[Federal Register Volume 64, Number 177 (Tuesday, September 14, 1999)]
[Notices]
[Pages 49776-49779]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 99-23825]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Defense Security Service


Privacy Act of 1974; System of Records

AGENCY: Defense Security Service, DoD.

ACTION: Notice to alter a system of records.

-----------------------------------------------------------------------

SUMMARY: The Defense Security Service is proposing to consolidate two 
existing exempt systems of records (V8-01, Industrial Personnel 
Security Clearance File into V5-03, Case Control Management System 
(CCMS)) under one notice. This consolidation also requires that the 
existing exemption rule for V5-03 be altered to add a ``(k)(5)'' 
exemption for the records formerly under V8-01.

DATES: This proposed action will be effective without further notice on 
October 14, 1999, unless comments are received which result in a 
contrary determination.

ADDRESSES: Send comments to Office of the General Counsel, Defense 
Security Service, 1340 Braddock Place, Alexandria, VA 22314-1651.

FOR FURTHER INFORMATION CONTACT: Mr. Leslie Blake (703) 325-9450.

SUPPLEMENTARY INFORMATION: The Defense Security Service systems of 
records notices subject to the Privacy Act of 1974, (5 U.S.C. 552a), as 
amended, have been published in the Federal Register and are available 
for the address above.
    The proposed system report, as required by 5 U.S.C. 552a(r) of the 
Privacy Act of 1974, as amended, was submitted on August 30, 1999, to 
the House Committee on Government Reform, the Senate Committee on 
Governmental Affairs, and the Office of Management and Budget (OMB) 
pursuant to paragraph 4c of Appendix I to OMB Circular No. A-130, 
``Federal Agency Responsibilities for Maintaining Records About 
Individuals,'' dated February 8, 1996 (February 20, 1996, 61 FR 6427).


[[Page 49777]]


    Dated: September 8, 1999.
L.M. Bynum,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
V5-03

System name:
    Defense Integrated Management System (DIMS) (February 22, 1993, 58 
FR 10904).

CHANGES:
* * * * *

SYSTEM NAME:
    Delete entry and replace with ``Case Control Management System 
(CCMS).''

System location:
    Delete entry and replace with ``Primary location: Defense Security 
Service, Operation Center--Baltimore, 881 Elkridge Landing Road, 
Linthicum, MD 21090-2902.
    Decentralized locations: Remote terminals processing CCMS data are 
located at DSS's twelve Operating Locations (OL) and Operation Center--
Columbus. Operating Locations addresses can be obtained from the 
Primary location.''

Categories of individuals covered by the system:
    Delete entry and replace with ``Any person who is the subject or 
co-subject of an ongoing or completed Defense Security Service (DSS) 
investigation to include employees and major stockholders of DoD 
affiliated government contractors who have been issued, now possess, 
are, or have been in process for personnel security clearance 
eligibility determinations.''

Categories of records in the system:
    Delete entry and replace with ``CCMS is composed of investigations 
conducted by DSS and clearance actions taken for contractors. 
Information may include investigative assignment records, which may 
serve as the basis for the investigation, or which serve to guide and 
facilitate investigative activity; information used to open and conduct 
the investigation; records on the type of investigation, on the type 
and number of leads assigned to DSS field elements and leads sent to 
National Agencies for investigations in progress and the results of 
those leads received from the National Agencies. The system also 
identifies the current status of an investigative request (open/closed) 
and the status of individual leads being conducted, to include 
additions to, deletion of or amendment to those leads. The system also 
consists of records pertaining to clearance information on contractors, 
which may include name, Social Security Number, case number, date and 
level of security clearance granted, results of interim or final 
eligibility determinations, clearance applications, record of 
clearance, foreign clearance and travel information, clearance 
processing information, adverse information and other internal and 
external correspondence and administrative memoranda relative to the 
clearance.''
* * * * *

Purpose(s):
    Delete entry and replace with ``To determine the existence, 
location, and status of subject cases; to control workload and prepare 
statistical reports; to inform federal agencies or requesters of the 
status of on-going investigative or personnel security action request 
and to manage the granting of interim and final clearances for 
contractor personnel.''
* * * * *

Retention and disposal:
    Delete entry and replace with ``File data composed of the Official 
Reports of Investigation (ROIs) and associated material (clearance 
applications/forms) on closed investigations completed by DSS are 
transferred to the Personnel Security Investigative File Automation 
Subsystem (V5-01) and will be retained for a period corresponding to 
the retention of investigative files described in V5-01. Clearance data 
on contractors reflecting the existence of an open case, record of a 
National Agency Check (NAC) in progress/completed, record of clearance, 
are entered into the DCII data base and retained for a period 
corresponding to the retention of DCII files described V5-02. Data 
pertaining to favorable adjudicative actions on contractors will be 
retained for 2 years following the termination of employment. 
Unfavorable adjudicative actions (clearance denied/suspended/revoked) 
will be retained for 5 years following the termination of the 
clearance. In cases involving the death of an individual holding a 
clearance, the clearance data will be retained until the subject would 
have attained the age of 80 years. Data released in accordance with the 
Privacy Act or Freedom of Information Act (FOIA) will be retained for 5 
years. Historical data (non-personal statistical data on numbers of 
cases opened/closed, number of leads, types of investigations, number 
of clearances granted/denied, etc.) will be retained indefinitely.''
    Paper records are destroyed by burning or shredding; electronic 
records are deleted.''
* * * * *

Record source categories:
    Delete entry and replace with `Subject's of DSS investigations and 
DSS investigative reports; records of other DoD activities and 
components, federal, state, county and municipal records.'

exemptions claimed for the system:
    Add to the entry `Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications for 
federal civilian employment, military service, federal contracts, or 
access to classified information may be exempt pursuant to 5 U.S.C. 
552a(k)(5), but only to the extent that such material would reveal the 
identity of a confidential source.'
V5-03

System name:
    Case Control Management System (CCMS).

System location:
    Primary location: Defense Security Service, Operation Center-
Baltimore, 881 Elkridge Landing Road, Linthicum, MD 21090-2902.
    Decentralized locations: Remote terminals processing CCMS data are 
located at DSS's twelve Operating Locations (OL) and Operation Center-
Columbus. Operating Locations addresses can be obtained from the 
Primary location.

Categories of individuals covered by the system:
    Any person who is the subject or co-subject of an ongoing or 
completed Defense Security Service (DDS) investigation to include 
employees and major stockholders of DoD affiliated government 
contractors who have been issued, now possess, are, or have been in 
process for personnel security clearance eligibility determinations.

Categories of records in the system:
    CCMS is composed of investigations conducted by DSS and clearance 
actions taken for contractors. Information may include investigative 
assignment records, which may serve as the basis for the investigation, 
or which serve to guide and facilitate investigative activity; 
information used to open and conduct the investigation; records on the 
type of investigation, on the type and number of leads assigned to DSS 
field elements and leads sent to National Agencies for investigations 
in progress and the results of those leads received from the National 
Agencies. The system also identifies the current status of an 
investigative request (open/closed) and the status of individual leads 
being conducted, to include

[[Page 49778]]

additions to, deletion of or amendment to those leads. The system also 
consists of records pertaining to clearance information on contractors, 
which may include name, Social Security Number, case number, date and 
level of security clearance granted, results of interim or final 
eligibility determinations, clearance applications, record of 
clearance, foreign clearance and travel information, clearance 
processing information, adverse information and other internal and 
external correspondence and administrative memoranda relative to the 
clearance.

Authority for maintenance of the system:
    5 U.S.C. 301, Departmental Regulations; DoD Directive 5105.42, 
Defense Security Service (32 CFR part 361); DoD Regulation 5200.2, 
Personnel Security Program (32 CFR part 156); and E.O. 9397 (SSN).

Purpose(s):
    To determine the existence, location, and status of subject cases; 
to control workload and prepare statistical reports; to inform federal 
agencies or requester of the status of on-going investigative or 
personnel security action request and to manage the granting of interim 
and final clearances for contractor personnel.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the DoD as a routine use 
pursuant to 5 U.S.C. 552a(b)(3) as follows:
    The `Blanket Routine Uses' published at the beginning of DSS' 
compilation of systems of records, notices apply to this system.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
storage:
    CCMS is stored on disk as part of a central database that has a 
mirrored structure (duplicate file) to provide immediate recovery in 
case of disk failure. It is regularly backed up onto magnetic tape for 
storage as a contingency in case of system or disk failure.

Retrievability:
    CCMS records are retrieved by name or Social Security Number. 
History file records may also contain a case control number (CCN), 
which can be used to retrieve records.

SAFEGUARDS:
    Generalized validation is provided through online and batch edit 
criteria that must be honored before an information request or update 
will occur. Remote terminals must pass through the DSS Firewall or 
equivalent access controls, both of which have encryption that exceeds 
the DES standard. All data transfers and information retrievals that 
use remote communication facilities are encrypted to at least the DES 
standard. The DSS computer facility housing the CCMS is protected by 
security guards at all times and access to the computer room is 
controlled by a combination lock to prevent unauthorized access. 
Organizations that receive our information and provide responses are 
responsible for ensuring that only individual's in their organizations 
who have appropriate authority and need-to-know gain access to CCMS 
data.

RETENTION AND DISPOSAL:
    File data composed of the Official Reports of Investigation (ROIs) 
and associated material (clearance applications/forms) on closed 
investigations completed by DSS are transferred to the Personnel 
Security Investigative File Automation Subsystem (V5-01) and will be 
retained for a period corresponding to the retention of investigative 
files described in V5-01. Clearance data on contractors reflecting the 
existence of an open case, record of a National Agency Check (NAC) in 
progress/completed, record of clearance, are entered into the DCII data 
base and retained for a period corresponding to the retention of DCII 
files described V5-02. Data pertaining to favorable adjudicative 
actions on contractors will be retained for 2 years following the 
termination of employment. Unfavorable adjudicative actions (clearance 
denied/suspended/revoked) will be retained for 5 years following the 
termination of the clearance. In cases involving the death of an 
individual holding a clearance, the clearance data will be retained 
until the subject would have attained the age of 80 years. Data 
released in accordance with the Privacy Act or Freedom of Information 
Act (FOIA) will be retained for 5 years. Historical data (non-personal 
statistical data on numbers of cases opened/closed, number of leads, 
types of investigations, number of clearances granted/denied, etc.) 
will be retained indefinitely.
    Paper records are destroyed by burning or shredding; electronic 
records are deleted.

SYSTEM MANAGER(S) AND ADDRESS:
    Director, Operations Center-Baltimore, 881 Elkridge Landing Road, 
Linthicum, MD 21090-2902.

NOTIFICATION PROCEDURES:
    Individuals seeking to determine whether information about 
themselves is contained in this system should address written inquiries 
to the Defense Security Service, Office of FOI and PA, 1340 Braddock 
Place, Alexandria, VA 22314-1651.

RECORD ACCESS PROCEDURES:
    Individuals seeking access to information about themselves 
contained in this system should address written inquiries to the 
Defense Security Service, Privacy Branch, PO Box 46060, Baltimore, MD 
21240-6060.
    Individual should provide full name and all maiden and alias names 
under which files may be maintained. For verification purposes, the 
Social Security Number may be necessary for positive identification of 
certain records.
    Personal visits will require a valid driver's license or other 
picture identification and are limited to the Defense Security Service, 
881 Elkridge Landing Road, Linthicum, MD 21090-2902.

CONTESTING RECORD PROCEDURES:
    DSS' rules for accessing records, contesting contents, and 
appealing initial agency determinations are contained in DSS Regulation 
01-13: 32 CFR part 321; or may be obtained from the Defense Security 
Service, Office of FOI and PA, 1340 Braddock Place, Alexandria, VA 
22314-1651.

RECORD SOURCE CATEGORIES:
    Subject's of DSS investigations and DSS investigative reports; 
records of other DoD activities and components, federal, state, county 
and municipal records.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    Investigatory material compiled for law enforcement purposes may be 
exempt pursuant to 5 U.S.C. 552a(k)(2). However, if an individual is 
denied any right, privilege, or benefit for which he would otherwise be 
entitled by Federal law or for which he would otherwise be eligible, as 
a result of the maintenance of such information, the individual will be 
provided access to such information except to the extent that 
disclosure would reveal the identity of a confidential source.
    Investigatory material compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for federal 
civilian employment,

[[Page 49779]]

military service, federal contracts, or access to classified 
information may be exempt pursuant to 5 U.S.C. 552a(k)(5), but only to 
the extent that such material would reveal the identity of a 
confidential source.
    An exemption rule for this record system has been promulgated in 
accordance with requirements of 5 U.S.C. 553(b)(1), (2), and (3), (c) 
and (e) and published in 32 CFR part 321. For additional information 
contact the system manager.

[FR Doc. 99-23825 Filed 9-13-99; 8:45 am]
BILLING CODE 5001-10-M