FR Doc E9-25938

From: Subject: FR Doc E9-25938 Date: Tue, 10 Aug 2010 15:08:37 -0400 MIME-Version: 1.0 Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable Content-Location: file://T:\HQPDI\PIA-SORN\Eleven - 11\DHS SORN.htm X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5931 FR Doc E9-25938
[Federal Register: October 28, 2009 (Volume 74, Number =
207)]
[Notices]              =20
[Page 55572-55575]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr28oc09-84]                        =20

-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

[Docket No. DHS-2009-0039]

=20
Privacy Act of 1974; Department of Homeland Security/ALL--001=20
Freedom of Information Act and Privacy Act Records System of Records

AGENCY: Privacy Office, DHS.

ACTION: Notice of Privacy Act system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974 the Department of=20
Homeland Security proposes to update and reissue a Department of=20
Homeland Security system of records notice titled, Department of=20
Homeland Security/ALL--001 Freedom of Information Act and Privacy Act=20
Records System of Records. The updated system of records consists of=20
information that is created and used by the Department's Freedom of=20
Information Act and Privacy Act staff to process requests as well as to=20
manage the Freedom of Information Act and Privacy Act programs. As a=20
result of the biennial review of this system, the Privacy Office has:=20
Updated the system classification to include unclassified information;=20
updated the categories of individuals and records to include=20
individuals who are the subjects of requests, Department of Justice and=20
other government litigators and/or DHS personnel assigned to handle=20
such requests or appeals; revised the routine uses to conform with the=20
needs of the Freedom of Information Act and Privacy Act program; and=20
updated the Privacy Act exemptions for this system of records to=20
include the addition of 5 U.S.C. 552a(k)(3) and (k)(6) of the Privacy=20
Act. A Notice of Proposed Rulemaking is published elsewhere in the=20
Federal Register further exempting these records from 5 U.S.C.=20
552a(k)(3) and (k)(6) of the Privacy Act. The initial Privacy Act=20
exemptions published with this system of records (December 6, 2004),=20
will remain in place until this rule is finalized with the addition of=20
5 U.S.C. 552a(k)(3) and (k)(6). This updated system will be included in=20
the Department of Homeland Security's inventory of record systems.

DATES: Submit comments on or before November 27, 2009. This system will=20
be effective November 27, 2009.

ADDRESSES: You may submit comments, identified by docket number DHS-
2009-0039 by one of the following methods:
     Federal e-Rulemaking Portal: http://fr=
webgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&log=3D=
linklog&to=3Dhttp://www.regulations.gov.=20
Follow the instructions for submitting comments.

[[Page 55573]]

     Fax: 703-483-2999.
     Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy=20
Office, Department of Homeland Security, Washington, DC 20528.
     Instructions: All submissions received must include the=20
agency name and docket number for this rulemaking. All comments=20
received will be posted without change to http://fr=
webgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&log=3D=
linklog&to=3Dhttp://www.regulations.gov,=20
including any personal information provided.
     Docket: For access to the docket to read background=20
documents or comments received go to http://fr=
webgate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&log=3D=
linklog&to=3Dhttp://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: For general questions and privacy=20
issues please contact: Mary Ellen Callahan (703-235-0780), Chief=20
Privacy Officer and Chief Freedom of Information Act Officer, Privacy=20
Office, U.S. Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:=20

I. Background

    The Department of Homeland Security (DHS) and its components and=20
offices rely on the system of records, DHS/ALL--001 Freedom of=20
Information Act and Privacy Act Records System of Records (69 FR 70460,=20
December 6, 2004) for the collection and maintenance of records that=20
concern the Department's Freedom of Information Act (FOIA) and Privacy=20
Act (PA) records.
    As part of its efforts to maintain its Privacy Act records systems,=20
DHS is updating and reissuing a Department-wide system of records under=20
the Privacy Act (5 U.S.C. Sec.  552a) for DHS FOIA and PA records. This=20
will ensure that all components of DHS follow the same privacy rules=20
for collecting and handling FOIA and PA records. The collection and=20
maintenance of this information will assist DHS in managing the=20
Department's FOIA and PA records.
    Consistent with DHS' information sharing mission, information=20
stored in the DHS/ALL--001 Freedom of Information Act and Privacy Act=20
Records System of Records may be shared within DHS, as well as with=20
appropriate other Federal, State, local, tribal, foreign, or=20
international government agencies. Disclosure of the information in any=20
record of this system to officers and employees of DHS is permitted=20
when requested by, or with the prior consent of, the individual to whom=20
the record pertains, or when those officers and employees otherwise=20
have a need for the record in the performance of their duties.=20
Disclosure of most personally identifiable information contained in=20
this system outside of DHS will only take place when requested by or=20
with the prior consent of the individual to whom the record pertains,=20
unless DHS determines, consistent with the routine uses set forth in=20
this system of records notice, that the receiving component, agency or=20
entity has a need to know the information to carry out valid national=20
security, law enforcement, immigration, intelligence, or other=20
functions. Certain information about FOIA requestors, including the=20
name of the requestor and a description of the requested records is not=20
exempt under the Freedom of Information Act and is released to outside=20
entities who request such information in accordance with 5 U.S.C.=20
552a(b)(2).

II. Privacy Act

    The Privacy Act embodies fair information principles in a statutory=20
framework governing the means by which the United States Government=20
collects, maintains, uses, and disseminates individuals' records. The=20
Privacy Act applies to information that is maintained in a ``system of=20
records.'' A ``system of records'' is a group of any records under the=20
control of an agency for which information is retrieved by the name of=20
an individual or by some identifying number, symbol, or other=20
identifying particular assigned to the individual. In the Privacy Act,=20
an individual is defined to encompass United States citizens and lawful=20
permanent residents. As a matter of policy, DHS extends administrative=20
Privacy Act protections to all individuals where systems of records=20
maintain information on U.S. citizens, lawful permanent residents, and=20
visitors. Individuals may request access to their own records that are=20
maintained in a DHS system of records by complying with DHS Privacy Act=20
regulations, 6 CFR part 5.
    The Privacy Act requires each agency to publish in the Federal=20
Register a description denoting the type and character of each system=20
of records that the agency maintains, and the routine uses that are=20
contained in each system in order to make agency record keeping=20
practices transparent, to notify individuals regarding the uses to=20
their records, and to assist individuals to more easily find such files=20
within the agency. Below is the description of the DHS/ALL--001 Freedom=20
of Information Act and Privacy Act Records System of Records.
    In accordance with 5 U.S.C. 552a(r), DHS has provided a report of=20
this system of records to the Office of Management and Budget and to=20
Congress.

System of Records

DHS/ALL--001

System name:
    Department of Homeland Security Freedom of Information Act and=20
Privacy Act Records System of Records.

Security classification:
    Classified, sensitive, and unclassified.

System location:
    Records are maintained at Department and Component Headquarters in=20
Washington, DC and field locations.

Categories of individuals covered by the system:
    Categories of individuals covered by this system include:=20
Individuals who submit FOIA and/or PA requests to DHS; individuals who=20
appeal DHS denial of their FOIA and/or PA requests; individuals whose=20
requests, appeals, and/or records have been referred to DHS by other=20
agencies; and, in some instances, attorneys or other persons=20
representing individuals submitting such requests and appeals,=20
individuals who are the subjects of such requests, Department of=20
Justice and other government litigators and/or DHS personnel assigned=20
to handle such requests or appeals.

Categories of records in the system:
    Categories of records in this system include:
     Records received, created, or compiled in processing FOIA=20
and PA requests or appeals, including:
    [cir] Original requests and administrative appeals;
    [cir] Intra or interagency memoranda, correspondence, notes and=20
other documentation related to the processing of the FOIA and PA=20
request;
    [cir] Correspondence with the individuals or entities that=20
submitted the requested records and copies of the requested records,=20
including when those records might contain confidential business=20
information or personal information.
     Types of information in the records may include:
    [cir] Requesters' and their attorneys' or representatives' names,=20
addresses, e-mail, telephone numbers, and FOIA and PA case numbers;=20
office telephone numbers, and office routing symbols of DHS employees=20
and contractors;
    [cir] Names, telephone numbers, and addresses of the submitter of=20
the information requested;
    [cir] Unique case identifier;
    [cir] Social security number;

[[Page 55574]]

    [cir] Alien identification number of the requester/appellant or the=20
attorney or other individual representing the requester, or other=20
identifier assigned to the request or appeal.
     The system also contains copies of all documents relevant=20
to appeals and lawsuits under the FOIA and PA including from Department=20
of Justice and other government litigators.

Authority for maintenance of the system:
    5 U.S.C. 301, 552 (Freedom of Information Act), 552a (Privacy Act);=20
44 U.S.C. 3101 (Records Management by Federal Agencies); E.O. 12958=20
(Classified National Security Information, as amended).

Purpose(s):
    The purpose of this system is to process record requests and=20
administrative appeals under the FOIA and PA as well as access,=20
notification, and amendment requests and appeals under the PA. Also,=20
for participating in litigation arising from such requests and appeals;=20
and in assisting DHS in carrying out any other responsibilities under=20
the FOIA or PA.

Routine uses of records maintained in the system, including categories=20
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C.=20
552a(b) of the Privacy Act, all or a portion of the records or=20
information contained in this system may be disclosed outside DHS as a=20
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (including United States Attorney=20
Offices) or other Federal agency conducting litigation or in=20
proceedings before any court, adjudicative or administrative body, when=20
it is necessary to the litigation and one of the following is a party=20
to the litigation or has an interest in such litigation:
    1. DHS or any component thereof;
    2. Any employee of DHS in his/her official capacity;
    3. Any employee of DHS in his/her individual capacity where DOJ or=20
DHS has agreed to represent the employee; or
    4. The United States or any agency thereof, is a party to the=20
litigation or has an interest in such litigation, and DHS determines=20
that the records are both relevant and necessary to the litigation and=20
the use of such records is compatible with the purpose for which DHS=20
collected the records.
    B. To a congressional office from the record of an individual in=20
response to an inquiry from that congressional office made at the=20
request of the individual to whom the record pertains.
    C. To the National Archives and Records Administration or other=20
Federal government agencies pursuant to records management inspections=20
being conducted under the authority of 44 U.S.C. 2904 and 2906.
    D. To an agency, organization, or individual for the purpose of=20
performing audit or oversight operations as authorized by law, but only=20
such information as is necessary and relevant to such audit or=20
oversight function.
    E. To appropriate agencies, entities, and persons when:
    1. DHS suspects or has confirmed that the security or=20
confidentiality of information in the system of records has been=20
compromised;
    2. The Department has determined that as a result of the suspected=20
or confirmed compromise there is a risk of harm to economic or property=20
interests, identity theft or fraud, or harm to the security or=20
integrity of this system or other systems or programs (whether=20
maintained by DHS or another agency or entity) or harm to the=20
individual that rely upon the compromised information; and
    3. The disclosure made to such agencies, entities, and persons is=20
reasonably necessary to assist in connection with DHS's efforts to=20
respond to the suspected or confirmed compromise and prevent, minimize,=20
or remedy such harm.
    F. To contractors and their agents, grantees, experts, consultants,=20
and others performing or working on a contract, service, grant,=20
cooperative agreement, or other assignment for DHS, when necessary to=20
accomplish an agency function related to this system of records.=20
Individuals provided information under this routine use are subject to=20
the same Privacy Act requirements and limitations on disclosure as are=20
applicable to DHS officers and employees.
    G. To an appropriate Federal, State, tribal, local, international,=20
or foreign agency, including law enforcement, or other appropriate=20
authority charged with investigating or prosecuting a violation or=20
enforcing or implementing a law, rule, regulation, or order, where a=20
record, either on its face or in conjunction with other information,=20
indicates a violation or potential violation of law, which includes=20
criminal, civil, or regulatory violations and such disclosure is proper=20
and consistent with the official duties of the person making the=20
disclosure.
    H. To a Federal, State, territorial, tribal, local, international,=20
or foreign agency or entity for the purpose of consulting with that=20
agency or entity:
    1.To assist in making a determination regarding access to or=20
amendment of information, or
    2. For the purpose of verifying the identity of an individual or=20
the accuracy of information submitted by an individual who has=20
requested access to or amendment of information.
    I. To a Federal agency or other Federal entity that furnished the=20
record or information for the purpose of permitting that agency or=20
entity to make a decision regarding access to or correction of the=20
record or information, or to a federal agency or entity for purposes of=20
providing guidance or advice regarding the handling of particular=20
requests.
    J. To the Department of Justice, including the United States=20
Attorney's Offices, or a consumer reporting agency for collection=20
action on any delinquent debt when circumstances warrant.
    K. To the Office of Management and Budget or the Department of=20
Justice to obtain advice regarding statutory and other requirements=20
under the Freedom of Information Act or the Privacy Act of 1974.

Disclosure to consumer reporting agencies:
    Privacy Act information may be reported to consumer reporting=20
agencies pursuant to 5 U.S.C. 552a(b)(12).

Policies and practices for storing, retrieving, accessing, retaining,=20
and disposing of records in the system:
Storage:
    Records in this system are stored electronically or on paper in=20
secure facilities in a locked drawer behind a locked door. The records=20
are stored on magnetic disc, tape, digital media, and CD-ROM.

Retrievability:
    Records may be retrieved by the name, unique case identifier,=20
social security number, or alien identification number of the=20
requester/appellant or the attorney or other individual representing=20
the requester, or other identifier assigned to the request or appeal.

Safeguards:
    Records in this system are safeguarded in accordance with=20
applicable rules and policies, including all applicable DHS automated=20
systems security and access policies. Strict controls have been imposed=20
to minimize the risk of compromising the information that is stored.=20
Access to the computer system containing the records in this system is=20
limited to those individuals who have a need to know

[[Page 55575]]

the information for the performance of their official duties and who=20
have appropriate clearances or permissions.

Retention and disposal:
    FOIA and PA records are retained in accordance with National=20
Archives and Records Administration's General Records Schedule 14.
    FOIA and PA records in litigation are retained for ten years after=20
the end of the fiscal year in which judgment was made or when all=20
appeals have been exhausted, whichever is later. This disposition is=20
temporary and is under review and approval by the National Archives and=20
Records Administration through pending schedule N1-563-08-33, Item 11.
    If the FOIA or PA record deals with significant policy-making=20
issues, it is a permanent record.
    A FOIA or PA record may qualify as a permanent Federal Record. A=20
permanent record is one that has been determined by NARA to have=20
sufficient value to warrant its preservation in the National Archives=20
of the United States. Permanent records include all records accessioned=20
by NARA into the National Archives of the United States and later=20
increments of the same records, and those for which the disposition is=20
permanent on SF 115s, Request for Records Disposition Authority,=20
approved by NARA on or after May 14, 1973.

System Manager and address:
    Mary Ellen Callahan (703-235-0780), Chief Privacy Officer and Chief=20
Freedom of Information Act Officer, Privacy Office, Department of=20
Homeland Security, Washington, DC 20528.
    For components of DHS, the System Manager can be found at http://frweb=
gate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&log=3Dl=
inklog&to=3Dhttp://www.dhs.gov/foia under ``contacts.''

Notification procedure:
    Individuals seeking notification of and access to any record=20
contained in this system of records, or seeking to contest its content,=20
may submit a request in writing to the Headquarters' or component's=20
FOIA Officer, whose contact information can be found at http://frweb=
gate.access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&log=3Dl=
inklog&to=3Dhttp://www.dhs.gov/foia under ``contacts.'' If an =
individual believes more=20
than one component maintains Privacy Act records concerning him or her,=20
the individual may submit the request to the Chief Privacy Officer and=20
Chief Freedom of Information Act Officer, Department of Homeland=20
Security, 245 Murray Drive, SW., Building 410, STOP-0550, Washington,=20
DC 20528.
    When seeking records about yourself from this system of records or=20
any other Departmental system of records, your request must conform=20
with the Privacy Act regulations set forth in 6 CFR part 5. You must=20
first verify your identity, meaning that you must provide your full=20
name, current address and date and place of birth. You must sign your=20
request, and your signature must either be notarized or submitted under=20
28 U.S.C. 1746, a law that permits statements to be made under penalty=20
of perjury as a substitute for notarization. While no specific form is=20
required, you may obtain forms for this purpose from the Chief Privacy=20
Officer and Chief Freedom of Information Act Officer, http://frwebgate.=
access.gpo.gov/cgi-bin/leaving.cgi?from=3DleavingFR.html&log=3Dlinklo=
g&to=3Dhttp://www.dhs.gov or 1-866-431-0486. In addition you =
should provide the=20
following:
     An explanation of why you believe the Department would=20
have information on you;
     Identify which component(s) of the Department you believe=20
may have the information about you;
     Specify when you believe the records would have been=20
created;
     Provide any other information that will help the FOIA=20
staff determine which DHS component agency may have responsive records;=20
and
     If your request is seeking records pertaining to another=20
living individual, you must include a statement from that individual=20
certifying his/her agreement for you to access his/her records.
    Without this bulleted information the component(s) may not be able=20
to conduct an effective search, and your request may be denied due to=20
lack of specificity or lack of compliance with applicable regulations.

Record access procedures:
    See ``Notification procedure'' above.

Contesting record procedures:
    See ``Notification procedure'' above.

Record source categories:
    Records are obtained by those individuals who submit requests and=20
administrative appeals pursuant to the FOIA and the PA; the agency=20
records searched and identified as responsive in the process of=20
responding to such requests and appeals; Departmental personnel=20
assigned to handle such requests and appeals; other agencies or=20
entities that have referred to DHS requests concerning DHS records, or=20
that have consulted with DHS regarding handling of particular requests;=20
and submitters or subjects of records or information that have provided=20
assistance to DHS in making access or amendment determinations.

Exemptions claimed for the system:
    The Secretary of Homeland Security has exempted this system from=20
the following provisions of the Privacy Act, subject to the limitations=20
set forth in (c)(3) and (4): (d); (e)(1), (2), (3), (5), and (8); and=20
(g) of the Privacy Act pursuant to 5 U.S.C. 552a(j)(2). Additionally,=20
The Secretary of Homeland Security has exempted this system from the=20
following provisions of the Privacy Act, subject to the limitations set=20
forth in (c)(3): (d), (e)(1), (e)(4)(G), (H), (I), and (f) of the=20
Privacy Act pursuant to 5 U.S.C. 552a(k)(1), (k)(2), (k)(3), (k)(5) and=20
(k)(6). When DHS is processing Privacy Act and/or FOIA requests,=20
responding to appeals, or participating in FOIA or Privacy Act=20
litigation, exempt materials from other systems of records may become=20
part of the records in this system. To the extent that copies of exempt=20
records from other systems of records are entered into this system, DHS=20
hereby claims the same exemptions for those records that are claimed=20
for the original primary systems of records from which they originated.

    Dated: October 20, 2009.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. E9-25938 Filed 10-27-09; 8:45 am]

BILLING CODE 9110-9L-P