72 FR 3410 / 01-25-07
Pursuant to the provisions of the Privacy Act of 1974, 5 U.S.C. 552a, notice is given that the Department of Justice proposes to modify all of its systems of records, as identified in the list below.
On October 30, 2006, the Department modified all of its systems of records to include a new routine use that allows disclosure to appropriate persons and entities for purposes of response and remedial efforts in the event that there has been a breach of the data contained in the systems. 71 FR 63,354 (October 30, 2006).
In accordance with 5 U.S.C. 552a(e)(4) and (11), the public was given a 30-day period in which to comment; and the Office of Management and Budget (OMB), which has oversight responsibility under the Privacy Act, required a 40-day period in which to conclude its review of the systems.
As a result of comments received, the Department is making a minor modification to the language of the routine use in order to provide greater clarity. A concern was raised that the condition set forth in clause (1) of the routine use ("when (1) it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised") does not clearly identify precisely who has to suspect or confirm the compromise. While it was the intent of the drafters that it be the Department of Justice that must suspect or confirm the compromise, because that intent is expressed only implicitly in the routine use, the Department is modifying the language of the first condition to provide additional clarity.
A description of the modification to the Department's systems of records is provided below. In accordance with 5 U.S.C. 552a(r), the Department has provided a report to OMB and the Congress. The new routine use will be effective January 25, 2007.
Department of Justice Privacy Act notices and citations follow. An asterisk (*) designates the last publication of the complete document in the Federal Register.
FBI-001 |
National Crime Information Center (NCIC) |
64 FR 52343 |
FBI-002 |
The FBI Central Records System |
63 FR 8671*
66 FR 17200 |
FBI-003 |
Bureau Mailing Lists |
70 FR 7513 |
FBI-006 |
Electronic Surveillance (ELSUR) Indices |
70 FR 7513, 14 |
FBI-007 |
FBI Automated Payroll System |
58 FR 51874 |
FBI-008 |
Bureau Personnel Management System (BPMS) |
58 FR 51875 |
FBI-009 |
Fingerprint Identification Records System (FIRS) |
64 FR 52347 |
FBI-010 |
Employee Travel Vouchers and Individual Earning Records |
52 FR 47248 |
FBI-011 |
Employee Health Records |
58 FR 51875 |
FBI-012 |
Time Utilization Record-Keeping (TURK) System |
58 FR 51876 |
FBI-013 |
Security Access Control System (SACS) |
70 FR 7513, 16 |
FBI-014 |
FBI Alchoholism Program |
52 FR 47251 |
FBI-015 |
National Center for the Analysis of Violent Crimer (NCAVC) |
58 FR 51879 |
FBI-016 |
FBI Counterdrug Information Indices System (CIIS) |
59 FR 29824 |
FBI-017 |
National DNA Index System (NDIS) |
61 FR 37495 |
FBI-018 |
National Instant Criminal Background Check System (NICS) |
63 FR 65223*
65 FR 78190
66 FR 6676
66 FR 12959 |
FBI-019 |
Terrorist Screening Records System |
70 FR 43715*
70 FR 72315 |
FBI Blanket Routine Uses |
FBI established ten "blanket" routine uses (BRUs) to be applicable to more than one FBI system of records |
66 FR 33558*
70 FR 7513 |
* * * * *
Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses:
To appropriate agencies, entities, and persons when (1) The
Department suspects or has confirmed that the security or
confidentiality of information in the system of records has been
compromised; (2) the Department has determined that as a result of the
suspected or confirmed compromise there is a risk of harm to economic
or property interests, identity theft or fraud, or harm to the security
or integrity of this system or other systems or programs (whether
maintained by the Department or another agency or entity) that rely
upon the compromised information; and (3) the disclosure made to such
agencies, entities, and persons is reasonably necessary to assist in
connection with the Department's efforts to respond to the suspected or
confirmed compromise and prevent, minimize, or remedy such harm.
* * * * *
Dated January 22, 2007