By Jim Kouri
The Government Accountability Office — the investigative service of the U.S. Congress — has in the past reported on actions that the Department of Homeland Security has taken in recent years to improve the security of the Visa Waiver Program; however, additional risks remain, according to a GAO report released this week.
In May 2011, GAO reported that DHS implemented the Electronic System for Travel Authorization (ESTA), required by the 9/11 Act, and took steps to minimize the burden associated with this new program requirement. DHS requires applicants for Visa Waiver Program travel to submit biographical information and answers to eligibility questions through ESTA prior to travel. In developing and implementing ESTA, DHS made efforts to minimize the burden imposed by the new requirement.
For example, although travelers formerly filled out a Visa Waiver Program application form for each journey to the United States, ESTA approval is generally valid for 2 years. However, GAO reported that DHS had not fully evaluated security risks related to the small percentage of Visa Waiver Program travelers without verified ESTA approval.
In 2010, airlines complied with the requirement to verify ESTA approval for almost 98 percent of Visa Waiver Program passengers prior to boarding, but the remaining 2 percent — about 364,000 travelers — traveled under the program without verified ESTA approval. In May 2011, GAO reported that DHS had not yet completed a review of these cases to know to what extent they pose a risk to the program and recommended that it establish time frames for regular review. DHS concurred and has since established procedures to review a sample of noncompliant passengers on a quarterly basis.
In order to meet 9/11 Act requirements, DHS requires that Visa Waiver Program countries enter into three information-sharing agreements with the United States; however, only 21 of the 36 countries had fully complied with this requirement as of November 2011, and many of the signed agreements have not been implemented.
DHS, with the support of interagency partners, has established a compliance schedule requiring the remaining member countries to finalize these agreements by June 2012. Moreover, DHS, in coordination with the Departments of State and Justice, has developed measures short of termination that could be applied on a case-by-case basis to countries not meeting their compliance date.
Federal agencies take actions against a small portion of the estimated overstay population, but strengthening planning could improve overstay enforcement. ICE’s Counterterrorism and Criminal Exploitation Unit (CTCEU) is the lead agency responsible for overstay enforcement. CTCEU arrests a small portion of the estimated 4 to 5.5 million overstays in the United States because of, among other things, competing priorities, but ICE expressed an intention to augment its overstay enforcement resources.
From fiscal years 2006 through 2010, ICE reported devoting about 3 percent of its total field office investigative hours to CTCEU overstay investigations. ICE was considering assigning some responsibility for noncriminal overstay enforcement to its Enforcement and Removal Operations (ERO) directorate, which apprehends and removes aliens subject to removal from the United States.
In April 2011, GAO reported that by developing a time frame for assessing needed resources and using the assessment findings, as appropriate, ICE could strengthen its planning efforts. DHS concurred and stated that ICE planned to identify resources needed to transition this responsibility to ERO as part of its fiscal year 2013 resource planning process.
GAO made recommendations in prior reports for DHS to, among other things, strengthen plans to address certain risks of the Visa Waiver Program and for overstay enforcement efforts. DHS generally concurred with these recommendations and has actions planned or underway to address them.