[Federal Register Volume 72, Number 151 (Tuesday, August 7, 2007)]
[Notices]
[Pages 44182-44185]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E7-15239]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF JUSTICE

[AAG/A Order No. 022-2007]


Privacy Act of 1974; System of Records

AGENCY: Criminal Division, Department of Justice.

ACTION: Revised system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, 5 
U.S.C. 552a, notice is given that the Department of Justice (DOJ) 
proposes to revise the ``Central Criminal Division Index File and 
Associated Records System, JUSTICE/CRM-001,'' last published in full in 
the Federal Register on February 20, 1998 (63 FR 8659) and amended in 
part on March 29, 2001 (66 FR 17200).

DATES: In accordance with the requirements of 5 U.S.C. 552a(e)(4) and 
(11), the public is given a 30 day period in which to comment. The 
Office of Management and Budget (OMB), which has oversight 
responsibility under the Privacy Act, has 40 days in which to conclude 
its review of the system. Therefore, please submit any comments by 
September 17, 2007.

ADDRESSES: The public, OMB and the Congress are invited to submit any 
comments to Mary E. Cahill, Management and Planning Staff, Justice 
Management Division, Department of Justice, Washington, DC 20530 (Room 
1400 National Place Building), facsimile number 202-307-1853.

FOR FURTHER INFORMATION CONTACT: Thomas McIntyre on 202-514-4412.

SUPPLEMENTARY INFORMATION: The system notice has been revised to update 
various sections, as necessary, and to reflect routine uses modified 
for consistency with other Department of Justice notices, or added 
based on new requirements for routine uses. In addition, it should be 
noted that a final rule establishing the National Security Division in 
the Department of Justice, published in the Federal Register on March 
7, 2007, at 72 FR 10064, makes changes to certain portions of 28 CFR 
0.55 through 0.64-5, outlining functions assigned to the Criminal 
Division, since some of the functions previously assigned to the 
Criminal Division moved to the new National Security Division effective 
March 7, 2007.
    In accordance with 5 U.S.C. 552a (r), the Department has provided a 
report to OMB and the Congress.

    Dated: July 24, 2007.
Lee J. Lofthus,
Assistant Attorney General for Administration.
DEPARTMENT OF JUSTICE/CRM-001

SYSTEM NAME:
    Criminal Division Index File Systems and Associated Records.

SECURITY CLASSIFICATION:
    The system itself is, in whole sensitive and in part, classified to 
protect national security/foreign policy material. Within the 
unclassified part, items or records may have Limited Official Use or 
national security/foreign policy classifications.

SYSTEM LOCATION:
    U.S. Department of Justice, Criminal Division, Washington DC 20530-
0001 or a National Archives and Records Administration (NARA) Regional 
Records Center.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Persons referred to in potential or actual cases and matters of 
concern to the Criminal Division and correspondence on subjects 
directed or referred to the Criminal Division.

[[Page 44183]]

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system consists of alphabetical indices bearing individual 
names and the associated records to which they relate, arranged either 
by subject matter or individual identifying number containing the 
general and particular records of all Criminal Division correspondence, 
cases, matters and memoranda, including but not limited to, 
investigative reports, correspondence to and from the Division, legal 
papers, evidence, and exhibits.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    This system is established and maintained pursuant to 44 U.S.C. 
3101 to implement all functions assigned to the Criminal Division in 28 
CFR 0.55 through 0.64-5. Additional authority is derived from Treaties, 
Statutes, Executive Orders, Presidential Proclamations, and Attorney 
General Directives.

PURPOSE(S):
    Records in this system are used to provide investigative and 
litigation information to management in the Division and the 
Department, courts, and other law enforcement agencies,

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    A record maintained in this system of records may be disseminated 
as a routine use of such record as follows:
    (1) To a Member of Congress or staff acting upon the Member's 
behalf when the Member or staff requests the information on behalf of, 
and at the request of, the individual who is the subject of the record.
    (2) To contractors, grantees, experts, consultants, students, and 
others performing or working on a contract, service, grant, cooperative 
agreement, or other assignment for the Federal Government, when 
necessary to accomplish an agency function related to this system of 
records.
    (3) Where a record, either alone or in conjunction with other 
information, indicates a violation or potential violation of law--
criminal, civil, or regulatory in nature--the relevant records may be 
referred to the appropriate federal, state, local, territorial, tribal, 
or foreign law enforcement authority or other appropriate entity 
charged with the responsibility for investigating or prosecuting such 
violation or charged with enforcing or implementing such law.
    (4) To appropriate officials and employees of a federal agency or 
entity that requires information relevant to a decision concerning the 
hiring, appointment, or retention of an employee; the issuance, 
renewal, suspension, or revocation of a security clearance; the 
execution of a security or suitability investigation; the letting of a 
contract; or the issuance of a grant or benefit.
    (5) A record may be disclosed to designated officers and employees 
of state, local, territorial, or tribal law enforcement or detention 
agencies in connection with the hiring or continued employment of an 
employee or contractor, where the employee or contractor would occupy 
or occupies a position of public trust as a law enforcement officer or 
detention officer having direct contact with the public or with 
prisoners or detainees, to the extent that the information is relevant 
and necessary to the recipient agency's decision.
    (6) In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body when the Department of Justice 
determines that the records are arguably relevant to the proceeding; or 
in an appropriate proceeding before an administrative or adjudicative 
body when the adjudicator determines the records to be relevant to the 
proceeding.
    (7) To an actual or potential party to litigation or administrative 
proceeding, or the party's authorized representative for the purpose of 
negotiation or discussion of such matters as settlement, plea 
bargaining, or in informal discovery proceedings.
    (8) To the news media and the public, including disclosures 
pursuant to 28 CFR 50.2, unless it is determined that release of the 
specific information in the context of a particular case would 
constitute an unwarranted invasion of personal privacy.
    (9) To federal, state, local, territorial, tribal, foreign (acting 
either directly or through an authorized representative of its 
government), or international licensing agencies or associations which 
require information concerning the suitability or eligibility of an 
individual for a license or permit.
    (10) To the National Archives and Records Administration for 
purposes of records management inspections conducted under the 
authority of 44 U.S.C. 2904 and 2906.
    (11) To a former employee of the Department for purposes of: 
Responding to an official inquiry by a federal, state, or local 
government entity or professional licensing authority, in accordance 
with applicable Department regulations; or facilitating communications 
with a former employee that may be necessary for personnel-related or 
other official purposes where the Department requires information and/
or consultation assistance from the former employee regarding a matter 
within that person's former area of responsibility.
    (12) To such recipients and under such circumstances and procedures 
as are mandated by federal statute or treaty.
    (13) To complainants and/or victims to the extent necessary to 
provide such persons with information and explanations concerning the 
progress and/or results of the investigation or case arising from the 
matters of which they complained and/or of which they were a victim.
    (14) To any criminal, civil, or regulatory law enforcement 
authority (whether federal, state, local, territorial, tribal, or 
foreign (acting either directly or through an authorized representative 
of its government)), where the information is relevant to the recipient 
entity's law enforcement responsibilities.
    (15) To a governmental entity lawfully engaged in collecting law 
enforcement, law enforcement intelligence, or national security 
intelligence information for such purposes.
    (16) To any person, organization, or governmental entity in order 
to notify them of a serious terrorist threat for the purpose of 
guarding against or responding to such a threat.
    (17) To any person or entity, or their representative, if deemed by 
the Criminal Division to be necessary in order to elicit information or 
cooperation from the person or entity or their client for use by the 
Division in the performance of an authorized activity.
    (18) A record that contains classified national security 
information and material may be disseminated to persons who are engaged 
in historical research projects, or who have previously occupied policy 
making positions to which they were appointed by the President, in 
accordance with the provisions codified in 28 CFR 17.46.
    (19) A record relating to an actual or potential civil or criminal 
violation of title 17, United States Code, may be disseminated to a 
person injured by such violation to assist him in the institution or 
maintenance of a suit brought under such title.
    (20) A record relating to a person held in custody pending or 
during arraignment, trial, sentence, or extradition proceedings, or 
after conviction or after extradition proceedings, may be disseminated 
to a federal, state, local, territorial, or foreign prison, probation, 
parole, or pardon authority, or to any other agency or

[[Page 44184]]

individual concerned with the maintenance, transportation, or release 
of such a person.
    (21) A record relating to a case or matter that has been referred 
by an agency for investigation, prosecution or enforcement, or that 
involves a case or matter within the jurisdiction of an agency, may be 
disseminated to such agency to notify the agency of the status of the 
case or matter or of any decision or determination that has been made, 
or to make such inquiries and reports as are necessary during the 
processing of the case or matter.
    (22) In any health care-related civil or criminal case, 
investigation, or matter, information indicating patient harm, neglect, 
or abuse, or poor or inadequate quality of care, at a health care 
facility or by a health care provider may be disclosed as a routine use 
to any federal, state, local, tribal, foreign, joint, international or 
private entity that is responsible for regulating, licensing, 
registering or accrediting any health care provider or health care 
facility, or enforcing any health care-related laws or regulations. 
Further, information indicating an ongoing quality of care problem by a 
health care provider or at a health care facility may be disclosed to 
the appropriate health plan. Additionally, unless otherwise prohibited 
by applicable law, information indicating patient harm, neglect, abuse, 
or poor or inadequate quality of care may be disclosed to the affected 
patient or his representative or guardian at the discretion of and in 
the manner determined by the agency in possession of the information.
    (23) To appropriate agencies, entities, and persons when (1) the 
Department suspects or has confirmed that the security or 
confidentiality of information in the system of records has been 
compromised; (2) the Department has determined that as a result of the 
suspected or confirmed compromise there is a risk of harm to economic 
or property interests, identity theft or fraud, or harm to the security 
or integrity of this system or other systems or programs (whether 
maintained by the Department or another agency or entity) that rely 
upon the compromised information; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with the Department's efforts to respond to the suspected or 
confirmed compromise and prevent, minimize, or remedy such harm.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Records are maintained in hard-copy, paper format and stored in 
electronic format via a Storage Area Network system architecture 
consisting of personal computers, client/servers, and tape libraries. 
Data is stored on hard disk, floppy diskettes, compact disks, magnetic 
tape and/or optical disk media. Records are stored in accordance with 
applicable executive orders, statutes, and agency implementing 
regulations.
    The computer storage devices are located at several Justice 
Department buildings in Washington, DC. Paper files are stored in: 
Division offices with controlled access; a secure records unit with 
controlled access; locked file cabinets; other appropriate GSA approved 
security containers; or once closed, at a National Archives and Records 
Administration regional records center. Records that contain classified 
national security information are stored in accordance with applicable 
executive orders, statutes, and agency implementing regulations.

RETRIEVABILITY:
    Records may be retrieved by reference to an individual's name or 
personal identifier.

SAFEGUARDS:
    Information in this system is safeguarded in accordance with 
applicable laws, rules, and policies, including the Department's 
automated systems security and access policies. Records and technical 
equipment are maintained in a secured area with restricted access. The 
required use of password protection identification features and other 
system protection methods also restrict access. All physical access to 
the building(s) where this system of records is maintained is 
controlled and monitored by security personnel and accessed only by 
authorized Department personnel or by non-Department personnel properly 
authorized to assist in the conduct of an agency function related to 
these records.

RETENTION AND DISPOSAL:
    Records in this system are retained and disposed of in accordance 
with records retention schedules approved by the National Archives and 
Records Administration (NARA) for the constituent system of records.

SYSTEM MANAGER(S) AND ADDRESS:
    Assistant Attorney General, Criminal Division, U.S. Department of 
Justice, 950 Pennsylvania Avenue, NW., Washington DC 20530-0001.

NOTIFICATION PROCEDURE:
    The major part of this system is exempted from this requirement 
under 5 U.S.C. 552a(j)(2), (k)(1) or (k)(2). Inquiries should be 
addressed to: Chief, Freedom of Information Act/Privacy Act Unit, 
Criminal Division, Department of Justice, 950 Pennsylvania Avenue, NW., 
Washington, DC 20530-0001.

RECORD ACCESS PROCEDURES:
    Requests for access to a record in this system must be in writing 
and should be addressed to the Chief of the Freedom of Information Act/
Privacy Act Unit noted above. The envelope and letter should be clearly 
marked ``Privacy Act Request''. Requests must comply with the 
Department's regulations and be made in accordance with 28 CFR Part 16. 
They must include a general description of the records sought, the 
requester's full name, current address, and date and place of birth, 
the name of the case or matter involved, if known, and the name of the 
judicial district involved, if known, or any other identifying number 
or information which may be of assistance in locating the record. 
Social Security numbers are not used by the Criminal Division for 
identification purposes and should not be provided. The request must be 
signed and dated and either notarized or submitted under penalty of 
perjury. Some information may be exempt from access provisions as 
described in the section entitled ``Exemptions Claimed for the 
System.'' An individual who is the subject of a record in this system 
may access those records that are not exempt from disclosure. A 
determination whether a record may be accessed will be made at the time 
a request is received.

CONTESTING RECORD PROCEDURES:
    Individuals desiring to contest or amend information maintained in 
the system should direct their request according to the Record Access 
Procedures listed above, stating clearly and concisely what information 
is being contested, the reasons for contesting it, and the proposed 
amendment to the information sought. Some information is not subject to 
amendment. Some information may be exempt from contesting record 
procedures as described in the section entitled ``Exemptions Claimed 
for the System.'' An individual who is the subject of a record in this 
system may seek amendment of those records that are not exempt. A 
determination whether a

[[Page 44185]]

record may be amended will be made at the time a request is received.

RECORD SOURCE CATEGORIES:
    Department officers and employees and other federal, state, local 
and foreign law enforcement and non-law enforcement agencies, 
corporations and businesses, private persons, witnesses, informants, 
and publicly available information, including commercial information 
resellers.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    The Attorney General has exempted this system from subsections 
(c)(3), (c)(4), (d), (e)(1), (e)(2), (e)(3), (e)(4) (G), (H) and (I), 
(e)(5), (e)(8), (f) and (g) of the Privacy Act pursuant to the 
provisions of 5 U.S.C. 552a(j)(2); in addition, the system is exempt 
pursuant to the provisions of 5 U.S.C. 552a(k)(1) and (k)(2) from 
subsections (c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f). 
Rules have been promulgated in accordance with the requirements of 5 
U.S.C. 553(b), (c) and (e) and have been published in the Federal 
Register. See 28 CFR 16.91.

[FR Doc. E7-15239 Filed 8-6-07; 8:45 am]
BILLING CODE 4410-14-P