[Federal Register: October 9, 2001 (Volume 66, Number 195)]
[Notices]               
[Page 51404-51405]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr09oc01-55]                         

-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Defense Information Systems Agency

 
Privacy Act of 1974; System of Records

AGENCY: Defense Information Systems Agency, DoD.

ACTION: Notice to add a system of records.

-----------------------------------------------------------------------

SUMMARY: The Defense Information Systems Agency proposes to add a 
system of records notice to its inventory of record systems subject to 
the Privacy Act of 1974 (5 U.S.C. 552a), as amended.

DATES: This action will be effective on November 8, 2001 unless 
comments are received that would result in a contrary determination.

ADDRESSES: Send comments to the Defense Information Systems Agency, 
CIO/D03A, 3701 N. Fairfax Drive, Arlington, VA 22203-1713.

FOR FURTHER INFORMATION CONTACT: Mr. Tommie Gregg at (703) 696-1891.

SUPPLEMENTARY INFORMATION: The Defense Information Systems Agency's 
record system notices for records systems subject to the Privacy Act of 
1974 (5 U.S.C. 552a), as amended, have been published in the Federal 
Register and are available from the address above.
    The proposed system report, as required by 5 U.S.C. 552a(r) of the 
Privacy Act, was submitted on September 26, 2001, to the House 
Committee on Government Reform, the Senate Committee on Governmental 
Affairs, and the Office of Management and Budget (OMB) pursuant to 
paragraph 4c of Appendix I to OMB Circular No. A-130, `Federal Agency 
Responsibilities for Maintaining Records About Individuals,' dated 
February 8, 1996, (61 FR 6427, February 20, 1996).

    Dated: October 2, 2001.
L. M. Bynum,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
K270-01,

System name:
    DoD Digital Certificate Records.

System location:
    Defense Enterprise Computing Center-Chambersburg, Letterkenny Army 
Depot, Building 3, Chambersburg, PA 17201-4186; and
    Defense Enterprise Computing Center-C-DE, 6760 East Irvington 
Place, Denver, CO 80279-8000.

Categories of individuals covered by the system:
    DoD military and civilian personnel, selected reservists; eligible 
DoD contractor personnel who have been assigned a digital certificate 
or have had their existing certificates renewed, replaced, revoked, or 
denied.

Categories of records in the system:
    The system contains information needed to establish accountability 
and audit control of digital certificates that have been assigned to 
DoD personnel who transmit electronic data that requires protection by 
enabling the use of public key cryptography.
    Records include operator's/user's name, organization, work 
telephone number, Social Security Number, date of birth, Electronic 
Identification Number, work e-mail address, username and password. 
Records on the creation, renewal, replacement, or revocation of digital 
certificates under the DoD Public Key Infrastructure, including 
evidence provided by applicants for proof of identity and authority, 
sources used to verify an applicant's identity and authority, and the 
certificates issued, denied, and revoked, including reasons for denial, 
and revocation.

Authority for maintenance of the system:
    5 U.S.C. 301, Departmental Regulations; The Electronic Signatures 
in Global and National Commerce Act, Pub. L. 106-229; Presidential 
Directive on Electronic Commerce, July 1, 1997; OASD(C3I) Policy 
Memorandum dated

[[Page 51405]]

August 12, 2000, subject: Department of Defense (DoD) Public Key 
Infrastructure (PKI) and, OASD(C3I) Memorandum dated Jan 2001, subject: 
Common Access Card (CAC), and Government Paperwork Elimination Act; and 
E.O. 9397 (SSN).

Purpose(s):
    This system of records is being maintained in order to issue 
digital certificates to DoD personnel who transmit electronic data that 
requires protection by enabling the use of public key cryptography.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the DoD as a routine use 
pursuant to 5 U.S.C. 552a(b)(3) as follows:
    The DoD `Blanket Routine Uses' set forth at the beginning of DISA's 
compilation of systems of records notices apply to this system.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Records are stored on paper files and electronic media.

Retrievability:
    Name, Social Security Number, date of birth, and the electronic 
identification number.

Safeguards:
    Facilities where the systems are maintained are locked when not 
occupied. Paper records are kept in filing cabinets and other storage 
places that are locked when office is not occupied. Computerized 
records maintained in a controlled area are accessible only to 
authorized personnel. Physical and electronic access is restricted to 
individuals having a need for the record in the performance of their 
official duties.

Retention and disposal:
    Disposition pending (until NARA has approved the retention and 
disposition schedule for these records, treat records as permanent).

System manager(s) and address:
    DoD Public Key Infrastructure and Directory Service Project 
Officer, 5111 Leesburg Pike, Suite 900, Falls Church, VA 22041-3205.

Notification procedure:
    Individuals seeking to determine whether information about 
themselves is contained in this system should address written inquiries 
to the DoD Public Key Infrastructure and Directory Service Project 
Officer, 5111 Leesburg Pike, Suite 900, Falls Church, VA 22041-3205.
    Requests should contain the individual's full name, Social Security 
Number, and date of birth.

Record access procedures:
    Individuals seeking access to information about themselves 
contained in this system should address written inquiries to the DoD 
Public Key Infrastructure and Directory Service Project Officer, 5111 
Leesburg Pike, Suite 900, Falls Church, VA 22041-3205.
    Requests should contain the individual's full name, Social Security 
Number, and date of birth.

Contesting record procedures:
    DISA's rules for accessing records, for contesting contents and 
appealing initial agency determinations are published in DISA 
Instruction 210-225-2; 32 CFR part 316; or may be obtained from the 
system manager.

Record source categories:
    The information is obtained from the subject individual, the 
Defense Manpower Data Center, and other official personnel documents.

Exemptions claimed for the system:
    None.

[FR Doc. 01-25120 Filed 10-5-01; 8:45 am]
BILLING CODE 5001-08-P 1