[Federal Register Volume 87, Number 131 (Monday, July 11, 2022)]
[Notices]
[Pages 41098-41101]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-14704]


-----------------------------------------------------------------------

DEPARTMENT OF AGRICULTURE

Animal and Plant Health Inspection Service

[Docket No. APHIS-2014-0062]


Privacy Act of 1974; System of Records

AGENCY: Animal and Plant Health Inspection Service, USDA.

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: The Animal and Plant Health Inspection Service proposes to add 
a system of records to its inventory of records systems subject to the 
Privacy Act of 1974, as amended. The system of records is the Smuggling 
Interdiction and Trade Compliance (SITC) National Information 
Communication Activity System (SNICAS), USDA/APHIS-21. This notice is 
necessary to meet the requirements of the Privacy Act to publish in the 
Federal Register notice of the existence and character of record 
systems maintained by the agency.

DATES: In accordance with 5 U.S.C. 552a(e)(4) and (11), this notice is 
applicable upon publication, subject to a 30-day notice and comment 
period in which to comment on the routine uses described below. Please 
submit any comments by August 10, 2022.

ADDRESSES: You may submit comments by either of the following methods:
     Federal eRulemaking Portal: Go to http://www.regulations.gov. Enter APHIS-2014-0062 in the Search field. Select 
the Documents tab, then select the comment button in the list of 
documents.
     Postal Mail/Commercial Delivery: Send your comment to 
Docket No. APHIS-2014-0062, Regulatory Analysis and Development, PPD, 
APHIS, Station 3A-03.8, 4700 River Road Unit 118, Riverdale, MD 20737-
1238.
    Supporting documents and any comments we receive on this docket may 
be viewed at http://www.regulations.gov or in our reading room, which 
is located in room 1620 of the USDA South Building, 14th Street and 
Independence Avenue SW, Washington, DC. Normal reading room hours are 8 
a.m. to 4:30 p.m., Monday through Friday, except holidays. To be sure 
someone is there to help you, please call (202) 799-7039 before coming.

FOR FURTHER INFORMATION CONTACT: For general questions, please contact 
Mr. Kristian Rondeau, Director Field Operations, District 6, 2150 
Centre Avenue, Building B, Fort Collins, CO 80526; (970) 494-7563. For 
Privacy Act questions concerning this system of records notice, please 
contact Ms. Tonya Woods, Director, Freedom of Information and Privacy 
Act Staff, 4700 River Road Unit 50, Riverdale, MD 20737; (301) 851-
4076; email: [email protected]. For USDA Privacy Act questions, 
please contact the USDA Chief Privacy Officer, Information Security 
Center, Office of Chief Information Officer, USDA, Jamie L. Whitten 
Building, 1400 Independence Ave. SW, Washington, DC 20250; email: 
[email protected].

SUPPLEMENTARY INFORMATION: Pursuant to the provisions of the Privacy 
Act of 1974 (5 U.S.C. 552a), notice is given that the Animal and Plant 
Health Inspection Service (APHIS) of the U.S. Department of Agriculture 
(USDA) is proposing to add a new system of records, entitled USDA/
APHIS-21, Smuggling Interdiction and Trade Compliance (SITC) National 
Information Communication Activity System (SNICAS), to maintain a 
record of activities conducted by the agency pursuant to its mission 
and responsibilities authorized by the Plant Protection Act (7 U.S.C. 
7701 et seq.); the Animal Health Protection Act (7 U.S.C. 8301 et 
seq.); and the Honey Bee Act (7 U.S.C. 281 et seq.). The purpose of the 
system is to record data and information about APHIS' SITC activities 
nationwide. SITC is within APHIS' Plant Protection and Quarantine 
program.
    SNICAS supports the mission of SITC programs by providing, to SITC 
and other agency personnel, information that can be used to assist with 
detecting and preventing the unlawful entry and distribution into the 
United States of prohibited and/or non-compliant products that may 
harbor exotic plant and animal pests, diseases, or invasive species. 
SITC focuses on anti-smuggling and trade compliance efforts at ports of 
entry in the United States and in commerce to prevent the establishment 
of plant and animal pests and diseases, while maintaining the safety of 
U.S. ecosystems and natural resources. SITC is responsible for 
collecting, maintaining, and reviewing information to successfully and 
efficiently meet its mission.
    SNICAS consists of a web-based system and paper records and 
contains information related to commodities that have been physically 
inspected and/or surveyed by SITC. The system contains records 
pertaining to U.S. ports of entry and commerce locations that are 
inspected or surveyed during daily operations. SNICAS also maintains 
and communicates information associated with SITC operational and 
administrative activities.
    SITC officials use the information in SNICAS to identify and close 
pathways used for the introduction of prohibited commodities and those 
regulated commodities that lack the necessary certificates and permits 
to enter into U.S. commerce. SITC officials also use SNICAS to perform 
activities such as legal and regulatory actions; scientific research; 
risk, trend, pathway and targeting analyses; trade support; 
administrative and budgetary support; supervision and program 
management; and overall decision support services. Additionally, SITC 
officials use SNICAS to generate reports to evaluate the risk status of 
the commercial sites where regulated commodities are seized, the 
effectiveness of the program, and quality control of the data.
    APHIS will share information from the system pursuant to the 
requirements of the Privacy Act and, in the case of its routine uses, 
when the disclosure is compatible with the purpose for which the 
information was compiled. However, APHIS proposes to exempt some 
records in the system from certain Privacy Act requirements in 
accordance with 5 U.S.C. 552a(k)(2). APHIS proposes to exempt the 
system from Privacy Act requirements including subsections (c)(3); (d); 
(e)(1); (e)(4)(G),

[[Page 41099]]

(H), and (I); and (f). A proposed rule has been promulgated in 
accordance with the requirements of 5 U.S.C. 553(b), (c), and (d) and 
has been published in today's Federal Register \1\. An individual who 
is the subject of a record in this system may seek access to those 
records that are not exempt from the access provisions. A determination 
whether a record may be accessed will be made at the time a request is 
received.
---------------------------------------------------------------------------

    \1\ To view the proposed rule, go to www.regulations.gov and 
enter APHIS-2015-0008 in the Search field.
---------------------------------------------------------------------------

    A report on the new system of records, required by 5 U.S.C. 
552a(r), as implemented by Office of Management and Budget Circular A-
108, was sent to the Chairman, Committee on Homeland Security and 
Governmental Affairs, United States Senate; the Chairwoman, Committee 
on Oversight and Reform, House of Representatives; and the 
Administrator, Office of Information and Regulatory Affairs, Office of 
Management and Budget.

    Done in Washington, DC, this 21st day of June 2022.
Anthony Shea,
Administrator, Animal and Plant Health Inspection Service.

SYSTEM NAME AND NUMBER:
    USDA/APHIS-21, Smuggling Interdiction and Trade Compliance (SITC) 
National Information Communication Activity System (SNICAS)

SECURITY CLASSIFICATION:
    Sensitive but unclassified.

SYSTEM LOCATION:
    The Animal and Plant Health Inspection Service (APHIS), within the 
U.S. Department of Agriculture (USDA), maintains records in a 
Government-approved cloud server accessed through secure data centers 
in the continental United States. Paper files are held at various Plant 
Protection and Quarantine (PPQ) Smuggling Interdiction and Trade 
Compliance national, district, and field offices.

SYSTEM MANAGER:
    Deputy Administrator of Plant Protection and Quarantine, APHIS, 
USDA, 4700 River Road, Riverdale, MD 20737.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The Plant Protection Act (7 U.S.C. 7701 et seq.); the Animal Health 
Protection Act (7 U.S.C. 8301 et seq.); and the Honey Bee Act (7 U.S.C. 
281 et seq.).

PURPOSES OF THE SYSTEM:
    SITC focuses on anti-smuggling and trade compliance efforts at 
ports of entry in the United States and in commerce to prevent the 
establishment of plant and animal pests and diseases, while maintaining 
the safety of U.S. ecosystems and natural resources. SITC is 
responsible for collecting, maintaining, and reviewing information to 
successfully and efficiently meet its mission.
    The purpose of SNICAS is to record data and information about SITC 
activities nationwide. SNICAS supports the mission of SITC programs by 
providing, to SITC and other agency personnel, information that can be 
used to assist with detecting and preventing the unlawful entry and 
distribution into the United States of prohibited and/or non-compliant 
products that may harbor exotic plant and animal pests, diseases, or 
invasive species.
    SNICAS contains records pertaining to the U.S. ports of entry and 
commerce locations that are inspected or surveyed during daily 
operations. SNICAS also maintains and communicates information 
associated with SITC operational and administrative activities. The 
personally identifiable information within SNICAS is used by SITC 
officials to identify and close pathways used for the introduction of 
prohibited commodities and those regulated commodities that lack the 
necessary certificates and permits to enter into U.S. commerce.
    SITC officials also use SNICAS to perform activities such as legal 
and regulatory actions; scientific research; risk, trend, pathway and 
targeting analyses; trade support; administrative and budgetary 
support; supervision and program management; and overall decision 
support services. Additionally, SITC officials use SNICAS to generate 
reports to evaluate the risk status of the commercial sites where 
regulated commodities are seized, the effectiveness of the program, and 
quality control of the data.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    SNICAS contains personal and business identifiable information 
about individuals and companies who are associated with the 
importation, interstate, and/or intrastate movement of prohibited or 
restricted agricultural products along with any actions taken against 
said individual or company. The system also includes SITC employee 
information.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The categories of records maintained in the system consist of 
company/business or individual's name; contact information that 
includes address, telephone and fax numbers, and email address; 
personal identification number, which may include Social Security 
number or tax identification number; date of birth; gender; business 
affiliation; criminal history; inspection or survey date; conveyance 
type and identification (license plate, vehicle identification number); 
geospatial data of trade activity; identification of product(s) to 
include product name, photographs of seized product(s), country of 
origin, identification number, and bar codes; U.S. port of entry, 
crossing, or import location; witness statements; and any other 
supporting documentation. As required, SITC may also collect other 
information associated with products, seizures, trace requests, product 
pathways, recall activities, and intelligence or analysis background 
reviews.
    SITC employee information included in the system consists of name, 
title, work and email addresses, telephone number, badge number, SITC 
work unit, and area of coverage.
    As required, other information associated with products, seizures, 
trace requests, product pathways, recall activities, and intelligence 
or analysis background reviews may be saved in the system.

RECORD SOURCE CATEGORIES:
    SNICAS collects much of its information directly from individuals, 
Federal, State, Tribal, or local government and agencies, commercial 
entities, and companies/individuals that import, handle, distribute, or 
consume products that may be associated with the importation and/or 
interstate movement of prohibited or restricted agricultural products.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, records maintained in the system may be 
disclosed outside USDA, as follows, to the extent that such disclosures 
are compatible with the purposes for which the information was 
collected:
    (1) To Department of Homeland Security's Customs and Border 
Protection in conjunction with their cooperative mission to protect 
U.S. agriculture and natural resources;
    (2) To other Federal agencies, agricultural contractors, and 
Tribal,

[[Page 41100]]

State, county, and local government officials, to correlate activities 
due to overlapping authorities and functions in areas of agriculture, 
environment, human health, biological sciences, and consumer safety;
    (3) To cooperating Federal, Tribal, State, county, and local 
government officials or other individuals or entities performing or 
working on a contract, service, grant, cooperative agreement, or other 
assignment for USDA, when necessary to accomplish an agency function 
related to this system of records;
    (4) To appropriate law enforcement agencies, entities, and persons, 
whether Federal, foreign, State, local, or Tribal, or other public 
authority responsible for enforcing, investigating, or prosecuting an 
alleged violation or a violation of law or charged with enforcing, 
implementing, or complying with a statute, rule, regulation, or order 
issued pursuant thereto, when a record in this system on its face, or 
in conjunction with other records, indicates a violation or potential 
violation of law, whether civil, criminal, or regulatory in nature, and 
whether arising by general statute or particular program statute, or by 
regulation, rule, or court order issued pursuant thereto, if the 
information disclosed is relevant to any enforcement, regulatory, 
investigative, or prosecutive responsibility of the receiving entity;
    (5) To the Department of Justice when the agency, or any component 
thereof, or any employee of the agency in his or her official capacity, 
or any employee of the agency in his or her individual capacity where 
the Department of Justice has agreed to represent the employee, or the 
United States, in litigation, where the agency determines that 
litigation is likely to affect the agency or any of its components, is 
a party to litigation or has an interest in such litigation, and the 
use of such records by the Department of Justice is deemed by the 
agency to be relevant and necessary to the litigation; provided, 
however, that in each case, the agency determines that disclosure of 
the records to the Department of Justice is a use of the information 
contained in the records that is compatible with the purpose for which 
the records were collected;
    (6) To a court or adjudicative body in administrative, civil, or 
criminal proceedings when: (a) The agency or any component thereof; or 
(b) any employee of the agency in his or her official capacity; or (c) 
any employee of the agency in his or her individual capacity where the 
agency has agreed to represent the employee; or (d) the United States 
Government, is a party to litigation or has an interest in such 
litigation, and by careful review, the agency determines that the 
records is therefore deemed by the agency to be for a purpose that is 
compatible with the purpose for which the agency collected the records;
    (7) To appropriate agencies, entities, and persons when: (a) USDA 
suspects or has confirmed that there has been a breach of the system of 
records; (b) USDA has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, USDA 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (c) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with USDA's efforts to respond to the suspected or 
confirmed compromise and prevent, minimize, or remedy such harm;
    (8) To another Federal agency or Federal entity, when the USDA 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (a) responding to 
a suspected or confirmed breach or (b) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach;
    (9) To USDA contractors and other parties engaged to assist in 
administering the program, analyzing data, and conducting audits. Such 
contractors and other parties will be bound by the nondisclosure 
provisions of the Privacy Act;
    (10) To USDA contractors, partner agency employees or contractors, 
or private industry employed to identify patterns, trends, or anomalies 
indicative of fraud, waste, or abuse;
    (11) To a Congressional office from the record of an individual in 
response to any inquiry from that Congressional office made at the 
written request of the individual to whom the record pertains; and
    (12) To the National Archives and Records Administration (NARA) or 
to the General Services Administration for records management 
activities conducted under 44 U.S.C. 2904 and 2906.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Electronic and paper records are stored at locations listed under 
``System Location'' above. All documentation that exists in paper form 
is maintained by PPQ SITC officials nationwide, while electronic data 
are stored on hard disks within their work units or on the Azure cloud 
hosted by APHIS.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    SNICAS users can query and retrieve records on the following 
fields: Permit or emergency action notification form serial number, 
name of individual or business, address, and telephone number. Users 
can also search for records using a global search engine, quick list 
drop-down menu, or using the reports section of the system.
    Records cannot be retrieved by Social Security number, birthdate, 
vehicle identification number, and tax identification numbers. However, 
this information may be contained in attached documents. These attached 
documents can only be accessed through associated parent records, and 
these documents can only be viewed by authorized SITC officials.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    APHIS is in the process of requesting records disposition authority 
from NARA, and these records will be retained until appropriate 
disposition authority is obtained from NARA.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    SNICAS is a web-based system that can be accessed by individuals 
authorized by PPQ on a need-to-know basis. Authorized users can gain 
access to SNICAS records via a secure government network, which is only 
accessible after a user is added to the system by a system 
administrator and when the user logs onto the password-protected 
network. If the end user is away from their designated workstation, 
they can connect through the internet via a secure virtual private 
network connection. Security measures are in place to prevent outsiders 
from entering the system. Integrated Network Authentication is required 
for access to the system. The access control list for the database 
validates against the network identification of the user creating a 2-
layer authentication scheme. PPQ SITC personnel have access to all of 
the data in the system but are limited to certain actions based on 
their assigned role. Non-SITC personnel within the agency may be 
provided ``read-only'' access allowing

[[Page 41101]]

users to view all data within SNICAS but restricts editing or 
downloading data. These accounts use integrated network authentication 
to validate the end user and restrict access.
    Electronic records are stored on secure file servers. SNICAS users 
gain access to the system through the system administrator with 
designated user-defined roles and level of access. SNICAS users obtain 
user -identification accounts that allow password-protected access 
through the intranet. Access is only available to computers logged onto 
the APHIS network. Domain network logon credentials are used to 
validate a user's access against a list of allowed SNICAS logons kept 
within the database, creating a 2-tier validation strategy. The web-
based service identifies and validates USDA customers before they can 
access SNICAS.
    Paper files are maintained in a safeguarded environment with 
controlled access only by authorized personnel. SITC officers, 
analysts, and supervisors are in positions of public trust that require 
background investigations and security clearances. Employees are also 
required to complete appropriate training to learn requirements for 
safeguarding records maintained under the Privacy Act.
    SNICAS safeguards records and ensures that privacy requirements are 
met in accordance with Federal cyber security mandates. SNICAS provides 
continuous storage management, security administration, regular dataset 
backups, and contingency planning/disaster recovery.

RECORD ACCESS PROCEDURES:
    All requests for access to records must be in writing and should be 
submitted to the APHIS Privacy Act Officer, 4700 River Road Unit 50, 
Riverdale, MD 20737; or by facsimile (301) 734-5941; or by email 
[email protected]. In accordance with 7 CFR 1.112 (Procedures for 
requests pertaining to individual records in a record system), the 
request must include the full name of the individual making the 
request; the name of the system of records; and preference of 
inspection, in person or by mail. In accordance with 7 CFR 1.113, prior 
to inspection of the records, the requester shall present sufficient 
identification (e.g., driver's license, employee identification card, 
Social Security card, credit cards) to establish that the requester is 
the individual to whom the records pertain. In addition, if an 
individual submitting a request for access wishes to be supplied with 
copies of the records by mail, the requester must include with his or 
her request sufficient data for the agency to verify the requester's 
identity.

CONTESTING RECORD PROCEDURES:
    Individuals seeking to contest or amend records maintained in this 
system of records must direct their request to the address indicated in 
the ``RECORD ACCESS PROCEDURES'' paragraph, above and must follow the 
procedures set forth in 7 CFR 1.116 (Request for correction or 
amendment to record). All requests must state clearly and concisely 
what record is being contested, the reasons for contesting it, and the 
proposed amendment to the record.

NOTIFICATION PROCEDURES:
    Individuals may be notified if a record in this system of records 
pertains to them when the individuals request information utilizing the 
same procedures as those identified in the ``RECORD ACCESS PROCEDURES'' 
paragraph above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    The Agency has exempted this system from subsections (c)(3); (d); 
(e)(1); (e)(4)(G), (H), and (I); and (f) of the Privacy Act pursuant to 
5 U.S.C. 552a(k)(2). The exemptions will be applied only to the extent 
that the information in the system is subject to exemption pursuant to 
5 U.S.C. 552a(k)(2). A proposed rule has been promulgated in accordance 
with the requirements of 5 U.S.C. 553(b), (c), and (e) and has been 
published in today's Federal Register \1\.
---------------------------------------------------------------------------

    \1\ To view the proposed rule, go to www.regulations.gov and 
enter APHIS-2015-0008 in the Search field.
---------------------------------------------------------------------------

HISTORY:
    Not Applicable.

[FR Doc. 2022-14704 Filed 7-8-22; 8:45 am]
BILLING CODE 3410-34-P