[Federal Register Volume 61, Number 165 (Friday, August 23, 1996)]
[Rules and Regulations]
[Pages 43418-43420]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 96-21545]


=======================================================================
-----------------------------------------------------------------------

FEDERAL DEPOSIT INSURANCE CORPORATION

12 CFR Part 310

RIN 3064-AB80


Privacy Act Regulations

AGENCY: Federal Deposit Insurance Corporation.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The FDIC's Privacy Act Regulations were reviewed in accordance 
with the requirements of section 303 of the Riegle Community 
Development and Regulatory Improvement Act of 1994 (RCDRIA) and the 
FDIC's ongoing Regulatory Review Program. As a result of this review, 
the FDIC is amending its Privacy Act Regulations in order to delete 
outmoded terms and otherwise update and clarify the regulations. The 
revisions are minor and technical in nature.

EFFECTIVE DATE: August 23, 1996.

FOR FURTHER INFORMATION CONTACT: Dianne M. Salva, Senior Attorney, 
Office of the Executive Secretary, (202) 898-3819; Richard White, 
Attorney, Office of the Executive Secretary, (202) 898-7247; Michelle 
Borzillo, Counsel, Legal Division, (202) 898-7400, Karen L. Main, 
Senior Attorney, Legal Division, (202) 898-8838, Federal Deposit 
Insurance Corporation, 550 17th Street, NW., Washington, DC. 20429.

SUPPLEMENTARY INFORMATION:

I. Discussion

    Part 310 of the FDIC's Rules and Regulations implements the Privacy 
Act of 1974, 5 U.S.C. 552a. The Privacy Act is a records management 
statute designed to balance the government's need to maintain 
information about individuals with the rights of individuals to be 
protected against unwarranted invasions of their privacy stemming from 
federal agencies' collection, maintenance, use, and disclosure of 
personal information about them.
    Consistent with the Privacy Act, part 310 provides a means by which 
individuals may obtain non-exempt FDIC records indexed under their 
name. It also permits the amendment of inaccurate records and places 
restrictions on the release of covered information within and outside 
the FDIC.
    The FDIC's Privacy Act Regulations were reviewed in accordance with 
the requirements of section 303 of the RCDRIA and the FDIC's ongoing 
Regulatory Review Program. As a result of this review, the FDIC is 
amending Part 310 through this final rule in order to delete outmoded 
terms and otherwise update and clarify the regulations.
    The revisions are minor and technical in nature. More specifically, 
the final rule would (1) clarify the regulatory statement of purpose 
and scope; (2) replace references to the ``Civil Service Commission'' 
with ``United States Office of Personnel Management''; (3) replace 
references to the ``Records Unit'' with ``FOIA/PA Unit''; (4) clarify 
that access to, or amendment of, government-wide systems of records 
shall be controlled by the regulations and notices prescribed by the 
sponsoring government agency; (5) conform part 310 to a court ruling 
permitting the use of an unsworn declaration under penalty of perjury 
in lieu of a notarized certification to

[[Page 43419]]

establish identity,\1\ and further clarify that personal identity may 
be established through documents typically used for identification 
purposes; (6) conform part 310 to a court ruling providing that a 
requester has a right to obtain non-exempt information pertaining to 
him or herself even if such records are medically sensitive;\2\ (7) 
clarify that the restrictions on disclosure do not apply to disclosures 
to a consumer reporting agency in accordance with 31 U.S.C. 3711(f); 
(8) move the text of Sec. 310.10(c) to Sec. 310.9(d) for purposes of 
clarity and re-number the remaining paragraphs; and (9) waive the 
imposition of fees when duplication costs are less than $10 (up from 
$2).
---------------------------------------------------------------------------

    \1\ Summers v. DOJ, 999 F. 2d 570 (D.C. Cir. 1993).
    \2\ Benavides v. Bureau of Prisons, 995 F.2d 269 (D.C. Cir. 
1993).
---------------------------------------------------------------------------

    With regard to the minimum billing amount, section 552a(f) of the 
Privacy Act requires agencies to promulgate rules establishing fees to 
be charged to any individual for making copies of his or her records. 
The change to part 310 regarding the minimum billing amount conforms 
part 310 to the changes made to the minimum billing provision contained 
in 12 CFR part 309. These changes were based on the calculation, made 
by the FDIC Division of Finance, of the Corporation's costs to process 
the receipt of a payment.
    As a result of these amendments, the FDIC's Privacy Act Regulations 
provide a more streamlined and efficient process under which 
individuals may obtain information from the Corporation, thus meeting 
the goals of section 303 of the RCDRIA.

II. Public Comment Waiver and Effective Date

    The amendments remove obsolete terms, make technical corrections 
and conform and clarify procedures for obtaining non-exempt records. 
Public comment on these changes is unnecessary and contrary to the 
public interest because the proposed changes reduce public burden, are 
relatively minor, and the FDIC has no discretion with regard to their 
substance. Thus, the Board has found that there exists good cause for 
not following the provisions of 5 U.S.C. 553(b) relating to notice and 
public participation in connection with the adoption of these 
amendments. Alternatively, the Board finds that the provisions of 5 
U.S.C. 553(b) relating to notice and public participation do not apply 
in connection with the adoption of these amendments because part 310 is 
a procedural rule.
    The Board also finds that the 30-day delayed effective date 
required under 5 U.S.C. 553(d), should be waived and that the 
amendments should become effective upon publication. As noted above, 
the amendments remove obsolete terms, make technical corrections and 
conform and clarify procedures for obtaining non-exempt records. The 
amendments reduce public burden, are relatively minor, and the FDIC has 
no discretion with regard to their substance. The amendments are of 
such a nature that the public does not need a delayed period of time in 
which to conform or adjust to the amendments. Thus, the Board finds 
that there exists good cause for not delaying the effective date of 
these amendments. Consequently, the final rule will be effective upon 
publication in the Federal Register.
    Section 302 of the RCDRIA, 12 U.S.C. 4802(b), requires that all new 
regulations and amendments to regulations prescribed by a Federal 
banking agency which impose additional reporting, disclosure, or other 
new requirements on insured depository institutions shall take effect 
on the first day of a calendar quarter. This final rule does not impose 
additional reporting, disclosure, or other new requirements on insured 
depository institutions, however. Consequently, the Board has 
determined that section 302 of the RCDRIA does not apply and that this 
final rule should become effective upon publication.

III. Matters of Regulatory Procedure

Regulatory Flexibility Act

    Because no general notice of proposed rulemaking was published 
prior to this final rule, the requirements of Chapter 6 of Title 5 of 
the United States Code for an initial and final regulatory flexibility 
analysis do not apply, 5 U.S.C. 601(2).

Paperwork Reduction Act

    No collections of information pursuant to section 3504(h) of the 
Paperwork Reduction Act (44 U.S.C. 3501 et seq.) are contained in this 
notice. Consequently, no information has been submitted to the Office 
of Management and Budget.

List of Subjects in 12 CFR Part 310

    Banks, banking, Credit, Privacy.

    For the reasons set forth above, 12 CFR part 310 is amended as set 
forth below:

PART 310--PRIVACY ACT REGULATIONS

    1. The authority citation for part 310 continues to read as 
follows:

    Authority: 5 U.S.C. 552a.

    2. In Part 310 all references to ``Records Unit'' are revised to 
read ``FOIA/PA Unit''.
    3. Section 310.1 is revised to read as follows:


Sec. 310.1  Purpose and scope.

    The purpose of this part is to establish regulations implementing 
the Privacy Act of 1974, 5 U.S.C. 552a. These regulations delineate the 
procedures that an individual must follow in exercising his or her 
access or amendment rights under the Privacy Act to records maintained 
by the Corporation in systems of records.
    4. Section 310.3(a) is revised to read as follows:


Sec. 310.3  Procedures for requests pertaining to individual records in 
a system of records.

    (a) Any present or former employee of the Corporation seeking 
access to, or amendment of, his/her official personnel records 
maintained by the Corporation shall submit his/her request in such 
manner as is prescribed by the United States Office of Personnel 
Management in part 297 of its rules and regulations (5 CFR part 297). 
For access to, or amendment of, other government-wide records systems 
maintained by the Corporation, the procedures prescribed in the 
respective Federal Register Privacy Act system notice shall be 
followed.
* * * * *


Sec. 310.4  [Amended]

    5. Section 310.4 is amended by revising paragraphs (b) and (c) to 
read as follows:
* * * * *
    (b) Individuals appearing in person at the Corporation seeking 
access to or amendment of their records shall present two forms of 
reasonable identification, such as employment identification cards, 
driver's licenses, or other identification cards or documents typically 
used for identification purposes.
    (c) Except for records that must be publicly disclosed pursuant to 
the Freedom of Information Act, 5 U.S.C. 552, where the Corporation 
determines it to be necessary for the individual's protection, a 
certification of a duly commissioned notary public, of any state or 
territory, attesting to the requesting individual's identity, or an 
unsworn declaration subscribed to as true under the penalty of perjury 
under the laws of the United States of America, at the election of the 
individual, may be required before a written request seeking access to 
or amendment of a record will be honored.

[[Page 43420]]

The Corporation may also require that individuals provide minimal 
identifying data such as full name, date and place of birth, or other 
personal information necessary to ensure proper identity before 
processing requests for records.


Sec. 310.6  [Amended]

    6. Section 310.6 is amended by adding the phrase ``for release to 
the patient'' at the end of the second sentence.
    7. In Sec. 310.9, paragraph (d) is redesignated as paragraph (e) 
and a new paragraph (d) is added to read as follows:


Sec. 310.9  Appeal of adverse initial agency determination on access or 
amendment.

* * * * *
    (d) Any statement of disagreement with the Corporation's refusal to 
amend, filed with the Corporation by an individual pursuant to 
Sec. 310.9(c), will be included in the disclosure of any records under 
the authority of Sec. 310.10(b). The Corporation may in its discretion 
also include a copy of a concise statement of its reasons for not 
making the requested amendment.
* * * * *
    8. Section 310.10 is amended by revising paragraphs (b)(6) and 
(b)(10); adding a new paragraph (b)(12); removing paragraph (c); 
redesignating paragraphs (d) and (e) as paragraphs (c) and (d), 
respectively; amending newly designated paragraph (c) by removing 
``paragraphs (b)(3) through (b)(11)'' and adding in its place 
``paragraphs (b)(3) through (b)(12)''; and amending newly desinated 
paragraph (d) by removing ``paragraph (d)(1)'' and adding in its place 
``paragraph (c)(1)'' as follows:


Sec. 310.10  Disclosure of record to person other than the individual 
to whom it pertains.

* * * * *
    (b) * * *
    (6) To the National Archives and Records Administration as a record 
which has sufficient historical or other value to warrant its continued 
preservation by the United States Government, or for evaluation by the 
Archivist of the United States or his or her designee to determine 
whether the record has such value;
* * * * *
    (10) To the Comptroller General, or any of his or her authorized 
representatives, in the course of the performance of the duties of the 
General Accounting Office;
* * * * *
    (12) To a consumer reporting agency in accordance with section 
3711(f) of Title 31.
* * * * *


Sec. 310.11  [Amended]

    9. Section 310.11(b) is amended by removing ``$2'' and adding in 
its place ``$10''.


Sec. 310.13  [Amended]

    10. Section 310.13 is amended by removing ``Sec. 310.10(d)(2)'' 
each place it appears and adding in its place ``Sec. 310.10(c)(2)''.

    By order of the Board of Directors.

    Dated at Washington, DC, this 13th day of August, 1996.

Federal Deposit Insurance Corporation.
Jerry L. Langley,
Executive Secretary.
[FR Doc. 96-21545 Filed 8-22-96; 8:45 am]
BILLING CODE 6714-01-P