Privacy Act of 1974; Implementation, 72199-72205 [05-23568]

Agencies

• Federal Bureau of Investigation
• Department of Justice

[Federal Register Volume 70, Number 231 (Friday, December 2, 2005)]
[Rules and Regulations]
[Pages 72199-72205]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 05-23568]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF JUSTICE

Federal Bureau of Investigation

28 CFR Part 16

[AAG/A Order No. 010-2005]


Privacy Act of 1974; Implementation

AGENCY: Federal Bureau of Investigation, DOJ.

ACTION: Final rule.

-----------------------------------------------------------------------

[[Page 72200]]

SUMMARY: The Department of Justice (DOJ), Federal Bureau of 
Investigation (FBI), is issuing a final rule exempting a new system of 
records entitled the Terrorist Screening Records System (TSRS) 
(JUSTICE/FBI-019) from subsections (c)(3) and (4); (d)(1), (2), (3), 
and (4); (e)(1), (2), (3), (5), and (8); and (g) of the Privacy Act, 
pursuant to 5 U.S.C. 552a(j) and (k). The FBI published a system of 
records notice for JUSTICE/FBI-019 and a proposed rule implementing 
these exemptions on July 28, 2005, at 70 FR 43661 and 43715. The listed 
exemptions are necessary to avoid interference with the law 
enforcement, intelligence, and counterterrorism functions and 
responsibilities of the FBI and the Terrorist Screening Center (TSC). 
This document addresses public comments on both the proposed rule and 
the system of records notice.

DATES: This final rule is effective January 3, 2006.

FOR FURTHER INFORMATION CONTACT: Mary E. Cahill, (202) 307-1823.

SUPPLEMENTARY INFORMATION:

Background

    On July 28, 2005, the FBI published notice of a new Privacy Act 
system of records entitled ``Terrorist Screening Records System, 
JUSTICE/FBI-019,'' which became effective on September 6, 2005.\1\ The 
Terrorist Screening Records System (TSRS) supports the mission of the 
FBI-administered Terrorist Screening Center (TSC) to consolidate the 
Government's approach to terrorism screening. Under Homeland Security 
Presidential Directive/HSPD-6, the TSC maintains the Government's 
consolidated watch list of known and suspected terrorists in the 
Terrorist Screening Database (TSDB). As required by HSPD-6, the TSDB 
contains ``information about individuals known or appropriately 
suspected to be or have been engaged in conduct constituting, in 
preparation for, in aid of, or related to terrorism.'' \2\ The TSDB is 
a sensitive-but-unclassified database containing only identifying 
information about known or suspected terrorists. Information from the 
TSDB is used to screen for terrorists in a variety of contexts, 
including during law enforcement encounters, the adjudication of 
applications for U.S. visas or other immigration and citizenship 
programs, at U.S. land borders and ports of entry, and for civil 
aviation security purposes. The TSDB is included in the new TSRS.
---------------------------------------------------------------------------

    \1\ 70 FR 43715 (July 28, 2005).
    \2\ Homeland Security Presidential Directive/HSPD-6 (Sept. 16, 
2003).
---------------------------------------------------------------------------

    In conjunction with publication of the TSRS system of records 
notice, the FBI initiated a rulemaking to exempt the TSRS from a number 
of provisions of the Privacy Act, pursuant to its authority in Privacy 
Act subsections 552a(j) and (k).\3\ On July 28, 2005, the FBI published 
at 70 FR 43661 a proposed rule exempting records in the TSRS from 
Privacy Act subsections (c)(3) and (4); (d)(1), (2), (3), and (4); 
(e)(1), (2), (3), (5), and (8); and (g).\4\
---------------------------------------------------------------------------

    \3\ 5 U.S.C. 552a(j), (k).
    \4\ 5 U.S.C. 552a(c)(3)-(4); (d)(1)-(4); (e)(1)-(3), (5), (8); 
(g).
---------------------------------------------------------------------------

Public Comments

    The FBI received comments on the proposed rule and the TSRS system 
of records notice from the Electronic Privacy Information Center (EPIC) 
and joint comments from the Electronic Frontier Foundation and Privacy 
Activism (EFF/PA). A discussion of these comments and the FBI's 
responses are set forth below. With respect to the public comments on 
the routine uses for the TSRS that were published in the July 28, 2005, 
notice, the FBI has determined that none of the comments merited 
changes to routine uses prior to their implementation.

A. Exemption From Subsections (c) and (d) (Accounting, Access, and 
Amendment)

    EPIC objected to the FBI's proposal to exempt the TSRS from 
subsection (d) of the Privacy Act, which generally requires an agency 
to permit individuals access to records pertaining to them and the 
ability to request correction of any portion they believe is not 
accurate, relevant, timely, or complete.\5\ EPIC stated that exemption 
of the TSRS from subsection (d) is in conflict with the purposes of the 
Privacy Act. EPIC stated that the FBI's notice of proposed rulemaking 
does not explain how the application of standard Privacy Act procedures 
permitting access to records would seriously damage the purpose of the 
TSRS.
---------------------------------------------------------------------------

    \5\ 5 U.S.C. 552a(d).
---------------------------------------------------------------------------

    EFF/PA objected to the FBI's application of any of the exemptions 
to information about individuals who have been misidentified as known 
or suspected terrorists. EFF/PA stated that, for instance, there is no 
basis to exempt information about misidentified persons from subsection 
(c)(3) of the Privacy Act, which permits individuals to obtain an 
accounting of any disclosures of records containing information about 
them.\6\
---------------------------------------------------------------------------

    \6\ 5 U.S.C. 552a(c)(3).
---------------------------------------------------------------------------

    The exemption of the TSRS from the access provisions of subsection 
(d) is fully consistent with the language and intent of the Privacy 
Act. Allowing the subject of a TSRS record to obtain access to the 
record could, among other things, reveal the Government's investigative 
interest in a known or suspected terrorist, leading to the destruction 
of evidence, improper influencing of witnesses, or flight of the 
subject. Public release of information in the TSRS also could endanger 
the safety of confidential sources and law enforcement personnel. 
Congress anticipated these types of potentially damaging consequences 
of allowing access to some categories of Government records and 
included the exemption provisions in the Privacy Act to address them. 
According to the Office of Management and Budget's Guidelines for 
Privacy Act Implementation (OMB Guidelines), ``[t]he drafters of the 
Act recognized that the application of all the requirements of the Act 
to certain categories of records would have had undesirable and often 
unacceptable effects upon agencies in the conduct of necessary public 
business.'' \7\ Frustrating the detection and prevention of terrorist 
activities and endangering the lives of law enforcement personnel are 
the type of ``undesirable'' and ``unacceptable'' effects on the 
Government's operation that the drafters of the Privacy Act sought to 
avoid through the allowance of exemptions. Thus, the FBI's claim of 
exemption from the access provisions of the Privacy Act for the TSRS is 
consistent with the principles of public policy reflected in the Act.
---------------------------------------------------------------------------

    \7\ 40 FR 28971 (July 9, 1975).
---------------------------------------------------------------------------

    Although the FBI has claimed exemption from the access and 
amendment requirements of subsection (d), this exemption applies only 
to those records or portions of records contained in the TSRS that meet 
the requirements for exemption. While the FBI anticipates that all the 
records in the TSRS meet such requirements, individuals may submit 
requests for access to any non-exempt records pertaining to them. In 
addition, the FBI may allow individuals access to exempt records on a 
discretionary basis under proposed 28 CFR 16.96(r)(2). The FBI also 
will consider requests for amendment of records under this 
discretionary procedure. In addition, the TSC will work with the 
agencies that use data from the TSDB in their screening operations to 
assist those agencies in helping individuals who may be misidentified 
during the screening process.
    EPIC stated that the FBI's discretionary procedures for access and 
amendment and its assistance to

[[Page 72201]]

screening agencies in resolving complaints provide inadequate recourse 
for individuals misidentified as watch list matches. This is in part, 
according to EPIC, because the screening agencies do not have effective 
redress processes in place for those adversely affected by watch list 
screening procedures. The FBI believes that its procedures strike the 
appropriate balance between the interest in public safety and the needs 
of those individuals who experience repeated difficulties related to 
terrorist watch list information. The FBI and its partner agencies in 
the TSC continue to work to improve redress processes related to 
terrorist screening.
    EPIC also stated that the application of the claimed exemptions to 
the entire TSRS is inappropriate, because the system will contain 
information that should be subject to access. EFF/PA objected to 
applying any exemptions to information about misidentified persons. 
They argued that because misidentified persons are not actually 
subjects of an investigation, the release of information about them 
would not reveal the Government's interest in investigating terrorists. 
Therefore, they argued, exemption from provisions such as subsection 
(c)(3) regarding accounting of record disclosures, is unwarranted.
    As stated in subsection proposed 28 CFR 16.96(r)(2), the exemptions 
claimed by the FBI for the TSRS apply only to the extent that 
information in the system is subject to one of those exemptions. If any 
record or portion of a record in the TSRS is not subject to the claimed 
exemptions, the FBI will release that information, as appropriate, in 
response to a proper Privacy Act request. The FBI is claiming 
exemptions for the entire TSRS, however, in accordance with the 
language of 5 U.S.C. 552a(j) and (k), which permits the head of an 
agency ``to exempt any system of records'' from the access requirements 
of the Privacy Act. Furthermore, as stated in the proposed rule, the 
FBI may waive an applicable exemption where compliance with access 
procedures would not appear to interfere with or adversely affect the 
counterterrorism processes of the TSRS and the overall law enforcement 
process.
    With respect to the comments of EFF/PA on misidentified persons, 
individuals are misidentified as known or suspected terrorists during 
the screening process when their names and other identifying 
information are the same as, or very similar to, that of a known or 
suspected terrorist. Disclosing information about misidentified 
persons, therefore, could reveal the Government's investigative 
interest in a terrorist suspect, because it could make known the name 
of the individual who actually is the subject of the Government's 
interest. Consequently, the Government has as great an interest in 
protecting the confidentiality of identifying information of 
misidentified persons as it does in protecting the confidentiality of 
the identities of the actual persons of interest. The FBI has added a 
discussion of this justification in sections 16.96(s)(1) and (3) of the 
final rule.
    EPIC raised a question about the FBI's ability to use 5 U.S.C. 
552a(k)(2) as the basis for exempting the TSRS from the access 
provisions in subsection (d). EPIC stated that exemption (k)(2) is 
applicable only where the system of records consists of investigatory 
material compiled for law enforcement purposes. EPIC further stated 
that exemption (k)(2) generally does not permit an agency to deny an 
individual access to a record where the agency's maintenance of the 
record resulted in the individual being denied a right, privilege, or 
benefit to which he would otherwise be entitled by Federal law, or for 
which he would otherwise be eligible.\8\ EPIC requested further 
explanation of the FBI's authority to exempt the TSRS from the Privacy 
Act's access provisions, in light of the limitations on the 
applicability of the (k)(2) exemption.
---------------------------------------------------------------------------

    \8\ 5 U.S.C. 552a(k)(2).
---------------------------------------------------------------------------

    Under the Privacy Act, an agency may exempt a system of records 
from the access provisions of subsections (c) and (d) if the system of 
records meets certain criteria under 5 U.S.C. 552a(j) or (k). The FBI 
is exempting the TSRS from the access provisions under the authority of 
5 U.S.C. 552a(j)(2), (k)(1), and (k)(2).
    Exemption (j)(2) applies where a system of records consists of 
information compiled for purposes of a criminal investigation and the 
system is maintained by an agency or component of the agency that 
performs as its principal function any activity pertaining to the 
enforcement of criminal laws, including efforts to prevent, control, or 
reduce crime or to apprehend criminals.\9\ The records in the TSRS come 
within the scope of the (j)(2) exemption because they are maintained by 
the FBI for the purpose of identifying individuals who pose potential 
terrorist threats and enforcing the criminal laws with respect to those 
individuals.\10\
---------------------------------------------------------------------------

    \9\ 5 U.S.C. 552a(j)(2).
    \10\ 70 FR 43716 (July 28, 2005).
---------------------------------------------------------------------------

    Exemption (k)(1) applies to a system of records that contains 
information classified in the interest of national security.\11\ Some 
records in the TSRS are subject to exemption (k)(1) because they 
contain such classified information.
---------------------------------------------------------------------------

    \11\ 5 U.S.C. 552a(k)(1).
---------------------------------------------------------------------------

    Exemption (k)(2) applies to investigatory material compiled for law 
enforcement purposes that is not otherwise covered by exemption (j)(2). 
The FBI believes most, if not all, records in the TSRS fall within the 
scope of exemptions (j)(2) and (k)(1). The FBI is invoking exemption 
(k)(2) as a precautionary measure to protect investigatory information 
that may not be covered by exemption (j)(2) or (k)(1). If an instance 
arises where a record is not covered by exemptions (j)(2) or (k)(1), 
and the exception to exemption (k)(2) applies regarding denial of an 
individual's right, privilege, or benefit due to maintenance of the 
record at issue, the FBI will provide the individual access to that 
record to the extent that the law requires.

B. Exemption From Subsection (e)(1) (Relevant and Necessary)

    EPIC objected to the FBI's proposal to exempt the TSRS from 
subsection (e)(1) of the Privacy Act, which requires an agency to 
``maintain in its records only such information about an individual as 
is relevant and necessary to accomplish a purpose of the agency 
required to be accomplished by statute or by executive order of the 
President.'' \12\ EPIC stated that exemption of the TSRS from 
subsection (e)(1) will increase the likelihood that the system will 
contain erroneous and invasive information unrelated to terrorist 
screening.
---------------------------------------------------------------------------

    \12\ 5 U.S.C. 552a(e)(1).
---------------------------------------------------------------------------

    As discussed in the notice of proposed rulemaking, the FBI is 
exempting the TSRS from subsection (e)(1) in furtherance of the 
screening and law enforcement purposes of the system. The collection of 
information during the screening process and the facilitation of an 
appropriate law enforcement response may involve the collection of 
identifying information that, following completion of the screening or 
response, turns out to have been unnecessary. It is not always possible 
to know in advance what information will be relevant or necessary, such 
that the TSC and the FBI can tailor their information collection in all 
cases to meet the requirements of subsection (e)(1). This is not, 
however, inconsistent with the principles of the Privacy Act. As 
discussed above, the drafters of the Privacy Act established exemptions 
from provisions such as subsection

[[Page 72202]]

(e)(1) to avoid inappropriately limiting the ability of the Government 
to carry out certain functions, such as law enforcement.\13\ 
Constraining the collection of information included in the TSRS in 
accordance with the ``relevant and necessary'' requirement of 
subsection (e)(1) could discourage the appropriate collection of 
information, and thereby impede the Government's efforts to detect and 
apprehend terrorists. It is, therefore, appropriate to exempt the TSRS 
from subsection (e)(1).
---------------------------------------------------------------------------

    \13\ OMB Guidelines, 40 FR 28971 (July 9, 1975).
---------------------------------------------------------------------------

C. Exemption From Subsection (e)(5) (Accuracy, Relevance, Timeliness 
and Completeness)

    EPIC and EFF/PA objected to the FBI's proposal to exempt the TSRS 
from subsection (e)(5) of the Privacy Act, which requires agencies to 
``maintain all records which are used by the agency in making any 
determination about any individual with such accuracy, relevance, 
timeliness, and completeness as is reasonably necessary to assure 
fairness to the individual in the determination.'' \14\ EPIC and EFF/PA 
stated that exemption of the TSRS from subsection (e)(5) is 
inconsistent with the TSC's obligation under its governing 
organizational document to develop and maintain ``the most thorough, 
accurate, and current information possible'' about known or 
appropriately suspected terrorists.\15\
---------------------------------------------------------------------------

    \14\ 5 U.S.C. 552a(e)(5).
    \15\ See Memorandum of Understanding on the Use and Integration 
of Screening Information to Protect Against Terrorism at 1, (Sept. 
16, 2003).
---------------------------------------------------------------------------

    As discussed in the notice of proposed rulemaking, the TSC supports 
agencies that conduct terrorism investigations by collecting 
information from encounters with known or suspected terrorists. It is 
not always possible to determine, when collecting information during an 
encounter with a terrorist suspect, whether the information is 
accurate, relevant, timely, and complete. It is the nature of the 
investigative process to obtain information of uncertain accuracy and 
completeness with the goal of achieving accuracy and completeness. 
Moreover, with the passage of time, seemingly irrelevant or untimely 
information collected during an encounter with a terrorist suspect may 
acquire new significance as further investigation brings new details to 
light.
    The TSC's obligation to develop and maintain the most thorough, 
accurate, and current information possible about individuals known or 
suspected to be terrorists must be read in the context of the 
investigative process. The FBI completely agrees with EPIC's view that 
``[m]aintaining the most accurate possible data is unquestionably a 
critical goal of the TSRS * * * '' To meet this goal, TSC has 
implemented internal quality assurance procedures. Applying the 
requirements of subsection (e)(5), however, to the TSRS would hinder 
the ability of the law enforcement and intelligence agencies supported 
by TSC to conduct investigations and develop intelligence necessary for 
effective law enforcement and counterterrorism efforts.
    The FBI also is exempting the TSRS from the requirements of 
subsection (e)(5) in order to prevent the use of a challenge under 
subsection (e)(5) as a collateral means to obtain access to records in 
the TSRS. As discussed above, the FBI has exempted TSRS records from 
the access and amendment requirements of subsection (d) of the Privacy 
Act in order to protect the integrity of counterterrorism 
investigations. In the past, where agencies have exempted records from 
access under subsection (d), individuals have asserted challenges to a 
record's accuracy, timeliness, completeness, and/or relevance under 
subsection (e)(5) as an alternative means to get access to the records. 
Exempting the TSRS from subsection (e)(5) serves to prevent the use of 
that subsection to circumvent the exemption claimed from subsection 
(d). The FBI has added a discussion of this justification in section 
16.96(s)(7) of the final rule.

D. Exemption From Subsection (g) (Civil Remedies)

    EPIC objected to the FBI's proposal to exempt the TSRS from 
subsection (g) of the Privacy Act, which establishes civil remedies for 
violations of certain of the Act's provisions.\16\ Specifically, EPIC 
stated that the FBI failed to explain why it is exempting the TSRS from 
the civil remedies provisions in subsection (g) as they relate to the 
right to enforce the amendment requirements under subsection (d) of the 
Act.
---------------------------------------------------------------------------

    \16\ 5 U.S.C. 552a(g).
---------------------------------------------------------------------------

    The proposed rule states that the FBI is exempting the TSRS from 
subsection (g) ``to the extent that the system is exempt from other 
specific subsections of the Privacy Act.'' \17\ Therefore, the TSRS is 
exempt from the civil remedies provisions only to extent that the TSRS 
is exempt from the underlying requirement to which the remedies relate. 
Because the FBI is claiming exemption from the record amendment 
requirement under subsection (d), it also is claiming exemption from 
the civil remedy provisions under subsection (g), as they relate to 
enforcement of subsection (d).
---------------------------------------------------------------------------

    \17\ 70 FR 43663 (July 28, 2005).
---------------------------------------------------------------------------

E. Extension of Opportunity for Public Comment

    EPIC stated that the FBI should suspend this rulemaking and provide 
a further opportunity for public comment after the FBI has publicly 
released more information in response to EPIC's previously filed 
Freedom of Information Act (FOIA) request regarding the use of the TSDB 
for the Transportation Security Administration's proposed Secure Flight 
program.
    Information about specific programs, such as Secure Flight, that 
will use the TSDB to perform terrorist screening may be informative in 
understanding the TSRS. The FBI does not believe, however, that this 
type of information is necessary to allow the public to engage in 
informed consideration of the issues raised by the proposed rule and 
the operation of the TSRS. Therefore, the FBI sees no basis to 
indefinitely suspend this rulemaking, pending the release of additional 
information about the Secure Flight program.

F. Routine Uses

    EPIC and EFF/PA generally objected to the breadth of the routine 
uses set forth in the TSRS notice. EFF/PA stated that the FBI's 
intention to disclose only those records that are ``relevant'' in 
accordance with any current and future blanket routine uses established 
for FBI record systems fails to establish any limit on disclosure, 
because the FBI has exempted the TSRS from the requirement under 
subsection (e)(1) to maintain only relevant records. This comment 
incorrectly links the issue of whether the collection of a record is 
properly relevant to the accomplishment of an agency purpose and 
whether the disclosure of a record is relevant to the purpose of a 
routine use. By exempting the TSRS from the relevance requirement under 
subsection (e)(1), the FBI has permitted the collection of records 
whose relevance to the purpose of the TSRS may be unclear. The FBI is 
not, however, claiming that it will disclose a record without 
determining whether the record is relevant to the purpose of the 
routine use under which it is to be disclosed. By stating that the TSC 
will disclose only those records that are ``relevant'' in accordance 
with any current and future blanket routine uses established for FBI 
record systems, the FBI is limiting, not expanding, its ability to make 
disclosures of records in the TSRS.
    EFF/PA objected to routine use (F) as allowing unlimited 
disclosure,

[[Page 72203]]

including to consumer reporting agencies. The FBI specifically states 
in the system of records notice that the TSC will not make disclosures 
to consumer reporting agencies. The FBI will not use general language 
of a routine use to override this specific statement. Furthermore, the 
language of routine use (F) limits its scope to disclosures that are in 
furtherance of the TSC's function. TSC anticipates that it will use 
this routine use in order to share information with other agencies and 
entities (other than consumer reporting agencies) to verify the quality 
and accuracy of its information.
    EFF/PA objected to routine uses (J) and (K) because they permit 
disclosure of TSRS records to Governmental authorities with law 
enforcement responsibilities. EFF/PA argued that this allows TSC to 
make disclosures beyond the scope of the counterterrorism purposes of 
the TSRS.
    The TSC maintains information about individuals known or 
appropriately suspected to be or have been engaged in conduct 
constituting, in preparation for, in aid of, or related to 
terrorism.\18\ Terrorist activities are inherently criminal in nature. 
In addition, individuals engaged in preparation for terrorist acts 
engage in illegal activities that support the terrorist enterprise. 
Therefore, government authorities involved in law enforcement are 
integrally related to counterterrorism efforts. The FBI accordingly has 
written routine uses (J) and (K) to permit appropriate information 
sharing with such authorities.
---------------------------------------------------------------------------

    \18\ HSPD-6 at 1.
---------------------------------------------------------------------------

G. Maintenance of Misidentified Person Information

    EFF/PA stated that including information on misidentified persons 
in the TSRS has inherent privacy and civil liberties costs. EFF/PA 
suggested that instead of maintaining information on misidentified 
persons in order to avoid causing them inconvenience during the 
screening process, the Federal government should discontinue 
information-based terrorist screening. Alternatively, the FBI should 
segregate data on misidentified persons to avoid cross-contamination 
with data on persons of interest.
    Whether the government should engage in information-based terrorist 
screening is beyond the scope of the issues raised for public comment 
through the TSRS system of records notice and this rulemaking. In 
implementing the directive of HSPD-6 to integrate information on known 
and appropriately suspected terrorists for use in screening processes, 
the FBI has determined that maintenance of information on misidentified 
persons is essential to carrying out this function in a fair and 
efficient manner. The FBI, therefore, has reflected its handling of 
such information in the TSRS notice and the proposed rule.
    In order to maintain the integrity of the TSDB and avoid cross-
contamination of information, data on misidentified persons is not 
maintained in the TSDB. All records containing information on 
misidentified persons are clearly marked, and the TSC has procedures in 
place to prevent the accidental inclusion of misidentified persons' 
data in TSC records on known or appropriately suspected terrorists. In 
addition, the TSC has attempted to mitigate any privacy and civil 
liberties costs associated with its use of misidentified persons' 
information through data quality and security assurance procedures.

Final Rule; Implementation of Routine Uses

    After consideration of the public comments, the FBI has determined 
to issue the proposed rule in final form, with the changes described 
above. In addition, the FBI determined that none of the public comments 
merited changes to routine uses for the TSRS system of records prior to 
their implementation.

Regulatory Flexibility Act

    This rule relates to individuals, as opposed to small business 
entities. Nevertheless, pursuant to the requirements of the Regulatory 
Flexibility Act, 5 U.S.C. 601-612, the rule will not have a significant 
economic impact on a substantial number of small entities.

Small Entity Inquiries

    The Small Business Regulatory Enforcement Fairness Act (SBREFA) of 
1996 requires the FBI to comply with small entity requests for 
information and advice about compliance with statutes and regulations 
within FBI jurisdiction. Any small entity that has a question regarding 
this document may contact the person listed in FOR FURTHER INFORMATION 
CONTACT. Persons can obtain further information regarding SBREFA on the 
Small Business Administration's Web page at https://www.sba.gov/advo/
laws/law_lib.html.

Paperwork Reduction Act

    The Paperwork Reduction Act of 1995 (44 U.S.C. 3507(d)) requires 
that the FBI consider the impact of paperwork and other information 
collection burdens imposed on the public. There are no current or new 
information collection requirements associated with this rule.

Analysis of Regulatory Impacts

    This rule is not a ``significant regulatory action'' within the 
meaning of Executive Order 12886. Because the economic impact should be 
minimal, further regulatory evaluation is not necessary. Moreover, the 
Attorney General certifies that this rule would not have a significant 
economic impact on a substantial number of small entities, because the 
reporting requirements themselves are not changed and because it 
applies only to information on individuals.

Unfunded Mandates

    Title II of the Unfunded Mandates Reform Act of 1995 (UMRA), (Pub. 
L. 104-4, 109 Stat. 48), requires Federal agencies to assess the 
effects of certain regulatory actions on State, local, and tribal 
governments, and the private sector. UMRA requires a written statement 
of economic and regulatory alternatives for proposed and final rules 
that contain Federal mandates. A ``Federal mandate'' is a new or 
additional enforceable duty, imposed on any State, local, or tribal 
government, or the private sector. If any Federal mandate causes those 
entities to spend, in aggregate, $100 million or more in any one year 
the UMRA analysis is required. This rule would not impose Federal 
mandates on any State, local, or tribal government or the private 
sector.

Executive Order 13132, Federalism

    The FBI has analyzed this rule under the principles and criteria of 
Executive Order 13132, Federalism. This action will not have a 
substantial direct effect on the States, on the relationship between 
the national Government and the States, or on the distribution of power 
and responsibilities among the various levels of government, and 
therefore, will not have federalism implications.

Environmental Analysis

    The FBI has reviewed this action for purposes of the National 
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has 
determined that this action will not have a significant effect on the 
human environment.

Energy Impact

    The energy impact of this action has been assessed in accordance 
with the Energy Policy and Conservation Act (EPCA) Public Law 94-163, 
as amended (42 U.S.C. 6362). This rulemaking is not a major regulatory 
action under the provisions of the EPCA.

[[Page 72204]]

List of Subjects in 28 CFR Part 16

    Administrative Practices and Procedures, Courts, Freedom of 
Information Act, Government in the Sunshine Act, and the Privacy Act.

0
Pursuant to the authority vested in the Attorney General by 5 U.S.C. 
552a and delegated to me by Attorney General Order 793-78, amend 28 CFR 
part 16 as follows:

PART 16--PRODUCTION OR DISCLOSURE OF MATERIAL OR INFORMATION

0
1. The authority citation for part 16 continues to read as follows:

    Authority: 5 U.S.C. 301, 552, 552a, 552b(g), 553; 18 U.S.C. 
4203(a)(1); 28 U.S.C. 509, 510, 534; 31 U.S.C. 3717, 9701.

Subpart E--Exemption of Records Systems Under the Privacy Act

0
2. Section 16.96 is amended to add new paragraphs (r) and (s) to read 
as follows:


Sec.  16.96  Exemption of Federal Bureau of Investigation Systems'--
limited access.

* * * * *
    (r) The following system of records is exempt from 5 U.S.C. 
552a(c)(3) and (4); (d)(1), (2), (3), and (4); (e)(1), (2), (3), (5), 
and (8); and (g):
    (1) Terrorist Screening Records System (TSRS) (JUSTICE/FBI-019).
    (2) These exemptions apply only to the extent that information in 
this system is subject to exemption pursuant to 5 U.S.C. 552a(j)(2), 
(k)(1), and (k)(2). Where compliance would not appear to interfere with 
or adversely affect the counterterrorism purposes of this system, and 
the overall law enforcement process, the applicable exemption may be 
waived by the FBI in its sole discretion.
    (s) Exemptions from the particular subsections are justified for 
the following reasons:
    (1) From subsection (c)(3) because making available to a record 
subject the accounting of disclosures from records concerning him/her 
would specifically reveal any investigative interest in the individual. 
Revealing this information could reasonably be expected to compromise 
ongoing efforts to investigate a known or suspected terrorist by 
notifying the record subject that he/she is under investigation. This 
information could also permit the record subject to take measures to 
impede the investigation, e.g., destroy evidence, intimidate potential 
witnesses, or flee the area to avoid or impede the investigation. 
Similarly, disclosing this information to individuals who have been 
misidentified as known or suspected terrorists due to a close name 
similarity could reveal the Government's investigative interest in a 
terrorist suspect, because it could make known the name of the 
individual who actually is the subject of the Government's interest. 
Consequently, the Government has as great an interest in protecting the 
confidentiality of identifying information of misidentified persons as 
it does in protecting the confidentiality of the identities of known or 
suspected terrorists.
    (2) From subsection (c)(4) because this system is exempt from the 
access and amendment provisions of subsection (d).
    (3) From subsections (d)(1), (2), (3), and (4) because these 
provisions concern individual access to and amendment of records 
contained in this system, which consists of counterterrorism, 
investigatory and intelligence records. Compliance with these 
provisions could alert the subject of a terrorism investigation of the 
fact and nature of the investigation, and/or the investigative interest 
of the FBI and/or other intelligence or law enforcement agencies; 
compromise sensitive information classified in the interest of national 
security; interfere with the overall law enforcement process by leading 
to the destruction of evidence, improper influencing of witnesses, 
fabrication of testimony, and/or flight of the subject; could identify 
a confidential source or disclose information which would constitute an 
unwarranted invasion of another's personal privacy; reveal a sensitive 
investigative or intelligence technique; or constitute a potential 
danger to the health or safety of law enforcement personnel, 
confidential informants, and witnesses. Amendment of these records 
would interfere with ongoing counterterrorism investigations and 
analysis activities and impose an impossible administrative burden by 
requiring investigations, analyses, and reports to be continuously 
reinvestigated and revised. Similarly, compliance with these provisions 
with respect to records on individuals who have been misidentified as 
known or suspected terrorists due to a close name similarity could 
reveal the Government's investigative interest in a terrorist suspect, 
because it could make known the name of the individual who actually is 
the subject of the Government's interest.
    (4) From subsection (e)(1) because it is not always possible for 
TSC to know in advance what information is relevant and necessary for 
it to complete an identity comparison between the individual being 
screened and a known or suspected terrorist. Also, because TSC and the 
FBI may not always know what information about an encounter with a 
known or suspected terrorist will be relevant to law enforcement for 
the purpose of conducting an operational response.
    (5) From subsection (e)(2) because application of this provision 
could present a serious impediment to counterterrorism efforts in that 
it would put the subject of an investigation, study or analysis on 
notice of that fact, thereby permitting the subject to engage in 
conduct designed to frustrate or impede that activity. The nature of 
counterterrorism investigations is such that vital information about an 
individual frequently can be obtained only from other persons who are 
familiar with such individual and his/her activities. In such 
investigations it is not feasible to rely upon information furnished by 
the individual concerning his own activities.
    (6) From subsection (e)(3), to the extent that this subsection is 
interpreted to require TSC to provide notice to an individual if TSC 
receives information about that individual from a third party. Should 
the subsection be so interpreted, exemption from this provision is 
necessary to avoid impeding counterterrorism efforts by putting the 
subject of an investigation, study or analysis on notice of that fact, 
thereby permitting the subject to engage in conduct intended to 
frustrate or impede that activity.
    (7) From subsection (e)(5) because many of the records in this 
system are derived from other domestic and foreign agency record 
systems and therefore it is not possible for the FBI and the TSC to 
vouch for their compliance with this provision; however, the TSC has 
implemented internal quality assurance procedures to ensure that TSC 
terrorist screening data is as thorough, accurate, and current as 
possible. In addition, TSC supports but does not conduct 
investigations; therefore, it must be able to collect information 
related to terrorist identities and encounters for distribution to law 
enforcement and intelligence agencies that do conduct terrorism 
investigations. In the collection of information for law enforcement, 
counterterrorism, and intelligence purposes, it is impossible to 
determine in advance what information is accurate, relevant, timely, 
and complete. With the passage of time, seemingly irrelevant or 
untimely information may acquire new significance as further 
investigation brings new details to light. The

[[Page 72205]]

restrictions imposed by (e)(5) would limit the ability of those 
agencies' trained investigators and intelligence analysts to exercise 
their judgment in conducting investigations and impede the development 
of intelligence necessary for effective law enforcement and 
counterterrorism efforts. The TSC has, however, implemented internal 
quality assurance procedures to ensure that TSC terrorist screening 
data is as thorough, accurate, and current as possible. The FBI also is 
exempting the TSRS from the requirements of subsection (e)(5) in order 
to prevent the use of a challenge under subsection (e)(5) as a 
collateral means to obtain access to records in the TSRS. The FBI has 
exempted TSRS records from the access and amendment requirements of 
subsection (d) of the Privacy Act in order to protect the integrity of 
counterterrorism investigations. Exempting the TSRS from subsection 
(e)(5) serves to prevent the assertion of challenges to a record's 
accuracy, timeliness, completeness, and/or relevance under subsection 
(e)(5) to circumvent the exemption claimed from subsection (d).
    (8) From subsection (e)(8) because to require individual notice of 
disclosure of information due to compulsory legal process would pose an 
impossible administrative burden on the FBI and the TSC and could alert 
the subjects of counterterrorism, law enforcement, or intelligence 
investigations to the fact of those investigations when not previously 
known.
    (9) From subsection (g) to the extent that the system is exempt 
from other specific subsections of the Privacy Act.

    Dated: November 22, 2005.
Paul R. Corts,
Assistant Attorney General for Administration.
[FR Doc. 05-23568 Filed 12-1-05; 8:45 am]
BILLING CODE 4410-02-P