[Federal Register Volume 89, Number 72 (Friday, April 12, 2024)]
[Notices]
[Pages 25897-25901]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-07766]
-----------------------------------------------------------------------
DEPARTMENT OF THE INTERIOR
Office of the Solicitor
[DOI-2021-0003; 24XD4523WS, DWSN00000.000000, DL90000000, DP.90008]
Privacy Act of 1974; System of Records
AGENCY: Office of the Secretary, Interior.
ACTION: Notice of a modified system of records.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as
amended, the Department of the Interior (DOI, Department) is issuing a
public notice of its intent to modify the Privacy Act system of
records, INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case
Files. In this notice, DOI is proposing to consolidate the system of
records with INTERIOR/OS-69, Freedom of Information Act Appeals Files,
system of records; update the system name to INTERIOR/DOI-71, Freedom
of Information Act (FOIA) Files; and provide updates to all sections of
the notice in accordance with the Privacy Act and Office of Management
and Budget (OMB) policy.
DATES: This modified system will be effective upon publication. New or
modified routine uses will be effective May 13, 2024. Submit comments
on or before May 13, 2024.
ADDRESSES: You may send comments identified by docket number [DOI-2021-
0003] by any of the following methods:
Federal eRulemaking Portal: https://www.regulations.gov.
Follow the instructions for sending comments.
Email: [email protected]. Include docket number
[DOI-2021-0003] in the subject line of the message.
U.S. Mail or Hand-Delivery: Teri Barnett, Departmental
Privacy Officer, U.S. Department of the Interior, 1849 C Street NW,
Room 7112, Washington, DC 20240.
Instructions: All submissions received must include the agency name
and docket number [DOI-2021-0003]. All comments received will be posted
without change to https://www.regulations.gov, including any personal
information provided.
Docket: For access to the docket to read background documents or
comments received, go to https://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: Teri Barnett, Departmental Privacy
Officer, U.S. Department of the Interior, 1849 C Street NW, Room 7112,
Washington, DC 20240, [email protected] or (202) 208-1605.
SUPPLEMENTARY INFORMATION:
I. Background
The DOI maintains the Department-wide system of records, INTERIOR/
DOI-71, Electronic FOIA Tracking System and FOIA Case Files, to enable
the Department to administer the FOIA Program more efficiently. This
system of records contains information on individuals for the purposes
of managing and processing FOIA requests, some of which may be
processed in tandem with the Privacy Act of 1974, as amended, and
supports the oversight and management of appeals filed by individuals
under the FOIA and Privacy Act.
This notice also covers DOI FOIA Program records and case files
managed by DOI bureaus and offices that may include administrative
records, communications, and other documents related to administration
of the FOIA Program. Each DOI bureau and office is responsible for
managing its own records related to its FOIA program. DOI is publishing
this revised system of records notice (SORN) to consolidate two systems
of records that support the administration of the DOI FOIA Program and
cover the full lifecycle of a FOIA request to include the appeals
process: INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case
Files, 81 FR 33544 (May 26, 2016), modification published at 86 FR
50156 (September 7, 2021); and INTERIOR/OS-69, Freedom of Information
Act Appeals Files, 64 FR 16986 (April 7, 1999), modification published
at 86 FR 50156 (September 7, 2021). DOI is also proposing to update the
system name to INTERIOR/DOI-71, Freedom of Information Act (FOIA)
Files, and is updating all sections of the notice to reflect changes
for the modified consolidated system in accordance with the Privacy Act
of 1974 and OMB Circular A-108, Federal Agency Responsibilities for
Review, Reporting, and Publication under the Privacy Act.
The routine uses contained in the INTERIOR/OS-69 SORN are also
reflected in the previously published INTERIOR/DOI-71 SORN. In this
notice, DOI is changing the routine uses from a numeric to alphabetic
list and is
[[Page 25898]]
proposing one new routine use and modifying existing routines uses to
be consistent with DOI standard routine uses as reflected below. DOI
will publish a rescindment notice to retire the INTERIOR/OS-69 SORN
after public comments on this consolidated notice are received and the
new and modified routine uses become effective.
Routine use A is being modified to further clarify how disclosures
are made to the Department of Justice (DOJ) or other Federal agencies
when necessary, in relation to litigation or judicial hearings. Routine
use B is being updated to clarify how disclosures are made to a
congressional office to respond to or resolve an individual's request
made to that office. Proposed new routine use C facilitates the sharing
of information with the Executive Office of the President to resolve
issues concerning individuals' records. Routine use H is being updated
to expand the sharing of information with territorial organizations in
response to court orders or for discovery purposes related to
litigation. Routine use I is being updated to include grantees and
service providers to allow DOI to share information to perform services
to carry out the purpose of the system, ensure integrity of records,
and perform system maintenance. Routine use J is being slightly
modified to reflect the breach routine use language required by OMB
Memorandum M-17-12, Preparing for and Responding to a Breach of
Personally Identifiable Information.
Pursuant to 5 U.S.C. 552a(b)(12), DOI may disclose information from
this system to consumer reporting agencies as defined in the Fair
Credit Reporting Act (15 U.S.C. 1681a(f)) or the Federal Claims
Collection Act of 1966 (31 U.S.C. 3701(a)(3)) to aid in the collection
of outstanding debts owed to the Federal Government.
II. Privacy Act
The Privacy Act of 1974, as amended, embodies fair information
practice principles in a statutory framework governing the means by
which Federal agencies collect, maintain, use, and disseminate
individuals' records. The Privacy Act applies to records about
individuals that are maintained in a ``system of records.'' A ``system
of records'' is a group of any records under the control of an agency
from which information is retrieved by the name of an individual or by
some identifying number, symbol, or other identifying particular
assigned to the individual. The Privacy Act defines an individual as a
United States citizen or lawful permanent resident. Individuals may
request access to their own records that are maintained in a system of
records in the possession or under the control of DOI by complying with
DOI Privacy Act regulations at 43 CFR part 2, subpart K, and following
the procedures outlined in the Records Access, Contesting Record, and
Notification Procedures sections of this notice.
The Privacy Act requires each agency to publish in the Federal
Register a description denoting the existence and character of each
system of records that the agency maintains and the routine uses of
each system. The INTERIOR/DOI-71, Freedom of Information Act (FOIA)
Files, SORN is published in its entirety below. In accordance with 5
U.S.C. 552a(r), DOI has provided a report of this system of records to
the Office of Management and Budget and to Congress.
III. Public Participation
You should be aware your entire comment, including your personally
identifiable information such as your address, phone number, email
address, or any other personal information in your comment, may be made
publicly available at any time. While you may request to withhold your
personally identifiable information from public review, we cannot
guarantee we will be able to do so.
SYSTEM NAME AND NUMBER:
INTERIOR/DOI-71, Freedom of Information Act (FOIA) Files.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Records in this system are located in the Departmental FOIA Office;
Bureaus and Offices that oversee the FOIA Program (see the Department's
FOIA website at https://www.doi.gov/foia/contacts for a list of the
Department's FOIA contacts); FOIA and Privacy Act Appeals, Office of
the Solicitor; Office of Inspector General (OIG) Office of General
Counsel; and DOI service providers and contractor facilities.
SYSTEM MANAGER(S):
(1) The Director of the Departmental FOIA Office, Office of the
Solicitor, U.S. Department of the Interior, 1849 C Street NW, MS-7328
MIB, Washington, DC 20240, has overall responsibility for the policies
and procedures used to operate the system. Records are maintained under
the control of the Departmental offices, bureaus, and offices. OIG
independently manages its own FOIA Program, as discussed further below.
(2) DOI Bureau and Office FOIA Officers and staff in headquarters
and in field offices have responsibility for the FOIA files and data
maintained for their respective organizations. To obtain a current list
of the FOIA Officers and Coordinators and their addresses, see https://www.doi.gov/foia/contacts.
(3) The FOIA and Privacy Act Appeals Officer, Office of the
Solicitor, U.S. Department of the Interior, 1849 C Street NW, MS-6556
MIB, Washington, DC 20240, has responsibility for maintaining FOIA and
Privacy Act appeal files and data for administrative appeals that do
not appeal a decision of the OIG.
(4) The OIG FOIA Officer, Office of General Counsel, U.S.
Department of the Interior, 1849 C Street NW, MS-4428 MIB, Washington,
DC 20240, has responsibility for maintaining OIG FOIA records and FOIA
and Privacy Act appeal files for administrative appeals that appeal a
decision of the OIG.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 552, The Freedom of Information Act, as amended; 5 U.S.C.
552a, The Privacy Act of 1974, as amended; DOI FOIA Regulations, 43 CFR
part 2; DOI Privacy Act regulations, 43 CFR part 2, subpart K.
PURPOSE(S) OF THE SYSTEM:
The purpose of the system is to facilitate the Department's
management and processing of Freedom of Information Act (FOIA) requests
and appeals, some of which may be processed in tandem with the Privacy
Act of 1974, as amended. This system: (1) enables the Department to
administer FOIA request processing more efficiently; (2) supports
action on FOIA requests, appeals, and litigation; (3) enables documents
to be released in a more consistent manner; (4) assists in eliminating
the duplication of effort; (5) gathers information for management and
reporting purposes; and (6) improves customer service.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals or their representatives who have submitted FOIA or
combined FOIA and Privacy Act requests for records or information, have
submitted administrative appeals, and/or have FOIA mediation or
litigation pending with DOI or another Federal agency; individuals
whose FOIA requests or records have been consulted on or referred to
the Department by other agencies; individuals who are the subject of
such requests, appeals, mediation, and/or litigation; individuals who
are referenced or whose information may be included in responsive
records; and/or the DOI personnel assigned to handle such
[[Page 25899]]
requests, appeals, mediation, and litigation.
CATEGORIES OF RECORDS IN THE SYSTEM:
This system consists of records created or compiled in response to
FOIA requests, or combined FOIA and Privacy Act requests, for records
or information, administrative appeals, mediation, and related
litigation and includes: original requests and administrative appeals;
responses to such requests and appeals; all related memoranda,
correspondence, notes, and other related or supporting documentation;
records related to processing of FOIA requests and appeals,
recommendations on appeals, and final decisions; and, in some
instances, copies of requested records and records under appeal.
Records about individuals may include name, mailing address, email
address, telephone number, case file number, fee determinations, any
information contained in the agency records requested by individuals,
and identifying information about individual requesters or other
information provided by requesters.
RECORD SOURCE CATEGORIES:
Information gathered in this system is submitted by individuals or
entities filing FOIA requests and administrative appeals, agencies
engaging in consultations or referrals, and agency employees processing
these requests and appeals. Information may also be obtained from
INTERIOR/DOI-57, Privacy Act Files, system, INTERIOR/SOL-1, Litigation,
Appeal and Case Files, and other agency records.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed outside DOI as a
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice (DOJ), including Offices of the
U.S. Attorneys, or other Federal agency conducting litigation or in
proceedings before any court, adjudicative, or administrative body,
when it is relevant or necessary to the litigation and one of the
following is a party to the litigation or has an interest in such
litigation:
(1) DOI or any component of DOI;
(2) Any other Federal agency appearing before the Office of
Hearings and Appeals;
(3) Any DOI employee or former employee acting in his or her
official capacity;
(4) Any DOI employee or former employee acting in his or her
individual capacity when DOI or DOJ has agreed to represent that
employee or pay for private representation of the employee; or
(5) The United States Government or any agency thereof, when DOJ
determines that DOI is likely to be affected by the proceeding.
B. To a congressional office when requesting information on behalf
of, and at the request of, the individual who is the subject of the
record.
C. To the Executive Office of the President in response to an
inquiry from that office made at the request of the subject of a record
or a third party on that person's behalf, or for a purpose compatible
with the reason for which the records are collected or maintained.
D. To any criminal, civil, or regulatory law enforcement authority
(whether Federal, State, territorial, local, Tribal, or foreign) when a
record, either alone or in conjunction with other information,
indicates a violation or potential violation of law--criminal, civil,
or regulatory in nature, and the disclosure is compatible with the
purpose for which the records were compiled.
E. To an official of another Federal agency to provide information
needed in the performance of official duties related to reconciling or
reconstructing data files or to enable that agency to respond to an
inquiry by the individual to whom the record pertains.
F. To Federal, State, territorial, local, Tribal, or foreign
agencies that have requested information relevant or necessary to the
hiring, firing or retention of an employee or contractor, or the
issuance of a security clearance, license, contract, grant, or other
benefit, when the disclosure is compatible with the purpose for which
the records were compiled.
G. To representatives of the National Archives and Records
Administration (NARA) to conduct records management inspections under
the authority of 44 U.S.C. 2904 and 2906.
H. To State, territorial and local governments and Tribal
organizations to provide information needed in response to court order
and/or discovery purposes related to litigation, when the disclosure is
compatible with the purpose for which the records were compiled.
I. To an expert, consultant, grantee, shared service provider, or
contractor (including employees of the contractor) of DOI that performs
services requiring access to these records on DOI's behalf to carry out
the purposes of the system.
J. To appropriate agencies, entities, and persons when:
(1) DOI suspects or has confirmed that there has been a breach of
the system of records;
(2) DOI has determined that as a result of the suspected or
confirmed breach there is a risk of harm to individuals, DOI (including
its information systems, programs, and operations), the Federal
Government, or national security; and
(3) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with DOI's efforts to
respond to the suspected or confirmed breach or to prevent, minimize,
or remedy such harm.
K. To another Federal agency or Federal entity, when DOI determines
that information from this system of records is reasonably necessary to
assist the recipient agency or entity in:
(1) responding to a suspected or confirmed breach; or
(2) preventing, minimizing, or remedying the risk of harm to
individuals, the recipient agency or entity (including its information
systems, programs, and operations), the Federal Government, or national
security, resulting from a suspected or confirmed breach.
L. To the Office of Management and Budget (OMB) during the
coordination and clearance process in connection with legislative
affairs as mandated by OMB Circular A-19.
M. To the Department of the Treasury to recover debts owed to the
United States.
N. To the news media and the public, with the approval of the
Public Affairs Officer in consultation with counsel and the Senior
Agency Official for Privacy, where there exists a legitimate public
interest in the disclosure of the information, except to the extent it
is determined that release of the specific information in the context
of a particular case would constitute an unwarranted invasion of
personal privacy.
O. To a debt collection agency for the purpose of collecting
outstanding debts owed to the Department for fees associated with
processing FOIA/Privacy Act requests.
P. To other Federal, State, and local agencies having a subject
matter interest in a request or an appeal or a decision thereon.
Q. To another Federal agency to assist that agency in responding to
an inquiry by the individual to whom that record pertains.
R. To the National Archives and Records Administration, Office of
Government Information Services
[[Page 25900]]
(OGIS), to the extent necessary to fulfill its responsibilities in 5
U.S.C. 552(h), to review administrative agency policies, procedures,
and compliance with the FOIA, and to facilitate OGIS' offering of
mediation services to resolve disputes between persons making FOIA
requests and administrative agencies.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Paper records are contained in file cabinets and/or in secured
rooms under the control of authorized DOI personnel. Electronic records
are contained in computers, compact discs, magnetic tapes, external
removable drives, email, diskettes, digital video disks, and electronic
databases.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Information can be retrieved by specific data elements in the
system including: the tracking number; name of the requester; the
requester's organizational affiliation; subject; and other data
elements. Paper records are normally retrieved by the tracking number.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Records are maintained under Departmental Records Schedule (DRS)
1.1 Administrative Records (DAA-0048-2013-0001) that covers FOIA and
Privacy Act request files, correspondence, reports, and other program
administration and financial management records, which has been
approved by NARA. The disposition for these records is temporary and
retention periods vary according to the specific record and the needs
of the agency. FOIA request files and other short-term administration
records are destroyed three years after cut-off, which is generally
after the date of final reply or the end of the third fiscal year in
which files are created. Long-term administration records that require
additional retention are destroyed seven years after cut-off, which is
generally at the end of the fiscal year in which files are closed if no
unique cut-off is specified. The unique cutoff for FOIA appeal files
and litigation records is when the case is closed or resolved. The
unique cutoff for access and disclosure request files is after final
agency action or 3 years after final adjudication by the courts,
whichever is later. Paper records are disposed of by shredding or
pulping, and records maintained on electronic media are degaussed,
deleted, or erased in accordance with Departmental policy and NARA
guidelines.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to records in the system is limited to authorized personnel
whose official duties require such access. Paper records are maintained
in file cabinets and/or in secured rooms under the control of
authorized DOI personnel. Computer servers in which electronic records
are stored are located in secure DOI, service provider or contractor
facilities with physical, technical and administrative levels of
security to prevent unauthorized access to the networks and information
assets. Electronic records are maintained in accordance with the OMB
and Departmental guidelines reflecting the implementation of the
Federal Information Security Modernization Act of 2014 (Pub. L. 113-
283, 44 U.S.C. 3554). Electronic data is protected through user
identification, passwords, database permissions and software controls.
Such security measures establish different access levels for different
types of users. System administrators and authorized users are trained
and required to follow established internal security protocols and must
complete all security, privacy, and records management training and
sign the DOI Rules of Behavior.
RECORD ACCESS PROCEDURES:
An individual requesting access to their records should send a
written inquiry to the applicable System Manager, as identified above
in the System Manager section. DOI forms and instructions for
submitting a Privacy Act request may be obtained from the DOI Privacy
Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must include a general description of the records
sought and the requester's full name, current address, and sufficient
identifying information such as date of birth or other information
required for verification of the requester's identity. The request must
be signed and dated and be either notarized or submitted under penalty
of perjury in accordance with 28 U.S.C. 1746. The request must include
the specific bureau or office that maintains the record to facilitate
location of the applicable records. Requests submitted by mail must be
clearly marked ``PRIVACY ACT REQUEST FOR ACCESS'' on both the envelope
and letter. A request for access must meet the requirements of 43 CFR
2.238.
CONTESTING RECORD PROCEDURES:
An individual requesting amendment of their records should send a
written inquiry to the applicable System Manager, as identified above
in the System Manager section. DOI instructions for submitting a
request for amendment of records are available on the DOI Privacy Act
Requests website at https://www.doi.gov/privacy/privacy-act-requests.
The request must clearly identify the records for which amendment is
being sought, the reasons for requesting the amendment, and the
proposed amendment to the record. The request must include the
requester's full name, current address, and sufficient identifying
information such as date of birth or other information required for
verification of the requester's identity. The request must be signed
and dated and be either notarized or submitted under penalty of perjury
in accordance with 28 U.S.C. 1746. The request must include the
specific bureau or office that maintains the record to facilitate
location of the applicable records. Requests submitted by mail must be
clearly marked ``PRIVACY ACT REQUEST FOR AMENDMENT'' on both the
envelope and letter. A request for amendment must meet the requirements
of 43 CFR 2.246.
NOTIFICATION PROCEDURES:
An individual requesting notification of the existence of records
about them should send a written inquiry to the applicable System
Manager, as identified above in the System Manager section. DOI
instructions for submitting a request for notification are available on
the DOI Privacy Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must include a general description of
the records and the requester's full name, current address, and
sufficient identifying information such as date of birth or other
information required for verification of the requester's identity. The
request must be signed and dated and be either notarized or submitted
under penalty of perjury in accordance with 28 U.S.C. 1746. The request
must include the specific bureau or office that maintains the record to
facilitate location of the applicable records. Requests submitted by
mail must be clearly marked ``PRIVACY ACT INQUIRY'' on both the
envelope and letter. A request for notification must meet the
requirements of 43 CFR 2.235.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
To the extent that copies of exempt records from other systems of
records are entered into this system, DOI claims the same exemptions
for those records that are claimed for the original primary systems of
records from which they originated.
[[Page 25901]]
HISTORY:
INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case
Files, 81 FR 33544 (May 26, 2016), modification published at 86 FR
50156 (September 7, 2021).
Teri Barnett,
Departmental Privacy Officer, U.S. Department of the Interior.
[FR Doc. 2024-07766 Filed 4-11-24; 8:45 am]
BILLING CODE 4334-63-P