18 April 2005 Source: http://www.access.gpo.gov/su_docs/aces/fr-cont.html ----------------------------------------------------------------------- [Federal Register: April 18, 2005 (Volume 70, Number 73)] [Notices] [Page 20156-20158] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr18ap05-71] ----------------------------------------------------------------------- DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [DHS2005-0028] Privacy Act of 1974; Systems of Records: Homeland Security Operations Center Database AGENCY: Privacy Office, Department of Homeland Security. ACTION: Notice of Privacy Act systems of records. ----------------------------------------------------------------------- SUMMARY: In accordance with the Privacy Act of 1974, the Department of Homeland Security is giving notice that it proposes to add a new system of records to its inventory of record systems, the Homeland Security Operations Center Database. DATES: Comments must be received on or before May 18, 2005. ADDRESSES: You may submit comments, identified by Docket Number DHS- 2004-xxxx, by one of the following methods: EPA Federal Partner EDOCKET Web site: http://www.epa.gov/feddocket . Follow instructions for submitting comments on the Web site. Federal eRulemaking Portal: http://www.regulations.gov . Follow the instructions for submitting comments. Fax: (202) 772-5036 (This is not a toll-free number). Mail: Sandy Ford Page, Director, Disclosure Officer, Office of the Chief Of Staff, Office of the Under Secretary for Information Analysis and Infrastructure Protection, Department of Homeland Security, Washington, DC 20528; Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security, 245 Murray Lane, Building 410, Washington, DC 20528. Hand Delivery / Courier: Nuala O'Connor Kelly, DHS Chief Privacy Officer, 245 Murray Lane, Building 410, Washington, DC 20528. Instructions: All submissions received must include the agency name and docket number for this notice. All comments received will be posted without change to http://www.epa.gov/feddocket , including any personal information provided. For detailed instructions on submitting comments and additional information on the rulemaking process, see the ``Public Participation'' heading of the SUPPLEMENTARY INFORMATION section of this document. Docket: For access to the docket to read background documents or comments received, go to http://www.epa.gov/feddocket You may also access the Federal eRulemaking Portal at http://www.regulations.gov . FOR FURTHER INFORMATION CONTACT: Sandy Ford Page, Director, Disclosure Office, Office of the Chief of Staff, Office of the Under Secretary for Information Analysis and Infrastructure Protection, Department of Homeland Security, Washington, DC by telephone (202) 282-8522 or facsimile (202) 282-9069; Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security, Washington, DC 20528 by telephone (202) 772-9848 or facsimile (202) 772-5036. SUPPLEMENTARY INFORMATION: The Department of Homeland Security (DHS) is composed of five directorates. The mission of the Directorate for Information Analysis and Infrastructure Protection (IAIP) is to help deter, prevent, and mitigate acts of terrorism by assessing vulnerabilities in the context of changing threats. Within IAIP, the Homeland Security Operations Center (HSOC) serves as the technological platform to receive threat information, integrate it and disseminate it in order to support the following activities of IAIP: a. Maintaining domestic situational awareness; b. Facilitating homeland security information sharing and operational coordination with other operations centers to include incident management; c. Monitoring threats and assisting in dissemination of homeland security threat warnings, advisory bulletins, and other information pertinent to national incident management; d. Providing general situational awareness and support to, and acting upon, requests for information generated by the Interagency Incident Management Group; and e. Facilitating domestic incident awareness, prevention, deterrence, and response and recovery activities, as well as direction to DHS components. DHS is establishing a new system of records under the Privacy Act (5 U.S.C. 552a), which will be maintained in the IAIP Directorate, the Homeland Security Operations Center Database. The Privacy Act embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses and disseminates personally identifiable information. The Privacy Act applies to information that is maintained in a ``system of records.'' A ``system of records'' is a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some [[Page 20157]] identifying number, symbol, or other identifying particular assigned to the individual. Individuals may request their own records that are maintained in a system of records in the possession or under the control of DHS by complying with DHS Privacy Act regulations, 6 CFR part 5. The Privacy Act requires that each agency publish in the Federal Register a description denoting the type and character of each system of records in order to make agency recordkeeping practices transparent, to notify individuals about the use to which personally identifiable information is put, and to assist the individual to more easily find files within the agency. This system of records notice describes the HSOC database within IAIP. The information in the HSOC database includes intelligence information and other information received from agencies and components of the Federal Government, foreign governments, organizations or entities, international organizations, state and local government agencies (including law enforcement agencies), and private sector entities, as well as information provided by individuals, regardless of the medium used to submit the information or the agency to which it was submitted. This system also contains: information regarding persons on watch lists with possible links to terrorism; the results of intelligence analysis and reporting; ongoing law enforcement investigative information, information systems security analysis and reporting; historical law enforcement information, operational and administrative records; financial information; and public-source data such as that contained in media reports and commercial databases as appropriate to identify and assess the nature and scope of terrorist threats to the homeland, detect and identify threats of terrorism against the United States, and understand such threats in light of actual and potential vulnerabilities of the homeland. Data about the providers of information, including the means of transmission of the data is also retained. IAIP will use the information in the HSOC database to access, receive, and analyze law enforcement information, intelligence information, and other information and to integrate such information in order to identify and assess the nature and scope of terrorist or other threats to the homeland. In accordance with 5 U.S.C. 552a(r), DHS has provided a report of this new system of records to the Office of Management and Budget (OMB) and to the Congress. DHS/IAIP-001 System Name: Homeland Security Operations Center Database Security Classification: Classified; sensitive System Location: Records are maintained at the Homeland Security Operations Center, Office of the Undersecretary for Information Analysis and Infrastructure Protection, Department of Homeland Security, Washington, DC 20528. Category of Individuals Covered by the System: Individuals who have been linked in any manner to potential terrorism, to other domestic incidents with homeland security implications, or whose behavior arouses reasonable suspicion of possible terrorist activity; individuals who are the subject of information pertaining to terrorism and/or homeland security; individuals who offer information pertaining to terrorism and/or homeland security; individuals who request assistance or information; or individuals who make inquiries concerning possible terrorist activity. The system will also contain information about individuals who are or have been associated with DHS homeland security operations or with DHS administrative operations. Categories of Records in the System: Intelligence information obtained from agencies and components of the Federal Government, foreign governments, organizations or entities, international organizations, state and local government agencies (including law enforcement agencies), and private sector entities; information provided by individuals, regardless of the medium used to submit the information; information obtained from the Terrorist Screening Center or on terrorist watch lists about individuals known or reasonably suspected to be engaged in conduct constituting, preparing for, aiding, or relating to terrorism; results of intelligence analysis and reporting; ongoing law enforcement investigative information; information systems security analysis and reporting; historical law enforcement information; operational and administrative records; financial information; and public source data such as that contained in media reports and commercial databases. Data about the providers of information, including the means of transmission of the data, will also be retained. Authority for Maintenance of the System: 5 U.S.C. 301, 552, 552a; Section 201 of the Homeland Security Act of 2002, Pub. L. 107-296, 116 Stat. 2145 (Nov. 25, 2002), as amended (6 U.S.C. 121); 44 U.S.C. 3101; E.O. 12958; E.O. 9397. Purpose(s): This record system is maintained to collect, access, and analyze law enforcement information, intelligence information, and other information from agencies of the Federal Government, foreign governments, international organizations, state and local government agencies (including law enforcement agencies), and private sector entities or individuals; and to integrate such information in order to: detect, identify and assess the nature and scope of terrorist or other threats to the United States; and understand such threats in light of actual and potential vulnerabilities of the homeland. Routine Uses of Records Maintained in the System: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DHS as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows: A. If the record, on its face or in conjunction with other information, indicates a violation or potential violation of any law, regulation, rule, order, or contract, the record may be disclosed to the appropriate entity, whether federal, state, local, joint, tribal, foreign, or international, that is charged with the responsibility of investigating, prosecuting and/or enforcing such law, regulations, rule, order or contract. B. To a Federal, state, local, joint, tribal, foreign, international or other public agency or organization, or to any person or entity in either the public or private sector, domestic or foreign, where such disclosure may promote assist or otherwise serve homeland or national security interests. C. To an organization or individual in either the public or private sector, where there is a reason to believe that the recipient is or could become the target of a particular terrorist activity or conspiracy, to the extent the information is relevant to the protection of life or property. D. To recipients under circumstances and procedures as are mandated by Federal statute, treaty, or international agreement. E. To the news media or members of the general public in furtherance of a function related to homeland security as [[Page 20158]] determined by the system manager where disclosure could not reasonably be expected to constitute an unwarranted invasion of privacy. F. To the Department of Justice or other federal agency conducting litigation or in proceedings before any court, adjudicative or administrative body, when: (a) DHS, or (b) any employee of DHS in his/ her official capacity, or (c) any employee of DHS in his/her individual capacity where DOJ or DHS has agreed to represent the employee, or (d) the United States or any agency thereof, is a party to the litigation or has an interest in such litigation. G. To a congressional office from the record of an individual in response to an inquiry from that congressional office made at the request of the individual to whom the record pertains. H. To the National Archives and Records Administration or other federal government agencies pursuant to records management inspections being conducted under the authority of 44 U.S.C. Sections 2904 and 2906. I. To contractors, grantees, experts, consultants, volunteers, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for the Federal government, when necessary to accomplish an agency function related to this system of records. J. To an agency, organization, or individual for the purposes of performing authorized audit or oversight operations. K. To a Federal, state, local, tribal, territorial, foreign, or international agency, if necessary to obtain information relevant to a Department of Homeland Security decision concerning the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of any employee, the letting of a contract, or the issuance of a license, grant, or other benefit. L. To a Federal, state, local, tribal, territorial, foreign, or international agency, in response to its request, in connection with the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter. Policies and Practices for Storing, Retrieving, Accessing, Retaining, and Disposing of Records in the System: Storage: Records in this system are stored electronically at the HSOC in a secure facility. The records are stored on magnetic disc, tape, digital media, and CD-ROM, and may also be retained in hard copy format in secure folders. Retrievability: Data may be retrieved by the individual's name or other identifier. Safeguards: Information in this system is safeguarded in accordance with applicable rules and policies, including any applicable IAIP and DHS automated systems security and access policies. Strict controls have been imposed to minimize the risks of compromising the information that is being stored. Access to the computer system containing the records in this system is limited to those individuals specifically authorized and granted access by DHS regulations, who hold appropriate security clearances, and who have a need to know the information in the performance of their official duties. The system also maintains a real- time auditing function of individuals who access the system. Classified information is appropriately stored in a secured facility, in secured databases and containers, and in accordance with other applicable requirements, including those pertaining to classified information. Access is limited to authorized personnel only. Retention and Disposal: IAIP is working with the National Archives and Records Administration to obtain approval of a records retention and disposal schedule to cover records in the HSOC database. IAIP has proposed a short retention schedule for these records. System Manager(s) and Address: Director, Disclosure Office, Office of the Chief of Staff, Office of the Undersecretary for Information Analysis and Infrastructure Protection, Department of Homeland Security, Washington, D.C. 20528. Notification Procedures: To determine whether this system contains records relating to you, write to the System Manager identified above. Records Access Procedures: A request for access to records in this system may be made by writing to the System Manager, identified above, in conformance with 6 CFR Part 5, Subpart B, which provides the rules for requesting access to Privacy Act records maintained by DHS. Contesting Record Procedures: Same as ``Record Access Procedures,'' above. Record Source Categories: Information contained in this system is obtained from subject individuals, other agencies and organizations, both domestic and foreign, media, including periodicals, newspapers, and broadcast transcripts and public and classified reporting, privacy organizations and individuals, intelligence source documents, investigative reports, and correspondence. Exemptions Claimed for the System: Portions of this system are exempt under 5 U.S.C. 552a((j)(2), (k)(1), and (k)(2). Dated: April 7, 2005. Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security. [FR Doc. 05-7704 Filed 4-15-05; 8:45 am] BILLING CODE 4410-10-P ----------------------------------------------------------------------- [Federal Register: April 18, 2005 (Volume 70, Number 73)] [Proposed Rules] [Page 20061-20062] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr18ap05-10] ======================================================================== Proposed Rules Federal Register ________________________________________________________________________ This section of the FEDERAL REGISTER contains notices to the public of the proposed issuance of rules and regulations. The purpose of these notices is to give interested persons an opportunity to participate in the rule making prior to the adoption of the final rules. ======================================================================== [[Page 20061]] DEPARTMENT OF HOMELAND SECURITY Office of the Secretary 6 CFR Part 5, Appendix C [DHS-2005-0029] Privacy Act of 1974: Implementation of Exemptions: the Homeland Security Operations Center Database AGENCY: Privacy Office, Department of Homeland Security. ACTION: Notice of proposed rulemaking. ----------------------------------------------------------------------- SUMMARY: The Department of Homeland Security is concurrently establishing one new system of records pursuant to the Privacy Act of 1974, the Homeland Security Operations Center Database. In this proposed rulemaking, the Department of Homeland Security proposes to exempt portions of this system of records from one or more provisions of the Privacy Act because of criminal, civil and administrative enforcement requirements. DATES: Comments must be received on or before May 18, 2005. ADDRESSES: You may submit comments, identified by docket number DHS- 2004-, by one of the following methods: EPA Federal Partner EDOCKET Web site: http://www.epa.gov/feddocket . Follow instructions for submitting comments on the Web site. DHS has joined the Environmental Protection Agency (EPA) online public docket and comment system on its Partner Electronic Docket System (Partner EDOCKET). Federal eRulemaking Portal: http://www.regulations.gov . Follow the instructions for submitting comments. Fax: (202) 772-5036 (This is not a toll-free number). Mail: Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security, Nuala O'Connor Kelly, DHS Chief Privacy Officer, Washington, DC 20528. Hand Delivery/Courier: Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security, Nuala O'Connor Kelly, Chief Privacy Officer, 245 Murray Lane, SW., Building 410, Washington, DC 20528, 7:30 a.m. to 4 p.m. Instructions: All submissions received must include the agency name and docket number for this rulemaking. All comments received will be posted without change to http://www.epa.gov/feddocket , including any personal information provided. For detailed instructions on submitting comments and additional information on the rulemaking process, see the ``Public Participation'' heading of the SUPPLEMENTARY INFORMATION section of this document. Docket: For access to the docket to read background documents or comments received, go to http://www.epa.gov/feddocket You may also access the Federal eRulemaking Portal at http://www.regulations.gov . FOR FURTHER INFORMATION CONTACT: Sandy Ford Page, Director, Disclosure Officer, Office of the Chief of Staff, Office of the Undersecretary for Information Analysis and Infrastructure Protection, Department of Homeland Security, Washington, DC 20528 by telephone (202) 282-8522 or facsimile (202) 282-9069; Nuala O'Connor Kelly, DHS Chief Privacy Officer, Department of Homeland Security, Washington, DC 20528, by telephone (202) 772-9848 or facsimile (202) 772-5036. SUPPLEMENTARY INFORMATION: Background Concurrently with the publication of this notice of proposed rulemaking, the Department of Homeland Security (DHS) is publishing a Notice establishing a new system of records that is subject to the Privacy Act of 1974, 5 U.S.C. 552a. DHS is proposing to exempt this system in part, from certain provisions of the Privacy Act. This system is the Office of the Undersecretary for Information Analysis and Infrastructure Protection (IAIP) Homeland Security Operations Center (HSOC) Database (DHS/IAIP001), which is being established to serve as the primary national-level hub for operational communications and information pertaining to domestic incident management and serves as the Nation's single point of threat information integration and dissemination to secure the homeland. The HSOC Database will support a single, centralized repository for gathered information. The Privacy Act embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses and disseminates personally identifiable information. The Privacy Act applies to information that is maintained in a ``system of records.'' A ``system of records'' is a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual. Individuals may request their own records that are maintained in a system of records in the possession or under the control of DHS by complying with DHS Privacy Act regulations, 6 CFR part 5. The Homeland Security Act of 2002 requires the Secretary of DHS to appoint a senior official to oversee implementation of the Privacy Act and to undertake other privacy-related activities. Pub. L. 107-296, Sec. 222, 116 Stat. 2135, 2155 (Nov. 25, 2002) (HSA). The systems of records being published today help to carry out the DHS Chief Privacy Officer's statutory activities. The Privacy Act requires each agency to publish in the Federal Register a description of the type and character of each system of records that the agency maintains, and the routine uses that are contained in each system in order to make agency recordkeeping practices transparent, to notify individuals regarding the uses to which personally identifiable information is put, and to assist individuals to more easily find such files within the agency. By separate notice, the Department has described the Homeland Security Operations Center database. The Privacy Act allows government agencies to exempt certain records from the access and amendment provisions. If an agency claims an exemption, however, it must issue a Notice of Proposed Rulemaking to make clear to the public the reasons why a particular exemption is claimed. DHS is claiming exemption from certain requirements of the Privacy Act. In the case of DHS/IAIP 001, which consists of operational communications and information pertaining to domestic incident management, allowing access to the [[Page 20062]] information that is derived from these files could alert the subject of the information to an investigation of an actual or potential criminal, civil, or regulatory violation and reveal investigative interest on the part of DHS or another agency. Disclosure of the information would therefore present a serious impediment to law enforcement efforts and/ or efforts to preserve national security. Disclosure of the information would also permit the individual who is the subject of a record to impede the investigation and avoid detection or apprehension, which undermines the entire system. This exemption is standard law enforcement and national security exemption utilized by numerous law enforcement and intelligence agencies. List of Subjects in 6 CFR Part 5 Classified information; Courts; Freedom of information; Government employees; Privacy. For the reasons stated in the preamble, DHS proposes to amend Chapter I of Title 6, Code of Federal Regulations, as follows: PART 5--DISCLOSURE OF RECORDS AND INFORMATION 1. The authority citation for Part 5 continues to read as follows: Authority: Pub. L. 107-296, 116 Stat. 2135, 6 U.S.C. 101 et seq.; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552. Subpart B also issued under 5 U.S.C. 552a. 2. Add at the end of Appendix C the following: * * * * * DHS/IAIP/OO1 Portions of the following DHS systems of records are exempt from certain provisions of the Privacy Act pursuant to 5 U.S.C. 552(j) and (k): DHS/IAIP 001, Department of Homeland Security (DHS) Homeland Security Operations Center database allows IAIP to maintain and retrieve intelligence information and other information received from agencies and components of the Federal Government, foreign governments, organizations or entities, international organizations, state and local government agencies (including law enforcement agencies), and private sector entities, as well as information provided by individuals, regardless of the medium used to submit the information or the agency to which it was submitted. This system also contains: information regarding persons on watch lists with possible links to terrorism; the results of intelligence analysis and reporting; ongoing law enforcement investigative information, information systems security analysis and reporting; historical law enforcement information, operational and administrative records; financial information; and public-source data such as that contained in media reports and commercial databases as appropriate to identify and assess the nature and scope of terrorist threats to the homeland, detect and identify threats of terrorism against the United States, and understand such threats in light of actual and potential vulnerabilities of the homeland. Data about the providers of information, including the means of transmission of the data is also retained. IAIP will use the information in the HSOC database to access, receive, and analyze law enforcement information, intelligence information, and other information and to integrate such information in order identify and assess the nature and scope of terrorist or other threats to the homeland. Pursuant to exemptions (j)(2), (k)(1), and (k)(2) of the Privacy Act, portions of this system are exempt from 5 U.S.C. 552a(c)(3); (d); (e)(1); (e)(4)(G), (H) and (I), and (e)(8), (f), and (g). Exemptions from the particular subsections are justified, on a case by case basis to be determined at the time a request is made, for the following reasons: (a) From subsection (c) (3) (Accounting for Disclosures) because release of the accounting of disclosures could alert the subject of an investigation of an actual or potential criminal, civil, or regulatory violation to the existence of the investigation and reveal investigative interest on the part of DHS as well as the recipient agency. Disclosure of the accounting would therefore present a serious impediment to law enforcement efforts and/or efforts to preserve national security. Disclosure of the accounting would also permit the individual who is the subject of a record to impede the investigation and avoid detection or apprehension, which undermines the entire system. (b) From subsection (d) (Access to Records) because access to the records contained in this system of records could inform the subject of an investigation of an actual or potential criminal, civil, or regulatory violation to the existence of the investigation and reveal investigative interest on the part of DHS or another agency. Access to the records would permit the individual who is the subject of a record to impede the investigation and avoid detection or apprehension. Amendment of the records would interfere with ongoing investigations and law enforcement activities and impose an impossible administrative burden by requiring investigations to be continuously reinvestigated. The information contained in the system may also include properly classified information, the release of which would pose a threat to national defense and/or foreign policy. In addition, permitting access and amendment to such information also could disclose security- sensitive information that could be detrimental to homeland security. (c) From subsection (e) (1) (Relevancy and Necessity of Information) because in the course of operations DHS IAIP must be able to review information from a variety of sources. What information is relevant and necessary may not always be apparent until after the evaluation is completed. In the interests of Homeland Security, it is appropriate to include a broad range of information that may aid in identifying and assessing the nature and scope of terrorist or other threats to the Homeland. Additionally, investigations into potential violations of federal law, the accuracy of information obtained or introduced, occasionally may be unclear or the information may not be strictly relevant or necessary to a specific investigation. In the interests of effective enforcement of federal laws, it is appropriate to retain all information that may aid in establishing patterns of unlawful activity. (d) From subsections (e) (4) (G), (H) and (I) (Agency Requirements), and (f), because portions of this system are exempt from the access and amendment provisions of subsection (d). Dated: April 7, 2005. Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security. [FR Doc. 05-7705 Filed 4-15-05; 8:45 am] BILLING CODE 4410-10-P -----------------------------------------------------------------------