[Federal Register Volume 71, Number 82 (Friday, April 28, 2006)]
[Notices]
[Pages 25203-25205]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 06-4027]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Coast Guard

[USCG-2006-24540]


Privacy Act of 1974; System of Records

AGENCY: United States Coast Guard, Department of Homeland Security.

ACTION: Notice of Privacy Act system of records.

-----------------------------------------------------------------------

SUMMARY: The United States Coast Guard in the Department of Homeland 
Security is creating a new system of records for the secure collection 
of information from and about individuals and entities subject to the 
requirements of the Maritime Transportation Security Act of 2002.

DATES: The new system of records will be effective May 30, 2006, unless 
comments are received that result in a contrary determination.

ADDRESSES: You may submit comments identified by docket number USCG-
2006-24540 to the Docket Management Facility at the U.S. Department of 
Transportation. To avoid duplication, please use only one of the 
following methods:
    (1) Web site: http://dms.dot.gov.
    (2) Mail: Docket Management Facility, U.S. Department of 
Transportation, Room Plaza 401, 400 Seventh Street, SW., Washington, DC 
20590-0001.
    (3) Fax: 202-493-2251 (not toll-free).
    (4) Delivery: Room PL-401 on the Plaza level of the Nassif 
Building, 400 Seventh Street, SW., Washington, DC, between 9 a.m. and 5 
p.m., Monday through Friday, except Federal holidays. The telephone 
number is 202-366-9329.
    (5) Federal eRulemaking Portal: http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Mr. Donald Taylor, U.S. Coast Guard 
Privacy Officer. Address: Commandant (CG-611), U.S. Coast Guard, 2100 
2nd Street, SW., Washington, DC 20593-0001. Telephone number is 202-
475-3519.

SUPPLEMENTARY INFORMATION: The Maritime Transportation Security Act 
(MTSA) of 2002 establishes a comprehensive national system of 
transportation security enhancements to protect America's maritime 
community against the threat of terrorism without adversely affecting 
the flow of commerce through United States ports. The United States 
Coast Guard (USCG) is the lead Federal agency for maritime homeland 
security and has significant enforcement responsibilities under the 
MTSA. Among other responsibilities under the MTSA, the Coast Guard 
requires that maritime security plans be developed for ports, vessels 
and facilities, and that those with access to maritime facilities have 
credentials demonstrating their eligibility for such access.
    Homeport, a new system of records under the Privacy Act of 1974, 
will facilitate implementation of these requirements. Representatives 
of the maritime industry, members of Area Maritime Security Committees, 
which are required under the MTSA, other entities regulated by the 
MTSA, and USCG and other officials will be able to register and use 
Homeport for secure information dissemination and collaboration. In 
this aspect regulated entities will be able to use Homeport for 
electronic submission and approval of required security plans and the 
Coast Guard will be able to verify compliance with security 
requirements. Homeport will also be used to collect information from 
and about individuals for whom background screening will be conducted 
for purposes of establishing USCG-approved identification credentials 
for access to maritime facilities, and to inform owners and operators 
of those maritime facilities of the names of persons who have passed 
the background screening. Homeport also has the capability to be used 
as a communications tool in the event of a natural disaster or other 
emergency to facilitate secure communications.
    The Privacy Act embodies fair information principles in a statutory 
framework governing the means by which the United States Government 
collects, maintains, uses, and disseminates personally identifiable 
information. The Privacy Act applies to information that is maintained 
in a ``system of records.'' A ``system of records'' is a group of any 
records under the control of an agency from which information is 
retrieved by the name of the individual or by some identifying number, 
symbol, or other identifying particular assigned to the individual. 
Information in Homeport about registered users and those subject to 
screening for purposes of credentialing will be maintained in a system 
of records.
    The Privacy Act requires each agency to published in the Federal 
Register a description denoting the type and character of each system 
of records that the agency maintains, and the routine uses that are 
contained in each system to make agency recordkeeping practices 
transparent, to notify individuals regarding the uses to which 
personally identifiable information is put, and to assist the 
individual to more easily find such files within the agency. 
Individuals may request their own records that are maintained in a 
system of records in the possession or under the control of DHS by 
complying with DHS Privacy Act regulations (6 CFR 5.21).
    USCG is hereby publishing the description of the Homeport system of 
records. In accordance with 5 U.S.C. 552a(r), a report of this new 
system of records has been provided to the Office of Management and 
Budget (OMB) and to the Congress.
DHS/CG 060

System name:
    Homeport

Security classification:
    Unclassified, Sensitive.

System location:
    The system is located at the United States Coast Guard Operations 
Systems Center, 600 Coast Guard Drive, Kearneysville, WV 25430-3000.

Categories of individuals covered by the system of records:
    This system of records covers individuals including, but not 
limited to, representatives of the maritime industry, members of Area 
Maritime Security Committees, entities regulated under the maritime 
Transportation Security Act, and government officials. These persons 
may complete on-line forms and/or request an account to provide the 
information requested or required by the Coast Guard, access/view 
sensitive but unclassified information, and participate in 
collaboration communities. This system will also cover individuals for 
whom background screening will be conducted for the purpose of 
establishing Coast Guard-approved identification credentials for access 
to certain regulated facilities. These individuals include, but are not 
limited to, facility

[[Page 25204]]

operators, their employees, and non-employees who require regular 
access privileges to such regulated facilities.

Categories of records in the system:
    To participate in the Homeport portal for information dissemination 
and collection, the following personal information may be included in 
this record system: Full Name, Company or Organization name, Address, 
City, State, Zip, Country, Work Phone, Mobile Phone, 24 Hour Contact 
Phone, Fax, Pager, E-mail Address, Alternate E-mail Address, Referral 
Name/Phone/E-mail Address, Date of Birth, height, weight, and other 
personal characteristics, if applicable.
    For Coast Guard members (active duty and civilian personnel), these 
fields are pre-populated using data from Direct Access, the Coast 
Guard's enterprise human resource system. The following information is 
being captured from Direct Access: Employee ID, Billet Control Number 
(BCN), Grade Level, and Position Number.
    For purposes of issuing identification credentials for facilities 
access, the following personal information will be included: Full Name, 
Date of Birth, Social Security (optional) Number, and Alien 
identification number (if applicable).

Authority for maintenance of the system:
    50 U.S.C. 191; 46 U.S.C. 3717; 46 U.S.C. 12501; 44 U.S.C. 35 (1) 
3507; 33 U.S.C. 1223; 14 U.S.C. 2; 33 CFR part 125

Purpose(s):
    Homeport is an enterprise tool that will facilitate compliance with 
the requirements set forth in the Maritime Transportation Security Act 
(MTSA) of 2002, by providing secure information dissemination, advanced 
collaboration, electronic submission and approval for vessel/facility 
security plans, and complex electronic and telecommunication 
notification capabilities. The collection of personally identifiable 
information concerning those with access to Homeport will allow the 
Coast Guard to validate the suitablility, identity and eligibility of 
those who request permission and/or have access to the system. In 
addition, the system helps ensure national security by collecting 
information required to verify maritime workers' identities and 
facilitating the validation of maritime workers' background 
information. The system will also assist transportation facilities in 
managing their security risks and accounting for access of authorized 
personnel to transportation facilities and activities.
    The system can also be used to facilitate communications and 
therefore aid the Coast Guard's response to major incidents, such as 
maritime casualties and natural disasters.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside DHS as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    (A) Where a record, either on its face or in conjunction with other 
information, indicates a violation or potential violation of law--
criminal, civil or regulatory--the relevant recoreds may be referred to 
an appropriate Federal, state, territorial, tribal, local, 
international, or foreign agency law enforcement authority or other 
appropriate agency charged with investigating or prosecuting such a 
violation or enforcing or implementing such law.
    (B) To Federal intelligence community agencies and other agencies 
to further the mission of those agencies relating to persons who may 
pose a risk to homeland security.
    (C) To a Federal, state, local, tribal, territorial, foreign, or 
international agency, in connection with the hiring or retention of an 
employee, the issuance of a security clearance, the reporting of an 
investigation of an employee, the letting of a contract, or the 
issuance of a license, grant, or other benefit by the requesting 
agency, to the extent that the information is relevant and necessary to 
either to the agency's or the Coast Guard's decision on the matter.
    (D) To an organization or individual in either the public or 
private sector where there is a reason to believe that the recipient is 
or could become the target of a particular terrorist activity or 
conspriacy, to the extent the information is relevant to the protection 
of life or property.
    (E) To an agency, organization, or individual for the purposes of 
performing authorized audit or oversight operations.
    (F) To international and foreign governmental authorities, in 
accordance with law and formal or informal international agreement.
    (G) To maritime facility personnel or other appropriate individuals 
when relevant to the individual's employment, application, contract, 
issuance of credentials or clearances, or access to maritime 
facilities.
    (H) To the Department of Justice (DOJ) or other Federal agency in 
the review, settlement, defense, and prosecution of claims, complaints, 
and lawsuits involving matters over which the Coast Guard exercises 
jurisdiction; or when conducting litigation, or in proceedings, before 
any court, adjudicative or administrative body, when: (a) The Coast 
Guard; or (b) any employee of the Coast Guard in his/her official 
capacity; or (c) any employee of the Coast Guard in his/her individual 
capacity, where DOJ or the Coast Guard has agreed to represent the 
employee; or (d) the United States or any agency thereof, is a party to 
the litigation, or has an interest in such litigation, and the Coast 
Guard determines that the records are both relevant and necessary to 
the litigation and the use of such records is compatible with the 
purpose for which the Coast Guard collected the records.
    (I) To contractors, grantees, experts, consultants, volunteers, or 
other like persons, when necessary to perform a function or service 
related to this system of records for which they have been engaged.
    (J) To a congressional office from the record of an individual, in 
response to an inquiry from that congressional office made at the 
individual.
    (K) To the National Archives and Records Administration, or other 
appropriate Federal agency, pursuant to records management inspections 
being conducted under the authority of 44 U.S.C. 2904 and 2906.

Disclosure to consumer reporting agencies:
    None.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system.
Storage:
    Records in this system are stored in electronic form in an 
automated data processing (ADP) database operated and maintained by the 
USCG. Backups are performed daily. Copies of backups are stored at an 
off-site location.

RETRIEVABILITY:
    Information is retrieved from this system by First Name, Last Name, 
City, State, Captain of the Port Zone, Vessel Role, Facility Role, 
Committee Membership, Vessel Association, Case Identification Number, 
and Facility Association.

SAFEGUARDS:
    Homeport falls under the guidelines of the USCG Operations System 
Center (OSC) in Kearneysville, WV. This computer facility has its own 
approved

[[Page 25205]]

System Security Plan, which provides that the system will be maintained 
in a secure computer room with access restricted to authorized 
personnel only. Access to the building must be authorized and is 
limited. The U.S. Coast Guard will operate Homeport in consonance with 
Federal security regulations, policy, procedures, standards and 
guidance for implementing the Automated Information Systems Security 
Program. Only authorized Department of Homeland Security personnel, and 
authorized U.S. Government contractors conducting system maintenance, 
may access Homeport records.
    Access to records is protected by the use of two-password security 
and the scope of access for each password is limited to the official 
need of each individual authorized access. USCG will ensure that users 
take precautions in accordance with OMB Circular A-130, Appendix III 
(regarding the Computer Security Act of 1987).

Retention and disposal:
    USCG has a proposed record schedule pending with the National 
Archives and Records Administration (NARA). If approved, registration 
information collected by Homeport will be expunged from the system once 
an account is terminated. Data related to maritime personnel screening 
will be retained for two years. Response-associated information, such 
as personal data needed for search and rescue purposes, will be 
retained for 120 days following completion of response operations.

System Manager and address:
    Department of Homeland Security, United States Coast Guard 
Headquarters, Chief, Office of Information Resources (G-PRI), 2100 2nd 
Street, SW., Washington, DC 20593-0001.

Notification procedures:
    To determine if this system contains information on you, you may 
submit a written request that includes your name, mailing address, and, 
if applicable, your merchant mariner license or document number, to the 
System Manager. For ease of identification, you should also include the 
name and identifying number (documentation number, state registration 
number, International Maritime Organization (IMO) number, etc.) of any 
vessel with which you have been associated and the name and address of 
any facility (including platforms, bridges, deep water ports, marinas, 
terminals, and factories) with which you have been associated. You or 
your legal representative must sign the request. Send the request to 
the System Manager.

RECORDS ACCESS PROCEDURES:
    Same as ``Notification procedures'' above.

Contesting record procedures:
    Same as ``Notification procedures'' and ``Records 
AccessProcedures,'' above.

Record source categories:
    Information entered into Homeport is gathered from registering 
users, the general public if completing an on-line form during marine 
casualty incidents or natural disasters, individuals who are proposed 
to have access to maritime facilities, government agencies, and U.S. 
Coast Guard personnel.

Exemptions claimed for the system:
    None.

    Dated: April 13, 2006.
Maureen Cooney,
Acting Chief Privacy Officer.
 [FR Doc. 06-4027 Filed 4-25-06; 2:26 pm]
BILLING CODE 4410-10-M