[Federal Register Volume 88, Number 208 (Monday, October 30, 2023)]
[Notices]
[Pages 74179-74182]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-23904]


=======================================================================
-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

[FR ID: 181592]


Privacy Act of 1974; System of Records

AGENCY: Federal Communications Commission.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The Federal Communications Commission (FCC or Commission or 
Agency) has modified an existing system of records, FCC/OMD-17, Freedom 
of Information Act (FOIA) and Privacy Act Requests, subject to the 
Privacy Act of 1974, as amended. This action is necessary to meet the 
requirements of the Privacy Act to publish in the Federal Register 
notice of the existence and character of records maintained by the 
agency. The FCC's Office of the Managing Director (OMD) will use the 
FCC FOIA Case Management Solution, an online portal, to accept, manage, 
and track Freedom of Information Act (FOIA) requests and appeals, and 
manage and track Privacy Act requests and appeals through their

[[Page 74180]]

lifecycles. The FCC FOIA Case Management Solution permits members of 
the public to file and appeal FOIA requests and to search various 
fields of data (as designated by the FCC) concerning requests, appeals, 
and responsive records. The FCC FOIA Case Management Solution is not 
usable by members of the public to file and appeal Privacy Act 
requests, but the FCC uses it to manage and track such requests and 
appeals that the agency receives through other channels. The FCC began 
transitioning from FOIAonline, its prior FOIA and Privacy Act case 
management system, to the FCC FOIA Case Management Solution in October 
2023.

DATES: This modified system of records will become effective on October 
30, 2023. Written comments on the routine uses are due by November 29, 
2023. The routine uses in this action will become effective on November 
29, 2023 unless comments are received that require a contrary 
determination.

ADDRESSES: Send comments to Brendan McTaggart, Attorney-Advisor, Office 
of General Counsel, Federal Communications Commission, 45 L Street NE, 
Washington, DC 20554, or to [email protected].

FOR FURTHER INFORMATION CONTACT: Brendan McTaggart, (202) 418-1738, or 
[email protected] (and to obtain a copy of the Narrative Statement and 
the Supplementary Document, which includes details of the modifications 
to this system of records).

SUPPLEMENTARY INFORMATION: This notice serves to update and modify FCC/
OMD-17, Freedom of Information Act (FOIA) and Privacy Act Requests, as 
a result of various necessary changes and updates. The substantive 
changes and modifications to the previously published version of the 
FCC/OMD-17 system of records include:
    1. Updating references throughout to reflect the FCC's transition 
from the FOIAonline case management system to the FCC FOIA Case 
Management Solution;
    2. Updating and/or revising language in the following routine uses 
(listed by routine use number provided in this notice): (1) Public 
Access; (3) Litigation and (4) Adjudication (formerly a single routine 
use); (5) Law Enforcement and Investigation; (6) Congressional 
Inquiries; (7) Government-wide Program Management and Oversight; (9) 
Breach Notification, the revision of which is as required by OMB 
Memorandum No. M-17-12; and (11) Non-Federal Personnel; and
    3. Adding one new routine use: (10) Assistance to Federal Agencies 
and Entities Related to Breaches, the addition of which is required by 
OMB Memorandum No. M-17-12.
    The system of records is also revised for clarity and updated to 
reflect various administrative changes related to the system managers 
and system addresses; policy and practices for storage and retrieval of 
the information; administrative, technical, and physical safeguards; 
and updated notification, records access, and contesting records 
procedures.

SYSTEM NAME AND NUMBER:
    FCC/OMD-17, Freedom of Information Act (FOIA) and Privacy Act 
Requests.

SECURITY CLASSIFICATION:
    No information in the system is classified.

SYSTEM LOCATION:
    Office of the Managing Director (OMD), Federal Communications 
Commission (FCC), 45 L Street NE, Washington, DC 20554.

SYSTEM MANAGER(S):
    Office of the Managing Director (OMD), Federal Communications 
Commission (FCC), 45 L Street NE, Washington, DC 20554.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 552 and 5 U.S.C. 552a.

PURPOSE(S) OF THE SYSTEM:
    The Commission's Performance & Program Management (PPM) staff of 
the Office of Managing Director will collect and maintain the 
information in this system primarily through the FCC FOIA Case 
Management Solution, an online portal for filing, managing, and 
tracking FOIA requests and appeals and managing and tracking Privacy 
Act requests and appeals. Maintaining these records permits the 
Commission to effectively, efficiently, and appropriately process and 
respond to such requests and appeals. These records are also necessary 
for defending Commission action in litigation challenging FOIA and 
Privacy Act responses by the agency; for compiling mandatory reports 
and responses to inquiries from Congress, the Department of Justice 
(DOJ), the Office of Government Information Services (OGIS) of the 
National Archives and Records Administration (NARA), the Office of 
Management and Budget (OMB), the General Services Administration (GSA), 
and the Government Accountability Office (GAO). The records are also 
used to respond to congressional inquiries from both Congressional 
committees and from individual members of Congress inquiring on behalf 
of a constituent.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The categories of individuals covered by this system include, but 
are not limited to individuals who submit FOIA and Privacy Act 
requests, or administrative appeals; FCC staff who respond to FOIA and 
Privacy Act requests and appeals; and individuals who are the subject 
of FOIA and Privacy Act requests and appeals or whose personally 
identifiable information is contained in records covered by this 
system.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The categories of records in this system include identifying 
information provided by FOIA and Privacy Act requesters when making 
FOIA or Privacy Act requests or appeals, including requesters' names, 
home addresses, email addresses, and telephone numbers, as well as 
other identifying information that may be provided by requesters in the 
description of their FOIA or Privacy Act requests or appeals; and the 
names of certain FCC staff responding to FOIA and Privacy Act requests 
and appeals. This system does not include any records of internal 
communications between FCC staff, nor any communications between the 
FCC and other federal agencies, nor does it contain draft 
correspondence to requesters or folders of documents that are 
responsive or potentially responsive to FOIA and Privacy Act requests.

RECORD SOURCE CATEGORIES:
    The sources for information in this system are FOIA and Privacy 
requesters; attorneys or other representatives of the requesters and 
the subjects of the requests; and FCC staff responding to FOIA and 
Privacy Act requests.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed to authorized 
entities, as is determined to be relevant and necessary, outside the 
FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows. In 
each of these cases, the FCC will determine whether disclosure of the 
records is compatible with the purpose(s) for which the records were 
collected:
    1. Public Access--The FCC provides public access to FOIA requests 
and

[[Page 74181]]

appeals through the FCC FOIA Case Management Solution, limited to the 
names of FOIA requesters, dates related to the processing of the 
request, and a description of the records sought by the requester 
(excluding any other personally identifiable information contained in 
the description of the records request, such as telephone numbers, home 
or email addresses, and Social Security Numbers). The information that 
will routinely be made public also may be used to create a publicly 
available log of requests.
    2. Determinations on Access--To assist the FCC in making an access 
determination, a record from the system may be shared with (a) the 
person or entity that originally submitted the record to the agency or 
is the subject of the record or information; or (b) another Federal 
entity.
    3. Litigation--To disclose records to DOJ when: (a) the FCC or any 
component thereof; (b) any employee of the FCC in his or her official 
capacity; (c) any employee of the FCC in his or her individual capacity 
where the DOJ or the FCC has agreed to represent the employee; or (d) 
the United States Government is a party to litigation or has an 
interest in such litigation, and by careful review, the FCC determines 
that the records are both relevant and necessary to the litigation, and 
the use of such records by the DOJ is for a purpose that is compatible 
with the purpose for which the FCC collected the records.
    4. Adjudication--To disclose records in a proceeding before a court 
or adjudicative body, when: (a) the FCC or any component thereof; or 
(b) any employee of the FCC in his or her official capacity; or (c) any 
employee of the FCC in his or her individual capacity; or (d) the 
United States Government, is a party to litigation or has an interest 
in such litigation, and by careful review, the FCC determines that the 
records are both relevant and necessary to the litigation, and that the 
use of such records is for a purpose that is compatible with the 
purpose for which the agency collected the records.
    5. Law Enforcement and Investigation--When the FCC becomes aware of 
an indication of a violation or potential violation of a civil or 
criminal statute, law, regulation, order, or other requirement, to 
disclose pertinent information to appropriate Federal, State, local, 
Tribal, international, or multinational agencies, or a component of 
such an agency, responsible for investigating, prosecuting, enforcing, 
or implementing a statute, rule, regulation, order, or other 
requirement.
    6. Congressional Inquiries--To provide information to a 
Congressional office from the record of an individual in response to an 
inquiry from that Congressional office made at the written request of 
that individual.
    7. Government-wide Program Management and Oversight--To provide 
information to DOJ to obtain that department's advice regarding 
disclosure obligations under the FOIA; or to OMB to obtain that 
office's advice regarding obligations under the Privacy Act.
    8. National Archives and Records Administration--To the National 
Archives and Records Administration, Office of Government Information 
Services (OGIS), to the extent necessary to fulfill its 
responsibilities in 5 U.S.C. 552(h), to review administrative agency 
policies, procedures, and compliance with the FOIA, and to facilitate 
OGIS' offering of mediation services to resolve disputes between 
persons making FOIA requests and administrative agencies.
    9. Breach Notification--To appropriate agencies, entities, and 
persons when: (a) The Commission suspects or has confirmed that there 
has been a breach of the system of records; (b) the Commission has 
determined that as a result of the suspected or confirmed breach there 
is a risk of harm to individuals, the Commission (including its 
information systems, programs, and operations), the Federal Government, 
or national security; and (c) the disclosure made to such agencies, 
entities, and persons is reasonably necessary to assist in connection 
with the Commission's efforts to respond to the suspected or confirmed 
breach or to prevent, minimize, or remedy such harm.
    10. Assistance to Federal Agencies and Entities Related to 
Breaches--To another Federal agency or Federal entity, when the 
Commission determines that information from this system is reasonably 
necessary to assist the recipient agency or entity in: (a) Responding 
to a suspected or confirmed breach or (b) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, program, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    11. For Non-Federal Personnel--To disclose information to non-
Federal personnel, including contractors, other vendors (e.g., identity 
verification services), grantees, and volunteers who have been engaged 
to assist the FCC in the performance of a contract service, grant, 
cooperative agreement, or other activity related to this system of 
records and who need to have access to the records in order to perform 
their activity.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Information in this system includes both paper and electronic 
records. The paper records, documents, and files are maintained in file 
cabinets that are located in the OMD FOIA Public Liaison's office 
suite, the OMD central file room, the Office of General Counsel, and in 
the bureaus and offices of the FCC staff who provide the responses to 
FOIA/Privacy Act requests. Paper files are kept locked and access to 
the file room is restricted. FOIA and Privacy Act requests that are 
received via postal mail are scanned and are stored as electronic 
records by the OMD FOIA office. The electronic records, files, and data 
are stored in the FCC FOIA Case Management Solution and in the FCC's or 
a vendor's computer network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records in this system of records are most often retrieved by the 
control number for the request, but may be retrieved by an individual's 
name, organization, or request description.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and disposed of in accordance with the 
National Archives and Records Administration's General Records Schedule 
4.2, Items 020, 040, 050, 070, and 090.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The electronic records, files, and data are stored within FCC or a 
vendor's accreditation boundaries and maintained in a database housed 
in the FCC's or vendor's computer network databases. Access to the 
electronic files is restricted to authorized employees and contractors; 
and to IT staff, contractors, and vendors who maintain the IT networks 
and services. Other employees and contractors may be granted access on 
a need-to-know basis. The electronic files and records are protected by 
the FCC and third-party privacy safeguards, a comprehensive and dynamic 
set of IT safety and security protocols and features that are designed 
to meet all Federal privacy standards, including those required by the 
Federal Information Security Modernization Act of 2014 (FISMA), OMB, 
and the National Institute of Standards and Technology (NIST).
    Paper records in this system are maintained in file cabinets in the 
FOIA Public Liaison's office, in the Office of

[[Page 74182]]

General Counsel, and in the bureaus and offices of the FCC staff who 
provide the responses to FOIA/Privacy Act requests. The file cabinets 
are locked at the end of the business day and access is restricted to 
authorized supervisors and staff who are responsible for responding to 
the FOIA or Privacy Act requests or appeals.

RECORD ACCESS PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about themselves should follow the Notification Procedures 
below.

CONTESTING RECORD PROCEDURES:
    Individuals wishing to contest information pertaining to him or her 
in the system of records should follow the Notification Procedures 
below.

NOTIFICATION PROCEDURES:
    Individuals wishing to determine whether this system of records 
contains information about themselves may do so by writing to 
[email protected]. Individuals requesting record access or amendment must 
also comply with the FCC's Privacy Act regulations regarding 
verification of identity as required under 47 CFR part 0, subpart E.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    81 FR 58930 (August 26, 2016).

Federal Communications Commission.
Marlene Dortch,
Secretary.
[FR Doc. 2023-23904 Filed 10-27-23; 8:45 am]
BILLING CODE 6712-01-P