[Federal Register Volume 89, Number 72 (Friday, April 12, 2024)] [Notices] [Pages 25897-25901] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: 2024-07766] ----------------------------------------------------------------------- DEPARTMENT OF THE INTERIOR Office of the Solicitor [DOI-2021-0003; 24XD4523WS, DWSN00000.000000, DL90000000, DP.90008] Privacy Act of 1974; System of Records AGENCY: Office of the Secretary, Interior. ACTION: Notice of a modified system of records. ----------------------------------------------------------------------- SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as amended, the Department of the Interior (DOI, Department) is issuing a public notice of its intent to modify the Privacy Act system of records, INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case Files. In this notice, DOI is proposing to consolidate the system of records with INTERIOR/OS-69, Freedom of Information Act Appeals Files, system of records; update the system name to INTERIOR/DOI-71, Freedom of Information Act (FOIA) Files; and provide updates to all sections of the notice in accordance with the Privacy Act and Office of Management and Budget (OMB) policy. DATES: This modified system will be effective upon publication. New or modified routine uses will be effective May 13, 2024. Submit comments on or before May 13, 2024. ADDRESSES: You may send comments identified by docket number [DOI-2021- 0003] by any of the following methods:Federal eRulemaking Portal: https://www.regulations.gov. Follow the instructions for sending comments. Email: [email protected]. Include docket number [DOI-2021-0003] in the subject line of the message. U.S. Mail or Hand-Delivery: Teri Barnett, Departmental Privacy Officer, U.S. Department of the Interior, 1849 C Street NW, Room 7112, Washington, DC 20240. Instructions: All submissions received must include the agency name and docket number [DOI-2021-0003]. All comments received will be posted without change to https://www.regulations.gov, including any personal information provided. Docket: For access to the docket to read background documents or comments received, go to https://www.regulations.gov. FOR FURTHER INFORMATION CONTACT: Teri Barnett, Departmental Privacy Officer, U.S. Department of the Interior, 1849 C Street NW, Room 7112, Washington, DC 20240, [email protected] or (202) 208-1605. SUPPLEMENTARY INFORMATION: I. Background The DOI maintains the Department-wide system of records, INTERIOR/ DOI-71, Electronic FOIA Tracking System and FOIA Case Files, to enable the Department to administer the FOIA Program more efficiently. This system of records contains information on individuals for the purposes of managing and processing FOIA requests, some of which may be processed in tandem with the Privacy Act of 1974, as amended, and supports the oversight and management of appeals filed by individuals under the FOIA and Privacy Act. This notice also covers DOI FOIA Program records and case files managed by DOI bureaus and offices that may include administrative records, communications, and other documents related to administration of the FOIA Program. Each DOI bureau and office is responsible for managing its own records related to its FOIA program. DOI is publishing this revised system of records notice (SORN) to consolidate two systems of records that support the administration of the DOI FOIA Program and cover the full lifecycle of a FOIA request to include the appeals process: INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case Files, 81 FR 33544 (May 26, 2016), modification published at 86 FR 50156 (September 7, 2021); and INTERIOR/OS-69, Freedom of Information Act Appeals Files, 64 FR 16986 (April 7, 1999), modification published at 86 FR 50156 (September 7, 2021). DOI is also proposing to update the system name to INTERIOR/DOI-71, Freedom of Information Act (FOIA) Files, and is updating all sections of the notice to reflect changes for the modified consolidated system in accordance with the Privacy Act of 1974 and OMB Circular A-108, Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act. The routine uses contained in the INTERIOR/OS-69 SORN are also reflected in the previously published INTERIOR/DOI-71 SORN. In this notice, DOI is changing the routine uses from a numeric to alphabetic list and is [[Page 25898]] proposing one new routine use and modifying existing routines uses to be consistent with DOI standard routine uses as reflected below. DOI will publish a rescindment notice to retire the INTERIOR/OS-69 SORN after public comments on this consolidated notice are received and the new and modified routine uses become effective. Routine use A is being modified to further clarify how disclosures are made to the Department of Justice (DOJ) or other Federal agencies when necessary, in relation to litigation or judicial hearings. Routine use B is being updated to clarify how disclosures are made to a congressional office to respond to or resolve an individual's request made to that office. Proposed new routine use C facilitates the sharing of information with the Executive Office of the President to resolve issues concerning individuals' records. Routine use H is being updated to expand the sharing of information with territorial organizations in response to court orders or for discovery purposes related to litigation. Routine use I is being updated to include grantees and service providers to allow DOI to share information to perform services to carry out the purpose of the system, ensure integrity of records, and perform system maintenance. Routine use J is being slightly modified to reflect the breach routine use language required by OMB Memorandum M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information. Pursuant to 5 U.S.C. 552a(b)(12), DOI may disclose information from this system to consumer reporting agencies as defined in the Fair Credit Reporting Act (15 U.S.C. 1681a(f)) or the Federal Claims Collection Act of 1966 (31 U.S.C. 3701(a)(3)) to aid in the collection of outstanding debts owed to the Federal Government. II. Privacy Act The Privacy Act of 1974, as amended, embodies fair information practice principles in a statutory framework governing the means by which Federal agencies collect, maintain, use, and disseminate individuals' records. The Privacy Act applies to records about individuals that are maintained in a ``system of records.'' A ``system of records'' is a group of any records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. The Privacy Act defines an individual as a United States citizen or lawful permanent resident. Individuals may request access to their own records that are maintained in a system of records in the possession or under the control of DOI by complying with DOI Privacy Act regulations at 43 CFR part 2, subpart K, and following the procedures outlined in the Records Access, Contesting Record, and Notification Procedures sections of this notice. The Privacy Act requires each agency to publish in the Federal Register a description denoting the existence and character of each system of records that the agency maintains and the routine uses of each system. The INTERIOR/DOI-71, Freedom of Information Act (FOIA) Files, SORN is published in its entirety below. In accordance with 5 U.S.C. 552a(r), DOI has provided a report of this system of records to the Office of Management and Budget and to Congress. III. Public Participation You should be aware your entire comment, including your personally identifiable information such as your address, phone number, email address, or any other personal information in your comment, may be made publicly available at any time. While you may request to withhold your personally identifiable information from public review, we cannot guarantee we will be able to do so. SYSTEM NAME AND NUMBER: INTERIOR/DOI-71, Freedom of Information Act (FOIA) Files. SECURITY CLASSIFICATION: Unclassified. SYSTEM LOCATION: Records in this system are located in the Departmental FOIA Office; Bureaus and Offices that oversee the FOIA Program (see the Department's FOIA website at https://www.doi.gov/foia/contacts for a list of the Department's FOIA contacts); FOIA and Privacy Act Appeals, Office of the Solicitor; Office of Inspector General (OIG) Office of General Counsel; and DOI service providers and contractor facilities. SYSTEM MANAGER(S): (1) The Director of the Departmental FOIA Office, Office of the Solicitor, U.S. Department of the Interior, 1849 C Street NW, MS-7328 MIB, Washington, DC 20240, has overall responsibility for the policies and procedures used to operate the system. Records are maintained under the control of the Departmental offices, bureaus, and offices. OIG independently manages its own FOIA Program, as discussed further below. (2) DOI Bureau and Office FOIA Officers and staff in headquarters and in field offices have responsibility for the FOIA files and data maintained for their respective organizations. To obtain a current list of the FOIA Officers and Coordinators and their addresses, see https://www.doi.gov/foia/contacts. (3) The FOIA and Privacy Act Appeals Officer, Office of the Solicitor, U.S. Department of the Interior, 1849 C Street NW, MS-6556 MIB, Washington, DC 20240, has responsibility for maintaining FOIA and Privacy Act appeal files and data for administrative appeals that do not appeal a decision of the OIG. (4) The OIG FOIA Officer, Office of General Counsel, U.S. Department of the Interior, 1849 C Street NW, MS-4428 MIB, Washington, DC 20240, has responsibility for maintaining OIG FOIA records and FOIA and Privacy Act appeal files for administrative appeals that appeal a decision of the OIG. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 552, The Freedom of Information Act, as amended; 5 U.S.C. 552a, The Privacy Act of 1974, as amended; DOI FOIA Regulations, 43 CFR part 2; DOI Privacy Act regulations, 43 CFR part 2, subpart K. PURPOSE(S) OF THE SYSTEM: The purpose of the system is to facilitate the Department's management and processing of Freedom of Information Act (FOIA) requests and appeals, some of which may be processed in tandem with the Privacy Act of 1974, as amended. This system: (1) enables the Department to administer FOIA request processing more efficiently; (2) supports action on FOIA requests, appeals, and litigation; (3) enables documents to be released in a more consistent manner; (4) assists in eliminating the duplication of effort; (5) gathers information for management and reporting purposes; and (6) improves customer service. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: Individuals or their representatives who have submitted FOIA or combined FOIA and Privacy Act requests for records or information, have submitted administrative appeals, and/or have FOIA mediation or litigation pending with DOI or another Federal agency; individuals whose FOIA requests or records have been consulted on or referred to the Department by other agencies; individuals who are the subject of such requests, appeals, mediation, and/or litigation; individuals who are referenced or whose information may be included in responsive records; and/or the DOI personnel assigned to handle such [[Page 25899]] requests, appeals, mediation, and litigation. CATEGORIES OF RECORDS IN THE SYSTEM: This system consists of records created or compiled in response to FOIA requests, or combined FOIA and Privacy Act requests, for records or information, administrative appeals, mediation, and related litigation and includes: original requests and administrative appeals; responses to such requests and appeals; all related memoranda, correspondence, notes, and other related or supporting documentation; records related to processing of FOIA requests and appeals, recommendations on appeals, and final decisions; and, in some instances, copies of requested records and records under appeal. Records about individuals may include name, mailing address, email address, telephone number, case file number, fee determinations, any information contained in the agency records requested by individuals, and identifying information about individual requesters or other information provided by requesters. RECORD SOURCE CATEGORIES: Information gathered in this system is submitted by individuals or entities filing FOIA requests and administrative appeals, agencies engaging in consultations or referrals, and agency employees processing these requests and appeals. Information may also be obtained from INTERIOR/DOI-57, Privacy Act Files, system, INTERIOR/SOL-1, Litigation, Appeal and Case Files, and other agency records. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DOI as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows: A. To the Department of Justice (DOJ), including Offices of the U.S. Attorneys, or other Federal agency conducting litigation or in proceedings before any court, adjudicative, or administrative body, when it is relevant or necessary to the litigation and one of the following is a party to the litigation or has an interest in such litigation: (1) DOI or any component of DOI; (2) Any other Federal agency appearing before the Office of Hearings and Appeals; (3) Any DOI employee or former employee acting in his or her official capacity; (4) Any DOI employee or former employee acting in his or her individual capacity when DOI or DOJ has agreed to represent that employee or pay for private representation of the employee; or (5) The United States Government or any agency thereof, when DOJ determines that DOI is likely to be affected by the proceeding. B. To a congressional office when requesting information on behalf of, and at the request of, the individual who is the subject of the record. C. To the Executive Office of the President in response to an inquiry from that office made at the request of the subject of a record or a third party on that person's behalf, or for a purpose compatible with the reason for which the records are collected or maintained. D. To any criminal, civil, or regulatory law enforcement authority (whether Federal, State, territorial, local, Tribal, or foreign) when a record, either alone or in conjunction with other information, indicates a violation or potential violation of law--criminal, civil, or regulatory in nature, and the disclosure is compatible with the purpose for which the records were compiled. E. To an official of another Federal agency to provide information needed in the performance of official duties related to reconciling or reconstructing data files or to enable that agency to respond to an inquiry by the individual to whom the record pertains. F. To Federal, State, territorial, local, Tribal, or foreign agencies that have requested information relevant or necessary to the hiring, firing or retention of an employee or contractor, or the issuance of a security clearance, license, contract, grant, or other benefit, when the disclosure is compatible with the purpose for which the records were compiled. G. To representatives of the National Archives and Records Administration (NARA) to conduct records management inspections under the authority of 44 U.S.C. 2904 and 2906. H. To State, territorial and local governments and Tribal organizations to provide information needed in response to court order and/or discovery purposes related to litigation, when the disclosure is compatible with the purpose for which the records were compiled. I. To an expert, consultant, grantee, shared service provider, or contractor (including employees of the contractor) of DOI that performs services requiring access to these records on DOI's behalf to carry out the purposes of the system. J. To appropriate agencies, entities, and persons when: (1) DOI suspects or has confirmed that there has been a breach of the system of records; (2) DOI has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOI (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOI's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm. K. To another Federal agency or Federal entity, when DOI determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in: (1) responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach. L. To the Office of Management and Budget (OMB) during the coordination and clearance process in connection with legislative affairs as mandated by OMB Circular A-19. M. To the Department of the Treasury to recover debts owed to the United States. N. To the news media and the public, with the approval of the Public Affairs Officer in consultation with counsel and the Senior Agency Official for Privacy, where there exists a legitimate public interest in the disclosure of the information, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy. O. To a debt collection agency for the purpose of collecting outstanding debts owed to the Department for fees associated with processing FOIA/Privacy Act requests. P. To other Federal, State, and local agencies having a subject matter interest in a request or an appeal or a decision thereon. Q. To another Federal agency to assist that agency in responding to an inquiry by the individual to whom that record pertains. R. To the National Archives and Records Administration, Office of Government Information Services [[Page 25900]] (OGIS), to the extent necessary to fulfill its responsibilities in 5 U.S.C. 552(h), to review administrative agency policies, procedures, and compliance with the FOIA, and to facilitate OGIS' offering of mediation services to resolve disputes between persons making FOIA requests and administrative agencies. POLICIES AND PRACTICES FOR STORAGE OF RECORDS: Paper records are contained in file cabinets and/or in secured rooms under the control of authorized DOI personnel. Electronic records are contained in computers, compact discs, magnetic tapes, external removable drives, email, diskettes, digital video disks, and electronic databases. POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: Information can be retrieved by specific data elements in the system including: the tracking number; name of the requester; the requester's organizational affiliation; subject; and other data elements. Paper records are normally retrieved by the tracking number. POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: Records are maintained under Departmental Records Schedule (DRS) 1.1 Administrative Records (DAA-0048-2013-0001) that covers FOIA and Privacy Act request files, correspondence, reports, and other program administration and financial management records, which has been approved by NARA. The disposition for these records is temporary and retention periods vary according to the specific record and the needs of the agency. FOIA request files and other short-term administration records are destroyed three years after cut-off, which is generally after the date of final reply or the end of the third fiscal year in which files are created. Long-term administration records that require additional retention are destroyed seven years after cut-off, which is generally at the end of the fiscal year in which files are closed if no unique cut-off is specified. The unique cutoff for FOIA appeal files and litigation records is when the case is closed or resolved. The unique cutoff for access and disclosure request files is after final agency action or 3 years after final adjudication by the courts, whichever is later. Paper records are disposed of by shredding or pulping, and records maintained on electronic media are degaussed, deleted, or erased in accordance with Departmental policy and NARA guidelines. ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: Access to records in the system is limited to authorized personnel whose official duties require such access. Paper records are maintained in file cabinets and/or in secured rooms under the control of authorized DOI personnel. Computer servers in which electronic records are stored are located in secure DOI, service provider or contractor facilities with physical, technical and administrative levels of security to prevent unauthorized access to the networks and information assets. Electronic records are maintained in accordance with the OMB and Departmental guidelines reflecting the implementation of the Federal Information Security Modernization Act of 2014 (Pub. L. 113- 283, 44 U.S.C. 3554). Electronic data is protected through user identification, passwords, database permissions and software controls. Such security measures establish different access levels for different types of users. System administrators and authorized users are trained and required to follow established internal security protocols and must complete all security, privacy, and records management training and sign the DOI Rules of Behavior. RECORD ACCESS PROCEDURES: An individual requesting access to their records should send a written inquiry to the applicable System Manager, as identified above in the System Manager section. DOI forms and instructions for submitting a Privacy Act request may be obtained from the DOI Privacy Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must include a general description of the records sought and the requester's full name, current address, and sufficient identifying information such as date of birth or other information required for verification of the requester's identity. The request must be signed and dated and be either notarized or submitted under penalty of perjury in accordance with 28 U.S.C. 1746. The request must include the specific bureau or office that maintains the record to facilitate location of the applicable records. Requests submitted by mail must be clearly marked ``PRIVACY ACT REQUEST FOR ACCESS'' on both the envelope and letter. A request for access must meet the requirements of 43 CFR 2.238. CONTESTING RECORD PROCEDURES: An individual requesting amendment of their records should send a written inquiry to the applicable System Manager, as identified above in the System Manager section. DOI instructions for submitting a request for amendment of records are available on the DOI Privacy Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must clearly identify the records for which amendment is being sought, the reasons for requesting the amendment, and the proposed amendment to the record. The request must include the requester's full name, current address, and sufficient identifying information such as date of birth or other information required for verification of the requester's identity. The request must be signed and dated and be either notarized or submitted under penalty of perjury in accordance with 28 U.S.C. 1746. The request must include the specific bureau or office that maintains the record to facilitate location of the applicable records. Requests submitted by mail must be clearly marked ``PRIVACY ACT REQUEST FOR AMENDMENT'' on both the envelope and letter. A request for amendment must meet the requirements of 43 CFR 2.246. NOTIFICATION PROCEDURES: An individual requesting notification of the existence of records about them should send a written inquiry to the applicable System Manager, as identified above in the System Manager section. DOI instructions for submitting a request for notification are available on the DOI Privacy Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must include a general description of the records and the requester's full name, current address, and sufficient identifying information such as date of birth or other information required for verification of the requester's identity. The request must be signed and dated and be either notarized or submitted under penalty of perjury in accordance with 28 U.S.C. 1746. The request must include the specific bureau or office that maintains the record to facilitate location of the applicable records. Requests submitted by mail must be clearly marked ``PRIVACY ACT INQUIRY'' on both the envelope and letter. A request for notification must meet the requirements of 43 CFR 2.235. EXEMPTIONS PROMULGATED FOR THE SYSTEM: To the extent that copies of exempt records from other systems of records are entered into this system, DOI claims the same exemptions for those records that are claimed for the original primary systems of records from which they originated. [[Page 25901]] HISTORY: INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case Files, 81 FR 33544 (May 26, 2016), modification published at 86 FR 50156 (September 7, 2021). Teri Barnett, Departmental Privacy Officer, U.S. Department of the Interior. [FR Doc. 2024-07766 Filed 4-11-24; 8:45 am] BILLING CODE 4334-63-P