[Federal Register Volume 88, Number 46 (Thursday, March 9, 2023)]
[Notices]
[Pages 14647-14649]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-04673]


-----------------------------------------------------------------------

DEPARTMENT OF THE INTERIOR

National Indian Gaming Commission


Privacy Act of 1974; System of Records

AGENCY: National Indian Gaming Commission (NIGC or Commission), 
Interior.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, as amended, the 
NIGC is issuing public notice of its intent to modify an existing 
system of records entitled, Indian Gaming Individuals Record System. 
This system of records includes information submitted to the NIGC so 
that it may review and verify eligibility determinations of key 
employees and primary management officials for tribal licenses in 
Indian gaming enterprises.

DATES: This modified system is effective upon publication in the 
Federal Register, except for its routine uses, which are effective 
April 10, 2023. Please submit any public comment pertaining to this 
notice on or before April 10, 2023.

ADDRESSES: Comments may be submitted to Tim Osumi, Senior Agency 
Official for Privacy using any of the following methods:
    Mail: 1849 C Street NW, Mail Stop #1621, Washington, DC 20240.
    Email: [email protected].

FOR FURTHER INFORMATION CONTACT: Tim Osumi, Senior Agency Official for 
Privacy at NIGC Office of Privacy, 1849 C Street NW, Mail Stop #1621, 
Washington, DC 20240; or by telephone at (202) 264-0676; or by email at 
[email protected].

SUPPLEMENTARY INFORMATION: Congress established the NIGC under the 
Indian Gaming Regulatory Act of 1988 (25 U.S.C. 2701 et seq.) (IGRA) to 
regulate gaming on Indian lands. The scope of this notice covers 
information necessary to ensure proper oversight of tribal licensing of 
key employees and primary management officials in gaming enterprises on 
Indian lands. The IGRA requires a tribe to notify the Commission of the 
results of background checks for primary management officials and key 
employees of Indian gaming enterprises and the issuance of tribal 
licenses to them (25 U.S.C. 2710(b)(2)(F)(I) and (III)). Further, under 
the IGRA, the Commission has 30 days to object to issuance of a license 
by a tribe (25 U.S.C. 2710(c)(1)). Commission rules implement these 
legislative provisions by (1) requiring tribes to obtain certain 
information from applicants for key employee and primary management 
official positions in gaming operations; (2) requiring tribes to 
forward to the Commission the required information for each key 
employee and primary management official; (3) reviewing and verifying 
the submitted information; and (4) conducting supplementary background 
investigations to the extent the Commission deems necessary. The 
Commission stores this information in the current system of records. 
The following is a summary of the systemic modifications that are being 
proposed in this notice. For more details, please refer to the specific 
section referenced.
     System Manager has been updated.
     System Location has been updated.
     Categories of Records in the System has been updated to 
include four new categories: 10 (criminal charges); 11 (previous 
licensing agency); 12 (photograph); and 14 (fingerprints). In addition, 
the descriptions of all existing categories have been modified for 
greater precision.
     Record Source Categories has been updated to include three 
new categories: fingerprint cards; criminal records history 
information; and, NIGC--tribal correspondence relating to tribal 
applicant decisions.
     Routine Uses of Records has been updated to include two 
new uses that will allow agency to share information with, and 
coordinate a response to, a suspected or confirmed information breach.
     Policies and Practices for Storage of Records has been 
updated to account for the agency's transition from paper to electronic 
recordkeeping.
     Policies and Practices for Retention and Disposal of 
Records has been updated to include relevant records retention and 
disposition schedules that have been approved since the last public 
notice.
     Administrative, Technical, and Physical Safeguards has 
been updated to account for the agency's transition from paper to 
electronic recordkeeping and the Information Technology measures that 
are in place to protect the records.

[[Page 14648]]

SYSTEM NAME AND NUMBER:
    Indian Gaming Individuals Record System--NIGC-1.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    National Indian Gaming Commission headquarters at 90 K Street NW, 
Washington, DC.

SYSTEM MANAGER(S):
    Criminal Justice Information Services System Owner, National Indian 
Gaming Commission, 90K Street NE, Suite 200, Washington, DC 20002. tel: 
202-632-7003, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    25 U.S.C. 2710(b)(2)(F).

PURPOSE(S) OF THE SYSTEM:
    The system is used by Commission members and staff to review and 
verify eligibility determinations of key employees and primary 
management officials for tribal licenses in Indian gaming enterprises.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Key employees and primary management officials as defined under 25 
CFR 502.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Summary information from applications for licensing at gaming 
enterprises on Indian lands; information collected by the staff and 
members of the Commission; summary information from reports of 
background investigations; fingerprint card information; criminal 
history information provided by the Federal Bureau of Investigation; 
and copies of tribal eligibility determinations. Such information may 
include: (1) Last name, first name, middle name, other names used (oral 
or written), signature, social security number, date of birth, place of 
birth, citizenship, current address, race, gender, height, weight, eye 
color, hair color, languages spoken; (2) Current, and for the previous 
five years: business and employment positions held; ownership interests 
in those businesses; business and residence addresses, and driver's 
license numbers; (3) the names and current addresses of at least three 
personal references; (4) current business and residence telephone 
numbers; (5) a description of any previous business relationships with 
Indian tribes, including ownership interests in those businesses; (6) a 
description of any existing and previous business relationships with 
the gaming industry generally, including ownership of interests in 
those businesses; (7) the name and address of any licensing or 
regulatory agency with which the person has filed an application for a 
license or permit relating to gaming, whether or not such license or 
permit was granted; (8) for each felony for which there is an ongoing 
prosecution or a conviction, the charge, the name and address of the 
court involved, and the date and disposition if any; (9) for each 
misdemeanor conviction or ongoing misdemeanor prosecution (excluding 
minor traffic violations) within 10 years of the date of application, 
the name and address of the court involved and the date and 
disposition; (10) For each criminal charge excluding minor traffic 
charges) whether or not there is a conviction, if such criminal charge 
is within 10 years of the date of application, the criminal charge, the 
name and address of the court involved and the date and disposition; 
(11) The name and address of any licensing or regulatory agency with 
which the person has filed an application for an occupational license 
or permit, whether or not such license or permit was granted; (12) A 
photograph; (13) Any other information a tribe deems relevant; and (14) 
Fingerprints consistent with procedures adopted by a tribe according to 
25 CFR 522.2(h).

RECORD SOURCE CATEGORIES:
    Tribes or tribal entities; Federal Bureau of Investigation; 
Federal, state, foreign, tribal, and local law enforcement and 
regulatory agencies; Commission Chair and staff.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    1. To disclose relevant information to Federal, State, tribal, or 
local law enforcement of regulatory agencies to verify information 
supplied by applicant key employees and primary management officials in 
connection with determining eligibility for tribal licenses in an 
Indian gaming enterprise.
    2. To disclose relevant information to tribes that licenses or may 
wish to license individuals in Indian gaming enterprise.
    3. In the event that records in this system indicate a violation or 
potential violation of law, criminal, civil, or regulatory in nature, 
the relevant records may be referred to the agency charged with 
responsibility for investigating or prosecuting such violation.
    4. To disclose relevant information to a congressional office from 
the record of an individual in response to an inquiry from the 
congressional office made at the request of that individual.
    5. To disclose relevant information to a Federal, State, local, or 
tribal agency (or their agents) that is involved in a civil regulatory 
or enforcement action to protect the integrity of Indian gaming.
    6. To appropriate agencies, entities, and persons when:
    (a) NIGC suspects or has confirmed that there has been a breach of 
the system of records;
    (b) NIGC has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, NIGC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and
    (c) The disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with NIGC's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    7. To another Federal agency or Federal entity, when NIGC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in:
    (a) Responding to suspected or confirmed breach; or
    (b) Preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic format in an electronic 
information system that is a hybrid system consisting of an on-site 
server a related cloud tenant environment. Some information is stored 
as structured data within a database system and some information is 
stored as unstructured electronic files.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Employee name, gaming operation where employed, social security 
number, and date of birth.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    All records in the system are temporary records and retained and 
disposed of in compliance with records retention and disposition 
schedules that have been approved by the National Archives and Records 
Administration, including: NIGC Schedule DAA-600-2017-011 Item 2, 
requiring that

[[Page 14649]]

applicant background information has a 5 year retention period; NIGC 
Schedule DAA-600-2017-011 Item 3, requiring that applicant criminal 
history record information has a 1 year retention period; NIGC Schedule 
DAA-600-2017-003 Item 5, requiring that tribal ``notices of results'' 
has a 3 year retention period; and, NIGC Schedule DAA-600-2017-003 Item 
6, requiring that Tribal ``notices of the issuance of a gaming 
licenses'' has a 3 years retention period.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The system is only accessible to authorized users using strong 
password protection. It utilizes firewalls, intrusion detection 
prevention system (IDPS), a virtual protocol network (VPN) and 
encrypted communications to protect its perimeter. Access to the system 
is limited to NIGC personnel who have a need to know for the 
performance of their duties and limited information about applicant 
past employment history is also made available to selected authorized 
tribal gaming regulators. Information within the system is 
compartmentalized and granular access is dependent on a permission 
structure that is role-based. All persons authorized to access the 
system are required to complete training that includes information 
about the legal requirements for proper handling of privacy 
information, including criminal history records information (CHRI).

RECORD ACCESS PROCEDURES:
    Individuals seeking access to information in this system of records 
about themselves are required to meet the requirements of NIGC 
regulations that implement the Privacy Act of 1974, at 25 CFR part 515.

CONTESTING RECORD PROCEDURES:
    Requests for correction or amendment must identify the record to be 
changed and the corrective action sought in accordance with NIGC's 
Privacy Act regulations at 25 CFR part 515.

NOTIFICATION PROCEDURES:
    Any individual who wants to know whether this system of records 
contains a record about themselves, can make a request, in accordance 
with NIGC's Privacy Act regulations, 25 CFR part 515 to: Attn: Privacy 
& Records Information Management Office, National Indian Gaming 
Commission, 1849 C Street NW, Mail Stop #1621, Washington, DC 20240.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Under 5 U.S.C. 552a(k)(2) the Commission is claiming exemptions 
from certain provisions of the Act for portions of its records. The 
exemptions and the reasons for them are described in the Commission 
regulations 25 CFR 515.13.

HISTORY:
    Notice of this system of records was last published in full in the 
Federal Register on March 15, 2004 (69 FR 12182).

E. Sequoyah Simermeyer,
Chairman, National Indian Gaming Commission.
[FR Doc. 2023-04673 Filed 3-8-23; 8:45 am]
BILLING CODE 7565-01-P