[Federal Register Volume 77, Number 104 (Wednesday, May 30, 2012)] [Notices] [Pages 31851-31854] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: 2012-12949] ----------------------------------------------------------------------- FEDERAL COMMUNICATIONS COMMISSION Privacy Act System of Records AGENCY: Federal Communications Commission. ACTION: Notice; one new Privacy Act system of records. ----------------------------------------------------------------------- SUMMARY: Pursuant to subsection (e)(4) of the Privacy Act of 1974, as amended (5 U.S.C. 552a), the Federal Communications Commission (FCC or Commission) proposes to add a new system of records, FCC/OMD-30, ``FCC Visitors Database.'' The FCC's Security Operations Center (SOC) in the Office of Managing Director (OMD) will use the information contained in FCC/OMD-30 to cover the personally identifiable information (PII) that all visitors to the [[Page 31852]] FCC, including but not limited to U.S. citizens, permanent residents (i.e., green card holders), and foreign nationals, must provide to the SOC to gain admittance to the FCC headquarters buildings and other FCC facilities. DATES: In accordance with subsections (e)(4) and (e)(11) of the Privacy Act, as amended, any interested person may submit written comments concerning this new system of records on or before June 29, 2012. The Office of Information and Regulatory Affairs (OIRA), Office of Management and Budget (OMB), which has oversight responsibility under the Privacy Act to review the system of records, and Congress may submit comments on or before July 9, 2012. The proposed new system of records will become effective on July 9, 2012 unless the FCC receives comments that require a contrary determination. The Commission will publish a document in the Federal Register notifying the public if any changes are necessary. As required by 5 U.S.C. 552a(r) of the Privacy Act, the FCC is submitting reports on this proposed new system to OMB and Congress. ADDRESSES: Address comments to Leslie F. Smith, Privacy Analyst, Performance Evaluation and Records Management (PERM), Room 1-C216, Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554, or via the Internet at [email protected]. FOR FURTHER INFORMATION CONTACT: Contact Leslie F. Smith, Performance Evaluation and Records Management (PERM), Room 1-C216, Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554, (202) 418-0217, or via the Internet at [email protected]. SUPPLEMENTARY INFORMATION: As required by the Privacy Act of 1974, as amended, 5 U.S.C. 552a(e)(4) and (e)(11), this document sets forth notice of the proposed new system of records to be maintained by the FCC. This notice is a summary of the more detailed information about the proposed new system of records, which may be obtained or viewed pursuant to the contact and location information given above in the ADDRESSES section. The purpose for establishing this new system of records, FCC/OMD-30, ``FCC Visitors Database,'' is for the FCC's Security Operations Center (SOC) in the Office of Managing Director (OMD) to use this information to cover the personally identifiable information (PII) that all visitors to the FCC, including but not limited to U.S. citizens, permanent residents (i.e., green card holders), and foreign nationals, must provide to the SOC to gain admittance to the FCC headquarters buildings and other FCC facilities. This notice meets the requirement documenting the proposed new system of records that is to be added to the systems of records that the FCC maintains, and provides the public, OMB, and Congress with an opportunity to comment. FCC/OMD-30 SYSTEM NAME: FCC Visitors Database. SECURITY CLASSIFICATION: The FCC's Security Operations Center (SOC) has not assigned a security classification to this system of records. SYSTEM LOCATION: Office of the Managing Director (OMD), Security Operations Center (SOC), Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554; CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: The records in this system include all visitors to the FCC. These individuals include, but are not limited to U.S. citizens, permanent residents (i.e., green card holders), and foreign nationals. CATEGORIES OF RECORDS IN THE SYSTEM: The categories of records in the FCC Visitors Database include, but are not limited to the individual's first and last name, photographic identification (including but not limited to a driver's license, passport, or other types of photo identification), the authority issuing the photo identification, U.S. visa number, FCC point of contact, visitor signature, professional title, organizational affiliation, contact information for the visitor, including but not limited to wireline and wireless (cell) phone numbers, correspondence related to information required to obtain visitor entry to the FCC, and purpose(s) for visiting the FCC. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 301; 6 U.S.C. 202; 8 U.S.C. 1103, 1158, 1201, 1324, 1357, 1360, 1365a, 1365b, 1372, 1379, 1732; Federal Information Security Act (Pub. L. 104-106, sec. 5113); Electronic Government Act (Pub. L. 104- 347, sec. 203); and Federal Property and Administrative Act of 1949, as amended. PURPOSE(S): The purpose of the system is to cover the personally identifiable information (PII) that all visitors to the FCC, including but not limited to U.S. citizens, permanent residents (i.e., green card holders), and foreign nationals, must provide to the FCC's Security Operations Center (SOC) to gain admittance to the FCC headquarters buildings and other FCC facilities. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: Information about individuals in this system of records may routinely be disclosed under the following conditions: 1. Litigation by the Department of Justice--When: (a) the FCC or any component thereof; (b) any employee of the FCC in his or her official capacity; (c) any employee of the FCC in his or her individual capacity where the FCC or the Department of Justice (DOJ) has agreed to represent the employee; or (d) the United States Government is a party to litigation or has an interest in such litigation, and by careful review, the FCC determines that the records are both relevant and necessary to the litigation and the use of such records by the DOJ is therefore deemed by the FCC to be for a purpose compatible with the purpose for which the FCC collected the records; 2. Court or Adjudicative Body--In a proceeding when: (a) the FCC or any component thereof; (b) any employee of the FCC in his or her official capacity; (c) any employee of the FCC in his or her individual capacity where the Department of Justice (DOJ) has agreed to represent the employee; or (d) the United States Government is a party to litigation or has an interest in such litigation, and by careful review, the FCC determines that the records are both relevant and necessary to the litigation and the use of such records is therefore deemed by the FCC to be for a purpose that is compatible with the purpose for which the FCC collected the records; 3. Law Enforcement and Investigation--Except as noted on Forms SF 85, 85-P, and 86, when a record on its face, or in conjunction with other records, indicates a violation or potential violation of a law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate public authority, whether Federal, State, local, tribal, or foreign, or otherwise responsible for enforcing, investigating, or prosecuting such violation or charged with enforcing or implementing the statute, rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any [[Page 31853]] enforcement, regulatory, investigative, or prosecutorial responsibility of the receiving entity; 4. Government-wide Program Management and Oversight--When requested by the National Archives and Records Administration (NARA), the Government Accountability Office (GAO), and/or the General Services Administration (GSA) for the purpose of records management inspections conducted under authority of 44 U.S.C. Sec. Sec. 2904 and 2906 (such disclosure(s)) shall not be used to make a determination about individuals); when the U.S. Department of Justice (DOJ) is contacted in order to obtain that department's advice regarding disclosure obligations under the Freedom of Information Act (FOIA); or when the Office of Management and Budget (OMB) is contacted in order to obtain that office's advice regarding obligations under the Privacy Act; 5. Congressional Inquiries--When requested by a Congressional office in response to an inquiry by an individual made to the Congressional office for the individual's own records; 6. Contract Services, Grants, or Cooperative Agreements--A record may be disclosed to FCC contractors, grantees, or volunteers who have been engaged to assist the FCC in the performance of a contract service, grant, cooperative agreement, or other activity related to this system of records and who need to have access to the records in order to perform their activity. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a; 7. Employment, Clearances, Licensing, Contract, Grant, or other Benefits Decisions by the Agency--Disclosure may be made to a Federal, State, local, or tribal government, or other public authority or entity maintaining civil, criminal, intelligence, national security, or other relevant enforcement records, or other pertinent records, or to another public authority or professional organization, if necessary to obtain information relevant to an investigation concerning the retention of an employee or other personnel action (other than hiring), the retention of a security clearance, the letting of a contract, or the issuance or retention of a grant or other benefit; 8. Employment, Clearances, Licensing, Contract, Grant, or other Benefits Decisions by other than the Agency--Disclosure may be made to a Federal, State, local, or tribal government, or other public authority or entity of the fact that this system of records contains information relevant to the retention of an employee, the retention of a security clearance, the letting of a contract, or the issuance or retention of a license, grant, or other benefit. The other agency or licensing organization may then make a request supported by the written consent of the individual for the entire record if it so chooses. No disclosure will be made unless the information has been determined to be sufficiently reliable to support a referral to another office within the agency or to another Federal agency for criminal, civil, administrative, personnel or regulatory action; 9. National Security and Intelligence Matters--Disclosure of these records may be made to Federal, State, local agencies, or other appropriate entities or individuals, or through established liaison channels to selected foreign governments and international law enforcement organizations and agencies in order to enable a Federal agency or entity charged with, but not limited to national security and/or intelligence activities and related functions, to carry out these duties and responsibilities under the National Security Act of 1947, as amended, the CIA Act of 1949, as amended, Executive Order 12333 or any successor order, applicable to national security directives, or classified implementing procedures approved by the Attorney General and promulgated pursuant to such statutes, orders, or directives; 10. Department of State, Department of Homeland Security, and other Federal Agencies--A record from this system may be disclosed, where appropriate, to the State Department, Department of Homeland Security (DHS), and/or other Federal agencies and entities charged with, but not limited to national security, law enforcement, immigration, intelligence, and related functions, activities, duties, and responsibilities, where there is an indication of a violation or potential violation of a law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to enforce, investigate, or prosecute violations, or to enforce or implement a statute, rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative, or prosecutorial responsibility of the receiving Federal agency or entity; 11. Foreign Governments--A record from this system may be disclosed through the U.S. Department of State or the Department of Homeland Security (DHS) or other Federal security agencies, entities, or organizations or directly to the representative of such a foreign government or country, to the extent necessary to assist such a government or country in apprehending and/or returning a fugitive to a jurisdiction which seeks the individual's return, or to assist such a country in civil or criminal proceedings in which the United States or one of its officers or agencies has an interest; and 12. Breach Notification--A record from this system may be disclosed to appropriate agencies, entities, and persons when: (1) The Commission suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Commission has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Commission or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Commission's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. In each of these cases, the FCC will determine whether disclosure of the records is compatible with the purpose for which the records were collected. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: The information in the FCC Visitors Database includes paper document, files, and records that are stored in file cabinets in the Security Operations Center (SOC), and electronic records, files, and electronic records, files, and data that are stored in the FCC's computer network databases. RETRIEVABILITY: The information in the FCC Visitors Database may be retrieved by the name of the individual, driver's license number, U.S. passport number, foreign passport number, U.S. visa number, date of birth (DOB), and/or photo ID number. SAFEGUARDS: The paper documents, records, and files are maintained in file cabinets in the SOC's office suite. The file cabinets where these paper documents, files, and records are stored are controlled by on-site personnel when unlocked and locked when not in use. Access to the [[Page 31854]] SOC office suite is through a card-coded main door. Access to the file cabinets is restricted to authorized SOC supervisors, staff, and contractors, whose duties and responsibilities require use of the information. The electronic records, files, and data are stored in the FCC computer network databases that are secured by limited access card readers. The computer servers themselves are password-protected. Access to the electronic files is restricted to authorized SOC supervisors, staff, and contractors, and to the Information Technology Center (ITC) staff and contractors, who maintain the FCC's computer network. Other FCC employees and contactors may be granted access on a ``need-to- know'' basis. The FCC's computer network databases are protected by the FCC's security protocols, which include controlled access, passwords, and other security features. A PRIVACY WARNING NOTICE appears on the monitor screen when records containing information on individuals are first displayed. Information resident on the SOC database servers is backed-up routinely onto magnetic media. Back-up tapes are stored on- site and at a secured, off-site location. RETENTION AND DISPOSAL: Records in the FCC Visitors Database are retained in accordance with General Records Schedule (GRS) 18, Item 17 approved by the National Archives and Records Administration (NARA). The records disposal is done in accordance with the Commission's disposal policies. Unless retained for specific, on-going security investigations, records of facility access are maintained for one year and then destroyed. All other records relating to individuals are retained and disposed of in accordance with GRS 18, item 22a, approved by NARA. The records are disposed of in accordance with SOC disposal policies, as follows: 1. All returned day contractor cards will be reused on a daily basis. 2. Transaction data for all FCC Visitors Database cards will be stored using a secure medium and retained for one year in the SOC, which is locked and secured with an alarm system. In accordance with Homeland Security Presidential Directive (HSPD- 12), Personal Identity Verification (PIV) Cards are deactivated within eighteen (18) hours of notification of cardholder separation, loss of card, or expiration. The information on PIV Cards is maintained in accordance with GRS 11, Item 4. PIV Cards are destroyed by burning in an approved Federal burn-facility. SYSTEM MANAGER(S) AND ADDRESS: Security Operations Center (SOC), Office of Managing Director (OMD), Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554. NOTIFICATION PROCEDURE: Security Operations Center (SOC), Office of Managing Director (OMD), Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554. RECORD ACCESS PROCEDURES: Security Operations Center (SOC), Office of Managing Director (OMD), Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554. CONTESTING RECORD PROCEDURES: Security Operations Center (SOC), Office of Managing Director (OMD), Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554. RECORD SOURCE CATEGORIES: The sources for information in this system are the visitors themselves and/or their agency or organizational sponsor(s) who have been invited to or have requested admittance to the FCC headquarters buildings and other FCC facilities for the visitors. EXEMPTIONS CLAIMED FOR THE SYSTEM: None. Federal Communications Commission. Marlene H. Dortch, Secretary, Office of the Secretary, Office of Managing Director. [FR Doc. 2012-12949 Filed 5-29-12; 8:45 am] BILLING CODE 6712-01-P