[Federal Register Volume 88, Number 38 (Monday, February 27, 2023)]
[Notices]
[Pages 12399-12400]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-03915]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

[Docket No. CISA-2023-0003]


Agency Information Collection Activities: .gov Registrar

AGENCY: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).

ACTION: 60-Day notice and request for comments; new collection (request 
for a new OMB control number).

-----------------------------------------------------------------------

SUMMARY: The .gov Registry Program within the Cybersecurity and 
Infrastructure Security Agency will submit the following Information 
Collection Request (ICR) to the Office of Management and Budget (OMB) 
for review and clearance in accordance with the Paperwork Reduction Act 
of 1995.

DATES: Comments are encouraged and will be accepted until April 28, 
2023.

ADDRESSES: You may submit comments, identified by docket number Docket 
# CISA-2023-0003, at:
    [cir] Federal eRulemaking Portal: http://www.regulations.gov. 
Please follow the instructions for submitting comments.
    Instructions: All submissions received must include the agency name 
and docket number Docket # CISA-2023-0003. All comments received will 
be posted without change to http://www.regulations.gov, including any 
personal information provided.
    Docket: For access to the docket to read background documents or 
comments received, go to http://www.regulations.gov.

SUPPLEMENTARY INFORMATION: .gov is a `top-level domain' (TLD), similar 
to .com, .org, or .us. Enterprises use a TLD to register a ``domain 
name'' (often simply called a domain) for use in their online services, 
like a website or email. Well-known .gov domains include 
whitehouse.gov, congress.gov, or uscourts.gov, but most .gov domains 
are from non-federal governments like ny.gov (State of New York) or 
lacounty.gov (LA County).
    .gov is only available to bona fide U.S.-based government 
organizations and publicly controlled entities. When governments use 
.gov, they make it harder for would-be impostors to successfully 
impersonate them online.
    Under the DOTGOV Act of 2020 (6 U.S.C. 665), CISA is responsible 
for the operation and security of the .gov TLD. Pursuant to that law, 
the .gov program at CISA works to ``provide simple and secure 
registration of .gov internet domains'', ``ensure that domains are 
registered and maintained only by authorized individuals'', and 
``minimize the risk of .gov internet domains whose names could mislead 
or confuse users''. In order to provision .gov domains to eligible 
government entities and ensure adherence to the domain requirements 
published by CISA pursuant to 6 U.S.C. 665(c), CISA needs to collect 
information from requestors of .gov domains.
    The information will be collected on an online web portal called 
the ``.gov registrar'', which is built and maintained by CISA. 
Requestors will be asked to provide information on the characteristics 
of their government entity (e.g., name, type, physical location, 
current domain), their preferred .gov domain name (e.g., example.gov), 
their rationale for the name, organizational contact information 
(names, phone numbers, email addresses), and nameserver addresses.
    Only U.S.-based government organizations are eligible for .gov 
domains; some of these organizations may be small entities. The 
collection has been developed to request only the information needed to 
confirm eligibility and adjudicate a .gov domain request.
    Without this collection, CISA will be unable to assess the 
eligibility of requestors nor provision .gov domains to government 
organizations. That outcome would decrease cybersecurity for 
governments across the nation and minimize the public's ability to 
identify governments online.
    In accordance with 6 U.S.C. 665(c)(4), CISA will ``limit the 
sharing or use of any information'' obtained through this

[[Page 12400]]

collection ``with any other Department component or any other agency 
for any purpose other than the administration of the .gov internet 
domain, the services described in subsection (e), and the requirements 
for establishing a .gov inventory described in subsection (h).'' 
Certain metadata for any approved domains (domain name, organization 
name, nameserver address, city/state information, security contact) 
will be published online.
    This is a new collection.
    The Office of Management and Budget is particularly interested in 
comments which:
    1. Evaluate whether the proposed collection of information is 
necessary for the proper performance of the functions of the agency, 
including whether the information will have practical utility;
    2. Evaluate the accuracy of the agency's estimate of the burden of 
the proposed collection of information, including the validity of the 
methodology and assumptions used;
    3. Enhance the quality, utility, and clarity of the information to 
be collected; and
    4. Minimize the burden of the collection of information on those 
who are to respond, including through the use of appropriate automated, 
electronic, mechanical, or other technological collection techniques or 
other forms of information technology, e.g., permitting electronic 
submissions of responses.

Analysis

    Agency: Cybersecurity and Infrastructure Security Agency (CISA), 
Department of Homeland Security (DHS).
    Title: .gov registrar.
    OMB Number: OMB CONTROL NUMBER.
    Frequency: Once per domain registered.
    Affected Public: Employees representing state, local, territorial, 
and tribal governments.
    Number of Respondents: 1,500 per year.
    Estimated Time per Respondent: 20 minutes.
    Total Burden Hours: 500 hours.

Robert J. Costello,
Chief Information Officer, Department of Homeland Security, 
Cybersecurity and Infrastructure Security Agency.
[FR Doc. 2023-03915 Filed 2-24-23; 8:45 am]
BILLING CODE 9110-9P-P