[Federal Register Volume 72, Number 14 (Tuesday, January 23, 2007)]
[Proposed Rules]
[Pages 2819-2823]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E7-800]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

[DoD-2006-OS-0033; 0790-AI10]

32 CFR Part 311


Office of the Secretary Privacy Program

AGENCY: Department of Defense.

ACTION: Proposed rule.

-----------------------------------------------------------------------

SUMMARY: This rule proposed updates and implements policies and 
procedures for the Privacy Act Program in the Office of the Secretary 
of Defense and organizations provided administrative support by the 
Washington Headquarters Services.

DATES: Comments must be received by March 26, 2007.

ADDRESSES: You may submit comments, identified by docket number and or 
RIN number and title, by any of the following methods:
     Federal eRulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Mail: Federal Docket Management System Office, 1160 
Defense Pentagon, Washington, DC 20301-1160.
    Instructions: All submissions received must include the agency name 
and docket number or Regulatory Information Number (RIN) for this 
Federal Register document. The general policy for comments and other 
submissions from members of the public is to make these submissions 
available for public viewing on the Internet at http://regulations.gov 
as they are received without change, including any personal identifiers 
or contact information.

FOR FURTHER INFORMATION CONTACT: Ms. J. Irvin, 703-696-4940.

SUPPLEMENTARY INFORMATION:

Executive Order 12866, ``Regulatory Planning and Review''

    It has been determined that 32 CFR part 311 is not a significant 
regulatory action. The rule does not:
    (1) Have an annual effect on the economy of $100 million or more or 
adversely affect in a material way the economy; a section of the 
economy; productivity; competition; jobs; the environment; public 
health or safety; or State, local, or tribal governments or 
communities;
    (2) Create a serious inconsistency or otherwise interfere with an 
action taken or planned by another Agency;
    (3) Materially alter the budgetary impact of entitlements, grants, 
user fees, or loan programs, or the rights and obligations of 
recipients thereof; or
    (4) Raise novel legal or policy issues arising out of legal 
mandates, the President's priorities, or the principles set forth in 
this Executive Order.

Unfunded Mandates Reform Act (Sec. 202, Pub. L. 104-4)

    It has been certified that this rule does not contain a Federal 
mandate that may result in the expenditure by State, local and tribal 
governments, in aggregate, or by the private sector, of $100 million or 
more in any one year.

Public Law 96-354, ``Regulatory Flexibility Act'' (5 U.S.C. 601)

    It has been certified that this rule is not subject to the 
Regulatory Flexibility Act (5 U.S.C. 601) because it would not, if 
promulgated, have a significant economic impact on a substantial number 
of small entities. Certification is required.

Public Law 96-511, ``Paperwork Reduction Act'' (44 U.S.C. Chapter 35)

    It has been certified that this rule does impose reporting or 
recordkeeping requirements under the Paperwork Reduction Act of 1995. 
The reporting and recordkeeping requirements have been submitted to OMB 
for review.

Executive Order 13132, ``Federalism''

    It has been certified that this rule does not have federalism 
implications, as set forth in Executive Order 13132. This rule does not 
have substantial direct effects on:
    (1) The States;

[[Page 2820]]

    (2) The relationship between the National Government and the 
States; or
    (3) The distribution of power and responsibilities among the 
various levels of Government.

List of Subjects in 32 CFR Part 311

    Privacy.


    Accordingly, 32 CFR part 311 is proposed to be revised to read as 
follows:

PART 311--OFFICE OF THE SECRETARY OF DEFENSE PRIVACY PROGRAM

Sec.
311.1 Purpose.
311.2 Applicability.
311.3 Definitions.
311.4 Policy.
311.5 Responsibilities.
311.6 Procedures.
311.7 Information requirements.

    Authority: Pub. L. 93-579, 88 Stat. 1986 (5 U.S.C. 552a).


Sec.  311.1  Purpose.

    This part updates and implement the policies and procedures 
outlined in 5 U.S.C. 552a, Office of Management and Budget (OMB) 
Circular No. A-130, DoD Directive 5400.11,\1\ and DoD 5400.11-R.\2\ 
This part provides guidance and procedures for implementing the Privacy 
Program in the Office of the Secretary of Defense (OSD) and 
organizations receiving administrative support from the Washington 
Headquarters Services (WHS), according to DoD Directive 5110.4.\3\
---------------------------------------------------------------------------

    \1\ Copies may be obtained at http://www.dtic.mil/whs/directives/.
    \2\ Copies may be obtained at http://www.dtic.mil/whs/directives/.
    \3\ Copies may be obtained at http://www.dtic.mil/whs/directives/.
---------------------------------------------------------------------------


Sec.  311.2  Applicability.

    This part:
    (a) Applies to the OSD, the Chairman of the Joint Chiefs of Staff, 
and other activities receiving administrative support from the WHS 
(hereafter referred to collectively as the ``OSD Components'').
    (b) Covers systems of records maintained by the OSD Components and 
governs the maintenance, access, change, and release of information 
contained in those systems of records, from which information about an 
individual is retrieved by a personal identifier.


Sec.  311.3  Definitions.

    Access. Any individual's review of a record or a copy of a record 
or parts of a system of records.
    Disclosure. The transfer of any personal information from a system 
of records by any means of oral, written, electronic, mechanical, or 
other communication, to any person, private entity, or Government 
Agency, other than the subject of the record, the subject's designated 
agent, or the subject's guardian.
    Individual. A living citizen of the United States or an alien 
lawfully admitted to the United States for permanent residence. The 
legal guardian of an individual has the same rights as the individual 
and may act on his or her behalf.
    Individual access. Access to personal information pertaining to the 
individual, by the individual, his or her designated agent, or legal 
guardian.
    Maintain. For the purpose of this part, includes maintenance, 
collection, use, or dissemination.
    Matching program. A program that matches the personal records in 
computerized databases of two or more Federal Agencies using a 
computer.
    Personal information. Information about an individual that is 
intimate or private, as distinguished from information related solely 
to the individual's official functions or public life.
    Records. Any item, collection, or grouping of information, whatever 
the storage media (e.g., paper or electronic), about an individual that 
is maintained by an OSD Component, including, but not limited to, his 
or her education, financial transactions, medical history, criminal or 
employment history, and that contains his or her name, or the 
identifying number, symbol, or other identifying particular assigned to 
the individual, such as a finger or voice print or photograph.
    System manager. An OSD Component official who is responsible for 
the operation and management of a system of records.
    System of records. A group of records under the control of an OSD 
Component from which personal information is retrieved by the 
individual's name or by some identifying number, symbol, or other 
identifying particular assigned to an individual.


Sec.  311.4  Policy.

    (a) According to DoD 5400.11-R,\4\ it is DoD policy to safeguard 
personal information contained in any system of records maintained by 
any DoD Component and to permit any individual to know what existing 
records pertain to him or her.
---------------------------------------------------------------------------

    \4\ Copies may be obtained at http://www.dtic.mil/whs/directives/.
---------------------------------------------------------------------------

    (b) Each office maintaining records and information about 
individuals shall ensure that this data is protected from unauthorized 
disclosure. These offices shall permit individuals to have access to 
and have a copy made of all or any portion of records about them, 
except as provided in Chapters 3 and 5 of DoD 5400.11-R. The 
individuals will also have an opportunity to request that such records 
be amended as provided by 5 U.S.C. 552a and Chapter 3 of DoD 5400.11-R. 
Individuals requesting access to their records shall receive concurrent 
consideration under 5 U.S.C. 552 and 552a, if appropriate.
    (c) The Heads of the OSD Components shall maintain any necessary 
record of a personal nature that is individually identifiable in a 
manner that complies with the law and DoD policy. Any information 
collected must be as accurate, relevant, timely, and complete as is 
reasonable to ensure fairness to the individual. Adequate safeguards 
must be provided to prevent misuse or unauthorized release of such 
information.


Sec.  311.5  Responsibilities.

    (a) The Director, WHS, shall:
    (1) Direct and administer the DoD Privacy Program for the OSD 
Components.
    (2) Establish standards and procedures to ensure implementation of 
and compliance with 5 U.S.C. 552a, OMB Circular No. A-130, DoD 
Directive 5400.11 and DoD 5400.11-R.
    (3) Ensure the Records and Declassification Division, Executive 
Services Directorate (ESD), WHS, implements all aspects of 5 U.S.C. 
552a, except that portion about receiving and acting on public requests 
for personal records. As such, the Records and Declassification 
Division shall:
    (i) Exercise oversight and administrative control of the Privacy 
Act Program for the OSD Components.
    (ii) Provide guidance and training to the OSD Components as 
required by 5 U.S.C. 552a and OMB Circular A-130. Periodic training 
will be provided to public affairs officers and others who may be 
expected to deal with the news media or the public.
    (iii) Collect and consolidate data from the OSD Components and 
submit reports to the Defense Privacy Office (DPO), as required by 5 
U.S.C. 522a; OMB Circular A-130, DoD Directive 5400.11, DoD 5400.1-R, 
and the DPO.
    (iv) Coordinate and consolidate information for reporting all 
record systems, as well as changes to approved systems, to the OMB, the 
Congress, and the Federal Register, as required by 5 U.S.C. 552a, OMB 
Circular A-130, and DoD 5400.1-R.

[[Page 2821]]

    (v) Serve as the appellate authority for OSD Components when a 
requester appeals a denial for access to records under 5 U.S.C. 552a.
    (vi) Serve as the appellate authority for OSD Components when a 
requester appeals a denial for amendment of a record or initiates legal 
action to correct a record.
    (vii) Evaluate and decide, in coordination with the DPO, appeals 
resulting from denials of access or amendments to records by the OSD 
Components.
    (4) Ensure the Freedom of Information Division, ESD, WHS, complies 
with all aspects of 5 U.S.C. 552a including that portion about 
receiving and acting on public requests for personal records. As such, 
the Freedom of Information Division shall:
    (i) Forward requests for information or access to records to the 
appropriate OSD Component having primary responsibility for any 
pertinent system of records under 5 U.S.C. 552a or to the OSD 
Components under 5 U.S.C. 552.
    (ii) Maintain deadlines to ensure responses are made within the 
time limits prescribed in 5 U.S.C. 552, DoD Instruction 5400.10 \5\ and 
this part.
---------------------------------------------------------------------------

    \5\ Copies may be obtained at http://www.dtic.mil/whs/directives/.
---------------------------------------------------------------------------

    (iii) Collect fees charged and assessed for reproducing requested 
materials.
    (iv) Refer all matters about amendments of records and general and 
specific exemptions under 5 U.S.C. 552a to the proper OSD Components.
    (5) Coordinate with the DoD General Counsel, or the WHS General 
Counsel when appropriate, on OSD Components' denials of appeals for 
amending records, and review actions to confirm denial of access to 
records, as appropriate.
    (b) The DoD General Council shall provide advice and assistance to 
the:
    (1) Chief, Records and Declassification Division, in the discharge 
of appellate and review responsibilities.
    (2) Chief, Freedom of Information Division, on all access matters.
    (3) OSD Component on legal matters pertaining to 5 U.S.C. 552a.
    (c) The Heads of the OSD Components shall:
    (1) Designate an individual as the point of contact for Privacy Act 
matters; advise the Chief, Records and Declassification Division, and 
the Chief, Freedom of Information Division, of the names of officials 
so designated.
    (2) Report any new record system, or changes to an existing system, 
to the Chief, Records and Declassification Division, at least 90 days 
before the intended use of the system.
    (3) Review all contracts pertaining to the maintenance of records 
systems, by or on behalf of the OSD Component, to ensure within his or 
her authority that language is included that provides such systems 
shall be maintained consistent with 5 U.S.C. 552a.
    (4) Revise procurement guidance to ensure contracts providing for 
the maintenance of a records system, by or on behalf of the OSD 
Component, includes language that such system shall be maintained in 
accordance with 5 U.S.C. 552a.
    (5) Ensure computer and telecommunications equipment or service 
procurements comply with 5 U.S.C. 552.
    (6) Coordinate with the Chief, Information Officer, for the OSD 
Component to ensure a risk analysis is conducted in compliance with DoD 
5400.11-R.
    (7) Coordinate with the OSD Chief, Information Officer, to ensure a 
Privacy Impact Assessment is conducted in compliance with DoD CIO 
memorandum dated October 28, 2005 \6\ and DoD's implementing guidance.
---------------------------------------------------------------------------

    \6\ Copies may be obtained from http://www.dod.mil/privacy/DoD_PIA_Guidance_Oct_28_2005.pdf.
---------------------------------------------------------------------------

    (8) Ensure all DoD issuances prepared by the OSD Component that 
require forms or other methods to collect information about individuals 
are in compliance with 5 U.S.C. 552a.
    (9) Establish internal administrative procedures to comply with the 
procedures listed in this part and DoD 5400.11-R.
    (10) Coordinate with legal counsel on all proposed denials of 
access to records.
    (11) Provide justification to the Freedom of Information Division 
when access to a record is denied in whole or in part.
    (12) Provide the record of an initial denial or access to a record 
that is appealed to the Freedom of Information Division at the time of 
initial denial.
    (13) Maintain an accurate accounting of the actions resulting in a 
denial for access to a record or for the correction of a record. This 
accounting should be maintained so it can be readily certified as the 
complete record of proceedings if litigation occurs in accordance with 
DoD 5400.11-R.
    (14) Ensure all personnel who either have access to a system of 
records, or who are engaged in developing or overseeing the procedures 
for handling records in a system, are aware of their responsibilities 
for protecting personal information according to 5 U.S.C. 552a and DoD 
5400.11-R.
    (15) Forward all requests for access to records received directly 
from an individual to the Freedom of Information Division for 
appropriate suspense control and recording.
    (16) Provide the Freedom of Information Division with a copy of the 
requested record when the request is granted.
    (d) The requester shall:
    (1) Submit a request for access to records pertaining to oneself in 
writing or in person to the OSD Component's custodian of the records. 
If the requester is not satisfied with the response, he or she may file 
another request in writing as provided in paragraph 311.1(b)(2). The 
requester must provide personal identification to verify identity 
according to Chapter 3 of DoD 5400.11-R and provide a signed notarized 
statement or a sworn declaration in the format specified by DoD 5400.7-
R.\7\
---------------------------------------------------------------------------

    \7\ Copies may be obtained at http://www.dtic.mil/whs/directives/.
---------------------------------------------------------------------------

    (2) Describe the record sought and provide sufficient information 
to enable the material to be located (e.g., identification of system of 
records, approximate date it was initiated, originating organization, 
and type of document).
    (3) Comply with the procedures provided in DoD 5400.11-R for 
inspecting and/or obtaining copies of requested records.
    (4) Submit a written request to amend a record to the office 
designated in the system of records notice.


Sec.  311.6  Procedures.

    (a) Publication of notice in the Federal Register. (1) A notice 
shall be published in the Federal Register of any record system meeting 
the definition of a system of records in DoD 5400.11-R.
    (2) OSD Components shall provide the Chief, Records and 
Declassification Division, with 90 days advance notice of any 
anticipated new or revised system of records. This information shall be 
submitted to the OMB and Congress at least 60 days before use and 
published in the Federal Register at least 30 days before being put 
into use according to the procedures in DoD 5400.11-R. This provides 
the public with an opportunity to submit written data, views, or 
arguments to the OSD Components for consideration before a system of 
records is established or modified.
    (b) Access to systems of records information. (1) As provided by 5 
U.S.C. 552a, records shall be disclosed only to the individual they 
pertain to and under whose individual name or identifier they are 
filed, unless exempted by the provisions in DoD 5400.11-R. If an

[[Page 2822]]

individual is accompanied by a third party, the individual shall be 
required to furnish a signed access authorization which grants the 
third party access according to Chapter 3 of DoD 5400.11-R.
    (2) Individuals may request access to their records, in person or 
by mail, in accordance with the following procedures:
    (i) In person. Submit a request for an appointment in writing to 
WHS, ESD, Freedom of Information Division, 1155 Defense Pentagon, 
Washington, DC 20301-1155. The individual shall provide personal 
identification to the Freedom of Information Division to verify the 
individual's identity according to Chapter 3 of DoD 5400.11-R and 
provide a signed notarized statement or a sworn declaration in the 
format specified by DoD 5400.7-R.
    (ii) By mail. Address requests to WHS, ESD, Freedom of Information 
Division, 1155 Defense Pentagon, Washington, DC 20301-1155. To verify 
the identity of the individual, the request shall include either a 
signed notarized statement or a sworn declaration in the format 
specified by DoD 5400.7-R.
    (3) There is no requirement that an individual be given access to 
records that are not in a group of records that meet the definition of 
a system of records in 5 U.S.C. 552a.
    (4) Granting access to a record containing personal information 
shall not be conditional upon any requirement that the individual state 
a reason or otherwise justify the need to gain access.
    (5) No verification of identity shall be required of an individual 
seeking access to records that are otherwise available to the public.
    (6) Individuals shall not be denied access to a record in a system 
of records about themselves because those records are exempted from 
disclosure under 5 U.S.C. 552. Individuals may only be denied access to 
a record in a system of records about themselves when those records are 
exempted from the access provisions of Chapter 5 of DoD 5400.11-R.
    (7) Individuals shall not be denied access to their records for 
refusing to disclose their Social Security Number (SSN), unless 
disclosure of the SSN is required by statute, by regulation adopted 
before January 1, 1975, or if the record's filing identifier and only 
means of retrieval is by SSN.
    (c) Access to records or information compiled for law enforcement 
purposes. (1) Requests are processed under DoD Directive 5400.11 and 5 
U.S.C. 552 to give requesters a greater degree of access to records on 
themselves.
    (2) Records in the custody of law enforcement activities that have 
been incorporated into a system of records or exempted from the access 
conditions of DoD Directive 5400.11 will be processed in accordance 
with 5 U.S.C. 552. Individuals shall not be denied access to records 
solely because they are in the exempt system. They will have the same 
access that they would receive under 5 U.S.C. 552. (Also see section 
A.10., Chapter 3, DoD 5400.11-R)
    (3) Records exempted from access conditions will be processed in 
accordance with DoD Directive 5400.11 or 5 U.S.C. 552, depending upon 
which regulation gives the greater degree of access. (See also section 
A.10.1., Chapter 3, DoD 5400.11-R)
    (4) Records exempted from access under Section B, Chapter 5 of DoD 
5400.11-R, that are temporarily in the custody of a non-law enforcement 
element for adjudicative or personnel actions, shall be referred to the 
originating agency.
    (d) Access to illegible, incomplete, or partially exempt records. 
(1) An individual shall not be denied access to a record or a copy of a 
record solely because the physical condition or format of the record 
does not make it readily available (e.g., deteriorated state or on 
magnetic tape). The document will be prepared as an extract, or it will 
be recopied exactly as is.
    (2) If a portion of the record contains information that is exempt 
from access, an extract or summary containing all releasable 
information in the record shall be prepared.
    (3) When the physical condition of the record makes it necessary to 
prepare an extract for release, the extract shall be prepared so that 
the requester will understand it.
    (4) The requester shall be informed of all deletions or changes to 
records.
    (e) Access to medical records. (1) Medical records shall be 
disclosed to the individual and may be transmitted to a medical doctor 
named by the individual concerned.
    (2) The individual may be charged reproduction fees for copies or 
records according to DoD 5400.11-R.
    (f) Amending and disputing personal information in systems of 
records. (1) The Head of an OSD Component, or a designated official, 
shall allow individuals to request amendment to their records to the 
extent that such records are not accurate, relevant, timely, or 
complete. Requests should be as brief and as simple as possible and 
should contain adequate identifying information to locate the record, a 
description of the items to be amended, and the reason for the change. 
A request shall not be rejected nor required to be resubmitted unless 
additional information is essential to process the request. Requesters 
shall be required to provide verification of their identity as stated 
in paragraph (b)(2) of this section to ensure they are seeking to amend 
records about themselves.
    (2) The appropriate system of records system manager shall mail a 
written acknowledgment of an individual's request to amend a record 
within 10 workdays after receipt. Such acknowledgment shall identify 
the request and may, if necessary, request any additional information 
needed to make a determination. No acknowledgment is necessary if the 
request can be reviewed and processed, and the individual can be 
notified of compliance or denial, within the 10-day period. Whenever 
practical, the decision shall be made within 30 working days. For 
requests presented in person, written acknowledgment may be provided at 
the time the request is presented.
    (3) Amending personal information. The Head of an OSD Component, or 
designated official, shall promptly take one of the following actions 
on requests to amend records:
    (i) If they agree with any portion or all of an individual's 
request, amend the records in accordance with existing statutes, 
regulations, or internal administrative procedures, and inform the 
requester of the action taken. The OSD Component shall also notify all 
previous holders of the record that the amendment has been made and 
shall explain the substance of the correction, except for disclosures 
of the records to officers or DoD employees, or made as required by the 
Freedom of Information Act, the OSD shall also notify all to whom the 
record was disclosed that the amendment has been made and shall explain 
the substance of the correction.
    (ii) Notify the requester of the disapproval to amend a record and 
the reason for the disapproval. Notify the requester of the procedure 
to submit an appeal as described in paragraph (f)(5) of this section. 
if he or she disagrees with all or any portion of a request.
    (iii) Refer requests to the appropriate Federal Agency. Advise the 
requester of this referral if the request for an amendment pertains to 
a record controlled and maintained by another Agency.
    (4) Disputing personal information. The Head of an OSD Component or 
designated official shall:
    (i) Determine whether the requester has adequately supported his or 
her claim that the record is inaccurate, irrelevant, untimely, or 
incomplete.

[[Page 2823]]

    (ii) Limit the review of a record to those items of information 
that clearly bear on any determination to amend the records and ensure 
that those elements are reviewed before a determination is made.
    (5) If an individual disagrees with the initial OSD Component 
determination, he or she may file an appeal. The request should be sent 
to the Chief, Records and Declassification Division, WHS, 1155 Defense 
Pentagon, Washington, DC 20301-1155.
    (6) If, after review, the Records and Declassification Division 
determines the system of records should not be amended as requested, 
the Records and Declassification Division shall provide a copy of any 
statement of disagreement to the extent that disclosure accounting is 
maintained in accordance with Chapter 4 or DoD 5400.11-R. The Records 
and Declassification Division shall advise the individual:
    (i) Of the reason and authority for the denial.
    (ii) Of his or her right to file a statement of the reason for 
disagreeing with the Records and Declassification Division decision.
    (iii) Of the procedures for filing a statement of disagreements.
    (iv) That the statement filed shall be made available to anyone the 
record is disclosed to, together with a brief statement summarizing 
reasons for refusing to amend the records.
    (7) If the Records and Declassification Division determines that 
the record should be amended in accordance with the individual's 
request, the OSD Component shall amend the record, and advise the 
individual of the amendment, in accordance with Chapter 4 of DoD 
5400.11-R.
    (8) All appeals should be processed within 30 workdays after 
receipt. If the Records and Declassification Division determines that a 
fair and equitable review cannot be made within that time, the 
individual shall be informed in writing of the reasons for the delay 
and of the approximate date the review is expected to be completed.
    (g) Disclosure of disputed information. (1) If the Records and 
Declassification Division determines the record should not be amended 
and the individual has filed a statement of disagreement under 
paragraph (f)(7) of this section, the OSD Component shall annotate the 
disputed record so it is apparent under record disclosure that a 
statement has been filed. Where feasible, the notation itself shall be 
integral to the record. Where disclosure accounting has been made, the 
OSD Component shall advise previous recipients that the record has been 
disputed and shall provide a copy of the individual's statement of 
disagreement in accordance with Chapter 4 of DoD 5400.11-R.
    (i) This statement shall be maintained to permit ready retrieval 
whenever the disputed portion of the record is disclosed.
    (ii) When information that is the subject of a statement of 
disagreement is subsequently disclosed, the OSD Component's designated 
official shall note which information is disputed and provide a copy of 
the individual's statement.
    (2) The OSD Component shall include a brief summary of its reasons 
for not making a correction when disclosing disputed information. Such 
statements shall normally be limited to the reasons given to the 
individual for not amending the record.
    (3) Copies of the OSD Component's summary will be treated as part 
of the individual's record; however, it will not be subject to the 
amendment procedure outlined in paragraph (c)(3) of this section.
    (h) Penalties. (1) Civil action. An individual may file a civil 
suit against the OSD Component or its employees if the individual feels 
certain provisions or the Privacy Act have been violated as stated in 5 
U.S.C. 552a.
    (2) Criminal action. (i) Criminal penalties may be imposed against 
an OSD officer or employee for offenses listed in Section (i) of 5 
U.S.C. 552a, as follows:
    (A) Willful unauthorized disclosure of protected information in the 
records.
    (B) Failure to publish a notice of the existence of a record system 
in the Federal Register.
    (C) Requesting or gaining access to the individual's record under 
false pretenses.
    (ii) An OSD officer or employee may be fined up to $5,000 for a 
violation as outlined in paragraph (h)(2)(i) of this section.
    (i) Litigation status sheet. Whenever a complaint citing 5 U.S.C. 
552a is filed in a U.S. District Court against the Department of 
Defense, an OSD Component, or any OSD employee, the responsible system 
manager shall promptly notify the DPO. The litigation status sheet in 
DoD 5400.11-R provides a standard format for this notification. (The 
initial litigation status sheet shall, as a minimum, provide the 
information required by items 1, through 6. of DoD 5400.11-R) A revised 
litigation status sheet shall be provided at each stage of the 
litigation. When a court renders a formal opinion or judgment, copies 
of the judgment or opinion shall be provided to the DPO with the 
litigation status sheet reporting that judgment or opinion.
    (j) Computer matching programs. Chapter 11, paragraph B of DoD 
5400.11-R, prescribes that all requests for participation in a matching 
program (either as a matching agency or a source agency) be submitted 
to the DPO for review and compliance. The OSD Components shall submit 
these requests through the Records and Declassification Division.


Sec.  311.7  Information requirements.

    The DPO shall establish requirements and deadlines for DoD privacy 
reports. These reports shall be licensed in accordance with DoD 
Directive 8910.1.\8\
---------------------------------------------------------------------------

    \8\ Copies may be obtained at http://www.dtic.mil/whs/directives/

    Dated: January 16, 2007.
L.M. Bynum,
Alternate OSD Federal Register Liaison Officer, DoD.
 [FR Doc. E7-800 Filed 1-22-07; 8:45 am]
BILLING CODE 5001-06-P