[Federal Register Volume 72, Number 191 (Wednesday, October 3, 2007)]
[Notices]
[Pages 56388-56391]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E7-19541]


=======================================================================
-----------------------------------------------------------------------

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

[Notice (07-080)]


Privacy Act of 1974; Privacy Act System of Records

AGENCY: National Aeronautics and Space Administration (NASA).

[[Page 56389]]


ACTION: Notice of Privacy Act system of records.

-----------------------------------------------------------------------

SUMMARY: Each Federal agency is required by the Privacy Act of 1974 to 
publish a description of the systems of records it maintains containing 
personal information when a system is substantially revised, deleted, 
or created. In this notice, NASA provides the required information for 
a new system of records on users of NASA's Earth Observation System 
Data and Information System (EOSDIS). The EOSDIS is a system that 
processes, archives and distributes NASA's Earth science data, the bulk 
of which consists of satellite observations from EOS missions and data 
products derived from them. User information is gathered and maintained 
by this SOR to establish voluntary user accounts that enable 
distribution to the users, upon their request, data from Goddard Space 
Flight Center or one of the eight (8) Distributed Active Archive 
Centers (DAACs) across the United States.

DATES: Submit comments on or before 60 calendar days from the date of 
this publication.

ADDRESSES: Patti Stockman, NASA Privacy Act Officer, Office of the 
Chief Information Officer, NASA Headquarters, 300 E Street, SW., 
Washington, DC 20546-0001, 202-358-4787, [email protected].

FOR FURTHER INFORMATION CONTACT: NASA Privacy Act Officer, Patti 
Stockman, 202-358-4787, [email protected].

SUPPLEMENTARY INFORMATION: Pursuant to Section 208 of the E-Government 
Act of 2002, since the system for collecting EOSDIS User Information 
has not changed substantially since April 2003, NASA has not conducted 
a Privacy Impact Assessment (PIA).
SYSTEM NUMBER:
    GSFC 51EUI.

SYSTEM NAME:
    Earth Observing System Data and Information System (EOSDIS) User 
Information.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    Nine Data Center locations and Clearing House (middleware system) 
as listed below.
    1. Goddard Earth Sciences (GES) Distributed Active Archive Center 
(DAAC) at Location 4 as set forth in Appendix A.
    2. Moderate Resolution Data Center (MRDC) at Location 4 as set 
forth in Appendix A.
    3. Atmospheric Science Data Center (ASDC) DAAC at Location 7 as set 
forth in Appendix A.
    4. Polar Oceanography Distributed Active Archive Center (PO.DAAC) 
at Location 10 as set forth in Appendix A.
    5. Alaska Satellite Facility DAAC, University of Alaska, Fairbanks, 
AK 99775-7320.
    6. Land Processes Distributed Active Archive Center (LP DAAC), 
Earth Resources Observation and Science (EROS), 47914 252nd Street, 
Sioux Falls, SD 57918-0001.
    7. National Snow and Ice Data Center DAAC, University of Colorado, 
Boulder, CO 80309.
    8. Oak Ridge National Laboratory DAAC, Oak Ridge, TN 37381-6407.
    9. Socioeconomic Data and Applications Center, Center for 
International Earth Science Information Network (CIESIN) at Columbia 
University, Palisades, NY 10964.
    10. EOS Clearing House (ECHO) at Location 4 as set forth in 
Appendix A.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals from the NASA, university, and research communities, as 
well as the general public, who request satellite data or other data 
products from any of the EOSDIS data centers indicated above, or 
individuals who register to save their data search parameters for reuse 
in the future.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records in this system consist of information obtained from 
individual users that enables, on request, shipping of data on media to 
the users. Records include individual's mailing addresses, telephone 
numbers and e-mail addresses. This information is used to enable secure 
user access to specific science datasets, as well as, the shipping of 
data on media to EOSDIS users.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    National Aeronautics and Space Act of 1958, as amended; 42 U.S.C. 
2473, et seq.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSE OF SUCH USES:
    Any disclosures of information will be compatible with the purpose 
for which the Agency collected the information. The records and 
information in these records may be disclosed:
    (1) To the two DAACs at (i) at United States Geological Survey's 
EROS and (ii) the Alaska SAR Facility at University of Alaska, 
Fairbanks, to facilitate payments and collections for individuals' 
purchasing proprietary scientific data under international agreements;
    (2) To government contractors conducting OMB-approved annual user 
satisfaction surveys collecting user feedback for aggregating reports 
to OMB and enabling NASA to improve its systems, processes, and 
services to the user community;
    (3) To contractors supporting the Earth Science Data and 
Information System (ESDIS) Project for analysis of EOSDIS usage through 
aggregated data usage metrics;
    (4) To a Member of Congress or to a Congressional staff member in 
response to an inquiry of the Congressional office made at the written 
request of the constituent about whom the record is maintained;
    (5) To a staff member of the Executive Office of the President in 
response to an official inquiry from the White House;
    (6) To the National Archives and Records Administration or to the 
General Services Administration for records management inspections 
conducted under 44 U.S.C. Sec. Sec.  2904 and 2906.
    (7) To agency contractors, grantees, or volunteers who have been 
engaged to assist the agency in the performance of a contract service, 
grant, cooperative agreement, or other activity related to this system 
of records and who need to have access to the records in order to 
perform their activity. Recipients shall be required to comply with the 
requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a;
    (8) To provide relevant information to an internal or external 
organization or element thereof conducting audit activities of a NASA 
contractor or subcontractor;
    (9) In accordance with standard routine uses set forth in Appendix 
B.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE:
    Records at all the data centers except MRDC and ECHO are stored 
electronically on a secure server and archival media as encrypted 
electronic records. The information about users accessing science data 
or contacting the user support office at the MRDC is stored unencrypted 
in password-protected electronic files with limited access. The 
information about registered and guest users of ECHO is stored 
unencrypted on disk in a database.

RETRIEVABILITY:
    User account records containing information about individuals,

[[Page 56390]]

including their names, mailing addresses, telephone numbers and email 
addresses are typically indexed and retrieved by user's name.

SAFEGUARDS:
    Approved security plans for each of the data centers in this system 
have been established in accordance with OMB Circular A-130, Management 
of Federal Information Resources. The aggregation of these plans 
constitutes the security plan for EOSDIS. Individuals will have access 
to the system only in accordance with approved authentication methods. 
Only key authorized employees with appropriately configured system 
roles can access the system. All specific user information kept in our 
systems are managed according to NASA guidelines. Data Centers that 
keep user information (Land Processes and Alaska Satellite Facility) 
store the data in properly safeguarded systems, which are subjected to 
periodic security reviews by the ESDIS Security group (typically three 
times a year). Paper and electronic copies are kept offline in locked 
cabinets. This information is updated on a yearly basis, and superceded 
records deleted.

RETENTION AND DISPOSAL:
    The ESDIS Project has a plan under configuration control according 
to which the original data are deleted in accordance with NASA Records 
Retention Schedule 2, Item 15A.3. Only aggregated statistics on those 
original records are kept. The data centers reauthorize specific users' 
information on an annual basis and user information is deleted when no 
longer needed in accordance with NASA Records Retention Schedule 2, 
Item 19A. Mailing lists containing user information are maintained in 
order to permit shipping data products to users and are disposed of 
according to the NASA Records Retention Schedule 1, Item 88.

SYSTEM MANAGERS AND ADDRESSES:
    System Manager: 423/Science Operations Office Manager, ESDIS 
Project, Goddard Space Flight Center, National Aeronautics and Space 
Administration, Greenbelt, MD 20771.
    Subsystem Managers: Data Center Managers at each of the locations 
1-9 whose addresses are listed under item SYSTEM LOCATION above.
    ECHO Manager: 423/ECHO Manager, ESDIS Project, Goddard Space Flight 
Center, National Aeronautics and Space Administration, Greenbelt, MD 
20771.

NOTIFICATION PROCEDURE:
    Individuals inquiring about their records should contact the System 
Manager at the address given above and provide their name and e-mail 
address. The System Manager can be reached by phone at (301) 614-5048.

RECORD ACCESS PROCEDURE:
    Individuals who wish to gain access to their records should submit 
their request in writing to the System Manager at the address given 
above. The System Manager may also be reached by phone at (301) 614-
5048.

CONTESTING RECORD PROCEDURES:
    The NASA regulations governing access to records and procedures for 
contesting the contents, and for appealing initial determinations are 
set forth in 14 CFR Part 1212.

RECORD SOURCE CATEGORIES:
    The information is received directly from users needing to obtain 
or access NASA's Earth science data products by the Data Centers mostly 
through an electronic interface permitting the users to search for and 
order data products. The information may be obtained through the ECHO 
middleware system for access to data located at multiple data centers. 
Occasionally, users provide this information via telephone calls to the 
user services staff at data centers.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    None.

Jonathan Q. Pettus,
NASA Chief Information Officer.

Appendix A--Location Numbers and Mailing Addresses of NASA 
Installations at Which Records Are Located

Location 1

NASA Headquarters, National Aeronautics and Space Administration, 
Washington, DC 20546-0001

Location 2

Ames Research Center, National Aeronautics and Space Administration, 
Moffett Field, CA 94035-1000

Location 3

Dryden Flight Research Center, National Aeronautics and Space 
Administration, PO Box 273, Edwards, CA 93523-0273

Location 4

Goddard Space Flight Center, National Aeronautics and Space 
Administration, Greenbelt, MD 20771-0001

Location 5

Lyndon B. Johnson Space Center, National Aeronautics and Space 
Administration, Houston, TX 77058-3696

Location 6

John F. Kennedy Space Center, National Aeronautics and Space 
Administration, Kennedy Space Center, FL 32899-0001

Location 7

Langley Research Center, National Aeronautics and Space 
Administration, Hampton, VA 23681-2199

Location 8

John H. Glenn Research Center at Lewis Field, National Aeronautics 
and Space Administration, 21000 Brookpark Road, Cleveland, OH 44135-
3191

Location 9

George C. Marshall Space Flight Center, National Aeronautics and 
Space Administration, Marshall Space Flight Center, AL 35812-0001

Location 10

HQ NASA Management Office-JPL, National Aeronautics and Space 
Administration, 4800 Oak Grove Drive, Pasadena, CA 91109-8099

Location 11

John C. Stennis Space Center, National Aeronautics and Space 
Administration, Stennis Space Center, MS 39529-6000

Location 12

JSC White Sands Test Facility, National Aeronautics and Space 
Administration, PO Drawer MM, Las Cruces, NM 88004-0020

Location 13

GRC Plum Brook Station, National Aeronautics and Space 
Administration, Sandusky, OH 44870

Location 14

MSFC Michoud Assembly Facility, National Aeronautics and Space 
Administration, PO Box 29300, New Orleans, LA 70189

Location 15

NASA Independent Verification and Validation Facility (NASA IV&V), 
100 University Drive, Fairmont, WV 26554

Location 16

Office of Inspector General, Post of Duty, 402 E. State Street, 
Suite 3036, Trenton, NJ 08608

Location 17

Office of Inspector General, Western Field Office, Glenn Anderson 
Federal Building, 501 West Ocean Blvd., Long Beach, CA 90802-4222

Location 18

NASA Shared Services Center (NSSC), Building 5100, Stennis Space 
Center, MS 39529-6000

Appendix B-- Standard Routine Uses--NASA

    The following routine uses of information contained in SORs, 
subject to the Privacy Act of 1974, are standard for many NASA 
systems. They are cited by reference in the paragraph ``Routine uses 
of records maintained in the system, including

[[Page 56391]]

categories of users and the purpose of such uses'' of the Federal 
Register Notice on those systems to which they apply.
    Standard Routine Use No. 1--Law Enforcement--In the event this 
system of records indicates a violation or potential violation of 
law, whether civil, criminal, or regulatory in nature, and whether 
arising by general statute or particular program statute, or by 
regulation, rule or order issued pursuant thereto, the relevant 
records in the SOR may be referred, as a routine use, to the 
appropriate agency, whether Federal, State, local or foreign, 
charged with the responsibility of investigating or prosecuting such 
violation or charged with enforcing or implementing the statute, or 
rule, regulation or order issued pursuant thereto.
    Standard Routine Use No. 2--Disclosure When Requesting 
Information--A record from this SOR may be disclosed as a ``routine 
use'' to a Federal, State, or local agency maintaining civil, 
criminal, or other relevant enforcement information or other 
pertinent information, such as current licenses, if necessary to 
obtain information relevant to an agency decision concerning the 
hiring or retention of an employee, the issuance of a security 
clearance, the letting of a contract, or the issuance of a license, 
grant, or other benefit.
    Standard Routine Use No. 3--Disclosure of Requested 
Information--A record from this SOR may be disclosed to a Federal 
agency, in response to its request, in connection with the hiring or 
retention of an employee, the issuance of a security clearance, the 
reporting of an investigation of an employee, the letting of a 
contract, or the issuance of a license, grant, or other benefit by 
the requesting agency, to the extent that the information is 
relevant and necessary to the requesting agency's decision on the 
matter.
    Standard Routine Use No. 4--Disclosure to the Department of 
Justice for Use in Litigation--A record from this SOR may be 
disclosed to the Department of Justice when (a) the Agency, or any 
component thereof; or (b) any employee of the Agency in his or her 
official capacity; or (c) any employee of the Agency in his or her 
individual capacity where the Department of Justice or the Agency 
has agreed to represent the employee; or (d) the United States, 
where the Agency determines that litigation is likely to affect the 
Agency or any of its components, is a party to litigation or has an 
interest in such litigation, and the use of such records by the 
Department of Justice or the Agency is deemed by the Agency to be 
relevant and necessary to the litigation provided, however, that in 
each case it has been determined that the disclosure is compatible 
with the purpose for which the records were collected.
    Standard Routine Use 5--Routine Use for Agency Disclosure in 
Litigation--It shall be a routine use of the records in this system 
of records to disclose them in a proceeding before a court or 
adjudicative body before which the agency is authorized to appear, 
when: (a) The Agency, or any component thereof; or (b) any employee 
of the Agency in his or her official capacity; or (c) any employee 
of the Agency in his or her individual capacity where the Agency has 
agreed to represent the employee; or (d) the United States, where 
the Agency determines that litigation is likely to affect the Agency 
or any of its components, is a party to litigation or has an 
interest in such litigation, and the use of such records by the 
Agency is deemed to be relevant and necessary to the litigation, 
provided, however, that in each case, the Agency has determined that 
the disclosure is compatible with the purpose for which the records 
were collected.
    Standard Routine Use No. 6--Suspected or Confirmed 
Confidentiality Compromise--A record from this SOR may be disclosed 
to appropriate agencies, entities, and persons when (1) NASA 
suspects or has confirmed that the security or confidentiality of 
information in the system of records has been compromised; (2) NASA 
has determined that as a result of the suspected or confirmed 
compromise there is a risk of harm to economic or property 
interests, identity theft or fraud, or harm to the security or 
integrity of this system or other systems or programs (whether 
maintained by NASA or another agency or entity) that rely upon the 
compromised information; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with NASA's efforts to respond to the suspected or 
confirmed compromise and prevent, minimize, or remedy such harm.

 [FR Doc. E7-19541 Filed 10-2-07; 8:45 am]
BILLING CODE 7510-13-P