[Federal Register Volume 72, Number 59 (Wednesday, March 28, 2007)]
[Notices]
[Pages 14538-14540]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 07-1379]



[[Page 14538]]

-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Department of the Army

[USA-2007-0011]


Privacy Act of 1974; System of Records

AGENCY: Department of the Army, DoD.

ACTION: Notice to Alter a System of Records.

-----------------------------------------------------------------------

SUMMARY: The Department of the Army is proposing to alter a system of 
records in its existing inventory of records systems subject to the 
Privacy Act of 1974 (5 U.S.C. 552a), as amended.

DATES: The proposed action will be effective on April 27, 2007 unless 
comments are received that would result in a contrary determination.

ADDRESSES: Department of the Army, Freedom of Information/Privacy 
Office, U.S. Army Records Management and Declassification Agency, 7701 
Telegraph Road, Casey Building, Suite 144, Alexandria, VA 22325-3905.

FOR FURTHER INFORMATION CONTACT: Mr. Robert Dickerson at (703) 428-
6513.

SUPPLEMENTARY INFORMATION: The Department of the Army systems of 
records notices subject to the Privacy Act of 1974, (5 U.S.C. 552a), as 
amended, have been published in the Federal Register and are available 
from the address above.
    The proposed system report, as required by 5 U.S.C. 552a(r) of the 
Privacy Act of 1974, as amended, was submitted on March 13, 2007, to 
the House Committee on Government Reform, the Senate Committee on 
Homeland Security and Governmental Affairs, and the Office of 
Management and Budget (OMB) pursuant to paragraph 4c of Appendix I to 
OMB Circular No. A-130, `Federal Agency Responsibilities for 
Maintaining Records About Individuals,' dated February 8, 1996 
(February 20, 1996, 61 FR 6427).

    Dated: March 14, 2007.
C.R. Choate,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
A0025-2 SAIS

System name:
    Information Assurance for Automated Information Systems (AIS) and 
Department of Defense Biometric Information Systems (February 25, 2005, 
70 FR 9287).

Changes:
* * * * *

System identifier:
    Add to entry ``DoD.''

System name:
    Delete entry and replace with ``Department of Defense Biometric 
Information Systems and Information Assurance for Automated Information 
Systems (AIS).''

System location:
    Delete entry and replace with ``Department of Defense Biometrics 
Fusion Center, 347 West Main Street, Clarksburg, WV 26306-2947 and at 
any Department of Defense activity that receives, compares, retains, 
accesses, or uses biometric technology to recognize the identity or to 
verify the claimed identity of an individual.''

Categories of individuals covered by the system:
    Delete entry and replace with ``Individuals covered include, but 
are not limited to, members of the U.S. Armed Forces, DoD civilian and 
contractor personnel, military reserve personnel, Army and Air National 
Guard personnel, and other individuals (who are U.S. citizens or aliens 
lawfully admitted for permanent residence) requiring or requesting 
access to DoD or DoD controlled information systems and/or DoD or DoD 
contractor operated, controlled, or secured facilities.''

Categories of records in the system:
    Delete ``Operator's/user's name'' replace with ``Individual's 
name.''

Authority for maintenance of the system:
    Delete entry and replace with ``10 U.S.C. 113, Secretary of 
Defense; 10 U.S.C. 3013, Secretary of the Army; 10 U.S.C. 5013, 
Secretary of the Navy; 10 U.S.C. 8013, Secretary of the Air Force; 
Public Law 106-246, Section 112, Emergency Supplemental Act; Department 
of Defense Directive 8500.1, Information Assurance (IA); DoD 
Instruction 8500.2, Information Assurance Implementation; Army 
Regulation 25-2, Information Assurance;; Deputy Secretary of Defense 
Memorandum, ``Executive Agent for the Department of Defense (DoD) 
Biometrics Project''; Deputy Secretary of Defense Memorandum, 
``Collection of Biometric Data from Certain U.S. Persons in USCENTCOM 
AOR''; and E.O. 9397 (SSN).

Purpose(s):
    Delete entry and replace with ``To control logical and physical 
access to DoD and DoD controlled information systems and DoD or DoD 
contractor operated, controlled, or secured facilities and to support 
the DoD physical and logical security, force protection, identity 
management, and information assurance programs, by identifying an 
individual or verifying/authenticating the identity of an individual 
through the use of biometrics (i.e., measurable physiological or 
behavioral characteristics) for purposes of protecting U.S./Coalition/
allied government and/or U.S./Coalition/allied national security areas 
of responsibility and information.
    Information assurance purposes include the administration of 
passwords and identification numbers for operators/users of data in 
automated media; identifying data processing and communication 
customers authorized access to or disclosure from data residing in 
information processing and/or communication activities; and determining 
the propriety of individual access into the physical data residing in 
automated media.''

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    Add ``Information may be disclosed to Federal, State, tribal, 
local, or foreign agencies for the purposes of law enforcement, 
counterterrorism, immigration management and control, and homeland 
security, or for purposes of protecting the territory, people, and 
interests of the United States of America against breaches of security 
related to DoD controlled information or facilities, and against 
terrorist activity.''
* * * * *

Safeguards:
    Delete entry and replace with ``Computerized records maintained in 
a controlled area are accessible only to authorized personnel. Records 
are maintained in a controlled facility. Physical entry is restricted 
by the use of locks, guards, and is accessible only to authorized 
personnel. Physical and electronic access is restricted to designated 
individuals having a need therefore in the performance of official 
duties and who are properly screened and cleared for need-to-know''.

Retention and disposal:
    Delete entry and replace with ``Data is destroyed when superseded 
or when no longer needed for operational purposes, whichever is 
later.''

System manager(s) and address:
    Delete entry and replace with ``Director of Operations, Department 
of Defense Biometrics Task Force, 2530 Crystal Drive, Arlington, VA 
22202-3934.''

[[Page 14539]]

Notification procedure:
    Delete entry and replace with ``Individuals seeking to determine 
whether information about themselves is contained in this system should 
address written inquiries to the Director of Operations, Department of 
Defense Biometrics Task Force, 2530 Crystal Drive, Arlington, VA 22202-
3934.
    For verification purposes, individual should provide full name, 
sufficient details to permit locating pertinent records, and 
signature.''

Record access procedures:
    Delete entry and replace with ``Individuals seeking access to 
information about themselves contained in this system should address 
written inquiries to the Director of Operations, Department of Defense 
Biometrics Task Force, 2530 Crystal Drive, Arlington, VA 22202-3934.
    For verification purposes, individual should provide full name, 
sufficient details to permit locating pertinent records, and 
signature.''
* * * * *

Record source categories:
    Delete entry and replace with ``From the individual, DoD security 
offices, system managers, computer facility managers, automated 
interfaces for user codes on file at Department of Defense sites.''
* * * * *
A0025-2 SAIS DoD

System name:
    Department of Defense Biometric Information Systems and Information 
Assurance for Automated Information Systems (AIS).

System location:
    Department of Defense Biometrics Fusion Center, 347 West Main 
Street, Clarksburg, WV 26306-2947 and at any Department of Defense 
activity that receives, compares, retains, accesses, or uses biometric 
technology to recognize the identity or to verify the claimed identity 
of an individual.

Categories of individuals covered by the system:
    Individuals covered include, but are not limited to, members of the 
U.S. Armed Forces, DoD civilian and contractor personnel, military 
reserve personnel, Army and Air National Guard personnel, and other 
individuals (who are U.S. citizens or aliens lawfully admitted for 
permanent residence) requiring or requesting access to DoD or DoD 
controlled information systems and/or DoD or DoD contractor operated, 
controlled, or secured facilities.

Categories of records in the system:
    Individual's name, Social Security Number (SSN); organization name, 
telephone number, and office symbol; security clearance; level of 
access; subject interest code; user identification code; data files 
retained by users; assigned password; magnetic tape reel 
identification; abstracts of computer programs and names and phone 
numbers of contributors; biometrics templates, biometric images, 
supporting documents; biographic information including, but not limited 
to, name, date and place of birth, height, weight, eye color, hair 
color, race and gender, and similar relevant information.

Authority for maintenance of the system:
    10 U.S.C. 113, Secretary of Defense; 10 U.S.C. 3013, Secretary of 
the Army; 10 U.S.C. 5013, Secretary of the Navy; 10 U.S.C. 8013, 
Secretary of the Air Force; Public Law 106-246, Section 112, Emergency 
Supplemental Act; Department of Defense Directive 8500.1, Information 
Assurance (IA); DoD Instruction 8500.2, Information Assurance 
Implementation; Army Regulation 25-2, Information Assurance; Deputy 
Secretary of Defense Memorandum, ``Executive Agent for the Department 
of Defense (DoD) Biometrics Project''; Deputy Secretary of Defense 
Memorandum, ``Collection of Biometric Data from Certain U.S. Persons in 
USCENTCOM AOR''; and E.O.937(SSN).

Purpose(s):
    To control logical and physical access to DoD and DoD controlled 
information systems and DoD or DoD contractor operated, controlled, or 
secured facilities and to support the DoD physical and logical 
security, force protection, identity management, and information 
assurance programs, by identifying an individual or verifying/
authenticating the identity of an individual through the use of 
biometrics (i.e., measurable physiological or behavioral 
characteristics) for purposes of protecting U.S./Coalition/allied 
government and/or U.S./Coalition/allied national security areas of 
responsibility and information.
    Information assurance purposes include the administration of 
passwords and identification numbers for operators/users of data in 
automated media; identifying data processing and communication 
customers authorized access to or disclosure from data residing in 
information processing and/or communication activities; and determining 
the propriety of individual access into the physical data residing in 
automated media.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the DoD as a routine use 
pursuant to 5 U.S.C. 552a(b)(3) as follows:
    To Federal, State, tribal, local, or foreign agencies for the 
purposes of law enforcement, counterterrorism, immigration management 
and control, and homeland security, or for purposes of protecting the 
territory, people, and interests of the United States of America 
against breaches of security related to DoD controlled information or 
facilities, and against terrorist activity.
    The DoD Blanket Routine Uses' set forth at the beginning of the 
Army's compilation of systems of records notices also apply to this 
system.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Paper records in file folders and electronic storage media.

Retrievability:
    Name, Social Security Number, subject, application program key, 
biometric template, and other biometric data.

Safeguards:
    Computerized records maintained in a controlled area are accessible 
only to authorized personnel. Records are maintained in a controlled 
facility. Physical entry is restricted by the use of locks, guards, and 
is accessible only to authorized personnel. Physical and electronic 
access is restricted to designated individuals having a need therefore 
in the performance of official duties and who are properly screened and 
cleared for need-to-know.

Retention and disposal:
    Data is destroyed when superseded or when no longer needed for 
operational purposes, whichever is later.

System manager(s) and address:
    Director of Operations, Department of Defense Biometrics Task 
Force, 2530 Crystal Drive, Arlington, VA 22202-3934.

Notification procedure:
    Individuals seeking to determine whether information about 
themselves is contained in this system should address written inquiries 
to the Director of Operations, Department of Defense Biometrics Task 
Force, 2530 Crystal Drive, Arlington, VA 22202-3934.

[[Page 14540]]

    For verification purposes, individual should provide full name, 
sufficient details to permit locating pertinent records, and signature.

Record access procedures:
    Individuals seeking access to information about themselves 
contained in this system should address written inquiries to the 
Director of Operations, Department of Defense Biometrics Task Force, 
2530 Crystal Drive, Arlington, VA 22202-3934.
    For verification purposes, individual should provide full name, 
sufficient details to permit locating pertinent records, and signature.

Contesting record procedures:
    The Army's rules for accessing records, and for contesting contents 
and appealing initial agency determinations are contained in Army 
Regulation 340-21; 32 CFR part 505; or may be obtained from the system 
manager.

Record source categories:
    From the individual, DoD security offices, system managers, 
computer facility managers, automated interfaces for user codes on file 
at Department of Defense sites.

Exemptions claimed for the system:
    None.

[FR Doc. 07-1379 Filed 3-27-07; 8:45 am]
BILLING CODE 5001-06-P