[Federal Register Volume 88, Number 169 (Friday, September 1, 2023)]
[Notices]
[Pages 60451-60454]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-18946]


=======================================================================
-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

[FR ID: 167779]


Privacy Act System of Records

AGENCY: Federal Communications Commission.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The Federal Communications Commission (FCC, Commission, or 
Agency) proposes to modify an existing system of records, FCC/CGB-3, 
National

[[Page 60452]]

Deaf-Blind Equipment Distribution Program (NDBEDP), subject to the 
Privacy Act of 1974, as amended. This action is necessary to meet the 
requirements of the Privacy Act to publish in the Federal Register 
notice of the existence and character of records maintained by the 
agency. The Commission uses the information, including personally 
identifiable information (PII), that is submitted by the certified 
equipment distribution program in each state, as required by the 
NDBEDP, to maintain each state's certification to participate in the 
NDBEDP to support the distribution of specialized customer premises 
equipment (CPE) and the provision of associated services. State 
equipment distribution programs, other public programs, and private 
entities may apply to the Commission for certification for the state to 
participate in the NDBEDP and receive reimbursement for its activities. 
This modification makes various necessary changes and updates, 
including formatting changes required by the Office of Management and 
Budget (OMB) Circular A-108 since its previous publication, the 
addition of new routine uses, as well as the revision of existing 
routine uses.

DATES: This modified system of records will become effective on 
September 1, 2023. Written comments on the routine uses are due by 
October 2, 2023. The new or revised routine uses in this action will 
become effective on October 2, 2023 unless comments are received that 
require a contrary determination.

ADDRESSES: Send comments to Katherine C. Clark, FCC, 45 L Street NE, 
Washington, DC 20554, or to [email protected].

FOR FURTHER INFORMATION CONTACT: Katherine C. Clark, (202) 418-1773 or 
[email protected] (and to obtain a copy of the Narrative Statement and 
the Supplementary Document, which includes details of the proposed 
alterations to this system of records).

SUPPLEMENTARY INFORMATION: As required by the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a(e)(4) and (e)(11), this document sets forth 
notice of the proposed modification of a system of records maintained 
by the FCC. The FCC previously provided notice of the system of records 
FCC/CGB-3 by publication in the Federal Register on January 19, 2012 
(77 FR 2721). This notice serves to modify FCC/CGB-3 to make various 
necessary changes and updates, including clarification of the purpose 
of the system, format changes required by OMB Circular A-108 since its 
previous publication, the addition of new routine uses and the revision 
of existing routine uses, which include converting a single existing 
routine use into multiple revised routine uses. The substantive changes 
and modifications to the previously published version of the FCC/CGB-3 
system of records include:
    1. Updating the language in the Security Classification to follow 
OMB guidance;
    2. Modifying the language in the Categories of Individuals and 
Categories of Records to be consistent with the language and phrasing 
now used in FCC SORNs;
    3. Updating and/or revising language in the following routine uses: 
(4) Law Enforcement and Investigation; (5) Litigation; (6) 
Adjudication; (7) Congressional Inquiries; (8) Government-wide Program 
Management and Oversight; and (9) Breach Notification, the revision of 
which is as required by OMB Memorandum No. M-17-12;
    4. Adding two new routine uses: (10) Assistance to Federal Agencies 
and Entities Related to Breaches--to assist with other Federal 
agencies' data breach situations, which is required by OMB Memorandum 
No. M-17-12; and (11) Non-Federal Personnel--to allow access to 
information to contractors, other vendors, grantees, and volunteers who 
have been engaged to assist the FCC in the performance of a contract, 
service, grant, or cooperative agreement; and
    5. Deleting former routine use (6) Department of Justice, which is 
duplicative of current routine use (5) Litigation.
    The system of records is also updated to reflect various 
administrative changes related to the system managers and system 
addresses; policy and practices for storage and retrieval of the 
information; administrative, technical, and physical safeguards; and 
updated notification, records access, and contesting records 
procedures.

SYSTEM NAME AND NUMBER:
    FCC/CGB-3, National Deaf-Blind Equipment Distribution Program 
(NDBEDP).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Consumer and Governmental Affairs Bureau (CGB), FCC, 45 L Street 
NE, Washington, DC 20554.

SYSTEM MANAGER(S):
    CGB, FCC, 45 L Street NE, Washington, DC 20554.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    47 U.S.C. 154, 201, 218, 222, 225, 226, 228, 254(k), and 620; 
Telecommunications Act of 1996, Public Law 014-104, 110 Stat. 56; 
Twenty-First Century Communications and Video Accessibility Act of 
2010, as amended, Public Law 111-265, 124 Stat 2795.

PURPOSE(S) OF THE SYSTEM:
    This system collects records submitted by the certified equipment 
distribution program in each state, as required by the NDBEDP, to 
maintain each state's certification to participate in this program. 
Collecting and maintaining the required types of information allows 
staff access to documents necessary for key activities discussed in 
this SORN, including maintaining information regarding certified 
program participants; analyzing effectiveness and efficiency of this 
and related FCC programs; informing future rule and policy-making 
activity; and improving staff efficiency. Records in this system are 
available for public inspection, e.g., in response to requests under 
the Freedom of Information Act (FOIA), after redaction of information 
that could identify a complainant or correspondent, such as the 
complainant's name, address, telephone number, fax number, and/or email 
address.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    1. Individuals who request or receive the NDBEDP equipment;
    2. Individuals who attest to the disability of the individual 
receiving the NDBEDP equipment and/or matters related to the 
eligibility requirements, qualifications, and regulations, etc., for 
those seeking to participate in the NDBEDP;
    3. Individuals who may file complaints, and parties named in or 
involved with the complaint, including, but not limited to, both formal 
and informal complaints, and inquiries on behalf of themselves or 
NDBEDP participants and matters related to NDBEDP rules and 
regulations; and
    4. Certain non-Federal personnel performing services or activities 
related to this system of records, including, but not limited to, 
representatives of equipment distribution programs.

CATEGORIES OF RECORDS IN THE SYSTEM:
    1. The name and contact information, including street address, 
email address, and phone number for the individuals requesting or 
receiving the NDBEDP equipment;
    2. The name and contact information, including street and email 
addresses,

[[Page 60453]]

phone number(s), and fax number(s) for the individuals attesting to the 
disability of the individual who is deaf-blind;
    3. Other miscellaneous PII related to the individuals who 
participate in this program, e.g., response data for equipment 
requests, users' complaints, evaluation of the users' needs, user 
training data, outreach activities, equipment request denial data, and 
medical attestations or records regarding disability qualifications and 
eligibility requirements;
    4. The name and contact information, including street and email 
addresses, phone number(s), and fax number(s) for certain non-Federal 
personnel performing services or activities related to this system of 
records, including, but not limited to, representatives of equipment 
distribution programs;
    5. The name and contact information, including street and email 
addresses, phone number(s), and fax number(s) for individuals who make 
or have made formal and informal complaints and inquiries (including 
related supporting information), and parties named in or involved with 
the complaint or inquiry, in any format (including but not limited to 
paper, telephone, TTY, recording, Braille, and electronic submissions, 
such as email, internet, etc.) on behalf of themselves or NDBEDP 
participants; and
    6. Commission correspondence, e.g., letters and related 
communications regarding formal and informal complaints and inquiries 
(which may include PII and related information) that pertain to the 
NDBEDP programs, NDBEDP participants, involved parties, and the 
certification and participation of each entity approved by the 
Commission to participate in the NDBEDP.

RECORD SOURCE CATEGORIES:
    Information in this system is provided by individuals who request 
or receive the NDBEDP equipment; individuals, groups, and other 
entities who attest to the disability of the individual requesting or 
receiving the equipment; and other individuals, groups, and other 
entities who have a connection to the NDBEDP and its participants, 
e.g., those filing or involved with formal and informal complaints or 
inquiries on behalf of the participants or otherwise performing 
services or activities related to this system of records

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Information about individuals in this system of records may 
routinely be disclosed under the following conditions:
    1. Formal or Informal Complaints--When a record in this system 
involves a formal or informal complaint, and/or inquiry filed against 
an NDBEDP certified program and related entities, the complaint or 
inquiry may be forwarded to the subject certified program for that 
state, the appropriate State and Federal medical boards, certifying 
associations, and related groups, and personal physicians (who may 
determine whether an individual meets the eligibility criteria for 
participation in the NDBEDP) for a response.
    2. Medical Records--A medical attestation or record (including but 
not limited to third-party attestations, certifications, and 
declarations of disability) from this system may be disclosed to 
appropriate entities, including, but not limited to, the subject 
certified program for that state, the appropriate State and Federal 
medical boards, certifying associations, and related groups, and 
personal physicians for the purposes of determining whether an 
individual meets the eligibility criteria of being deaf-blind required 
to participate in the NDBEDP.
    3. Income Eligibility Records--A record from this system may be 
disclosed to appropriate entities, including but not limited to the 
subject certified program for that state, as well as the appropriate 
State and Federal certifying boards and authorities, for the purposes 
of determining whether an individual meets the income eligibility 
criteria required to participate in the NDBEDP.
    4. Law Enforcement and Investigation--To disclose pertinent 
information to appropriate Federal, State, Tribal, or local agencies, 
authorities, and officials responsible for investigating, prosecuting, 
enforcing, or implementing a statute, rule, regulation, order, or other 
requirement when the FCC becomes aware of an indication of a violation 
or potential violation of a civil or criminal statute, law, regulation, 
order, or other requirement.
    5. Litigation--To disclose records to the Department of Justice 
(DOJ) when: (a) the FCC or any component thereof; (b) any employee of 
the FCC in his or her official capacity; (c) any employee of the FCC in 
his or her individual capacity where the DOJ or the FCC has agreed to 
represent the employee; or (d) the United States Government is a party 
to litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation, and the use of such records by the 
Department of Justice is for a purpose that is compatible with the 
purpose for which the FCC collected the records.
    6. Adjudication--To disclose records in a proceeding before a court 
or adjudicative body, when: (a) the FCC or any component thereof; or 
(b) any employee of the FCC in his or her official capacity; or (c) any 
employee of the FCC in his or her individual capacity; or (d) the 
United States Government, is a party to litigation or has an interest 
in such litigation, and by careful review, the FCC determines that the 
records are both relevant and necessary to the litigation, and that the 
use of such records is for a purpose that is compatible with the 
purpose for which the agency collected the records.
    7. Congressional Inquiries--To provide information to a 
Congressional office from the record of an individual in response to an 
inquiry from that Congressional office made at the written request of 
that individual.
    8. Government-wide Program Management and Oversight--To DOJ to 
obtain that department's advice regarding disclosure obligations under 
the Freedom of Information Act (FOIA); or to the Office of Management 
and Budget (OMB) to obtain that office's advice regarding obligations 
under the Privacy Act.
    9. Breach Notification--To appropriate agencies, entities, and 
persons when: (a) the Commission suspects or has confirmed that there 
has been a breach of PII maintained in the system of records; (b) the 
Commission has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, the Commission 
(including its information system, programs, and operations), the 
Federal Government, or national security; and (c) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the Commission's efforts to respond to the 
suspected or confirmed breach or to prevent, minimize, or remedy such 
harm.
    10. Assistance to Federal Agencies and Entities Related to 
Breaches--To another Federal agency or Federal entity, when the 
Commission determines that information from this system is reasonably 
necessary to assist the recipient agency or entity in: (a) responding 
to a suspected or confirmed breach or (b) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, program, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

[[Page 60454]]

    11. Non-Federal Personnel--To disclose information to non-Federal 
personnel, including contractors, other vendors (e.g., identity 
verification services), grantees, and volunteers who have been engaged 
to assist the FCC in the performance of a contract, service, grant, 
cooperative agreement, or other activity related to this system of 
records and who need to have access to the records in order to perform 
their activity.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    This electronic system of records resides on the FCC's network or 
on an FCC vendor's network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records in this system of records can be retrieved by any category 
field, e.g., the individual's contact information, including the 
individual's name(s), street address, email address(es), landline phone 
and cell phone number(s), complainant(s), and description fields.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The information in this system is maintained and disposed of in 
accordance with the National Archives and Records Administration (NARA) 
General Records Schedule DAA-0173-2017-0002.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The electronic records, files, and data are stored within FCC or a 
vendor's accreditation boundaries and maintained in a database housed 
in the FCC's or vendor's computer network databases. Access to the 
electronic files is restricted to authorized employees and contractors; 
and to IT staff, contractors, and vendors who maintain the IT networks 
and services. Other employees and contractors may be granted access on 
a need-to-know basis. The electronic files and records are protected by 
the FCC and third-party privacy safeguards, a comprehensive and dynamic 
set of IT safety and security protocols and features that are designed 
to meet all Federal privacy standards, including those required by the 
Federal Information Security Modernization Act of 2014 (FISMA), OMB, 
and the National Institute of Standards and Technology (NIST).

RECORD ACCESS PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about themselves should follow the Notification Procedure 
below.

CONTESTING RECORD PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about themselves should follow the Notification Procedure 
below.

NOTIFICATION PROCEDURES:
    Individuals wishing to determine whether this system of records 
contains information about themselves may do so by writing to 
[email protected]. Individuals requesting access must also comply with 
the FCC's Privacy Act regulations regarding verification of identity to 
gain access to records as required under 47 CFR part 0, subpart E.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    77 FR 2721 (January 19, 2012).

Federal Communications Commission.
Marlene Dortch,
Secretary.
[FR Doc. 2023-18946 Filed 8-31-23; 8:45 am]
BILLING CODE 6712-01-P