[Federal Register Volume 60, Number 240 (Thursday, December 14, 1995)]
[Rules and Regulations]
[Pages 64122-64125]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 95-30384]



=======================================================================
-----------------------------------------------------------------------

ASSASSINATION RECORDS REVIEW BOARD

36 CFR Part 1415


Rules Implementing the Privacy Act

AGENCY: Assassination Records Review Board.

ACTION: Final rulemaking.

-----------------------------------------------------------------------

SUMMARY: This part contains the regulations of the Assassination 
Records Review Board (Review Board) implementing the Privacy Act of 
1974. The regulations inform the public that the Review Board is 
responsible for carrying out the provisions of the Privacy Act and for 
issuing internal Review Board orders and directives in connection with 
the Privacy Act. These regulations apply to all records that are 
contained in systems of records maintained by the Review Board and that 
are retrieved by an individual's name or personal identifier. Elsewhere 
in today's Federal Register appears a notice describing the Review 
Board's systems of records.

EFFECTIVE DATE: This regulation is effective January 16, 1996.

FOR FURTHER INFORMATION CONTACT: T. Jeremy Gunn, General Counsel, 
Assassination Records Review Board, 600 E Street NW., 2nd Floor, 
Washington, DC 20530.

SUPPLEMENTARY INFORMATION:

Background

    Section 3(f) of the Privacy Act of 1974, 5 U.S.C. 552a(f), requires 
each Federal agency to promulgate rules that set forth procedures by 
which individuals can examine and request correction of agency records 
containing personal information. The Review Board, established by the 
President John F. Kennedy Assassination Records Collection Act of 1992, 
is therefore obligated to publish such regulations.
    Because Privacy Act regulations are intended for use by the general 
public, the Review Board has tried to keep its rule simple and 
straightforward. Some aspects of the Privacy Act dealing solely with 
the Review Board's internal procedures and safeguards may be dealt with 
by directive to the Review Board's staff rather than by rule.

Notice and Comment Process

    The Review Board received no public comments in response to its 
Notice of Proposed Rulemaking. The staff, in consultation with the 
Office of Management and Budget, proposed some technical amendments to 
the regulations. The following changes have been incorporated into the 
final rule: 

[[Page 64123]]

    Privacy Act queries will be processed by a new Privacy Act Officer 
rather than by the General Counsel. See Secs. 1415.10, 1415.15, 
1415.20, and 1415.25.
    The term person has been replaced throughout by the term individual 
in order to clarify that corporations and other artificial persons are 
not covered by the Privacy Act regulations.
    The definition of system of records in Sec. 1415.10 has been 
revised to clarify that assassination records coming into the Review 
Board's temporary possession during its review are not subject to the 
Privacy Act.
    The procedures for the handling of Privacy Act requests has been 
modified in Sec. 1415.25(b) to extend somewhat the timing of the Review 
Board's response. The Privacy Act Officer is now allotted ten (rather 
than five) days to respond to a request and is also given some latitude 
for an additional extension of time if one proves warranted. Similarly, 
the allotted time for the Executive Director's response to an appeal is 
thirty (rather than twenty) days in Sec. 1415.30. The final rules also 
provide, in Sec. 1415.35, more specific guidance for amending or 
correcting errors that may appear in records.
    Section 1415.55 has been rewritten to provide more specific 
guidance on the exemptions applicable to the Review Board's various 
systems of records.

Paperwork Reduction Act Statement

    The rule is not subject to the provisions of the Paperwork 
Reduction Act of 1980, 44 U.S.C. 3501, et seq. (amended 1995), because 
it does not contain any information collection requirements within the 
meaning of 44 U.S.C. 3502(4).

Regulatory Flexibility Act Certification

    As required by the Regulatory Flexibility Act of 1980 (RFA), 5 
U.S.C. 601-12, the Review Board certifies that this rule will not have 
a significant economic impact on a substantial number of small entities 
and that, therefore, a regulatory flexibility analysis need not be 
prepared, 5 U.S.C. 605(b).

Review by OMB

    The Office of Management and Budget has reviewed the regulation 
under Executive Order 12866.

List of Subjects in 36 CFR Part 1415

    Privacy Act.

The Final Regulations

    The Review Board amends chapter XIV in title 36 of the Code of 
Federal Regulations by adding a new part 1415 to read as follows:

PART 1415--RULES IMPLEMENTING THE PRIVACY ACT

Sec.
1415.5  Scope.
1415.10  Definitions.
1415.15  Systems of records notification.
1415.20  Requests by individuals for access to their own records.
1415.25  Processing of requests.
1415.30  Appeals from access denials.
1415.35  Requests for amendment of records.
1415.40  Appeals from amendment of denials.
1415.45  Disclosure of records to third parties.
1415.50  Fees.
1415.55  Exemptions.

    Authority: 5 U.S.C. 552a; 44 U.S.C. 2107.


Sec. 1415.5  Scope.

    This part contains the Review Board's regulations implementing the 
Privacy Act of 1974, 5 U.S.C. 552a.


Sec. 1415.10  Definitions.

    In addition to the definitions provided in the Privacy Act, the 
following terms are defined as follows:
    Assassination records, for the purpose of this regulation only, are 
records created by Government offices (other than the Review Board), 
entities, and individuals that relate to the assassination of President 
John F. Kennedy that may, from time to time, come into the temporary 
custody of the Review Board but that are not the legal property of the 
Review Board.
    Executive Director means the principal staff official appointed by 
the Review Board pursuant to 44 U.S.C. 2107.8(a).
    JFK Act means the President John F. Kennedy Records Collection Act 
of 1992.
    Privacy Act Officer means the person designated by the Executive 
Director to administer the Review Board's activities pursuant to the 
regulations in this part.
    Review Board means the Assassination Records Review Board created 
pursuant to 44 U.S.C. 2107.7.
    System of records means a group of records that is within the 
possession and control of the Review Board and from which information 
is retrieved by the name of the individual or by some identifying 
number, symbol, or other identifying particular assigned to the 
individual. Assassination records, as defined above, are not included 
in the Review Board's systems of records.


Sec. 1415.15  Systems of records notification.

    Any individual who wishes to know whether a system of records 
contains a record pertaining to him or her may file a request in person 
or in writing. Written requests should be directed to the Privacy Act 
Officer, Assassination Records Review Board, 600 E Street, NW, 
Washington, DC 20530, and should be clearly marked ``Privacy Act 
Request.''


Sec. 1415.20  Requests by an individual for access to their own 
records.

    (a) Requests in writing. An individual may request access to his or 
her own records in writing by addressing a letter to the Privacy Act 
Officer, Assassination Records Review Board, 600 E Street, NW, 2nd 
Floor, Washington, DC 20530. The request should contain the following 
information:
    (1) Full name, address, and telephone number of requester;
    (2) Proof of identification, which should be a copy of one of the 
following: Valid driver's license, valid passport, or other current 
identification which contains both an address and picture of the 
requester;
    (3) The system of records in which the desired information is 
contained; and
    (4) At the requester's option, authorization for expenses (see 
Sec. 1415.50 below).
    (b) Requests in person. Any individual may examine his or her own 
record on the Review Board's premises. To do so, the individual should 
call the Review Board's offices at (202) 724-0088 and ask to speak to 
the Privacy Act Officer. This call should be made at least two weeks 
prior to the time the requester would like to see the records. During 
this call, the requester should be prepared to provide the same 
information as that listed in paragraph (a) of this section except for 
proof of identification.


Sec. 1415.25  Processing of requests.

    (a) The Privacy Act Officer will process all requests under both 
the Freedom of Information Act and the Privacy Act.
    (b) The Privacy Act Officer will respond to the request within ten 
working days of its receipt by the Privacy Act Officer. If the Review 
Board needs additional time to respond, the Privacy Act Officer will 
provide the requester an explanation as to why the Review Board 
requires an extension.
    (c) Following the initial call from the requester, the Privacy Act 
Officer will determine: whether the records identified by the requester 
exist, and whether they are subject to any exemption under Sec. 1415.55 
below. If the records exist and are not subject to exemption, the 
Privacy Act Officer will call the requester and arrange an appointment 
at a mutually agreeable time when the records can be examined. At the 
appointment, the requester will 

[[Page 64124]]
be asked to present identification as stated in Sec. 1415.20(a)(2). The 
requester may be accompanied by one individual of his or her own 
choosing, and should state during this call whether or not a second 
individual will be present at the appointment. In the event that a 
second individual accompanies the requester, the requester will be 
asked to provide the Review Board with written consent to disclose his 
or her records to the second individual.
    (d) If a request is received for information compiled in reasonable 
anticipation of a civil action or proceeding, the Privacy Act Officer 
will determine whether to disclose the information and will inform the 
requester whether this information is subject to release under the 
Privacy Act (see 5 U.S.C. 552a(d)(5)).


Sec. 1415.30  Appeals from access denials.

    When access to records has been denied in whole or in part by the 
Privacy Act Officer, the requester may file an appeal in writing. This 
appeal should be directed to the Executive Director, Assassination 
Records Review Board, 600 E Street, NW., 2nd Floor, Washington, DC 
20530. The appeal letter must specify those denied records that are 
still sought and state why the denial by the Privacy Act Officer is 
erroneous. The Executive Director or his representative will respond to 
such appeals within thirty working days after the appeal letter is 
received in the Review Board's offices, unless, for good cause shown, 
the Executive Director extends such thirty day period. The appeal 
determination will explain the basis for continuing to deny access to 
any requested records and will notify the requester of his or her right 
to judicial review of the Executive Director's determination.


Sec. 1415.35  Requests for amendment of records.

    (a) Amendment requests. Any person is entitled to request amendment 
of a record pertaining to him or her. This request must be made in 
writing and should be addressed to the Privacy Act Officer, 
Assassination Records Review Board, 600 E Street, NW., 2nd Floor, 
Washington, DC 20530. The letter should clearly identify the amendments 
desired. An edited copy will usually be acceptable for this purpose.
    (b) Initial response. The Privacy Act Officer will acknowledge the 
request for amendment within ten working days of receipt of the 
request. The Privacy Act Officer will provide a letter to the requester 
within thirty working days stating whether or not the request for 
amendment has been granted or denied. The Privacy Act Officer will 
amend information that is not accurate, relevant, timely, or complete, 
unless the record is excluded or exempt. If the Privacy Act Officer 
decides to deny any portion of the amendment request, the reasons for 
the denial will be provided to the requester. In addition, the Privacy 
Act Officer will inform the requester of his or her right to appeal the 
Privacy Act Officer's determination to the Executive Director.


Sec. 1415.40  Appeals from amendment of denials.

    (a) When amendment of records has been denied by the Privacy Act 
Officer, the requester may file an appeal in writing. This appeal 
should be directed to the Executive Director, Assassination Records 
Review Board, 600 E Street, NW., 2nd Floor, Washington, DC 20530. The 
appeal letter must specify the record subject to the appeal, and state 
why the denial of amendment by the Privacy Act Officer is erroneous. 
The Executive Director or his representative will respond to such 
appeals within thirty working days (subject to extension by the 
Executive Director for good cause) after the appeal letter has been 
received in the Review Board's offices.
    (b) The appeal determination, if adverse to the requester in any 
respect, will:
    (1) Explain the basis for denying amendment of the specified 
records;
    (2) Inform the requester that he or she may file a concise 
statement setting forth reasons for disagreeing with the Executive 
Director's determination; and
    (3) Inform the requester of his or her right to pursue a judicial 
remedy under 5 U.S.C. 552a(g)(1)(A).


Sec. 1415.45  Disclosure of records to third parties.

    Records subject to the Privacy Act that are requested by a person 
other than the individual to whom they pertain will not be made 
available except in the following circumstances:
    (a) Release is required under the Freedom of Information Act in 
accordance with the Review Board's FOIA regulations, 36 CFR part 1410;
    (b) Pursuant to a written request by, or with the prior written 
consent of, the individual to whom the record pertains; or
    (c) Release is authorized by 5 U.S.C. 552a(b)(1) or (3) through 
(11).


Sec. 1415.50  Fees.

    A fee will not be charged for search or review of requested 
records, or for amendment of records. When a request is made for copies 
of records, a copying fee will be charged at the same rate established 
for FOIA requests. See 36 CFR 1410.35. However, the first 100 pages 
will be free of charge.


Sec. 1415.55  Exemptions.

    (a) The systems of records entitled ``Personal Security Files'' and 
``Subject File'' contain some information specifically authorized under 
criteria established by an Executive Order to be kept secret in the 
interest of national defense or foreign policy and which is properly 
classified pursuant to such Executive Order. Therefore, to the extent 
that information in these systems falls within the coverage of 
exemption (k)(1) of the Privacy Act, 5 U.S.C. 552a(k)(1), these systems 
of records are eligible for exemption from the requirements of the 
following subsections of the Privacy Act: subsections (c)(3), (d), 
(e)(1), (e)(4)(G), (H) and (I) and (f). Disclosure of information 
properly classified pursuant to an Executive Order would jeopardize the 
national defense or foreign policy of the United States.
    (b) The systems of records entitled ``Agency Contacts,'' 
``Investigations,'' ``Public Contacts,'' and ``Subject File'' consist, 
in part, of investigatory material compiled by the Review Board for law 
enforcement purposes other than material within the scope of subsection 
(j)(2) of 5 U.S.C. 552a. Provided however, that if any individual is 
denied any right, privilege or benefit that he would otherwise be 
entitled by Federal law, or for which he would otherwise be eligible, 
as a result of the maintenance of such material, such material shall be 
provided to such individual, except to the extent that the disclosure 
of such material would reveal the identity of a source who furnished 
information to the Government under an express promise that the 
identity of the source would be held in confidence, or prior to January 
1, 1975, under an implied promise that the identity of the source would 
be held in confidence. Therefore, to the extent that information in 
these systems falls within the coverage of exemption (k)(2) of the 
Privacy Act, 5 U.S.C. 552a(k)(2), these systems of records are eligible 
for exemption from the requirements of the following subsections of the 
Privacy Act, for the reasons stated below.
    (1) From subsection (c)(3) because release of the agency's 
accounting of certain disclosures to an individual who is the subject 
of an investigation could reveal the nature and scope of the 
investigation and could result in the altering or destruction of 
evidence, improper influencing of witnesses, and 

[[Page 64125]]
other evasive actions that could impede or compromise the 
investigation.
    (2) From subsection (d) because release of investigative records to 
an individual who is the subject of an investigation could interfere 
with pending or prospective law enforcement proceedings, constitute an 
unwarranted invasion of the personal privacy of third parties, reveal 
the identity of confidential sources, or reveal sensitive investigative 
techniques and procedures.
    (3) From subsections (d)(2), (3), and (4) because amendment or 
correction of investigative records could interfere with pending or 
prospective law enforcement proceedings, or could impose an impossible 
administrative and investigative burden by requiring the Review Board 
continuously to retrograde its investigations attempting to resolve 
questions of accuracy, relevance, timeliness, and completeness.
    (4) From subsection (e)(1), because it is often impossible to 
determine relevance or necessity of information in the early stages of 
an investigation. The value of such information is a question of 
judgment and timing; what appears relevant and necessary when collected 
may ultimately be evaluated and viewed as irrelevant and unnecessary to 
an investigation.
    (5) From subsection (e)(4)(G) and (H), because the Review Board is 
claiming an exemption for subsections (d) (Access to Records) and (f) 
(Agency Rules) of the Act, these subsections are inapplicable to the 
extent that these systems of records are exempted from subsections (d) 
and (f).
    (6) From subsection (f) because procedures for notice to an 
individual pursuant to subsection (f)(1) as to the existence of records 
pertaining to the person dealing with an actual or potential 
investigation must be exempted because such notice to an individual 
would be detrimental to the successful conduct of a pending or future 
investigation. In addition, mere notice of an investigation could 
inform the subject or others that their activities either are, or may 
become, the subject of an investigation and might enable the subjects 
to avoid detection or to destroy assassination records. Since the 
Review Board is claiming an exemption for subsection (d) of the Act 
(Access to Records) the rules require pursuant to subsection (f)(2) 
through (5) are inapplicable to these systems of records to the extent 
that these systems of records are exempted from subsection (d).
    (c) The systems of records entitled ``Employment Applications'' and 
``Personal Security Files'' consist in part of investigatory material 
compiled by the Review Board for the purpose of determining 
suitability, eligibility, or qualifications for Federal civilian 
employment or Federal contracts, the release of which would reveal the 
identity of a source who furnished information to the Government under 
an express promise that the identity of the source would be held in 
confidence. Therefore, to the extent that information in these systems 
falls within the coverage of Exemption (k)(5) of the Privacy Act, 5 
U.S.C. 552a(k)(5), these systems of records are eligible for exemption 
from the requirements of subsection (d)(1), because release would 
reveal the identity of a source who furnished information to the 
Government under an express promise of confidentiality. Revealing the 
identity of a confidential source could impede future cooperation by 
sources, and could result in harassment or harm to such sources.

    Dated: December 8, 1995.
David G. Marwell,
Executive Director, Assassination Records Review Board.
[FR Doc. 95-30384 Filed 12-13-95; 8:45 am]
BILLING CODE 6118-01-P