The Census Bureau and other U.S. statistical agencies increasingly rely on internet-based self-response instruments to collect data from individuals and establishments. Because internet-connected computers have long been under attack by both cyber criminals and foreign governments, these connections are now subject to monitoring by the U.S. Department of Homeland Security (DHS).
Respondent data submitted to the Census Bureau website is protected using the Transport Layer Security (TLS) cryptographic protocol and cannot be deciphered by DHS as the DHS monitoring systemis currently deployed.
Because the DHS system might change in the future in response to new threats, the Census Bureau has developed and demonstrated an approach that uses a second layer of encryption to protect respondent data. This system would prevent DHS employees from accessing respondent data even if DHS were to be provided with the Census Bureau’s TLS encryption keys.