[Federal Register Volume 75, Number 15 (Monday, January 25, 2010)]
[Notices]
[Pages 3919-3921]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2010-1364]


-----------------------------------------------------------------------

DEPARTMENT OF THE INTERIOR

Bureau of Land Management

[LLOR931000.L63100000.HD0000]


Privacy Act of 1974; as Amended; Notice To Amend an Existing 
System of Records

AGENCY: Bureau of Land Management, Interior.

ACTION: Notice of Amendment to an Existing System of Records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended, the Department of the Interior (DOI) is issuing a public 
notice of its intent to amend the Bureau of Land Management ``Mineral 
and Vegetal Material Sales''--Interior, (BLM)-16 notice. The amendment 
includes a change in the system name from ``Mineral and Vegetal 
Material Sales'' to ``Timber Sale Information System (TSIS).'' The 
amendment includes an update to the record content for Special Forest 
Products and incorporates the Stewardship Contracting Information 
Database (SCID) as a module of TSIS. The amended system of records is 
captioned ``Interior-BLM-16'' and is titled ``Timber Sale Information 
System (TSIS).''

DATES: Comments must be received by March 8, 2010.

ADDRESSES: Any person interested in commenting on this amendment may do 
so by: submitting comments in writing to Privacy Act Officer, Oregon 
State Office, P.O. Box 2965, Portland, Oregon 97208; hand-delivering 
comments to Oregon State Office, 333 SW. 1st Avenue, Portland, Oregon 
97204; or e-mailing comments to [email protected]. Before including 
your address, phone number, e-mail address, or other personal 
identifying information in your comment, you should be aware that your 
entire comment--including your personal identifying information--may be 
made publicly available at any time. While you can ask us in your 
comment to withhold your personal identifying information from public 
review, we cannot guarantee that we will be able to do so.

FOR FURTHER INFORMATION CONTACT: Deputy State Director, Division of 
Resource Planning, Use and Protection (OR930), U.S. Department of the 
Interior, Bureau of Land Management, Oregon State Office, 333 SW. 1st 
Avenue, Portland, Oregon 97204.

SUPPLEMENTARY INFORMATION: The Bureau of Land Management maintains the 
TSIS system of records. The purpose of this system is to track timber 
sale contract administration and accounting; Special Forest Products 
(SFP) sales and permits; and the use of procurement contracts and 
agreements for removing vegetal products from public lands through 
stewardship contracting authorized under the Omnibus Appropriations 
Bill of 2003, (Pub. L. 108-7, Section 323). Authorization for TSIS and 
its components fall under the Clinger-Cohen Act of 1996, OMB Circular 
A-130 ``Management of Federal Information Resources'', and the Oregon 
and California Lands Act of 1937. The system also provides data for 
reporting accomplishments. The amendments to the system will be 
effective as proposed at the end of the comment period (the comment 
period will end 40 days after the publication of this notice in the 
Federal Register), unless comments are received which would require a 
contrary determination. The DOI will publish a revised notice if 
changes are made based upon a review of the comments received.

Beverly E. Walker,
Privacy Act Officer, Bureau of Land Management.
System Name

Timber Sale Information System (TSIS)--Interior, BLM-16

SYSTEM LOCATION:
    U.S. Department of the Interior, Bureau of Land Management, Oregon 
State Office, 333 SW. 1st Avenue, Portland, Oregon 97204.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Purchasers of vegetal materials. Purchasers refer to those 
individuals that purchase vegetative materials, and enter into timber 
sales and stewardship contracts; and include, but are not limited to, 
the following descriptive terminology: individual buyers or permittees, 
partnerships, corporations or contractors.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The record contains customer information on timber purchasers, 
contact person(s) for timber purchasers of special forest products, and 
stewardship agreement recipients

[[Page 3920]]

(individual, partnership, corporate). Information is collected in 
person from a purchaser physically present at a BLM facility or from an 
authorized BLM Contracting Officer. The data is entered into TSIS by an 
authorized BLM employee or contractor.
    The record may contain the purchaser's name, address, phone 
numbers, driver license, vehicle information, description of the 
material purchased, quantity, sale price, the Bureau's assigned sale 
number, and information on debts owed the Bureau because of defective 
payments. The SCID module contains the contractor/agreement recipient's 
name and telephone number. The system operates under the Privacy Act of 
1974 and the regulations in 43 CFR 2.48(d).

    Note: Certain categories of information must be reviewed under 
the Freedom of Information Act (FOIA) and are not included in the 
information available for public inspection.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    16 U.S.C. 617, 30 U.S.C. 601, 43 U.S.C. 1181(a).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    The primary uses of the records are:
    (1) Timber sale accounting, management, activity tracking and 
tracking of Special Forest Product (SFP) sales and permits. The TSIS 
provides direct support to BLM Mission Goals 2.4.01 and 2.4.02 related 
to managing the use of forest and woodland products in the Public 
Domain (PD) and in the Oregon and California Lands (O&C). The volumes 
calculated in 2.4.01 and 2.4.02 are used to determine the percentages 
in 2.4.03 and 2.4.04. The TSIS is the sole automated process to track 
timber sale and special forest product activity and accomplishments, 
and it is the sole source for validation of timber sale and special 
forest product revenues in the BLM's financial system. The SCID module 
is the sole automated process to track stewardship contracts and 
agreements, and is the sole source for validation of revenues received 
via stewardship contracting from timber sales, procurement contracts 
and agreements. In addition, SCID records earned credits for work 
performed on public lands in exchange for the vegetal contracts. The 
work credit is reported to the contractor and the Internal Revenue 
Service on a 1099 form by the BLM.
    (2) Vehicle and identification information, if provided by the SFP 
permittee, is provided to BLM law enforcement officials to support 
enforcement of permit stipulations and requirements. Contact 
information (name, address) is printed on each permit and is useful to 
identify the uniqueness of a permittee.

DISCLOSURES OUTSIDE DOI MAY BE MADE WITHOUT THE CONSENT OF THE 
INDIVIDUAL TO WHOM THE RECORD PERTAINS AS A ROUTINE USE UNDER THE 
FOLLOWING CIRCUMSTANCES:
    (1) (a) To any of the following entities or individuals, when the 
circumstances set forth in paragraph (b) are met:
    (i) The U.S. Department of Justice (DOJ);
    (ii) A court or an adjudicative or other administrative body;
    (iii) A party in litigation before a court or an adjudicative or 
other administrative body; or
    (iv) Any DOI employee acting in his or her individual capacity if 
DOI or DOJ has agreed to represent that employee or pay for private 
representation of the employee;
    (b) When:
    (i) One of the following is a party to the proceeding or has an 
interest in the proceeding:
    (A) DOI or any component of DOI;
    (B) Any other Federal agency appearing before the Office of 
Hearings and Appeals;
    (C) Any DOI employee acting in his or her official capacity;
    (D) Any DOI employee acting in his or her individual capacity if 
DOI or DOJ has agreed to represent that employee or pay for private 
representation of the employee;
    (E) The United States, when DOJ determines that DOI is likely to be 
affected by the proceeding; and
    (ii) DOI deems the disclosure to be:
    (A) Relevant and necessary to the proceeding; and
    (B) Compatible with the purpose for which the records were 
compiled.
    (2) To a congressional office in response to a written inquiry that 
an individual covered by the system, or the heir of such individual if 
the covered individual is deceased, has made to the office.
    (3) To any criminal, civil, or regulatory law enforcement authority 
(whether Federal, State, territorial, local, Tribal or foreign) when a 
record, either alone or in conjunction with other information, 
indicates a violation or potential violation of law--criminal, civil, 
or regulatory in nature--and the disclosure is compatible with the 
purpose for which the records were compiled.
    (4) To an official of another Federal agency to provide information 
needed in the performance of official duties related to reconciling or 
reconstructing data files or to enable that agency to respond to an 
inquiry by the individual to whom the record pertains.
    (5) To Federal, State, territorial, local, Tribal, or foreign 
agencies that have requested information relevant or necessary to the 
hiring, firing or retention of an employee or contractor, or the 
issuance of a security clearance, license, contract, grant or other 
benefit, when the disclosure is compatible with the purpose for which 
the records were compiled.
    (6) To representatives of the National Archives and Records 
Administration to conduct records management inspections under the 
authority of 44 U.S.C. 2904 and 2906.
    (7) To State and local governments and Tribal organizations to 
provide information needed in response to court order and/or discovery 
purposes related to litigation, when the disclosure is compatible with 
the purpose for which the records were compiled.
    (8) To an expert, consultant, or contractor (including employees of 
the contractor) of DOI that performs services requiring access to these 
records on DOI's behalf to carry out the purposes of the system.
    (9) To appropriate agencies, entities, and persons when:
    (a) It is suspected or confirmed that the security or 
confidentiality of information in the system of records has been 
compromised; and
    (b) The Department has determined that as a result of the suspected 
or confirmed compromise there is a risk of harm to economic or property 
interest, identity theft or fraud, or harm to the security or integrity 
of this system or other systems or programs (whether maintained by the 
Department or another agency or entity) that rely upon the compromised 
information; and
    (c) The disclosure is made to such agencies, entities and persons 
who are reasonably necessary to assist in connection with the 
Department's efforts to respond to the suspected or confirmed 
compromise and prevent, minimize, or remedy such harm.
    (10) To the Office of Management and Budget during the coordination 
and clearance process in connection with legislative affairs as 
mandated by OMB Circular A-19.
    (11) To the Department of the Treasury to recover debts owed to the 
United States.
    (12) To the news media when the disclosure is compatible with the 
purpose for which the records were compiled.
    (13) To a consumer reporting agency if the disclosure requirements 
of the Debt Collection Act, as outlined at 31 U.S.C. 3711(e)(1), have 
been met.

[[Page 3921]]

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Paper records are stored in file folders, in locked file cabinets 
until data input is verified. Any paper records that are not input into 
the system are maintained in secured files. Electronic records are 
stored on disk, system hard drive, tape or other appropriate media.

RETRIEVABILITY:
    Indexed by system-generated identifiers, an assigned number is used 
to retrieve SFP permit number, purchaser, contractor and dates. An 
existing purchaser may be located by entering a portion (or all) of the 
individual's contact information (name, address, this may include a 
phone number if it was provided) and reviewing the list of individuals 
matching the search criteria. The search functionality for timber sales 
allows users to browse lists of timber sales, purchasers, and sureties.

SAFEGUARDS:
    Access to records is limited to authorized personnel. Electronic 
records are maintained with safeguards meeting security requirements of 
43 CFR 2.51.
    A security plan was developed to prevent unauthorized access to the 
system and secure transmission of the data. A Privacy Impact Assessment 
was completed and signed in January 2008.
    (1) Physical Security--Information is collected in person from a 
purchaser(s) physically present at a BLM facility or from an authorized 
BLM Contracting Officer. The data is entered into SFP-Web by an 
authorized BLM employee or contractor. These forms are only available 
on the BLM intranet and are not available to the public on any Web 
site. Any paper records that are not input into the system are 
maintained in locked file cabinets.
    (2) Technical Security--TSIS users are granted access to the TSIS 
application via the district TSIS data steward. The request for access 
must be signed by the TSIS data steward (ORSO) and IT Security Manager 
(ORSO) and passwords are required. The SFP Users are granted access to 
the TSIS-Web application by the district TSIS data steward. SCID Users 
are granted access to the SCID module Web application by the State 
office or district SCID data steward. The request for access must be 
signed by the TSIS data steward (ORSO) or SCID data steward, and IT 
Security Manager (ORSO). Data from the current TSIS (Unix-based) 
version are integrated into a data warehouse with the new TSIS-Web 
version and the SCID Web module each night. The data is unloaded from 
the TSIS (Informix) database to a local directory where the system 
developer and system administrators have access. This data is then 
loaded into a new database (MySQL) on another server where the TSIS-Web 
data also resides. The integration of data sources excludes the 
identification provided by the permittee (for the 5450-24 permit), but 
does include permittee name, address, phone (if provided), and vehicle 
information (where provided). The TSIS data warehouse database is only 
available to the system developer, and information from this database 
is available to BLM users only via read-only reports. Most reports that 
are available from the warehouse data do not contain Personally 
Identifiable Information (PII). Of the few reports (6 total) that do 
contain PII, only four contain more than first/last name. Only users 
with access to the BLM intranet, authenticated BLM domain users, who 
are also members of the TSIS group in Active Directory, are able to 
retrieve these reports. These electronic records are maintained in 
compliance with Office of Management and Budget and Departmental 
guidelines.
    (3) Administrative Security--All BLM employees with access to the 
system are required to complete Privacy Act, Records Management Act, 
and IT Security Awareness training prior to being given access to the 
system, and on an annual basis thereafter. The Rules of Behavior are in 
accordance with the BLM policy that requires the signature of all BLM 
Network users. Applicable Privacy Act warning statements are placed on 
all information printouts of data from the system.

RETENTION AND DISPOSAL:
    Records are retained and disposed of in accordance with National 
Archives and Records Administration (NARA) procedures and General 
Records Schedule (GRS) BLM 4/6d(4) and (6). Records are to be destroyed 
or deleted when data has been transferred to an electronic medium and 
verified. However, due to the current freeze on the destruction/
deletion of all records and the GRS/BLM records, all records are 
permanent until the freeze is lifted.

SYSTEM MANAGER AND ADDRESS:
    Deputy State Director, Division of Resource Planning, Use and 
Protection (OR930), U.S. Department of the Interior, Bureau of Land 
Management, Oregon State Office, P.O. Box 2965, Portland, Oregon 97208.

NOTIFICATION PROCEDURES:
    An individual requesting notification of the existence of records 
on himself or herself should send a signed, written inquiry to the 
Systems Manager identified above. The request envelope and letter 
should both be clearly marked ``PRIVACY ACT INQUIRY.'' A request for 
notification must meet the requirements of 43 CFR 2.60.

RECORDS ACCESS PROCEDURES:
    An individual requesting records on himself or herself should send 
a signed, written inquiry to the Systems Manager identified above. The 
request should describe the records sought as specifically as possible. 
The request envelope and letter should both be clearly marked ``PRIVACY 
ACT REQUEST FOR ACCESS.'' A request for access must meet the 
requirements of 43 CFR 2.63.

CONTESTING RECORDS PROCEDURES:
    An individual requesting corrections or the removal of material 
from his or her records should send a signed, written request to the 
System Manager identified above. A request for corrections or removal 
must meet the requirements of 43 CFR 2.71.

RECORD SOURCE CATEGORIES:
    Information is provided by the purchaser, contractor, or agreement 
recipient.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    None.

[FR Doc. 2010-1364 Filed 1-22-10; 8:45 am]
BILLING CODE 4310-13-P