[Federal Register Volume 89, Number 72 (Friday, April 12, 2024)]
[Notices]
[Pages 25897-25901]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-07766]


-----------------------------------------------------------------------

DEPARTMENT OF THE INTERIOR

Office of the Solicitor

[DOI-2021-0003; 24XD4523WS, DWSN00000.000000, DL90000000, DP.90008]


Privacy Act of 1974; System of Records

AGENCY: Office of the Secretary, Interior.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended, the Department of the Interior (DOI, Department) is issuing a 
public notice of its intent to modify the Privacy Act system of 
records, INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case 
Files. In this notice, DOI is proposing to consolidate the system of 
records with INTERIOR/OS-69, Freedom of Information Act Appeals Files, 
system of records; update the system name to INTERIOR/DOI-71, Freedom 
of Information Act (FOIA) Files; and provide updates to all sections of 
the notice in accordance with the Privacy Act and Office of Management 
and Budget (OMB) policy.

DATES: This modified system will be effective upon publication. New or 
modified routine uses will be effective May 13, 2024. Submit comments 
on or before May 13, 2024.

ADDRESSES: You may send comments identified by docket number [DOI-2021-
0003] by any of the following methods:
     Federal eRulemaking Portal: https://www.regulations.gov. 
Follow the instructions for sending comments.
     Email: [email protected]. Include docket number 
[DOI-2021-0003] in the subject line of the message.
     U.S. Mail or Hand-Delivery: Teri Barnett, Departmental 
Privacy Officer, U.S. Department of the Interior, 1849 C Street NW, 
Room 7112, Washington, DC 20240.
    Instructions: All submissions received must include the agency name 
and docket number [DOI-2021-0003]. All comments received will be posted 
without change to https://www.regulations.gov, including any personal 
information provided.
    Docket: For access to the docket to read background documents or 
comments received, go to https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Teri Barnett, Departmental Privacy 
Officer, U.S. Department of the Interior, 1849 C Street NW, Room 7112, 
Washington, DC 20240, [email protected] or (202) 208-1605.

SUPPLEMENTARY INFORMATION:

I. Background

    The DOI maintains the Department-wide system of records, INTERIOR/
DOI-71, Electronic FOIA Tracking System and FOIA Case Files, to enable 
the Department to administer the FOIA Program more efficiently. This 
system of records contains information on individuals for the purposes 
of managing and processing FOIA requests, some of which may be 
processed in tandem with the Privacy Act of 1974, as amended, and 
supports the oversight and management of appeals filed by individuals 
under the FOIA and Privacy Act.
    This notice also covers DOI FOIA Program records and case files 
managed by DOI bureaus and offices that may include administrative 
records, communications, and other documents related to administration 
of the FOIA Program. Each DOI bureau and office is responsible for 
managing its own records related to its FOIA program. DOI is publishing 
this revised system of records notice (SORN) to consolidate two systems 
of records that support the administration of the DOI FOIA Program and 
cover the full lifecycle of a FOIA request to include the appeals 
process: INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case 
Files, 81 FR 33544 (May 26, 2016), modification published at 86 FR 
50156 (September 7, 2021); and INTERIOR/OS-69, Freedom of Information 
Act Appeals Files, 64 FR 16986 (April 7, 1999), modification published 
at 86 FR 50156 (September 7, 2021). DOI is also proposing to update the 
system name to INTERIOR/DOI-71, Freedom of Information Act (FOIA) 
Files, and is updating all sections of the notice to reflect changes 
for the modified consolidated system in accordance with the Privacy Act 
of 1974 and OMB Circular A-108, Federal Agency Responsibilities for 
Review, Reporting, and Publication under the Privacy Act.
    The routine uses contained in the INTERIOR/OS-69 SORN are also 
reflected in the previously published INTERIOR/DOI-71 SORN. In this 
notice, DOI is changing the routine uses from a numeric to alphabetic 
list and is

[[Page 25898]]

proposing one new routine use and modifying existing routines uses to 
be consistent with DOI standard routine uses as reflected below. DOI 
will publish a rescindment notice to retire the INTERIOR/OS-69 SORN 
after public comments on this consolidated notice are received and the 
new and modified routine uses become effective.
    Routine use A is being modified to further clarify how disclosures 
are made to the Department of Justice (DOJ) or other Federal agencies 
when necessary, in relation to litigation or judicial hearings. Routine 
use B is being updated to clarify how disclosures are made to a 
congressional office to respond to or resolve an individual's request 
made to that office. Proposed new routine use C facilitates the sharing 
of information with the Executive Office of the President to resolve 
issues concerning individuals' records. Routine use H is being updated 
to expand the sharing of information with territorial organizations in 
response to court orders or for discovery purposes related to 
litigation. Routine use I is being updated to include grantees and 
service providers to allow DOI to share information to perform services 
to carry out the purpose of the system, ensure integrity of records, 
and perform system maintenance. Routine use J is being slightly 
modified to reflect the breach routine use language required by OMB 
Memorandum M-17-12, Preparing for and Responding to a Breach of 
Personally Identifiable Information.
    Pursuant to 5 U.S.C. 552a(b)(12), DOI may disclose information from 
this system to consumer reporting agencies as defined in the Fair 
Credit Reporting Act (15 U.S.C. 1681a(f)) or the Federal Claims 
Collection Act of 1966 (31 U.S.C. 3701(a)(3)) to aid in the collection 
of outstanding debts owed to the Federal Government.

II. Privacy Act

    The Privacy Act of 1974, as amended, embodies fair information 
practice principles in a statutory framework governing the means by 
which Federal agencies collect, maintain, use, and disseminate 
individuals' records. The Privacy Act applies to records about 
individuals that are maintained in a ``system of records.'' A ``system 
of records'' is a group of any records under the control of an agency 
from which information is retrieved by the name of an individual or by 
some identifying number, symbol, or other identifying particular 
assigned to the individual. The Privacy Act defines an individual as a 
United States citizen or lawful permanent resident. Individuals may 
request access to their own records that are maintained in a system of 
records in the possession or under the control of DOI by complying with 
DOI Privacy Act regulations at 43 CFR part 2, subpart K, and following 
the procedures outlined in the Records Access, Contesting Record, and 
Notification Procedures sections of this notice.
    The Privacy Act requires each agency to publish in the Federal 
Register a description denoting the existence and character of each 
system of records that the agency maintains and the routine uses of 
each system. The INTERIOR/DOI-71, Freedom of Information Act (FOIA) 
Files, SORN is published in its entirety below. In accordance with 5 
U.S.C. 552a(r), DOI has provided a report of this system of records to 
the Office of Management and Budget and to Congress.

III. Public Participation

    You should be aware your entire comment, including your personally 
identifiable information such as your address, phone number, email 
address, or any other personal information in your comment, may be made 
publicly available at any time. While you may request to withhold your 
personally identifiable information from public review, we cannot 
guarantee we will be able to do so.

SYSTEM NAME AND NUMBER:
    INTERIOR/DOI-71, Freedom of Information Act (FOIA) Files.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Records in this system are located in the Departmental FOIA Office; 
Bureaus and Offices that oversee the FOIA Program (see the Department's 
FOIA website at https://www.doi.gov/foia/contacts for a list of the 
Department's FOIA contacts); FOIA and Privacy Act Appeals, Office of 
the Solicitor; Office of Inspector General (OIG) Office of General 
Counsel; and DOI service providers and contractor facilities.

SYSTEM MANAGER(S):
    (1) The Director of the Departmental FOIA Office, Office of the 
Solicitor, U.S. Department of the Interior, 1849 C Street NW, MS-7328 
MIB, Washington, DC 20240, has overall responsibility for the policies 
and procedures used to operate the system. Records are maintained under 
the control of the Departmental offices, bureaus, and offices. OIG 
independently manages its own FOIA Program, as discussed further below.
    (2) DOI Bureau and Office FOIA Officers and staff in headquarters 
and in field offices have responsibility for the FOIA files and data 
maintained for their respective organizations. To obtain a current list 
of the FOIA Officers and Coordinators and their addresses, see https://www.doi.gov/foia/contacts.
    (3) The FOIA and Privacy Act Appeals Officer, Office of the 
Solicitor, U.S. Department of the Interior, 1849 C Street NW, MS-6556 
MIB, Washington, DC 20240, has responsibility for maintaining FOIA and 
Privacy Act appeal files and data for administrative appeals that do 
not appeal a decision of the OIG.
    (4) The OIG FOIA Officer, Office of General Counsel, U.S. 
Department of the Interior, 1849 C Street NW, MS-4428 MIB, Washington, 
DC 20240, has responsibility for maintaining OIG FOIA records and FOIA 
and Privacy Act appeal files for administrative appeals that appeal a 
decision of the OIG.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 552, The Freedom of Information Act, as amended; 5 U.S.C. 
552a, The Privacy Act of 1974, as amended; DOI FOIA Regulations, 43 CFR 
part 2; DOI Privacy Act regulations, 43 CFR part 2, subpart K.

PURPOSE(S) OF THE SYSTEM:
    The purpose of the system is to facilitate the Department's 
management and processing of Freedom of Information Act (FOIA) requests 
and appeals, some of which may be processed in tandem with the Privacy 
Act of 1974, as amended. This system: (1) enables the Department to 
administer FOIA request processing more efficiently; (2) supports 
action on FOIA requests, appeals, and litigation; (3) enables documents 
to be released in a more consistent manner; (4) assists in eliminating 
the duplication of effort; (5) gathers information for management and 
reporting purposes; and (6) improves customer service.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals or their representatives who have submitted FOIA or 
combined FOIA and Privacy Act requests for records or information, have 
submitted administrative appeals, and/or have FOIA mediation or 
litigation pending with DOI or another Federal agency; individuals 
whose FOIA requests or records have been consulted on or referred to 
the Department by other agencies; individuals who are the subject of 
such requests, appeals, mediation, and/or litigation; individuals who 
are referenced or whose information may be included in responsive 
records; and/or the DOI personnel assigned to handle such

[[Page 25899]]

requests, appeals, mediation, and litigation.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system consists of records created or compiled in response to 
FOIA requests, or combined FOIA and Privacy Act requests, for records 
or information, administrative appeals, mediation, and related 
litigation and includes: original requests and administrative appeals; 
responses to such requests and appeals; all related memoranda, 
correspondence, notes, and other related or supporting documentation; 
records related to processing of FOIA requests and appeals, 
recommendations on appeals, and final decisions; and, in some 
instances, copies of requested records and records under appeal. 
Records about individuals may include name, mailing address, email 
address, telephone number, case file number, fee determinations, any 
information contained in the agency records requested by individuals, 
and identifying information about individual requesters or other 
information provided by requesters.

RECORD SOURCE CATEGORIES:
    Information gathered in this system is submitted by individuals or 
entities filing FOIA requests and administrative appeals, agencies 
engaging in consultations or referrals, and agency employees processing 
these requests and appeals. Information may also be obtained from 
INTERIOR/DOI-57, Privacy Act Files, system, INTERIOR/SOL-1, Litigation, 
Appeal and Case Files, and other agency records.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside DOI as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (DOJ), including Offices of the 
U.S. Attorneys, or other Federal agency conducting litigation or in 
proceedings before any court, adjudicative, or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    (1) DOI or any component of DOI;
    (2) Any other Federal agency appearing before the Office of 
Hearings and Appeals;
    (3) Any DOI employee or former employee acting in his or her 
official capacity;
    (4) Any DOI employee or former employee acting in his or her 
individual capacity when DOI or DOJ has agreed to represent that 
employee or pay for private representation of the employee; or
    (5) The United States Government or any agency thereof, when DOJ 
determines that DOI is likely to be affected by the proceeding.
    B. To a congressional office when requesting information on behalf 
of, and at the request of, the individual who is the subject of the 
record.
    C. To the Executive Office of the President in response to an 
inquiry from that office made at the request of the subject of a record 
or a third party on that person's behalf, or for a purpose compatible 
with the reason for which the records are collected or maintained.
    D. To any criminal, civil, or regulatory law enforcement authority 
(whether Federal, State, territorial, local, Tribal, or foreign) when a 
record, either alone or in conjunction with other information, 
indicates a violation or potential violation of law--criminal, civil, 
or regulatory in nature, and the disclosure is compatible with the 
purpose for which the records were compiled.
    E. To an official of another Federal agency to provide information 
needed in the performance of official duties related to reconciling or 
reconstructing data files or to enable that agency to respond to an 
inquiry by the individual to whom the record pertains.
    F. To Federal, State, territorial, local, Tribal, or foreign 
agencies that have requested information relevant or necessary to the 
hiring, firing or retention of an employee or contractor, or the 
issuance of a security clearance, license, contract, grant, or other 
benefit, when the disclosure is compatible with the purpose for which 
the records were compiled.
    G. To representatives of the National Archives and Records 
Administration (NARA) to conduct records management inspections under 
the authority of 44 U.S.C. 2904 and 2906.
    H. To State, territorial and local governments and Tribal 
organizations to provide information needed in response to court order 
and/or discovery purposes related to litigation, when the disclosure is 
compatible with the purpose for which the records were compiled.
    I. To an expert, consultant, grantee, shared service provider, or 
contractor (including employees of the contractor) of DOI that performs 
services requiring access to these records on DOI's behalf to carry out 
the purposes of the system.
    J. To appropriate agencies, entities, and persons when:
    (1) DOI suspects or has confirmed that there has been a breach of 
the system of records;
    (2) DOI has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, DOI (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and
    (3) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with DOI's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    K. To another Federal agency or Federal entity, when DOI determines 
that information from this system of records is reasonably necessary to 
assist the recipient agency or entity in:
    (1) responding to a suspected or confirmed breach; or
    (2) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    L. To the Office of Management and Budget (OMB) during the 
coordination and clearance process in connection with legislative 
affairs as mandated by OMB Circular A-19.
    M. To the Department of the Treasury to recover debts owed to the 
United States.
    N. To the news media and the public, with the approval of the 
Public Affairs Officer in consultation with counsel and the Senior 
Agency Official for Privacy, where there exists a legitimate public 
interest in the disclosure of the information, except to the extent it 
is determined that release of the specific information in the context 
of a particular case would constitute an unwarranted invasion of 
personal privacy.
    O. To a debt collection agency for the purpose of collecting 
outstanding debts owed to the Department for fees associated with 
processing FOIA/Privacy Act requests.
    P. To other Federal, State, and local agencies having a subject 
matter interest in a request or an appeal or a decision thereon.
    Q. To another Federal agency to assist that agency in responding to 
an inquiry by the individual to whom that record pertains.
    R. To the National Archives and Records Administration, Office of 
Government Information Services

[[Page 25900]]

(OGIS), to the extent necessary to fulfill its responsibilities in 5 
U.S.C. 552(h), to review administrative agency policies, procedures, 
and compliance with the FOIA, and to facilitate OGIS' offering of 
mediation services to resolve disputes between persons making FOIA 
requests and administrative agencies.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Paper records are contained in file cabinets and/or in secured 
rooms under the control of authorized DOI personnel. Electronic records 
are contained in computers, compact discs, magnetic tapes, external 
removable drives, email, diskettes, digital video disks, and electronic 
databases.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information can be retrieved by specific data elements in the 
system including: the tracking number; name of the requester; the 
requester's organizational affiliation; subject; and other data 
elements. Paper records are normally retrieved by the tracking number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are maintained under Departmental Records Schedule (DRS) 
1.1 Administrative Records (DAA-0048-2013-0001) that covers FOIA and 
Privacy Act request files, correspondence, reports, and other program 
administration and financial management records, which has been 
approved by NARA. The disposition for these records is temporary and 
retention periods vary according to the specific record and the needs 
of the agency. FOIA request files and other short-term administration 
records are destroyed three years after cut-off, which is generally 
after the date of final reply or the end of the third fiscal year in 
which files are created. Long-term administration records that require 
additional retention are destroyed seven years after cut-off, which is 
generally at the end of the fiscal year in which files are closed if no 
unique cut-off is specified. The unique cutoff for FOIA appeal files 
and litigation records is when the case is closed or resolved. The 
unique cutoff for access and disclosure request files is after final 
agency action or 3 years after final adjudication by the courts, 
whichever is later. Paper records are disposed of by shredding or 
pulping, and records maintained on electronic media are degaussed, 
deleted, or erased in accordance with Departmental policy and NARA 
guidelines.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to records in the system is limited to authorized personnel 
whose official duties require such access. Paper records are maintained 
in file cabinets and/or in secured rooms under the control of 
authorized DOI personnel. Computer servers in which electronic records 
are stored are located in secure DOI, service provider or contractor 
facilities with physical, technical and administrative levels of 
security to prevent unauthorized access to the networks and information 
assets. Electronic records are maintained in accordance with the OMB 
and Departmental guidelines reflecting the implementation of the 
Federal Information Security Modernization Act of 2014 (Pub. L. 113-
283, 44 U.S.C. 3554). Electronic data is protected through user 
identification, passwords, database permissions and software controls. 
Such security measures establish different access levels for different 
types of users. System administrators and authorized users are trained 
and required to follow established internal security protocols and must 
complete all security, privacy, and records management training and 
sign the DOI Rules of Behavior.

RECORD ACCESS PROCEDURES:
    An individual requesting access to their records should send a 
written inquiry to the applicable System Manager, as identified above 
in the System Manager section. DOI forms and instructions for 
submitting a Privacy Act request may be obtained from the DOI Privacy 
Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must include a general description of the records 
sought and the requester's full name, current address, and sufficient 
identifying information such as date of birth or other information 
required for verification of the requester's identity. The request must 
be signed and dated and be either notarized or submitted under penalty 
of perjury in accordance with 28 U.S.C. 1746. The request must include 
the specific bureau or office that maintains the record to facilitate 
location of the applicable records. Requests submitted by mail must be 
clearly marked ``PRIVACY ACT REQUEST FOR ACCESS'' on both the envelope 
and letter. A request for access must meet the requirements of 43 CFR 
2.238.

CONTESTING RECORD PROCEDURES:
    An individual requesting amendment of their records should send a 
written inquiry to the applicable System Manager, as identified above 
in the System Manager section. DOI instructions for submitting a 
request for amendment of records are available on the DOI Privacy Act 
Requests website at https://www.doi.gov/privacy/privacy-act-requests. 
The request must clearly identify the records for which amendment is 
being sought, the reasons for requesting the amendment, and the 
proposed amendment to the record. The request must include the 
requester's full name, current address, and sufficient identifying 
information such as date of birth or other information required for 
verification of the requester's identity. The request must be signed 
and dated and be either notarized or submitted under penalty of perjury 
in accordance with 28 U.S.C. 1746. The request must include the 
specific bureau or office that maintains the record to facilitate 
location of the applicable records. Requests submitted by mail must be 
clearly marked ``PRIVACY ACT REQUEST FOR AMENDMENT'' on both the 
envelope and letter. A request for amendment must meet the requirements 
of 43 CFR 2.246.

NOTIFICATION PROCEDURES:
    An individual requesting notification of the existence of records 
about them should send a written inquiry to the applicable System 
Manager, as identified above in the System Manager section. DOI 
instructions for submitting a request for notification are available on 
the DOI Privacy Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must include a general description of 
the records and the requester's full name, current address, and 
sufficient identifying information such as date of birth or other 
information required for verification of the requester's identity. The 
request must be signed and dated and be either notarized or submitted 
under penalty of perjury in accordance with 28 U.S.C. 1746. The request 
must include the specific bureau or office that maintains the record to 
facilitate location of the applicable records. Requests submitted by 
mail must be clearly marked ``PRIVACY ACT INQUIRY'' on both the 
envelope and letter. A request for notification must meet the 
requirements of 43 CFR 2.235.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    To the extent that copies of exempt records from other systems of 
records are entered into this system, DOI claims the same exemptions 
for those records that are claimed for the original primary systems of 
records from which they originated.

[[Page 25901]]

HISTORY:
    INTERIOR/DOI-71, Electronic FOIA Tracking System and FOIA Case 
Files, 81 FR 33544 (May 26, 2016), modification published at 86 FR 
50156 (September 7, 2021).

Teri Barnett,
Departmental Privacy Officer, U.S. Department of the Interior.
[FR Doc. 2024-07766 Filed 4-11-24; 8:45 am]
BILLING CODE 4334-63-P