[Federal Register Volume 87, Number 202 (Thursday, October 20, 2022)]
[Rules and Regulations]
[Pages 63904-63931]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-22723]



[[Page 63903]]

Vol. 87

Thursday,

No. 202

October 20, 2022

Part III





Department of the Treasury





-----------------------------------------------------------------------





31 CFR Part 1





Privacy Act Regulations; Final Rule

  Federal Register / Vol. 87, No. 202 / Thursday, October 20, 2022 / 
Rules and Regulations  

[[Page 63904]]


-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

31 CFR Part 1

RIN 1505-AC80


Privacy Act Regulations

AGENCY: Department of the Treasury.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: This final rule amends the Department of the Treasury's 
(Department) regulations under the Privacy Act of 1974, as amended. 
Treasury is revising these regulations to update certain provisions to 
reflect developments in Privacy Act case law and changes in the names 
of some of the Treasury bureaus and offices since the regulations were 
last updated. Additionally, the regulations are being updated to ensure 
compliance with requirements in the Social Security Number Fraud 
Prevention Act of 2017. This final rule adopts the July 25, 2022, 
proposed rule with minor changes.

DATES: This rule is effective November 21, 2022.

FOR FURTHER INFORMATION CONTACT: Ryan Law, Deputy Assistant Secretary 
for Privacy, Transparency and Records, 202-622-0930, extension 2 (this 
is not a toll-free number).

SUPPLEMENTARY INFORMATION:

Background

    This final rule updates the Department's Privacy Act (5 U.S.C. 
552a) regulations in 31 CFR part 1, subpart C, and revises Sec. Sec.  
1.20 (Purpose and scope of this subpart), 1.23 (Publication in the 
Federal Register--Notices of systems of records, general exemptions, 
specific exemptions, review of all systems), 1.24 (Disclosure of 
records to person other than the individual to whom they pertain), 1.25 
(Accounting of disclosures), 1.26 (Procedures for notification and 
access to records pertaining to individuals--format and fees for 
request for access), 1.27 (Procedures for amendment of records 
pertaining to individuals--format, agency review and appeal from 
initial adverse agency determination), 1.28 (Training, rules of 
conduct, penalties for non-compliance), 1.32 (Collection, Use, 
Disclosure and Protection of Social Security numbers), 1.35 
(Information forms), and 1.36 (Systems exempt in whole or in part from 
provisions of the Privacy Act and this part). Sections 1.20, 1.23, 
1.24, 1.25, 1.26, 1.27, 1.28, 1.32, 1.35, and 1.36 all address and 
reflect changes to Office of Management Budget (OMB) Circular A-108, 
``Federal Agency Responsibilities for Review, Reporting, and 
Publication Under the Privacy Act'' [81 FR 94424, December 23, 2016] in 
addition to the Social Security Number Fraud Prevention Act of 2017, 
Public Law 115-59; 42 U.S.C. 405.
    The rule also amends the Department's Privacy Act Regulations to 
account for issues that have arisen since the regulations were last 
updated. For example, these changes reflect additional privacy and 
civil liberties responsibilities delegated to the Treasury's Assistant 
Secretary for Management and changes to Sec.  1.20 reflect the creation 
of the new Special Inspector General for Pandemic Recovery, and all 
offices reporting to such official, including immediate staff. Section 
1.23 makes modifications to reflect changes to OMB Circular A-130, 
``Managing Information as a Strategic Resource.'' [81 FR 49689, July 
28, 2016] Section 1.24 includes modifications to correct errors 
discovered in the original publication of this regulation. These 
modifications include the addition of language to reflect the amendment 
of the Privacy Act by the Debt Collection Act of 1982 (which stated the 
circumstances under which Federal agencies could disclose individual 
records to consumer reporting agencies). In Sec. Sec.  1.25 and 1.26, 
clarifying changes are made to correct grammatical errors.
    In Sec. Sec.  1.27 and 1.35, minor changes were made to align with 
the authority vested in agencies to promulgate exemptions to certain 
provisions in the Privacy Act. Section 1.28 is updated to establish the 
roles and responsibilities of the Deputy Assistant Secretary for 
Privacy, Transparency, and Records to ensure compliance with the Senior 
Agency Official Privacy oversight requirements in OMB M-16-24, ``Role 
and Designation of Senior Agency Officials for Privacy'' in accordance 
with E.O. 13719, Establishment of the Federal Privacy Council.'' [81 FR 
7685, February 12, 2016]
    Within Sec.  1.32, Treasury formalized the policy for the use of 
Social Security numbers and added provisions to ensure compliance with 
the Social Security Number Fraud Prevention Act of 2017. Further, Sec.  
1.36 updates the Treasury systems that claim exemptions under sections 
(j)(2) and (k) (subsections 1-6) of the Privacy Act.
    Finally, the appendices to the current regulation were revised to 
reflect changes in the Treasury's organizational structure. Appendices 
pertaining to the Bureau of Public Debt and Financial Management 
Service have been deleted as these components were consolidated under 
the new Treasury Bureau of the Fiscal Service. A new Bureau of the 
Fiscal Service appendix (appendix G) was added to reflect this 
consolidation. Appendix E was added to reflect the creation of the 
Alcohol and Tobacco Tax and Trade Bureau (TTB). Appendices C (United 
States Customs Service), D (United States Secret Service), and J 
(Federal Law Enforcement Training Center) were deleted to reflect that 
these former bureaus are no longer part of Treasury.

Comments on the Proposed Rule

    Treasury received one comment on the proposed rule (July 25, 2022; 
87 FR 44049).
    Comment: ``We respectfully request that the Department of the 
Treasury update these regulations to replace the term `physician' with 
`licensed health care professional.' This will maintain the privacy 
protection that is in place, while also ensuring that an individual who 
selects a nurse practitioner, or other licensed health care 
professional, as their provider of choice, is authorized to designate 
that clinician as the recipient of their medical records.''
    Response: In the final rule, Treasury replaced references to 
``physician'' with ``health professional.''

Changes Between the Proposed Rule and Final Rule

    Except for the replacement of the term ``physician,'' as described 
above, this final rule makes no substantive changes to the regulatory 
text of the proposed rule.
    The Final Rule also reflects technical changes made to reflect 
modification of the names of some of the Treasury bureaus and offices 
since the regulations were last updated. The need for these technical 
modifications was discovered after publication of the proposed rule.

Regulatory Planning and Review

    This final rule has been determined to be not significant for 
purposes of review under Executive Order 12866.

Regulatory Flexibility Act

    The Regulatory Flexibility Act (RFA), 5 U.S.C. 601 et seq., 
requires agencies to prepare an initial regulatory flexibility analysis 
(IRFA) to determine the economic impact of the rule on small entities. 
A small entity is defined as either a small business, a small 
organization, or a small governmental jurisdiction; an individual is 
not a small entity. Section 605(b) of the RFA allows an agency to 
prepare a certification in lieu of an IRFA if the rule will not have a 
significant economic impact on a substantial number of small entities. 
Pursuant to 5 U.S.C. 605(b), it is hereby certified that this final 
rule will not have a significant economic impact on

[[Page 63905]]

a substantial number of small entities. The Privacy Act primarily 
affects individuals and not entities and the rule would impose no 
duties or obligations on small entities.

List of Subjects in 31 CFR Part 1

    Privacy.

    For the reasons stated in the preamble, the Department of the 
Treasury amends 31 CFR part 1 as follows:

PART 1--DISCLOSURE OF RECORDS

0
1. The authority citation for part 1 continues to read as follows:

    Authority:  5 U.S.C. 301, 552, 552a, 553; 31 U.S.C. 301, 321; 31 
U.S.C. 3717.


0
2. Revise subpart C to read as follows:
Subpart C--Privacy Act
Sec.
1.20 Purpose and scope of this subpart.
1.21 Definitions.
1.22 Requirements relating to systems of records.
1.23 Publication in the Federal Register--Notices of systems of 
records, general exemptions, specific exemptions, review of all 
systems.
1.24 Disclosure of records to person other than the individual to 
whom they pertain.
1.25 Accounting of disclosures.
1.26 Procedures for notification and access to records pertaining to 
individuals--format and fees for request for access.
1.27 Procedures for amendment of records pertaining to individuals--
format, agency review and appeal from initial adverse agency 
determination.
1.28 Training, rules of conduct, penalties for non-compliance.
1.29 Records transferred to Federal Records Center or National 
Archives of the United States.
1.30 Application to system of records maintained by Government 
contractors.
1.31 Sale or rental of mailing lists.
1.32 Collection, use, disclosure, and protection of Social Security 
numbers.
1.34 Guardianship.
1.35 Information forms.
1.36 Systems exempt in whole or in part from provisions of the 
Privacy Act and this part.
Appendix A to Subpart C of Part 1--Departmental Offices
Appendix B to Subpart C of Part 1--Internal Revenue Service
Appendix C to Subpart C of Part 1--Alcohol and Tobacco Tax and Trade 
Bureau
Appendix D to Subpart C of Part 1--Bureau of Engraving and Printing
Appendix E to Subpart C of Part 1--Bureau of the Fiscal Service
Appendix F to Subpart C of Part 1--United States Mint
Appendix G to Subpart C of Part 1--Office of the Comptroller of the 
Currency
Appendix H to Subpart C of Part 1--Financial Crimes Enforcement 
Network

Subpart C--Privacy Act


Sec.  1.20  Purpose and scope of this subpart.

    (a) The regulations in this subpart are issued to implement the 
provisions of the Privacy Act of 1974 (5 U.S.C. 552a). This subpart 
applies to all records which are contained in systems of records 
maintained by the Department of the Treasury (Department or Treasury). 
They do not relate to those personnel records of Federal Government 
employees, which are under the Office of Personnel Management's (OPM) 
jurisdiction to the extent such records are subject to OPM regulations. 
This subpart applies to all Treasury components. Any reference in this 
subpart to the Department or its officials, employees, or records must 
be deemed to refer also to the components or their officials, 
employees, or records. This subpart sets forth the requirements 
applicable to Treasury employees (including, to the extent required by 
the contract or 5 U.S.C. 552a(m), Government contractors and employees 
of such contractors) maintaining, collecting, using, or disseminating 
records pertaining to individuals. They also set forth the procedures 
by which individuals may request notification of whether the Treasury 
maintains or has disclosed a record pertaining to them or may seek 
access to such records maintained in any nonexempt system of records, 
request correction of such records, appeal any initial adverse 
determination of any request for amendment, or seek an accounting of 
disclosures of such records. For the convenience of interested persons, 
Treasury components may reproduce the regulations in this subpart in 
their entirety (less any appendices not applicable to the component in 
question) in those titles of the Code of Federal Regulations (CFR) 
which normally contain regulations applicable to such components. In 
connection with such reproduction, and at other appropriate times, 
components may issue supplementary regulations applicable only to the 
component in question, which are consistent with the regulations in 
this subpart. In the event of any actual or apparent inconsistency, the 
Departmentwide regulations in this subpart must govern. Individuals 
interested in the records of a particular component should, therefore, 
also consult the Code of Federal Regulations for any rules or 
regulations promulgated specifically with respect to that component 
(see the appendices to this subpart for cross references). The head of 
each component is hereby also authorized to substitute other 
appropriate officials for those designated and correct addresses 
specified in the appendix to this subpart applicable to the component. 
For purposes of this subpart, Treasury components consist of the 
following offices and bureaus:
    (1) The Departmental Offices, which include the offices of:
    (i) The Secretary of the Treasury, including immediate staff;
    (ii) The Deputy Secretary of the Treasury, including immediate 
staff;
    (iii) The Chief of Staff, including immediate staff;
    (iv) The Executive Secretary of the Treasury, and all offices 
reporting to such official, including immediate staff;
    (v) Under Secretary for the Office of International Affairs, and 
all offices reporting to such official, including immediate staff;
    (vi) Assistant Secretary for the Office of International Trade and 
Development, and all offices reporting to such official, including 
immediate staff;
    (vii) Assistant Secretary for the Office of International Finance, 
and all offices reporting to such official, including immediate staff;
    (viii) Assistant Secretary for the Office of Investment Security, 
and all offices reporting to such official, including immediate staff;
    (ix) Under Secretary for the Office of Domestic Finance, and all 
offices reporting to such official, including immediate staff;
    (x) Assistant Secretary for the Office of Financial Institutions, 
and all offices reporting to such official, including immediate staff;
    (xi) Assistant Secretary for the Office of Financial Markets, and 
all offices reporting to such official, including immediate staff;
    (xii) Assistant Secretary for the Office of the Fiscal Service, and 
all offices reporting to such official, including immediate staff;
    (xiii) Under Secretary for the Office of Terrorism & Financial 
Intelligence, and all offices reporting to such official, including 
immediate staff;
    (xiv) Assistant Secretary for the Office of Terrorist Financing and 
Financial Crimes, and all offices reporting to such official, including 
immediate staff;
    (xv) Assistant Secretary for the Office of Intelligence and 
Analysis, and all offices reporting to such official, including 
immediate staff;
    (xvi) Office of General Counsel and all offices reporting to such 
official, including immediate staff; except legal counsel to the 
components listed in paragraphs (a)(23) through (26) and (b) through 
(h) of this section;
    (xvii) Treasurer of the United States including immediate staff;

[[Page 63906]]

    (xviii) Assistant Secretary for the Office for Legislative Affairs, 
and all offices reporting to such official, including immediate staff;
    (xix) Assistant Secretary for the Office of Management, and all 
offices reporting to such official(s), including immediate staff;
    (xx) Assistant Secretary for the Office of Public Affairs, and all 
offices reporting to such official, including immediate staff;
    (xxi) Assistant Secretary for the Office of Economic Policy, and 
all offices reporting to such official, including immediate staff;
    (xxii) Assistant Secretary for the Office of Tax Policy, and all 
offices reporting to such official, including immediate staff;
    (xxiii) The Inspector General and all offices reporting to such 
official, including immediate staff;
    (xxiv) The Treasury Inspector General for Tax Administration, and 
all offices reporting to such official, including immediate staff;
    (xxv) The Special Inspector General, Troubled Asset Relief Program, 
and all offices reporting to such official, including immediate staff;
    (xxvi) The Special Inspector General for Pandemic Recovery, and all 
offices reporting to such official, including immediate staff;
    (2) Alcohol and Tobacco Tax and Trade Bureau.
    (3) Internal Revenue Service.
    (4) Office of the Comptroller of the Currency.
    (5) Bureau of Engraving and Printing.
    (6) United States Mint.
    (7) Financial Crimes Enforcement Network.
    (8) Bureau of the Fiscal Service.
    (b) For purposes of this subpart, the office of the legal counsel 
for the components listed in paragraphs (a)(1)(xxiii) through (xxvi) 
and (a)(2) through (8) of this section are to be considered a part of 
such components. Any office, which is now in existence or may after 
October 20, 2022 be established, which is not specifically listed or 
known to be a component of any of those listed in paragraphs (a)(1) 
through (8) of this section, must be deemed a part of the Departmental 
Offices for the purpose of this subpart.


Sec.  1.21  Definitions.

    (a) The term agency means agency as defined in 5 U.S.C. 552(e).
    (b) The term individual means a citizen of the United States or an 
alien lawfully admitted for permanent residence.
    (c) The term maintain includes maintain, collect, use, or 
disseminate.
    (d) The term record means any item, collection, or grouping of 
information about an individual that is maintained by the Treasury or 
its components. This includes, but is not limited to, the individual's 
education, financial transactions, medical history, and criminal or 
employment history and that contains the name, or an identifying 
number, symbol, or other identifying particular assigned to the 
individual, such as a finger or voice print or a photograph.
    (e) The term system of records means a group of any records under 
the control of the Treasury or any component from which information is 
retrieved by the name of the individual or by some identifying number, 
symbol, or other identifying particular assigned to the individual.
    (f) The term statistical record means a record in a system of 
records maintained for statistical research or reporting purposes only 
and not used in whole or part in making any determination about an 
identifiable individual, except as provided by 13 U.S.C. 8.
    (g) The term routine use means the disclosure of a record that is 
compatible with the purpose for which the record was collected.
    (h) The term component means a Treasury bureau or office as set 
forth in Sec.  1.20 and in the appendices to this subpart. (See 5 
U.S.C. 552a(a).)
    (i) The term request for access means a request made pursuant to 5 
U.S.C. 552a(d)(1).
    (j) The term request for amendment means a request made pursuant to 
5 U.S.C. 552a(d)(2).
    (k) The term request for accounting means a request made pursuant 
to 5 U.S.C. 552a(c)(3).
    (l) The term Privacy Act means the Privacy Act of 1974 (5 U.S.C. 
552a).


Sec.  1.22  Requirements relating to systems of records.

    (a) In general. Subject to 5 U.S.C. 552a(j) and (k) and Sec.  
1.23(c), each component shall, in conformance with the Privacy Act:
    (1) Maintain in its records only such information about an 
individual as is relevant and necessary to accomplish a purpose of the 
agency required to be accomplished by the statute or by Executive order 
of the President. (See 5 U.S.C. 552a(e)(1).)
    (2) Collect information to the greatest extent practicable directly 
from the subject individual when the information may result in adverse 
determinations about an individual's rights, benefits, and privileges 
under Federal programs. (See 5 U.S.C. 552a(e)(2).)
    (b) Requests for information from individuals. Subject to 5 U.S.C. 
552a(j) and Sec.  1.23(c)(1), each component of the Treasury shall 
inform each individual whom it asks to supply information, on the form 
which it uses to collect the information or on a separate form that can 
be retained by the individual:
    (1) The authority (whether granted by statute, or by Executive 
order of the President) which authorizes the solicitation of the 
information and whether disclosure of such information is mandatory or 
voluntary;
    (2) The principal purpose or purposes for which the information is 
intended to be used;
    (3) The routine uses which may be made of the information, as 
published pursuant to 5 U.S.C. 552a(e)(4)(D); and
    (4) The effects on such individual, if any, of not providing all or 
any part of the requested information. (See 5 U.S.C. 552a(e)(3).)
    (c) Report on new systems. Each component of the Treasury shall 
provide adequate advance notice to Congress and the Office of 
Management and Budget's (OMB) Office of Information and Regulatory 
Affairs (OIRA) any proposal to establish or alter any system of records 
in order to permit an evaluation of the probable or potential effect of 
such proposal on the privacy and other personal or property rights of 
individuals or the disclosure of information relating to such 
individuals, and its effect on the preservation of the constitutional 
principles of federalism and separation of powers. (See 5 U.S.C. 
552a(o).)
    (d) Accurate and secure maintenance of records. Each component 
shall:
    (1) Subject to 5 U.S.C. 552a(j) and Sec.  1.23(c)(1), maintain all 
records which are used in making any determination about any individual 
with such accuracy, relevance, timeliness, and completeness as is 
reasonably necessary to assure fairness to the individual in the 
determination (see 5 U.S.C. 552a(e)(5));
    (2) Prior to disseminating any record about an individual to any 
person other than an agency, unless the dissemination is made pursuant 
to the Privacy Act (see subpart A of this part), make reasonable 
efforts to assure that such records are accurate, complete, timely, and 
relevant for Department of the Treasury purposes (see 5 U.S.C. 
552a(e)(6)); and
    (3) Establish appropriate administrative, technical, and physical 
safeguards to insure the security and confidentiality of records and to 
protect against any anticipated threats or hazards to their security or 
integrity which could result in substantial harm,

[[Page 63907]]

embarrassment, inconvenience, or unfairness to any individual on whom 
information is maintained. (See 5 U.S.C. 552a(e)(10).)
    (i) System managers, with the approval of the head of their offices 
within a component, shall establish administrative and physical 
controls, consistent with Department regulations in this part, to 
insure the protection of records systems from unauthorized access or 
disclosure and from physical damage or destruction. The controls 
instituted shall be proportional to the degree of sensitivity of the 
records but at a minimum must insure that records other than those 
available to the general public under the Freedom of Information Act (5 
U.S.C. 552), are protected from public view, that the area in which the 
records are stored is supervised during all business hours and 
physically secure during nonbusiness hours to prevent unauthorized 
personnel from obtaining access to the records. Automated systems shall 
comply with the security standards promulgated by the National 
Institute of Standards and Technology (NIST).
    (ii) System managers, with the approval of the head of their 
offices within a component, shall adopt access restrictions to insure 
that access to the records is limited to those individuals within the 
agency who have a need to access the records in order to perform their 
duties. Procedures shall also be adopted to prevent accidental access 
to, or dissemination of, records.
    (e) Prohibition against maintenance of records concerning First 
Amendment rights. No component shall maintain a record describing how 
any individual exercises rights guaranteed by the First Amendment (e.g. 
speech), unless the maintenance of such record is:
    (1) Expressly authorized by statute; or
    (2) Expressly authorized by the individual about whom the record is 
maintained; or
    (3) Pertinent to and within the scope of an authorized law 
enforcement activity. (See 5 U.S.C. 552a(e)(7).)
    (f) Notification of disclosure under compulsory legal process. 
Subject to 5 U.S.C. 552a(j) and Sec.  1.23(c)(1), when records 
concerning an individual are subpoenaed by a Grand Jury, Court, or 
quasi-judicial agency, or disclosed in accordance with an ex parte 
court order pursuant to 26 U.S.C. 6103(i), the official served with the 
subpoena or court order shall make reasonable efforts to assure that 
notice of any disclosure is provided to the individual. Notice shall be 
provided within five working days of making the records available under 
compulsory legal process or, in the case of a Grand Jury subpoena or an 
ex parte order, within five days of its becoming a matter of public 
record. Notice shall be mailed to the last known address of the 
individual and shall contain the following information: the date and 
authority to which the subpoena is, or was returnable, or the date of 
and court issuing the ex parte order, the name and number of the case 
or proceeding, and the nature of the information sought and provided. 
Notice of the issuance of a subpoena or an ex parte order is not 
required if the system of records has been exempted from the notice 
requirement of 5 U.S.C. 552a(e)(8) and this section, pursuant to 5 
U.S.C. 552a(j) and Sec.  1.23(c)(1), by a Notice of Exemption published 
in the Federal Register. (See 5 U.S.C. 552a(e)(8).)
    (g) Emergency disclosure. If information concerning an individual 
has been disclosed to any person under compelling circumstances 
affecting health or safety, the individual shall be notified at the 
last known address within 5 days of the disclosure (excluding 
Saturdays, Sundays, and legal public holidays). Notification shall 
include the following information: The nature of the information 
disclosed, the person or agency to whom it was disclosed, the date of 
disclosure, and the compelling circumstances justifying the disclosure. 
Notification shall be given by the officer who made or authorized the 
disclosure. (See 5 U.S.C. 552a (b)(8).)


Sec.  1.23  Publication in the Federal Register--Notices of systems of 
records, general exemptions, specific exemptions, review of all 
systems.

    (a) Notices of systems of records to be published in the Federal 
Register. (1) The Office of the Federal Register publishes a biennial 
compilation of all system notices (``Privacy Act Issuances''), as 
specified in 5 U.S.C. 552a(f). In the interim (between biennial 
compilations), the Department must list and provide links on its 
website to complete, up-to-date versions of all Treasury system of 
records notices (SORNs), including citations and links to all Federal 
Register notices that reflect substantial modifications to each SORN.
    (2) In addition, the Department must publish in the Federal 
Register upon establishment or significant revision a notice of the 
existence and character of any new or significantly revised systems of 
records. Unless otherwise instructed, each notice must include:
    (i) The system name and number, and location of the system;
    (ii) The title and business address of the Treasury official who is 
responsible for the system of records;
    (iii) Security classification, and indication of whether any 
information in the system is classified;
    (iv) Authority for maintenance of the system, the specific 
authority that authorizes the maintenance of the records in the system;
    (v) Purpose(s) of the system, a description of the purpose(s) for 
maintaining the system;
    (vi) The categories of individuals on whom records are maintained 
in the system;
    (vii) The categories of records maintained in the system;
    (viii) The categories of sources of records in the system (see 5 
U.S.C. 552a(e)(4));
    (ix) Each routine uses of the records contained in the system, 
including the categories of users and the purpose of such use;
    (xx) The policies and practices of the component regarding storage, 
retrievability, access controls, retention, and disposal of the 
records;
    (xxi) The procedures of the component whereby an individual can be 
notified if the system of records contains a record pertaining to the 
individual, including reasonable times, places, and identification 
requirements;
    (xxii) The procedures of the component whereby an individual can be 
notified on how to gain access to any record pertaining to such 
individual that may be contained in the system of records, and how to 
contest its content;
    (xxiii) Exemptions promulgated for the system; and
    (xxiv) History (any previously published notices).
    (b) Notice of new or modified routine uses to be published in the 
Federal Register. At least 30 days prior to a new use or modification 
of a routine use, as published under paragraph (a)(3)(iv) of this 
section, Treasury must publish in the Federal Register notice of such 
new or modified use of the information in the system and allow for 
interested persons to submit written data, views, or arguments to the 
components. (See 5 U.S.C. 552a(e)(11).)
    (c) Promulgation of rules exempting systems from certain 
requirements--(1) General exemptions. In accordance with existing 
procedures applicable to a Treasury component's issuance of 
regulations, the head of each such component may adopt rules, in 
accordance with the requirements (including general notice) of 5 U.S.C. 
553(b)(1), (2), and (3), (c) and (e), to exempt any system of records 
within the component from any part of the Privacy

[[Page 63908]]

Act and the regulations in this subpart except subsections (b) (Sec.  
1.24, conditions of disclosure), (c)(1) (Sec.  1.25, keep accurate 
accounting of disclosures), (c)(2) (Sec.  1.25, retain accounting for 
five years or life of record), (e)(4)(A) through (F) (paragraph (a) of 
this section, publication of annual notice of systems of records), 
(e)(6) (Sec.  1.22(d), accuracy of records prior to dissemination), 
(e)(7) (Sec.  1.22(e), maintenance of records on First Amendment 
rights), (e)(9) (Sec.  1.28, establish rules of conduct), (e)(10) 
(Sec.  1.22(d)(3), establish safeguards for records), (e)(11) 
(paragraph (c) of this section, publish new intended use), and (i) 
(Sec.  1.28(c), criminal penalties) if the systems of records 
maintained by the component which performs as its principal function 
any activity pertaining to the enforcement of criminal laws, including 
police efforts to prevent, control, or reduce crime or to apprehend 
criminals, and the activities of prosecutors, courts, correctional, 
probation, pardon, or parole authorities, and which consists of:
    (i) Information compiled for the purpose of identifying individual 
criminal offenders and alleged offenders and consisting only of 
identifying data and notations of arrests, the nature and disposition 
of criminal charges, sentencing, confinement, release, and parole, and 
probation status;
    (ii) Information compiled for the purpose of a criminal 
investigation, including reports of informants and investigators, and 
associated with an identifiable individual; or
    (iii) Reports identifiable to an individual compiled at any stage 
of the process of enforcement of the criminal laws from arrest or 
indictment through release from supervision. (See 5 U.S.C. 552a(j).)
    (2) Specific exemptions. In accordance with existing procedures 
applicable to a Treasury component's issuance of regulations, the head 
of each such component may adopt rules, in accordance with the 
requirements (including general notice) of 5 U.S.C. 553(b)(1), (2), and 
(3), (c), and (e), to exempt any system of records within the component 
from 5 U.S.C. 552a(c)(3) (Sec.  1.25(c)(2), accounting of certain 
disclosures available to the individual), (d) (Sec.  1.26(a), access to 
records), (e)(1) (Sec.  1.22(a)(1), maintenance of information to 
accomplish purposes authorized by statute or executive order only), 
(e)(4)(G) (paragraph (a)(7) of this section, publication of procedures 
for notification), (e)(4)(H) (paragraph (a)(8) of this section, 
publication of procedures for access and contest), (e)(4)(I) (paragraph 
(a)(9) of this section, publication of sources of records), and (f) 
(Sec.  1.26, promulgate rules for notification, access and contest), if 
the system of records is:
    (i) Subject to the provisions of 5 U.S.C. 552(b)(1);
    (ii) Investigatory material compiled for law enforcement purposes, 
other than material within the scope of subsection (j)(2) of the 
Privacy Act and paragraph (a)(1) of this section. If any individual is 
denied any right, privilege, or benefit that such individual would 
otherwise be entitled to by Federal law, or for which such individual 
would otherwise be eligible, as a result of the maintenance of this 
material, provide such material to the individual, except to the extent 
that the disclosure of the material would reveal the identity of a 
source who furnished information to the Government under an express 
promise that the identity of the source would be held in confidence, or 
prior to September 27, 1975, under an implied promise that the identity 
of the source would be held in confidence;
    (iii) Maintained in connection with providing protective services 
to the President of the United States or other individuals pursuant to 
18 U.S.C. 3056;
    (iv) Required by statute to be maintained and used solely as 
statistical records;
    (v) Investigatory material compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, military service, Federal contracts, or access to 
classified information, but only to the extent that the disclosure of 
such material would reveal the identity of a source who furnished 
information to the Government under an express promise that the 
identity of the source would be held in confidence, or, prior to 
September 27, 1975, under an implied promise that the identity of the 
source would be held in confidence;
    (vi) Testing or examination material used solely to determine 
individual qualifications for appointment or promotion in the Federal 
service the disclosure of which would compromise the objectivity or 
fairness of the testing or examination process; or
    (vii) Evaluation material used to determine potential for promotion 
in the armed services, but only to the extent that the disclosure of 
such material would reveal the identity of a source who furnished 
information to the Government under an express promise that the 
identity of the source would be held in confidence, or, prior to 
September 27, 1975, under an implied promise that the identity of the 
source would be held in confidence.
    (3) Reasons for exemptions. As of November 21, 2022, the head of 
the component must include in the statement required under 5 U.S.C. 
553(c) the reasons why the system of records is to be exempted from a 
provision of the Privacy Act and this part. (See 5 U.S.C. 552a(j) and 
(k).)
    (d) Review and report to the Office of Management and Budget (OMB). 
The Department must ensure that the following reviews are conducted:
    (1) The Data Integrity Board must conduct a review of all matching 
programs in which the Department has participated during the calendar 
year and report to OMB of the following year.
    (2) Each component must perform the following reviews with a 
frequency sufficient to ensure compliance and manage risks:
    (i) Review the language of each contract that involves the 
creation, collection, use, processing, storage, maintenance, 
dissemination, disclosure, or disposal of information and ensure that 
the applicable requirements in the Privacy Act and OMB policies are 
enforceable on the contractor and its employees consistent with the 
agency's authority;
    (ii) Ensure that all routine uses remain appropriate and that the 
recipient's use of the records continues to be compatible with the 
purpose for which the information was collected;
    (iii) Ensure that each exemption claimed for a system of records 
pursuant to 5 U.S.C. 552a(j) and (k) remains appropriate and necessary;
    (iv) Ensure Departmental and component training practices are 
sufficient and that personnel understand the requirements of the 
Privacy Act, OMB guidance, the agency's implementing regulations and 
policies, and any job-specific requirements;
    (v) Review all component SORNs as needed to ensure they remain 
accurate, up-to-date, and appropriately scoped; that all SORNs are 
published in the Federal Register; that all SORNs include the 
information required by OMB Circular A-108; and that all significant 
changes to SORNs have been reported to OMB and Congress; and
    (vi) Be prepared to report to the Office of Privacy, Transparency, 
& Records, as part of the annual Federal Information Security 
Management Act (FISMA), as amended by the Federal Information Security 
Modernization Act of 2014, Public Law 113-283, reporting process, the 
results of the reviews conducted as required by this section, including 
any corrective action taken to resolve problems uncovered.

[[Page 63909]]

Sec.  1.24  Disclosure of records to person other than the individual 
to whom they pertain.

    (a) Conditions of disclosure. No component of Treasury is required 
to disclose any record which is contained in a system of records 
maintained by it by any means of communication to any person, or to 
another agency, except pursuant to a written request by, or with the 
prior written consent of, the individual to whom the record pertains, 
or the parent, if a minor, or legal guardian, if incompetent, of such 
individual, unless disclosure of the record would be:
    (1) To those offices and employees of the Treasury who have a need 
for the record in the performance of their duties;
    (2) Required under 5 U.S.C. 552 (subpart A of this part);
    (3) For a routine use as defined in 5 U.S.C. 552a(a)(7) and Sec.  
1.21(g) and as described under 5 U.S.C. 552a(e)(4)(D) and Sec.  
1.23(a)(4);
    (4) To the Bureau of the Census for the purposes of planning or 
carrying out a census or survey or related activity pursuant to the 
provisions of title 13 of the U.S. Code;
    (5) To a recipient who has provided the component with advance 
adequate written assurance that the record will be used solely as 
statistical research or reporting record, and the record is to be 
transferred in a form that is not individually identifiable;
    (6) To the National Archives and Records Administration as a record 
which has sufficient historical or other value to warrant its continued 
preservation by the United States Government, or for evaluation by the 
Administrator of the General Services Administration or the designee of 
such official to determine whether the record has such value;
    (7) To another agency or to an instrumentality of any governmental 
jurisdiction within or under the control of the United States for a 
civil or criminal law enforcement activity, if:
    (i) The activity is authorized by law; and
    (ii) The head of the agency or instrumentality has made a written 
request to the Treasury specifying the particular portion desired and 
the law enforcement activities for which the record is sought;
    (8) To a person pursuant to a showing of compelling circumstances 
affecting the health or safety of an individual, if upon such 
disclosure, notification is transmitted to the last known address of 
such individual;
    (9) To either House of Congress, or, to the extent a matter is 
within its jurisdiction, any committee or subcommittee thereof, any 
joint committee of Congress or subcommittee of any such joint 
committee;
    (10) To the Comptroller General, or the authorized representatives 
of such official, in the course of the performance of the duties of the 
Government Accountability Office;
    (11) Pursuant to the order of a court of competent jurisdiction 
(see 5 U.S.C. 552a(b)); or
    (12) To a consumer reporting agency in accordance with 13 U.S.C. 
3711(e).
    (b) [Reserved]


Sec.  1.25  Accounting of disclosures.

    (a) Accounting of certain disclosures. Each component, with respect 
to each system of records under its control, must:
    (1) Keep an accurate accounting of:
    (i) The date, nature, and purpose of each disclosure of a record to 
any person or to an agency made under 5 U.S.C. 552a(b) and Sec.  1.24; 
and
    (ii) The name and address of the person to whom or agency to which 
the disclosure is made;
    (2) Retain the accounting made under paragraph (a)(1) of this 
section for at least five years or the life of the record, whichever is 
longer, after the disclosure for which the accounting is made; and
    (3) Inform any person or other agency about any correction or 
notation of dispute made by the component in accordance with 5 U.S.C. 
552a(d) and Sec.  1.28 of any record that has been disclosed to the 
person or agency if an accounting of the disclosure was made. (See 5 
U.S.C. 552(c).)
    (b) Accounting systems. To permit the accounting required by 
paragraph (a) of this section, system managers, with the approval of 
the head of their offices within a component, must establish or 
implement a system of accounting for all disclosures of records, either 
orally or in writing, made outside the Department of the Treasury. 
Accounting records must:
    (1) Be established in the least expensive and most convenient form 
that will permit the system manager to advise individuals, promptly 
upon request, what records concerning them have been disclosed and to 
whom;
    (2) Provide, as a minimum, the identification of the particular 
record disclosed, the name and address of the person to whom or agency 
to which the record was disclosed, and the date, nature, and purpose of 
the disclosure; and
    (3) Be maintained for 5 years or until the record is destroyed or 
transferred to the National Archives and Records Administration or 
Federal Records Center for storage, in which event, the accounting 
pertaining to those records, unless maintained separately, must be 
transferred with the records themselves.
    (c) Exemptions from accounting requirements. No accounting is 
required for disclosure of records:
    (1) To those officers and employees of the Department of the 
Treasury who have a need for the record in the performance of their 
duties; or
    (2) If disclosure would be required under 5 U.S.C. 552 and subpart 
A of this part.
    (d) Access to accounting by individual. (1) Subject to paragraphs 
(c) and (d)(2) of this section, each component must establish {i{time}  
procedures for making the accounting required under paragraph (a) of 
this section available to the individual to whom the record pertains 
and {ii{time}  thereafter make such accounting available in accordance 
therewith at the request of the individual. The procedures may require 
the requester to provide reasonable identification. (See appendices A 
through H to this subpart.)
    (2) Access to accounting of disclosures may be withheld from the 
individual named in the record only if the disclosures were:
    (i) Made under 5 U.S.C. 552a (b)(7) and Sec.  1.24(a)(7); or
    (ii) Under a system of records exempted from the requirements of 5 
U.S.C. 552a(c)(3) in accordance with 5 U.S.C. 552(j) or (k) and Sec.  
1.23(c). (See 5 U.S.C. 552a(c).)


Sec.  1.26  Procedures for notification and access to records 
pertaining to individuals--format and fees for request for access.

    (a) Procedures for notification and access. Each component must, in 
accordance with the requirements of 5 U.S.C. 552a(d)(1), set forth in 
the appendix to this subpart applicable to such component procedures 
whereby an individual can be notified, in response to a request, if any 
system of records named by the individual contains a record pertaining 
to that individual. In addition, such procedures must set forth the 
requirements for access to such records. At a minimum, such procedures 
must specify the times during, and the places at which access will be 
afforded, together with such identification as may be required of the 
individual before access. (See 5 U.S.C. 552a(f)(1), (2) and (3).)
    (b) Access. Each component, in accordance with the procedures 
prescribed under paragraph (a) of this section, must allow an 
individual, upon request, to gain access to records or to

[[Page 63910]]

any information pertaining to such individual which is contained in a 
system of records. Permit the individual to review the record and have 
a copy made of all or any portion of the record in a comprehensible 
form. Also permit the individual to be accompanied by any person of the 
individual's choosing to review the record, except that the agency may 
require the individual to furnish a written statement authorizing 
discussion of that individual's record in the accompanying person's 
presence. (See 5 U.S.C. 552a(d)(1).)
    (c) Exceptions. Neither the procedures prescribed under paragraph 
(a) of this section nor the requirements for access under paragraph (b) 
of this section apply to:
    (1) Systems of records exempted pursuant to 5 U.S.C. 552a(j) and 
(k) and Sec.  1.23(c);
    (2) Information compiled in reasonable anticipation of a civil 
action or proceeding (see 5 U.S.C. 552(d)(5)); or
    (3) Information pertaining to an individual which is contained in, 
and inseparable from, another individual's record.
    (d) Format of request. (1) A request for notification of whether a 
record exists must:
    (i) Be made in writing and signed by the person making the request, 
who must be the individual about whom the record is maintained or such 
individual's duly authorized representative (see Sec.  1.34);
    (ii) State that it is made pursuant to the Privacy Act or the 
regulations in this subpart, or have ``Privacy Act Request'' written on 
both the request and on the envelope, if not submitted via a component-
provided electronic method;
    (iii) Give the name of the system or subsystem or categories of 
records to which access is sought, as specified in ``Privacy Act 
Issuances'' published by the Office of the Federal Register and 
referenced in the appendices to this subpart;
    (iv) Describe the nature of the record sought, the date of the 
record or the period in which the record was compiled or otherwise 
describe the record in sufficient detail to enable Department personnel 
to locate the system of records containing the record with a reasonable 
amount of effort;
    (v) Provide such identification of the requester as may be 
specified in the appropriate appendix to this subpart; and
    (vi) Be addressed or delivered in person or by a component-provided 
electronic method to the office or officer of the component indicated 
for the particular system or subsystem or categories of records to 
which the individual seeks access, as specified in ``Privacy Act 
Issuances'' published by the Office of the Federal Register and 
referenced in the appendices to this subpart. As explained in appendix 
A to this subpart, requesters may send a written request to the 
Departmental Offices seeking assistance in identifying the appropriate 
component or in preparing a request for notification. Requesters 
seeking such assistance should submit a written request addressed to 
the Departmental Offices at the address specified in appendix A to this 
part.
    (2) A request for access to records must, in addition to complying 
with paragraphs (d)(1)(i) through (vi) of this section:
    (i) State whether the requester wishes to inspect the records or 
desires to have a copy made and furnished without first inspecting 
them;
    (ii) If a requester wants a copy of their records, they must 
clearly state in the request that they agree to pay the fees for 
duplication as ultimately determined in accordance with subpart A to 
this subpart (Sec.  1.7), unless such fees are waived under that 
section by the system manager or other appropriate official as 
indicated in the appropriate appendix to this subpart; and
    (iii) Comply with any other requirement set forth in the applicable 
appendix to this subpart or the ``System of Records Notice'' applicable 
to the system in question. Any request for access which does not comply 
with the requirements in the preceding sentence and those set forth 
elsewhere in this subpart, will not be deemed subject to the time 
constraints of this section, unless and until amended to comply with 
all requirements in this subpart. Components must advise the requester 
of any specific deficiencies so the requester can amend the request so 
it can be processed. This section applies only to records maintained in 
a system of records that are also in the possession or control of the 
component. (See 5 U.S.C. 552a(d) and (f).)
    (e) Requests for records not in control of component. (1) Treasury 
employees must make reasonable efforts to assist an oral requester to 
learn to which office or officer a written request should be sent. When 
the request is for a record which is not in the possession or control 
of any Treasury component, the requester must be advised of this fact.
    (2) Where the record requested originated with a Federal agency 
other than Treasury or its components and was classified (e.g., 
National Defense or Intelligence Information) or otherwise 
restrictively endorsed (e.g., Office of Personnel Management records of 
Federal Bureau of Investigation reports) by the originating agency, and 
a copy is in the possession of a Treasury component, the component will 
refer that portion of the request to the originating agency for 
determination of all Privacy Act issues. In the case of a referral to 
another agency under this paragraph (e)(2), the component will notify 
the requester that such portion of the request has been so referred and 
that the requester may expect to hear from that agency.
    (3) When information sought from a system manager or other 
appropriate Treasury official includes information originating with 
other Federal agencies that is not classified or otherwise 
restrictively endorsed, the system manager or other appropriate 
Treasury official receiving the request must consult with the 
originating agency prior to making a decision to disclose or withhold 
the record. The system manager or other appropriate Treasury official 
maintaining the record must decide if disclosure is required. (See 5 
U.S.C. 552a(d) and (f).)
    (f) Date of receipt of request. For purposes of this subpart, the 
date of receipt of a request for notification or access to records 
shall be the date on which the requester satisfied all the requirements 
of paragraph (d) of this section. Requests for notification or access 
to records and any separate agreement to pay for copies must be stamped 
or endorsed with the date the receiving office/component received all 
information needed to satisfy the requirements in this section. The 
date of receipt of the last required document will be the date of 
receipt of the request for the purposes of this subpart. (See 5 U.S.C. 
552a(d) and (f).)
    (g) Notification of determination--(1) In general. The component 
officers designated in the appendices to this subpart must send the 
requester any required notifications, including notices stating the 
component has responsive records and whether it will provide access to 
the records requested. The component will mail notification of the 
determination within 30 days (excluding Saturdays, Sundays, and legal 
public holidays) after the date of receipt of the request, as 
determined in accordance with paragraph (f) of this section. If it is 
not possible to respond within 30 days, the relevant component officer 
must inform the requester (prior to the expiration of the 30-day 
timeframe), stating the reason for the delay (e.g., volume of records 
requested, scattered location of the records, need to consult other 
agencies, or the difficulty of the legal issues involved) and when

[[Page 63911]]

a response will be dispatched. (See 5 U.S.C. 552a(d) and (f).)
    (2) Granting of access. When the component determines that the 
request for access will be granted and the requester seeks a copy of 
the responsive records, the component must furnish such copy in a form 
comprehensible to the requester, together with a statement of the 
applicable duplication fees. If the requester indicates they want to 
exercise their right to inspect the responsive records, the component 
officer designated in the relevant appendix to this subpart must 
promptly notify the requester in writing of the determination, 
including when and where the requested records may be inspected. A 
requester seeking to inspect such records may be accompanied by another 
person of their choosing. The requester seeking access must sign a form 
indicating that Treasury is authorized to discuss the contents of the 
subject record in the accompanying person's presence. If, after making 
the inspection, the requester requests a copy of all or a portion of 
the requested records and pays the applicable fees for duplication, the 
component must provide a copy of the records in a form comprehensible 
to the requester. Fees to be charged are as prescribed by subpart A to 
this subpart (Sec.  1.7). Components may charge for processing requests 
under the Freedom of Information Act, under the provisions of this 
section, or may issue their own fee schedules, which must be consistent 
with the OMB Guidelines. (See 5 U.S.C. 552a(d) and (f).)
    (3) Requirements for access to medical records. When access is 
requested to medical records, including psychological records, the 
responsible official may determine that such release could have an 
adverse effect on the individual and that release will be made only to 
a health professional authorized in writing to have access to such 
records by the individual making the request. Upon receipt of the 
authorization, the health professional will be permitted to review the 
records or to receive copies of the records by mail, upon proper 
verification of identity. (See 5 U.S.C. 552a(f) (3).)
    (4) Denial of request. When a component makes a determination to 
deny a request for notification of whether a record exists or deny 
access to existing responsive records (whether in whole or part or 
subject to conditions or exceptions), the component must notify the 
requester of the denial by mail in accordance with paragraph (g)(1) of 
this section. The letter of notification must specify the city or other 
location where the requested records are situated (if known), contain a 
statement of the reasons for not granting the request as made, set 
forth the name and title or position of the responsible official and 
advise the requester of the right to file suit in accordance with 5 
U.S.C. 552a (g)(1)(B).
    (5) Prohibition against the use of 5 U.S.C. 552(b) exemptions. A 
component may not invoke exemptions from disclosure under 5 U.S.C. 
552(b) (subpart A to this part (Sec.  1.2 (c))), for the purpose of 
withholding from a requester any record which would otherwise be 
accessible to the requester under the Privacy Act and this subpart. 
(See 5 U.S.C. 552a(t).)
    (6) Records exempt in whole or in part. (i) If Treasury deems it 
necessary to assert an exemption in response to a request for 
notification of the existence of or access to records, it will neither 
confirm nor deny the existence of the records if the records were 
exempted from individual access pursuant to 5 U.S.C. 552a(j) or were 
compiled in reasonable anticipation of a civil action or proceeding in 
either a court or before an administrative tribunal. If Treasury 
asserts such an exemption, it must advise the requester only that it 
has identified no records available pursuant to the Privacy Act.
    (ii) Process requests from individuals for access to records which 
Treasury exempted from access pursuant to 5 U.S.C. 552a(k) as follows:
    (A) Requests for information classified pursuant to Executive Order 
12958, 13526, or successor or prior Executive orders require the 
responsible Treasury component to review the information to determine 
whether it continues to warrant classification pursuant to an Executive 
order. Information which no longer warrants classification under these 
criteria must be declassified and made available to the individual. If 
the information continues to warrant classification, the component must 
notify the requester that the information sought is classified, that it 
has been reviewed and continues to warrant classification, and that 
Treasury exempted it from access pursuant to 5 U.S.C. 552(b)(1) and 5 
U.S.C. 552a(k)(1). Classified information maintained in records 
Treasury exempted pursuant to 5 U.S.C. 552a(j) must be reviewed as 
required by this paragraph (g)(6)(ii)(A), but the response to the 
individual must be in the form prescribed by paragraph (g)(6)(i) of 
this section.
    (B) Components must respond to requests for information maintained 
in records that Treasury exempted from disclosure pursuant to 5 U.S.C. 
552a(k)(2) in the manner provided in paragraph (g)(6)(i) of this 
section unless the requester shows that the component has used or is 
using the information to deny them any right, privilege, or benefit for 
which they are eligible or to which they would otherwise be entitled 
under Federal law. If the requester makes such a showing, the component 
must advise the requester of the existence of the records, extract any 
information from the records that would identify a confidential source, 
or provide a summary extract of the records to the requester in a 
manner which protects the source to the maximum degree possible.
    (C) Information a component compiled in its records as part of an 
employee background investigation that Treasury exempted from 
disclosure pursuant to 5 U.S.C. 552a(k)(5) must be made available to a 
requester unless the record identifies a confidential source(s). 
Information in the record that identifies confidential source(s) must 
be extracted or summarized in a manner which protects the source(s) to 
the maximum degree possible and the summary or extract must be provided 
to the requester.
    (D) Testing or examination material that Treasury exempted pursuant 
to 5 U.S.C. 552a(k)(6) must not be made available to a requester if 
disclosure would compromise the objectivity or fairness of the testing 
or examination process but may be made available if no such compromise 
possibility exists. (See 5 U.S.C. 552a(d)(5), (j), and (k).)


Sec.  1.27  Procedures for amendment of records pertaining to 
individuals--format, agency review, and appeal from initial adverse 
agency determination.

    (a) In general. Subject to the application of exemptions Treasury 
promulgated in accordance with Sec.  1.23(c), and subject to paragraph 
(f) of this section, each component of the Department of the Treasury 
must, in conformance with 5 U.S.C. 552a(d)(2), permit an individual to 
request amendment of a record pertaining to such individual. Any 
request for amendment of records or any appeal that does not fully 
comply with the requirements of this section and any additional 
specific requirements imposed by the component in the applicable 
appendix to this subpart will not be deemed subject to the time 
constraints of paragraph (e) of this section, unless and until the 
request is amended to meet all requirements. However, components will 
advise the requester in what respect the request or appeal is non-
compliant so that it may be resubmitted or amended. (See 5 U.S.C. 
552a(d) and (f).)

[[Page 63912]]

    (b) Form of request to amend records. In order to be subject to the 
provisions of this section, a request to amend records must:
    (1) Be made in writing and signed by the individual making the 
request, who must be the individual about whom the record is 
maintained, or the duly authorized representative of such individual;
    (2) State that it is made under the Privacy Act or the regulations 
in this subpart, with ``Privacy Act Amendment Request'' written on both 
the request and on the envelope;
    (3) Be addressed to the office or officer of the component 
specified for such purposes in ``Privacy Act Issuances'' published by 
the Office of the Federal Register and referenced in the appendices to 
this subpart for that purpose; and
    (4) Reasonably describe the records which the individual believes 
require amendment, including, to the best of the requester's knowledge, 
dates of previous letters the requester sent to the component seeking 
access to their records and dates of letters in which the component 
provided notification to the requester concerning access, if any, and 
the individual's documentation justifying the proposed correction. (See 
5 U.S.C. 552a(d) and (f).)
    (c) Date of receipt of request. For purposes of this subpart, the 
date of receipt of a request for amendment of records must be the date 
on which the requester satisfies all the requirements of paragraph (b) 
of this section. The receiving office or officer must stamp or 
otherwise endorse the date of receipt of the request. (See 5 U.S.C. 
552a(d) and (f).)
    (d) Review of requests to amend records. Officials responsible for 
review of requests to amend records pertaining to an individual, as 
specified in the appropriate appendix to this subpart, must:
    (1) Not later than 10 days (excluding Saturdays, Sundays, and legal 
public holidays) after the date of receipt of such request, acknowledge 
in writing such receipt; and
    (2) Promptly, either--
    (i) Make any correction to any portion which the individual 
believes, and the official agrees is not accurate, relevant, timely, or 
complete; or
    (ii) Inform the individual of the refusal to amend the record in 
accordance with the individual's request, the reason for the refusal, 
and the name and business address of the officer designated in the 
applicable appendix to this subpart, as the person who is to review 
such refusal. (See 5 U.S.C. 552a(d) and (f).).
    (e) Administrative appeal--(1) In general. Each component must 
permit individuals to request a review of initial decisions made under 
paragraph (d) of this section when an individual disagrees with a 
refusal to amend the record. (See 5 U.S.C. 552a(d), (f), and (g)(1).)
    (2) Form of request for administrative review of refusal to amend 
record. At any time within 35 days after the date of the notification 
of the initial decision described in paragraph (d)(2)(ii) of this 
section, the requester may submit an administrative appeal from such 
refusal to the official specified in the notification of the initial 
decision and the appropriate appendix to this subpart. The appeal must:
    (i) Be made in writing, stating any arguments in support thereof 
and be signed by the requester to whom the record pertains, or the duly 
authorized representative of such individual;
    (ii) Be addressed and mailed or hand delivered within 35 days of 
the date of the initial decision to the office or officer specified in 
the appropriate appendix to this subpart and in the notification. (See 
the appendices to this subpart for the address to which appeals made by 
mail should be addressed.);
    (iii) Be clearly marked ``Privacy Act Amendment Appeal'' on the 
appeal and on the envelope;
    (iv) Reasonably describe the records the individual seeks to amend; 
and
    (v) Specify the date of the initial request to amend records, and 
the date of the component's letter providing notification that the 
request was denied. (See 5 U.S.C. 552a(d) and (f).)
    (3) Date of receipt. Promptly stamp or endorse appeals with the 
date of their receipt by the office to which the appeal is addressed. 
Such stamped or endorsed date will be deemed to be the date of receipt 
for all purposes of this subpart. The responsible official in the 
office to which the appeal was addressed must acknowledge receipt of 
the appeal within 10 days (excluding Saturdays, Sundays, and legal 
public holidays) from the date of the receipt (unless the determination 
on appeal is dispatched in 10 days, in which case, no acknowledgement 
is required). The letter acknowledging receipt of the appeal must 
advise the requester of the date of receipt established by the 
foregoing and the number of days the responsible official has to decide 
the administrative appeal (including days included/not included in 
determining the deadline). (See 5 U.S.C. 552a(d) and (f).)
    (4) Review of administrative appeals from denial of requests to 
amend records. Officials responsible for deciding administrative 
appeals from denials of requests to amend records pertaining to an 
individual, as specified in the appendices to this subpart must: 
Complete the review and notify the requester of the final agency 
decision within 30 days (exclusive of Saturdays, Sundays, and legal 
public holidays) after the date of receipt of such appeal, unless the 
time is extended by the head of the agency or the delegate of such 
official, for good cause shown. If the final agency decision is to 
refuse to amend the record, in whole or in part, the requester must 
also be advised of the reasons the appeal was denied and their right--
    (i) To file a concise ``Statement of Disagreement'' (including the 
procedures for filing this statement) setting forth the reasons they 
disagree with the final agency decision; and/or
    (ii) To judicial review of the final agency decision refusing to 
amend the record(s) (under 5 U.S.C. 552a(g)(1)(A)). (See 5 U.S.C. 
552a(d), (f), and (g)(1).)
    (5) Notation on record and distribution of statements of 
disagreement. The system manager is responsible, in any disclosure 
containing information about which an individual has filed a 
``Statement of Disagreement'', occurring after the filing of the 
statement under paragraph (e)(4) of this section, for clearly noting 
any portion of the record which is disputed and providing copies of the 
statement and, if deemed appropriate, a concise statement of the 
component's reasons for not making the amendments requested to persons 
or other agencies to whom the disputed record has been disclosed. (See 
5 U.S.C. 552a(d)(4).)
    (f) Records not subject to correction under the Privacy Act. The 
following records are not subject to correction or amendment by 
individuals:
    (1) Transcripts or written statements made under oath;
    (2) Transcripts of Grand Jury proceedings, judicial or quasi-
judicial proceedings which form the official record of those 
proceedings;
    (3) Pre-sentence reports comprising the property of the courts but 
maintained in agency files;
    (4) Records pertaining to the determination, the collection, and 
the payment of the Federal taxes;
    (5) Records duly exempted from correction by notice published in 
the Federal Register; and
    (6) Records compiled in reasonable anticipation of a civil action 
or proceeding.

[[Page 63913]]

Sec.  1.28  Training, rules of conduct, penalties for non-compliance.

    (a) Training. The Deputy Assistant Secretary for Privacy, 
Transparency, & Records must institute a Departmental training program 
to instruct Treasury employees and employees of Government contractors 
covered by 5 U.S.C. 552a(m), who are involved in the design, 
development, operation, or maintenance of any system of records, on a 
continuing basis with respect to the duties and responsibilities 
imposed on them and the rights conferred on individuals by the Privacy 
Act, the regulations in this subpart, including the appendices thereto, 
and any other related regulations. Such training must provide suitable 
emphasis on the civil and criminal penalties imposed on the Department 
and the individual employees by the Privacy Act for non-compliance with 
specified requirements of the Act as implemented by the regulations in 
this subpart. Components may supplement or supplant the departmental 
annual privacy awareness training to address Privacy Act issues unique 
to their missions. (See 5 U.S.C. 552a(e)(9).)
    (b) Rules of conduct. In addition to the Standards of Conduct 
published in part O of this title, particularly 31 CFR 0.735-44, the 
following applies to Treasury employees (including, to the extent 
required by the contract or 5 U.S.C. 552a(m), Government contractors 
and employees of such contractors), who are involved in the design, 
development, operation, or maintenance of any system of records, or in 
maintaining any records, for or on behalf of the Department, including 
any component thereof.
    (1) The head of each office of a component of the Department is 
responsible for assuring that employees subject to such official's 
supervision are advised of the provisions of the Privacy Act, including 
the criminal penalties and civil liabilities provided therein, and the 
regulations in this subpart, and that such employees are made aware of 
their individual and collective responsibilities to protect the 
security of personal information, to assure its accuracy, relevance, 
timeliness and completeness, to avoid unauthorized disclosure either 
orally or in writing, and to insure that no system of records is 
maintained without public notice.
    (2) Treasury must:
    (i) Collect no information about individuals for maintenance in a 
system of records unless authorized to collect it to achieve a function 
or carry out a responsibility of the Department;
    (ii) Collect from individuals only that information which is 
relevant and necessary to perform Department functions or 
responsibilities, unless related to a system exempted under 5 U.S.C. 
552a(j) or (k);
    (iii) Collect information, to the greatest extent practicable, 
directly from the individual to whom it relates, unless related to a 
system exempted under 5 U.S.C. 552a(j);
    (iv) Inform individuals (and third parties, if feasible) from whom 
information is collected of the authority and purposes for collection, 
the use that will be made of the information, and the effects, both 
legal and practical, of not furnishing the information;
    (v) Neither collect, maintain, use nor disseminate information 
concerning an individual's mere exercise of their First Amendment 
rights, including: an individual's religious or political beliefs or 
activities; membership in associations or organizations; freedom of 
speech and of the press, and freedom of assembly and petition, unless:
    (A) The individual expressly authorizes it (for example, 
volunteering relevant and necessary information to obtain a benefit or 
enforce a right);
    (B) A statute expressly/explicitly authorizes the collection, 
maintenance, use or dissemination of the information (whether or not 
the statute specifically refers to the First Amendment); or
    (C) The activities involved are pertinent to and within the scope 
of an authorized investigation, adjudication or correctional activity;
    (vi) Advise their supervisors of the existence or contemplated 
development of any record system which is capable of retrieving 
information about individuals by individual identifier (to determine if 
actual retrieval is or will necessarily occur with some degree of 
regularity when the system of records becomes operational);
    (vii) Disseminate outside the Department no information from a 
system of records without the written consent of the individual who is 
the subject of the records unless disclosure is authorized by one of 
the 12 exemptions in 5 U.S.C. 552a(b), which includes disclosure 
pursuant to a routine use published in a system of records notice in 
the Federal Register;
    (viii) Assure that an accounting is kept in the prescribed form of 
information about individuals that is maintained in a system of records 
and disseminated outside the Department, whether made orally or in 
writing, unless disclosed under 5 U.S.C. 552 and subpart A of this 
part;
    (ix) Collect, maintain, use, and disseminate information about 
individuals in a manner that ensures that no inadvertent disclosure of 
the information is made either within or outside the Department; and
    (x) Assure that the proper Department authorities (e.g., component 
privacy officer, legal counsel) are aware of any information in a 
system maintained by the Department which is not/might not be 
authorized under the provisions of the Privacy Act, including 
information on how an individual exercises their First Amendment 
rights, information that is/may be inaccurate, irrelevant, or so 
incomplete as to risk unfairness to the individual concerned if used to 
make adverse determinations.
    (c) Criminal penalties. (1) The Privacy Act imposes criminal 
penalties on the conduct of Government officers or employees as 
follows: Any officer or employee of an agency (which term includes 
Treasury):
    (i) Who by virtue of their employment or official position, has 
possession of, or access to, agency records which contain individually 
identifiable information the disclosure of which is prohibited by this 
section (see 5 U.S.C. 552a) or regulations in this subpart established 
under the Privacy Act, and who knowing that disclosure of the specific 
material is so prohibited, willfully discloses the material in any 
manner to any person or agency not entitled to receive it; or
    (ii) Who willfully maintains a system of records without meeting 
the notice requirements of paragraph (e)(4) of this section (see 5 
U.S.C. 552a)--shall be guilty of a misdemeanor and fined not more than 
$5,000.
    (2) The Privacy Act also imposes a collateral criminal penalty 
(misdemeanor and a fine of not more than $5,000) on the conduct of any 
person who knowingly and willfully requests or obtains records covered 
by the Privacy Act from an agency under false pretenses.
    (3) For the purposes of 5 U.S.C. 552a(i), the provisions of 
paragraph (c)(1) of this section are applicable to Government 
contractors and employees of such contractors who by contract, operate 
by or on behalf of the Treasury a system of records to accomplish a 
Departmental function. Such contractor and employees are considered 
employees of the Treasury for the purposes of 5 U.S.C. 552a(i). (See 5 
U.S.C. 552a(i) and (m).)


Sec.  1.29  Records transferred to Federal Records Center or National 
Archives of the United States.

    (a) Records transferred for storage in the Federal Records Center. 
Records pertaining to an identifiable individual which are transferred 
to the Federal Records Center in accordance with 44

[[Page 63914]]

U.S.C. 3103 must, for the purposes of the Privacy Act, be considered to 
be maintained by the component which deposited the record and must be 
subject to the provisions of the Privacy Act and this subpart. The 
Federal Records Center must not disclose such records except to 
Treasury or to others under rules consistent with the Privacy Act. 
These rules may be established by Treasury or a component. If such 
records are retrieved for the purpose of making a determination about 
an individual, Treasury or the relevant component must review them for 
accuracy, relevance, timeliness, and completeness.
    (b) Records transferred to the National Archives of the United 
States--(1) Records transferred to National Archives prior to September 
27, 1975. Records pertaining to an identifiable individual transferred 
to the National Archives prior to September 27, 1975, as a record which 
has sufficient historical or other value to warrant its continued 
preservation by the United States Government, are deemed records 
maintained by the National Archives, and:
    (i) Must not be subject to the Privacy Act.
    (ii) Except, that a statement describing such records (modeled 
after 5 U.S.C. 552a(e)(4)(A) through (G)) must be published in the 
Federal Register.
    (2) Records transferred to National Archives on or after September 
27, 1975. Records pertaining to an identifiable individual transferred 
to the National Archives as a record which has sufficient historical or 
other value to warrant its continued preservation by the United States 
Government, on or after September 27, 1975, must be deemed records 
maintained by the National Archives, and:
    (i) Must not be subject to the Privacy Act.
    (ii) Except, that a statement describing such records in accordance 
with 5 U.S.C. 552a(e)(4)(A) through (G) must be published in the 
Federal Register and rules of conduct and training in accordance with 5 
U.S.C. 552(e)(9) are to be established by the National Archives. (See 5 
U.S.C. 552a(e).)


Sec.  1.30  Application to system of records maintained by Government 
contractors.

    When a component contracts for the operation of a system of 
records, to accomplish a Treasury function, the provisions of the 
Privacy Act and this subpart must be applied to such system. The 
relevant component is responsible for ensuring that the contractor 
complies with the contract requirements relating to privacy.


Sec.  1.31  Sale or rental of mailing lists.

    (a) In general. An individual's name and address must not be sold 
or rented by a component unless such action is specifically authorized 
by law.
    (b) Withholding of names and addresses. This section must not be 
construed to require the withholding of names and addresses otherwise 
permitted to be made public. (See 5 U.S.C. 552a(n).)


Sec.  1.32  Collection, use, disclosure, and protection of Social 
Security numbers.

    (a) Treasury must only collect full Social Security numbers (SSNs) 
when relevant and necessary to accomplish a legally authorized purpose 
related to a Treasury mission. In the absence of another compelling 
justification for the use of the full SSN (approved by the relevant 
component Head and the Departmental Senior Agency Official for 
Privacy), Treasury must only collect and maintain full SSNs:
    (1) As a unique identifier for identity verification purposes 
related to cyber security, law enforcement, intelligence, and/or 
security background investigations;
    (2) When required by external entities to perform a function for or 
on behalf of Treasury;
    (3) When collection is expressly required by statute or regulation;
    (4) For statistical and other research purposes;
    (5) To ensure the delivery of government benefits, privileges, and 
services; and
    (6) When there are no reasonable, alternative means for meeting 
business requirements.
    (b) Treasury must not display the Social Security number on the 
outside of any package sent by mail.
    (c) Treasury must not display the Social Security number on any 
document sent by mail unless there are no reasonable, alternative means 
for meeting business requirements and masking or truncating/partially 
redacting the SSN are not feasible.
    (d) Whenever feasible, Treasury must mask, or truncate/partially 
redact Social Security numbers visible to authorized Treasury/component 
information technology users so they only see the portion (if any) of 
the Social Security number required to perform their official Treasury 
duties.
    (e) An individual must not be denied any right, benefit, or 
privilege provided by law by a component because of such individual's 
refusal to disclose their Social Security number.
    (f) The provisions of paragraph (e) of this section do not apply 
with respect to:
    (1) Any disclosure which is required by Federal statute; or
    (2) The disclosure of a Social Security number to any Federal, 
State, or local agency maintaining a system of records in existence and 
operating before January 1, 1975, if such disclosure was required under 
statute or regulation adopted prior to such date to verify the identity 
of an individual.
    (g) When Treasury requests that an individual discloses their 
Social Security number, it must inform the individual:
    (1) Whether that disclosure is mandatory or voluntary;
    (2) By what statutory or other authority such number is solicited; 
and
    (3) What uses are made of the number.
    (h) Treasury must provide the information in this section in the 
notice discussed in Sec.  1.28(b)(2)(iv). (See section 7 of the Privacy 
Act of 1974 set forth at 5 U.S.C. 552a, note.)


Sec.  1.34  Guardianship.

    The parent or guardian of a minor or a person judicially determined 
to be incompetent must, in addition to establishing the identity of the 
minor or other person represented, establish parentage or guardianship 
by furnishing a copy of a birth certificate showing parentage or a 
court order establishing the guardianship and may thereafter, act on 
behalf of such individual. (See 5 U.S.C. 552a(h).)


Sec.  1.35  Information forms.

    (a) Review of forms. Except for forms developed and used by 
components, the Deputy Assistant Secretary for Privacy, Transparency, & 
Records must review all forms Treasury develops and uses to collect 
information from and about individuals. Component heads are responsible 
for reviewing forms used by their component to collect information from 
and about individuals.
    (b) Scope of review. The responsible officers must review each form 
for the purpose of eliminating any requirement for information that is 
not relevant and necessary to carry out an agency function and to 
accomplish the following objectives:
    (1) To ensure that Treasury does not collect information concerning 
religion, political beliefs or activities, association memberships, or 
the exercise of other First Amendment rights except as authorized in 
Sec.  1.28(b)(2)(v);
    (2) To ensure that the form on which information is collected (or a 
separate form that can be retained by the individual) makes clear what 
information the individual is required to disclose by law (and the 
statutory of other authority for that requirement),

[[Page 63915]]

and what information requested is voluntary;
    (3) To ensure that the form on which information is collected (or a 
separate form that can be retained by the individual) states clearly 
the principal purpose or purposes for which Treasury is collecting the 
information, and summarizes concisely the routine uses that will be 
made of the information;
    (4) To ensure that the form on which information is collected (or a 
separate form that can be retained by the individual) clearly indicates 
to the individual the effect that not providing all, or part of the 
requested information will have on their rights, benefits, or 
privileges of; and
    (5) To ensure that any form on which Treasury requests a Social 
Security number (SSN) (or a separate form that can be retained by the 
individual) clearly advises the individual of the statute or regulation 
requiring disclosure of the SSN or clearly advises the individual that 
disclosure is voluntary and that they will not be denied any right, 
benefit, or privilege if they refuse to voluntarily disclose it, and 
the uses that will be made of the SSN whether disclosed mandatorily or 
voluntarily.
    (c) Revision of forms. The responsible officers must revise any 
form which does not meet the objectives specified in the Privacy Act as 
discussed in this section. A separate statement may be used in 
instances when a form does not conform. This statement will accompany a 
form and must include all the information necessary to accomplish the 
objectives specified in the Privacy Act and this section.


Sec.  1.36  Systems exempt in whole or in part from provisions of the 
Privacy Act and this part.

    (a) In general. In accordance with 5 U.S.C. 552a(j) and (k) and 
Sec.  1.23(c), Treasury hereby exempts the systems of records 
identified in paragraphs (c) through (o) of this section from the 
following provisions of the Privacy Act for the reasons indicated.
    (b) Authority. The rules in this section are promulgated pursuant 
to the authority vested in the Secretary of the Treasury by 5 U.S.C. 
552a(j) and (k) and pursuant to the authority of Sec.  1.23(c).
    (c) General exemptions under 5 U.S.C. 552a(j)(2). (1) Under 5 
U.S.C. 552a(j)(2), the head of any agency may promulgate rules to 
exempt any system of records within the agency from certain provisions 
of the Privacy Act if the agency or component thereof that maintains 
the system performs as its principal function any activities pertaining 
to the enforcement of criminal laws. Certain Treasury components have 
as their principal function activities pertaining to the enforcement of 
criminal laws. This paragraph (c) applies to the following systems of 
records maintained by Treasury:
    (i) Treasury-wide.

                     Table 1 to Paragraph (c)(1)(i)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
Treasury .013........................  Department of the Treasury Civil
                                        Rights Complaints and Compliance
                                        Review Files.
------------------------------------------------------------------------

    (ii) Departmental Offices.

                     Table 2 to Paragraph (c)(1)(ii)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
DO .190..............................  Office of Inspector General
                                        Investigations Management
                                        Information System (formerly:
                                        Investigation Data Management
                                        System).
DO .220..............................  SIGTARP Hotline Database.
DO .221..............................  SIGTARP Correspondence Database.
DO .222..............................  SIGTARP Investigative MIS
                                        Database.
DO .223..............................  SIGTARP Investigative Files
                                        Database.
DO .224..............................  SIGTARP Audit Files Database.
DO .303..............................  TIGTA General Correspondence.
DO .307..............................  TIGTA Employee Relations Matters,
                                        Appeals, Grievances, and
                                        Complaint Files.
DO .308..............................  TIGTA Data Extracts.
DO .309..............................  TIGTA Chief Counsel Case Files.
DO .310..............................  TIGTA Chief Counsel Disclosure
                                        Section Records.
DO .311..............................  TIGTA Office of Investigations
                                        Files.
------------------------------------------------------------------------

    (iii) Special Investigator for Pandemic Recovery (SIGPR).

                    Table 3 to Paragraph (c)(1)(iii)
------------------------------------------------------------------------
 
------------------------------------------------------------------------
SIGPR .420...........................  Audit and Evaluations Records.
SIGPR .421...........................  Case Management System and
                                        Investigative Records.
SIGPR .423...........................  Legal Records.
------------------------------------------------------------------------

    (iv) Alcohol and Tobacco and Trade Bureau (TTB).

[[Page 63916]]



                     Table 4 to Paragraph (c)(1)(iv)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
TTB .003.............................  Criminal Investigation Report
                                        System.
------------------------------------------------------------------------

    (v) Office of the Comptroller of the Currency (OCC).

                     Table 5 to Paragraph (c)(1)(v)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
CC .110..............................  Reports of Suspicious Activities.
CC .120..............................  Bank Fraud Information System.
CC .220..............................  Notices of Proposed Changes in
                                        Employees, Officers and
                                        Directors Tracking System.
CC .500..............................  Chief Counsel's Management
                                        Information System.
CC .510..............................  Litigation Information System.
------------------------------------------------------------------------

    (vi) Internal Revenue Service.

                     Table 6 to Paragraph (c)(1)(vi)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
IRS 34.022...........................  National Background
                                        Investigations Center Management
                                        Information System (NBICMIS).
IRS 46.002...........................  Criminal Investigation Management
                                        Information System and Case
                                        Files.
IRS 46.003...........................  Confidential Informants, Criminal
                                        Investigation Division.
IRS 46.005...........................  Electronic Surveillance and
                                        Monitoring Records, Criminal
                                        Investigation Division.
IRS 46.009...........................  Centralized Evaluation and
                                        Processing of Information Items
                                        (CEPIIs), Criminal Investigation
                                        Division.
IRS 46.015...........................  Relocated Witnesses, Criminal
                                        Investigation Division.
IRS 46.016...........................  Secret Service Details, Criminal
                                        Investigation Division.
IRS 46.022...........................  Treasury Enforcement
                                        Communications System (TECS).
IRS 46.050...........................  Automated Information Analysis
                                        System.
IRS 90.001...........................  Chief Counsel Management
                                        Information System Records.
IRS 90.004...........................  Chief Counsel Legal Processing
                                        Division Records.
IRS 90.005...........................  Chief Counsel Library Records.
------------------------------------------------------------------------

    (vii) Financial Crimes Enforcement Network.

                    Table 7 to Paragraph (c)(1)(vii)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
FinCEN .001..........................  FinCEN Investigations and
                                        Examinations System.
FinCEN .002..........................  Suspicious Activity Reporting
                                        System.
FinCEN .003..........................  Bank Secrecy Act Reports System.
------------------------------------------------------------------------

    (2) The Department hereby exempts the systems of records listed in 
paragraphs (c)(1)(i) through (vii) of this section from the following 
provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(j)(2): 5 
U.S.C. 552a(c)(3) and (4), 5 U.S.C. 552a(d)(1), (2), (3), (4), 5 U.S.C. 
552a(e)(1), (2) and (3), 5 U.S.C. 552a(e)(4)(G), (H), and (I), 5 U.S.C. 
552a(e)(5) and (8), 5 U.S.C. 552a(f), and 5 U.S.C. 552a(g).
    (d) Reasons for exemptions under 5 U.S.C. 552a(j)(2). (1) 5 U.S.C. 
552a(e)(4)(G) and (f)(l) enable individuals to inquire whether a system 
of records contains records pertaining to them. Application of these 
provisions to the systems of records would give individuals an 
opportunity to learn whether they have been identified as suspects or 
subjects of investigation. As further described in the paragraphs 
(d)(2) through (12) of this section, access to such knowledge would 
impair the Department's ability to carry out its mission, since 
individuals could:
    (i) Take steps to avoid detection;
    (ii) Inform associates that an investigation is in progress;
    (iii) Learn the nature of the investigation;
    (iv) Learn whether they are only suspects or identified as law 
violators;
    (v) Begin, continue, or resume illegal conduct upon learning that 
they are not identified in the system of records; or
    (vi) Destroy evidence needed to prove the violation.
    (2) 5 U.S.C. 552a(d)(1), (e)(4)(H), and (f)(2), (3), and (5) grant 
individuals access to records pertaining to them. The application of 
these provisions to the systems of records would compromise the 
Department's ability to provide useful tactical and strategic 
information to law enforcement agencies.
    (i) Permitting access to records contained in the systems of 
records would provide individuals with information concerning the 
nature of

[[Page 63917]]

any current investigations and would enable them to avoid detection or 
apprehension by:
    (A) Discovering the facts that would form the basis for their 
arrest;
    (B) Enabling them to destroy or alter evidence of criminal conduct 
that would form the basis for their arrest; and
    (C) Using knowledge that criminal investigators had reason to 
believe that a crime was about to be committed, to delay the commission 
of the crime or commit it at a location that might not be under 
surveillance.
    (ii) Permitting access to either on-going or closed investigative 
files would also reveal investigative techniques and procedures, the 
knowledge of which could enable individuals planning crimes to 
structure their operations to avoid detection or apprehension.
    (iii) Permitting access to investigative files and records could, 
moreover, disclose the identity of confidential sources and informants 
and the nature of the information supplied and thereby endanger the 
physical safety of those sources by exposing them to possible reprisals 
for having provided the information. Confidential sources and 
informants might refuse to provide criminal investigators with valuable 
information unless they believe that their identities will not be 
revealed through disclosure of their names or the nature of the 
information they supplied. Loss of access to such sources would 
seriously impair the Department's ability to carry out its mandate.
    (iv) Furthermore, providing access to records contained in the 
systems of records could reveal the identities of undercover law 
enforcement officers who compiled information regarding the 
individual's criminal activities and thereby endanger the physical 
safety of those undercover officers or their families by exposing them 
to possible reprisals.
    (v) By compromising the law enforcement value of the systems of 
records for the reasons outlined in paragraphs (d)(2)(i) through (iv) 
of this section, permitting access in keeping with these provisions 
would discourage other law enforcement and regulatory agencies, foreign 
and domestic, from freely sharing information with the Department and 
thus would restrict the Department's access to information necessary to 
accomplish its mission most effectively.
    (vi) Finally, the dissemination of certain information that the 
Department maintains in the systems of records is restricted by law.
    (3) 5 U.S.C. 552a(d)(2), (3), and (4), (e)(4)(H), and (f)(4) permit 
an individual to request amendment of a record pertaining to him or her 
and require the agency either to amend the record, or to note the 
disputed portion of the record and to provide a copy of the 
individual's statement of disagreement with the agency's refusal to 
amend a record to persons or other agencies to whom the record is 
thereafter disclosed. Since these provisions depend on the individual 
having access to his or her records, and since these rules exempt the 
systems of records from the provisions of the Privacy Act relating to 
access to records, for the reasons set out in paragraph (d)(2) of this 
section, these provisions should not apply to the systems of records.
    (4) 5 U.S.C. 552a(c)(3) requires an agency to make accountings of 
disclosures of a record available to the individual named in the record 
upon his or her request. The accountings must state the date, nature, 
and purpose of each disclosure of the record and the name and address 
of the recipient.
    (i) The application of this provision would impair the ability of 
law enforcement agencies outside the Department of the Treasury to make 
effective use of information provided by the Department. Making 
accountings of disclosures available to the subjects of an 
investigation would alert them to the fact that another agency is 
conducting an investigation into their criminal activities and could 
reveal the geographic location of the other agency's investigation, the 
nature and purpose of that investigation, and the dates on which that 
investigation was active. Individuals possessing such knowledge would 
be able to take measures to avoid detection or apprehension by altering 
their operations, by transferring their criminal activities to other 
geographical areas, or by destroying or concealing evidence that would 
form the basis for arrest. In the case of a delinquent account, such 
release might enable the subject of the investigation to dissipate 
assets before levy.
    (ii) Moreover, providing accountings to the subjects of 
investigations would alert them to the fact that the Department has 
information regarding their criminal activities and could inform them 
of the general nature of that information. Access to such information 
could reveal the operation of the Department's information-gathering 
and analysis systems and permit individuals to take steps to avoid 
detection or apprehension.
    (5) 5 U.S.C. 552(c)(4) requires an agency to inform any person or 
other agency about any correction or notation of dispute that the 
agency made in accordance with 5 U.S.C. 552a(d) to any record that the 
agency disclosed to the person or agency if an accounting of the 
disclosure was made. Since this provision depends on an individual's 
having access to and an opportunity to request amendment of records 
pertaining to him or her, and since these rules exempt the systems of 
records from the provisions of the Privacy Act relating to access to 
and amendment of records, for the reasons set out in paragraph (f)(3) 
of this section, this provision should not apply to the systems of 
records.
    (6) 5 U.S.C. 552a(e)(4)(I) requires an agency to publish a general 
notice listing the categories of sources for information contained in a 
system of records. The application of this provision to the systems of 
records could compromise the Department's ability to provide useful 
information to law enforcement agencies, since revealing sources for 
the information could:
    (i) Disclose investigative techniques and procedures;
    (ii) Result in threats or reprisals against informants by the 
subjects of investigations; and
    (iii) Cause informants to refuse to give full information to 
criminal investigators for fear of having their identities as sources 
disclosed.
    (7) 5 U.S.C. 552a(e)(1) requires an agency to maintain in its 
records only such information about an individual as is relevant and 
necessary to accomplish a purpose of the agency required to be 
accomplished by statute or Executive order. The term maintain, as 
defined in 5 U.S.C. 552a(a)(3), includes collect and disseminate. The 
application of this provision to the systems of records could impair 
the Department's ability to collect and disseminate valuable law 
enforcement information.
    (i) In many cases, especially in the early stages of investigation, 
it may be impossible to immediately determine whether information 
collected is relevant and necessary, and information that initially 
appears irrelevant and unnecessary often may, upon further evaluation 
or upon collation with information developed subsequently, prove 
particularly relevant to a law enforcement program.
    (ii) Not all violations of law discovered by the Department fall 
within the investigative jurisdiction of the Department of the 
Treasury. To promote effective law enforcement, the Department will 
have to disclose such violations to other law enforcement agencies, 
including State, local, and foreign agencies, that have jurisdiction 
over the offenses to which the

[[Page 63918]]

information relates. Otherwise, the Department might be placed in the 
position of having to ignore information relating to violations of law 
not within the jurisdiction of the Department of the Treasury when that 
information comes to the Department's attention during the collation 
and analysis of information in its records.
    (8) 5 U.S.C. 552a(e)(2) requires an agency to collect information 
to the greatest extent practicable directly from the subject individual 
when the information may result in adverse determinations about an 
individual's rights, benefits, and privileges under Federal programs. 
The application of this provision to the systems of records would 
impair the Department's ability to collate, analyze, and disseminate 
investigative, intelligence, and enforcement information.
    (i) Most information collected about an individual under criminal 
investigation is obtained from third parties, such as witnesses and 
informants. It is usually not feasible to rely upon the subject of the 
investigation as a source for information regarding his criminal 
activities.
    (ii) An attempt to obtain information from the subject of a 
criminal investigation will often alert that individual to the 
existence of an investigation, thereby affording the individual an 
opportunity to attempt to conceal his criminal activities so as to 
avoid apprehension.
    (iii) In certain instances, the subject of a criminal investigation 
may assert his/her constitutional right to remain silent and refuse to 
supply information to criminal investigators upon request.
    (iv) During criminal investigations it is often a matter of sound 
investigative procedure to obtain information from a variety of sources 
to verify information already obtained from the subject of a criminal 
investigation or other sources.
    (9) 5 U.S.C. 552a(e)(3) requires an agency to inform each 
individual whom it asks to supply information, on the form that it uses 
to collect the information or on a separate form that the individual 
can retain, of the agency's authority for soliciting the information; 
whether disclosure of information is voluntary or mandatory; the 
principal purposes for which the agency will use the information; the 
routine uses that may be made of the information; and the effects on 
the individual of not providing all or part of the information. The 
systems of records should be exempted from this provision to avoid 
impairing the Department's ability to collect and collate 
investigative, intelligence, and enforcement data.
    (i) Confidential sources or undercover law enforcement officers 
often obtain information under circumstances in which it is necessary 
to keep the true purpose of their actions secret so as not to let the 
subject of the investigation or his or her associates know that a 
criminal investigation is in progress.
    (ii) If it became known that the undercover officer was assisting 
in a criminal investigation, that officer's physical safety could be 
endangered through reprisal, and that officer may not be able to 
continue working on the investigation.
    (iii) Individuals often feel inhibited in talking to a person 
representing a criminal law enforcement agency but are willing to talk 
to a confidential source or undercover officer whom they believe are 
not involved in law enforcement activities.
    (iv) Providing a confidential source of information with written 
evidence that he or she was a source, as required by this provision, 
could increase the likelihood that the source of information would be 
subject to retaliation by the subject of the investigation.
    (v) Individuals may be contacted during preliminary information 
gathering, surveys, or compliance projects concerning the 
administration of the internal revenue laws before any individual is 
identified as the subject of an investigation. Informing the individual 
of the matters required by this provision would impede or compromise 
subsequent investigations.
    (10) 5 U.S.C. 552a(e)(5) requires an agency to maintain all records 
it uses in making any determination about any individual with such 
accuracy, relevance, timeliness, and completeness as is reasonably 
necessary to assure fairness to the individual in the determination.
    (i) Since 5 U.S.C. 552a(a)(3) defines maintain to include collect 
and disseminate, application of this provision to the systems of 
records would hinder the initial collection of any information that 
could not, at the moment of collection, be determined to be accurate, 
relevant, timely, and complete. Similarly, application of this 
provision would seriously restrict the Department's ability to 
disseminate information pertaining to a possible violation of law-to-
law enforcement and regulatory agencies. In collecting information 
during a criminal investigation, it is often impossible or unfeasible 
to determine accuracy, relevance, timeliness, or completeness prior to 
collection of the information. In disseminating information to law 
enforcement and regulatory agencies, it is often impossible to 
determine accuracy, relevance, timeliness, or completeness prior to 
dissemination because the Department may not have the expertise with 
which to make such determinations.
    (ii) Information that may initially appear inaccurate, irrelevant, 
untimely, or incomplete may, when collated and analyzed with other 
available information, become more pertinent as an investigation 
progresses. In addition, application of this provision could seriously 
impede criminal investigators and intelligence analysts in the exercise 
of their judgment in reporting results obtained during criminal 
investigations.
    (11) 5 U.S.C. 552a(e)(8) requires an agency to make reasonable 
efforts to serve notice on an individual when the agency makes any 
record on the individual available to any person under compulsory legal 
process, when such process becomes a matter of public record. The 
systems of records should be exempted from this provision to avoid 
revealing investigative techniques and procedures outlined in those 
records and to prevent revelation of the existence of an ongoing 
investigation where there is need to keep the existence of the 
investigation secret.
    (12) 5 U.S.C. 552a(g) provides for civil remedies to an individual 
when an agency wrongfully refuses to amend a record or to review a 
request for amendment, when an agency wrongfully refuses to grant 
access to a record, when an agency fails to maintain accurate, 
relevant, timely, and complete records which are used to make a 
determination adverse to the individual, and when an agency fails to 
comply with any other provision of the Privacy Act so as to adversely 
affect the individual. The systems of records should be exempted from 
this provision to the extent that the civil remedies may relate to 
provisions of the Privacy Act from which these rules exempt the systems 
of records, since there should be no civil remedies for failure to 
comply with provisions from which the Department is exempted. Exemption 
from this provision will also protect the Department from baseless 
civil court actions that might hamper its ability to collate, analyze, 
and disseminate investigative, intelligence, and law enforcement data.
    (e) Specific exemptions under 5 U.S.C. 552a(k)(1). (1) Under 5 
U.S.C. 552a(k)(1), the head of any agency may promulgate rules to 
exempt any system of records within the agency from certain provisions 
of the Privacy Act to the extent that the system contains information 
subject to the provisions of 5 U.S.C. 552(b)(1). This paragraph (e) 
applies to the following systems of

[[Page 63919]]

records maintained by the Department of the Treasury:
    (i) Departmental Offices.

                     Table 8 to Paragraph (e)(1)(i)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
DO .120..............................  Records Related to Office of
                                        Foreign Assets Control Economic
                                        Sanctions.
DO .227..............................  Committee on Foreign Investment
                                        in the United States (CFIUS)
                                        Case Management System.
DO .411..............................  Intelligence Enterprise Files.
------------------------------------------------------------------------

    (ii) [Reserved]
    (2) The Department of the Treasury hereby exempts the systems of 
records listed in paragraph (e)(1) of this section from the following 
provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(1): 5 
U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 
552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).
    (f) Reasons for exemptions under 5 U.S.C. 552a(k)(1). The reason 
for invoking the exemption is to protect material authorized to be kept 
secret in the interest of national defense or foreign policy pursuant 
to Executive Orders 12958, 13526, or successor or prior Executive 
orders.
    (g) Specific exemptions under 5 U.S.C. 552a(k)(2). (1) Under 5 
U.S.C. 552a(k)(2), the head of any agency may promulgate rules to 
exempt any system of records within the agency from certain provisions 
of the Privacy Act if the system is investigatory material compiled for 
law enforcement purposes and for the purposes of assuring the safety of 
individuals protected by the Department pursuant to the provisions of 
18 U.S.C. 3056. This paragraph (g) applies to the following systems of 
records maintained by the Department of the Treasury:
    (i) Departmental Offices.

                     Table 9 to Paragraph (g)(1)(i)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
DO .120..............................  Records Related to Office of
                                        Foreign Assets Control Economic
                                        Sanctions.
DO .144..............................  General Counsel Litigation
                                        Referral and Reporting System.
DO .190..............................  Office of Inspector General
                                        Investigations Management
                                        Information System (formerly:
                                        Investigation Data Management
                                        System).
DO .220..............................  SIGTARP Hotline Database.
DO .221..............................  SIGTARP Correspondence Database.
DO .222..............................  SIGTARP Investigative MIS
                                        Database.
DO .223..............................  SIGTARP Investigative Files
                                        Database.
DO .224..............................  SIGTARP Audit Files Database.
DO .225..............................  TARP Fraud Investigation
                                        Information System.
DO .227..............................  Committee on Foreign Investment
                                        in the United States (CFIUS)
                                        Case Management System.
DO .303..............................  TIGTA General Correspondence.
DO .307..............................  TIGTA Employee Relations Matters,
                                        Appeals, Grievances, and
                                        Complaint Files.
DO .308..............................  TIGTA Data Extracts.
DO .309..............................  TIGTA Chief Counsel Case Files.
DO .310..............................  TIGTA Chief Counsel Disclosure
                                        Section Records.
DO .311..............................  TIGTA Office of Investigations
                                        Files.
------------------------------------------------------------------------

    (ii) Special Investigator for Pandemic Recovery (SIGPR).

                    Table 10 to Paragraph (g)(1)(ii)
------------------------------------------------------------------------
 
------------------------------------------------------------------------
SIGPR .420...........................  Audit and Evaluations Records.
SIGPR .421...........................  Case Management System and
                                        Investigative Records.
SIGPR .423...........................  Legal Records.
------------------------------------------------------------------------

    (iii) The Alcohol and Tobacco Tax and Trade Bureau (TTB).

                    Table 11 to Paragraph (g)(1)(iii)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
TTB .001.............................  Regulatory Enforcement Record
                                        System.
------------------------------------------------------------------------

    (iv) Comptroller of the Currency.

[[Page 63920]]



                    Table 12 to Paragraph (g)(1)(iv)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
CC .100..............................  Enforcement Action Report System.
CC .110..............................  Reports of Suspicious Activities.
CC .120..............................  Bank Fraud Information System.
CC .220..............................  Notices of Proposed Changes in
                                        Employees, Officers and
                                        Directors Tracking System.
CC .500..............................  Chief Counsel's Management
                                        Information System.
CC .510..............................  Litigation Information System.
------------------------------------------------------------------------

    (v) Bureau of Engraving and Printing.

                     Table 13 to Paragraph (g)(1)(v)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
BEP .021.............................  Investigative files.
------------------------------------------------------------------------

    (vi) Internal Revenue Service.

                    Table 14 to Paragraph (g)(1)(vi)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
IRS 00.002...........................  Correspondence File-Inquiries
                                        about Enforcement Activities.
IRS 00.007...........................  Employee Complaint and Allegation
                                        Referral Records.
IRS 00.334...........................  Third Party Contact Reprisal
                                        Records.
IRS 22.061...........................  Wage and Information Returns
                                        Processing (IRP).
IRS 26.001...........................  Acquired Property Records.
IRS 26.006...........................  Form 2209, Courtesy
                                        Investigations.
IRS 26.008...........................  IRS and Treasury Employee
                                        Delinquency.
IRS 26.011...........................  Litigation Case Files.
IRS 26.012...........................  Offer in Compromise (OIC) Files.
IRS 26.013...........................  One-hundred Per Cent Penalty
                                        Cases.
IRS 26.016...........................  Returns Compliance Programs
                                        (RCP).
IRS 26.019...........................  TDA (Taxpayer Delinquent
                                        Accounts).
IRS 26.020...........................  TDI (Taxpayer Delinquency
                                        Investigations) Files.
IRS 26.021...........................  Transferee Files.
IRS 26.022...........................  Delinquency Prevention Programs.
IRS 34.020...........................  IRS Audit Trail Lead Analysis
                                        System.
IRS 34.037...........................  IRS Audit Trail and Security
                                        Records System.
IRS 37.002...........................  Applicant Appeal Files.
IRS 37.003...........................  Closed Files Containing
                                        Derogatory Information about
                                        individuals' Practice before the
                                        IRS and Files of Attorneys and
                                        Certified Public Accountants
                                        Formerly Enrolled to Practice.
IRS 37.004...........................  Derogatory Information (No
                                        Action).
IRS 37.005...........................  Present Suspensions and
                                        Disbarments Resulting from
                                        Administrative Proceeding.
IRS 37.007...........................  Inventory.
IRS 37.009...........................  Resigned Enrolled Agents (action
                                        pursuant to 31 CFR Section
                                        10.55(b)).
IRS 37.011...........................  Present Suspensions from Practice
                                        Before the Internal Revenue
                                        Service.
IRS 42.001...........................  Examination Administrative File.
IRS 42.008...........................  Audit Information Management
                                        System (AIMS).
IRS 42.012...........................  Combined Case Control Files.
IRS 42.016...........................  Classification and Examination
                                        Selection Files.
IRS 42.017...........................  International Enforcement Program
                                        Files.
IRS 42.021...........................  Compliance Programs and Projects
                                        Files.
IRS 42.029...........................  Audit Underreporter Case Files.
IRS 42.030...........................  Discriminant Function File (DIF)
                                        Appeals Case Files.
IRS 44.001...........................  Appeals Case Files.
IRS 46.050...........................  Automated Information Analysis
                                        System.
IRS 48.001...........................  Disclosure Records.
IRS 49.001...........................  Collateral and Information
                                        Requests System.
IRS 49.002...........................  Component Authority and Index
                                        Card Microfilm Retrieval System.
IRS 49.007...........................  Overseas Compliance Projects
                                        System.
IRS 60.000...........................  Employee Protection System
                                        Records.
IRS 90.002...........................  Chief Counsel Disclosure
                                        Litigation Division Case Files.
IRS 90.004...........................  Chief Counsel General Legal
                                        Services Case Files.
IRS 90.005...........................  Chief Counsel General Litigation
                                        Case Files.
IRS 90.009...........................  Chief Counsel Field Case Service
                                        Files.
IRS 90.010...........................  Digest Room Files Containing
                                        Briefs, Legal Opinions, Digests
                                        of Documents Generated
                                        Internally or by the Department
                                        of Justice Relating to the
                                        Administration of the Revenue
                                        Laws.
IRS 90.013...........................  Legal case files of the Chief
                                        Counsel, Deputy Chief Counsel,
                                        Associate Chief Counsels
                                        (Enforcement Litigation) and
                                        (technical).

[[Page 63921]]

 
IRS 90.016...........................  Counsel Automated Tracking System
                                        (CATS).
------------------------------------------------------------------------

    (vii) U.S. Mint.

                    Table 15 to Paragraph (g)(1)(vii)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
Mint .008............................  Employee Background
                                        Investigations Files.
------------------------------------------------------------------------

    (viii) Bureau of the Fiscal Service.

                   Table 16 to Paragraph (g)(1)(viii)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
FS .009..............................  Delegations and Designations of
                                        Authority for Disbursing
                                        Functions.
------------------------------------------------------------------------

    (ix) Financial Crimes Enforcement Network.

                    Table 17 to Paragraph (g)(1)(ix)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
FinCEN .001..........................  FinCEN Database.
FinCEN .002..........................  Suspicious Activity Reporting
                                        System.
FinCEN .003..........................  Bank Secrecy Act Reports System.
------------------------------------------------------------------------

    (2) The Department hereby exempts the systems of records listed in 
paragraphs (g)(1)(i) through (ix) of this section from the following 
provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(2): 5 
U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), (4), 5 U.S.C. 
552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).
    (h) Reasons for exemptions under 5 U.S.C. 552a(k)(2). (1) 5 U.S.C. 
552a(c)(3) requires an agency to make accountings of disclosures of a 
record available to the individual named in the record upon his or her 
request. The accountings must state the date, nature, and purpose of 
each disclosure of the record and the name and address of the 
recipient.
    (i) The application of this provision would impair the ability of 
the Department of the Treasury and of law enforcement agencies outside 
the Department to make effective use of information maintained by the 
Department. Making accountings of disclosures available to the subjects 
of an investigation would alert them to the fact that an agency is 
conducting an investigation into their illegal activities and could 
reveal the geographic location of the investigation, the nature and 
purpose of that investigation, and the dates on which that 
investigation was active. Individuals possessing such knowledge would 
be able to take measures to avoid detection or apprehension by altering 
their operations, by transferring their illegal activities to other 
geographical areas, or by destroying or concealing evidence that would 
form the basis for detection or apprehension. In the case of a 
delinquent account, such release might enable the subject of the 
investigation to dissipate assets before levy.
    (ii) Providing accountings to the subjects of investigations would 
alert them to the fact that the Department has information regarding 
their illegal activities and could inform them of the general nature of 
that information.
    (2) 5 U.S.C. 552a(d)(1), (e)(4)(H) and (f)(2), (3), and (5) grant 
individuals access to records pertaining to them. The application of 
these provisions to the systems of records would compromise the 
Department's ability to utilize and provide useful tactical and 
strategic information to law enforcement agencies.
    (i) Permitting access to records contained in the systems of 
records would provide individuals with information concerning the 
nature of any current investigations and would enable them to avoid 
detection or apprehension by:
    (A) Discovering the facts that would form the basis for their 
detection or apprehension;
    (B) Enabling them to destroy or alter evidence of illegal conduct 
that would form the basis for their detection or apprehension; and
    (C) Using knowledge that investigators had reason to believe that a 
violation of law was about to be committed, to delay the commission of 
the violation or commit it at a location that might not be under 
surveillance.
    (ii) Permitting access to either on-going or closed investigative 
files would also reveal investigative techniques and procedures, the 
knowledge of which could enable individuals planning non-criminal acts 
to structure their operations so as to avoid detection or apprehension.
    (iii) Permitting access to investigative files and records could, 
moreover, disclose the identity of confidential sources and informants 
and the nature of the information supplied and thereby endanger the 
physical safety of those sources by exposing them to possible

[[Page 63922]]

reprisals for having provided the information. Confidential sources and 
informants might refuse to provide investigators with valuable 
information unless they believed that their identities would not be 
revealed through disclosure of their names or the nature of the 
information they supplied. Loss of access to such sources would 
seriously impair the Department's ability to carry out its mandate.
    (iv) Furthermore, providing access to records contained in the 
systems of records could reveal the identities of undercover law 
enforcement officers or other persons who compiled information 
regarding the individual's illegal activities and thereby endanger the 
physical safety of those undercover officers, persons, or their 
families by exposing them to possible reprisals.
    (v) By compromising the law enforcement value of the systems of 
records for the reasons outlined in paragraphs (h)(2)(i) through (iv) 
of this section, permitting access in keeping with these provisions 
would discourage other law enforcement and regulatory agencies, foreign 
and domestic, from freely sharing information with the Department and 
thus would restrict the Department's access to information necessary to 
accomplish its mission most effectively.
    (vi) Finally, the dissemination of certain information that the 
Department may maintain in the systems of records is restricted by law.
    (3) 5 U.S.C. 552a(d)(2), (3), and (4), (e)(4)(H), and (f)(4) permit 
an individual to request amendment of a record pertaining to him or her 
and require the agency either to amend the record, or to note the 
disputed portion of the record and to provide a copy of the 
individual's statement of disagreement with the agency's refusal to 
amend a record to persons or other agencies to whom the record is 
thereafter disclosed. Since these provisions depend on the individual 
having access to his or her records, and since these rules exempt the 
systems of records from the provisions of the Privacy Act relating to 
access to records, these provisions should not apply to the systems of 
records for the reasons set out in paragraph (h)(2) of this section.
    (4) 5 U.S.C. 552a(e)(1) requires an agency to maintain in its 
records only such information about an individual as is relevant and 
necessary to accomplish a purpose of the agency required by statute or 
Executive order. The term maintain, as defined in 5 U.S.C. 552a(a)(3), 
includes collect and disseminate. The application of this provision to 
the system of records could impair the Department's ability to collect, 
utilize and disseminate valuable law enforcement information.
    (i) In many cases, especially in the early stages of investigation, 
it may be impossible immediately to determine whether information 
collected is relevant and necessary, and information that initially 
appears irrelevant and unnecessary often may, upon further evaluation 
or upon collation with information developed subsequently, prove 
particularly relevant to a law enforcement program.
    (ii) Not all violations of law discovered by the Department 
analysts fall within the investigative jurisdiction of the Department 
of the Treasury. To promote effective law enforcement, the Department 
will have to disclose such violations to other law enforcement 
agencies, including State, local, and foreign agencies that have 
jurisdiction over the offenses to which the information relates. 
Otherwise, the Department might be placed in the position of having to 
ignore information relating to violations of law not within the 
jurisdiction of the Department of the Treasury when that information 
comes to the Department's attention during the collation and analysis 
of information in its records.
    (5) 5 U.S.C. 552a(e)(4)(G) and (f)(1) enable individuals to inquire 
whether a system of records contains records pertaining to them. 
Application of these provisions to the systems of records would allow 
individuals to learn whether they have been identified as suspects or 
subjects of investigation. As further described in paragraphs (h)(5)(i) 
through (vi) of this section, access to such knowledge would impair the 
Department's ability to carry out its mission, since individuals could:
    (i) Take steps to avoid detection;
    (ii) Inform associates that an investigation is in progress;
    (iii) Learn the nature of the investigation;
    (iv) Learn whether they are only suspects or identified as law 
violators;
    (v) Begin, continue, or resume illegal conduct upon learning that 
they are not identified in the system of records; or
    (vi) Destroy evidence needed to prove the violation.
    (6) 5 U.S.C. 552a(e)(4)(I) requires an agency to publish a general 
notice listing the categories of sources for information contained in a 
system of records. The application of this provision to the systems of 
records could compromise the Department's ability to complete or 
continue investigations or to provide useful information to law 
enforcement agencies, since revealing sources for the information 
could:
    (i) Disclose investigative techniques and procedures;
    (ii) Result in threats or reprisals against informants by the 
subjects of investigations; and
    (iii) Cause informants to refuse to give full information to 
investigators for fear of having their identities as sources disclosed.
    (i) Specific exemptions under 5 U.S.C. 552a(k)(4). (1) Under 5 
U.S.C. 552a(k)(4), the head of any agency may promulgate rules to 
exempt any system of records within the agency from certain provisions 
of the Privacy Act if the system is required by statute to be 
maintained and used solely as statistical records. This paragraph (i) 
applies to the following system of records maintained by the 
Department, for which exemption is claimed under 5 U.S.C. 552a(k)(4).
    (i) Internal Revenue Service.

                     Table 18 to Paragraph (i)(1)(i)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
IRS 70.001...........................  Individual Income Tax Returns,
                                        Statistics of Income.
------------------------------------------------------------------------

    (ii) [Reserved]
    (2) The Department hereby exempts the system of records listed in 
paragraph (i)(1) of this section from the following provisions of the 
Privacy Act, pursuant to 5 U.S.C. 552a(k)(4): 5 U.S.C. 552a(c)(3), 5 
U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 552a(e)(1), 5 U.S.C. 
552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).
    (3) The system of records is maintained under 26 U.S.C. 6108, which 
requires that the Secretary or his delegate prepare and publish 
annually statistics reasonably available with respect to the operation 
of the income tax laws, including classifications of taxpayers and of 
income, the amounts allowed as deductions, exemptions, and credits, and 
any other facts deemed pertinent and valuable.

[[Page 63923]]

    (j) Reasons for exemptions under 5 U.S.C. 552a(k)(4). The reason 
for exempting the system of records is that disclosure of statistical 
records (including release of accounting for disclosures) would in most 
instances be of no benefit to a particular individual since the records 
do not have a direct effect on a given individual.
    (k) Specific exemptions under 5 U.S.C. 552a(k)(5). (1) Under 5 
U.S.C. 552a(k)(5), the head of any agency may promulgate rules to 
exempt any system of records within the agency from certain provisions 
of the Privacy Act if the system is investigatory material compiled 
solely for the purpose of determining suitability, eligibility, and 
qualifications for Federal civilian employment or access to classified 
information, but only to the extent that the disclosure of such 
material would reveal the identity of a source who furnished 
information to the Government under an express promise that the 
identity of the source would be held in confidence, or, prior to 
September 27, 1975, under an implied promise that the identity of the 
source would be held in confidence. Thus, to the extent that the 
records in this system can be disclosed without revealing the identity 
of a confidential source, they are not within the scope of this 
exemption and are subject to all the requirements of the Privacy Act. 
This paragraph (j) applies to the following systems of records 
maintained by the Department or one of its bureaus:
    (i) Departmental Offices.

                     Table 19 to Paragraph (k)(1)(i)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
DO .004..............................  Personnel Security System.
DO .306..............................  TIGTA Recruiting and Placement
                                        Records.
------------------------------------------------------------------------

    (ii) Internal Revenue Service.

                    Table 20 to Paragraph (k)(1)(ii)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
IRS 34.021...........................  Personnel Security
                                        Investigations.
IRS 34.022...........................  Automated Background
                                        Investigations System (ABIS).
IRS 90.006...........................  Chief Counsel Human Resources and
                                        Administrative Records.
------------------------------------------------------------------------

    (2) The Department hereby exempts the systems of records listed in 
paragraphs (k)(1)(i) and (ii) of this section from the following 
provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(5): 5 
U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 
552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).
    (l) Reasons for exemptions under 5 U.S.C. 552a(k)(5). (1) The 
sections of 5 U.S.C. 552a from which the systems of records are exempt 
include in general those providing for individuals' access to or 
amendment of records. When such access or amendment would cause the 
identity of a confidential source to be revealed, it would impair the 
future ability of the Department to compile investigatory material for 
the purpose of determining suitability, eligibility, or qualifications 
for Federal civilian employment, Federal contracts, or access to 
classified information. In addition, the systems shall be exempt from 5 
U.S.C. 552a(e)(1) which requires that an agency maintain in its records 
only such information about an individual as is relevant and necessary 
to accomplish a purpose of the agency required to be accomplished by 
statute or executive order. The Department believes that to fulfill the 
requirements of 5 U.S.C. 552a(e)(1) would unduly restrict the agency in 
its information gathering inasmuch as it is often not until well after 
the investigation that it is possible to determine the relevance and 
necessity of particular information.
    (2) If any investigatory material contained in the above-named 
systems becomes involved in criminal or civil matters, exemptions of 
such material under 5 U.S.C. 552a(j)(2) or (k)(2) is hereby claimed.
    (m) Exemption under 5 U.S.C. 552a(k)(6). (1) Under 5 U.S.C. 
552a(k)(6), the head of any agency may promulgate rules to exempt any 
system of records that is testing, or examination material used solely 
to determine individual qualifications for appointment or promotion in 
the Federal service the disclosure of which would compromise the 
objectivity or fairness of the testing or examination process. This 
paragraph (m) applies to the following system of records maintained by 
the Department, for which exemption is claimed under 5 U.S.C. 
552a(k)(6).
    (i) Departmental Offices.

                     Table 21 to Paragraph (m)(1)(i)
------------------------------------------------------------------------
                 No.                             Name of system
------------------------------------------------------------------------
DO .306..............................  TIGTA Recruiting and Placement
                                        Records.
------------------------------------------------------------------------

    (ii) [Reserved]
    (2) The Department hereby exempts the system of records listed in 
paragraph (m)(1) of this section from the following provisions of the 
Privacy Act, pursuant to 5 U.S.C. 552a(k)(6): 5 U.S.C. 552a(c)(3), 5 
U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 552a(e)(1), 5 U.S.C. 
552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).
    (n) Reasons for exemptions under 5 U.S.C. 552a(k)(6). The reason 
for exempting the system of records is that disclosure of the material 
in the system would compromise the objectivity or fairness of the 
examination process.
    (o) Exempt information included in another system. Any information 
from a

[[Page 63924]]

system of records for which an exemption is claimed under 5 U.S.C. 
552a(j) or (k) which is also included in another system of records 
retains the same exempt status such information has in the system for 
which such exemption is claimed.

Appendix A to Subpart C of Part 1--Departmental Offices

    1. In general. This appendix applies to the Departmental Offices 
as defined in this subpart, Sec.  1.20. It sets forth specific 
notification and access procedures with respect to particular 
systems of records, identifies the officers designated to make the 
initial determinations with respect to notification and access to 
records, the officers designated to make the initial and appellate 
determinations with respect to requests for amendment of records, 
the officers designated to grant extensions of time on appeal, the 
officers with whom ``Statement of Disagreement'' may be filed, the 
officer designated to receive service of process and the addresses 
for delivery of requests, appeals, and service of process. In 
addition, it references the notice of systems of records and notices 
of the routine uses of the information in the system required by 5 
U.S.C. 552a(e)(4) and (11) and published annually by the Office of 
the Federal Register in ``Privacy Act Issuances.''
    2. Requests for notification and access to records and 
accountings of disclosures. Initial determinations under Sec.  1.26, 
whether to grant requests for notification and access to records and 
accountings of disclosures for the Departmental Offices, will be 
made by the head of the organizational unit having immediate custody 
of the records requested, or the delegate of such official. This 
information is contained in the appropriate system notice in the 
``Privacy Act Issuances'', published annually by the Office of the 
Federal Register. Requests for information and specific guidance on 
where to send requests for records should be addressed to:
    Privacy Act Request, DO, Director, FOIA and Transparency, 
Department of the Treasury, 1500 Pennsylvania Avenue NW., 
Washington, DC 20220. Requests may also be submitted: on the 
Treasury/FOIA portal, which can be found at: https://home.treasury.gov/footer/freedom-of-information-act/submit-a-request; or by email at [email protected].
    3. Requests for amendments of records. Initial determinations 
under Sec.  1.27(a) through (d) with respect to requests to amend 
records for records maintained by the Departmental Offices will be 
made by the head of the organization or unit having immediate 
custody of the records or the delegate of such official. Requests 
for amendment of records should be addressed as indicated in the 
appropriate system notice in ``Privacy Act Issuances'' published by 
the Office of the Federal Register. Requests for information and 
specific guidance on where to send these requests should be 
addressed to: Privacy Act Amendment Request, DO, Director, FOIA and 
Transparency, Department of the Treasury, 1500 Pennsylvania Avenue 
NW, Washington, DC 20220.
    4. Administrative appeal of initial determination refusing to 
amend record. Appellate determinations under Sec.  1.27(e) with 
respect to records of the Departmental Offices, including extensions 
of time on appeal, will be made by the Secretary, Deputy Secretary, 
Under Secretary, General Counsel, Special Inspector General for 
Troubled Assets Relief Program, or Assistant Secretary having 
jurisdiction over the organizational unit which has immediate 
custody of the records, or the delegate of such official, as limited 
by 5 U.S.C. 552a(d)(2) and (3). Appeals made by mail should be 
addressed as indicated in the letter of initial decision or to: 
Privacy Act Amendment Request, DO, Director, FOIA and Transparency, 
Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, 
DC 20220.
    5. Statements of disagreement. ``Statements of Disagreement'' as 
described in Sec.  1.27(e)(4) shall be filed with the official 
signing the notification of refusal to amend at the address 
indicated in the letter of notification within 35 days of the date 
of notification and should be limited to one page.
    6. Service of process. Service of process will be received by 
the General Counsel of the Department of the Treasury or the 
delegate of such official and shall be delivered to the following 
location: General Counsel, Department of the Treasury, Room 3000, 
Main Treasury Building, 1500 Pennsylvania Avenue NW, Washington, DC 
20220.
    7. Annual notice of systems of records. The annual notice of 
systems of records required to be published by the Office of the 
Federal Register in the publication entitled ``Privacy Act 
Issuances'', as specified in 5 U.S.C. 552a(f). Any specific 
requirements for access, including identification requirements, in 
addition to the requirements set forth in Sec. Sec.  1.26 and 1.27 
and section 8 of this appendix, and locations for access are 
indicated in the notice for the pertinent system.
    8. Verification of identity. An individual seeking notification 
or access to records, or seeking to amend a record, must satisfy one 
of the following identification requirements before action will be 
taken by the Departmental Offices on any such request:
    (i) An individual seeking notification or access to records in 
person, or seeking to amend a record in person, may establish 
identity by the presentation of a single official document bearing a 
photograph (such as a passport or identification badge) or by the 
presentation of two items of identification which do not bear a 
photograph but do bear both a name and signature (such as a driver's 
license or credit card).
    (ii) An individual seeking notification or access to records by 
mail, or seeking to amend a record by mail, may establish identity 
by a signature, address, and one other identifier such as a 
photocopy of a driver's license or other official document bearing 
the individual's signature.
    (iii) Notwithstanding paragraphs 8(i) and (ii) of this appendix, 
an individual seeking notification or access to records by mail or 
in person, or seeking to amend a record by mail or in person, who so 
desires, may establish identity by providing a notarized statement, 
swearing or affirming to such individual's identity and to the fact 
that the individual understands the penalties provided in 5 U.S.C. 
552a(i)(3) for requesting or obtaining access to records under false 
pretenses.
    (iv) Notwithstanding paragraph 8(i), (ii), or (iii) of this 
appendix, a designated official may require additional proof of an 
individual's identity before action will be taken on any request, if 
such official determines that it is necessary to protect against 
unauthorized disclosure of information in a particular case. In 
addition, a parent of any minor or a legal guardian of any 
individual will be required to provide adequate proof of legal 
relationship before such person may act on behalf of such minor or 
such individual.

Appendix B to Subpart C of Part 1--Internal Revenue Service

    1. Purpose. The purpose of this section is to set forth the 
procedures that have been established by the Internal Revenue 
Service for individuals to exercise their rights under the Privacy 
Act (Pub. L. 93-579, 88 Stat. 1896) with respect to systems of 
records maintained by the Internal Revenue Service, including the 
Office of the Chief Counsel. The procedures contained in this 
section are to be promulgated under the authority of 5 U.S.C. 
552a(f). The procedures contained in this section relate to the 
following:
    (a) The procedures whereby an individual can be notified in 
response to a request if a system of records named by the individual 
contains a record pertaining to such individual (5 U.S.C. 
552a(f)(1)).
    (b) The procedures governing reasonable times, places, and 
requirements for identifying an individual who requests a record of 
information pertaining to such individual before the Internal 
Revenue Service will make the record or information available to the 
individual (5 U.S.C. 552a(f)(2)).
    (c) The procedures for the disclosure to an individual upon a 
request of a record of information pertaining to such individual, 
including special procedures for the disclosure to an individual of 
medical records, including psychological records (5 U.S.C. 
552a(f)(3)).
    (d) The procedures for reviewing a request from an individual 
concerning the amendment of any record or information pertaining to 
the individual, for making a determination on the request, for an 
appeal within the Internal Revenue Service of an initial adverse 
agency determination, and for whatever additional means may be 
necessary for individuals to be able to exercise fully their right 
under the Privacy Act (5 U.S.C. 552a(f)(4)).
    Any individual seeking to determine whether a system of records 
maintained by any office of the Internal Revenue Service contains a 
record or information pertaining to such individual, or seeking 
access to, or amendment of, such a record, must comply fully with 
the applicable procedure contained in section 3 or 4 of this 
appendix before the Internal Revenue Service will act

[[Page 63925]]

on the request. Neither the notification and access (or accounting 
of disclosures) procedures under section 3 of this appendix nor the 
amendment procedures under section 4 of this appendix are applicable 
to:
    (i) Systems of records exempted pursuant to 5 U.S.C. 552a(j) and 
(k);
    (ii) Information compiled in reasonable anticipation of a civil 
action or proceeding (see 5 U.S.C. 552a(d)(5)); or
    (iii) Information pertaining to an individual which is contained 
in, and inseparable from, another individual's record.
    2. Access to and amendment of tax records. The provisions of the 
Privacy Act may not be used by an individual to amend or correct any 
tax record. The determination of liability for taxes imposed by the 
Internal Revenue Service Code, the collection of such taxes, and the 
payment (including credits or refunds of overpayments) of such taxes 
are governed by the provisions of the Internal Revenue Service Code 
and by the procedural rules of the Internal Revenue Service. These 
provisions set forth the established procedures governing the 
determination of liability for tax, the collection of such taxes, 
and the payment (including credits or refunds of overpayments) of 
such taxes. In addition, these provisions set forth the procedures 
(including procedures for judicial review) for resolving disputes 
between taxpayers and the Internal Revenue Service involving the 
amount of tax owed, or the payment or collection of such tax. These 
procedures are the exclusive means available to an individual to 
contest the amount of any liability for tax or the payment or 
collection thereof. See, for example, 26 CFR 601.103 for summary of 
general tax procedures. Individuals are advised that Internal 
Revenue Service procedures permit the examination of tax records 
during the course of an investigation, audit, or collection 
activity. Accordingly, individuals should contact the Internal 
Revenue Service employee conducting an audit or effecting the 
collection of tax liabilities to gain access to such records, rather 
than seeking access under the provisions of the Privacy Act. Where, 
on the other hand, an individual desires information or records not 
in connection with an investigation, audit, or collection activity, 
the individual may follow these procedures.
    3. Procedures for access to records--(a) In general. This 
paragraph sets forth the procedure whereby an individual can be 
notified in response to a request if a system of records named by 
the individual which is maintained by the Internal Revenue Service 
contains a record pertaining to such individual. In addition, this 
paragraph sets forth the procedure for the disclosure to an 
individual upon a request of a record or information pertaining to 
such individual, including the procedures for verifying the identity 
of the individual before the Internal Revenue Service will make a 
record available, and the procedure for requesting an accounting of 
disclosures of such records. An individual seeking to determine 
whether a particular system of records contains a record or records 
pertaining to such individual and seeking access to such records (or 
seeking an accounting of disclosures of such records) shall make a 
request for notification and access (or a request for an accounting 
of disclosures) in accordance with the rules provided in paragraph 
3(b) of this appendix.
    (b) Form of request for notification and access or request for 
an accounting of disclosures. (i) A request for notification and 
access (or request for an accounting of disclosures) shall be made 
in writing and shall be signed by the person making the request.
    (ii) Such request shall be clearly marked, ``Request for 
notification and access,'' or ``Request for accounting of 
disclosures.''
    (iii) Such a request shall contain a statement that it is being 
made under the provisions of the Privacy Act.
    (iv) Such request shall contain the name and address of the 
individual making the request. In addition, if a particular system 
employs an individual's social security number as an essential means 
of accessing the system, the request must include the individual's 
Social Security number. In the case of a record maintained in the 
name of two or more individuals (e.g., husband and wife), the 
request shall contain the names, addresses, and Social Security 
numbers (if necessary) of both individuals.
    (v) Such request shall specify the name and location of the 
particular system of records (as set forth in the Notice of Systems) 
for which the individual is seeking notification and access (or an 
accounting of disclosures), and the title and business address of 
the official designated in the access section for the particular 
system (as set forth in the Notice of Systems). In the case of two 
or more systems of records which are under the control of the same 
designated official at the same systems location, a single request 
may be made for such systems. In the case of two or more systems of 
records which are not in the control of the same designated official 
at the same systems location, a separate request must be made for 
each such system.
    (vi) If an individual wishes to limit a request for notification 
and access to a particular record or records, the request should 
identify the particular record. In the absence of a statement to the 
contrary, a request for notification and access for a particular 
system of records shall be considered to be limited to records which 
are currently maintained by the designated official at the systems 
location specified in the request.
    (vii) If such request is seeking notification and access to 
material maintained in a system of records which is exempt from 
disclosure and access under 5 U.S.C. 552a(k)(2), the individual 
making the request must establish that such individual has been 
denied a right, privilege, or benefit that such individual would 
otherwise be entitled to under Federal law as a result of the 
maintenance of such material.
    (viii) Such request shall state whether the individual wishes to 
inspect the record in person, or desires to have a copy made and 
furnished without first inspecting it. If the individual desires to 
have a copy made, the request must include an agreement to pay the 
fee for duplication ultimately determined to be due. If the 
individual does not wish to inspect a record, but merely wishes to 
be notified whether a particular system or records contains a record 
pertaining to such individual, the request should so state.
    (c) Time and place for making a request. A request for 
notification and access to records under the Privacy Act (or a 
request for accounting of disclosures) shall be addressed to or 
delivered in person to the office of the official designated in the 
access section for the particular system of records for which the 
individual is seeking notification and access (or an accounting of 
disclosures). The title and office address of such official is set 
forth for each system of records in the Notice of Systems of 
Records. A request delivered to an office in person must be 
delivered during the regular office hours of that office.
    (d) Sample request for notification and access to records. The 
following are sample requests for notification and access to records 
which will satisfy the requirements of this paragraph:

Request for Notification and Access to Records by Mail

    I, John Doe, of 100 Main Street, Boston, MA 02108 (soc. sec. 
num. 000-00-0000) request under the Privacy Act of 1974 that the 
following system of records be examined and that I be furnished with 
a copy of any record (or a specified record) contained therein 
pertaining to me. I agree that I will pay the fees ultimately 
determined to be due for duplication of such record. I have enclosed 
the necessary information.

System Name:
System Location:
Designated Official:
John Doe

Request for Notification and Access to Records in Person

    I, John Doe, of 100 Main Street, Boston, MA 02108 (soc. sec. 
num. 000-00-0000) request under the provisions of the Privacy Act of 
1974, that the following system of records be examined and that I be 
granted access in person to inspect any record (or a specified 
record) contained therein pertaining to me. I have enclosed the 
necessary identification.

System Name:
System Location:
Designated Official:
John Doe

    (e) Processing a request for notification and access to records 
or a request for an accounting of disclosures. (i) If a request for 
notification and access (or request for an accounting of 
disclosures) omits any information which is essential to processing 
the request, the request will not be acted upon and the individual 
making the request will be promptly advised of the additional 
information which must be submitted before the request can be 
processed.
    (ii) Within 30 days (not including Saturdays, Sundays, and legal 
public holidays) after the receipt of a request for notification and 
access (or a request for an accounting of disclosures), to a 
particular system of records by the designated official for such 
system, a determination will be

[[Page 63926]]

made as to whether the particular system of records is exempt from 
the notification and access provisions of the Privacy Act, and if 
such system is not exempt, whether it does or does not contain a 
record pertaining to the individual making the request. If a 
determination cannot be made within 30 days, the individual will be 
notified of the delay, the reasons therefor, and the approximate 
time required to make a determination. If it is determined by the 
designated official that the particular system of records is exempt 
from the notification and access provisions of the Privacy Act, the 
individual making the request will be notified of the provisions of 
the Privacy Act under which the exemption is claimed. On the other 
hand, if it is determined by the designated official that the 
particular system of records is not exempted from the notification 
and access provisions of the Privacy Act and that such system 
contains a record pertaining to the individual making the request, 
the individual will be notified of the time and place where 
inspection may be made. If an individual has not requested that 
access be granted to inspect the record in person, but merely 
requests that a copy of the record be furnished, or if it is 
determined by the designated official that the granting of access to 
inspect a record in person is not feasible in a particular case, 
then the designated official will furnish a copy of the record with 
the notification, or if a copy cannot be furnished at such time, a 
statement indicating the approximate time such copy will be 
furnished. If the request is for an accounting of disclosures from a 
system of records which is not exempt from the accounting of 
disclosure provisions of the Privacy Act, the individual will be 
furnished with an accounting of such disclosures.
    (f) Granting of access. Normally, an individual will be granted 
access to inspect a record in person within 30 days (excluding 
Saturdays, Sundays, and legal public holidays) after the receipt for 
a request for notification and access by the designated official. If 
access cannot be granted within 30 days, the notification will state 
the reasons for the delay and the approximate time such access will 
be granted. An individual wishing to inspect a record may be 
accompanied by another person of his choosing. Both the individual 
seeking access and the individual accompanying him may be required 
to sign a form supplied by the Internal Revenue Service (IRS) 
indicating that the Service is authorized to disclose or discuss the 
contents of the record in the presence of both individuals. See 26 
CFR 601.502 for requirements to be met by taxpayer's representatives 
in order to discuss the contents of any tax records.
    (g) Medical records. When access is requested to medical records 
(including psychological records), the designated official may 
determine that release of such records will be made only to a health 
care professional designated by the individual to have access to 
such records.
    (h) Verification of identity. An individual seeking notification 
or access to records, or seeking to amend a record, must satisfy one 
of the following identification requirements before action will be 
taken by the IRS on any such request:
    (i) An individual seeking notification or access to records in 
person, or seeking to amend a record in person, may establish 
identity by the presentation of a single document bearing a 
photograph (such as a passport or identification badge) or by the 
presentation of two items of identification which do not bear a 
photograph but do bear both a name and signature (such as a driver's 
license or credit card).
    (ii) An individual seeking notification or access to records by 
mail, or seeking to amend a record by mail, may establish identity 
by a signature, address, and one other identifier such as a 
photocopy of a driver's license or other document bearing the 
individual's signature.
    (iii) Notwithstanding paragraphs 3(h)(i) and (ii) of this 
appendix, an individual seeking notification or access to records by 
mail or in person, or seeking to amend a record by mail or in 
person, who so desires, may establish identity by providing a 
notarized statement, swearing or affirming to such individual's 
identity and to the fact that the individual understands the 
penalties provided in 5 U.S.C. 552a(i)(3) for requesting or 
obtaining access to records under false pretenses.
    (iv) Notwithstanding paragraph 3(h)(i), (ii), or (iii) of this 
appendix, a designated official may require additional proof of an 
individual's identity before action will be taken on any request if 
such official determines that it is necessary to protect 
unauthorized disclosure of information in a particular case. In 
addition, a parent of any minor or a legal guardian of any 
individual will be required to provide adequate proof of legal 
relationship before such person may act on behalf of such minor or 
such individual.
    (i) Fees. The fee for costs required of the IRS in copying 
records pursuant to this paragraph is $0.15 per page. However, no 
fee will be charged if the aggregate costs required of the IRS in 
copying records is less than $3.00. If an individual who has 
requested access to inspect a record in person is denied such access 
by the designated official because it would not be feasible in a 
particular case, copies of such record will be furnished to the 
individual without payment of the fees otherwise required under this 
paragraph. If the IRS estimates that the total fees for costs 
incurred in complying with a request for copies of records will 
amount to $50 or more, the individual making the request may be 
required to enter into a contract for the payment of the actual fees 
with respect to the request before the Service will furnish the 
copies requested. Payment of fees for copies of records should be 
made by check or money order payable to the Internal Revenue 
Service.
    4. Procedures for amendment of records--(a) In general. This 
paragraph sets forth the procedures for reviewing a request from an 
individual concerning the amendment of any record or information 
pertaining to such individual, for making a determination on the 
request, for making an appeal within the IRS of an initial adverse 
determination, and for judicial review of a final determination.
    (b) Amendment of record. Under 5 U.S.C. 552a(d)(2), an 
individual who has been granted access to a record pertaining to 
such individual may, after inspecting the record, request that the 
record be amended to make any correction of any portion thereof 
which the individual believes is not accurate, relevant, timely, or 
complete. An individual may seek to amend a record in accordance 
with the rules provided in paragraph (2) of this appendix.
    (c) Form of request for amendment of record. (i) A request for 
amendment of a record shall be in writing and shall be signed by the 
individual making the request.
    (ii) Such request shall be clearly marked ``Request for 
amendment of record.''
    (iii) Such request shall contain a statement that it is being 
made under the provisions of the Privacy Act.
    (iv) Such request shall contain the name and address of the 
individual making the request. In addition, if a particular system 
employs an individual's social security number as an essential means 
of accessing the system, the request must include the individual's 
Social Security number. In the case of a record maintained in the 
name of two or more individuals (e.g., husband and wife), the 
request shall contain the names, addresses, and Social Security 
numbers (if necessary) of both individuals.
    (v) Such request shall specify the name and location of the 
system of records (as set forth in the Notice of Systems) in which 
such record is maintained, and the title and business address of the 
official designated in the access section for such system (as set 
forth in the Notice of Systems).
    (vi) Such request shall specify the particular record in the 
system which the individual is seeking to amend.
    (vii) Such request shall clearly state the specific changes 
which the individual wishes to make in the record and a concise 
explanation of the reasons for the changes. If the individual wishes 
to correct or add any information, the request shall contain 
specific language making the desired correction or addition.
    (d) Time and place for making request. A request to amend a 
record under the Privacy Act shall be addressed to or delivered in 
person to the office of the official designated in the access 
section for the particular system of records. The title and office 
address of such official is set forth for each system of records in 
the Notice of Systems of Records. A request delivered to an office 
in person must be delivered during the regular office hours of that 
office.
    (e) Processing a request for amendment of a record. (i) Within 
10 days (not including Saturdays, Sundays, and legal public 
holidays) after the receipt of a request to amend a record by the 
designated official, the individual will be sent a written 
acknowledgement that will state that the request has been received, 
that action is being taken thereon, and that the individual will be 
notified within 30 days (not including Saturdays, Sundays, and legal 
public holidays) after the receipt of the request whether the 
requested amendments will or will not be made. If a request for 
amendment of a record omits any information which is essential to 
processing the request, the request will not be acted upon and the 
individual making the request will be

[[Page 63927]]

promptly advised on the additional information which must be 
submitted before the request can be processed.
    (ii) Within 30 days (not including Saturdays, Sundays, and legal 
public holidays) after the receipt of a request to amend a record by 
the designated official, a determination will be made as to whether 
to grant the request in whole or part. The individual will then be 
notified in writing of the determination. If a determination cannot 
be made within 30 days, the individual will be notified in writing 
within such time of the reasons for the delay and the approximate 
time required to make a determination. If it is determined by the 
designated official that the request will be granted, the requested 
changes will be made in the record and the individual will be 
notified of the changes. In addition, to the extent an accounting 
was maintained, all prior recipients of such record will be notified 
of the changes. Upon request, an individual will be furnished with a 
copy of the record, as amended, subject to the payment of the 
appropriate fees. On the other hand, if it is determined by the 
designated official that the request, or any portion thereof, will 
not be granted, the individual will be notified in writing of the 
adverse determination. The notification of an adverse determination 
will set forth the reasons for refusal to amend the record. In 
addition, the notification will contain a statement informing the 
individual of such individual's right to request an independent 
review of the adverse determination by a reviewing officer in the 
national office of the IRS and the procedures for requesting such a 
review.
    (f) Administrative review of adverse determination. Under 5 
U.S.C. 552a(d)(3), an individual who disagrees with the refusal of 
the agency to amend a record may, within 35 days of being notified 
of the adverse determination, request an independent review of such 
refusal by a reviewing officer in the national office of the IRS. 
The reviewing officer for the IRS is the Commission of Internal 
Revenue, the Deputy Commissioner, or an Assistant Commissioner. In 
the case of an adverse determination relating to a system of records 
maintained by the Office of General Counsel for the IRS, the 
reviewing officer is the Chief Counsel or his delegate. An 
individual seeking a review of an adverse determination shall make a 
request for review in accordance with the rules provided in 
paragraphs (g) and (h) of this appendix.
    (g) Form of request for review. (i) A request for review of an 
adverse determination shall be in writing and shall be signed by the 
individual making the request.
    (ii) Such request shall be clearly marked ``Request for review 
of adverse determination''.
    (iii) Such request shall contain a statement that it is being 
made under the provisions of the Privacy Act.
    (iv) Such request shall contain the name and address of the 
individual making the request. In addition, if a particular system 
employs an individual's Social Security number as an essential means 
of accessing the system, the request must include the individual's 
Social Security number. In the case of a record maintained in the 
name of two or more individuals (e.g., husband and wife), the 
request shall contain the names, addresses, and Social Security 
numbers (if necessary) of both individuals.
    (v) Such request shall specify the particular record which the 
individual is seeking to amend, the name and location of the system 
of records (as set forth in the Notice of Systems) in which such 
record is maintained, and the title and business address of the 
designated official for such system (as set forth in the Notice of 
Systems).
    (vi) Such request shall include the date of the initial request 
for amendment of the record, and the date of the letter notifying 
the individual of the initial adverse determination with respect to 
such request.
    (vii) Such request shall clearly state the specific changes 
which the individual wishes to make in the record and a concise 
explanation of the reasons for the changes. If the individual wishes 
to correct or add any information, the request shall contain 
specific language making the desired correction or addition.
    (h) Time and place for making the request. A request for review 
of an adverse determination under the Privacy Act shall be addressed 
to or delivered in person to the Director, Office of Disclosure, 
Attention: OP:EX:D Internal Revenue Service, 1111 Constitution 
Avenue NW, Washington, DC 20224. A request for review of an adverse 
determination will be promptly referred by the Director, Office of 
Disclosure to the appropriate reviewing officer for his review and 
final determination.
    (i) Processing a request for review of adverse determination. 
Within 30 days (not including Saturdays, Sundays, and legal public 
holidays) after the receipt of a request for review of an adverse 
determination by the appropriate reviewing officer, the reviewing 
officer will review the initial adverse determination, make a final 
determination whether to grant the request to amend the record in 
whole or in part, and notify the individual in writing of the final 
determination. If a final determination cannot be made within 30 
days, the Commissioner of Internal Revenue may extend such 30-day 
period. The individual will be notified in writing within the 30-day 
period of the cause for the delay and the approximate time required 
to make a final determination. If it is determined by the reviewing 
officer that the request to amend the record will be granted, the 
reviewing officer will cause the requested changes to be made and 
the individual will be so notified. Upon request, an individual will 
be furnished with a copy of the record as amended subject to the 
payment of appropriate fees. On the other hand, if it is determined 
by the reviewing officer that the request to amend the record, or 
any portion thereof, will not be granted, the individual will be 
notified in writing of the final adverse determination. The 
notification of a final adverse determination will set forth the 
reasons for the refusal of the reviewing officer to amend the 
record. The notification shall include a statement informing the 
individual of the right to submit a concise statement for insertion 
in the record setting forth the reasons for the disagreement with 
the refusal of the reviewing officer to amend the record. In 
addition, the notification will contain a statement informing the 
individual of the right to seek judicial review by a United States 
district court of a final adverse determination.
    (j) Statement of disagreement. Under 5 U.S.C. 552a(d)(3), an 
individual who disagrees with a final adverse determination not to 
amend a record subject to amendment under the Privacy Act may submit 
a concise statement for insertion in the record setting forth the 
reasons for disagreement with the refusal of the reviewing officer 
to amend the record. A statement of disagreement should be addressed 
to or delivered in person to the Director, Office of Disclosure, 
Attention: OP:EX:D, Internal Revenue Service, 1111 Constitution 
Avenue NW, Washington, DC 20224. The Director, Office of Disclosure 
will forward the statement of disagreement to the appropriate 
designated official who will cause the statement to be inserted in 
the individual's record. Any such statement will be available to 
anyone to whom the record is subsequently disclosed, and the prior 
recipients of the record will be provided with a copy of the 
statement of disagreement, to the extent an accounting of 
disclosures was maintained.
    (k) Judicial review. If, after a review and final determination 
on a request to amend a record by the appropriate reviewing officer, 
the individual is notified that the request will not be granted, or 
if, after the expiration of 30 days (not including Sundays, 
Saturdays, and legal public holidays) from the receipt of such 
request by the Director, Disclosure Operations Division, action is 
not taken thereon in accordance with the requirements of paragraph 
(i) of this section, an individual may commence an action within the 
time prescribed by law in a U.S. District Court pursuant to 5 U.S.C. 
552a(g)(1). The statute authorizes an action only against the 
agency. With respect to records maintained by the IRS, the agency is 
the Internal Revenue Service, not an officer or employee thereof. 
Service of process in such an action shall be in accordance with the 
Federal Rules of Civil Procedure (28 U.S.C. App.) applicable to 
actions against an agency of the United States. Where provided in 
such Rules, delivery of process upon the IRS must be directed to the 
Commissioner of Internal Revenue, Attention: CC:GLS, 1111 
Constitution Avenue NW, Washington, DC 20224. The district court 
will determine the matter de novo.
    5. Records transferred to Federal Records Centers. Records 
transferred to the Administrator of General Services for storage in 
a Federal Records Center are not used by the Internal Revenue 
Service in making any determination about any individual while 
stored at such location and therefore are not subject to the 
provisions of 5 U.S.C. 552a(e)(5) during such time.

Appendix C to Subpart C of Part 1--Alcohol and Tobacco Tax and Trade 
Bureau

    1. In general. This appendix applies to the Alcohol and Tobacco 
Tax and Trade Bureau. It sets forth specific notification and access

[[Page 63928]]

procedures with respect to particular systems of records, identifies 
the officers designated to make the initial determinations with 
respect to notification and access to records and accountings of 
disclosures of records. This appendix also sets forth the specific 
procedures for requesting amendment of records and identifies the 
officers designated to make the initial and appellate determinations 
with respect to requests for amendment of records. It identifies the 
officers designated to grant extensions of time on appeal, the 
officers with whom ``Statements of Disagreement'' may be filed, the 
officer designated to receive service of process and the addresses 
for delivery of requests, appeals, and service of process. In 
addition, it references the notice of systems of records and notices 
of the routine uses of the information in the system required by 5 
U.S.C. 552a(e)(3), (4) and (11) and published annually by the Office 
of the Federal Register in ``Privacy Act Issuances''.
    2. Requests for notification and access to records and 
accountings of disclosures. Initial determination under Sec.  1.26, 
whether to grant requests for notification and access to records and 
accountings of disclosures for the Alcohol and Tobacco Tax and Trade 
Bureau, will be made by the Director, Regulations and Rulings 
Division, or the delegate of such officer. Requests may be mailed or 
delivered in person to: Privacy Act Request, Director, Regulations 
and Rulings Division, Alcohol and Tobacco Tax and Trade Bureau, 1310 
G Street NW, Box 12, Washington, DC 20005. Requests may also be 
faxed to 202-453-2331.
    3. Requests for amendment of record. Initial determinations 
under Sec.  1.27(a) through (d) with respect to requests to amend 
records maintained by the Alcohol and Tobacco Tax and Trade Bureau 
will be made by the Director, Regulations and Rulings Division. 
Requests for amendment of records may be mailed or delivered in 
person to: Privacy Act Request, Director, Regulations and Rulings 
Division, Alcohol and Tobacco Tax and Trade Bureau, 1310 G Street 
NW, Box 12, Washington, DC 20005. Requests may also be faxed to 202-
453-2331. The Bureau will process a faxed request when the request 
meets the identity verification requirements outlined in paragraph 
4(a) of this appendix.
    4. Verification of identity. (a) In addition to the requirements 
specified in Sec.  1.26(d), each request for notification, access or 
amendment of records made by mail or fax shall contain the 
requesting individual's date and place of birth and a statement 
signed by the requester asserting his or her identity and 
stipulating that the requester understands that knowingly or 
willfully seeking or obtaining access to records about another 
person under false pretenses is a misdemeanor and punishable by a 
fine of up to $5,000 provided, that the Alcohol and Tobacco Tax and 
Trade Bureau may require a signed notarized statement verifying the 
identity of the requester.
    (b) Individuals making requests in person will be required to 
exhibit at least two acceptable identifying documents such as 
employee identification cards, driver's license, medical cards, or 
other documents sufficient to verify the identity of the requester.
    (c) The parent or guardian of a minor or a person judicially 
determined to be incompetent, shall in addition to establishing the 
identity of the minor or other person he represents as required in 
paragraphs 4(a) and (b) of this appendix, establish his own 
parentage or guardianship by furnishing a copy of a birth 
certificate showing parentage (or other satisfactory documentation) 
or a court order establishing the guardianship.
    5. Request for physical inspection of records. Upon determining 
that a request for the physical inspection of records is to be 
granted, the requester shall be notified in writing of the 
determination, and when and where the records may be inspected. The 
inspection of records will be made at the Alcohol and Tobacco Tax 
and Trade Bureau Field Office or other facility located nearest to 
the residence of the individual making the request. Such inspection 
shall be conducted during the regular business hours of the field 
office or other facility where the disclosure is made. A person of 
the requester's own choosing may accompany the requester provided 
the requester furnishes a written statement authorizing the 
disclosure of the requester's record in the accompanying person's 
presence. The record inspection will be made in the presence of a 
representative of the Bureau. Following the inspection of the 
record, the individual will acknowledge in writing the fact that he 
or she had an opportunity to inspect the requested record.
    6. Requests for copies of records without prior physical 
inspection. Upon determining that an individual's request for copies 
of his or her records without prior physical inspection is to be 
granted, the requester shall be notified in writing of the 
determination, and the location and time for his or her receipt of 
the requested copies. The copies will be made available at the 
Alcohol and Tobacco Tax and Trade Bureau field office or other 
facility located nearest to the residence of the individual making 
the request unless the individual requests that the documents be 
sent by mail. Copies shall be received by the requester during the 
regular business hours of the field office or other facility where 
the disclosure is made. Transfer of the copies to the individual 
shall be conditioned upon payment of copying costs and his 
presentation of at least two acceptable identifying documents such 
as employee identification cards, driver's license, medical cards, 
or other documents sufficient to verify the identity of the 
requester. Following the receipt of the copies in person, the 
individual will acknowledge receipt in writing.
    7. Administrative appeal of initial determination refusing to 
amend record. Appellate determinations under Sec.  1.27(e) with 
respect to records of the Alcohol and Tobacco Tax and Trade Bureau, 
including extensions of time on appeal, will be made by the 
Administrator or the delegate of such officer. Appeals should be 
addressed to, or delivered in person to: Privacy Act Amendment 
Appeal, Administrator, Alcohol and Tobacco Tax and Trade Bureau, 
1310 G Street NW, Box 12, Washington, DC 20005.
    8. Statements of disagreement. ``Statements of Disagreement'' as 
described in Sec.  1.27(e)(4) shall be filed with the official 
signing the notification within 35 days of the date of such 
notification and should be limited to one page.
    9. Service of process. Service of process will be received by 
the Administrator of the Alcohol and Tobacco Tax and Trade Bureau or 
the delegate of such official and shall be delivered to the 
following location: Administrator, Alcohol and Tobacco Tax and Trade 
Bureau, 1310 G Street NW, Box 12, Washington, DC 20005, Attention: 
Chief Counsel.
    10. Annual notice of systems of records. The annual notice of 
systems of records is published by the Office of the Federal 
Register, as specified in 5 U.S.C. 552a(f). The publication is 
entitled ``Privacy Act Issuances''. Any specific requirements for 
access, including identification requirements, in addition to the 
requirements set forth in Sec. Sec.  1.26 and 1.27 are indicated in 
the notice for each pertinent system.

Appendix D to Subpart C of Part 1--Bureau of Engraving and Printing

    1. In general. This appendix applies to the Bureau of Engraving 
and Printing. It sets forth specific notification and access 
procedures with respect to particular systems of records including 
identification requirements, identifies the officers designated to 
make the initial determinations with respect to notification and 
access to records and accountings of disclosures of records. This 
appendix also sets forth the specific procedures for requesting 
amendment of records and identifies the officers designated to make 
the initial and appellate determinations with respect to requests 
for amendment of records. It identifies the officers designated to 
grant extensions of time on appeal, the officers with whom 
``Statements of Disagreement may be filed, the officer designated to 
receive service of process and the addresses for delivery of 
requests, appeals, and service of process. In addition, it 
references the notice of systems of records and notices of the 
routine uses of the information in the system required by 5 U.S.C. 
552a(e)(4) and (11) and published annually by the Office of the 
Federal Register in ``Privacy Act Issuances.''
    2. Requests for notification and access to records and 
accountings of disclosures. Initial determinations under Sec.  1.26, 
whether to grant requests for notification and access to records and 
accountings of disclosures for the Bureau of Engraving and Printing, 
will be made by the head of the organizational unit having immediate 
custody of the records requested, or the delegate of such official. 
Requests for access to records contained within a particular system 
of records should be submitted to the address indicated for that 
system in the access section of the notices published by the Office 
of the Federal Register in ``Privacy Act Issuances.'' Requests for 
information and specific guidance should be addressed to: Privacy 
Act Request, Disclosure Officer (Executive Assistant to the 
Director), Room 104-18M, Bureau of Engraving and Printing, 
Washington, DC 20228.
    3. Requests for amendment of records. Initial determination 
under Sec.  1.27(a) through (d), whether to grant request to amend

[[Page 63929]]

records will be made by the head of the organizational unit having 
immediate custody of the records or the delegate of such official. 
Requests for amendment should be addressed as indicated in the 
appropriate system notice in ``Privacy Act Issuances'' published by 
the Office of the Federal Register. Requests for information and 
specific guidance on where to send requests for amendment should be 
addressed to: Privacy Act Amendment Request, Disclosure Officer 
(Executive Assistant to the Director), Bureau of Engraving and 
Printing, Room 104-18M, Washington, DC 20228.
    4. Administrative appeal of initial determinations refusing 
amendment of records. Appellate determinations refusing amendment of 
records under Sec.  1.27(e) including extensions of time on appeal, 
with respect to records of the Bureau of Engraving and Printing will 
be made by the Director of the Bureau or the delegate of such 
officer. Appeals made by mail should be addressed to, or delivered 
personally to: Privacy Act Amendment Appeal, Disclosure Officer 
(Executive Assistant to the Director), Room 104-18M, Bureau of 
Engraving and Printing, Washington, DC 20228.
    5. Statements of disagreement. ``Statements of Disagreement'' 
under Sec.  1.27(e)(4)(i) shall be filed with the official signing 
the notification of refusal to amend at the address indicated in the 
letter of notification within 35 days of the date of such 
notification and should be limited to one page.
    6. Service of process. Service of process will be received by 
the Chief Counsel of the Bureau of Engraving and Printing and shall 
be delivered to the following location: Chief Counsel, Bureau of 
Engraving and Printing, Room 109-M, 14th and C Streets SW, 
Washington, DC 20228.
    7. Verification of identity. An individual seeking notification 
or access to records, or seeking to amend a record, or seeking an 
accounting of disclosures, must satisfy one of the following 
identification requirements before action will be taken by the 
Bureau of Engraving and Printing on any such request:
    (i) An individual appearing in person may establish identity by 
the presentation of a single document bearing a photograph (such as 
a passport or identification badge) or by the presentation of two 
items of identification which do not bear a photograph but do bear 
both a name and signature (such as a credit card).
    (ii) An individual may establish identity through the mail by a 
signature, address, and one other identifier such as a photocopy of 
a driver's license or other document bearing the individual's 
signature.
    (iii) Notwithstanding paragraphs 7(i) and (ii) of this appendix, 
an individual who so desires, may establish identity by providing a 
notarized statement, swearing or affirming to such individual's 
identity and to the fact that the individual understands the 
penalties provided in 5 U.S.C. 552a(i)(3) for requesting or 
obtaining access to records under false pretenses.
    (iv) Notwithstanding paragraph 7(i), (ii), or (iii) of this 
appendix, the Executive Assistant or other designated official may 
require additional proof of an individual's identity before action 
will be taken on any request if such official determines that it is 
necessary to protect against unauthorized disclosure of information 
in a particular case. In addition, a parent of any minor or a legal 
guardian of any individual will be required to provide adequate 
proof of legal relationship before such person may act on behalf of 
such minor or such individual.
    8. Annual notice of systems of records. The annual notice of 
systems of records is published by the Office of the Federal 
Register, as specified in 5 U.S.C. 522a(f). The publication is 
entitled ``Privacy Act Issuances''. Any specific requirements for 
access, including identification requirements, in addition to the 
requirements set forth in Sec. Sec.  1.26 and 1.27 are indicated in 
the notice for the pertinent system.

Appendix E to Subpart C of Part 1--Bureau of the Fiscal Service

    1. In general. This appendix applies to the Bureau of the Fiscal 
Service. It sets forth specific notification and access procedures 
with respect to particular systems of records, identifies the 
officers designated to make the initial determinations with respect 
to notification and access to records and accountings of disclosures 
of records. This appendix also sets forth the specific procedures 
for requesting amendment of records and identifies the officers 
designated to make the initial and appellate determinations with 
respect to requests for amendment of records. It identifies the 
officers designated to grant extensions of time on appeal, the 
officers with whom ``Statements of Disagreement'' may be filed, the 
officer designated to receive service of process and the addresses 
for delivery of requests, appeals, and service of process. In 
addition, it references the notice of systems of records and notices 
of the routine uses of the information in the system required by 5 
U.S.C. 552a(e)(4) and (11) and published annually by the Office of 
the Federal Register in ``Privacy Act Issuances''.
    2. Requests for notification and access to records and 
accountings of disclosures. Initial determinations under Sec.  1.26, 
whether to grant requests for notification and access to records and 
accountings of disclosures for the Bureau of the Fiscal Service, 
will be made by the head of the organizational unit having immediate 
custody of the records requested or an official designated by this 
official. This is indicated in the appropriate system notice in 
``Privacy Act Issuances'' published annually by the Office of the 
Federal Register. Requests for information and specific guidance on 
where to send requests for records may be mailed to the system 
manager identified in the Bureau of the Fiscal Service system of 
records notice (SORN) which is published in the Federal Register. 
See the applicable Bureau of the Fiscal Service system of records 
notice (SORN) for details.
    3. Requests for amendment of records. Initial determination 
under Sec.  1.27(a) through (d), whether to grant requests to amend 
records will be made by the head of the organizational unit having 
immediate custody of the records or the delegate of such official. 
Requests for amendment should be addressed as indicated in the 
appropriate system notice in ``Privacy Act Issuances'' published by 
the Office of the Federal Register. Requests for information and 
specific guidance on where to send requests for amendment should be 
addressed to the system manager identified in the Bureau of the 
Fiscal Service SORN which is published in the Federal Register.
    4. Administrative appeal of initial determinations refusing 
amendment of records. Appellate determinations refusing amendment of 
records under Sec.  1.27(e) including extensions of time on appeal, 
with respect to records of the Bureau of the Fiscal Service will be 
made by the Commissioner or the delegate of such official. Appeals 
made by mail should be addressed to the system manager identified in 
the Bureau of the Fiscal Service SORN which is published in the 
Federal Register. See the applicable Bureau of the Fiscal Service 
SORN for details.
    5. Statements of disagreement. ``Statements of Disagreement'' 
under Sec.  1.27(e)(4)(i) shall be filed with the official signing 
the notification of refusal to amend at the address indicated in the 
letter of notification within 35 days of the date of such 
notification and should be limited to one page.
    6. Service of process. Service of process will be received by 
the Commissioner, Bureau of the Fiscal Service or the delegate of 
such official and shall be delivered to the following location: 
Office of the Chief Counsel, Bureau of the Fiscal Service Attn: 
Chief Counsel, 401 14th St. SW, Washington, DC 20227.
    7. Annual notice of systems of records. The annual notice of 
systems of records is published by the Office of the Federal 
Register, as specified in 5 U.S.C. 552a(f). The publication is 
entitled ``Privacy Act Issuances''. Any specific requirements for 
access, including identification requirements, in addition to the 
requirements set forth in Sec. Sec.  1.26 and 1.27 are indicated in 
the notice for the pertinent system.

Appendix F to Subpart C of Part 1--United States Mint

    1. In general. This appendix applies to the United States Mint. 
It sets forth specific notification and access procedures with 
respect to particular systems of records, identifies the officers 
designated to make the initial determinations with respect to 
notification and access to records and accountings of disclosures of 
records. This appendix also sets forth the specific procedures for 
requesting amendment of records and identifies the officers 
designated to make the initial and appellate determinations with 
respect to requests for amendment of records. It identifies the 
officers designated to grant extensions of time on appeal, the 
officers with whom ``Statements of Disagreement'' may be filed, the 
officer designated to receive service of process and the addresses 
for delivery of requests, appeals, and service of process. In 
addition, it references the notice of systems of records and notices 
of the routine uses of the information in the system required by 5 
U.S.C. 552a(e)(4) and (11) and published

[[Page 63930]]

annually by the Office of the Federal Register in ``Privacy Act 
Issuances''.
    2. Requests for notification and access to records and 
accountings of disclosures. Initial determinations under Sec.  1.26, 
whether to grant requests for notification and access to records and 
accountings of disclosures for the United States Mint will be made 
by the head of the organizational unit having immediate custody of 
the records requested or an official designated by this official. 
This is indicated in the appropriate system notice in ``Privacy Act 
Issuances'' published annually by the Office of the Federal 
Register. Requests should be directed to the Superintendent or 
Officer in charge of the facility in which the records are located 
or to the Chief, Administrative Programs Division. Requests for 
information and specific guidance on where to send requests for 
records may be mailed or delivered personally to: Privacy Act 
Request, Chief, Administrative Programs Division, United States 
Mint, Judiciary Square Building, 633 3rd Street NW, Washington, DC 
20220.
    3. Requests for amendment of records. Initial determination 
under Sec.  1.27(a) through (d), whether to grant requests to amend 
records will be made by the head of the Mint installation having 
immediate custody of the records or the delegated official. Requests 
should be mailed or delivered personally to: Privacy Act Amendment 
Request, Freedom of Information and Privacy Acts Officer, United 
States Mint, Judiciary Square Building, 633 3rd Street, Washington, 
DC 20220.
    4. Administrative appeal of initial determinations refusing 
amendment of records. Appellate determinations refusing amendment of 
records under Sec.  1.27 including extensions of time on appeal, 
with respect to records of the United States Mint will be made by 
the Director of the Mint or the delegate of the Director. Appeals 
made by mail should be addressed to, or delivered personally to: 
Privacy Act Amendment Appeal, United States Mint, Judiciary Square 
Building, 633 3rd Street NW, Washington, DC 20220.
    5. Statements of disagreement. ``Statements of Disagreement'' 
under Sec.  1.27(e)(4)(i) shall be filed with the official signing 
the notification of refusal to amend at the address indicated in the 
letter of notification within 35 days of the date of such 
notification and should be limited to one page.
    6. Service of process. Service of process will be received by 
the Director of the Mint and shall be delivered to the following 
location: Director of the Mint, Judiciary Square Building, 633 3rd 
Street NW, Washington, DC 20220.
    7. Annual notice of systems of records. The annual notice of 
systems of records is published by the Office of the Federal 
Register, as specified in 5 U.S.C. 552a(f). The publication is 
entitled ``Privacy Act Issuances''. Any specific requirements for 
access, including identification requirements, in addition to the 
requirements set forth in Sec. Sec.  1.26 and 1.27 are indicated in 
the notice for the pertinent system.

Appendix G to Subpart C of Part 1--Office of the Comptroller of the 
Currency

    1. In general. This appendix applies to the Office of the 
Comptroller of the Currency. It sets forth specific notification and 
access procedures with respect to particular systems of records, 
identifies the officers designated to make the initial 
determinations with respect to notification and access to records 
and accountings of disclosures of records. This appendix also sets 
forth the specific procedures for requesting amendment of records 
and identifies the officers designated to make the initial and 
appellate determinations with respect to requests for amendment of 
records. It identifies the officers designated to grant extensions 
of time on appeal, the officers with whom ``Statements of 
Disagreement'' may be filed, the officer designated to receive 
service of process and the addresses for delivery of requests, 
appeals, and service of process. In addition, it references the 
notice of systems of records and notices of the routine uses of the 
information in the system required by 5 U.S.C. 552a(e)(4) and (11) 
and published annually by the Office of the Federal Register in 
``Privacy Act Issuances''.
    2. Requests for notification and access to records and 
accountings of disclosures. Initial determinations under Sec.  1.26 
whether to grant requests for notification and access to records and 
accountings of disclosures for the Office of the Comptroller of the 
Currency will be made by the head of the organizational unit having 
immediate custody of the records requested or the delegate of that 
official. This is indicated in the appropriate system notice in 
``Privacy Act Issuances'' published biennially by the Office of the 
Federal Register. Requests for information and specific guidance on 
where to send requests for records shall be mailed or delivered 
personally to: Disclosure Officer, Communications Division, Office 
of the Comptroller of the Currency, 250 E Street SW, Washington, DC 
20219.
    3. Requests for amendment of records. Initial determinations 
under Sec.  1.27(a) through (d) whether to grant requests to amend 
records will be made by the Comptroller's delegate or the head of 
the organizational unit having immediate custody of the records or 
the delegate of that official. Requests for amendment shall be 
mailed or delivered personally to: Disclosure Officer, 
Communications Division, Office of the Comptroller of the Currency, 
250 E Street SW, Washington, DC 20219.
    4. Administrative appeal of initial determinations refusing 
amendment of records. Appellate determinations refusing amendment of 
records under Sec.  1.27(e) including extensions of time on appeal, 
with respect to records of the Office of the Comptroller of the 
Currency will be made by the Comptroller of the Currency or the 
Comptroller's delegate. Appeals shall be mailed or delivered 
personally to: Disclosure Officer, Communications Division, Office 
of the Comptroller of the Currency, 250 E Street SW, Washington, DC 
20219.
    5. Statements of disagreement. ``Statements of Disagreement'' 
under Sec.  1.27(e)(4)(i) shall be filed with the OCC's Director of 
Communications at the address indicated in the letter of 
notification within 35 days of the date of such notification and 
should be limited to one page.
    6. Service of process. Service of process shall be delivered to 
the Chief Counsel or the Chief Counsel's delegate at the following 
location: Office of the Comptroller of the Currency, 250 E Street 
SW, Washington, DC 20219.
    7. Annual notice of systems of records. The annual notice of 
systems of records is published by the Office of the Federal 
Register, as specified in 5 U.S.C. 552a(f). The publication is 
entitled ``Privacy Act Issuances''. Any specific requirements for 
access, including identification requirements, in addition to the 
requirements set forth in Sec. Sec.  1.26 and 1.27 are indicated in 
the notice for the pertinent system.

Appendix H to Subpart C of Part 1--Financial Crimes Enforcement Network

    1. In general. This appendix applies to the Financial Crimes 
Enforcement Network (FinCEN). It sets forth specific notification 
and access procedures with respect to particular systems of records, 
and identifies the officers designated to make the initial 
determinations with respect to notification and access to records 
and accountings of disclosures of records. This appendix also sets 
forth the specific procedures for requesting amendment of records 
and identifies the officers designated to make the initial and 
appellate determinations with respect to requests for amendment of 
records. It identifies the officers designated to grant extensions 
of time on appeal, the officers with whom ``Statements of 
Disagreement'' may be filed, the officer designated to receive 
service of process and the addresses for delivery of requests, 
appeals, and service of process. In addition, it references the 
notice of systems of records and notices of the routine uses of the 
information in the system required by 5 U.S.C. 552a(e)(4) and (11) 
and published biennially by the Office of the Federal Register in 
``Privacy Act Issuances.''
    2. Requests for notification and access to records and 
accountings of disclosures. Initial determinations under Sec.  1.26, 
whether to grant requests for notification and access to records and 
accountings of disclosures for FinCEN will be made by the Freedom of 
Information/Privacy Act Officer, FinCEN. Requests may be mailed to: 
Privacy Act Request, Financial Crimes Enforcement Network, Post 
Office Box 39, Vienna, VA 22183.
    3. Requests for amendments of records. Initial determinations 
under Sec.  1.27(a) through (d) whether to grant requests to amend 
records maintained by FinCEN will be made by the Freedom of 
Information/Privacy Act Officer, FinCEN. Requests may be mailed to: 
Privacy Act Request, Financial Crimes Enforcement Network, Post 
Office Box 39, Vienna, VA 22183.
    4. Verification of identity. An individual seeking notification 
or access to records, or seeking to amend a record, or seeking an 
accounting of disclosures, must satisfy one of the following 
identification requirements before action will be taken by FinCEN on 
any such request:

[[Page 63931]]

    (i) An individual may establish identity through the mail by a 
signature, address, and one other identifier such as a photocopy of 
a driver's license or other official document bearing the 
individual's signature.
    (ii) Notwithstanding paragraph 4(i) of this section, an 
individual may establish identity by providing a notarized 
statement, swearing or affirming to such individual's identity and 
to the fact that the individual understands the penalties provided 
in 5 U.S.C. 552a(i)(3) for requesting or obtaining access to records 
under false pretenses.
    (iii) Notwithstanding paragraphs 4(i) and (ii) of this appendix, 
the Freedom of Information Act/Privacy Act Officer or other 
designated official may require additional proof of an individual's 
identity before action will be taken on any request, if such 
official determines that it is necessary to protect against 
unauthorized disclosure of information in a particular case. In 
addition, a parent of any minor or a legal guardian of any 
individual will be required to provide adequate proof of legal 
relationship before such person may act on behalf of such minor or 
such individual.
    5. Administrative appeal of initial determinations refusing 
amendment of records. Appellate determinations refusing amendment of 
records under Sec.  1.27(e) including extensions of time on appeal 
with respect to the records of FinCEN will be made by the Director 
of FinCEN or the delegate of the Director. Appeals should be 
addressed to: Privacy Act Amendment Appeal, Financial Crimes 
Enforcement Network, Post Office Box 39, Vienna, VA 22183.
    6. Statements of Disagreement. ``Statements of Disagreement'' as 
described in Sec.  1.27(e)(4) shall be filed with the official 
signing the notification of refusal to amend at the address 
indicated in the letter of notification within 35 days of the date 
of such notification and should be limited to one page.
    7. Service of Process. Service of process will be received by 
the Chief Counsel of FinCEN and shall be delivered to the following 
location: Office of Chief Counsel, Financial Crimes Enforcement 
Network, Post Office Box 39, Vienna, VA 22183.
    8. Biennial notice of systems of records. The biennial notice of 
systems of records is published by the Office of the Federal 
Register, as specified in 5 U.S.C. 552a(f). The publication is 
entitled ``Privacy Act Issuances.'' Any specific requirements for 
access, including identification requirements, in addition to the 
requirements set forth in Sec. Sec.  1.26 and 1.27 and section 4 of 
this appendix are indicated in the notice for the pertinent system.

    Dated: October 14, 2022.
Ryan Law,
Deputy Assistant Secretary, Office of Privacy, Transparency, and 
Records.
[FR Doc. 2022-22723 Filed 10-19-22; 8:45 am]
BILLING CODE 4810-AK-P