Building a slide deck, pitch, or presentation? Here are the big takeaways:
- Under the new rules, if adopted, individuals would be required to disclose social media usernames (though not passwords) when applying for a visa to enter the United States.
- The idea of collecting social media information of visa applicants started during the Obama administration following the 2015 San Bernardino attack.
The State Department has announced a plan to require visa applicants to list their social media usernames, as well as current and previous email addresses and phone numbers, according a report by the Associated Press.
The plan, which is scheduled to be formally published in the National Register on March 30, is a broader application than previous implementations of the same idea. A 60-day comment period in which interested parties can formally voice their opinion of the measures will start from the date of formal publication.
Under the new proposal, individuals would be required to disclose social media usernames (though not passwords) when applying for a visa to enter the United States, which would affect nearly 15 million people per year, according to the AP report. The proposal would require applicants to disclose five years worth of social media usernames on platforms identified in the application form (Facebook, Twitter, etc.) while providing a separate field for applicants to volunteer the usernames of platforms not specifically identified in the form.
Previous implementations of this rule applied only to people individually identified for additional background checks, which the AP report indicates is about 65,000 people annually.
SEE: Cybersecurity strategy research: Common tactics, issues with implementation, and effectiveness (Tech Pro Research)
The idea of collecting social media information of visa applicants started during the Obama administration following the 2015 San Bernardino attack. At the current pace of data collection, Immigrations and Customs Enforcement (ICE) is unable to process the information by themselves, and has sought an outside vendor to handle data processing. Given the massive increase of data that would accumulate if this change were to be approved, the need for a vendor to handle this information would be particularly urgent.
A report from The Intercept last August shows slides titled “Extreme Vetting Initative” from a briefing held the month prior during an “Industry Day” in which representatives from technology companies with an interest in building this analysis tool were invited to learn more about the project. The report quotes the slides as seeking a tool “that automates, centralizes, and streamlines the current manual vetting process while simultaneously making determinations via automation if the data retrieved is actionable.”
Sign-in sheets acquired by The Intercept show representatives from IBM, SAS, Red Hat, Booz Allen Hamilton, LexisNexis, PWC, and Deloitte, among about a dozen other firms in attendance. As of yet, it appears no company has been awarded a contract to handle the data processing.
Of note, the disclosure rules would not apply to people from countries that participate in the Visa Waiver Program, which permits travelers to be in the United States for 90 days for business or vacation without applying for a visa in advance. (A previous proposal of this rule in 2016 would have prompted travelers from countries participating in the Visa Waiver Program to volunteer this information when they entered the country, but was seemingly not implemented.)
The participating countries of the Visa Waiver Program include Andorra, Australia, Austria, Belgium, Brunei, Chile, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Japan, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Monaco, Netherlands, New Zealand, Norway, Portugal, San Marino, Singapore, Slovakia, Slovenia, South Korea, Spain, Sweden, Switzerland, Taiwan, and the United Kingdom.