FAQ: The passport breach: What exactly is in those records?

What else is in the system? In addition to passport applications and the related material, the system stores investigative reports that might have been compiled in connection with granting or denying a passport, or in connection with any violation of passport criminal statutes. It also stores court documents and administrative determinations related to passports and citizenship, as well as copies of birth and baptismal certificates, medical, personal and financial reports and details on arrest warrants of the person applying for, extending or renewing a passport and a person's Social Security number.

How is the information collected? Information comes from the passport applicant as well as law enforcement agencies, investigative and intelligence sources, and officials of foreign governments. The records are stored in paper or electronic format.

How is all this information used? Apart from helping to determine citizenship and eligibility for a passport, the information can be used for employment applications and estate settlements, and to determine Social Security benefits. It can also be used for federal and state law enforcement investigations. Records are retrieved using an individual's name or passport number.

Who uses the system? The information in the passport records system is used not only by the State Department, but also by the Internal Revenue Service; foreign governments (for immigration purposes); federal, state and local authorities; attorneys representing a client in a passport case; and in some cases, members of Congress. In addition, an individual's immediate family members can also ask for the information under the Privacy Act and the Freedom of Information Act.

How is the information protected? All records containing personal information at the State Department are kept in secured file cabinets or in restricted areas to which only authorized personnel have access. All employees and contractors accessing the system must undergo a background check and have valid identification cards. Databases containing personal data are password-protected and are the direct responsibility of the system manager or those reporting to him or her. Transaction logging capabilities allow a system manager to maintain an audit trail of all data access — thereby permitting ad hoc monitoring of computer usage. It was apparently just such a system that triggered an alert when Obama's records were viewed.