[Federal Register Volume 78, Number 146 (Tuesday, July 30, 2013)]
[Notices]
[Pages 45949-45953]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2013-18224]


-----------------------------------------------------------------------

DEPARTMENT OF THE INTERIOR

Office of the Secretary

[XXXD4523WT DWT000000.000000 DS65101000]


Privacy Act of 1974, as Amended; Notice of a New System of 
Records

AGENCY: Department of the Interior.

ACTION: Notice of creation of a new system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended (5 U.S.C. 552a), the Department of the Interior is issuing a 
public notice of its intent to create the Office of the Secretary 
Incident Management, Analysis and Reporting System system of records. 
The Incident Management, Analysis and Reporting System will provide a 
unified system for Department of the Interior law enforcement agencies 
to manage law enforcement investigations, measure performance and meet 
reporting requirements. The Incident Management, Analysis and Reporting 
System will incorporate current Department of the Interior law 
enforcement systems utilized by the Bureaus. This newly established 
system will be included in the Department of the Interior's inventory 
of record systems.

DATES: Comments must be received by September 9, 2013. This new system 
will be effective September 9, 2013.

ADDRESSES: Any person interested in commenting on this amendment may do 
so by: submitting comments in writing to the OS/IBC Privacy Act 
Officer, 1849 C Street NW., Mail Stop 2650 MIB, Washington, DC 20240; 
hand-delivering comments to the OS/IBC Privacy Act Officer, 1849 C 
Street NW., Mail Stop 2650 MIB, Washington, DC 20240 or emailing 
comments to [email protected].

FOR FURTHER INFORMATION CONTACT: System Manager--IMARS, 13461 Sunrise 
Valley Drive, Herndon, VA 20171, or by phone at 703-793-5091.

SUPPLEMENTARY INFORMATION: 

[[Page 45950]]

I. Background

    The Department of the Interior (DOI), Office of the Secretary, has 
created an enterprise-wide system, known as the Incident Management, 
Analysis and Reporting System (IMARS) system of records, to consolidate 
law enforcement incident management and reporting among the various 
Bureaus and Offices with law enforcement duties within DOI. IMARS will 
improve the following capabilities of the Department: prevent, detect 
and investigate known and suspected criminal activity; protect natural 
and cultural resources; capture, integrate and share law enforcement 
and related information and observations from other sources; identify 
needs (training, resources); measure the performance of law enforcement 
programs and operations; meet reporting requirements; provide the 
capability to interface with Department of Homeland Security and 
National Incident Based Reporting System; analyze and prioritize 
protection efforts; provide information to justify law enforcement 
funding requests and expenditures; assist in managing visitor use and 
protection programs, including training; investigate, detain and 
apprehend those committing crimes on DOI properties or tribal 
reservations (for the purpose of this system of records notice, tribal 
reservations include contiguous areas policed by tribal or Bureau of 
Indian Affairs law enforcement offices) managed by a Native American 
tribe under DOI's Bureau of Indian Affairs; and investigate and prevent 
visitor accident injuries on DOI properties or tribal reservations.
    Incident and non-incident data related to criminal and civil 
activity will be collected in support of law enforcement, homeland 
security, and security (physical, personnel and stability, information, 
and industrial) activities. This may include data documenting 
investigations and law enforcement activities, traffic safety, traffic 
accidents and domestic issues, and emergency management, sharing and 
analysis activities.
    In accordance with the Privacy Act of 1974, as amended, DOI 
proposes to consolidate the following DOI Privacy Act systems of 
records: Bureau of Reclamation Law Enforcement Management Information 
System (RLEMIS)--Interior, WBR-50 (73 FR 62314, October 20, 2008); Fish 
and Wildlife Service Investigative Case File System--Interior, FWS-20 
(48 FR 54719, December 6, 1983); Bureau of Land Management Criminal 
Case Investigation--Interior, BLM-18 (73 FR 17376, April 1, 2008); 
Bureau of Indian Affairs Law Enforcement Services--Interior, BIA-18 (70 
FR 1264, January 6, 2005); and National Park Service Case Incident 
Reporting System, NPS-19 (70 FR 1274, January 6, 2005) into one 
Department of the Interior system of records, titled the Incident 
Management, Analysis and Reporting System (IMARS). The consolidated 
system will be maintained by DOI's Office of Law Enforcement Services. 
The system will be managed by the IMARS Security Manager (the ``System 
Manager'').
    In a notice of proposed rulemaking, which is published separately 
in the Federal Register, the Office of the Secretary is proposing to 
exempt records maintained in this system from certain provisions of the 
Privacy Act pursuant to 5 U.S.C. 552a(j)(2) and (k)(2). The exemptions 
for the consolidated system of records will continue to be applicable 
until the final rule has been completed.
    The system will be effective as proposed at the end of the comment 
period (the comment period will end 40 days after the publication of 
this notice in the Federal Register), unless comments are received 
which would require a contrary determination. DOI will publish a 
revised notice if changes are made based upon a review of the comments 
received.

II. Privacy Act

    The Privacy Act of 1974, as amended, embodies fair information 
practice principles in a statutory framework governing the means by 
which Federal Agencies collect, maintain, use, and disseminate 
individuals' personal information. The Privacy Act applies to 
information that is maintained in a ``system of records.'' A ``system 
of records'' is a group of any records under the control of an agency 
for which information is retrieved by the name of an individual or by 
some identifying number, symbol, or other identifying particulars 
assigned to the individual. The Privacy Act defines an individual as a 
United States citizen or lawful permanent resident. As a matter of 
policy, DOI extends administrative Privacy Act protections to all 
individuals. Individuals may request access to their own records that 
are maintained in a system of records in the possession or under the 
control of DOI by complying with DOI Privacy Act regulations, 43 CFR 
part 2.
    The Privacy Act requires each agency to publish in the Federal 
Register a description denoting the type and character of each system 
of records that the agency maintains and the routine uses of each 
system to make agency recordkeeping practices transparent, notify 
individuals regarding the uses of their records, and assist individuals 
to more easily find such records within the agency. Below is the 
description of the Office of the Secretary Incident Management, 
Analysis and Reporting System (IMARS) system of records.
    In accordance with 5 U.S.C. 552a(r), DOI has provided a report of 
this system of records to the Office of Management and Budget and to 
Congress.

III. Public Disclosure

    Before including your address, phone number, email address, or 
other personal identifying information in your comment, you should be 
aware that your entire comment--including your personal identifying 
information--may be made publicly available at any time. While you can 
ask us in your comment to withhold your personal identifying 
information from public review, we cannot guarantee that we will be 
able to do so.

    Dated: July 18, 2013.
David Alspach,
OS/IBC Privacy Act Officer.
SYSTEM NAME:
    Incident Management, Analysis and Reporting System, DOI-10.

SYSTEM LOCATION
    Interior Business Center, U.S. Department of Interior, 7301 W 
Mansfield Ave, Denver, CO 80235.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The categories of individuals covered in the system include current 
and former Federal employees and contractors, Federal, tribal, state 
and local law enforcement officers. Additionally, this system contains 
information on members of the general public, including individuals 
and/or groups of individuals involved with law enforcement incidents 
involving Federal assets or occurring on public lands and tribal 
reservations, such as witnesses, individuals making complaints, 
individuals being investigated or arrested for criminal or traffic 
offenses, or certain types of non-criminal incidents; and members of 
the general public involved in an accident on DOI properties or tribal 
reservations.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system includes law enforcement incident reports, law 
enforcement personnel records, and law enforcement training records, 
which contain the following information: Social Security numbers, 
drivers license numbers, vehicle identification numbers, license plate 
numbers, names, home addresses,

[[Page 45951]]

work addresses, phone numbers, email addresses and other contact 
information, emergency contact information, ethnicity and race, tribal 
identification numbers or other tribal enrollment data, work history, 
educational history, affiliations, and other related data, dates of 
birth, places of birth, passport numbers, gender, fingerprints, hair 
and eye color, and any other physical or distinguishing attributes of 
an individual. Incident reports and records may include attachments 
such as photos, video, sketches, medical reports, and email and text 
messages. Incident reports may also include information concerning 
criminal activity, response, and outcome of the incident. Records in 
this system also include information concerning Federal civilian 
employees and contractors, Federal, tribal, state and local law 
enforcement officers and may contain information regarding an officer's 
name, contact information, station and career history, firearms 
qualifications, medical history, background investigation and status, 
date of birth and Social Security Number. Information regarding 
Officers' equipment, such as firearms, tasers, body armor, vehicles, 
computers and special equipment related skills is also included in this 
system.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Uniform Federal Crime Reporting Act, 28 U.S.C. 534; Intelligence 
Reform and Terrorism Prevention Act of 2004 (Pub. L. 108-458); Homeland 
Security Act of 2002 (Pub. L. 107-296); USA PATRIOT ACT of 2001 (Pub. 
L. 107-56); USA PATRIOT Improvement Act of 2005 (Pub. L. 109-177); 
Tribal Law and Order Act of 2010 (Pub. L. 111-211); Homeland Security 
Presidential Directive 7--Critical Infrastructure Identification, 
Prioritization, and Protection; Homeland Security Presidential 
Directive 12--Policy for a Common Identification Standard for Federal 
Employees and Contractors; Criminal Intelligence Systems Operating 
Policies, 28 CFR part 23.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    The primary use of the records is for an incident management and 
reporting application that will enhance the following abilities: 
prevent, detect and investigate known and suspected criminal activity; 
protect natural and cultural resources; capture, integrate and share 
law enforcement and related information and observations from other 
sources; measure performance of law enforcement programs and management 
of emergency incidents; meet reporting requirements, provide Department 
of Homeland Security (DHS) and National Incident Based Reporting System 
(NIBRS) interface frameworks; analyze and prioritize protection 
efforts; assist in managing visitor use and protection programs; 
employee training; enable the ability to investigate, detain and 
apprehend those committing crimes on DOI properties or tribal 
reservations; and to investigate and prevent visitor accident injuries 
on DOI properties or tribal reservations. In addition to those 
disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy 
Act, all or a portion of the records or information contained in this 
system may be disclosed outside DOI as a routine use pursuant to 5 
U.S.C. 552a(b)(3) as follows:
    (1) (a) To any of the following entities or individuals, when the 
circumstances set forth in paragraph (b) are met:
    (i) The U.S. Department of Justice (DOJ);
    (ii) A court or an adjudicative or other administrative body;
    (iii) A party in litigation before a court or an adjudicative or 
other administrative body; or
    (iv) Any DOI employee acting in his or her individual capacity if 
DOI or DOJ has agreed to represent that employee or pay for private 
representation of the employee;
    (b) When:
    (i) One of the following is a party to the proceeding or has an 
interest in the proceeding:
    (A) DOI or any component of DOI;
    (B) Any other Federal agency appearing before the Office of 
Hearings and Appeals;
    (C) Any DOI employee acting in his or her official capacity;
    (D) Any DOI employee acting in his or her individual capacity if 
DOI or DOJ has agreed to represent that employee or pay for private 
representation of the employee;
    (E) The United States, when DOJ determines that DOI is likely to be 
affected by the proceeding; and
    (ii) DOI deems the disclosure to be:
    (A) Relevant and necessary to the proceeding; and
    (B) Compatible with the purpose for which the records were 
compiled.
    (2) To a congressional office in response to a written inquiry that 
an individual covered by the system, or the heir of such individual if 
the covered individual is deceased, has made to the office, to the 
extent the records have not been exempted from disclosure pursuant to 5 
U.S.C. 552a(j)(2) and (k)(2).
    (3) To the Executive Office of the President in response to an 
inquiry from that office made at the request of the subject of a record 
or a third party on that person's behalf, or for a purpose compatible 
for which the records are collected or maintained, to the extent the 
records have not been exempted from disclosure pursuant to 5 U.S.C. 
552a(j)(2) and (k)(2).
    (4) To any criminal, civil, or regulatory law enforcement authority 
(whether Federal, State, territorial, local, tribal or foreign) when a 
record, either alone or in conjunction with other information, 
indicates a violation or potential violation of law--criminal, civil, 
or regulatory in nature, and the disclosure is compatible with the 
purpose for which the records were compiled.
    (5) To an official of another Federal agency to provide information 
needed in the performance of official duties related to reconciling or 
reconstructing data files or to enable that agency to respond to an 
inquiry by the individual to whom the record pertains.
    (6) To Federal, State, territorial, local, tribal, or foreign 
agencies that have requested information relevant or necessary to the 
hiring, firing or retention of an employee or contractor, or the 
issuance of a security clearance, license, contract, grant or other 
benefit, when the disclosure is compatible with the purpose for which 
the records were compiled.
    (7) To representatives of the National Archives and Records 
Administration to conduct records management inspections under the 
authority of 44 U.S.C. 2904 and 2906.
    (8) To State and local governments and tribal organizations to 
provide information needed in response to court order and/or discovery 
purposes related to litigation, when the disclosure is compatible with 
the purpose for which the records were compiled.
    (9) To an expert, consultant, or contractor (including employees of 
the contractor) of DOI that performs services requiring access to these 
records on DOI's behalf to carry out the purposes of the system.
    (10) To appropriate agencies, entities, and persons when:
    (a) It is suspected or confirmed that the security or 
confidentiality of information in the system of records has been 
compromised; and
    (b) The Department has determined that as a result of the suspected 
or confirmed compromise there is a risk of harm to economic or property 
interest, identity theft or fraud, or harm to the security or integrity 
of this system or other systems or programs (whether maintained by the 
Department or

[[Page 45952]]

another agency or entity) that rely upon the compromised information; 
and
    (c) The disclosure is made to such agencies, entities and persons 
who are reasonably necessary to assist in connection with the 
Department's efforts to respond to the suspected or confirmed 
compromise and prevent, minimize, or remedy such harm.
    (11) To the Office of Management and Budget during the coordination 
and clearance process in connection with legislative affairs as 
mandated by OMB Circular A-19.
    (12) To the Department of the Treasury to recover debts owed to the 
United States.
    (13) To a consumer reporting agency if the disclosure requirements 
of the Debt Collection Act, as outlined at 31 U.S.C. 3711(e)(1), have 
been met.
    (14) To the Department of Justice, the Department of Homeland 
Security, and other federal, state and local law enforcement agencies 
for the purpose of information exchange on law enforcement activity.
    (15) To agency contractors, grantees, or volunteers for DOI or 
other Federal Departments who have been engaged to assist the 
Government in the performance of a contract, grant, cooperative 
agreement, or other activity related to this system of records and who 
need to have access to the records in order to perform the activity.
    (16) To any of the following entities or individuals, for the 
purpose of providing information on traffic accidents, personal 
injuries, or the loss or damage of property:
    (a) Individuals involved in such incidents;
    (b) Persons injured in such incidents;
    (c) Owners of property damaged, lost or stolen in such incidents; 
and/or
    (d) These individuals' duly verified insurance companies, personal 
representatives, and/or attorneys.
    (17) To any criminal, civil, or regulatory authority (whether 
Federal, State, territorial, local, tribal or foreign) for the purpose 
of providing background search information on individuals for legally 
authorized purposes, including but not limited to background checks on 
individuals residing in a home with a minor or individuals seeking 
employment opportunities requiring background checks.
    (18) To the news media and the public, with the approval of the 
System Manager in consultation with the Office of the Solicitor and the 
Senior Agency Official for Privacy, in support of the law enforcement 
activities, including obtaining public assistance with identifying and 
locating criminal suspects and lost or missing individuals, and 
providing the public with alerts about dangerous individuals.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Electronic records are maintained in password protected removable 
drives and other user-authenticated, password-protected systems that 
are compliant with the Federal Information Security Management Act. All 
records are accessed only by authorized personnel who have a need to 
access the records in the performance of their official duties. Paper 
records are contained in file folders stored in file cabinets.

RETRIEVABILITY:
    Multiple fields allow retrieval of individual record information 
including Social Security number, first or last name, badge number, 
address, phone number, vehicle information and physical attributes.

SAFEGUARDS:
    The records contained in this system are safeguarded in accordance 
with 43 CFR 2.226 and other applicable security rules and policies. 
During normal hours of operation, paper records are maintained in 
locked filed cabinets under the control of authorized personnel. 
Computerized records systems follow the National Institute of Standards 
and Technology standards as developed to comply with the Privacy Act of 
1974 (Pub. L. 93-579), Paperwork Reduction Act of 1995 (Pub. L. 104-
13), Federal Information Security Management Act of 2002 (Pub. L. 107-
347), and the Federal Information Processing Standards 199, Standards 
for Security Categorization of Federal Information and Information 
Systems. Computer servers in which electronic records are stored are 
located in secured Department of the Interior facilities.
    Access to records in the system is limited to authorized personnel 
who have a need to access the records in the performance of their 
official duties. Electronic data is protected through user 
identification, passwords, database permissions and software controls. 
Such security measures establish different access levels for different 
types of users associated with pre-defined groups and/or bureaus. Each 
user's access is restricted to only the functions and data necessary to 
perform that person's job responsibilities. Access can be restricted to 
specific functions (create, update, delete, view, assign permissions) 
and is restricted utilizing role-based access.
    Authorized users are trained and required to follow established 
internal security protocols and must complete all security, privacy, 
and records management training and sign the Rules of Behavior. 
Contract employees with access to the system are monitored by their 
Contracting Officer's Technical Representative and the agency Security 
Manager.

RETENTION AND DISPOSAL:
    Records in this system are retained and disposed of in accordance 
with Office of the Secretary Records Schedule 8151, Incident, 
Management, Analysis and Reporting System, which was approved by the 
National Archives and Records Administration (NARA) (N1-048-09-5), and 
other NARA approved bureau or office records schedules. The specific 
record schedule for each type of record or form is dependent on the 
subject matter and records series. After the retention period has 
passed, temporary records are disposed of in accordance with the 
applicable records schedule and DOI policy. Disposition methods include 
burning, pulping, shredding, erasing and degaussing in accordance with 
DOI 384 Departmental Manual 1. Permanent records that are no longer 
active or needed for agency use are transferred to the National 
Archives for permanent retention in accordance with NARA guidelines.

SYSTEM MANAGER AND ADDRESS:
    IMARS Security Manager, 13461 Sunrise Valley Drive, Herndon, VA 
20171.

NOTIFICATION PROCEDURES:
    The Department of the Interior is proposing to exempt portions of 
this system from the notification procedures of the Privacy Act 
pursuant to sections (j)(2) and (k)(2). An individual requesting 
notification of the existence of records on himself or herself should 
send a signed, written inquiry to the System Manager identified above. 
The request envelope and letter should both be clearly marked ``PRIVACY 
ACT INQUIRY.'' A request for notification must meet the requirements of 
43 CFR 2.235.

RECORDS ACCESS PROCEDURES:
    The Department of the Interior is proposing to exempt portions of 
this system from the access procedures of the Privacy Act pursuant to 
sections (j)(2) and (k)(2). An individual requesting records on himself 
or herself should send a signed, written inquiry to the System Manager 
identified above. The request should describe the records sought as 
specifically as possible. The request envelope and letter should both

[[Page 45953]]

be clearly marked ``PRIVACY ACT REQUEST FOR ACCESS.'' A request for 
access must meet the requirements of 43 CFR 2.238.

CONTESTING RECORDS PROCEDURES:
    The Department of the Interior is proposing to exempt portions of 
this system from the amendment procedures of the Privacy Act pursuant 
to sections (j)(2) and (k)(2). An individual requesting corrections or 
the removal of material from his or her records should send a signed, 
written request to the System Manager identified above. A request for 
corrections or removal must meet the requirements of 43 CFR 2.246.

RECORD SOURCE CATEGORIES:
    Sources of information in the system include Department, bureau, 
office, tribal, State and local law officials and management, 
complainants, informants, suspects, victims, witnesses, visitors to 
Federal properties, and other Federal agencies including the Federal 
Bureau of Investigation or the Department of Justice.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    The Privacy Act (5 U.S.C. 552a(j)(2) and (k)(2)) provides general 
exemption authority for some Privacy Act systems. In accordance with 
that authority, the Department of the Interior adopted regulations 43 
CFR 2.254(a-b). Pursuant to 5 U.S.C. 552a(j)(2) and (k)(2) of the 
Privacy Act, portions of this systems are exempt from the following 
subsections of the Privacy Act (as found in 5 U.S.C. 552a); (c)(3), 
(c)(4), (d), (e)(1) through (e)(3), (e)(4)(G) through (e)(4)(I), 
(e)(5), (e)(8), (f), and (g).

[FR Doc. 2013-18224 Filed 7-29-13; 8:45 am]
BILLING CODE 4310-RK-P