Tag: Department Of Homeland Security

DHS May Make Form I-9 Flexibility a Fixture

The Department of Homeland Security (DHS) announced it is considering changes to the Form I-9 documentation examination procedures. As human resources teams know, the remote workplace that became common during the COVID-19 pandemic made an already complicated I-9 process a logistical nightmare. With the U.S. government’s declaration of a national emergency due to the COVID-19 pandemic, DHS and Immigration and Customs Enforcement (ICE) announced certain flexibilities in March 2020 that suspended the requirement of in-person review of I-9 documents when a company was operating remotely due to COVID-19. Those flexibilities have been extended numerous times and are currently set to expire Oct. 31, 2022.

While DHS says it is considering making these temporary flexibilities permanent, the Notice of Proposed Rule Making (NPRM) published last month does not seek to do so. Instead, the NPRM seeks to validate the authority of the DHS secretary to enact flexibilities, offer alternative options, and/or implement a pilot program to evaluate existing and additional alternative I-9 procedures for some or all employers. DHS recognizes that more and more employers are utilizing telework and remote work for their employees and that requiring in-person review of I-9 documents is no longer consistent with work patterns of many businesses.

Some of the more notable possible changes to the I-9 process described in the NPRM include requiring employers to note on the Form I-9 which of the alternative procedures they used; requiring employers to retain copies of I-9 documents; requiring online training on fraudulent document and/or anti-discrimination training for employers who wish to utilize the alternative procedures; and limiting eligibility to use the alternative procedures to employers that utilize E-Verify, the government’s online employment verification system.

Comments to the NPRM are due on or before Oct. 17, 2022.

Article By Rebecca B. Schechter of Greenberg Traurig, LLP

For more immigration legal news, click here to visit the National Law Review.

©2022 Greenberg Traurig, LLP. All rights reserved.

DHS Proposes Rule Updating I-9 Verification Requirements

On August 18, 2022, the Department of Homeland Security (DHS) published a proposed rule in the Federal Register that would grant it broader authority to permit alternative document inspection procedures for I-9 document verification in lieu of the physical inspection requirement.

In response to the COVID-19 pandemic, DHS implemented temporary accommodations for remote I-9 document inspection in order to encourage social distancing and remote work. These accommodations have been extended several times, and currently remain in effect until October 31, 2022. While the proposed rule does not directly make these accommodations permanent, it does codify into the regulations the agency’s authority to set forth either temporary or permanent alternative document inspection procedures.

The proposed rule provides significant flexibility to DHS in determining whether, when, and how to implement alternative examination procedures. According to the proposed rule, DHS may implement new examination options as part of a limited pilot program, upon the agency’s determination that such alternative procedures would not diminish the security of the I-9 verification process, or as a temporary measure in response to a public health emergency.

The proposed rule also includes details about how DHS may implement future document inspection changes, including:

  • limiting implementation only to employers enrolled in E-Verify

  • updating document retention requirements

  • changing the Form I-9 to allow employers to clearly note the use of alternative examination procedures

Now that the proposed rule has been published in the Federal Register, the public will have a 60-day comment period to provide feedback on the proposal as well as comments on how DHS may use this additional authority to make I-9 document inspection easier for employers. After the public comment period closes, DHS will have the opportunity to review and analyze all comments provided and, should the agency decide to move forward with the regulation, proceed with publishing the final rule.

Article By Derek J. Maka of Ogletree, Deakins, Nash, Smoak & Stewart, P.C.

For more immigration legal news, click here to visit the National Law Review.

© 2022, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.

USCIS to Implement Premium Processing for Certain Previously Filed Form I-140 Petitions

On May 24, 2022, U.S. Citizenship and Immigration Services (USCIS) announced that it would begin implementing premium processing for certain petitioners who have a pending Form I-140 under the EB-1 and EB-2 classifications.

As explained in our previous alert, USCIS had announced that it will expand its premium processing service to include additional immigration benefit case types, pursuant to a final rule issued by the Department of Homeland Security (DHS). The rule is intended to implement the Emergency Stopgap USCIS Stabilization Act passed by Congress and is part of USCIS’s efforts to reduce existing backlogs and provide needed relief to Employment Authorization Document (EAD) cardholders.

While the rule will become effective on May 31, 2022, it will be implemented in a phased approach over a three-year period. USCIS has now begun implementing these changes to premium processing, starting with certain Form I-140 classifications: EB-1C (classification as a multinational executive or manager) and EB-2 (classification as a member of professions with advanced degrees or exceptional ability seeking a national interest waiver (NIW)).

This expansion will occur in the following phases:

  • Beginning June 1, 2022, USCIS will accept premium processing requests for EB-1C multinational executive and manager petitions received on or before January 1, 2021.
  • Beginning July 1, 2022, USCIS will accept premium processing requests for EB-2 NIW petitions received on or before June 1, 2021, and EB-1C multinational executive and manager petitions received on or before March 1, 2021.

USCIS will only accept premium processing requests for currently pending cases based on their date of filing, as noted above. USCIS is not accepting new Form I-140 petitions in these categories with a premium processing request at this time. We anticipate that USCIS will expand premium processing requests for more recently filed EB-1 and EB-2 petitions in the future.

Article By Shannon N. Parker of Mintz

For more immigration legal news, click here to visit the National Law Review.

©1994-2022 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.

DHS Announces Temporary Protected Status for Ukraine and Redesignates TPS for South Sudan

Ukraine

The Department of Homeland Security (DHS) announced that Ukraine has been designated for “Temporary Protected Status” (TPS) for 18 months due to the invasion by Russia and ongoing conflict.

To qualify, Ukrainian nationals must have continuously resided in the United States as of March 1, 2022, and must apply to the U.S. Citizenship and Immigration Services within 180 days (until August 28, 2022). TPS applicants may also apply for Employment Authorization Documents (EADs) allowing them to work lawfully in the United States.

The TPS designation for Ukraine will remain in effect through September 1, 2023, at which time DHS will determine whether to redesignate or extend the current designation. Redesignation may extend TPS eligibility to Ukrainian nationals who arrived in the United States after March 1, 2022.

South Sudan

DHS also redesignated and extended TPS for South Sudan until November 3, 2023. South Sudanese TPS beneficiaries must re-register by May 3, 2022. EADs set to expire are automatically extended until November 3, 2022, but applications for new EADs must be filed as soon as possible. South Sudanese nationals and aliens having no nationality who last habitually resided in South Sudan may submit initial registration applications under the redesignation for TPS for South Sudan and apply for EADs.

Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.

Article By Ian P. Band of Hunton Andrews Kurth

For more articles on Ukraine, visit the NLR Immigration section.

CISA Releases “Cyber Essentials” to Assist Small Businesses Updated

On November 6, 2019, the Department of Homeland Security (“DHS”), Cybersecurity & Infrastructure Security Agency (“CISA”) released its Cyber Essentials guide. Consistent with the NIST Cybersecurity Framework, these Cyber Essentials provide “a starting point to cyber readiness,” and are specifically aimed at small businesses and local government agencies that may have fewer resources to dedicate to cybersecurity.

The guide suggests a holistic approach for managing cyber risks, and is broken down into six “Essential Elements of a Culture of Cyber Readiness,” specifically:

  • Yourself – driving awareness, strategy, and investment to build and sustain a culture of cybersecurity.
  • Your Staff – developing awareness and vigilance because your staff is often the first line of defense.
  • Your Systems – protecting your information and critical assets and applications.
  • Your Surroundings – limiting access to your digital environment.
  • Your Data – having a contingency plan to recover systems, networks, and data from trusted backups.
  • Your Actions Under Stress – planning and conducting drills for cyberattacks to bolster readiness to respond, limit damage, and restore operations in the event of an attack.

The final section of the guide provides a list of steps that small businesses can take immediately to increase organizational preparedness against cyber risks. These include backing up data (automatically and continuously), implementing multi-factor authentication (particularly for privileged, administrative, and remote access users), enabling automatic updates, and deploying patches quickly.

CISA’s Cyber Essentials guide is just the most recent example of a user-friendly resource aimed at assisting small businesses seeking lower-cost cybersecurity solutions. Recognizing that investing in cybersecurity may be difficult for some small businesses, Government agencies are making an effort to help small businesses understand the importance of cybersecurity.

For example, the U.S. Small Business Administration (“SBA”) has a page dedicated to providing information and resources for small business cybersecurity. It outlines common threats, risk assessment, and cybersecurity best practices. It also provides a list of upcoming training and events related to small business cybersecurity. Other entities, including the National Institute of Standards and Technology, the Federal Trade Commission, and the Federal Communications Commission also provide similar resources specifically tailored to small businesses.

The main takeaway here is that all organizations – regardless of size or resources – should take basic steps to improve their cybersecurity resilience.

Copyright © 2019, Sheppard Mullin Richter & Hampton LLP.

ARTICLE BY Jonathan E. Meyer, Townsend L. Bourne and Nikole Snyder a Law Clerk in Sheppard, Mullin, Richter & Hampton LLP’s Washington, D.C. office.

The Time to Comply is Now: The New “I-9 Sheriff” is in Town!

As we have previously informed our readers, the Department of Homeland Security (DHS) has issued yet another update to U.S. Citizenship & Immigration Services’ (USCIS) Employment Eligibility Verification Form (commonly referred to as Form I-9).

As of September 18, the revised Form I-9 is in effect, bringing a new paperwork duty for all U.S. employers. All employers who have not already done so must immediately disregard the old version of and begin using the new version of Form I-9. The new form is accessible on the (USCIS) website, and older versions of Form I-9 are no longer available to the public. The new version of Form I-9 is not required for existing employees, since it pertains only to new hires joining a company on or after September 18, 2017.

Following are some reminders for employers to keep in mind during the onboarding process:

  1. While the core requirements of Form I-9 remain unchanged, employers will find minor revisions concerning the instructions and the list of acceptable documents that confirm an intended employee’s identity and employment eligibility. Specifically, USCIS changed the name of the U.S. Department of Justice’s enforcement arm on employment eligibility compliance, namely from the Office of Special Counsel for Immigration-Related Unfair Employment Practices to its new name of Immigrant and Employee Rights Section. What is more, USCIS modified the form’s instructions by removing “the end of” from the phrase “the first day of employment.” As a result, employers should amend their Form I-9 procedures to ensure that all intended employees complete the form’s Section 1 at the outset of the first day of employment.
  2. USCIS has also revised the list of acceptable documents concerning employment eligibility. Notably, USCIS added the Consular Report of Birth Abroad Form (Form FS-240) as an acceptable List C [employment eligibility] document. Form FS-240 is generated by the U.S. Department of State (DOS) at U.S. embassies worldwide to record the birth of a U.S. citizen outside U.S. territorial limits. Now, employers completing Form I-9 on a computer will be able to select Form FS-240 from the drop-down menus available in List C pertaining to Section 2 and Section 3. E-Verify users will also be able to select Form FS-240 when creating a case for an employee who has presented this document for Form I-9. Lastly, USCIS combined all the certifications of report of birth issued by the DOS into selection C # 2 in List C and renumbered all List C documents, except the Social Security card.

USCIS has included all these changes in a revised Handbook for Employers: Guidance for Completing Form I-9 (M-274), which is more user friendly than older editions of this document. Unlike previous versions of M-274, users can no longer download the handbook as a PDF document. Instead, USCIS has now organized and posted the M-274 handbook’s content as a web-based resource. It is yet unclear how USCIS will be updating this document.  By consequence, employers should regularly review the most updated, on-line content of the M-274 handbook, as it will likely be a more dynamic document.

3.  Another valuable resource for employers handling Form I-9 issues is the I-9 Central webpage available on the USCIS website. This webpage provides additional information about Form I-9, including learning resources and frequently asked questions.

Although the changes to Form I-9 are minor, failure to use the new version of the form can result in significant fines. Employers should therefore revisit their compliance policies to ensure a seamless transition to the new Form I-9.

This post was written by Roy J. Barquet of Foley & Lardner LLP © 2017
For more Immigration Legal Analysis go to The National Law Review

Revised Travel Ban Coming?

The Trump Administration reportedly may replace the current travel ban with a country-specific set of restrictions.

In June, the Supreme Court allowed the government to begin enforcing the 90-day travel ban against individuals from Iran, Libya, Somalia, Sudan, Syria, and Yemen who had no bona fide relationship to the United States. The 90-day ban will expire on September 24. The 120-day ban on refugees also went into effect in June. The Supreme Court plans to hear the full travel ban case on October 10.

The Department of Homeland Security’s recently finalized classified report on screening foreign travelers may support anticipated changes to the travel ban. Substituting a new ban could change the dynamics, potentially making the case before the Supreme Court moot or leading to a remand of the case for further hearing at the lower court level.

The new restrictions are expected to be open-ended and based upon the DHS review and identification of countries with deficient security standards. More than six countries may have been identified. Additional countries could be added to the banned list, others could be removed, and still others might become subject to certain visa restrictions.

This post was written by Michael H. Neifach of Jackson Lewis P.C. © 2017
For more legal analysis go to The National Law Review

President Trump Signs the “Securing our Agriculture and Food Act”

President Trump recently signed the “Securing our Agriculture and Food Act” (H.R. 1238). The bill amends the Homeland Security Act of 2002 to direct the Assistant Secretary for Health Affairs for the Department of Homeland Security (DHS) to carry out a program to coordinate DHS efforts related to defending the food, agriculture and veterinary systems of the United States against terrorism and other high-consequence events that pose a high risk to homeland security.

According to Michigan Farm News, the law will:

  • Provide oversight and management of DHS’s responsibilities pursuant to Homeland Security Presidential Directive 9 – Defense of United States Agriculture and Food;
  • Provide oversight and integration of DHS activities related to veterinary public health, food defense and agricultural security;
  • Lead DHS policy initiatives related to food, animal and agricultural incidents and to overall domestic preparedness for, and collective response to, agricultural terrorism;
  • Coordinate with other DHS components on activities related to food and agriculture security and screening procedures for domestic and imported products; and
  • Coordinate with appropriate federal departments and agencies.
This post was written by Aaron M. Phelps of  Varnum LLP© 2017
For more legal analysis go to The National Law Review

The Department Of Homeland Security Proposes New Rules Affecting Federal Government Contractors

This week, the Department of Homeland Security (“DHS”) issued three proposed rules expanding data security and privacy requirements for contractors and subcontractors. The proposed rules build upon other recent efforts by various federal agencies to strengthen safeguarding requirements for sensitive government information.  Given the increasing emphasis on data security and privacy, contractors and subcontractors are well advised to familiarize themselves with these new requirements and undertake a careful review of their current data security and privacy procedures to ensure they comply.

  • Privacy Training

DHS contracts currently require contractor and subcontractor employees to complete privacy training before accessing a Government system of records; handling Personally Identifiable Information and/or Sensitive Personally Identifiable Information; or designing, developing, maintaining, or operating a Government system of records. DHS proposes including this training requirement in the Homeland Security Acquisition Regulation (“HSAR”) and to make the training more easily accessible by hosting it on a public website.  By including the rule in the HSAR, DHS would standardize the obligation across all DHS contracts.  The new rule would require the training to be completed within thirty days of the award of a contract and on an annual basis thereafter.

DHS invites comment on the proposed rule. In particular, DHS asks commenters to offer their views on the burden, if any associated with the requirement to complete DHS-developed privacy training.  DHS also asks whether the industry should be given the flexibility to develop its own privacy training.  Comments must be submitted on or before March 20, 2017.

  • Information Technology Security Awareness Training

DHS currently requires contractor and subcontractor employees to complete information technology security awareness training before accessing DHS information systems and information resources. DHS proposes to amend the HSAR to require IT security awareness training for all contractor and subcontractor employees who will access (1) DHS information systems and information resources or (2) contractor owned and/or operated information systems and information resources capable of collecting, processing, storing or transmitting controlled unclassified information (“CUI”) (defined below).  DHS will require employees to undergo training and to sign DHS’s Rules of Behavior (“RoB”) before they are granted access to those systems and resources.  DHS also proposes to make this training and the RoB more easily accessible by hosting them on a public website.  Thereafter, annual training will be required.  In addition, contractors will be required to submit training certification and signed copies of the RoB to the contracting officer and maintain copies in their own records.

Through this proposed rule, DHS intends to require contractors to identify employees who will require access, to ensure that those employees complete training before they are granted access and annually thereafter, to provide to the government and maintain evidence that training has been conducted. Comments on the proposed rule are due on or before March 20, 2017.

  • Safeguarding of Controlled Unclassified Information

DHS’s third proposed rule will implement new security and privacy measures, including handling and incident reporting requirements, in order to better safeguard CUI. According to DHS, “[r]ecent high-profile breaches of Federal information further demonstrate the need to ensure that information security protections are clearly, effectively, and consistently addressed in contracts.”  Accordingly, the proposed rule – which addresses specific safeguarding requirements outlined in an Office of Management and Budget document outlining policy on managing government data – is intended to “strengthen[] and expand[]” upon existing HSAR language.

DHS’s proposed rule broadly defines “CUI” as “any information the Government creates or possesses, or an entity creates or possesses for or on behalf of the Government (other than classified information) that a law, regulation, or Government-wide policy requires or permits an agency to handle using safeguarding or dissemination controls[,]” including any “such information which, if lost, misused, disclosed, or, without authorization is accessed, or modified, could adversely affect the national or homeland security interest, the conduct of Federal programs, or the privacy of individuals.” The new safeguarding requirements, which apply to both contractors and subcontractors, include mandatory contract clauses; collection, processing, storage, and transmittal guidelines (which incorporate by reference any existing DHS policies and procedures); incident reporting timelines; and inspection provisions. Comments on the proposed rule are due on or before March 20, 2017.

  • Other Recent Efforts To Safeguard Contract Information

DHS’s new rules follow a number of other recent efforts by the federal government to better control CUI and other sensitive government information.

Last fall, for example, the National Archives and Record Administration (“NARA”) issued a final rule standardizing marking and handling requirements for CUI. The final rule, which went into effect on November 14, 2016, clarifies and standardizes the treatment of CUI across the federal government.

NARA’s final rule defines “CUI” as an intermediate level of protected information between classified information and uncontrolled information.  As defined, it includes such broad categories of information as proprietary information, export-controlled information, and certain information relating to legal proceedings.  The final rule also makes an important distinction between two types of systems that process, store or transmit CUI:  (1) information systems “used or operated by an agency or by a contractor of an agency or other organization on behalf of an agency”; and (2) other systems that are not operated on behalf of an agency but that otherwise store, transmit, or process CUI.

Although the final rule directly applies only to federal agencies, it directs agencies to include CUI protection requirements in all federal agreements (including contracts, grants and licenses) that may involve such information.  As a result, its requirements indirectly extend to government contractors.  At the same time, however, it is likely that some government contractor systems will fall into the second category of systems and will not have to abide by the final rule’s restrictions.  A pending FAR case and anticipated forthcoming FAR regulation will further implement this directive for federal contractors.

Similarly, last year the Department of Defense (“DOD”), General Services Administration, and the National Aeronautics and Space Administration issued a new subpart and contract clause (52.204-21) to the FAR “for the basic safeguarding of contractor information systems that process, store, or transmit Federal contract information.”  The provision adds a number of new information security controls with which contractors must comply.

DOD’s final rule imposes a set of fifteen “basic” security controls for covered “contractor information systems” upon which “Federal contract information” transits or resides.  The new controls include: (1) limiting access to the information to authorized users; (2) limiting information system access to the types of transactions and functions that authorized users are permitted to execute; (3) verifying controls on connections to external information systems; (4) imposing controls on information that is posted or processed on publicly accessible information systems; (5) identifying information system users and processes acting on behalf of users or devices; (6) authenticating or verifying the identities of users, processes, and devices before allowing access to an information system; (7) sanitizing or destroying information system media containing Federal contract information before disposal, release, or reuse; (8) limiting physical access to information systems, equipment, and operating environments to authorized individuals; (9) escorting visitors and monitoring visitor activity, maintaining audit logs of physical access, and controlling and managing physical access devices; (10) monitoring, controlling, and protecting organizational communications at external boundaries and key internal boundaries of information systems; (11) implementing sub networks for publically accessible system components that are physically or logically separated from internal networks; (12) identifying, reporting, and correcting information and information system flaws in a timely manner; (13) providing protection from malicious code at appropriate locations within organizational information systems; (14) updating malicious code protection mechanisms when new releases are available; and (15) performing periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.

“Federal contract information” is broadly defined to include any information provided by or generated for the federal government under a government contract.  It does not, however, include either:  (1) information provided by the Government to the public, such as on a website; or (2) simple transactional information, such as that needed to process payments.  A “covered contractor information system” is defined as one that is:  (1) owned or operated by a contractor; and (2) “possesses, stores, or transmits” Federal contract information.

ARTICLE BY Connie N BertramAmy Blackwood & Emilie Adams of Proskauer Rose LLP

© 2017 Proskauer Rose LLP.