[Federal Register Volume 86, Number 44 (Tuesday, March 9, 2021)]
[Notices]
[Pages 13545-13548]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-04857]


-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

[FR ID 17542]


Privacy Act of 1974; System of Records

AGENCY: Federal Communications Commission.

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: The Federal Communications Commission (FCC or Commission or 
Agency) proposes to add a new system of records, FCC/WCB-4, Consumer 
Challenge Process, to its inventory of records systems subject to the 
Privacy Act of 1974, as amended. This action is necessary to meet the 
requirements of the Privacy Act to publish in the Federal Register 
notice of the existence and character of records maintained by the 
Agency. The FCC maintains programs that require

[[Page 13546]]

telecommunication providers and carriers (Participants) to report 
service coverage or locations eligible for support to the FCC, such as 
the FCC's Digital Opportunity Data Collection (DODC) and the Universal 
Service Fund (USF) Eligible Location Adjustment Process (ELAP). Under 
these programs, consumers and third parties (collectively, 
Stakeholders) may challenge the service coverage or number of locations 
eligible for support (eligible locations) reported by Participants. The 
Consumer Challenge Process system of records contains personally 
identifiable information (PII) submitted by individuals, or third 
parties on behalf of individuals, needed to establish eligibility to 
challenge the accuracy of Participants' submissions, provide sufficient 
information for Participants to respond to a challenge, and create 
accurate maps of Participant coverage or eligible locations. To 
establish eligibility, prospective Stakeholders who are individuals 
must submit certain PII that will be used to verify their identities 
and their interest in receiving services from a Participant in the 
relevant geographic area, i.e., the coverage area for DODC, or the 
Participant's supported areas for ELAP. In certain programs, the PII 
will also be used to establish that the Stakeholders do not hold a 
controlling interest in a competitor. Once verified, Stakeholders may 
submit additional PII to establish that specific geolocations are 
eligible locations, such as evidence verifying ownership or occupancy 
of a location. Participation in any Consumer Challenge Process is 
voluntary.

DATES: This system of records will become effective on March 9, 2021. 
Written comments on the routine uses are due by April 8, 2021. The 
routine uses will become effective on April 8, 2021, unless written 
comments are received that require a contrary determination.

ADDRESSES: Send comments to Margaret Drake at [email protected] or at 
Federal Communications Commission, 45 L Street NE, Washington, DC 20554 
at 202-418-1707.

FOR FURTHER INFORMATION CONTACT:  Margaret Drake, 202-418-1707, or 
[email protected] (and to obtain a copy of the Narrative Statement that 
includes details of this proposed new system of records).

SUPPLEMENTARY INFORMATION: Depending on the program, the FCC or the 
Universal Service Administrative Company, in conjunction with and under 
the supervision of the FCC, will collect and maintain documentation in 
the system of records to verify the identity and eligibility of certain 
individuals to participate as Stakeholders in the process, including 
information that may link individuals to particular properties and/or 
commercial interests (e.g., geolocation coordinates, billing 
information).

SYSTEM NAME AND NUMBER:
    FCC/WCB-3, Consumer Challenge Process.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION(S):
    Federal Communications Commission (FCC), 45 L Street NE, 
Washington, DC 20554; and Universal Service Administrative Company 
(USAC), 700 12th Street NW, Suite 900, Washington, DC 20005.

SYSTEM MANAGER(S):
    The FCC and, in some cases, USAC on behalf of and under the 
supervision of the FCC.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    47 U.S.C. 151-154, 254; 47 CFR Sections 0.91, 0.291, 1.11.427, 
54.310; Connect America Fund, WC Docket No. 10-90 et al., Order on 
Reconsideration, 33 FCC Rcd 1380, 1390-92, paras. 23-28 (2018); Connect 
America Fund, WC Docket No. 10-90, 34 FCC Rcd 10395 (2019); 47 U.S.C. 
641-646; Establishing the Digital Opportunity Data Collection, WC 
Docket No. 19-195.

PURPOSE(S) OF THE SYSTEM:
    The Consumer Challenge Process system contains information to 
facilitate challenges to (1) Participant service reports under the DODC 
or other Commission adjustment programs, on a state-by-state basis, and 
(2) Participants' defined deployment obligations (and associated 
support) under the USF. In this system, the Commission or USAC, on 
behalf of the Commission, will gather information to verify the 
identity of prospective Stakeholders and their direct interests in 
receiving certain services in the relevant locations. The submitted PII 
may link one or more individuals to locations and/or commercial 
interests and services relating to such locations. In some 
circumstances, prospective Stakeholders must certify that they do not 
hold a controlling interest in one or more competitors of the 
Participant that they are challenging.

CATEGORIES OF INDIVDUALS COVERED BY THE SYSTEM:
    The individuals in this system include actual and potential 
consumers of fixed or mobile broadband services; individuals 
challenging mobile coverage in a specific area; and individuals who 
submit information to verify their eligibility to challenge a 
Participant's location data.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The records in this system may include name, address, email 
address, phone number, partial Social Security Number (or Tribal 
Identification Number if no Social Security Number is available), 
requests for broadband services, commercial records associated with the 
receipt of residential services and utilities, home ownership, land use 
rights (including building development), government forms, statements, 
authorizations, and certifications. Further, such records may include 
information confirming that individuals do not have a controlling 
interest in one or more competitors of the Participant being 
challenged.

RECORD SOURCE CATEGORIES:
    The information in the system is provided by individuals who are 
consumers of fixed or mobile broadband services, residents or property 
owners in areas where Participants have been authorized (or are 
eligible to be authorized) to receive universal service support through 
certain high-cost programs, and government agencies or other entities 
(e.g., consumer groups) who collect challenges from individuals and 
submit them in bulk.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed to authorized 
entities, as is determined to be relevant and necessary, outside the 
FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    1. Program Management--To USAC employees to conduct official duties 
associated with the management, operation, and oversight of the ELAP as 
directed by the Commission, including but not limited to, decisions to 
modify the number of locations (and associated support) that 
Participants must serve to satisfy their USF obligations.
    2. Third Party Contractors--To an employee of any third-party 
contractor engaged by USAC or the Commission to, among other things, 
develop IT systems or applications; conduct the Stakeholder eligibility 
verification process; verify the completeness and accuracy of 
Participants' coverage information;

[[Page 13547]]

develop and maintain relevant maps; and, develop the Commission order 
modifying the Participants' defined deployment obligation.
    3. Participants--Stakeholder challenge information, including 
Stakeholder contact information, geolocation, and other location 
information (e.g., the number of units at a location) will be made 
available to relevant Participants for the purposes of allowing them to 
file a reply to Stakeholder challenges.
    4. Stakeholders--For ELAP, Stakeholder contact information and 
certain other challenge information will be made available to other 
verified Stakeholders filing challenges in the same study area. Other 
Stakeholders include individuals, entities, and non-Federal agencies, 
including any State or local government, or agency thereof.
    5. Public--Stakeholder geolocation information may be included on 
coverage maps published on the FCC and/or USAC websites.
    6. Congressional Inquiries--To a Congressional office from the 
record of an individual in response to an inquiry from that 
Congressional office made at the written request of that individual.
    7. Government-Wide Program Management and Oversight--To the 
Department of Justice (DOJ) to obtain that department's advice 
regarding disclosure obligations under the Freedom of Information Act 
(FOIA); or to the Office of Management and Budget (OMB) to obtain that 
office's advice regarding obligations under the Privacy Act.
    8. Law Enforcement and Investigation--To appropriate Federal, 
State, local, or Tribal agencies, authorities, and officials 
responsible for investigating, prosecuting, enforcing, or implementing 
a statute, rule, regulation, or order, where the FCC becomes aware of 
an indication of a violation or potential violation of a civil or 
criminal statute, law, regulation, or order.
    9. Adjudication and Litigation--To the Department of Justice (DOJ), 
or to a court or adjudicative body before which the FCC is authorized 
to appear, when: (a) The FCC or any component thereof; or (b) any 
employee of the FCC in his or her official capacity; or (c) any 
employee of the FCC in his or her individual capacity where the DOJ or 
the FCC have agreed to represent the employee; or (d) the United States 
is a party to litigation or have an interest in such litigation, and 
the use of such records by the DOJ or the FCC is deemed by the FCC to 
be relevant and necessary to the litigation.
    10. Breach Notification--To appropriate agencies, entities, and 
persons when: (a) The Commission suspects or has confirmed that there 
has been a breach of the system of records; (b) the Commission has 
determined that as a result of the suspected or confirmed breach there 
is a risk of harm to individuals, the Commission (including its 
information systems, programs, and operations), the Federal Government, 
or national security; and (c) the disclosure made to such agencies, 
entities, and persons is reasonably necessary to assist in connection 
with the Commission's efforts to respond to the suspected or confirmed 
breach or to prevent, minimize, or remedy such harm.
    11. Assistance to Federal Agencies and Entities--To another Federal 
agency or Federal entity, when the Commission determines that 
information from this system is reasonably necessary to assist the 
recipient agency or entity in: (a) Responding to a suspected or 
confirmed breach or (b) preventing, minimizing, or remedying the risk 
of harm to individuals, the recipient agency or entity (including its 
information systems, program, and operations), the Federal Government, 
or national security, resulting from a suspected or confirmed breach.
    12. Prevention of Fraud, Waste, and Abuse Disclosure--To Federal 
agencies, non-Federal entities, their employees, and agents (including 
contractors, their agents or employees; employees or contractors of the 
agents or designated agents); or contractors, their employees or agents 
with whom the FCC or USAC has a contract, service agreement, or 
cooperative agreement, for the purpose of: (1) Detection and prevention 
of fraud, waste, and abuse in Federal programs administered by a 
Federal agency or non-Federal entity; (2) detection of fraud, waste, 
and abuse by individuals in their operations and programs, but only to 
the extent that the information shared is necessary and relevant to 
verify and audit information necessary to determine whether the 
participant carrier has intentionally or through negligence, reduced 
its universal service obligations to exclude locations in eligible 
areas that are the most difficult and/or expensive to serve.

REPORTING TO A CONSUMER REPORTING AGENCY:
    In addition to the routine uses listed above, the Commission may 
share information from this system of records with a consumer reporting 
agency regarding an individual who has not paid a valid and overdue 
debt owed to the Commission, following the procedures set out in the 
Debt Collection Act, 31 U.S.C. 3711(e).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The system is maintained in secure, limited access areas. 
Electronic files are maintained in the FCC or USAC network 
accreditation boundaries. Physical entry by unauthorized persons is 
restricted through use of locks, passwords, and other security 
measures. Paper documents and other physical records, if any, will be 
kept in locked, controlled access areas until digitized and then 
destroyed.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information in this system can be retrieved by various identifiers, 
which may include Stakeholder name, Social Security Number (Tribal 
Identification Number if Social Security Number is not available), 
physical address, geolocation coordinates, property information, email 
address, telephone number, competitive interests, and supporting 
evidence.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    1. The National Archives and Records Administration (NARA) 
established records schedule number DAA-0173-2017-0001-001 for the 
Universal Service High Cost Program Files. In accordance with this 
records schedule, the FCC and USAC, as appropriate, will maintain all 
information in the ELAP system of records for ten (10) years after cut-
off, or when no longer needed for business or audit purposes, whichever 
comes later. Cut-off is determined as the end of the calendar year from 
the date an item is filed or prepared. Disposal of obsolete or out-of-
date paper documents and files is by shredding only. Electronic data, 
files, and records are destroyed by electronic erasure in compliance 
with National Institute of Standards and Technology (NIST) guidelines.
    2. Information in this system of records that is not collected or 
maintained in connection with the CAF Program Files, including DODC 
challenge data, will be maintained in accordance with General Records 
Schedule 5.2, Item 20, which provides that records will be destroyed 
upon verification of successful creation of the final document or file, 
or when no longer needed for business use, whichever is later.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    1. ELAP-related data: The electronic data, records, and files will 
be stored within the High-Cost Broadband Portal (HCBP) system 
accreditation boundaries. The FCC will oversee the

[[Page 13548]]

management of the HCBP system, including USAC's records management 
activities. After a Participant window for filing replies to 
Stakeholder information closes, access to the electronic files is 
restricted to the FCC staff and its contractors and subcontractors, as 
well as USAC and its contractors and subcontractors who carry out ELAP 
functions and activities. Other FCC employees and contractors and USAC 
employees, contractors, and subcontractors may be granted access only 
on a need-to-know basis. The data are protected by the FCC and USAC 
security safeguards, a comprehensive and dynamic set of information 
technology (IT) safety and security protocols and features that are 
designed to meet all Federal IT standards, including, but not limited 
to, those required by the Federal Information Security Modernization 
Act of 2014 (FISMA), the Office of Management and Budget (OMB), and 
NIST.
    Employees of the FCC and USAC may print paper copies of these ELAP 
electronic records for various short-term uses, as necessary. Paper 
copies will be stored in locked file cabinets when not in use. Physical 
entry by unauthorized persons where this information is stored is 
restricted through use of locks, passwords, and other security 
measures. Only authorized FCC and USAC employees may have access to 
these documents. Participants receiving access to the ELAP portion of 
the HCBP system will be prohibited from printing paper copies when such 
information contains PII, although they will be permitted to download 
redacted versions of such information.
    2. Non-ELAP data: The electronic records, files, and data are 
stored within FCC accreditation boundaries. Access to the electronic 
files is restricted to IT staff, contractors, and vendors who maintain 
the networks and services. Other FCC employees, contractors, vendors, 
and users may be granted access on a need-to- know basis. The FCC's 
data are protected by the FCC and privacy safeguards, a comprehensive 
and dynamic set of IT safety and security protocols and features that 
are designed to meet all Federal IT privacy standards, including those 
required by FISMA, OMB, and NIST. Paper copies will be stored in locked 
file cabinets when not in use. Physical entry by unauthorized persons 
where this information is stored is restricted through use of locks, 
passwords, and other security measures. Only authorized FCC employees 
and contractors may have access to these documents.

RECORDS ACCESS PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about themselves should follow the Notification Procedure 
below.

CONTESTING RECORDS PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about them should follow the Notification Procedure below.

NOTIFICATION PROCEDURES:
    Individuals wishing to determine whether this system of records 
contains information about them may do so by writing to Margaret Drake 
at [email protected] or Federal Communications Commission, 45 L Street 
NE, Washington, DC 20554, 202-418-1707.
    Individuals requesting access must also comply with the FCC's 
Privacy Act regulations regarding verification of identity and access 
to records (47 CFR part 0, subpart E).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This is a new system of records.

Federal Communications Commission.
Marlene Dortch,
Secretary.
[FR Doc. 2021-04857 Filed 3-8-21; 8:45 am]
BILLING CODE 6712-01-P