[Federal Register Volume 76, Number 66 (Wednesday, April 6, 2011)]
[Proposed Rules]
[Pages 18954-18956]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-8088]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

6 CFR Part 5

[Docket No. DHS-2011-0016]


Privacy Act of 1974: Implementation of Exemptions; Department of 
Homeland Security Federal Emergency Management Agency DHS/FEMA-011 
Training and Exercise Program Records System of Records

AGENCY: Privacy Office, DHS.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: The Department of Homeland Security is giving concurrent 
notice of a newly established system of records pursuant to the Privacy 
Act of 1974 for the ``Department of Homeland Security Federal Emergency 
Management Agency--011 Training and Exercise Program Records System of 
Records'' and this proposed rulemaking. In this proposed and 
consolidating rulemaking, the Department proposes to exempt portions of 
the system of records from one or more provisions of the Privacy Act in 
order to preserve the objectivity and fairness of testing and 
examination material.

DATES: Comments must be received on or before May 6, 2011.

ADDRESSES: You may submit comments, identified by docket number DHS-
2011-0016, by one of the following methods:
     Federal e-Rulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Fax: 703-483-2999.
     Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy 
Office, Department of Homeland Security, Washington, DC 20528.
     Instructions: All submissions received must include the 
agency name

[[Page 18955]]

and docket number for this rulemaking. All comments received will be 
posted without change to http://www.regulations.gov, including any 
personal information provided.
     Docket: For access to the docket to read background 
documents or comments received go to http://www.regulations.gov.
    Instructions: All submissions received must include the agency name 
and docket number for this notice. All comments received will be posted 
without change to http://www.regulations.gov, including any personal 
information provided.
    Docket: For access to the docket to read background documents or 
comments received, go to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: For general questions please contact: 
Thomas R. McQuillan (202-646-3323), Privacy Officer, Federal Emergency 
Management Agency, Department of Homeland Security, Washington, DC 
20478. For privacy issues please contact: Mary Ellen Callahan (703-235-
0780), Chief Privacy Officer, Privacy Office, Department of Homeland 
Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

    In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the 
Department of Homeland Security (DHS) Federal Emergency Management 
Agency (FEMA) proposes to establish a new DHS system of records titled, 
``DHS/FEMA--011 Training and Exercise Program Records System of 
Records.''
    In support of its mission, components within FEMA such as the 
Protection and National Preparedness Bureau, the National Processing 
Service Centers (NPSCs), the United States Fire Administration (USFA), 
the and the FEMA Emergency Management Institute (FEMA/EMI) sponsor a 
wide range of training and exercise programs for FEMA's employees and 
contractors and its partners in the first responder and emergency 
management communities.
    Through its training and exercise programs, FEMA brings together 
partners from State, local, Tribal, regional, international, and 
nongovernmental/volunteer organizations, as well as the private sector, 
including firefighters, emergency medical services, emergency 
management agencies, law enforcement, and public officials. These 
programs provide FEMA's employees, contractors and partners with the 
opportunity to develop the situational awareness and skills necessary 
to quickly prevent, respond to, or mitigate all hazards affecting the 
people of the United States.
    This system of records notice is being published because FEMA 
collects and maintains personally identifiable information (PII) about 
the individuals who register or apply for its training and exercise 
programs and the organization employing or sponsoring these 
individuals, as well as information used to grant access to IT systems 
that support these programs. FEMA's training and exercise programs also 
maintain information about the trainings and exercise events, such as 
rosters and reports, which may be shared among participants. The type 
and amount of PII FEMA collects from individuals to facilitate their 
participation may vary among programs.
    The purpose of this system is to facilitate registration for, 
participation in, and the completion and documentation of, training and 
exercise programs sponsored by FEMA in support of its mission.
    FEMA collects, uses, and maintains the records within this system 
under the authority of the Robert T. Stafford Disaster Relief and 
Emergency Assistance Act; the Federal Fire Prevention and Control Act 
of 1974, as amended; 44 U.S.C. 3101-3106; 6 U.S.C. 748; Homeland 
Security Presidential Directives, and several Executive Orders, as 
described in this notice. This updated system of records strengthens 
privacy protections and provides greater transparency regarding FEMA's 
training and exercise records by encompassing the full range of the 
agency's training and exercise programs into a single system of 
records. To further safeguard individuals' privacy, FEMA limits access 
to the information in this system by verifying the status and ``need to 
know'' of individuals registering for and participating in the agency's 
training and exercise programs.
    The proposed routine uses are compatible with the purpose of the 
original collection as they ensure that the information within this 
system is shared in association with individuals' registration and 
participation in FEMA's training and exercise programs, and otherwise 
ensure that the sharing of information in this system is consistent 
with that of other DHS systems.
    FEMA collects, uses, and maintains information about the 
individuals who register or apply for its training and exercise 
programs, including DHS employees and contractors, other Federal 
employees, volunteers and members of the first responder and emergency 
management communities, to foster the development of mission critical 
skills among them through participation in these training and exercise 
programs. FEMA's training and exercise programs may share information 
with State, local, Tribal, international, nongovernmental/volunteer 
organizations, and private sector organizations. FEMA shares this 
information to facilitate the development of training and exercise 
programs, coordinate, facilitate, and track participation in training 
and exercise programs, and for statistical FEMA's sharing of 
information with education institutions for transcript purposes will 
only take place upon the request of the student.
    In accordance with the Privacy Act of 1974 the Department of 
Homeland Security is giving notice that it proposes to consolidate the 
Privacy Act system of records notice titled, Department of Homeland 
Security/Federal Emergency Management Agency/National Emergency 
Training Center-017 Student Application and Registration Records system 
of records [October 5, 2004, 69 FR 192] into the this system of 
records. This newly established system will be included in DHS's 
inventory of record systems.

II. Privacy Act

    The Privacy Act embodies fair information practice principles in a 
statutory framework governing the means by which the U.S. Government 
collects, maintains, uses, and disseminates personally identifiable 
information. The Privacy Act applies to information that is maintained 
in a ``system of records.'' A ``system of records'' is a group of any 
records under the control of an agency from which information is 
retrieved by the name of the individual or by some identifying number, 
symbol, or other identifying particular assigned to the individual. In 
the Privacy Act, an individual is defined to encompass U.S. citizens 
and lawful permanent residents. As a matter of policy, DHS extends 
administrative Privacy Act protections to all individuals where systems 
of records maintain information on U.S. citizens, lawful permanent 
residents, and visitors. The Privacy Act allows government agencies to 
exempt certain records from the access and amendment provisions. If an 
agency claims an exemption, however, it must issue a Notice of Proposed 
Rulemaking to make clear to the public the reasons why a particular 
exemption is claimed.
    DHS is claiming exemptions from certain requirements of the Privacy 
Act for DHS/FEMA-011 Training and Exercise Program Records System of 
Records. Some information in DHS/FEMA-011 Training and Exercise

[[Page 18956]]

Program Records System of Records relates to official DHS testing and 
examination activities. DHS is claiming an exemption for certain 
records in this new record system pursuant to 5 U.S.C. 552a(k)(6). 
These exemptions are needed to protect information relating to DHS 
testing and examination activities from disclosure to subjects or 
others related to these activities. Specifically, the exemptions are 
required since its training records will include testing and 
examination materials. DHS is claiming an exemption for these records 
in order to preserve the integrity, objectivity and fairness of the 
testing and examination process.
    A notice of system of records for DHS/FEMA-011 Training and 
Exercise Program Records System of Records is also published in this 
issue of the Federal Register.

List of Subjects in 6 CFR Part 5

    Freedom of information; Privacy.

    For the reasons stated in the preamble, DHS proposes to amend 
Chapter I of Title 6, Code of Federal Regulations, as follows:

PART 5--DISCLOSURE OF RECORDS AND INFORMATION

    1. The authority citation for part 5 continues to read as follows:

    Authority: 6 U.S.C. 101 et seq.; Pub. L. 107-296, 116 Stat. 
2135; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552. 
Subpart B also issued under 5 U.S.C. 552a.

    2. Add at the end of Appendix C to Part 5, the following new 
paragraph 54:

Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy 
Act

* * * * *
    54. The DHS/FEMA-011 Training and Exercise Program Records 
System of Records consists of electronic and paper records and will 
be used by FEMA. The DHS/FEMA-011 Training and Exercise Program 
Records System of Records consists of electronic and paper records 
and will be used by DHS and its components and offices to maintain 
records about individual training, including enrollment and 
participation information, information pertaining to class 
schedules, programs, and instructors, training trends and needs, 
testing and examination materials, and assessments of training 
efficacy. The data will be collected by employee name or other 
unique identifier. The collection and maintenance of this 
information will assist DHS in meeting its obligation to train its 
personnel and contractors in order to ensure that the agency mission 
can be successfully accomplished. The DHS/FEMA-011 General Training 
and Exercise Program Records System of Records contains information 
that is collected by, on behalf of, in support of, or in cooperation 
with DHS and its components and may contain personally identifiable 
information collected by other Federal, State, local, Tribal, 
foreign, or international government agencies. The Secretary of 
Homeland Security has exempted this system from the following 
provisions of the Privacy Act, subject to limitations set forth in 5 
U.S.C. 552a(c)(3); (d); (e)(1), (e)(4)(G), (e)(4)(H), (e)(4)(I); and 
(f) pursuant to 5 U.S.C. 552a (k)(6), where it states for;''testing 
or examination material used solely to determine individual 
qualifications for appointment or promotion in the Federal service 
the disclosure of which would compromise the objectivity or fairness 
of the testing or examination process.'' Exemptions from these 
particular subsections are justified, on a case-by-case basis to be 
determined at the time a request is made, for the following reasons:
    (a) From subsection (c)(3) and (4) (Accounting for Disclosures) 
because release of the accounting of disclosures could alert the 
subject of an investigation of an actual or potential criminal, 
civil, or regulatory violation to the existence of that 
investigation and reveal investigative interest on the part of DHS 
as well as the recipient agency. Disclosure of the accounting would 
therefore present a serious impediment to law enforcement efforts 
and/or efforts to preserve national security. Disclosure of the 
accounting would also permit the individual who is the subject of a 
record to impede the investigation, to tamper with witnesses or 
evidence, and to avoid detection or apprehension, which would 
undermine the entire investigative process.
    (b) From subsection (d) (Access to Records) because access to 
the records contained in this system of records could inform the 
subject of an investigation of an actual or potential criminal, 
civil, or regulatory violation to the existence of that 
investigation and reveal investigative interest on the part of DHS 
or another agency. Access to the records could permit the individual 
who is the subject of a record to impede the investigation, to 
tamper with witnesses or evidence, and to avoid detection or 
apprehension. Amendment of the records could interfere with ongoing 
investigations and law enforcement activities and would impose an 
unreasonable administrative burden by requiring investigations to be 
continually reinvestigated. In addition, permitting access and 
amendment to such information could disclose security-sensitive 
information that could be detrimental to homeland security.
    (c) From subsection (e)(1) (Relevancy and Necessity of 
Information) because in the course of investigations into potential 
violations of Federal law, the accuracy of information obtained or 
introduced occasionally may be unclear, or the information may not 
be strictly relevant or necessary to a specific investigation. In 
the interests of effective law enforcement, it is appropriate to 
retain all information that may aid in establishing patterns of 
unlawful activity.
    (d) From subsection (e)(2) (Collection of Information from 
Individuals) because requiring that information be collected from 
the subject of an investigation would alert the subject to the 
nature or existence of the investigation, thereby interfering with 
that investigation and related law enforcement activities.
    (e) From subsection (e)(3) (Notice to Subjects) because 
providing such detailed information could impede law enforcement by 
compromising the existence of a confidential investigation or reveal 
the identity of witnesses or confidential informants.
    (f) From subsections (e)(4)(G), (e)(4)(H), and (e)(4)(I) (Agency 
Requirements) and (f) (Agency Rules), because portions of this 
system are exempt from the individual access provisions of 
subsection (d) for the reasons noted above, and therefore DHS is not 
required to establish requirements, rules, or procedures with 
respect to such access. Providing notice to individuals with respect 
to existence of records pertaining to them in the system of records 
or otherwise setting up procedures pursuant to which individuals may 
access and view records pertaining to themselves in the system would 
undermine investigative efforts and reveal the identities of 
witnesses, and potential witnesses, and confidential informants.
    (g) From subsection (e)(5) (Collection of Information) because 
with the collection of information for law enforcement purposes, it 
is impossible to determine in advance what information is accurate, 
relevant, timely, and complete. Compliance with subsection (e)(5) 
would preclude DHS agents from using their investigative training 
and exercise of good judgment to both conduct and report on 
investigations.
    (h) From subsection (e)(8) (Notice on Individuals) because 
compliance would interfere with DHS's ability to obtain, serve, and 
issue subpoenas, warrants, and other law enforcement mechanisms that 
may be filed under seal and could result in disclosure of 
investigative techniques, procedures, and evidence.
    (i) From subsection (e)(12) (Computer Matching) if the agency is 
a recipient agency or a source agency in a matching program with a 
non-Federal agency, with respect to any establishment or revision of 
a matching program, at least 30 days prior to conducting such 
program, publish in the Federal Register notice of such 
establishment or revision.
    (j) From subsection (g)(1) (Civil Remedies) to the extent that 
the system is exempt from other specific subsections of the Privacy 
Act.
    (k) From subsection (h) (Legal Guardians) the parent of any 
minor, or the legal guardian of any individual who has been declared 
to be incompetent due to physical or mental incapacity or age by a 
court of competent jurisdiction, may act on behalf of the 
individual.

    Dated: March 30, 2011.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.

[FR Doc. 2011-8088 Filed 4-5-11; 8:45 am]
BILLING CODE 9111-17-P