[Federal Register Volume 89, Number 78 (Monday, April 22, 2024)]
[Notices]
[Pages 29372-29375]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-08473]


=======================================================================
-----------------------------------------------------------------------

PRESIDIO TRUST


Privacy Act of 1974; System of Records

AGENCY: The Presidio Trust.

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended, the Presidio Trust is issuing a public notice of its intent to 
establish an Automated License Plate Recognition Program, system of 
records. INTERIOR PRESIDIO TRUST/Department of Public Safety-01, 
Automated License Plate Recognition (ALPR) system.

DATES: This system of records is effective upon publication. New 
routine uses will be effective May 22, 2024.

ADDRESSES: You may send comments via email to the interim Privacy 
Officer, within Presidio Trust's Department of Administration, Luke 
Donohue, [email protected].or via U.S. Mail 1750 Lincoln Blvd. 
San Francisco, CA, 94129.

FOR FURTHER INFORMATION CONTACT: Luke Donohue, interim Privacy Officer, 
Presidio Trust, 1750 Lincoln Blvd. San Francisco, CA, 94129, 
[email protected], (415) 317-8910.

SUPPLEMENTARY INFORMATION: The Presidio Trust, Internal-01, is 
establishing Automated License Plate Recognition (ALPR) systems of 
records. The purpose of the Automated License Plate Recognition (ALPR) 
system is to provide law enforcement agencies and the Director of the 
Department of Public Safety with a tool to assist with

[[Page 29373]]

investigations and crime prevention. Additionally, vehicular behavior 
habits through its gates of entry can be observed. The Flock Safety 
ALPR technology captures images of license plates and stores the plate 
data along with the location and time of capture.
    Flock Safety's system consists of cameras and a cloud-based 
computing system which captures a whole or partial license plate number 
as well as make, model, and color of the vehicle. All collected data is 
encrypted using AES-256 encryption with a secure cloud server. Flock 
Safety allows the customer to own the data collected; the information 
is not shared or sold with third parties. The images in the system are 
collected from areas visible to the public where there is no reasonable 
expectation of privacy. The data collected may include license plate 
(whole or partial) images, vehicle make/model/color, and a record of 
the date, time, and location when the image was collected. The system 
creates a searchable computerized database, segmented by customer, 
resulting from the Flock Safety ALPR cameras in use by Flock Safety 
customers. The Flock Safety cameras are installed in a position to 
capture the license plate area of the vehicle and are focused in such a 
manner, that avoids collecting unintended images such as the driver or 
pedestrian(s).
    Individuals generally will not have the opportunity to consent to 
the collection or use of the recording of their images or activities. 
Individuals who enter onto Federal properties and public areas do not 
have a reasonable expectation of privacy. Presidio Trust areas may have 
signs posted that inform individuals of surveillance activities, but in 
many cases notice may not be provided, or consent obtained for images 
captured during law enforcement operations or activities.
    The Privacy Act of 1974 articulates concepts of how the Federal 
Government should treat individuals and their information, and imposes 
duties upon Federal agencies regarding the collection, use, 
dissemination, and maintenance of personally identifiable information. 
The Homeland Security Act of 2002 section 222(2) states that the Chief 
Privacy Officer shall assure that information is handled in full 
compliance with the fair information practices as set out in the 
Privacy Act of 1974.45 6 U.S.C. 142(a)(2).
    Flock Safety stores all collected data on a secured portal for 30 
days on their cloud through Amazon Web Services (AWS) using AES256 bit 
encryption, which is one of the highest encryption protections in 
industry standards. All information is encrypted in transit from camera 
to cloud storage and encrypted at rest in the cloud. Multi-factor 
secured VPN access is needed to use the secured off-site database.

SYSTEM NAME AND NUMBER:
    Automated License Plate Recognition (ALPR) Program, Internal-01.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Presidio Trust, Department of Public Safety, 1750 Lincoln Blvd., 
San Francisco, CA 94129. [email protected]

SYSTEM MANAGER(S):
    Director of Public Safety, Tomas Kaselionis, 
[email protected] 1750 Lincoln Blvd. San Francisco, CA 
94129.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Title I, Omnibus Parks Public Lands Act of 1996, Public Law 104-
333, 110 Stat. 4097. 54 U.S.C. 100704, Inventory and Monitoring 
Program; 54 U.S.C. 100707, Confidentiality of Information.

PURPOSE(S) OF THE SYSTEM:
    The purpose of the system is to provide the Director of the 
Department of Public Safety and law enforcement with a tool (the ALPR 
system) to assist with investigations and crime prevention.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The data collected by the system will be stored for the sole 
purpose of identifying the vehicles of individuals engaged in unlawful 
conduct. Data may be collected from Presidio Park Visitors, Presidio 
Trust Staff, and Presidio Park Residents and/or Commercial Tenants.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system contains records of license plate (whole or partial), 
vehicle make and model, capture time, capture network, capture camera, 
capture location (latitude, longitude) and image/s of the vehicle.

RECORD SOURCE CATEGORIES:
    Authorized Trust staff can import the data from Flock Safety in 
three ways:
    CSV--The authorized user can export a CSV file containing the plate 
(whole or partial), capture time, capture network, capture camera, 
capture location (latitude, longitude) and image file name for a 
specific time frame. The Plate State is not included nor is additional 
vehicle information such as make and model.
    IMAGES only--zip file of JPG files only identifiable by matching 
file name from the CSV.
    PDF Report--Created by (username), date created, search reason, 
single vehicle image, zoomed in LPR image, GPS Map of camera location, 
license plate state and number, date captured, camera, camera location, 
vehicle body, make and color. License plate images and affiliated data 
will be purged after a 30-day period.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside the 
Department of Interior as a routine use pursuant to 5 U.S.C. 552a(b)(3) 
may be made to:
    (1) The appropriate Federal, State, local or foreign agency 
responsible for obtaining information relevant for investigating, 
prosecuting, enforcing, or implementing a statue, rule, regulation, or 
order when Presidio Trust becomes aware of an indication of a violation 
or potential violation of civil or criminal law or regulation.
    (2) The U.S. Department of Justice or in a proceeding before a 
court or adjudicative body when:
    (a) The United States, the Presidio Trust, a component of the 
Presidio Trust, or, when represented by the government, an employee of 
the Presidio Trust is a party to litigation or anticipated litigation 
or has an interest in such litigation, and
    (b) The Presidio Trust determines that the disclosure is relevant 
and necessary to the litigation and is compatible with the purpose for 
which the records were compiled.
    (3) To a congressional office from the record of an individual in 
response to an inquiry from the congressional office made at the 
request of that individual.
    (4) To appropriate agencies, entities, and persons when:
    (a) The Presidio Trust suspects or has confirmed that there has 
been a breach of the system of records
    (b) The Presidio Trust has determined that as a result of the 
suspected or confirmed breach there is a risk of harm to individuals, 
The Presidio Trust (including its information systems, programs, and 
operations), the Federal Government, or national security.
    (c) The disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with The Presidio Trusts 
efforts to respond to the suspected or

[[Page 29374]]

confirmed breach or to prevent, minimize, or remedy such harm.
    (5) To another Federal agency or Federal entity, when the Presidio 
Trust determines that information from this system of records is 
reasonably necessary to assist the recipient agency or entity in:
    (a) Responding to a suspected or confirmed breach.
    (b) Preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
or national security, resulting from a suspected or confirmed breach.
    (6) To Contractors when the contractor is working on a contract, 
service, job, or other activity for the Agency and who have a need to 
have access to the information in performance of their duties or 
activities for the Agency. Recipients will be required to comply with 
the requirements of the Privacy Act of 1974 as provided in 5 U.S.C. 
552a(m).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in this system can be retrieved by an authorized user, 
either by querying within the application or generating a report. All 
functions and features are password protected, with multi-factor 
authorization. The physical security of the Flock Safety data center is 
managed by Amazon AWS data centers, using AES256 bit encryption, and 
physical access to the Flock Safety office is restricted to authorized 
personnel only. Additionally, The Information Security program at Flock 
Safety aligns with industry recognized security frameworks including: 
System and Organization Controls (SOC) 2 Type II, SOC 3 Type II, NIST 
Cybersecurity Framework, Cloud Security Alliance's Cloud Control 
Matrix, AWS Foundational Security Best Practices, and CIS AWS 
Foundations Benchmarks.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Flock Safety uses administrative, operational, technical, and 
physical safeguards to protect ALPR information from unauthorized 
access, use, destruction, modification, or disclosure. Access to the 
system is granted by an agency administrator (the Director of Public 
Safety) and is protected by Username, password, and multi-factor 
authentication.
    Flock Safety gives the Presidio Trust full discretion as to how to 
manage its system and can limit access for the individual user or their 
role within the Presidio Trust's administration. Furthermore, Flock 
Safety tracks all user activity within the system. In addition, system 
searches are strictly tracked and require the user to provide a reason 
for every inquiry. This limits misuse or abuse of the system. 
Monitoring and auditing usage of the system can be conducted by the 
agency administrator. All logins and queries will be stored and 
monitored including: Username, Date, Time, Purpose of query, License 
plate and other elements used to query the system.
    These data points will be stored in the Flock Safety system, and 
periodic audits will be conducted according to the policies of each 
Flock Safety customer to ensure access was made by authorized persons 
for legitimate purposes.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    V Flock Safety will store the data (data hosting) and ensure proper 
maintenance and security of data stored in their cloud-based system. 
Flock Safety will also oversee purging data at the end of the 30 days 
of storage. Multi-factor secured VPN access to database, and a secure 
off-site database are used. In the unlikely event of an information 
breach, all individuals who are believed to be affected or have their 
information compromised will be notified by the Flock Safety Chief 
Technology Officer (CTO) or Chief Product Office (CPO).
    After the retention period has passed, temporary records are 
disposed of in accordance with the applicable records schedule and 
Presidio Trust policy. Data is automatically deleted after 30 day 
retention period. Records documenting incidents, investigations, or 
activities requiring retention as evidence are exported as a hashed 
copy and provided to the appropriate evidence custodian. Records may be 
retained and disposed of by a receiving agency pursuant to their 
applicable records schedule(s). Monitoring and auditing usage of the 
system can be conducted by the administrator, the Director of Public 
Safety.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Flock Safety uses administrative, operational, technical, and 
physical safeguards to protect ALPR information from unauthorized 
access, use, destruction, modification, or disclosure. The Information 
Security program at Flock Safety aligns with SOC 2 Type II, SOC 3 Type 
II, NIST Cybersecurity Framework, Cloud Security Alliance's Cloud 
Control Matrix, AWS Foundational Security Best Practices, and CIS AWS 
Foundations Benchmarks.
    Flock Quality Assurance: ALPR is automated. License plate images, 
and details of collection are included in the system without review. 
Although infrequent, license plate translation may be incomplete or 
inaccurate. Users will confirm the computer translation prior to taking 
any action based on ALPR results. Furthermore, Flock Safety cannot 
release any information collected in the Presidio without expressed 
consent from the Presidio Trust, Director of Public Safety, as per the 
contract agreement.

RECORD ACCESS PROCEDURES:
    Some of the records in this system may be shared with the Incident 
Management, Analysis and Reporting System (IMARS) for criminal acts 
committed on National Park Service (NPS) lands and inside and on the 
perimeter of protected NPS facilities.
    An individual requesting access to their records should send a 
written inquiry to the applicable System Manager or the Privacy Act 
Officer identified above. A Privacy Act request must meet the 
requirements of 36 CFR 1008. The request must include a general 
description of the records sought and the requester's full name, 
current address, and sufficient identifying information such as date of 
birth or other information required for verification of the requestor's 
identity. The request must be signed and dated and be either notarized 
or submitted under penalty of perjury in accordance with 28 U.S.C. 
1746. Requests submitted by mail must be clearly marked ``PRIVACY ACT 
REQUEST FOR ACCESS'' on both the envelope and letter. A request to 
access records must meet the requirements of 36 CFR 1008 and 36 CFR 
1008.13-14, .16-17.

CONTESTING RECORD PROCEDURES:
    An individual requesting amendment of their records should send a 
written request to the applicable System Manager or the Privacy Act 
Officer as identified above. Instructions for submitting a request for 
amendment of records are available on the Presidio Trust Privacy Act 
Requests website at https://www.PresidioTrust.gov/privacy/privacy-act-requests. Requests must clearly identify the records for which 
amendment is being sought, the reasons for requesting the amendment, 
and the proposed amendment to the record. The request must include the 
requester's full name, current address, and sufficient identifying 
information such as date of birth or other information required for 
verification of the requestor's identity.

[[Page 29375]]

The request must be signed and dated and be either notarized or 
submitted under penalty of perjury in accordance with 28 U.S.C. 1746. 
Requests submitted by mail must be clearly marked ``PRIVACY ACT REQUEST 
FOR AMENDMENT'' on both the envelope and letter. A request for 
amendment must meet the requirements of 36 CFR 1008 and 36 CFR 1008.18-
19, .22, .24.

NOTIFICATION PROCEDURES:
    An individual requesting notification of the existence of records 
about them should send a written inquiry to the applicable System 
Manager or the Privacy Act Officer as identified above. A Privacy Act 
request must meet the requirements of 36 CFR 1008. The request must 
include a general description of the records and the requester's full 
name, current address, and sufficient identifying information such as 
date of birth or other information required for verification of the 
requestor's identity. The request must be signed and dated and be 
either notarized or submitted under penalty of perjury in accordance 
with 28 U.S.C. 1746. Requests submitted by mail must be clearly marked 
``PRIVACY ACT INQUIRY'' on both the envelope and letter. A request for 
notification must meet the requirements of 43 CFR 2.235.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.

Luke Donohue,
Director of Administration.
[FR Doc. 2024-08473 Filed 4-19-24; 8:45 am]
BILLING CODE 4310-4R-P