[Federal Register Volume 84, Number 81 (Friday, April 26, 2019)]
[Notices]
[Pages 17814-17816]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2019-08395]


-----------------------------------------------------------------------

COMMODITY FUTURES TRADING COMMISSION


Privacy Act of 1974; System of Records

AGENCY: Commodity Futures Trading Commission.

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the requirements of the Privacy Act of 
1974, as amended, 5 U.S.C. 552a, the Commodity Futures Trading 
Commission (CFTC or Commission) is establishing a new systems of 
records: CFTC-53, Mailing, Event, and General Contact Lists.

DATES: Comments must be received on or before May 28, 2019. This action 
will be effective without further notice on May 28, 2019, unless 
revised pursuant to comments received.

ADDRESSES: You may submit comments identified as pertaining to 
``Mailing, Event, and General Contact Lists'' by any of the following 
methods:
     Agency website, via its Comments Online process: https://comments.cftc.gov. Follow the instructions for submitting comments 
through the website.
     Mail: Christopher Kirkpatrick, Secretary of the 
Commission, Commodity Futures Trading Commission, Three Lafayette 
Centre, 1155 21st Street NW, Washington, DC 20581.
     Hand Delivery/Courier: Same as Mail, above.

Please submit your comments using only one method.
    All comments must be submitted in English, or if not, accompanied 
by an English translation. Comments will be posted as received to 
http://www.cftc.gov. You should submit only information that you wish 
to make available publicly.
    The Commission reserves the right, but shall have no obligation, to 
review, pre-screen, filter, redact, refuse, or remove any or all of a 
submission from http://www.cftc.gov that it may deem to be 
inappropriate for publication, such as obscene language. All 
submissions that have been redacted or removed that contain comments on 
the merits of the notice will be retained in the comment file and will 
be considered as required under all applicable laws, and may be 
accessible under the FOIA.

FOR FURTHER INFORMATION CONTACT: Melissa Jurgens, Acting Chief Privacy 
Officer, 202-418-5516, [email protected], Office of the Executive 
Director, Commodity Futures Trading Commission, Three Lafayette Centre, 
1155 21st Street NW, Washington, DC 20581.

SUPPLEMENTARY INFORMATION:

[[Page 17815]]

I. Mailing, Event, and General Contact Lists

    The CFTC is establishing a new system of records that includes 
contact information compiled in lists related to a specific event, 
initiative, project, or outreach activity. These lists are used to 
facilitate mailings, registrations, and other communications to 
multiple addressees in furtherance of CFTC's mission under the 
Commodity Exchange Act.

II. The Privacy Act

    Under the Privacy Act of 1974, 5 U.S.C. 552a, a ``system of 
records'' is defined as any group of records under the control of a 
Federal government agency from which information about individuals is 
retrieved by name or by some identifying number, symbol, or other 
identifying particular assigned to the individual. The Privacy Act 
establishes the means by which government agencies must collect, 
maintain, and use information about an individual in a government 
system of records.
    Each government agency is required to publish a notice in the 
Federal Register in which the agency identifies and describes each 
system of records it maintains, the reasons why the agency uses the 
information therein, the routine uses for which the agency will 
disclose such information outside the agency, and how individuals may 
exercise their rights under the Privacy Act.
    In accordance with 5 U.S.C. 552a(r), CFTC has provided a report of 
this system of records to the Office of Management and Budget (OMB) and 
to Congress.

III. Notice: Mailing, Event and Contact Lists, CFTC-53

SYSTEM NAME AND NUMBER
    Mailing, Event, and General Contact Lists, CFTC-53.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    This system is located at the Commodity Futures Trading Commission, 
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.

SYSTEM MANAGER(S):
    Office of Public Affairs, Commodity Futures Trading Commission, 
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Section 748 of the Dodd-Frank Act (Pub. L. 111-203, Title VII, 
Section 748(g)(2)(B)) established the CFTC Customer Protection Fund for 
customer education initiatives designed to help customers protect 
themselves against fraud or other violations of the CEA or the rules or 
regulations thereunder. The Commission undertakes and maintains 
customer, and financial regulator education and awareness initiatives 
through various CFTC events and activities in accordance with Part 
165.12 of the regulations under the Commodity Exchange Act, 17 CFR 165. 
The Commission also has authority to collect this information under 7 
U.S.C. 22(a)(2)-(3) of the Commodity Exchange Act. See also 7 U.S.C. 
26(g), and 44 U.S.C. 3101.

PURPOSE(S) OF THE SYSTEM:
    The information in the system is being collected to enable CFTC to 
efficiently and effectively manage contact information to: (1) Assist 
CFTC in the distribution of documents and information to individuals 
who request such materials; (2) to maintain lists of media, 
Congressional, business, or other contacts for future communications; 
(3) create and maintain registration and event management tools for 
outreach, education, and training events; and, (4) correspond with 
individuals who attend CFTC events or request materials or 
notifications of CFTC events or initiatives or may be interested in 
learning about such events.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals covered by this system include individuals who have 
requested to receive information, subscriptions, inquiries, informal 
guidance or materials from CFTC; who register or participate in CFTC-
sponsored or CFTC-funded events; respond to surveys or feedback forms 
from CFTC, partnering agency, or by a third party contracted by CFTC; 
correspond with CFTC or are discussed in correspondence to or from CFTC 
regarding events, initiatives, and outreach activities; or who have 
previously interacted with the CFTC or other financial market 
regulators on other matters; or who the CFTC believes would be 
interested in learning of certain of our events or programs.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Information included in the system of records may contain: (1) 
Contact information (name, home/work address, business/institution 
affiliation and address, job titles, phone numbers (both work and 
mobile), email addresses; (2) information collected from or about 
attendees in response to surveys or as part of the event registration 
process; (3) special accommodation information (e.g., dietary 
restrictions, seating, access accommodations); (4) photographs; and (5) 
sign-in sheets or rosters compiled at meetings, conferences, and 
workshops held at or by the CFTC or event/outreach partner.

RECORD SOURCE CATEGORIES:
    Information in this system is obtained directly from the 
individual, or their representative, who is the subject of these 
records or from third parties, such as survey providers or event 
hosting companies.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    The information in this system will be routinely used by CFTC staff 
members to contact individuals to respond to requests for information; 
facilitate events; educate customers, industry members, and financial 
regulators (both domestic and foreign); and, correspond with members of 
the public. These records and information in these records may be used:
    (a) To disclose in any administrative proceeding before the 
Commission, in any injunctive action authorized under the Commodity 
Exchange Act, or in any other action or proceeding in which the 
Commission or its staff participates as a party or the Commission 
participates as amicus curiae;
    (b) To disclose to Federal, State, local, territorial, Tribal, or 
foreign agencies for use in meeting their statutory or regulatory 
requirements;
    (c) Information may be disclosed to any ``registered entity,'' as 
defined in section 1a of the Commodity Exchange Act, 7 U.S.C. 1, et 
seq. (``the Act''), to the extent disclosure is authorized and will 
assist the registered entity in carrying out its responsibilities under 
the Act. Information may also be disclosed to any registered futures 
association registered under section 17 of the Act to assist it in 
carrying out its self-regulatory responsibilities under the Act, and to 
any national securities exchange or national securities association 
registered with the Securities and Exchange Commission to assist those 
organizations in carrying out their self-regulatory responsibilities 
under the Securities Exchange Act of 1934, 15 U.S.C. 78a, et seq.;
    (d) To disclose to contractors, grantees, volunteers, experts, 
students, and others performing or working on a contract, service, 
grant, cooperative agreement, or job for the Federal government when 
necessary to accomplish an agency function;
    (e) To disclose to Congress upon its request, acting within the 
scope of its

[[Page 17816]]

jurisdiction, pursuant to the Commodity Exchange Act, 7 U.S.C. 1 et 
seq., and the rules and regulations promulgated thereunder;
    (f) To disclose to appropriate agencies, entities, and persons when 
(1) the Commission suspects or has confirmed that there has been a 
breach of the system of records; (2) the Commission has determined that 
as a result of the suspected or confirmed breach there is a risk of 
harm to individuals, the Commission (including its information systems, 
programs, and operations), the Federal Government, or national 
security; and (3) the disclosure made to such agencies, entities, and 
persons is reasonably necessary to assist in connection with the 
Commission's efforts to respond to the suspected or confirmed breach or 
to prevent, minimize, or remedy such harm; or
    (g) To disclose to another Federal agency or Federal entity, when 
the Commission determines that information from this system of records 
is reasonably necessary to assist the recipient agency or entity in (1) 
responding to a suspected or confirmed breach or (2) preventing, 
minimizing, or remedying the risk of harm to individuals, the recipient 
agency or entity (including its information systems, programs, and 
operations), the Federal Government, or national security, resulting 
from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in this system may be stored electronically or on paper. 
Electronic records are stored on the Commission's secure network and 
secure back-up media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Certain information covered by this SORN may be retrieved by name, 
address, business affiliation, email address, event date, event type, 
event location or an identifying event or file number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The records will be maintained in accordance with records 
disposition schedules approved by the National Archives and Records 
Administration. The schedules are available at http://www.cftc.gov.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records are protected from unauthorized access and improper use 
through administrative, technical, and physical security measures. 
Administrative safeguards include written guidelines on handling 
personal information including agency-wide procedures for safeguarding 
personally identifiable information. In addition, all CFTC staff are 
required to take annual privacy and security training. Technical 
security measures within CFTC include restrictions on computer access 
to authorized individuals who have a legitimate need to know the 
information; required use of strong passwords that are frequently 
changed; multi-factor authentication for remote access and access to 
many CFTC network components; use of encryption for certain data types 
and transfers; firewalls and intrusion detection applications; and 
regular review of security procedures and best practices to enhance 
security. Physical safeguards include restrictions on building access 
to authorized individuals, 24-hour security guard service, and 
maintenance of records in lockable offices and filing cabinets.

RECORD ACCESS PROCEDURES:
    Individuals seeking to determine whether this system of records 
contains information about themselves or seeking access to records 
about themselves in this system of records should address written 
inquiries to the Office of General Counsel, Commodity Futures Trading 
Commission, Three Lafayette Centre, 1155 21st Street NW, Washington, DC 
20581. See 17 CFR 146.3 for full details on what to include in a 
Privacy Act access request.

CONTESTING RECORD PROCEDURES:
    Individuals contesting the content of records about themselves 
contained in this system of records should address written inquiries to 
the Office of General Counsel, Commodity Futures Trading Commission, 
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See 
17 CFR 146.8 for full details on what to include in a Privacy Act 
amendment request.

NOTIFICATION PROCEDURES:
    Individuals seeking notification of any records about themselves 
contained in this system of records should address written inquiries to 
the Office of General Counsel, Commodity Futures Trading Commission, 
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See 
17 CFR 146.3 for full details on what to include in a Privacy Act 
notification request.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.

    Issued in Washington, DC, on April 22, 2019, by the Commission.
Robert Sidman,
Deputy Secretary of the Commission.
[FR Doc. 2019-08395 Filed 4-25-19; 8:45 am]
BILLING CODE 6351-01-P