[Federal Register Volume 67, Number 145 (Monday, July 29, 2002)]
[Notices]
[Pages 49048-49049]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 02-19112]



[[Page 49048]]

=======================================================================
-----------------------------------------------------------------------

PEACE CORPS


Privacy Act of 1974; System of Records

AGENCY: Peace Corps.

ACTION: Notice of establishment of new system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 
U.S.C. 552a), the Peace Corps is establishing a new system of records, 
PC-26, entitled ``Peace Corps Computer Systems Activity and Access 
Records.''

DATES: Please submit any comments on or before September 9, 2002. 
Unless the Peace Corps receives comments that would require another 
determination, this system becomes effective on September 9, 2002.

ADDRESSES: Please submit any comments within 40 days of publication on 
or before [40 days from publication insert date] to Gayle Rucker, 
Office of Information Resources Management, Room 3217, 1111 20th 
Street, NW., Washington, DC 20526. Ms. Rucker may be reached by phone 
at 202-692-1310 or by email at [email protected]. General 
information about the Peace Corps as an agency is provided at 
www.peacecorps.gov.

SUPPLEMENTARY INFORMATION: Section 552a(e)(4) and (11) of Title 5 of 
the United States Code provides that the public be given a 30-day 
period in which to comment on the new system. The Office of Management 
and Budget (OMB), which has oversight responsibility under the Act, 
requires a 40-day period in which to review the proposed system. In 
accordance with 5 U.S.C. 552a(r), Peace Corps has provided a report on 
this system to OMB and the Congress.
PEACE CORPS (PC-26)

SYSTEM NAME:
    Peace Corps Computer Systems Activity and Access Records.

SYSTEM LOCATION:
    Peace Corps offices (and other sites utilized by the Peace Corps) 
throughout the world. Headquartered at Peace Corps, Office of 
Information Resource Management, 1111 20th Street, NW., Washington, DC 
20526.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    All or any individuals who access Peace Corps network computers or 
mainframe/enterprise servers, including individuals who send and 
receive electronic communications, access Internet sites, or access 
system databases, files, or applications from Peace Corps computers or 
sending electronic communications to Peace Corps computers; and 
individuals attempting to access Peace Corps computers or systems 
without authorization.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records in this system of records may include: Records on the use 
of interoffice and Internet e-mail systems, including the e-mail 
address of the sender and receiver of the e-mail message, subject, 
date, and time; records on user access to Peace Corps networks, 
including user ID, date and time of log on and log off, and denials of 
access to unauthorized files or directories; records of Internet access 
from a Peace Corps computer, such as the Internet Protocol (IP) address 
of the computer being used to initiate the Internet connection, the 
site accessed, date, and time; records relating to mainframe/enterprise 
server access, such as user ID of the individual accessing the 
mainframe, date and time, and the process being run on the mainframe; 
records relating to verification or authorization of an individual's 
access to systems, files, or applications, such as user IDs, passwords, 
user names, title, and agency.
    Logs of Internet access from a Peace Corps computer do not contain 
names or similar personal identifiers. However, for official government 
business purposes, a name may be associated with an IP address.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The Computer Security Act of 1987, 49 U.S.C. 1441 note, requires 
Federal agencies to plan for the security and privacy of their computer 
Systems nad the Peace Corps Act, 22 U.S.C. 2501, et seq.

PURPOSE(S):
    The underlying raw data in this system of records is used by the 
Peace Corps' systems and security personnel, or persons authorized to 
assist these personnel, to plan and manage system services and to 
otherwise perform their official duties. Authorized Peace Corps 
managers may use the records in this system to investigate improper 
access or other improper activity related to computer system access; to 
initiate disciiplinary or other such action; and/or where the record(s) 
may appear to indicate a violation or potential violation of the law, 
to refer such record(s) to the appropriate investigative arm of Peace 
Corps, or other law enforcement agency for investigation.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSE OF SUCH USE:
    A. Disclosure for Law Enforcement Purposes. Information may be 
disclosed to the appropriate Federal, State, local, or foreign agency 
responsible for investigating, prosecuting, enforcing, or implementing 
a statute, rule, regulation, or order, if the information indicates a 
violation or potential violation of civil or criminal law or regulation 
within the jurisdiction of the receiving entity.
    B. Disclosure Incident to Requesting Information. Information may 
be disclosed to any source from which additional information is 
requested (to the extent necessary to identify the individual, inform 
the source of the purpose(s) of the request, or to identify the type of 
information requested); when necessary to obtain information relevant 
to a Peace Corps decision concening retention of an employee or other 
personnel action (other than hiring), retention of a security 
clearance, the letting of a contract, or the issuance or retention of a 
grant or other benefit.
    C. Disclosure to Requesting Agency. Information may be disclosed to 
a Federal, State, local, or other public authority of the fact that 
this system of records contains information relevant to the requesting 
agency's retention of an employee, the retnetion of a security 
clearance, the letting of a contract, or the issuance or retention of a 
license, grant, or other benefit. The other agency or licensing 
organization may then make a request supported by the written consent 
of the individual for part or all of the record if it so chooses. No 
disclosure will be made unless the information has been determined to 
be sufficiently reliable to support a referral to another office within 
the agency or to another Federal agency for criminal, civil, 
administrative, personnel, or regulatory action.
    D. Disclosure to Office of Management and Budget. Information may 
be disclosed to the Office of Management and Budget at any stage in the 
legislative coordiantion and clearance process in connection with 
private relief legislation as set forth in OMB Circular No. A-19.
    E. Disclosure to Congressional Offices. Information may be 
disclosed to a congressional office from the record of an individual in 
response to an inquiry from the congressional office made at the 
request of the individual.
    F. Disclosure to Department of Justice. Information may be 
disclosed for purposes of litigation, provided that in each case the 
disclosure is compatible with the purpose for which the records were 
collected. Disclosure for these

[[Page 49049]]

purposes may be made to the Department of Justice, or in a proceeding 
before a court, adjudicative body, or other administrative body before 
which the Peace Corps is authorized to appear. This disclosure may be 
made when: 1. The Peace Corps, or any component thereof; 2. Any 
employee of the Peace Corps in his or her official capacity; 3. Any 
employee of the Peace Corps in his or her individual capacity where the 
Department of Justice or the Peace Corps has agreed to represent the 
employee; or 4. The United States (when the Peace Corps determines that 
litigation is likely to affect the Peace Corps or any of its 
components); is a party to litigation or has an interest in such 
litigation, and the use of such records by the Department of Justice or 
the Peace Corps is deemed by the Peace Corps to be relevant and 
necessary to the litigation.
    G. Disclosure to the National Archives. Information may be 
disclosed to the National Archives and Records Administration in 
records management inspections.
    H. Disclosure to Contractors, Grantee, and Others. Information may 
be disclosed to contractors, grantees, consultants, or Volunteer 
performing, or working on a contract, service, grant, cooperative 
agreement, job, or other activity for the Peace Corps and who have a 
need to have access to the information in the performance of their 
duties or activities for the Peace Corps. When appropriate, recipients 
will be required to comply with the requirements of the Privacy Act of 
1974 as provided in 5 U.S.C. 552a(m).
    I. Disclosures for Administrative Claims, Complaints, and Appeals. 
Information may be disclosed to an authorized appeal grievance 
examiner, formal complaints examiner, equal employment opportunity 
investigator, arbitrator, or other person properly engaged in 
investigation or settlement of an administrative grievance, complaint, 
claim, or appeal filed by an employee, but only to the extent that the 
information is relevant and necessary to the proceeding. Agencies that 
may obtain information under this routine use include, but are not 
limited to, the Office of Personnel Management, Office of Special 
Counsel, Merit Systems Protection Board, Federal Labor Relations 
Authority, Equal Employment Opportunity Commission, and Office of 
Government Ethics.
    J. Disclosure to the Office of Personnel Management. Information 
may be disclosed to the Office of Personnel Management pursuant to that 
agency's responsibility for evaluation and oversight of Federal 
personnel management.
    K. Disclosure in Connection with Litigation. Information may be 
disclosed in connection with litigation or settlement discussions 
regarding claims by or against the Peace Corps, including public filing 
with a court, to the extent that disclosure of the information is 
relevant and necessary to the litigation or discussions and except 
where court orders are otherwise required under section (b)(11) of the 
Privacy Act of 1974, 5 U.S.C. 552a(b)(11).
    In addition to the routine uses stated above in A, B, C, D, E, F, 
G, H, I, J, and K, the following shall apply to this system.
    Disclosure to provide information to any person(s) and authorized 
to assist in an approved investigation of improper usage of Peace Corps 
systems.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Records are stored in electronic and/or paper form.

RETRIEVABILITY:
    Records may be retrieved by user name, user ID, e-mail address, or 
other identifying search term employed, depending on the record 
category. The Peace Corps does not usually connect IP addresses with a 
person. However, in some instances, for official government business 
purposes, the Department may connect the IP address with an individual, 
and records may be retrieved by IP address.

SAFEGUARDS:
    Access is limited to those who have an official need to know. 
Specifically, only systems and security personnel or persons authorized 
to assist these personnel have access to automated records and magnetic 
storage media. These records are kept in a locked room with controlled 
entry. The use of password protection identification features and other 
automated data processing system protection methods also restrict 
access. All records are located in buildings with restricted access.

RETENTION AND DISPOSAL:
    Records of verification, authorization, computer system access, and 
other activities generated by the system shall be retained no longer 
than one year, unless required for management review. After one year, 
they are destroyed or deleted. (Records retention schedule pending 
approval by the Archivist of the United States.)

SYSTEM MANAGER(S) AND ADDRESS:
    Office of Information Resource Management, Peace Corps, 1111 20th 
Street, NW., Washington, DC 20526.

NOTIFICATION PROCEDURES:
    To the extent permitted under the Privacy Act of 1974, 5 U.S.C. 
552a(k)(5), this system is exempted from the provisions of the Privacy 
Act of 1974 that permit access and correction. Individual notification 
of this system and declaration of acceptance of this policy appears in 
the form of a Privacy Screen that must be acknowledged by each 
individual before access is granted to use a Peace Corps computer. This 
prompt appears with every beginning access or initiation of systems on 
the computer.
    Any individual who wants to know whether this system of records 
contains a record about him or her, who wants access to his or her 
record, or who wants to contest the contents of records, should make a 
written request to the System Manager. Requesters will be required to 
provide adequate identification such as a driver's license or employee 
identification card, or other identiying document. The written request 
should provide name, assigned computer location, and a description of 
information being sought, including the time frame during which the 
record(s) may have been generated. Provide verification of identity. 
Identify the information being contested, the reason for contesting it, 
and the correction requested. In general, this information is computer-
generated and is not subject to contest.

CONTESTING RECORD PROCEDURES:
    See Notification Procedures above.

RECORD ACCESS PROCEDURES:
    See Notification Procedures above.

RECORD SOURCE CATEGORIES:
    Most records are generated internally, i.e., computer activity 
logs; individuals covered by the system; and management officials.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
    None.

    This notice is issued in Washington, DC on July 23, 2002.
Gopal K. Khanna,
Chief Information Officer.

[FR Doc. 02-19112 Filed 7-19-02; 8:45 am]
BILLING CODE 6051-01-M