORN is Required
#PRINT: "POSSIBLE ERROR: SORN IS REQUIRED BUT NOT FOUND