[Federal Register Volume 74, Number 102 (Friday, May 29, 2009)]
[Notices]
[Pages 25724-25726]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-12501]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

[Docket ID DOD-2009-OS-0072]


Privacy Act of 1974; System of Records

AGENCY: National Security Agency/Central Security Service, DoD.

ACTION: Notice to Alter a System of Records.

-----------------------------------------------------------------------

SUMMARY: The National Security Agency/Central Security Service is 
proposing to alter an exempt system of records to its existing 
inventory of record systems subject to the Privacy Act of 1974, (5 
U.S.C. 552a), as amended.

DATES: This proposed action would be effective without further notice 
on June 29, 2009 unless comments are received which result in a 
contrary determination.

ADDRESSES: Send comments to the National Security Agency/Central 
Security Service, Office of Policy, 9800 Savage Road, Suite 6248, Ft. 
George G. Meade, MD 20755-6248.

FOR FURTHER INFORMATION CONTACT: Ms. Anne Hill at (301) 688-6527.

SUPPLEMENTARY INFORMATION: The National Security Agency's record system 
notices for records systems subject to the Privacy Act of 1974 (5 
U.S.C. 552a), as amended, have been published in the Federal Register 
and are available from the address above.
    The proposed system report, as required by 5 U.S.C. 552a(r) of the 
Privacy Act of 1974, as amended, was submitted on May 21, 2009, to the 
House Committee on Oversight and Government Reform, the Senate 
Committee on Homeland Security and Governmental Affairs, and the Office 
of Management and Budget (OMB) pursuant to paragraph 4c of Appendix I 
to OMB Circular No. A-130, `Federal Agency Responsibilities for 
Maintaining Records About Individuals,' dated February 8, 1996 
(February 20, 1996, 61 FR 6427).

    Dated: May 21, 2009.
Morgan E. Frazier,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
GNSA 10

System name:
    NSA/CSS Personnel Security File (February 22, 1993, 58 FR 10531).

Changes:
* * * * *

Categories of records in the system:
    Delete entry and replace with ``Records relevant to access 
classified information, assignment and reassignment, foreign official 
and unofficial travel, access to NSA/CSS spaces or facilities, access 
to NSA's Intranet, and other personnel actions where security 
represents a relevant and valid element of the determination. Records 
may consist of name, Social Security Number (SSN), home address, home 
phone number, security file number, statement of personal history, 
photograph, fingerprint data, agreements with respect to specific 
security processing procedures, security processing forms and records, 
investigative and polygraph reports, appeal records, incident and 
complaint reports, unsolicited information when relevant, reports by 
domestic law enforcement agencies when relevant, clearance data, access 
authorization, foreign travel data, security secrecy agreements and 
financial data''.

Authority for maintenance of system:
    Delete entry and replace with ``50 U.S.C. Sections 831-835, 
Personnel Security Procedures in the National Security Agency; 
E.O.10450, as amended, Security Requirements for Government Employment; 
E.O.10865, as amended, Safeguarding Classified Information Within 
Industry, E.O.12968, Access to Classified Information; and E.O 9397 
(SSN)''.

Purpose(s):
    Delete entry and replace with ``The records are used for the 
purpose of determining suitability, eligibility, or qualification for 
civil employment, federal contracts, or access to classified 
information and/or NSA/CSS spaces and facilities; to determine access 
to NSA's Intranet, to determine and ensure continued eligibility for 
access to classified information; to record adjudicative actions and 
determinations; to record processing steps taken; to document due 
process actions taken; to make determinations on official and 
unofficial foreign travel; to make determinations on assignment and 
reassignment and other actions where security represents a relevant and 
valid element of the determination''.

Routine use of the records maintained in the system, including 
categories of users and the purpose of such uses:
    Delete entry and replace with ``In addition to those disclosures 
generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, 
these records contained therein may specifically be disclosed outside 
the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    To agencies outside DoD, to include but not limited to other 
clearance holder agencies or agencies charged with making clearance 
determinations, government agencies involved with national security or 
clearance investigations, other government agencies and private 
contractors requiring clearance status information and authorized to 
receive same; the Director National Intelligence (DNI) and his General 
Counsel in the event of litigation or anticipated litigation with 
respect to unauthorized disclosures of classified intelligence or 
intelligence sources and methods and related court actions; judicial 
branch elements pursuant to specific court orders or litigation.
    In addition, other government agencies or private contractors may 
be informed of information developed by NSA which bears on assignee's 
or affiliate's status at NSA with regard to security considerations.
    To local law enforcement (county and state) and other federal, 
state, or local agencies or departments for hiring purposes.
    To any entity or individual under contract with NSA/CSS for the 
purpose of providing security-related services.
    To any party, council, representative, and/or witness in any legal 
proceeding, where pertinent, to which DoD is a party before a court or 
administrative body (including, but not limited to, the Equal 
Employment Opportunity Commission and Merit System Protection Board).
    The DoD `Blanket Routine Uses' set forth at the beginning of the 
NSA/CSS' compilation of systems of records notices apply to this 
system''.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Delete entry and replace with ``Paper in file folders and 
electronic storage media''.

[[Page 25725]]

Retrievability:
    Delete entry and replace with ``By name, Social Security Number 
(SSN), or unique Security File Number''.

Safeguards:
    Delete entry and replace with ``Buildings are secured by a series 
of guarded pedestrian gates and checkpoints. Access to facilities is 
limited to security-cleared personnel and escorted visitors only. 
Within the facilities themselves, access to paper and computer 
printouts are controlled by limited-access facilities and lockable 
containers. Access to electronic means is limited and controlled by 
computer password protection''.

Retention and disposal:
    Delete entry and replace with ``Records containing no derogatory 
information are reviewed for retention 10 years after date of last 
action then destroyed; records containing derogatory information are 
reviewed for retention 25 years after last action then destroyed.
    Records are destroyed by pulping, burning, shredding, or erasure or 
destruction of magnet media''.

System manager(s) and address:
    Delete entry and replace with ``The Associate Director for Security 
and Counterintelligence, National Security Agency/Central Security 
Service, Ft. George G. Meade, MD 20755-6000''.

Notification procedure:
    Delete entry and replace with ``Individuals seeking to determine 
whether information about themselves is contained in this system should 
address written inquiries to the National Security Agency/Central 
Security Service, Freedom of Information Act/Privacy Act Office, 9800 
Savage Road, Suite 6248, Ft. George G. Meade, MD 20755-6248.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address''.

Record access procedures:
    Delete entry and replace with ``Individuals seeking access to 
information about themselves contained in this system should address 
written inquiries to the National Security Agency/Central Security 
Service, Freedom of Information Act/Privacy Act Office, 9800 Savage 
Road, Suite 6248, Ft. George G. Meade, MD 20755-6248.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address''.

Contesting record procedures:
    Delete entry and replace with ``The NSA/CSS rules for contesting 
contents and appealing initial determinations are published at 32 CFR 
part 322 or may be obtained by written request addressed to the 
National Security Agency/Central Security Service, Freedom of 
Information Act/Privacy Act Office, 9800 Savage Road, Suite 6248, Ft. 
George G. Meade, MD 20755-6248''.

Record source categories:
    Delete entry and replace with ``Data provided by individual during 
employment and security processing; data provided by investigative 
service processing individual's background; data provided by 
references, educational institutions and other sources named by 
individual or developed during background investigation; unsolicited 
data from any source where relevant; data provided by the Office of 
Personnel Management and other agencies, departments, and governmental 
elements involved in the conduct of National Agency checks and Local 
Agency checks; the Federal Bureau of Investigation; data developed by 
appropriate governmental elements in the course of a national security 
investigation or investigation into alleged violations of criminal 
statutes related to unauthorized disclosure of intelligence or 
protection of intelligence sources and methods; documents furnished by 
agency element sponsoring individual for access to specific classified 
information''.
* * * * *
GNSA 10

System name:
    NSA/CSS Personnel Security File.

System location:
    National Security Agency/Central Security Service, 9800 Savage 
Road, Ft. George G. Meade, MD 20755-6000.

Categories of individuals covered by the system:
    Applicants for employment with NSA/CSS; civilian employees; 
personnel under contract; military assignees; members of advisory 
groups; consultants; experts; other military personnel; federal 
employees; employees of contractors, and employees of services; other 
individuals who require access to NSA/CSS facilities or information and 
individuals who were formerly affiliated with NSA/CSS.

Categories of records in the system:
    Records relevant to access classified information, assignment and 
reassignment, foreign official and unofficial travel, access to NSA/CSS 
spaces or facilities, access to NSA's Intranet, and other personnel 
actions where security represents a relevant and valid element of the 
determination. Records may consist of name, social security number, 
home address, home phone number, security file number, statement of 
personal history, photograph, fingerprint data, agreements with respect 
to specific security processing procedures, security processing forms 
and records, investigative and polygraph reports, appeal records, 
incident and complaint reports, unsolicited information when relevant, 
reports by domestic law enforcement agencies when relevant, clearance 
data, access authorization, foreign travel data, security secrecy 
agreements, and financial data.

Authority for maintenance of the system:
    50 U.S.C. Sections 831-835, Personnel Security Procedures in the 
National Security Agency; E.O.10450, as amended, Security Requirements 
for Government Employment; E.O.10865, as amended, Safeguarding 
Classified Information Within Industry, E.O.12968, Access to Classified 
Information; and E.O 9397 (SSN).

Purpose(s):
    The records are used for the purpose of determining suitability, 
eligibility, or qualification for civil employment, federal contracts, 
or access to classified information and/or NSA/CSS spaces and 
facilities; to determine access to NSA's Intranet, to determine and 
ensure continued eligibility for access to classified information; to 
record adjudicative actions and determinations; to record processing 
steps taken; to document due process actions taken; to make 
determinations on official and unofficial foreign travel; to make 
determinations on assignment and reassignment and other actions where 
security represents a relevant and valid element of the determination.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the DoD as a routine use 
pursuant to 5 U.S.C. 552a(b)(3) as follows:
    To agencies outside DoD, to include but not limited to other 
clearance holder agencies or agencies charged with making clearance 
determinations, government agencies involved with national security or 
clearance investigations, other government agencies and private 
contractors

[[Page 25726]]

requiring clearance status information and authorized to receive same; 
the Director National Intelligence and his General Counsel in the event 
of litigation or anticipated litigation with respect to unauthorized 
disclosures of classified intelligence or intelligence sources and 
methods and related court actions; judicial branch elements pursuant to 
specific court orders or litigation.
    In addition, other government agencies or private contractors may 
be informed of information developed by NSA which bears on assignee's 
or affiliate's status at NSA with regard to security considerations.
    To local law enforcement (county and state) and other federal, 
state, or local agencies or departments for hiring purposes.
    To any entity or individual under contract with NSA/CSS for the 
purpose of providing security-related services.
    To any party, council, representative, and/or witness in any legal 
proceeding, where pertinent, to which DoD is a party before a court or 
administrative body (including, but not limited to, the Equal 
Employment Opportunity Commission and Merit System Protection Board).
    The DoD `Blanket Routine Uses' set forth at the beginning of the 
NSA/CSS' compilation of systems of records notices apply to this 
system.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Paper records in file folders and electronic storage media.

Retrievability:
    By name, Social Security Number (SNN), or unique Security File 
number.

Safeguards:
    Buildings are secured by a series of guarded pedestrian gates and 
checkpoints. Access to facilities is limited to security-cleared 
personnel and escorted visitors only. Within the facilities themselves, 
access to paper and computer printouts are controlled by limited-access 
facilities and lockable containers. Access to electronic means is 
limited and controlled by computer password protection.

Retention and disposal:
    Records containing no derogatory information are reviewed for 
retention 10 years after date of last action then destroyed; records 
containing derogatory information are reviewed for retention 25 years 
after last action then destroyed.
    Records are destroyed by pulping, burning, shredding, or erasure or 
destruction of magnet media.

System manager(s) and address:
    The Associate Director for Security and Counterintelligence, 
National Security Agency/Central Security Service, Ft. George G. Meade, 
MD 20755-6000.

Notification procedure:
    Individuals seeking to determine whether information about 
themselves is contained in this system should address written inquiries 
to the, National Security Agency/Central Security Service, Freedom of 
Information Act/Privacy Act Office, 9800 Savage Road, Suite 6248, Ft. 
George G. Meade, MD 20755-6248.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address.

Record access procedures:
    Individuals seeking access to information about themselves 
contained in this system should address written inquiries to the 
National Security Agency/Central Security Service, Freedom of 
Information Act/Privacy Act Office, 9800 Savage Road, Suite 6248, Ft. 
George G. Meade, MD 20755-6248.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address.

Contesting record procedures:
    The NSA/CSS rules for contesting contents and appealing initial 
determinations are published at 32 CFR part 322 or may be obtained by 
written request addressed to the National Security Agency/Central 
Security Service, Freedom of Information Act/Privacy Act Office, 9800 
Savage Road, Suite 6248, Ft. George G. Meade, MD 20755-6248.

Record source categories:
    Data provided by individual during employment and security 
processing; data provided by investigative service processing 
individual's background; data provided by references, educational 
institutions and other sources named by individual or developed during 
background investigation; unsolicited data from any source where 
relevant; data provided by the Office of Personnel Management and other 
agencies, departments, and governmental elements involved in the 
conduct of National Agency checks and Local Agency checks; the Federal 
Bureau of Investigation; data developed by appropriate governmental 
elements in the course of a national security investigation or 
investigation into alleged violations of criminal statutes related to 
unauthorized disclosure of intelligence or protection of intelligence 
sources and methods; documents furnished by agency element sponsoring 
individual for access to specific classified information.

Exemptions claimed for the system:
    Individual records in this file may be exempt pursuant to 5 U.S.C. 
552a (k)(2), (k)(5), and (k)(6), as applicable.
    Investigatory material compiled for law enforcement purposes, other 
than material within the scope of subsection 5 U.S.C. 552a(j)(2), may 
be exempt pursuant to 5 U.S.C. 552a(k)(2). However, if an individual is 
denied any right, privilege, or benefit for which he would otherwise be 
entitled by Federal law or for which he would otherwise be eligible, as 
a result of the maintenance of such information, the individual will be 
provided access to the information exempt to the extent that disclosure 
would reveal the identity of a confidential source. Note: When claimed, 
this exemption allows limited protection of investigative reports 
maintained in a system of records used in personnel or administrative 
actions.
    Investigatory material compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for federal 
civilian employment, military service, federal contracts, or access to 
classified information may be exempt pursuant to 5 U.S.C. 552a(k)(5), 
but only to the extent that such material would reveal the identity of 
a confidential source.
    Testing or examination material used solely to determine individual 
qualifications for appointment or promotion in the federal or military 
service, if the disclosure would compromise the objectivity or fairness 
of the test or examination process may be exempt pursuant to 5 U.S.C. 
552a(k)(6), if the disclosure would compromise the objectivity or 
fairness of the test or examination process.
    An exemption rule for this record system has been promulgated 
according to the requirements of 5 U.S.C. 553(b)(1), (2), and (3), (c) 
and (e) and published in 32 CFR part 322. For additional information 
contact the system manager.

[FR Doc. E9-12501 Filed 5-28-09; 8:45 am]
BILLING CODE 5001-06-P