[Federal Register Volume 88, Number 125 (Friday, June 30, 2023)]
[Notices]
[Pages 42364-42367]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-13973]


=======================================================================
-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

[FR ID: 151654]


Privacy Act of 1974; System of Records.

AGENCY: Federal Communications Commission.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The Federal Communications Commission (FCC, Commission, or 
Agency) has modified an existing system of records, FCC/EB-5, 
Enforcement Bureau Activity Tracking System (EBATS), subject to the 
Privacy Act of 1974, as amended. This action is necessary to meet the 
requirements of the Privacy Act to publish in the Federal Register 
notice of the existence and character of records maintained by the 
agency. The FCC's Enforcement Bureau (EB) uses EBATS to track its 
investigations into possible violations of Federal communications laws 
and regulations. This modification updates the applicable records 
retention and disposal schedule; updates the language, including 
section headers, in this SORN to be consistent with the general 
language currently used in FCC SORNs as well as recommendations by 
current OMB guidance and administrative changes; makes minor clerical 
corrections; adds two routine uses; deletes two routine uses; and 
updates seven routine uses.

DATES: This action will become effective on June 30, 2023. The routine 
uses in this action will become effective on July 31, 2023 unless 
comments are received that require a contrary determination.

ADDRESSES: Send comments to Katherine C. Clark, Attorney-Advisor,

[[Page 42365]]

Office of General Counsel, Room 10.306, Federal Communications 
Commission, 45 L Street NE, Washington, DC 20554, or to 
[email protected].

FOR FURTHER INFORMATION CONTACT: Katherine C. Clark, (202) 418-1773 or 
[email protected] (and to obtain a copy of the Narrative Statement and 
the Supplementary Document, which includes details of the proposed 
alterations to this system of records).

SUPPLEMENTARY INFORMATION: This notice serves to update and modify FCC/
EB-5, as a result of various necessary changes and updates. The 
substantive changes and modifications to the previously published 
version of the FCC/EB-5 system of records include:
    1. Updating the language in the Security Classification to follow 
OMB guidance;
    2. Updating the System Location to note that records are maintained 
primarily at FCC Headquarters in Washington, DC, and only on an ad hoc, 
temporary basis at FCC field offices when needed to resolve enforcement 
cases in their jurisdictions;
    3. Updating the language in the Purposes section to be consistent 
with the language and phrasing currently used generally in the FCC's 
SORNs and to include maintaining documents and tracking the status of 
formal complaints, including, but not limited to those that involve 
market disputes as an additional purpose for the system;
    4. Modifying the language in the Categories of Individuals and 
Categories of Records to be consistent with the language and phrasing 
currently used in the FCC's SORNs;
    5. Updating and/or revising language in seven routine uses (listed 
by current routine use number): (1) Public Access; (3) FCC Enforcement 
Actions; (4/5) Adjudication and Litigation (now two separate routine 
uses); (6) Law Enforcement and Investigation; (7) Congressional 
Inquiries; (8) Government-wide Program Management and Oversight; and 
(9) Breach Notification, the revision of which is as required by OMB 
Memorandum No. M-17-12;
    6. Deleting the following routine uses (listed by former routine 
use number): (2) Employment, Clearances, Licensing, Contract, Grant, or 
other Benefits Decisions by the Agency; and (3) Employment, Clearances, 
Licensing, Contract, Grant, or other Benefits Decisions by an Entity 
other than the Agency;
    7. Adding two new routine uses (listed by current routine use 
number): (10) Assistance to Federal Agencies and Entities Related to 
Breaches, which is required by OMB Memorandum No. M-17-12; and (11) 
Non-Federal Personnel to allow contractors, grantees, or volunteers 
performing or working on a contract, grant, or cooperative agreement 
for the Federal Government to have access to needed information;
    8. Updating the existing records retention and disposal schedule 
with a new records schedule, Records Disposition Authority, DAA-0173-
2014-0002, which was approved by NARA in September 2015;
    9. Updating the reference to the exemptions claimed under 
subsection (k) of the Privacy Act; and
    10. Updating the notice to reflect various administrative changes 
related to the system managers and system addresses; policy and 
practices for storage and retrieval of the information; administrative, 
technical, and physical safeguards; and updated notification, records 
access, and contesting records procedures.

SYSTEM NAME AND NUMBER:
    FCC/EB-5, Enforcement Bureau Activity Tracking System (EBATS).

SECURITY CLASSIFICATION:
    No information in the system is classified.

SYSTEM LOCATION:
    Enforcement Bureau (EB), FCC, 45 L Street NE, Washington, DC 20554; 
and FCC Field Offices that may maintain paper documents on an ad hoc, 
temporary basis when needed to resolve enforcement cases in their 
jurisdictions.

SYSTEM MANAGER(S):
    Enforcement Bureau (EB), FCC, 45 L Street NE, Washington, DC 20554.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    47 U.S.C. 101, 102, 104, 301, 303, 309(e), 312, 315, 318, 362, 364, 
386, 501, 502, 503, 507, and 510.

PURPOSE(S) OF THE SYSTEM:
    The Enforcement Bureau uses the information in this system for 
purposes that include, but are not limited to:
    1. Maintaining documents and tracking the status of enforcement 
investigations of entities (including individuals) that have been 
identified as possible violators of the Communications Act of 1934, as 
amended, FCC regulations, other FCC requirements or orders, other 
statutes and regulations subject to the FCC's jurisdiction, and/or 
international treaties (collectively referred to hereafter as FCC Rules 
and Regulations);
    2. Maintaining documents and tracking the status of formal 
complaints, including, but not limited to those that involve market 
disputes;
    3. Determining the levels of compliance among FCC licensees and 
other regulatees;
    4. Documenting the Commission's monitoring, overseeing, auditing, 
inspecting, and investigating for compliance and enforcement purposes;
    5. Providing a basis for the various administrative and civil or 
criminal actions against violators by EB, other appropriate Commission 
bureaus or offices, and/or other government agencies;
    6. Gathering background information for reference materials from 
various external sources that include, but are not limited to, 
databases, documents, files, and other related resources, to ensure 
that the information that is being compiled is accurate and up-to-date 
(cross-checking) in the course of investigating consumer complaints 
and/or enforcement investigations;
    7. Maintaining archival information (paper documents and files) for 
reference in enforcement investigations and other actions; and
    8. Preventing duplication of FCC's enforcement actions, e.g., for 
cross-reference purposes, etc.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The records in this system include, but are not limited to:
    1. Individuals, including FCC employees, who have filed complaints 
alleging violations of FCC Rules and Regulations; or individuals who 
have filed such complaints on behalf of other entities and who may have 
included their personally identifiable information (PII) in the 
complaint;
    2. Individuals who are or have been the subjects of FCC enforcement 
actions, including field monitoring, inspection, and investigation, for 
possible violations of FCC Rules and Regulations;
    3. Licensees, applicants, regulatees, and unlicensed individuals 
about whom there are questions of compliance with FCC Rules and 
Regulations; and
    4. FCC employees, contractors, and interns who perform work on 
behalf of EB.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The categories of records in this system include, but are not 
limited to:
    1. Information that is associated with those individuals who file 
complaints or who are being investigated for possible enforcement 
actions. The information may include:
    (a) An individual's name, Social Security Number (SSN) or Taxpayer 
Identification Number (TIN), gender,

[[Page 42366]]

race/ethnicity, birth date/age, place of birth, biometric data 
(photograph(s)), marital status, spousal data, miscellaneous family 
data, home address, home address history, home telephone number(s), 
personal cell phone number(s), personal fax number(s), personal email 
address(es), personal criminal background report(s), credit card 
number(s), driver license number(s), bank account data, financial data, 
law enforcement data, background investigatory data, national security 
data, employment and/or employer data, and other miscellaneous 
materials, documents, files, and records used for background 
information, data verification, and other purposes.
    (b) Inspection reports, audit reports, complaints, referrals, 
monitoring reports, inspection cases, referral memos, correspondence, 
audio and sound recordings, photographs, discrepancy notifications, 
warning notices, forfeiture actions, and other related materials.
    (c) Miscellaneous materials, documents, files, and records that are 
used for background information and data verification concerning 
individuals who may have been alleged to or have violated the 
Commission's Rules and Regulations.
    2. Information that is associated with the same or similar current 
enforcement investigations and historic records and other archival, 
background, and research data and materials that are stored for 
reference in enforcement actions, including inspection reports, 
complaints, monitoring reports, investigative cases, referral memos, 
correspondence, discrepancy notifications, warning notices, and 
forfeiture actions; and
    3. Other, miscellaneous information that complainants may have 
included on informal consumer complaint forms, interference reports, as 
well as any additional FCC forms and complaint data intake systems that 
may be used from time to time to report possible violations of FCC 
Rules and Regulations to the FCC or associated with case files.

RECORD SOURCE CATEGORIES:
    Sources of records include individuals submitting complaints, 
relevant law enforcement databases, publicly available electronic 
information and data, and individuals who have been contacted during 
investigations to be sources of information.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed to authorized 
entities, as is determined to be relevant and necessary, outside the 
FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows.
    1. Public Access--Names and other information about individuals 
subject to investigations or similar actions may be disclosed to the 
public in Commission releases, including Notices of Apparent Liability, 
Forfeiture Orders, Consent Agreements, Notice Letters, or all other 
actions released by EB or the Commission as part of their duties to 
enforce FCC Rules and Regulations.
    2. Due Diligence Inquiries--Where there is an indication of a 
violation or potential violation of FCC Rules and Regulations, records 
from this system may be shared with a requesting individual, or 
representative thereof, for purposes of obtaining such information so 
long as the information is relevant to a pending transaction of an FCC-
issued license.
    3. FCC Enforcement Actions--When a record in this system involves 
an informal complaint filed alleging a violation of FCC Rules and 
Regulations by an applicant, licensee, certified or regulated entity, 
or an unlicensed person or entity, the complaint may be provided to the 
alleged violator for a response. Where a complainant in filing his or 
her complaint explicitly requests confidentiality of his or her name 
from public disclosure, the Commission will endeavor to protect such 
information from public disclosure. Complaints that contain requests 
for confidentiality may be dismissed if the Commission determines that 
the request impedes the Commission's ability to investigate and/or 
resolve the complaint.
    4. Litigation--To disclose records to the Department of Justice 
(DOJ) when: (a) the FCC or any component thereof; (b) any employee of 
the FCC in his or her official capacity; (c) any employee of the FCC in 
his or her individual capacity where the DOJ or the FCC has agreed to 
represent the employee; or (d) the United States Government is a party 
to litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation, and the use of such records by the 
Department of Justice is for a purpose that is compatible with the 
purpose for which the FCC collected the records.
    5. Adjudication--To disclose records in a proceeding before a court 
or adjudicative body, when: (a) the FCC or any component thereof; or 
(b) any employee of the FCC in his or her official capacity; or (c) any 
employee of the FCC in his or her individual capacity; or (d) the 
United States Government, is a party to litigation or has an interest 
in such litigation, and by careful review, the FCC determines that the 
records are both relevant and necessary to the litigation, and that the 
use of such records is for a purpose that is compatible with the 
purpose for which the agency collected the records.
    6. Law Enforcement and Investigation--When the FCC investigates any 
violation or potential violation of a civil or criminal law, 
regulation, policy, executed consent decree, order, or any other type 
of compulsory obligation, to disclose pertinent information as it deems 
necessary to the target of an investigation, as well as with the 
appropriate Federal, State, local, Tribal agency, or a component of 
such an agency, responsible for investigating, prosecuting, enforcing, 
or implementing a statute, rule, regulation, or order.
    7. Congressional Inquiries--To provide information to a 
Congressional office from the record of an individual in response to an 
inquiry from that Congressional office made at the written request of 
that individual.
    8. Government-wide Program Management and Oversight--To the 
Department of Justice (DOJ) to obtain that department's advice 
regarding disclosure obligations under the Freedom of Information Act 
(FOIA); or the Office of Management and Budget (OMB) to obtain that 
office's advice regarding obligations under the Privacy Act.
    9. Breach Notification--To appropriate agencies, entities, and 
persons when: (a) the Commission suspects or has confirmed that there 
has been a breach of the system of records; (b) the Commission has 
determined that as a result of the suspected or confirmed compromise 
there is a risk of harm to individuals, the Commission (including its 
information systems, programs, and operations), the Federal Government, 
or national security; and (c) the disclosure made to such agencies, 
entities, and persons is reasonably necessary to assist in connection 
with the Commission's efforts to respond to the suspected or confirmed 
breach or to prevent, minimize, or remedy such harm.
    10. Assistance to Federal Agencies and Entities Related to 
Breaches--To another Federal agency or Federal entity, when the 
Commission determines that information from this system is reasonably 
necessary to assist the recipient agency or entity in: (a) responding 
to a suspected or confirmed

[[Page 42367]]

breach or (b) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, program, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    11. Non-Federal Personnel--To disclose information to non-Federal 
personnel, including contractors, other vendors (e.g., identity 
verification services), grantees, and volunteers who have been engaged 
to assist the FCC in the performance of a service, grant, cooperative 
agreement, or other activity related to this system of records and who 
need to have access to the records in order to perform their activity.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Information in this information system consists of:
    1. Electronic records, files, and data are stored in the FCC's 
computer network databases, at headquarters; and
    2. Paper records, documents, and files are stored in filing 
cabinets in the EB office suites at headquarters and in field offices 
(on an ad hoc, temporary basis when needed to resolve enforcement cases 
in their jurisdictions as needed for limited periods).

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    1. Information in the electronic database information can be 
retrieved by the name(s) of the individual(s) who filed the 
complaint(s), the individual who is subject of the complaint, and by a 
unique file number assigned to each type of activity conducted by the 
Bureau, e.g., internal initiative investigations, complaint 
investigations, cases, market dispute mediations, formal adjudications, 
hearings, due diligence requests, etc.
    2. Information in the central files, which includes, but is not 
limited to, paper documents, records, and files, includes all the other 
information pertaining to these internal initiative investigations, 
complainant investigations, and/or cases. This information may include, 
but is not limited to, name, address, and telephone number, and is 
maintained for reference and archival purposes. This information is 
retrieved by a unique identification file number assigned to each 
internal initiative investigation, complainant investigation, and/or 
case.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The information in this electronic system is maintained and 
disposed of in accordance with the National Archives and Records 
Administration (NARA) General Records Schedule No. DAA-0173-2014-0002-
0002.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The electronic records, data, and files are maintained in the FCC 
computer network databases at headquarters, which are protected by the 
FCC's IT privacy safeguards, a comprehensive and dynamic set of IT 
safety and security protocols and features that are designed to meet 
all Federal IT privacy standards, including those required by the 
National Institute of Standard and Technology (NIST) and the Federal 
Information Security Modernization Act of 2014 (FISMA). The paper 
documents and files are maintained in file cabinets in ``non-public'' 
rooms in the EB office suite at headquarters and in field offices. The 
file cabinets are locked at the end of the business day. Access to the 
EB offices at both headquarters and field offices is via a key and 
card-coded door.
    Authorized EB supervisors and staff have access to the information 
in both the electronic files databases and paper document files, and IT 
contractors, who maintain these electronic files databases, also have 
access to them. Other FCC employees, interns, and contractors may be 
granted access to the information in the electronic and paper formats 
only on a ``need-to-know'' basis.

RECORD ACCESS PROCEDURES:
    Under the authority granted to heads of agencies by 5 U.S.C. 
552a(k), the FCC has determined that this system of records is exempt 
from providing record access procedures for this system of records, 47 
CFR 0.561.

CONTESTING RECORD PROCEDURES:
    Under the authority granted to heads of agencies by 5 U.S.C. 
552a(k), the FCC has determined that this system of records is exempt 
from providing contesting record procedures for this system of records, 
47 CFR 0.561.

NOTIFICATION PROCEDURES:
    Under the authority granted to heads of agencies by 5 U.S.C. 
552a(k), the FCC has determined that this system of records is exempt 
from providing notification procedures for this system of records. 47 
CFR 0.561.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    This system of records is exempt from sections (c)(3), (d), (e)(1), 
(e)(4)(G), (H), and (I), and (f) of the Privacy Act of 1974, and from 
47 CFR 0.554-0.557 of the Commission's rules. These provisions concern 
the notification, record access, and contesting procedures described 
above, and also the publication of record sources. The system is exempt 
from these provisions because it contains investigative material 
compiled for law enforcement purposes as defined in Section (k) of the 
Privacy Act.

HISTORY:
    (75 FR 77872) (December 14, 2010).

Federal Communications Commission.
Marlene Dortch,
Secretary.
[FR Doc. 2023-13973 Filed 6-29-23; 8:45 am]
BILLING CODE 6712-01-P