[Federal Register Volume 86, Number 9 (Thursday, January 14, 2021)]
[Notices]
[Pages 3109-3112]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-00450]


 ========================================================================
 Notices
                                                 Federal Register
 ________________________________________________________________________
 
 This section of the FEDERAL REGISTER contains documents other than rules 
 or proposed rules that are applicable to the public. Notices of hearings 
 and investigations, committee meetings, agency decisions and rulings, 
 delegations of authority, filing of petitions and applications and agency 
 statements of organization and functions are examples of documents 
 appearing in this section.
 
 ========================================================================
 

  Federal Register / Vol. 86, No. 9 / Thursday, January 14, 2021 / 
Notices  

[[Page 3109]]



AGENCY FOR INTERNATIONAL DEVELOPMENT


Privacy Act of 1974; System of Records

AGENCY: Agency for International Development (USAID).

ACTION: Notice of a Modified System of Records.

-----------------------------------------------------------------------

SUMMARY: The United States Agency for International Development 
proposes to significantly modify the ``United States Agency for 
International Development, Partner-Vetting Enhancement Project, USAID-
27, Partner-Vetting System, System of Records.'' The purpose of the 
system is to support the vetting of directors, officers, and other 
employees of non-governmental organizations that apply to USAID for 
contracts, grants, cooperative agreements, or other funding. The Agency 
specifically uses the information collected from the individuals to 
conduct screening and to mitigate the risk that USAID's funds and 
USAID-funded activities purposefully or inadvertently provide support 
to entities or individuals deemed a risk to national security.

DATES: Submit comments on or before 12 February 2021. This modified 
system of records will be effective 12 February 2021 upon publication. 
The Routine Uses are effective at the close of the comment period.

ADDRESSES: You may submit comments:

Electronic

     Federal eRulemaking Portal: http://www.regulations.gov. 
Follow the instructions on the website for submitting comments.
     Email: [email protected].

Paper

     Fax: 202-916-4946.
     Mail: Chief Privacy Officer, United States Agency for 
International Development, 1300 Pennsylvania Avenue NW, Washington, DC 
20523.

FOR FURTHER INFORMATION CONTACT: Ms. Celida A. Malone, USAID Privacy 
Program at United States Agency for International Development, Bureau 
for Management, Office of the Chief Information Officer, Information 
Assurance Division: ATTN: USAID Privacy Program, 1300 Pennsylvania 
Avenue NW, Washington, DC 20523, or by phone number at 202-916-4605.

SUPPLEMENTARY INFORMATION: For purposes of national-security and 
counterterrorism vetting, USAID staff use the Partner-Vetting System 
(PVS) to receive, store, and process organizational information and 
Personally Identifiable Information (PII) by using USAID Form 500-13, 
the Partner-Information Form (PIF). See https://www.usaid.gov/forms/aid-500-13. The Office of Management and Budget has approved the use of 
the PIF under the Paperwork Reduction Act. The PII gathered on the PIF, 
and in PVS, as stated in the current SORN, includes full name 
(including any aliases or variations of spelling); date and place of 
birth; government-issued identification information (including, but not 
limited to, Social Security Number, passport number, or other numbers 
originated by a government that specifically identify an individual); 
current mailing address; telephone numbers; email addresses; 
citizenship; gender; and occupation or other employment data.
    USAID is modifying the SORN to delete ``Individuals who are 
officers or other officials of non-profit, non-governmental 
organizations who apply for registration with USAID as Private and 
Voluntary Organizations (PVOs)'' from the ``Categories of Individuals 
Covered by the System,'' as a result of the Agency's decision to change 
the registration processes for PVOs. PVOs only must register for the 
Limited Excess Property Program and the Ocean Freight Reimbursement 
Program, and to self-certify as part of the application process. USAID 
also are clarifying under ``Categories of Records in the System'' that 
the government-issued identification information listed in its existing 
SORN includes photographic biometric data. We further are adding more 
detail to the SORN's Routine-Uses Statement, including that we share 
information with other Federal Departments and Agencies for vetting 
purposes, and clarifying that the PVS does not contain any classified 
information.

    Dated: October 8, 2020.
Mark Joseph Johnson,
Chief Privacy Officer, United States Agency for International 
Development.

SYSTEM NAME AND NUMBER:
    Partner-Vetting System, USAID-27.

SECURITY CLASSIFICATION:
    Sensitive but Unclassified.

SYSTEM LOCATION:
    Amazon Web Services, US-EAST-1, 7600 Doane Drive, Manassas VA 
20109.

SYSTEM MANAGER:
    Chief, Counterterrorism Vetting, Office of Security, United States 
Agency for International Development, Ronald Reagan Building, 1300 
Pennsylvania Avenue NW, Washington, DC 20523.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The Foreign Assistance Act of 1961 (FAA), as amended, permits the 
Administrator of USAID to consider a range of foreign-policy and 
national-security interests in determining how to provide foreign 
assistance. Sections 7034 and 7039 of the Department of State, Foreign 
Operations, and Related Programs Appropriations Act for Fiscal Year 
2020 (FY 2020) contain provisions and requirements for the oversight of 
USAID's programs. Executive Order (E.O.) 9397 created and governs the 
use of Social Security Numbers.

PURPOSE OF THE SYSTEM:
    PVS supports the vetting of directors, officers, and other 
employees of non-governmental organizations that apply to USAID for 
contracts, grants, cooperative agreements or other funding. The Agency 
specifically uses the information collected from the individuals to 
conduct screening, and to mitigate the risk that USAID's funds and 
USAID-funded activities purposefully or inadvertently provide support 
to entities or individuals deemed a risk to national security.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who are directors, officers, or are otherwise employed 
by either for-profit or non-profit non-governmental organizations that 
apply for and receive contracts, grants, cooperative agreements, or 
other types of instruments from USAID; individuals

[[Page 3110]]

who apply for and receive Personal Services Contracts or other 
contracts, grants, or cooperative agreements; individuals or 
organizations that attempt to obtain other assistance or benefits from 
USAID (excluding for PVOs).

CATEGORIES OF RECORDS IN THE SYSTEM:
    Full name, Social Security Number, date of birth, place of birth, 
passport number or permanent resident card number, tax identification 
number, home address, home telephone number, personal cell phone 
number, personal email address, work telephone number, work email 
address, citizenship, sex or gender, photographic biometric 
information, employment or salary record.

RECORD SOURCE CATEGORIES:
    USAID may obtain information in this system from a non-governmental 
organization (USAID contractor or recipient official who is responsible 
for completing the application package required to obtain funds or 
assistance from USAID as an award or as a sub-award. In the case of 
applications by an individual in his/her own capacity, the Agency will 
collect the information directly from the individual applicant. USAID 
also may obtain information in this system from public sources, Federal 
Departments and Agencies that conduct national-security screening, law-
enforcement and intelligence-agency record systems, and other Federal 
Government databases.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under the 
Privacy Act (Section 552a (b) of Title 5 of the U.S.C.), the Agency 
could disclose all or a portion of the records or information contained 
in this system outside of USAID as a routine use, as follows:
    (1) To another Federal Department or Agency, to a court, 
magistrate, or other administrative body, or to a party in litigation 
before a court or in an administrative proceeding being conducted by a 
Federal Department or Agency, when the Government is a party to the 
judicial or administrative proceedings or has a significant interest in 
the proceeding where the Department or Agency determines the 
information to be necessary and relevant.
    (2) To any component of the U.S. Department of Justice, or in a 
proceeding before a court, adjudicative body, or other administrative 
body before which the Department or Agency is authorized to appear, 
when; (a) the Department or Agency or any component thereof; or (b) any 
employee of the Department or Agency in her or his official capacity; 
or (c) any employee of the Department or Agency in his or her 
individual capacity where the U.S. Department of Justice or the 
Department or Agency has agreed to represent the employee; or (d) the 
United States, when the Department or Agency determines that litigation 
is likely to affect it or any of its components, is a party to 
litigation or has an interest in such litigation, and the Department or 
Agency deems the use of such records by the U.S. Department of Justice 
or the Department or Agency is relevant and necessary to the litigation 
provided, however, that in each case the Department or Agency has 
determined that the disclosure is compatible with the purpose for which 
the records were collected.
    (3) To the U.S. Department of Justice for the purpose of obtaining 
legal counsel, including whether USAID should disclose the records or 
information in this system of records outside the Agency.
    (4) To a Federal Government Department or Agency that assists USAID 
for the purpose of vetting, and for the purposes of ensuring accuracy 
of existing records and updating government records when a match 
between an applicant and another database is identified.
    (5) To disclose information to contractors (Personal Service 
Contractors or institutional support contractors) in furtherance of the 
contractor's performance on behalf of USAID under a contract, including 
contracts that support the partner-vetting program.
    (6) To the National Archives and Records Administration (NARA), for 
the purposes of records-management inspections conducted under the 
authority of Sections 2904 and 2906 of Title 44 of the U.S.C. and in 
its role as Archivist.
    (7) To appropriate Federal Departments and Agencies, entities, and 
persons when: (a) USAID suspects or has confirmed that there has been a 
breach of the system of records; (b) USAID has determined that as a 
result of the suspected or confirmed breach there is a risk of harm to 
individuals, USAID (including its information systems, programs, and 
operations), the Federal Government, or national security; and (c) the 
disclosure made to such Departments and Agencies, entities, and persons 
is reasonably necessary to assist in connection with USAID's efforts to 
respond to the suspected or confirmed breach, or to prevent, minimize, 
or remedy such harm.
    (8) To the Office of Management and Budget (OMB), in connection 
with review of private relief legislation, as set forth in OMB Circular 
A-19, at any stage of the legislative coordination and clearance 
process, as set forth in that Circular.
    (9) To another Federal Department or Agency or Federal entity, when 
USAID determines information from this system of records is reasonably 
necessary to assist the recipient Department or Agency or entity in: 
(a) Responding to a suspected or confirmed breach; or (b) preventing, 
minimizing, or remedying the risk of harm to individuals, the recipient 
agency or entity (including its information systems, programs and 
operations), the Federal Government, or national security, that might 
result from a suspected or confirmed Breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    USAID stores records in this system in electronic format. USAID's 
staff collect paper records that contain information for 
counterterrorism vetting when USAID's partners need to submit required 
information other than electronically. USAID's policy is that, 
following the entry of information contained in such paper copies into 
PVS, our staff must dispose of the paper copies properly, in accordance 
with the Agency's procedures for handling information.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    USAID's staff retrieves records in PVS by individual name, date of 
birth, place of birth, passport numbers, or other identifying data 
specified under ``Categories of Records'' in the system, as well as 
Mission/Program/Department, old awardee identification number (ID), 
awardee ID, alias, city, vetting status, vetting priority, vetting 
date, date of final determination, or date USAID created the record.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    PVS follows NARA Records Schedule Number DAA-0286-2017-0001. USAID 
maintains vetting records for nine years after making an eligible or 
ineligible decision, regardless of award status.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    For electronic records: USAID maintains PVS records in a secure 
cloud database managed by Amazon Web Services on behalf of the Agency. 
The database is subject to non-disclosure

[[Page 3111]]

agreement rules of engagement administered by AID Form 545-5. USAID 
restricts access to vetting requests and results stored in the PVS 
database to users who are U.S. Government personnel and authorized 
contractors who need to know this information to perform their duties, 
who can include the USAID workforce hired and/or appointed by our 
Missions, Bureaus, and Independent Offices involved in conducting or 
supporting vetting. The PVS database is housed on, and accessed from, 
an unclassified computer network. USAID stores vetting results, the 
analysis of their content, and classified comments separately, outside 
of PVS, on appropriately classified networks. Computer networks and the 
PVS database require a user authentication and Agency approval. The 
Agency maintains and periodically reviews an audit trail to monitor 
access to the system. Authorized U.S. Government personnel receive 
instructions in the proper use and protection of PII.
    For paper records: USAID keeps paper vetting records in an approved 
security container at our Washington headquarters, and at the relevant 
locations that conduct vetting-related activities. Access to these 
records is limited to those authorized U.S. Government personnel and 
authorized contractors who have a need for the records in the 
performance of their official duties. USAID does not keep classified 
records within PVS.

RECORD ACCESS PROCEDURES:
    Under the Privacy Act, individuals may request access to records 
about themselves. These individuals must be limited to citizens of the 
United States or aliens lawfully admitted for permanent residence. If a 
Federal Department or Agency or a person who is not the individual who 
is the subject of the records, requests access to records about an 
individual, the written consent of the individual who is the subject of 
the records is required.
    Requesters may submit requests to USAID for records under the 
Privacy Act in the following ways: (1) By mail to the Freedom of 
Information Act (FOIA) Office in the Information and Records Division 
of the Office of Management Services within USAID's Bureau for 
Management, 1300 Pennsylvania Avenue NW, Room 2.07C, Ronald Reagan 
Building, Washington, DC 20523-2701; (2) via facsimile to 202-216-3070; 
(3) via email to [email protected]; (4) on the USAID website, at 
www.usaid.gov/foia-requests; or, (5) in person during regular business 
hours at USAID, 1300 Pennsylvania Avenue NW, Room 2.07C, Ronald Reagan 
Building, Washington, DC 20523-2701, or at USAID's overseas Missions.
    Requesters who use methods 1 through 4 above may provide a written 
statement, or may complete and submit USAID Form 507-2, Freedom of 
Information/Privacy Act Record Request Form, which is available in the 
following ways: (a) On the USAID website, at www.usaid.gov/foia-requests; (b) by email request to [email protected]; or, (c) by writing to 
USAID's FOIA Office in the Information and Records Division of the 
Office of Management Services within USAID's Bureau for Management, 
1300 Pennsylvania Avenue NW, Room 2.07C, Ronald Reagan Building, 
Washington, DC 20523-2701. Requesters must provide information that is 
necessary to identify the records, including the following: The 
requester's full name; present mailing address; home telephone; work 
telephone; name of subject, if other than the requester; the 
requester's relationship to subject; a description of the type of 
information or specific records; and the purpose of requesting the 
information. Requesters should provide the system of record (in this 
case, PVS) identification name and number, if known; and, to facilitate 
the assembly of records retrieved by Social Security Numbers, the 
Social Security Number of the individual to whom the record or records 
pertain.
    In addition, requesters who use methods 1 through 4 above must 
include proof of their identity by providing copies of two (2) source 
documents notarized by a valid, unexpired notary public. Acceptable 
proof-of-identity source documents include an unexpired United States 
passport; Social Security Card (both sides); unexpired U.S. Government 
employee identity card; unexpired driver's license or identification 
card issued by a state or United States possession, provided that it 
contains a photograph; a certificate of United States citizenship; a 
certificate of naturalization; a card that shows permanent residence in 
the United States; a United States alien registration receipt card with 
photograph; a United States military identification card or draft 
record; or a United States military dependent's identification card.
    A requester who use methods 1 through 4 above also must provide a 
signed and notarized statement that he or she is the person named in 
the request; that he or she understands that any falsification of this 
statement is punishable under the provision of Section 1001 of Title 18 
of the U.S.C. by a fine, or by imprisonment of not more than five years 
or, if the offense involves international or domestic terrorism (as 
defined in Section 2331 of the statute), imprisonment of not more than 
eight years, or both; and that requesting or obtaining records under 
false pretenses is punishable under the provisions of Section 
552a(i)(3) of Title 5 of the U.S.C. as a misdemeanor, and by a fine of 
not more than $5,000.
    Requesters who use method 5 above must provide such personal 
identification as is reasonable under the circumstances to verify their 
identity, including the following: An unexpired United States passport; 
Social Security Card; unexpired U.S. Government employee identity card; 
un-expired driver's license or identification card issued by a state or 
United States possession, provided that it contains a photograph; a 
certificate of United States citizenship; a certificate of 
naturalization; a card that shows permanent residence in the United 
States; a United States alien registration receipt card with 
photograph; a United States military identification card or draft 
record; or a United States military dependent's identification card.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedure.

NOTIFICATION PROCEDURES:
    See Record Access Procedure.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Portions of USAID's PVS are exempt from one or more provisions of 
the Privacy Act (74 FR 9).
    Exempt information in this system includes, but is not limited to, 
the following:
     Results generated from the screening of individuals 
covered by this notice;
     Intelligence and law-enforcement information related to 
national security; and
     National-security vetting and counterterrorism screening 
information, provided to USAID by other Departments and Agencies.
    Section 215.13 of Part 215 of Title 22 of the Code of Federal 
Regulations, General Exemptions:
    (c) The systems of records USAID is exempt under Section (j)(2) of 
the Act, the provisions of the Act from which the Agency is exempting 
them, and the justification for the exemptions, appear below:
    (2) Partner-Vetting System (PVS). This system is exempt from 
Subsections (c)(3) and (4); (d); (e)(1), (2), and (3); (e)(4)(G), (H), 
and (I); (e)(5) and (8); (f), (g), and (h) of Section 552a of Title 5 
of the U.S.C. These exemptions are

[[Page 3112]]

necessary to insure the proper functioning of the law-enforcement 
activity, to protect confidential sources of information, to fulfill 
promises of confidentiality, to maintain the integrity of law-
enforcement procedures, to avoid premature disclosure of the knowledge 
of criminal activity and the evidentiary basis of possible enforcement 
actions, to prevent interference with law-enforcement proceedings, to 
avoid the disclosure of investigative techniques, to avoid endangering 
law-enforcement personnel, to maintain the ability to obtain candid and 
necessary information, to fulfill commitments made to sources to 
protect the confidentiality of information, to avoid endangering these 
sources, and to facilitate the proper selection or continuance of the 
best applicants or persons for a given position or contract. Although 
the primary functions of USAID are not of a law-enforcement nature, the 
mandate to ensure USAID's funding does not purposefully or 
inadvertently support entities or individuals deemed to be a risk to 
national security necessarily requires coordination with law-
enforcement and intelligence agencies as well as use of their 
information. The use of the information by these other Departments or 
Agencies necessitates the conveyance of these other systems exemptions 
to protect the information as stated. [57 FR 38277, Aug. 24, 1992, as 
amended at 74 FR 16, Jan. 2, 2009]
    Section 215.14 of Part 215 of Title 22 of the Code of Federal 
Regulation, Specific Exemptions:
    (c) The systems of records to be exempted under Section (k) of the 
Act, the provisions of the Act from which the Agency is exempting them, 
and the justification for the exemptions, appear below:
    (6) Partner Vetting System (PVS). This system is exempt under 
Subsections (k)(1), (k)(2), and (k)(5) of Section 552a of Title 5 of 
the U.S.C., and from the provisions of Subsections (c)(3); (d); (e)(1); 
(e)(4)(G), (H), (I); and (f).5 of Section 552a of U.S.C. 552a. USAID 
claims these exemptions to protect the materials required by Executive 
Order to be kept secret in the interest of national defense or foreign 
policy, to prevent subjects of investigation from frustrating the 
investigatory process, to ensure the proper functioning and integrity 
of law-enforcement activities, to prevent the disclosure of 
investigative techniques, to maintain the ability to obtain candid and 
necessary information, to fulfill commitments made to sources to 
protect the confidentiality of information, to avoid endangering these 
sources, and to facilitate the proper selection or continuance of the 
best applicants or persons for a given position or contract. [57 FR 
38277, Aug. 24, 1992, as amended at 74 FR 17, Jan. 2, 2009]

HISTORY:
    USAID established the PVS as a new system of records on August 27, 
2007 (72FR 39042).
    USAID modified the PVS system of records on January 10, 2013 (77 FR 
72319).

Celida Ann Malone,
Government Privacy Task Lead.
[FR Doc. 2021-00450 Filed 1-13-21; 8:45 am]
BILLING CODE 6116-02-P