[Federal Register Volume 79, Number 23 (Tuesday, February 4, 2014)]
[Notices]
[Pages 6609-6613]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2014-02206]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

[Docket No. DHS-2013-0066]


Privacy Act of 1974; Department of Homeland Security/ALL--001 
Freedom of Information Act and Privacy Act Records System of Records

AGENCY: Department of Homeland Security, Privacy Office.

ACTION: Notice of Privacy Act System of Records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the Privacy Act of 1974 (5 U.S.C. 552a), the 
Department of Homeland Security (``Department'' or ``DHS'') proposes to 
modify the current Department of Homeland Security system of records 
notice titled, ``Department of Homeland Security/ALL--001 Freedom of 
Information Act and Privacy Act Records System of Records,'' last 
published October 28, 2009. This system of records allows the 
Department of Homeland Security to collect and maintain records about 
Freedom of Information Act (FOIA) and Privacy Act requests and appeals 
submitted to the Department, including any litigation that may result 
therefrom, information on Mandatory Declassification Reviews, and 
information that is created and used in the Department's management of 
the FOIA and Privacy Act programs. As a result of the biennial review 
of this system, (1) the location of certain records has been updated, 
(2) categories of records has been updated to clarify that responses 
are included, (3) five routine uses have been added, and (4) six 
routine uses have been modified. Additionally, this Notice includes 
non-substantive changes to simplify the formatting and the text of the 
previously published Notice. The entire notice is being republished for 
ease of reference. This updated system will be included in the 
Department of Homeland Security's inventory of record systems.

DATES: Submit comments on or before March 6, 2014. This updated system 
will be effective March 6, 2014.

ADDRESSES: You may submit comments, identified by docket number DHS-
2013-0066 by one of the following methods:
     Federal e-Rulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Fax: 202-343-4010.
     Mail: Karen L. Neuman, Chief Privacy Officer, Privacy 
Office, Department of Homeland Security, Washington, DC 20528.
    Instructions: All submissions received must include the agency name 
and docket number for this rulemaking. All comments received will be 
posted without change to http://www.regulations.gov, including any 
personal information provided.
    Docket: For access to the docket to read background documents or 
comments received go to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: For general questions and privacy 
issues please contact: Karen L. Neuman (202-343-1717), Chief Privacy 
Officer and Chief Freedom of Information Act Officer, Privacy Office, 
Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

    In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the 
Department of Homeland Security (DHS) proposes to modify a current DHS 
system of records titled ``DHS/ALL--001 Freedom of Information Act and 
Privacy Act Records System of Records,'' 74 FR 55572 (October 28, 
2009).
    As part of its biennial review process, DHS is updating and 
reissuing this system of records notice to reflect a change in the 
location of records to include the use of electronic FOIA tracking 
systems by DHS and its components, and because routine uses are being 
updated to permit additional sharing. Categories of records have been 
updated to include responses to requests. Routine use (L) has been 
added to permit sharing with National Archives and Records 
Administration (NARA), Office of Government Information Services (OGIS) 
so those agencies can review administrative policies, procedures, and 
compliance, and to facilitate resolutions to disputes between persons 
making Freedom of Information Act (FOIA) requests and DHS. Routine use 
(M) has been added to allow information to be shared with a court, 
magistrate, or administrative tribunal in the course of presenting 
evidence, litigation, or settlement negotiations, or in response to a 
subpoena, or in connection with criminal law proceedings. Routine use 
(N) has been added to allow information to be shared with a court, 
grand jury, or administrative or adjudicative body, when DHS determines 
that the records are relevant, to the proceeding. Routine use (O) has 
been added to allow information to be shared with appropriate federal, 
state, tribal, local, or foreign governmental agencies or multilateral 
government organizations

[[Page 6610]]

responsible for investigations or prosecutions when DHS believes the 
information would assist enforcement of applicable civil or criminal 
laws. Routine use (P) has been added to allow information to be shared 
with the news media and the public, with approval of the Chief Privacy 
Officer in consultation with counsel.
    In addition, six routine uses have been modified. Routine use (A) 
has been modified to include former employees of DHS and to eliminate 
redundant language. Routine use (C) has been updated to specify that 
information may be shared specifically with the General Services 
Administration (GSA) for records management purposes. Modifications 
have been made to routine uses (D), (E), (G), and (H) to provide 
greater clarity and make non-substantive grammatical changes.
    Consistent with DHS's information sharing mission, information 
stored in the DHS/ALL--001 Freedom of Information Act and Privacy Act 
Records System of Records may be shared with other DHS components that 
have a need to know the information to carry out their national 
security, law enforcement, immigration, intelligence, or other homeland 
security functions. In addition, information may be shared with 
appropriate other federal, state, local, tribal, territorial, foreign, 
or international government agencies consistent with the routine uses 
set forth in this systems of records notice. Certain information about 
FOIA requestors, including the name of the requestor and a description 
of the requested records is not exempt under the FOIA and is released 
to outside entities who request such information.
    The previously issued Final Rule exempting this system of records 
from certain provisions of the Privacy Act remains in effect [75 FR 
50846 (August 18, 2010)]. This updated system will be included in DHS's 
inventory of record systems.

II. Privacy Act

    The Privacy Act embodies fair information principles in a statutory 
framework governing the means by which federal government agencies 
collect, maintain, use, and disseminate individuals' records. The 
Privacy Act applies to information that is maintained in a ``system of 
records.'' A ``system of records'' is a group of any records under the 
control of an agency from which information is retrieved by the name of 
an individual or by some identifying number, symbol, or other 
identifying particular assigned to the individual. In the Privacy Act, 
an individual is defined to encompass United States citizens and lawful 
permanent residents. As a matter of policy, DHS extends administrative 
Privacy Act protections to all individuals when systems of records 
maintain information on U.S. citizens, lawful permanent residents, and 
visitors.
    Below is the description of the DHS/ALL--001 Freedom of Information 
Act and Privacy Act Records System of Records.
    In accordance with 5 U.S.C. 552a(r), DHS has provided a report of 
this system of records to the Office of Management and Budget and to 
Congress.

System of Records
    Department of Homeland Security (DHS)/ALL--001

System name:
    DHS/ALL--001 Freedom of Information Act and Privacy Act Records.

Security classification:
    Classified and unclassified.

System location:
    Records are maintained at DHS and component Freedom of Information 
Act (FOIA) offices in Washington, DC, and at field locations. 
Electronic records are maintained within electronic request tracking 
systems. These records reside within DHS and component FOIA office 
systems and databases. These systems and databases include commercial 
off-the-shelf applications as well as government developed applications 
and systems.

Categories of individuals covered by the system:
    The system encompasses all individuals who submit FOIA requests, 
Privacy Act requests, and administrative appeals to DHS; individuals 
whose requests and/or records have been referred to DHS by other 
agencies; attorneys or other persons representing individuals 
submitting such requests and appeals; individuals who are the subjects 
of such requests and appeals; individuals who file litigation based on 
their requests; Department of Justice (DOJ) and other government 
litigators; and/or DHS personnel assigned to handle such requests or 
appeals.

Categories of records in the system:
     Records received, created, or compiled in processing FOIA 
and Privacy Act requests or appeals, including:
    [cir] Original requests and administrative appeals and responses to 
either or both;
    [cir] Intra or interagency memoranda, referrals, correspondence, 
notes, fee schedules, assessments, cost calculations, and other 
documentation related to the referral and/or processing of the FOIA 
and/or Privacy Act request or appeal;
    [cir] Correspondence with the individuals or entities that 
submitted the requested records and copies of the requested records, 
including records that might contain confidential business information 
or personal information;
    [cir] Correspondence related to fee determinations and collection 
of fees owed under the FOIA; and
    [cir] Copies of requested records and records under administrative 
appeals.
     Types of information in the records may include:
    [cir] Requesters' and their attorneys' or representatives' 
information including name, address, email address, telephone numbers, 
fax numbers, office telephone numbers, and FOIA and Privacy Act case 
numbers;
    [cir] Name, address, email address, telephone numbers, and fax 
number of DHS employees and contractors;
    [cir] Name of the person who is the subject of the request or 
administrative appeal;
    [cir] Fee determinations and amounts of fees owed;
    [cir] Unique case identifier;
    [cir] Alien Registration Number (A-Number) of the requester/
appellant or the attorney or other individual representing the 
requester, or other identifier assigned to the request or appeal;
    [cir] Other identifiers provided by a requester/appellant about him 
or herself, or about the individual whose records are requested, such 
as social security number, driver's license number, FBI Number, or A-
Number.
     The system also contains copies of documents relevant to 
appeals and lawsuits brought under the FOIA and Privacy Act including 
those from DOJ and other government litigators.

Authority for maintenance of the system:
    5 U.S.C. 552 (Freedom of Information Act), 5 U.S.C. 552a (Privacy 
Act); 44 U.S.C. 3101 (Records Management by Federal Agencies); E.O. 
12958 (Classified National Security Information, as amended).

Purpose(s):
    The purpose of this system is to support the processing of record 
access requests and administrative appeals under the FOIA, as well as 
access, notification, and amendment requests and administrative appeals 
under the Privacy Act, whether DHS receives such

[[Page 6611]]

requests directly from the requester or via referral from another 
agency. In addition this system is used to support agency participation 
in litigation arising from such requests and appeals, and to assist DHS 
in carrying out any other responsibilities under the FOIA or the access 
or amendment provisions of the Privacy Act.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, which includes the release of the name of 
individuals making FOIA requests and a description of the records 
requested as required by FOIA, all or a portion of the records or 
information contained in this system may be disclosed outside DHS as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (DOJ) including United States 
Attorney Offices, or other federal agency conducting litigation or in 
proceedings before any court, adjudicative or administrative body, when 
it is relevant or necessary to the litigation and one of the following 
is a party to the litigation or has an interest in such litigation:
    1. DHS or any component thereof;
    2. Any employee or former employee of DHS in his/her official 
capacity;
    3. Any employee or former employee of DHS in his/her individual 
capacity when DOJ or DHS has agreed to represent the employee; or
    4. The U.S. or any agency thereof.
    B. To a congressional office from the record of an individual in 
response to an inquiry from that congressional office made at the 
request of the individual to whom the record pertains.
    C. To National Archives and Records Administration (NARA) or the 
General Services Adminstration (GSA) pursuant to records management 
inspections being conducted under the authority of 44 U.S.C. 2904 and 
2906.
    D. To an agency, or organization for the purpose of performing 
audit or oversight operations as authorized by law, but only such 
information as is necessary and relevant to such audit or oversight 
function.
    E. To appropriate agencies, entities, and persons when:
    1. DHS suspects or has confirmed that the security or 
confidentiality of information in the system of records has been 
compromised;
    2. DHS has determined that as a result of the suspected or 
confirmed compromise, there is a risk of identity theft or fraud, harm 
to economic or property interests, harm to an individual, or harm to 
the security or integrity of this system or programs (whether 
maintained by DHS or another agency or entity) that rely upon the 
compromised information; and
    3. The disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with DHS's efforts to 
respond to the suspected or confirmed compromise and prevent, minimize, 
or remedy such harm.
    F. To contractors and their agents, grantees, experts, consultants, 
and others performing or working on a contract, service, grant, 
cooperative agreement, or other assignment for DHS, when necessary to 
accomplish an agency function related to this system of records. 
Individuals provided information under this routine use are subject to 
the same Privacy Act requirements and limitations on disclosure as are 
applicable to DHS officers and employees.
    G. To an appropriate federal, state, tribal, local, international, 
or foreign agency, including law enforcement, or other appropriate 
authority charged with investigating or prosecuting a violation or 
enforcing or implementing a law, rule, regulation, or order, when a 
record, either on its face or in conjunction with other information, 
indicates a violation or potential violation of law, which includes 
criminal, civil, or regulatory violations.
    H. To a federal, state, local, or foreign agency or entity for the 
purpose of consulting with that agency or entity to enable DHS to make 
a determination as to the propriety of access to or correction of 
information, or for the purpose of verifying the identity of an 
individual or the accuracy of information submitted by an individual 
who has requested access to or amendment of information.
    I. To a federal agency or other federal entity that furnished the 
record or information for the purpose of permitting that agency or 
entity to make a decision regarding access to or correction of the 
record or information, or to a federal agency or entity for purposes of 
providing guidance or advice regarding the handling of particular 
requests.
    J. To the DOJ, to the Department of Treasury (DOT), or to a 
consumer reporting agency for collection action on any delinquent debt 
when circumstances warrant.
    K. To the Office of Management and Budget (OMB) or the DOJ to 
obtain advice regarding statutory and other requirements under the FOIA 
or Privacy Act.
    L. To National Archives and Records Administration, Office of 
Government Information Services (OGIS), to the extent necessary to 
fulfill its responsibilities in 5 U.S.C. 552(h), to review 
administrative agency policies, procedures, and compliance with the 
FOIA, and to facilitate OGIS's offering of mediation services to 
resolve disputes between persons making FOIA requests and 
administrative agencies.
    M. To a court, magistrate, or administrative tribunal in the course 
of presenting evidence, including disclosures to opposing counsel or 
witnesses in the course of civil discovery, litigation, or settlement 
negotiations, or in response to a subpoena, or in connection with 
criminal law proceedings.
    N. In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body, when DHS determines that the 
records are relevant to the proceeding; or in an appropriate proceeding 
before an administrative or adjudicative body when the adjudicator 
determines the records to be relevant to the proceeding.
    O. To appropriate federal, state, tribal, local, or foreign 
governmental agencies or multilateral government organizations 
responsible for investigating or prosecuting the violations of, or for 
enforcing or implementing, a statute, rule, regulation, order, or 
license, when DHS believes the information would assist enforcement of 
applicable civil or criminal laws.
    P. To the news media and the public, with the approval of the Chief 
Privacy Officer in consultation with counsel, when there exists a 
legitimate public interest in the disclosure of the information or when 
disclosure is necessary to preserve confidence in the integrity of DHS 
or is necessary to demonstrate the accountability of DHS's officers, 
employees, or individuals covered by the system, except to the extent 
it is determined that release of the specific information in the 
context of a particular case would constitute an unwarranted invasion 
of personal privacy, or that disclosure would violate any federal 
statuate or regulation.

Disclosure to consumer reporting agencies:
    Privacy Act information may be reported to consumer reporting 
agencies pursuant to 5 U.S.C. 552a(b)(12).

[[Page 6612]]

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Records in this system are stored on paper and/or in electronic 
form. Records that contain national security information and are 
classified are stored in accordance with applicable executive orders, 
statutes, and agency implementing regulations.

Retrievability:
    Records are retrieved by the name of the requester or appellant; 
the number assigned to the request or appeal; and in some instances the 
name of the attorney representing the requester or appellant, the name 
of an individual who is the subject of such a request or appeal, and/or 
the name or other identifier of DHS personnel assigned to handle such 
requests or appeals.

Safeguards:
    Records in this system are safeguarded in accordance with 
applicable rules and policies, including all applicable DHS automated 
systems security and access policies. Strict controls have been imposed 
to minimize the risk of compromising the information that is stored. 
Records and technical equipment are maintained in buildings with 
restricted access. The required use of password protection 
identification features and other system protection methods also 
restrict access. Access to the computer system containing the records 
in this system is limited to those individuals who have a need to know 
the information for the performance of their official duties and who 
have appropriate clearances or permissions.

Retention and disposal:
    Records are retained and disposed of in accordance with the NARA's 
General Records Schedule 14, which can be found at: http://www.archives.gov/records-mgmt/grs/grs14.html.
    FOIA and Privacy Act records in litigation are retained for ten 
years after the end of the fiscal year in which judgment was made or 
when all appeals have been exhausted, whichever is later. This 
disposition is temporary and is under review and approval was approved 
by the NARA through pending schedule N1-563-08-33, Item 11.
    If the FOIA or Privacy Act record deals with significant policy-
making issues, it is a permanent record.
    A FOIA or Privacy Act record may qualify as a permanent federal 
record if the FOIA or Privacy Act record deals with significant policy-
making issues. The National Archives, a facility operated by the 
National Archives and Records Administration (NARA), is responsible for 
safeguarding Government records. It requires that permanent records go 
to the National Archives when they are at least 30 years old or when 
the Agency determines that they are no longer needed for business 
purposes. Permanent records include all records accessioned by NARA 
into the National Archives of the United States and later increments of 
the same records, and those for which the disposition is permanent on 
SF 115s, Request for Records Disposition Authority, approved by NARA on 
or after May 14, 1973.

System Manager and address:
    For DHS Headquarters records, Deputy Chief FOIA Officer, Privacy 
Office, Department of Homeland Security, Washington, DC 20528. For 
components of DHS, the System Manager can be found at http://www.dhs.gov/foia under ``contacts.''

Notification procedure:
    If you are seeking notification of and access to any record 
contained in this system of records, or seeking to contest its content, 
you may submit a request in writing to the DHS Headquarters' or 
component's FOIA Officer, whose contact information can be found at 
http://www.dhs.gov/foia under ``contacts.'' If you believe more than 
one component maintains records in this system of records concerning 
you, you may submit the request to the Chief Privacy Officer and Chief 
FOIA Officer, Department of Homeland Security, 245 Murray Drive SW., 
Building 410, STOP-0655, Washington, DC 20528.
    When seeking records about yourself from this system of records or 
any other Departmental system of records, your request must conform 
with the Privacy Act regulations set forth in 6 CFR Part 5. You must 
first verify your identity, meaning that you must provide your full 
name, current address and date and place of birth. You must sign your 
request, and your signature must either be notarized or submitted under 
28 U.S.C. 1746, a law that permits statements to be made under penalty 
of perjury as a substitute for notarization. While no specific form is 
required, you may obtain forms for this purpose from the Chief Privacy 
Officer and Chief Freedom of Information Act Officer, http://www.dhs.gov or 1-866-431-0486. In addition you should:
     Explain why you believe the Department would have 
information on you;
     Identify which component(s) of the Department you believe 
may have the information about you;
     Specify when you believe the records would have been 
created; and
     Provide any other information that will help the FOIA 
staff determine which DHS component agency may have responsive records.
    If your request is seeking records on behalf of another living 
individual, you must include a statement from that individual 
certifying his/her agreement for you to access his/her records.
    Without the above information the component(s) may not be able to 
conduct an effective search, and your request may be denied due to lack 
of specificity or lack of compliance with applicable regulations.

Record access procedures:
    See ``Notification procedure'' above.

Contesting record procedures:
    See ``Notification procedure'' above.

Record source categories:
    Records are obtained from those individuals who submit requests and 
administrative appeals pursuant to the FOIA and the Privacy Act or who 
file litigation regarding such requests and appeals; the agency record 
keeping systems searched in the process of responding to such requests 
and appeals; Departmental personnel assigned to handle such requests, 
appeals, and/or litigation; other agencies or entities that have 
referred to DHS requests concerning DHS records, or that have consulted 
with DHS regarding handling of particular requests; and submitters or 
subjects of records or information that have provided assistance to DHS 
in making access or amendment determinations.

Exemptions claimed for the system:
    Pursuant to 5 U.S.C. 552a(j)(2), potions of this system are exempt 
from the following provisions of the Privacy Act: 5 U.S.C. 552a(c)(3) 
and (4): (d); (e)(1), (e)(2), (e)(3), (e)(4)(G), (e)(4)(H), (e)(4)(I), 
(e)(5), (e)(8), (e)(12); (f); (g)(1); and (h). Additionally, pursuant 
to 5 U.S.C. 552a(k)(1), (k)(2), (k)(3), (k)(5), and (k)(6), portions of 
this system are exempt from the following provisions of the Privacy 
Act: 5 U.S.C. 552a(c)(3); (d); (e)(1), (e)(4)(G), (e)(4)(H), (e)(4)(I); 
and (f). When DHS is processing Privacy Act and/or FOIA requests, 
responding to appeals, or participating in FOIA or Privacy Act 
litigation, exempt materials from other systems of records may become 
part of the records in this system.
    To the extent that copies of exempt records from other systems of 
records

[[Page 6613]]

are entered into this system, DHS claims the same exemptions for those 
records that are claimed for the original primary systems of records 
from which they originated.

    Dated: January 10, 2014.
Karen L. Neuman,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2014-02206 Filed 2-3-14; 8:45 am]
BILLING CODE 9110-9B-P