The Federal Highway Administration (FHWA), an Operating Administration of the U.S. Department of Transportation (USDOT), is committed to protecting the privacy, civil rights, and civil liberties of individuals who interact with FHWA mobile applications.

This FHWA Mobile Applications Privacy Policy describes how FHWA mobile applications collect, use, maintain, and protect information. This policy has been developed to address privacy practices specific to FHWA mobile applications while adhering to the privacy governance framework established by the U.S. Department of Transportation.

This policy supplements and operates in accordance with USDOT privacy policies and applicable federal privacy laws.

________________________________________

1. Purpose

The purpose of this policy is to ensure that FHWA mobile applications are designed, developed, and operated in a manner that protects individual privacy and mitigates privacy risks while supporting FHWA programmatic missions.
FHWA mobile applications will implement privacy protections consistent with Departmental privacy policies and federal privacy statutes.

________________________________________

2. Scope

This policy applies to mobile applications developed, operated, or maintained by the Federal Highway Administration.

These applications may be distributed through authorized digital platforms including:

• Google Play
• Apple App Store
• Other government-approved distribution mechanisms

This policy specifically addresses privacy considerations related to the use of FHWA mobile applications and supplements Department-wide privacy policies that apply to all USDOT information systems and online services.

________________________________________

3. Legal Authorities and Privacy Framework

FHWA mobile applications are operated in accordance with applicable federal privacy laws and Departmental privacy policies, including:

• Privacy Act of 1974
• E-Government Act of 2002
• Federal Information Security Modernization Act (FISMA)
• Office of Management and Budget (OMB) privacy guidance

DOT privacy policies require the Department and its Operating Administrations to identify, assess, and mitigate privacy risks associated with information systems throughout the system lifecycle, including the creation, collection, maintenance, use, storage, transmission, and destruction of information.

FHWA implements these requirements through its mobile applications by applying Department-approved privacy governance practices and risk management processes.

________________________________________

4. Fair Information Practice Principles (FIPPs)

The FHWA mobile applications follow the Fair Information Practice Principles (FIPPs) framework used across USDOT to manage privacy risks:

• Transparency – Providing notice of information practices and privacy protections.
• Individual Participation – Providing mechanisms for individuals to raise privacy concerns.
• Purpose Specification – Limiting information collection to authorized purposes.
• Data Minimization – Collecting only information necessary to support FHWA missions.
• Use Limitation – Restricting use of information to authorized purposes.
• Data Quality and Integrity – Maintaining accurate and reliable information.
• Security – Protecting information through administrative, technical, and physical safeguards.
• Accountability and Auditing – Ensuring compliance with federal privacy policies.

These principles guide the design and operation of FHWA mobile applications.

________________________________________

5. FHWA Mobile Applications Covered

This policy applies to FHWA mobile applications including, but not limited to:

Additional FHWA mobile applications may be incorporated under this policy as they are developed and deployed.

________________________________________

6. Application-Specific Data Practices

FHWA provides the following application-level disclosures to ensure transparency regarding data collection, use, and handling.

Geosynthetics Installation Mobile Application
(gov.dot.fhwa.gpg)

• Login Information:
  This application does not require user login and does not collect authentication credentials.
• Location Data (GPS):
  This application does not collect or use device location data.
• Analytics:
  This application does not use third-party analytics services.
• User Submissions:
  Not applicable. This application does not collect or store user-submitted data.
• Application Audience:
  This application is intended for public use.

MSAR24 Mobile Application
(gov.fhwamsar.app)

• Login Information:
  This application requires user login and collects authentication credentials for authorized access.
• Location Data (GPS):
  This application collects location data solely to support authorized operational functions and only when enabled by the user.
• Analytics:
  This application uses analytics tools, including Salesforce Analytics, to collect anonymized usage data for performance monitoring and system improvement.
• User Submissions:
  The application allows users to submit information such as reports and observations.
  Submitted data is used to support FHWA program operations and is handled in accordance with federal records management and privacy requirements.
• Application Audience:
  This application is intended for authorized FHWA personnel only.

________________________________________

7. Information Collection

FHWA mobile applications are designed to minimize the collection of personally identifiable information (PII).
Data collection practices vary by application and are described in the Application-Specific Data Practices section above.

Information collected may include:

Automatically Collected Information

• Device type and operating system
• Application version
• Diagnostic and performance data
• Date and time of application access

User-Provided Information

• Feedback submissions
• Reports or field observations
• Other program-related data 

FHWA collects only information necessary to support authorized agency functions.

________________________________________

8. Use of Information

Information collected through FHWA mobile applications may be used to:

• Support FHWA program operations
• Improve application performance and reliability
• Respond to user inquiries
• Maintain system security

Information is used solely for official government purposes and not for commercial marketing.

________________________________________

9. Information Sharing

FHWA does not sell or lease user information.

Information may be shared:

• Within USDOT for compatible purposes
• With authorized government contractors
• When required by law

All sharing is conducted in accordance with federal privacy laws and USDOT policy.

________________________________________

10. Data Minimization and Retention

FHWA collects only the minimum information necessary to fulfill its mission.

Information is retained in accordance with:

• National Archives and Records Administration (NARA) schedules
• Federal records management requirements

________________________________________

11. Security Safeguards

FHWA implements administrative, technical, and physical safeguards to protect information.
Systems supporting FHWA mobile applications comply with:

• FISMA
• NIST standards
• USDOT cybersecurity policies

________________________________________

12. Privacy Incident Response

In In the event of a suspected or confirmed breach involving PII, FHWA follows USDOT breach response procedures.

These procedures include:

• Prompt reporting
• Investigation and mitigation
• Coordination with privacy and cybersecurity officials
• Notification when required

________________________________________

13. Privacy Risk Management

FHWA manages privacy risks throughout the system lifecycle.

Privacy compliance activities may include:

• Privacy Threshold Analyses (PTA)
• Privacy Impact Assessments (PIA)
• System of Records Notices (SORN)

These processes ensure privacy protections are incorporated into system design and operations.

________________________________________

14. External Links

FHWA mobile applications may include links to external websites.

FHWA is not responsible for the privacy practices of non-federal websites.

________________________________________

15. Children’s Privacy

FHWA mobile applications are not directed toward children under 13 and do not knowingly collect personal information from children.

________________________________________

16. Changes to This Policy

FHWA may update this policy to reflect changes in technology, law, or Departmental guidance.

Updates will be posted on the FHWA website.

________________________________________

17. Reference Policies and Departmental Guidance

This FHWA Mobile Applications Privacy Policy adheres to the privacy governance framework established by the U.S. Department of Transportation.

For additional information regarding Department-wide privacy policies, please refer to:

• DOT Privacy Policy
• DOT Order 1351.18 – Departmental Privacy Risk Management Policy
• DOT Website Privacy Policy
• DOT Order 1351.19 – PII Breach Notification Controls
• DOT Privacy Policy for the Information Sharing Environment
• Departmental Unmanned Aircraft Systems Privacy Policy

These policies establish the overarching privacy framework governing Departmental programs and information systems.

________________________________________

18. Contact Information

Federal Highway Administration
U.S. Department of Transportation
1200 New Jersey Avenue SE
Washington, DC 20590
 

For privacy inquiries related to FHWA mobile applications, please contact Privacy@dot.gov