[Federal Register Volume 62, Number 191 (Thursday, October 2, 1997)]
[Notices]
[Pages 51698-51702]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-25952]


=======================================================================
-----------------------------------------------------------------------

NATIONAL COUNTERINTELLIGENCE CENTER


Privacy Act of 1974; Establishment of a New System of Records

AGENCY: National Counterintelligence Center (NACIC).

ACTION: Establishment of Privacy Act system of records including 
statement of routine uses and detailed description of system.

-----------------------------------------------------------------------

SUMMARY: On February 27, 1997, the National Counterintelligence Center 
(NACIC) published for public comment a notice for the establishment of 
a new Privacy Act system of records. It was provided in that notice 
that the system of records would become effective without further 
notice 40 days after publication unless modified by a subsequent notice 
in order to incorporate comments received from the public.
    Although no comments were received from members of the public, 
reviews internally and by representatives of the Department of Justice 
approved the ``routine uses'' as published but otherwise suggested 
several clarifications to the descriptions set forth in the sections 
entitled ``Categories of records in the system'' and ``Exemptions 
claimed for the system.'' Inasmuch as the Privacy Act requires only 
that the portion of the system description which describes the 
``routine uses'' of a system be published

[[Page 51699]]

for comment, the NACIC Privacy Act declaration, is set forth in its 
entirety below.

DATES: This system of records notice is effective October 2, 1997.

FOR FURTHER INFORMATION WRITE: Information and Privacy Coordinator, 
Executive Secretariat Office, National Counterintelligence Center, 3W01 
NHB, Washington, DC 20505.

SUPPLEMENTARY INFORMATION: Pursuant to the Privacy Act, 5 U.S.C. 552a, 
NACIC hereby establishes a new system of records to be maintained at 
the NACIC headquarters. The purpose of this notice is to announce the 
creation and character of the system of records subject to the Privacy 
Act which is maintained by NACIC.
    For the convenience of the public, the above referenced 
clarifications to the previously published notice include:
    (a) Several modifications to the listed categories of records have 
been deemed appropriate for record system NACIC-1; they include:
    (1) The categories numbered 1-5 and 7 in the notice are deleted in 
that these categories of records are neither indexed nor retrievable by 
name or other personal identifier and thus do not meet the basic 
definition of a Privacy Act system of records;
    (2) The category entitled ``Publications, Training Materials and 
Regional Seminar Records'' and numbered 8 in the notice is clarified to 
include not only ``lists of speakers'' but also speaker qualifications 
and courses in which they have participated to the extent such data 
exists; it is also clarified in that the materials previously covered 
by the term ``case studies'' are now separately listed as a 
``Counterintelligence Damage Assessments and Incident Files'';
    (3) The category entitled ``Personnel files'' and numbered 9 in the 
notice is modified to include NACIC personnel who are independent 
contractors;
    (4) A new category entitled ``Counterintelligence Damage 
Assessments and Incident Files'' is added and includes copies of the 
finished assessments of the damage to U.S. intelligence sources and 
methods resulting from significant and particular espionage cases as 
well as summaries of significant counterintelligence incidents 
including the circumstances and characteristics of the target, the 
circumstance of the event, and the particular threat presented;
    (5) A new category entitled ``Computer and Physical Security 
Files'' is added and includes data such as the names, passwords, 
accesses and special accesses to both physical locations and computer 
systems, relevant audit trails for such accesses, and particular 
clearances and certifications of clearances; the individuals covered 
include all personnel assigned to NACIC as well as other individuals 
holding national security clearances and having authorized access to 
NACIC facilities and/or computer systems.
    (b) Several corrections to the section of the notice entitled 
``Exemptions claimed for the system'' have been determined necessary as 
a result of an editing error prior to submission of the notice to the 
Federal Register they include:
    (1) The specific reference to Privacy Act exemption (k)(1) was 
inadvertently omitted from the discussion of the exemption for 
classified national security information and is now included;
    (2) The listings of Privacy Act exemptions (k) (2)-(6) as 
authorized by the Act were also inadvertently omitted and are now 
included although their invocation, given the mission of NACIC, will be 
rare;
    (3) And, the reference to Privacy Act exemption (j)(1) is clarified 
so that it applies only to that information in the joint custody of the 
Central Intelligence Agency (CIA) and NACIC where the Director of 
Central Intelligence (DCI) has determined that such information should 
be exempt from certain specified provisions of the Privacy Act pursuant 
to the National Security Act of 1947 and the CIA Act of 1949;
    (c) An addition to the sections of the notice entitled ``Record 
access procedures'' and ``Contesting record procedures'' has also been 
determined to be appropriate in order specifically to inform members of 
the public of their right to and procedures to effect an administrative 
appeal in the event of a denial of their request.
    Accordingly, the notice regulating the management of an public 
access to the Privacy Act record system maintained by NACIC are set 
forth in their entirety below.

Statement of General Routine Uses

    The following routine uses apply to, and are incorporated by 
reference into each system of records maintained by NACIC. It should be 
noted that, before the individual record system notices begin, the 
blanket routine uses of the records are published below only once in 
the interest of simplicity, economy and to avoid redundancy.
    1. Routine Use-Law Enforcement: In the event that a system of 
records maintained by NACIC to carry out its functions indicates a 
violation or potential violation of law, whether civil, criminal or 
regulatory in nature, and whether arising by general statute or by 
regulation, rule or order issued pursuant thereto, the relevant records 
in the system of records maybe referred, as a routine use, to the 
appropriate agency whether Federal, state, local or foreign, charged 
with the responsibility of investigating or prosecuting such violation 
or charged with enforcing or implementing the statute, rule, regulation 
or order issued pursuant thereto.
    2. Routine Use-Disclosure When Requesting Information: A record 
from a system of records maintained by this component may be disclosed 
as a routine use to a Federal, state, or local agency maintaining 
civil, criminal, or other relevant enforcement information or other 
pertinent information, if necessary to obtain information relevant to a 
component decision concerning the hiring or retention of an employee, 
the issuance of a security clearance, the letting of a contact, or the 
issuance of a license, grant or other benefit.
    3. Routine Use-Disclosure of Requested Information: A record from a 
system of records maintained by this component may be disclosed to a 
Federal agency, in response to its request, in connection with the 
hiring or retention of an employee, the issuance of a security 
clearance, the reporting of an investigation of an employee, the 
letting of a contract, or the issuance of a license, grant or other 
benefit by the requesting agency, to the extent that the information is 
relevant and necessary to the requesting agency's decision on the 
matter.
    4. Routine Use-Congressional: Inquiries from a system of records 
maintained by this component maybe made to a Congressional office from 
the record of an individual in response to an inquiry from the 
Congressional office made at the request of that individual.
    5. Routine Use-Disclosures Required by International Agreements: A 
record from a system of records maintained by this component may be 
disclosed to foreign law enforcement, security, investigatory, or 
administrative authorities in order to comply with requirements imposed 
by, or to claim rights conferred in, international agreements and 
arrangements including those regulating the stationing and status in 
foreign countries of Department of Defense military and civilian 
personnel.
    6. Routine Use-disclosure to the Department of Justice for 
Litigation: A record from a system of records maintained by this 
component may be disclosed as routine use to any component of the 
Department of Justice

[[Page 51700]]

for the purpose of representing any officer, employee or member of this 
component in pending or potential litigation to which the record is 
pertinent.
    7. Routine Use-Disclosure of Information to the Information 
Security Oversight Office (ISOO): A record from a system of records 
maintained by this component may be disclosed as a routine use to the 
Information Security Oversight Office (ISOO) or any other executive 
branch entity authorized to conduct inspections or develop security 
classification policy for the purpose of records management inspections 
conducted under authority of 44 U.S.C. 2904 and 2906.
    8. Routine Use-Disclosure of Information to the National Archives 
and Records Administration (NARA): A record from a system of records 
maintained by this component may be disclosed as a routine use to the 
National Archives and Records Administration (NARA) for the purpose of 
records management inspections conducted under authority of 44 U.S.C. 
2904 and 2906.
    9. Routine Use-Disclosure to the Merit Systems Protection Board: A 
record from a system of records maintained by this component may be 
disclosed as a routine use to the Merit Systems Protection Board, 
including the Office of the Special Counsel for the purpose of 
litigation including administrative proceedings, appeals special 
studies of the civil service and other merit systems, review of OPM or 
component rules and regulations, investigation of alleged or possible 
prohibited personnel practices; including administrative proceedings 
involving any individual subject of investigation, and such other 
functions, promulgated in 5 U.S.C. 1205 and 1206, or as may be 
authorized by law.
    10. Routine Use-Counterintelligence Purposes: A record from a 
system of records maintained by this component may be disclosed as a 
routine use outside the U.S. Government for the purpose of 
counterintelligence activities authorized by U.S. Law or executive 
Order or for the purpose of enforcing laws which protect the national 
security of the United States.
    NACIC-1

SYSTEM NAME:
    National Counterintelligence Center System of Records (NACIC-1)

SECURITY CLASSIFICATION:
    The classification of individual records in the system range from 
UNCLASSIFIED to TOP SECRET Codeword.

SYSTEM LOCATION:
    National Counterintelligence Center, 3W01 NHB, Washington, DC 20505

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    1. Individuals who are of foreign intelligence or foreign 
counterintelligence interest and relate in any manner to foreign 
intelligence threats to U.S. national and economic security;
    2. Applicants for, and current and former personnel of NACIC who 
are federal employees;
    3. Individuals associated with NACIC administrative operations or 
services including independent contractors, industrial contractor 
employees, or individuals otherwise associated with such operations and 
services;
    4. And, any other individuals authorized access to NACIC 
information and facilities.

CATEGORIES OF RECORDS IN THE SYSTEM:
    1. Counterintelligence Damage Assessments and Incident Files: 
Maintained by the NACIC Threat Assessment Office (TAO); records include 
copies of the finished assessments of the damage to U.S. intelligence 
sources and methods resulting from significant and particular espionage 
cases as well as summaries of significant counterintelligence incidents 
including the circumstances and characteristics of the target, the 
circumstances of the event, and the particular threat presented;
    2. Compromised Names Database: Maintained by the NACIC Threat 
Assessment Office (TAO); the database is utilized to notify U.S. 
intelligence community personnel whose names were potentially 
compromised as a result of espionage or other foreign intelligence 
collection activity; the database contains the names of persons 
potentially compromised, date of the memo sent to the person or their 
employer informing them, and documentary reference(s) to the 
compromised information;
    3. Computer and Physical Security Files: Maintained by the NACIC 
Executive Secretariat Office (ESO); records include the names, 
passwords, accesses, and special accesses to both physical locations 
and computer systems, relevant audit trails for such accesses, and 
particular clearances and certifications of clearances;
    4. Publication, Training and Seminar Files: Maintained by NACIC's 
Program Integration Office (PIO) Community Training Branch; records 
include letters of acceptance, enrollment forms, thank you letters, 
lists of attendees, lists of speakers, notes, case studies, syllabi, 
training packets, magazine or newspaper articles, and other records 
used either for course development purposes or to facilitate the 
presentation of seminars;
    5. Personnel Files:
    a. Specific types of personnel records are maintained by the NACIC 
Front Office (FO); these records are maintained in individual official 
personnel folders and include, inter alia, papers documenting personnel 
actions, performance appraisals, correspondence, travel documents, 
contracts, justifications, memorandums, and administrative material;
    b. A second type of personnel records is maintained by the NACIC 
Executive Secretariat Office (ESO); these records are Memorandums of 
Agreement between the detailee's parent organization and NACIC;
    c. The third type of personnel records is maintained by the NACIC 
Program Integration Office/Community Training Branch (PIO/CTB); these 
records include the training documents;
    6. Freedom of Information Act (FOIA)/Privacy Act (PA) Requests and 
Legal Files: Files created in response to public requests for 
information and/or amendment of records under the FOIA/PA, consisting 
of the original request, a copy of the reply thereto, and all related 
supporting files which may include the official file copy of requested 
record or copy thereof; also, all similar records created in response 
to administrative appeals and litigations predicated on such initial 
requests;
    7. Special Search Files: Files created in response to official 
United States or foreign government requests for information which may 
include requests from executive, congressional, judicial, or diplomatic 
sectors consisting of the original tasking or request, a copy of the 
reply thereto, and all related supporting files which may include the 
official file copy of the requested record or copy thereof.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Section 506(a) of the Federal Records Act of 1950, codified at 44 
U.S.C. 3101, and Title 36, Code of Federal Regulations, Chapter XII, 
which require Federal agencies to insure that adequate and proper 
records are made and preserved to document the organization, functions, 
polices, decisions, procedures and transactions and to protect the 
legal and financial rights of the Federal Government.

PURPOSE(s):
    NACIC was established by Presidential directive for the purpose of

[[Page 51701]]

coordinating national level counterintelligence activities of the 
United States. The purposes for the maintenance of these records 
include: Coordinating national strategic CI planning efforts, providing 
strategic guidance and assessing the effectiveness of CI operations, 
facilitating the development of and implementing training for the CI 
community, producing national-level foreign intelligence threat 
assessments, and coordinating assessments of damage to U.S. interests 
resulting from espionage cases.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    See Statement of General Routine Uses.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Files are maintained in computerized form and hard copy form; 
computerized form may be stored in memory, on disk storage, on computer 
tape, and/or on a computer printed listing.

RETRIEVABILITY:
    Names and related information are retrievable by automated or hand 
search based on extant indices and automated capabilities utilized in 
the normal course of business. Under applicable law and regulations, 
NACIC may not permit any organization, public or private, outside the 
NACIC to have direct access to NACIC files; accordingly, all searchers 
of NACIC databases and paper files will be performed on site, within 
NACIC space, by NACIC personnel.

SAFEGUARDS:
    Records and databases are maintained in a restricted area within 
NACIC and are accessed only by NACIC personnel. All employees are 
checked to ensure that they hold currently valid security clearances, 
are cautioned about divulging classified or other privileged 
information contained in NACIC files, and are advised that failure to 
abide by these provisions may constitute a violation of federal 
criminal law and/or give rise to civil liability. Employees who resign 
or retire are also cautioned about divulging information acquired in 
their jobs. Registered mail is used to transmit routine hard copy 
records while highly classified records are hand carried by individuals 
holding appropriate security clearances. Highly classified or sensitive 
privacy information, which is electronically transmitted between NACIC 
and other offices, is transmitted in encrypted form to prevent 
interception.

RETENTION AND DISPOSAL:
    Records evaluated as historical and permanent will be transferred 
to the National Archives after established retention periods and 
administrative needs of the NACIC have elapsed.

SYSTEM MANAGER(S) AND ADDRESS:
    Information and privacy Coordinator, Executive Secretariat Office, 
National Counterintelligence Center, 3W01 NHB, Washington, DC 20505.

NOTIFICATION PROCEDURE:
    See record access procedures, infra.

RECORD ACCESS PROCEDURES;
    A request for access to a record from the system shall be made in 
writing with the envelope and the letter clearly marked ``Privacy Act 
Request.'' Your request should include your full name, complete 
address, date of birth, place of birth, notarized signature (or 
declaration under penalty of perjury), and other identifying data you 
may wish to furnish to assist in making a proper search of NACIC 
records. A request for access to records must describe the records 
sought in sufficient detail to enable NACIC personnel to locate the 
system of records containing the record with a reasonable amount of 
effort. Whenever possible, a request for access should describe the 
nature of the record sought, and the data of the record or the period 
in which the record was compiled. The requester must also provide a 
return address for transmitting the information. Requests for access 
must be addressed to the System Manager as noted above.

CONTESTING RECORD PROCREDURES:
    Individuals desiring to contest or amend information maintained in 
the system should also direct their request to the System Manager as 
noted above. Such requests should delineate the information believed to 
be incorrect and should include the information requested to be 
substituted or added to the record.

RECORD SOURCE CATEGORIES:
    Record source categories include subject individuals pursuant to 
notice, official records and information disseminated to NACIC by other 
federal government entities, and official records and information 
provided to NACIC by other entities including foreign, state and local 
governments as well as individuals and business entities.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    Notice is hereby given that NACIC intends to exempt from certain 
provisions of the Privacy Act the following information pursuant to the 
following specified authority:
    (a) Records or portions of records in the physical possession of 
NACIC which were originated by other federal agencies or which contain 
information originated by such agencies shall be deemed to be in the 
joint legal custody of and mutually maintained by both agencies. 
Accordingly, NACIC shall apply any applicable exemptive provisions when 
so informed by those agencies;
    (b) Records or portions of records in the physical custody of NACIC 
which would reveal intelligence sources and methods in contravention of 
the National Security Act of 1947 are, pursuant to the exemptions 
previously authorized by the Director of Central Intelligence under the 
authority of section (j)(1), exempt from disclosure of accounting 
(section (c)(3)), disclosure (section (d)), notification of collection 
authority (section (e)(3) (A-D)), and notification of existence of 
records (sections (e)(4)(G) and (f)(1)); in such instances where 
confirmation of the existence of a record may itself jeopardize 
intelligence sources and methods, the Coordinator must neither confirm 
nor deny the existence of the record and shall advise the requester 
that there is no record which is available pursuant to the Privacy Act;
    (c) Records or portions of records in the physical custody of NACIC 
which are currently and properly classified pursuant to Executive Order 
12958 (or predecessor or subsequent Order) are, under the authority of 
section (k)(1), exempt from disclosure of accounting (section (c)(3)), 
disclosure (section (d)), and notification of existence of records 
(sections (e)(4)(G) and (f)(1));
    (d) Records or portions of records in the physical custody of NACIC 
which are investigatory in nature and compiled for law enforcement 
purposes, other than material within the scope of section (j)(2) of the 
Act, are, under the authority of section (k)(2), exempt from disclosure 
(section (d)); provided however, that if an individual is denied any 
right, privilege, or benefit to which he/she is otherwise eligible, as 
a result of the maintenance of such material, then such material shall 
be provided to that individual except to the extent that the disclosure 
would reveal the identity of a source who furnished the information to 
the United States

[[Page 51702]]

Government under an express promise of confidentiality, or, prior to 
the effective date of this section, under an implied promise of 
confidentiality;
    (e) Records or portions of records in the physical custody of NACIC 
which are maintained in connection with providing protective services 
to the President of the United States or other individuals pursuant to 
18 U.S.C. section 3056 are, under the authority of section (k)(3), 
exempt from disclosure (section (d));
    (f) Records or portions of records in the physical custody of NACIC 
which are required by statute to be maintained and used solely as 
statistical records are, under the authority of section (k)(4), exempt 
from disclosure (section (d));
    (g) Records or portions of records in the physical custody of NACIC 
which are investigatory in nature and compiled solely for the purpose 
of determining suitability, eligibility, or qualifications for federal 
civilian employment, military service, federal contracts, or access to 
classified information are, under the authority of section (k)(5), 
exempt from disclosure (section (d)); provided that and only to the 
extent that disclosure would reveal the identity of a source who 
furnished information to the United States Government under an express 
promise of confidentiality, or, prior to the effective date of this 
section, under an implied promise of confidentiality;
    (h) And, records or portions of records in the physical custody of 
NACIC which are testing or examination material used solely to 
determine individual qualifications for appointment or promotion in the 
federal service are, under the authority of section (k)(6), exempt from 
disclosure (section (d)); provided that and only to the extent that 
disclosure would compromise the objectivity or fairness of the testing 
or examination process.
Michael Waguespack,
Director, National Counterintelligence Center.
[FR Doc. 97-25952 Filed 10-1-97; 8:45 am]
BILLING CODE 6310-02-M