[Federal Register Volume 83, Number 29 (Monday, February 12, 2018)]
[Notices]
[Pages 5984-5986]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-02689]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

[Docket No.: 170301212-7212-01]


Privacy Act of 1974; System of Records

AGENCY: U.S. Department of Commerce, National Technical Information 
Service.

ACTION: Notice of a Modified System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, as amended, Title 
5 of the United States Code (U.S.C.) sections 552a(e)(4) and (11); and 
Office of Management and Budget (OMB) Circular A-108, ``Federal Agency 
Responsibilities for Review, Reporting, and Publication under the 
Privacy Act,'' the Department of Commerce (Department) is issuing 
notice of intent to amend the system of records under COMMERCE/NTIS-1, 
NTIS Business Systems, to update information concerning the location of 
the system of records, categories of records covered by the system, the 
authority for maintenance of the system, the policies and practices for 
retention, disposal, and safeguarding the system of records, the 
storage, the system manager and address, the notification procedures; 
and other minor administrative updates. Accordingly, the COMMERCE/NTIS-
1, NTIS Business Systems notice is amended as below. We invite public 
comment on the system amendment announced in this publication.

DATES: To be considered, written comments must be submitted on or 
before March 14, 2018. The Department filed a report describing the 
modified system of records covered by this notice with the Chair of the 
Senate Committee on Homeland Security and Governmental Affairs, the 
Chair of the House Committee on Oversight and Government Reform, and 
the Deputy Administrator of the Office of Information and Regulatory 
Affairs, Office of Management and Budget (OMB), on May 31, 2017. This 
modified system of records will become effective upon publication in 
the Federal Register on February 6, 2018, unless the modified system of 
records notice needs to be changed as a result of public comment.
    Newly proposed routine uses 16 and 17 in the paragraph entitled 
``ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING 
CATEGORIES OF USERS AND PURPOSES OF SUCH USES'' will become effective 
on March 29, 2018, unless the modified system of records notice needs 
to be changed as a result of public comment. If the modified system of 
records notice needs to be changed, the Department will publish a 
subsequent notice in the Federal Register by February 6, 2018, stating 
that the current system of records will remain in effect until a 
revised notice is published in the Federal Register.

ADDRESSES: Please address comments to: National Technical Information 
Service, Freedom of Information Act and Privacy Act Officer, 5301 
Shawnee Rd., Alexandria, VA 22312.

FOR FURTHER INFORMATION CONTACT: National Technical Information 
Service, Freedom of Information Act and Privacy Act Officer, Mr. Wayne 
Strickland, 703-605-6543, ntis.gov">WStrickland@ntis.gov, 5301 Shawnee Rd., 
Alexandria, VA 22312.

SUPPLEMENTARY INFORMATION: This update makes seven program-related 
changes. The first of seven proposed changes revises the name of the 
system from ``Individuals interested in NTIS Publications, Shipped 
Order Addresses, Customer Account Records, and Subscriber Files'' to 
``NTIS Business Systems.'' The second of seven proposed changes revises 
the location of the system. The third proposed change updates the 
categories of records. The fourth change updates the authority for 
maintenance to reflect the addition of new systems. The fifth change 
updates the routine uses. The sixth change updates the system manager 
and address. The seventh change updates the policies and practices for 
the storage, retrievability, safeguards, and retention and disposal of 
the records in the system. Additionally, the amendment provides other 
minor administrative updates. The entire resulting system of records 
notice, as amended, appears below.

[[Page 5985]]

SYSTEM NAME AND NUMBER
    COMMERCE/NTIS-1; NTIS Business Systems.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    National Technical Information Service, 5301 Shawnee Rd, 
Alexandria, VA 22312.

SYSTEM MANAGER(S):
    System managers are the same as stated in the System Location 
section above.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    15 U.S.C. 1151-57; 41 U.S.C. 104; 44 U.S.C. 3101; Pub. L. 113-67.

PURPOSE(S) OF THE SYSTEM:
    The National Technical Information Service (NTIS) business systems 
are the collection of systems and applications that are hosted on NTIS 
servers. These systems work together to allow NTIS to provide services 
to the general public; and as well as internal financial services for 
NTIS. Products and services sold through ntis.gov are processed by the 
NTIS business systems.
    NTIS collects information from all individuals who order and/or 
purchase products and services from NTIS and all individuals who have 
requested that they be placed on the NTIS promotional mailing list to 
receive NTIS promotional literature.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    All individuals who order and/or purchase products and services 
from NTIS and all individuals who have requested that they be placed on 
the NTIS promotional mailing list to receive NTIS promotional 
literature.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Name; address; telephone number; email address; nine-digit taxpayer 
identification number; state incorporation/registration number; items 
ordered; items sent; amount of purchases, date order received; date 
order mailed; NTIS deposit account or customer code number; total 
charge to date; whether account collectible or not; categories of 
publications ordered by each purchaser; when subscription expired; 
amount of deposit; certification status; uniform resource locator 
(URL), which is a web page address or location.

RECORD SOURCE CATEGORIES:
    Subject individual of the record.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    1. A record from this system of records may be disclosed, as a 
routine use, to NTIS sales agents; and to individuals, organizations, 
Federal agencies, and State and local governments contributing 
publications to NTIS for their market research and sales accounting 
purposes, through the mechanism of providing them the names and 
addresses of individuals (and others) who have purchased their 
publications.
    2. A record from this system of records may be disclosed, as a 
routine use, to commercial contractors (debt collection agencies) for 
the purpose of collecting delinquent debts as authorized by the Debt 
Collection Act (31 U.S.C. 3718).
    3. A record from this system of records may be disclosed, as a 
routine use, to Members of Congress per Section 203 of The Bipartisan 
Budget Act of 2013 (Pub. L. 113-67).
    4. In the event that a system or records maintained by the 
Department to carry out its functions indicates a violation or 
potential violation of law or contract, whether civil, criminal or 
regulatory in nature, and whether arising by general statute or 
particular program statute or contract, or rule, regulation, or order 
issued pursuant thereto, or the necessity to protect an interest of the 
Department, the relevant records in the system of records may be 
referred, as a routine use, to the appropriate agency, whether Federal, 
state, local or foreign, charged with the responsibility of 
investigating or prosecuting such violation or charged with enforcing 
or implementing the statute or contract, or rule, regulation or order 
issued pursuant thereto, or protecting the interest of the Department.
    5. A record from this system of records may be disclosed, as a 
routine use, to a Federal, state or local agency maintaining civil, 
criminal or other relevant enforcement information or other pertinent 
information, such as current licenses, if necessary to obtain 
information relevant to a Department decision concerning the 
assignment, hiring or retention of an individual, the issuance of a 
security clearance, the letting of a contract, or the issuance of a 
license, grant or other benefit.
    6. A record from this system of records may be disclosed, as a 
routine use, to a Federal, state, local, or international agency, in 
response to its request, in connection with the assignment, hiring or 
retention of an individual, the issuance of a security clearance, the 
reporting of an investigation of an individual, the letting of a 
contract, or the issuance of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the requesting agency's decision on the matter.
    7. A record from this system of records may be disclosed, as a 
routine use, in the course of presenting evidence to a court, 
magistrate or administrative tribunal, including disclosures to 
opposing counsel in the course of settlement negotiations.
    8. A record in this system of records may be disclosed, as a 
routine use, to a Member of Congress submitting a request involving an 
individual when the individual has requested assistance from the Member 
with respect to the subject matter of the record.
    9. A record in this system of records which contains medical 
information may be disclosed, as a routine use, to the medical advisor 
of any individual submitting a request for access to the record under 
the Act and 15 CFR part 4b if, in the sole judgment of the Department, 
disclosure could have an adverse effect upon the individual, under the 
provision of 5 U.S.C. 552a(f)(3) and implementing regulations at 15 CFR 
4b.26.
    10. A record in this system of records may be disclosed, as a 
routine use, to the Office of Management and Budget in connection with 
the review of private relief legislation as set forth in OMB Circular 
No. A-19 at any stage of the legislative coordination and clearance 
process as set forth in that Circular.
    11. A record in this system of records may be disclosed, as a 
routine use, to the Department of Justice in connection with 
determining whether disclosure thereof is required by the Freedom of 
Information Act (5 U.S.C. 552).
    12. A record in this system of records may be disclosed, as a 
routine use, to a contractor of the Department having need for the 
information in the performance of the contract, but not operating a 
system of records within the meaning of 5 U.S.C. 552a(m).
    13. A record in this system may be transferred, as a routine use, 
to the Office of Personnel Management: For personnel research purposes; 
as a data source for management information; for the production of 
summary descriptive statistics and analytical studies in support of the 
function for which the records are collected and maintained; or for 
related manpower studies.
    14. A record from this system of records may be disclosed, as a 
routine use, to the Administrator, General Services Administration 
(GSA), or his

[[Page 5986]]

designee, during an inspection of records conducted by GSA as part of 
that agency's responsibility to recommend improvements in records 
management practices and programs, under authority of 44 U.S.C. 2904 
and 2906. Such disclosure shall be made in accordance with the GSA 
regulations governing inspection of records for this purpose, and any 
other relevant (i.e. GSA or Commerce) directive. Such disclosure shall 
not be used to make determinations about individuals.
    15. A record in this system of records may be disclosed to 
appropriate agencies, entities and persons when: (1) It is suspected or 
determined that the security or confidentiality of information in the 
system of records has been compromised; (2) the Department has 
determined that as a result of the suspected or confirmed compromise 
there is a risk of harm to economic or property interests, identity 
theft or fraud, or harm to the security or integrity of this system or 
whether systems or programs (whether maintained by the Department or 
another agency or entity) that rely upon the compromised information; 
and (3) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with the Department's 
efforts to respond to the suspected or confirmed compromise and to 
prevent, minimize, or remedy such harm.
    16. A record in this system of records may be disclosed to another 
Federal agency or Federal entity, when the Department determines that 
information from this system of records is reasonably necessary to 
assist the recipient agency or entity in (1) responding to a suspected 
or confirmed breach or (2) preventing, minimizing, or remedying the 
risk of harm to individuals, the recipient agency or entity (including 
its information systems, programs, and operations), the Federal 
Government, or national security, resulting from a suspected or 
confirmed breach.
    17. A record in this system of records may be disclosed to student 
volunteers, individuals working under a personal services contract, and 
other workers who technically do not have the status of Federal 
employees, when they are performing work for the Department and/or its 
agencies, as authorized by law, as needed to perform their assigned 
Agency functions.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records will be stored in a secure computerized system and on 
magnetic media; output data will be electronic. Paper records in file 
folders, film files, and magnetic media will be stored in a secure area 
within a locked drawer or cabinet. Source data sets containing personal 
identifiers will be maintained in a secure restricted-access IT 
environment.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    a. Records maintained in electronic form are retrieved by the name 
of the customer and/or the NTIS deposit account or customer code 
number.
    b. Records maintained in paper form are retrieved by the name of 
the customer and/or the NTIS deposit account or customer code number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    NTIS records retention schedules are currently in review.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Paper records and disks as stored in file cabinets on secured 
premises with access limited to personnel whose official duties require 
access. The electronic system operates at a FISMA Moderate security 
rating and is hosted in a Federal Government data center.

RECORD ACCESS PROCEDURES:
    An individual requesting access to records on himself or herself 
should send a signed, written inquiry to the same address as stated in 
the Notification Procedure section above. The request letter should be 
clearly marked, ``PRIVACY ACT REQUEST.'' The written inquiry must be 
signed and notarized or submitted with certification of identity under 
penalty of perjury. Requesters should specify the record contents being 
sought.

CONTESTING RECORD PROCEDURES:
    An individual requesting corrections or contesting information 
contained in his or her records must send a signed, written request 
inquiry to the same address as stated in the Notification Procedure 
section above. Requesters should reasonable identify the records, 
specify the information they are contesting and state the corrective 
action sought and the reasons for the correction with supporting 
justification showing how the record is incomplete, untimely, 
inaccurate, or irrelevant.
    The Department rules for access, for contesting contents and 
appealing initial determinations by the individual concerned appear in 
15 CFR part 4b. Use the address in the Notification Procedures section.

NOTIFICATION PROCEDURES:
    An individual requesting notification of existence of records on 
himself or herself should send a signed, written inquiry to the 
following address: National Technical Information Service, Freedom of 
Information Act and Privacy Act Officer, 5301 Shawnee Rd., Alexandria, 
VA 22312.
    The request letter should be clearly marked, ``PRIVACY ACT 
REQUEST.'' The written inquiry must be signed and notarized or 
submitted with certification of identity under penalty of perjury. 
Requesters should reasonably specify the record contents being sought.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    https://www.gpo.gov/fdsys/pkg/PAI-2013-COMMERCE/xml/PAI-2013-COMMERCE.xml#ntis1.

    Dated: February 6, 2018.
Michael J. Toland,
Department of Commerce, Deputy Chief FOIA Officer, Department Privacy 
Act Officer.
[FR Doc. 2018-02689 Filed 2-9-18; 8:45 am]
BILLING CODE 3510-04-P