[Federal Register: November 22, 2005 (Volume 70, Number 224)]
[Rules and Regulations]
[Page 70489-70491]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr22no05-6]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF DEFENSE
Office of the Secretary
32 CFR Part 310
Department of Defense Privacy Program
AGENCY: Department of Defense.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Department of Defense updates policies and
responsibilities for the Defense Privacy Program which implements the
Privacy Act of 1974 by showing organizational changes and realignments
and by revising referenced statutory and regulatory authority.
DATES: Effective Date: November 7, 2005.
FOR FURTHER INFORMATION CONTACT: Mr. Vahan Moushegian, Jr., at (703)
607-2943.
SUPPLEMENTARY INFORMATION: The proposed rule was published September 7,
2005 at 70 FR 53135. No comments were received. The Office of the
Secretary is therefore adopting the rule as published.
Executive Order 12866, ``Regulatory Planning and Review''
It has been determined that Privacy Act rules for the Department of
Defense are not significant rules. The rules do not (1) have an annual
effect on the economy of $100 million or more or adversely affect in a
material way the economy; a sector of the economy; productivity;
competition; jobs; the environment; public health or safety; or State,
local, or tribal governments or communities; (2) Create a serious
inconsistency or otherwise interfere with an action taken or planned by
another Agency; (3) Materially alter the budgetary impact of
entitlements, grants, user fees, or loan programs, or the rights and
obligations of recipients thereof; or (4) Raise novel legal or policy
issues arising out of legal mandates, the President's priorities, or
the principles set forth in this Executive order.
Public Law 96-354, ``Regulatory Flexibility Act'' (5 U.S.C. Chapter 6)
It has been determined that Privacy Act rules for the Department of
Defense do not have significant economic impact on a substantial number
of small entities because they are concerned only with the
administration of Privacy Act systems of records within the Department
of Defense.
[[Page 70490]]
Public Law 96-511, ``Paperwork Reduction Act'' (44 U.S.C. Chapter 35)
It has been determined that Privacy Act rules for the Department of
Defense impose no information requirements beyond the Department of
Defense and that the information collected within the Department of
Defense is necessary and consistent with 5 U.S.C. 552a, known as the
Privacy Act of 1974.
Section 202, Public Law 104-4, ``Unfunded Mandates Reform Act''
It has been determined that Privacy Act rulemaking for the
Department of Defense does not involve a Federal mandate that may
result in the expenditure by State, local and tribal governments, in
the aggregate, or by the private sector, of $100 million or more and
that such rulemaking will not significantly or uniquely affect small
governments.
Executive Order 13132, ``Federalism''
It has been determined that Privacy Act rules for the Department of
Defense do not have federalism implications. The rules do not have
substantial direct effects on the States, on the relationship between
the National Government and the States, or on the distribution of power
and responsibilities among the various levels of government.
List of Subjects in 32 CFR Part 310
Privacy.
0
Accordingly, 32 CFR part 310, Subpart A--DoD Policy, is amended as
follows:
PART 310--DOD PRIVACY PROGRAM
0
1. The authority citation for 32 CFR part 310 continues to read as
follows:
Authority: Pub. L. 93-579, 88 Stat 1896 (5 U.S.C. 552a).
0
2. Section 310.1 is revised to read as follows:
Sec. 310.1 Reissuance.
This part is reissued to consolidate into a single document (32 CFR
part 310) Department of Defense (DoD) policies and procedures for
implementing the Privacy Act of 1974, as amended (5 U.S.C. 552a) by
authorizing the development, publication and maintenance of the DoD
Privacy Program set forth by DoD Directive 5400.11 \1\ and 5400.11-R,
both entitled: ``DoD Privacy Program.''
0
3. Section 310.3 is amended by revising paragraph (a) to read as
follows:
---------------------------------------------------------------------------
\1\ Copies of DoD issuances may be obtained at http://www.dtic.mil/whs/directives/
.
---------------------------------------------------------------------------
Sec. 310.3 Applicability and scope.
* * * * *
(a) Applies to the Office of the Secretary of Defense (OSD), the
Military Departments, the Chairman of the Joint Chiefs of Staff, the
Combatant Commands, the Office of the Inspector General of the
Department of Defense (IG, DoD), the Defense Agencies, the DoD Field
Activities, and all other organizational entities in the Department of
Defense (hereinafter referred to collectively as ``the DoD
Components''). This part is mandatory for use by all DoD Components.
Heads of DoD Components may issue supplementary instructions only when
necessary to provide for unique requirements within heir Components.
Such instructions will not conflict with the provisions of this part.
* * * * *
0
4. Section 310.4 amended by revising the definition of ``Individual''
to read as follows:
Sec. 310.4 Definitions.
* * * * *
Individual. A living person who is a citizen of the United States
or an alien lawfully admitted for permanent residence. The parent of a
minor or the legal guardian of any individual also may act on behalf of
an individual. Members of the United States Armed Forces are
individuals. Corporations, partnerships, sole proprietorships,
professional groups, businesses, whether incorporated or
unincorporated, and other commercial entities are not individuals.
* * * * *
0
5. Section 310.5 is amended as follows:
0
a. Removing the introductory text;
0
b. Revising paragraphs (a) and (g);
0
c. Adding paragraph (j) to read as follows:
Sec. 310.5 Policy.
a. The privacy of an individual is a personal and fundamental right
that shall be respected and protected.
* * * * *
(g) Disclosure of records pertaining to personnel of the National
Security Agency, the Defense Intelligence Agency, the National
Reconnaissance Office, and the National Geospatial-Intelligence Agency
shall be prohibited to the extent authorized by Public Law 86-36 (1959)
and 10 U.S.C. 424. Disclosure of records pertaining to personnel of
overseas, sensitive, or routinely deployable units shall be prohibited
to the extent authorized by 10 U.S.C. 130b. Disclosure of medical
records is prohibited except as authorized by DoD 6025.18-R. \2\
---------------------------------------------------------------------------
\2\ See footnote 1 to Sec. 310.1.
---------------------------------------------------------------------------
* * * * *
(j) DoD Field Activities shall receive Privacy Program support from
the Director, Washington Headquarters Services.
0
6. Section 310.6 is amended by revising paragraphs (a)(4), (b), (c)
introductory text, (c)(3), (d) introductory text and (d)(5); and adding
paragraph (a)(5) to read as follows:
Sec. 310.6 Responsibilities.
(a) * * *
(4) Serve as the Chair to the Defense Privacy Board and Defense
Data Integrity Board (Sec. 310.9).
(5) Supervise and oversee the activities of the Defense Privacy
Office (Sec. 310.9).
(b) The Director, Washington Headquarters Services, under the DA&M,
OSD, shall provide Privacy Program support for DoD Field Activities.
(c) The General Counsel of the Department of Defense (GC, DoD)
shall:
* * * * *
(3) Serve as a member of the Defense Privacy Board, the Defense
Data Integrity Board, the Defense Privacy Board Legal Committee (Sec.
310.9).
(d) The Secretaries of the Military Departments and the Heads of
the Other DoD Components, except as noted in Sec. 310.5(j), shall:
* * * * *
(5) Submit reports, consistent with the requirements of DoD
5400.11-R, as mandated by 5 U.S.C. 552a and OMB Circular A-130, and as
otherwise directed by the Defense Privacy Office.
* * * * *
0
7. Section 310.9 is amended as follows:
0
a. Revise paragraphs (a)(1), (b)(1), (c)(1);
0
b. Redesignate the second paragraph (c) as a new paragraph (d);
0
c. Revise newly redesignated (d)(2)(vi) and (d)(2)(x) to read as
follows:
Sec. 310.9 Privacy boards and office composition and
responsibilities.
(a) * * *
(1) Membership. The Board shall consist of the DA&M, OSD, who shall
serve as the Chair; the Director of the Defense Privacy Office, DA&M,
who shall serve as the Executive Secretary and as a member; The
representatives designated by the Secretaries of the Military
Departments; and the following officials or their designees: The Deputy
Under Secretary of Defense for Program
[[Page 70491]]
Integration (DUSD (PI)); the Assistant Secretary of Defense for Health
Affairs; the Assistant Secretary of Defense for Networks and
Information Integration (ASD(NII))/Chief Information Officer (CIO); the
Director, Executive Services and Communications Directorate, Washington
Headquarters Services (WHS); the GC, DoD; and the Director for
Information Technology Management Directorate (ITMD), WHS. The
designees also may be the principal point of contact for the DoD
Component for privacy matters.
* * * * *
(b) * * *
(1) Membership. The Board shall consist of the DA&M, OSD, who shall
serve as the Chair; the Director of the Defense Privacy Office, DA&M,
who shall serve as the Executive Secretary; and the following officials
or their designees: The representatives designated by the Secretaries
of the Military Departments; the DUSD (PI); the ASD (NII)/CIO; the GC,
DoD; the Inspector General, DoD; the ITMD, WHS; and the Director,
Defense Manpower Data Center. The designees also may be the principal
points of contact for the DoD Component for privacy matters.
* * * * *
(c) * * *
(1) The Committee shall consist of the Director, Defense Privacy
Office, DA&M, who shall serve as the Chair and the Executive Secretary;
the GC, DoD, or designee; and civilian and/or military counsel from
each of the DoD Components. The General Counsels (GCs) and The Judge
Advocates General of the Military Departments shall determine who shall
provide representation for their respective Department to the
Committee. This does not preclude representation from each office. The
GCs of the other DoD Components shall provide legal representation to
the Committee. Other DoD civilian or military counsel may be appointed
by the Executive Secretary, after coordination with the DoD Component
concerned, to serve on the Committee on those occasions when
specialized knowledge or expertise shall be required.
* * * * *
(d) The Defense Privacy Office.
* * * * *
(2) * * *
(vi) Review proposed DoD Component privacy rulemaking, to include
submission of the rule to the Office of the Federal Register for
publication and providing OMB and the Congress reports, consistent with
5 U.S.C. 552a, OMB Circular A-130, and DoD 5400.11-R.
* * * * *
(x) Compile and submit the ``Biennial Matching Activity Report'' to
the OMB as required by OMB Circular A-130 and DoD 5400.11-R, and such
other reports as required.
* * * * *
Dated: November 16, 2005.
L.M. Bynum,
OSD Federal Register Liaison Officer, Department of Defense.
[FR Doc. 05-23070 Filed 11-21-05; 8:45 am]
BILLING CODE 5001-06-M