[Federal Register Volume 80, Number 9 (Wednesday, January 14, 2015)]
[Rules and Regulations]
[Pages 1847-1848]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-00375]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF STATE

22 CFR Part 171

[Public Notice: 8870]
RIN 1400-AD65


Privacy Act; STATE-78, Risk Analysis and Management Records

AGENCY: Department of State.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Department of State is issuing a final rule to amend its 
Privacy Act regulation exempting portions of a system of records from 
certain provisions of the Privacy Act of 1974. Certain portions of the 
Risk Analysis and Management (RAM) Records, State-78, system of records 
contain criminal investigation records, investigatory material for law 
enforcement purposes, confidential source information and are proposed 
to be exempted under the Privacy Act.

DATES: This final rule is effective January 14, 2015

FOR FURTHER INFORMATION CONTACT: John Hackett, Acting Director; Office 
of Information Programs and Services, A/GIS/IPS; Department of State, 
SA-2; 515 22nd Street NW., Washington, DC 20522-8001, or at 
[email protected].

SUPPLEMENTARY INFORMATION: The system, Risk Analysis and Management 
(RAM) Records, designated as State-78, supports the vetting of 
directors, officers, or other employees of organizations who apply for 
Department of State contracts, grants, cooperative agreements, or other 
funding. The information collected from these organizations and 
individuals is specifically used to conduct screening to ensure that 
Department funds are not used to provide support to entities or 
individuals deemed to be a risk to U.S. national security interests. 
The records may contain criminal investigation records, investigatory 
material for law enforcement purposes, and confidential source 
information. (The information collection was approved under OMB Control 
Number 1405-0204, expiration April 30, 2015.)
    The Department of State is issuing this document to amend 22 CFR 
part 171 to exempt portions of the Risk Analysis and Management Records 
system of records from the Privacy Act except sections (b), (c)(1) and 
(2), (e)(4)(A) through (F), (e)(6), (7), (9), (10), and (11), and (i), 
to the extent to which they meet the criteria of section (j)(2); and 
from subsections (c)(3);(d); (e)(1); (e)(4)(G), (H), and (I); and (f) 
of the Privacy Act pursuant to 5 U.S.C. 552a (k)(1), (k)(2), and 
(k)(5). Consistent with the Privacy Act (5 U.S.C. 552a(k)), 22 CFR 
171.36(b)(1), (2), and (5) provide concise general statements on the 
reasoning behind taking exemptions (k)(1), (k)(2), and (k)(5), 
respectively, for the Department systems for which those exemptions are 
taken. For ease of reference, these statements of reasoning are 
restated here: STATE-78 is exempted under (k)(1) in order to protect 
material required to be kept

[[Page 1848]]

secret in the interest of national defense and foreign policy. STATE-78 
is exempted under (k)(2) in order to prevent individuals that are the 
subject of investigation from frustrating the investigatory process, to 
ensure the proper functioning and integrity of law enforcement 
activities, to prevent disclosure of investigative techniques, to 
maintain the confidence of foreign governments in the integrity of the 
procedures under which privileged or confidential information may be 
provided, and to fulfill commitments made to sources to protect their 
identities and the confidentiality of information and to avoid 
endangering these sources and law enforcement personnel. STATE-78 is 
exempted under (k)(5) in order to ensure the proper functioning of the 
investigatory process, to ensure effective determination of 
suitability, eligibility, and qualification for employment and to 
protect the confidentiality of sources of information.
    This action was previously published in a Notice of Proposed 
Rulemaking (76 FR 76103) and a Notice of Intent to Create a System of 
Records (76 FR 76215). One comment was received by a member of the 
public who voiced a criticism of an analogous risk assessment program 
run by USAID. The commenter was advised that the Department's risk 
assessment program operates separately from USAID's program. The 
commenter had nothing further to add.

List of Subjects in 22 CFR Part 171

    Privacy.

    For the reasons stated in the preamble, 22 CFR part 171 is amended 
as follows:

PART 171--[AMENDED]

0
1. The authority citation for part 171 is revised to read as follows:

    Authority:  5 U.S.C. 552, 552a; 22 U.S.C. 2651a; Pub. L. 95-521, 
92 Stat. 1824, as amended; E.O. 13526, 75 FR 707; E.O. 12600, 52 FR 
23781, 3 CFR, 1987 Comp., p. 235.


0
2. Section 171.36 is amended by:
0
a. Revising paragraph (a)(2); and
0
b. Adding an entry, in alphabetical order, for ``Risk Analysis and 
Management Records. STATE-78.'' to the lists in paragraphs (b)(1), (2), 
and (5).
    The revision reads as follows:


Sec.  171.36  Exemptions.

* * * * *
    (a) * * *
    (2) The systems of records maintained by the Bureau of Diplomatic 
Security (STATE-36), the Office of the Inspector General (STATE-53), 
the Information Access Program Records system (STATE-35), and the 
Bureau of Administration (STATE-78) are subject to general exemption 
under 5 U.S.C. 552a(j)(2). All records contained in record system 
STATE-36, Security Records, and all records contained the Risk Analysis 
and Management Records system (STATE-78), are exempt from all 
provisions of the Privacy Act except sections (b), (c)(1) and (2), 
(e)(4)(A) through (F), (e)(6), (7), (9), (10), and (11), and (i) to the 
extent to which they meet the criteria of section (j)(2). These 
exemptions are necessary to ensure the effectiveness of the 
investigative, judicial, and protective processes. All records 
contained in STATE-53, records of the Inspector General and Automated 
Individual Cross-Reference System, are exempt from all of the 
provisions of the Privacy Act except sections (b), (c)(1) and (2), 
(e)(4)(A) through (F), (e)(6), (7), (9), (10), and (11), and (i) to the 
extent to which they meet the criteria of section (j)(2). These 
exemptions are necessary to ensure the proper functions of the law 
enforcement activity, to protect confidential sources of information, 
to fulfill promises of confidentiality, to prevent interference with 
the enforcement of criminal laws, to avoid the disclosure of 
investigative techniques, to avoid the endangering of the life and 
safety of any individual, to avoid premature disclosure of the 
knowledge of potential criminal activity and the evidentiary bases of 
possible enforcement actions, and to maintain the integrity of the law 
enforcement process. All records contained in the Information Access 
Program Records system (STATE-35) are exempt from all of the provisions 
of the Privacy Act except sections (b), (c)(1) and (2), (e)(4)(A) 
through (F), (e)(6), (7), (9), (10), and (11), and (i) to the extent to 
which they meet the criteria of section (j)(2). These exemptions are 
necessary to ensure the protection of law enforcement information 
retrieved from various sources in response to information access 
requests.
* * * * *

Joyce A. Barr,
Assistant Secretary for Administration, U.S. Department of State.
[FR Doc. 2015-00375 Filed 1-13-15; 8:45 am]
BILLING CODE 4710-24-P