[Federal Register Volume 82, Number 28 (Monday, February 13, 2017)]
[Notices]
[Pages 10455-10456]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-02821]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

Bureau of Economic Analysis

[Docket No. 170110047-7097-01]
XRIN 0691-XC053


Request for Comments; Notice of Revision of Confidentiality 
Pledge

AGENCY: Bureau of Economic Analysis, Department of Commerce.

ACTION: Notice; request for comments.

-----------------------------------------------------------------------

SUMMARY: The Department of Commerce (DOC) is announcing a revision to 
the confidentiality pledge it provides to its survey respondents under 
the International Investment and Trade in Services Survey Act. This 
revision is required by the enactment and implementation of provisions 
of the Cybersecurity Enhancement Act of 2015, which permit and require 
the Secretary of Homeland Security to provide Federal civilian 
agencies' information technology systems with cybersecurity protection 
for their Internet traffic, with the result of enhancing the protection 
of confidential data. DOC also invites the general public and other 
Federal agencies to comment on this revision to the confidentiality 
pledge.

DATES: Effective Date: February 13, 2017.
    Comment Date: Written comments must be submitted on or before April 
14, 2017.

ADDRESSES: You may submit comments to:
     Email: [email protected].
     Mail: Jennifer Jessup, Departmental Paperwork Clearance 
Officer, Department of Commerce, Room 6616, 14th and Constitution 
Avenue NW., Washington, DC 20230.

FOR FURTHER INFORMATION CONTACT: Patricia Abaroa, Chief, Direct 
Investment Division (BE-50), Bureau of Economic Analysis, Department of 
Commerce, 4600 Silver Hill Road. Washington, DC 20233; phone: (301) 
278-9591 or via email at [email protected].

SUPPLEMENTARY INFORMATION: Federal statistics provide key information 
that the Nation uses to measure its performance and make informed 
choices about budgets, employment, health, investments, taxes, and a 
host of other significant topics. Many of the most valuable Federal 
statistics, including those of the Bureau of Economic Analysis (BEA), 
come from surveys that ask for highly sensitive information such as 
proprietary business data. Strong and trusted

[[Page 10456]]

confidentiality and exclusively statistical use pledges are effective 
and necessary in honoring the trust that businesses, individuals, and 
institutions, by their responses, place in the BEA.
    Under the International Investment and Trade in Services Survey Act 
(22 U.S.C. 3101-3108, as amended), BEA makes statutory pledges that the 
information respondents provide will be seen only by statistical agency 
personnel or their sworn agents, and will be used only for statistical 
purposes. This statute protects the confidentiality of information that 
BEA collects solely for statistical purposes and under a pledge of 
confidentiality; this information is protected from administrative, law 
enforcement, taxation, regulatory, or any other non-statistical use. 
Moreover, this statute carries criminal penalties for conviction of a 
knowing and willful unauthorized disclosure of covered information.
    As part of the Consolidated Appropriations Act for Fiscal Year 
2016, signed on December 18, 2015, the Congress included the Federal 
Cybersecurity Enhancement Act of 2015 (Pub. L. 114-113, Division N, 
Title II, Subtitle B, Sec. 223). This Act requires the Secretary of 
Homeland Security to provide Federal civilian agencies' information 
technology systems with cybersecurity protection for their Internet 
traffic. The technology currently used to provide this protection is 
known as Einstein 3A; it electronically searches Internet traffic in 
and out of Federal civilian agencies in real time for cyber threat 
indicators.
    When such a signature is found, the Internet packets that contain 
the malware signature are segregated for further inspection by 
Department of Homeland Security (DHS) personnel. Because it is possible 
that such packets entering or leaving BEA's information system may 
contain a small portion of confidential statistical data, it can no 
longer promise its respondents that their responses will be seen only 
by BEA personnel or its sworn agents. However, BEA can promise, in 
accordance with provisions of the Federal Cybersecurity Enhancement Act 
of 2015, that such information can be used only to protect information 
and information systems from cybersecurity risks.
    Consequently, with enactment and implementation of the Federal 
Cybersecurity Enhancement Act of 2015 has provided the Federal 
statistical community with an opportunity to obtain the further 
protection of its confidential data that is offered by DHS' Einstein 3A 
cybersecurity protection program. The DHS cybersecurity program's 
objective is to provide a common baseline of security across the 
federal civilian executive branch and to help agencies manage their 
cyber risk. The Federal statistical system's objective is to ensure 
that the DHS Secretary performs those essential duties in a manner that 
honors the Government's statutory promises to the public to protect 
their confidential data. Given that DHS is not a Federal statistical 
agency, both DHS and the Federal statistical system have been 
successfully working to find a way to balance both objectives.
    Accordingly, DHS and DOC have developed a Memorandum of Agreement 
for the deployment of Einstein 3A cybersecurity protection technology 
to monitor DOC's Internet traffic and have incorporated an associated 
Addendum on Highly Sensitive Agency Information that provides 
additional protection and enhanced security handling of confidential 
statistical data provided to BEA.
    Since it is possible that DHS personnel could see some portion of 
those confidential data in the course of examining the suspicious 
Internet packets identified by Einstein 3A sensors, statistical 
agencies need to revise their confidentiality pledges to reflect this 
process change. Therefore, DOC is providing this notice to alert the 
public to the confidentiality pledge revision for BEA surveys. Below is 
a listing of the current information collection numbers and titles for 
those BEA surveys with confidentiality pledges that will change to 
reflect the implementation of DHS' Einstein 3A monitoring for 
cybersecurity protection purposes in accordance with the requirements 
of the Federal Cybersecurity Enhancement Act of 2015. The BEA 
statistical confidentiality pledge for these surveys will be modified 
to include the following sentence: ``Per the Cybersecurity Enhancement 
Act of 2015, your data are protected from cybersecurity risks through 
security monitoring of the BEA information systems.''

 0608-0004: BE-577 Quarterly Survey of U.S. Direct Investment 
Abroad
 0608-0009: BE-605 Quarterly Survey of Foreign Direct 
Investment in the United States
 0608-0011: BE-30 Quarterly Survey of Ocean Freight Revenues 
and Foreign Expenses of U.S. Carriers
 0608-0011: BE-37 Quarterly Survey of U.S. Airline Operators' 
Foreign Revenues and Expenses
 0608-0012: BE-29 Foreign Ocean Carriers' Expenses in the 
United States
 0608-0034: BE-15 Annual Survey of Foreign Direct Investment in 
the United States
 0608-0035: BE-13 Survey of New Foreign Direct Investment in 
the United States
 0608-0042: BE-12 Benchmark Survey of Foreign Direct Investment 
in the United States
 0608-0049: BE-10 Benchmark Survey of U.S. Direct Investment 
Abroad
 0608-0053: BE-11 Annual Survey of U.S. Direct Investment 
Abroad
 0608-0058: BE-120 Benchmark Survey of Transactions in Selected 
Services and Intellectual Property with Foreign Persons
 0608-0068: BE-9 Quarterly Survey of Foreign Airline Operators' 
Revenues and Expenses in the United States
 0608-0062: BE-180 Benchmark Survey of Financial Services 
Transactions Between U.S. Financial Services Providers and Foreign 
Persons
 0608-0065: BE-185 Quarterly Survey of Financial Services 
Transactions Between U.S. Financial Services Providers and Foreign 
Persons
 0608-0066: BE-45 Quarterly Survey of Insurance Transactions by 
U.S. Insurance Companies with Foreign Persons
 0608-0067: BE-125 Quarterly Survey of Transactions in Selected 
Services and Intellectual Property with Foreign Persons
 0608-0072: BE-150 Quarterly Survey of Payment Card and Bank 
Card Transactions Related to International Travel
 0608-0073: BE-140 Benchmark Survey of Insurance Transactions 
by U.S. Insurance Companies with Foreign Persons

    DOC invites the general public and other Federal agencies to 
provide comments on the revision to the confidentiality pledge as 
described above. Comments submitted in response to this notice will be 
summarized and/or included in the request for OMB approval of this 
information collection; they also will become a matter of public 
record.

Sheleen Dumas,
PRA Departmental Lead, Office of the Chief Information Officer.
[FR Doc. 2017-02821 Filed 2-10-17; 8:45 am]
 BILLING CODE 3510-06-P