[Federal Register Volume 83, Number 119 (Wednesday, June 20, 2018)]
[Notices]
[Pages 28707-28709]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-13212]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF STATE

[Public Notice: 10448]


Privacy Act of 1974; System of Records

AGENCY: Department of State.

ACTION: Notice of a modified System of Records.

-----------------------------------------------------------------------

SUMMARY: Information in the Legal Adviser's Case Management Records is 
used to provide or facilitate the provision of legal advice and opinion 
to the offices of the Department of State and to facilitate defense or 
representation of the Department in litigation and in other legal 
proceedings. Information may also be used to reply to requests from 
federal, state, local, or international courts, agencies, commissions, 
organizations, or mechanisms.

DATES: In accordance with 5 U.S.C. 552a(e)(4) and (11), this system of 
records notice is effective upon publication, with the exception of the 
routine uses (c), (e), (g), (h) and (k), which are subject to a 30-day 
period during which interested persons may submit comments to the 
Department. Please submit any comments by July 20, 2018.

ADDRESSES: Questions can be submitted by mail or email. If mail, please 
write to: U.S Department of State; Office of Global Information 
Systems, Privacy Staff; A/GIS/PRV; SA-2, Suite 8100; Washington, DC 
20522-0208. If email, please address the email to the Senior Agency 
Official for Privacy, Mary R. Avery, at [email protected]. Please write 
``Legal Case Management Records, State-21'' on the envelope or the 
subject line of your email.

FOR FURTHER INFORMATION CONTACT: Mary R. Avery, Senior Agency Official 
for Privacy; U.S. Department of State; Office of Global Information 
Services, A/GIS/PRV; SA-2, Suite 8100; Washington, DC 20522-0208 or at 
(202)663-2215.

SUPPLEMENTARY INFORMATION: The purpose of this modification is to make 
substantive and administrative changes to the previously published 
notice. This notice modifies the following sections of State-21, Legal 
Case Management Records: Categories of Individuals, Categories of 
Records, Purpose, Routine Uses, and Record Source Categories. In 
addition, this notice makes administrative updates to the following 
sections: Safeguards, Record Access Procedures, Contesting Record 
Procedures, Notification Procedures, and History. These changes reflect 
new OMB guidance, additional types of records, additional routine uses 
of records, updated contact information, and a notice publication 
history.
SYSTEM NAME AND NUMBER
    Legal Case Management Records, State-21.

SECURITY CLASSIFICATION:
    Unclassified and Classified.

SYSTEM LOCATION:
    Department of State (``Department''), located at 2201 C Street NW, 
Washington, DC 20520; Department of State annexes, U.S. Embassies, U.S. 
Consulates General, and U.S. Consulates.

SYSTEM MANAGER(S):
    Executive Director, Office of the Legal Adviser and Bureau of 
Legislative Affairs, Department of State, 600 19th Street NW, Suite 
5.600, Washington, DC 20522 and can be reached at [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301; 22 U.S.C. 2651a; 22 U.S.C. 2656; 42 U.S.C. 659; 42 
U.S.C. 666; 5 CFR part 581.

PURPOSE(S) OF THE SYSTEM:
    Information in the Legal Adviser's Case Management Records is used 
to provide or facilitate the provision of legal advice and opinion to 
the offices of the Department of State and to facilitate defense or 
representation of the Department in litigation and in other legal 
proceedings. Information may also be used to reply to requests from 
federal, state, local, or international courts, agencies, commissions, 
organizations, or mechanisms.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who have filed or are the subject of administrative 
grievances or proceedings and Equal Employment Opportunity complaints; 
individuals involved in disciplinary proceedings; individuals involved 
in alleged criminal activity or activity in violation of regulations; 
individuals who have filed claims against the United States; 
individuals who have sued the Department of State or any officials; 
individuals whose records may be relevant to legal proceedings 
involving the Department of State; individuals who are the subjects of 
inquiries from federal, state, and local agencies; individuals who are 
the subjects of inquiries by international commissions, organizations, 
or mechanisms; individuals who are the subjects of income withholding 
orders, garnishment orders, bankruptcy orders,

[[Page 28708]]

state tax liens, and similar court or agency documents; individuals who 
have raised or discussed legal or policy questions with the Office of 
the Legal Adviser; and individuals who have otherwise contacted the 
Office of the Legal Adviser. The Privacy Act defines an individual at 5 
U.S.C. 552a(a)(2) as a United States citizen or lawful permanent 
resident.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Biographic information, such as name, contact information, and 
place of birth; employment histories; summaries of circumstances 
surrounding grievances, Equal Employment Opportunity complaints, 
claims, litigation, or disciplinary proceedings; internal memoranda; 
copies of indictments and charges; criminal records and reports of 
investigations; civil and administrative court records; emails; 
electronic records in various formats; supporting documentation for a 
case against or involving the Department, an individual or group; 
contracts and other legal documents; income withholding orders, 
garnishment orders, bankruptcy orders, state tax liens, and similar 
court or agency documents; inquiries from federal, state, and local 
agencies, and responses to those inquiries; inquiries from 
international commissions, organizations or mechanisms, and responses 
to those inquiries; documents that may be relevant to or obtained in 
the course of legal proceedings and investigations; correspondence 
related to legal or policy issues, regardless of format (paper or 
electronic).

RECORD SOURCE CATEGORIES:
    These records contain information that is primarily obtained from 
the individual; offices of the Department of State; other government 
agencies, particularly the Department of Justice; court systems and 
administrative bodies; international commissions, organizations, and 
other mechanisms; previous employers; neighbors; security investigation 
reports; other employees or individuals having knowledge of the issue 
about which a legal opinion is requested or who are party to litigation 
or investigation.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    Legal Case Management Records may be disclosed to:
    (a) The Department of Justice and other federal agencies in 
connection with facilitating defense of the Department in legal 
proceedings and analyzing legal issues;
    (b) Federal, state, and foreign courts, tribunals, and adjudicatory 
bodies where relevant and necessary to legal proceedings;
    (c) International courts, tribunals, commissions, organizations, 
and mechanisms where relevant and necessary to proceedings or 
inquiries;
    (d) A party to a legal proceeding involving the Department, or the 
party's attorney or other designated representative where relevant and 
necessary to legal proceedings;
    (e) A source, witness or subject, or an attorney or other 
designated representative of any source, witness or subject where 
relevant and necessary to legal proceedings;
    (f) Federal agencies having statutory or other lawful authority to 
maintain such information where relevant and necessary to fulfill 
statutory responsibilities;
    (g) Appropriate agencies, entities, and persons when (1) the 
Department of State suspects or has confirmed that there has been a 
breach of the system of records; (2) the Department of State has 
determined that as a result of the suspected or confirmed breach there 
is a risk of harm to individuals, the Department of State (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with the Department of State efforts to respond to the 
suspected or confirmed breach or to prevent, minimize, or remedy such 
harm;
    (h) Another Federal agency or Federal entity, when the Department 
of State determines that information from this system of records is 
reasonably necessary to assist the recipient agency or entity in (1) 
responding to a suspected or confirmed breach or (2) preventing, 
minimizing, or remedying the risk of harm to individuals, the recipient 
agency or entity (including its information systems, programs, and 
operations), the Federal Government, or national security, resulting 
from a suspected or confirmed breach;
    (i) The Department may respond to federal, state, and local agency 
inquiries related to child support, alimony, bankruptcy, state tax 
lien, or similar issues;
    (j) Pursuant to a court or agency order, the Department may 
disclose relevant information to private collection agencies, law firms 
and/or other individuals authorized to receive benefits under such 
order; and
    (k) The Department may also publish certain information from this 
system of records in a Department-published annual digest and through 
other Department-controlled media when the Department reasonably 
believes that such publication will inform the public about its 
practice of international law. This may include, but is not limited to, 
information about cases, proceedings, and inquiries in which the 
Department participates or is involved.
    The Department of State periodically publishes in the Federal 
Register its standard routine uses which apply to all of its Privacy 
Act systems of records. These notices appear in the form of a Prefatory 
Statement (published in Volume 73, Number 136, Public Notice 6290, on 
July 15, 2008). All of these standard routine uses apply to Legal Case 
Management Records, State-21.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records will be stored in both hard copy and electronic media. A 
description of standard Department of State policies concerning storage 
of electronic records is found in the Department's Foreign Affairs 
Manual (https://fam.state.gov/FAM/05FAM/05FAM0440.html). All hard 
copies of records containing personal information are maintained in 
secured file cabinets in restricted areas, access to which is limited 
to authorized personnel only.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Hardcopy by name, date, country, and/or subject; electronic by 
keyword or metadata.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records maintained in this system of records are generally 
permanent and are retired to the Records Service Center one year after 
the close of the case. These records are retired and destroyed in 
accordance with published Department of State Records Disposition 
Schedules as approved by the National Archives and Records 
Administration (NARA), and a complete list of the Department's 
schedules can be found on our Freedom of Information Act (FOIA) 
program's website (https://foia.state.gov/Learn/RecordsDisposition.aspx). More specific information may be obtained by 
writing to the following address: Director, Office of Information 
Programs and Services, A/GIS/IPS; SA-2, Department of State; 515 22nd 
Street NW; Washington, DC 20522-8100.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    All users are given cyber security awareness training that covers 
the procedures for handling Sensitive but

[[Page 28709]]

Unclassified information, including personally identifiable information 
(PII). Annual refresher training is mandatory. In addition, all Foreign 
Service and Civil Service employees and those Locally Engaged Staff who 
handle PII are required to take the Foreign Service Institute distance 
learning course instructing employees on privacy and security 
requirements, including the rules of behavior for handling PII and the 
potential consequences if it is handled improperly.
    Access to the Department of State, its annexes and posts abroad is 
controlled by security guards and admission is limited to those 
individuals possessing a valid identification card or individuals under 
proper escort. While the majority of records covered in the Legal Case 
Management Records are electronic, all paper records containing 
personal information are maintained in secured file cabinets in 
restricted areas, access to which is limited to authorized personnel. 
Access to computerized files is password-protected and under the direct 
supervision of the system manager. The system manager has the 
capability of printing audit trails of access from the computer media, 
thereby permitting regular and ad hoc monitoring of computer usage. 
When it is determined that a user no longer needs access, the user 
account is disabled.
    Before being granted access to Legal Case Management Records, a 
user must first be granted access to the Department of State computer 
system. Remote access to the Department of State network from non-
Department owned systems is authorized only through a Department 
approved access program. Remote access to the network is configured 
with the authentication requirements contained in the Office of 
Management and Budget Circular Memorandum A-130. All Department of 
State employees and contractors with authorized access have undergone a 
background security investigation.

RECORD ACCESS PROCEDURES:
    Individuals who wish to gain access to or to amend records 
pertaining to themselves should write to U.S. Department of State; 
Director, Office of Information Programs and Services; A/GIS/IPS; SA-2, 
Suite 8100; Washington, DC 20522-0208. The individual must specify that 
he or she wishes the Legal Case Management Records to be checked. At a 
minimum, the individual must include: Full name (including maiden name, 
if appropriate) and any other names used; current mailing address and 
zip code; date and place of birth; notarized signature or statement 
under penalty of perjury; a brief description of the circumstances that 
caused the creation of the record (including the city and/or country 
and the approximate dates) which gives the individual cause to believe 
that the Legal Case Management Records include records pertaining to 
him or her. Detailed instructions on Department of State procedures for 
accessing and amending records can be found at the Department's FOIA 
website (https://foia.state.gov/Request/Guide.aspx).

CONTESTING RECORD PROCEDURES:
    Individuals who wish to contest records should write to U.S. 
Department of State; Director, Office of Information Programs and 
Services; A/GIS/IPS; SA-2, Suite 8100; Washington, DC 20522-0208.

NOTIFICATION PROCEDURES:
    Individuals who have reason to believe that this system of records 
may contain information pertaining to them may write to U.S. Department 
of State; Director, Office of Information Programs and Services; A/GIS/
IPS; SA-2, Suite 8100; Washington, DC 20522-0208. The individual must 
specify that he/she wishes the Legal Case Management Records to be 
checked. At a minimum, the individual must include: full name 
(including maiden name, if appropriate) and any other names used; 
current mailing address and zip code; date and place of birth; 
notarized signature or statement under penalty of perjury; a brief 
description of the circumstances that caused the creation of the record 
(including the city and/or country and the approximate dates) which 
gives the individual cause to believe that the Legal Case Management 
Records include records pertaining to him or her.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Pursuant to 5 U.S.C. 552a(k)(1), records in this system may be 
exempted from subsections (c)(3), (d), (e)(1), (e)(4)(G), (e)(4)(H), 
(e)(4)(I), (f) of 552a. See 22 CFR 171.26.

HISTORY:
    This SORN was previously published at 81 FR 40741.

Mary R. Avery,
Senior Agency Official for Privacy, Senior Advisor, Office of Global 
Information Services, Bureau of Administration, Department of State.
[FR Doc. 2018-13212 Filed 6-19-18; 8:45 am]
 BILLING CODE 4710-24-P