Privacy Act System of Records, 55787-55795 [06-8182]

Agencies

• FEDERAL COMMUNICATIONS COMMISSION

[Federal Register Volume 71, Number 185 (Monday, September 25, 2006)]
[Notices]
[Pages 55787-55795]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 06-8182]


=======================================================================
-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION


Privacy Act System of Records

AGENCY: Federal Communications Commission (FCC or Commission).

ACTION: Notice; two altered Privacy Act systems of records; addition 
and/or modification of routine uses.

-----------------------------------------------------------------------

SUMMARY: Pursuant to subsection (e)(4) of the Privacy Act of 1974, as 
amended (5 U.S.C. 552a), the FCC proposes to change the name and alter 
two system of records, FCC/OMD-16, ``Personal Security Files'' 
(formerly ``Personnel Investigation Records'') and FCC/OMD-24, 
``Physical Access Control System (PACS)'' (formerly ``Access Control 
System''). The two altered systems of records incorporate changes 
pursuant to the FCC's compliance with the Homeland Security 
Presidential Directive 12 (HSPD-12). The FCC will alter what 
information is maintained; the authority under which the systems of 
records are maintained; the purposes for which the information is 
maintained; add or modify the routine uses; revise the policies and 
practices for how the information is stored, safeguarded, retained, and 
disposed of; and will make other edits and revisions as necessary to 
comply with HSPD-12 implementation requirements and associated guidance 
provided in OMB Memorandum M-06-06 (February 17, 2006).

DATES: In accordance with subsections (e)(4) and (e)(11) of the Privacy 
Act of 1974, as amended (5 U.S.C. 552a), any interested person may 
submit written comments concerning the alteration of these two systems 
of records on or before October 25, 2006. Pursuant to Appendix I, 4(e) 
of OMB Circular A-130, the FCC is asking the Office of Management and 
Budget (OMB), which has oversight responsibility under the Privacy Act, 
to grant a waiver of the 40 day review period by OMB, the House of 
Representatives, and the Senate for this system of records. The FCC is 
requesting this waiver to comply with the deadline for implementation 
of the

[[Page 55788]]

HSPD-12 requirements. The two proposed altered systems shall be 
effective on October 25, 2006 unless the FCC receives comments that 
require a contrary determination. The Commission will publish a 
document in the Federal Register notifying the public if any changes 
are necessary. As required by 5 U.S.C. 552a(r) of the Privacy Act of 
1974, as amended, the FCC is submitting reports on these proposed 
altered systems to OMB and to both Houses of Congress.

ADDRESSES: Comments should be sent to Leslie F. Smith, Privacy Analyst, 
Performance Evaluation and Records Management (PERM), Room 1-C216, 
Federal Communications Commission (FCC), 445 12th Street, SW., 
Washington, DC 20554, (202) 418-0217, or via the Internet at 
Leslie.Smith@fcc.gov. Comments may also be sent to Hillary A. Jaffe, 
Policy Analyst, Information Policy and Technology Branch, Office of 
Management and Budget, New Executive Office Building, 725 17th Street, 
NW., Washington, DC 20503, fax (202) 395-5167, or via the Internet at 
Hillary--A.--Jaffe@omb.eop.gov.

FOR FURTHER INFORMATION CONTACT: Leslie F. Smith, Performance 
Evaluation and Records Management (PERM), Room 1-C216, Federal 
Communications Commission, 445 12th Street, SW., Washington, DC 20554, 
(202) 418-0217 or via the Internet at Leslie.Smith@fcc.gov.

SUPPLEMENTARY INFORMATION: As required by the Privacy Act of 1974, as 
amended, 5 U.S.C. 552a(e)(4) and (e)(11), this document sets forth 
notice of the proposed alteration of two systems of records maintained 
by the FCC; and addition and/or modification of the routine uses. The 
FCC previously gave complete notice of the system of records covered 
under this Notice by publication in the Federal Register on April 5, 
2006 (71 FR 17234) for FCC/OMD-16, ``Personal Security Files,'' and on 
October 23, 2000, (65 FR 63468) for FCC/OMD-24, ``Physical Access 
Control System (PACS).'' This notice is a summary of the more detailed 
information about the two proposed altered systems of records, which 
may be viewed at the location given above in the ADDRESSES section. The 
purposes for altering FCC/OMD-16, ``Personnel Security Files'' and FCC/
OMD-24, ``Physical Access Control System (PACS),'' are to change the 
name of each system of records; to change the information that is being 
maintained; to change the statutory authority under which information 
is maintained; to add or modify the routine uses; to change the 
policies and practices for storage, retrieval, retention, access, and 
disposal of information; and otherwise to alter, update, and revise the 
two systems of records, as necessary, to comply with the requirements 
for implementation of HSPD-12 and to adhere to the guidance provided in 
OMB Memorandum M-06-06 (February 17, 2006).
    The FCC proposes to achieve these purposes by altering each system 
of records with these changes: FCC/OMD-16, ``Personnel Security Files'' 
(formerly ``Personnel Investigation Records'') with these changes:
    Changes in the information that is being maintained; changes in the 
authority under which the information is collected and maintained; 
changes to the purposes for maintaining the information; and changes to 
the policies for storing, retrieving, accessing, retaining, adding and/
or modifying the routine uses; disposing of records in the two systems 
of records to make them compliant with the requirements of HSPD-12. All 
these changes are done to adhere to the guidelines contained in OMB 
Memorandum M-06-06 (February 17, 2006).
    The proposed routine uses for FCC/OMD-16, Personnel Security Files, 
are:
    1. Litigation by the Department of Justice--when (a) the FCC or any 
component thereof; or (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the Department of Justice (DOJ) has agreed to represent 
the employee; or (d) the United States Government, is a party to 
litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records by the DOJ is 
therefore deemed by the FCC to be for a purpose compatible with the 
purpose for which the FCC collected the records.
    2. A Court or Adjudicative Body--in a proceeding when: (a) The FCC 
or any component thereof; (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the Department of Justice (DOJ) has agreed to represent 
the employee; or (d) the United States Government, is a party to 
litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records is therefore 
deemed by the FCC to be for a purpose that is compatible with the 
purpose for which the FCC collected the records;
    3. Law Enforcement and Investigation--except as noted on Forms SF 
85, 85-P, and 86, when a record on its face, or in conjunction with 
other records, indicates a violation or potential violation of a law, 
whether civil, criminal, or regulatory in nature, and whether arising 
by general statute or particular program statute, or by regulation, 
rule, or order issued pursuant thereto, disclosure may be made to the 
appropriate public authority, whether Federal, foreign, State, local, 
or tribal, otherwise, responsible for enforcing, investigating, or 
prosecuting such violation or charged with enforcing or implementing 
the statute, or rule, regulation, or order issued pursuant thereto, if 
the information disclosed is relevant to any enforcement, regulatory, 
investigative, or prosecutorial responsibility of the receiving entity.
    4. Congressional Inquiries--when requested by a Congressional 
office in response to an inquiry by an individual made to the 
Congressional office for their own records;
    5. Government-wide Program Management and Oversight--when requested 
by the National Archives and Records Administration or the General 
Services Administration for the purpose of records management 
inspections conducted under authority of 44 U.S.C. 2904 and 2906; when 
the U.S. Department of Justice is contacted in order to obtain that 
department's advice regarding disclosure obligations under the Freedom 
of Information Act; or when the Office of Management and Budget is 
contacted in order to obtain that office's advice regarding obligations 
under the Privacy Act, or when necessary to the review of private 
relief legislation pursuant to OMB Circular A-19;
    6. Contract Services, Grants, or Cooperative Agreements--a record 
may be disclosed to FCC contractors, grantees, or volunteers who have 
been engaged to assist the FCC in the performance of a contract 
service, grant, cooperative agreement, or other activity related to 
this system of records and who need to have access to the records in 
order to perform their activity. Recipients shall be required to comply 
with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 
552a.
    7. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by the agency--disclosure may be made to a Federal, 
State, or local government maintaining civil, criminal, or other 
relevant enforcement records, or other pertinent records, or to another 
public authority or professional organization, if

[[Page 55789]]

necessary to obtain information relevant to an investigation concerning 
the retention of an employee or other personnel action (other than 
hiring), the retention of a security clearance, the letting of a 
contract, or the issuance or retention of a grant or other benefit. The 
other agency or licensing organization may then make a request 
supported by the written consent of the individual for the entire 
record if it so chooses. No disclosure will be made unless the 
information has been determined to be sufficiently reliable to support 
a referral to another office within the FCC or to another Federal 
agency for criminal, civil, administrative personnel, or regulatory 
action;
    8. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by other than the agency--disclosure may be made to 
a Federal, State, local, or tribal government or other public authority 
of the fact that this system of records contains information relevant 
to the retention of an employee, the retention of a security clearance, 
the letting of a contract, or the issuance or retention of a license, 
grant, or other benefit. The other agency or licensing organization may 
then make a request supported by the written consent of the individual 
for the entire record if it so chooses. No disclosure will be made 
unless the information has been determined to be sufficiently reliable 
to support a referral to another office within the FCC or to another 
Federal agency for criminal, civil, administrative personnel, or 
regulatory action
    9. Labor Relations--disclosure may be made to officials of labor 
organizations recognized under 5 U.S.C. Chapter 71 upon receipt of a 
formal request and in accord with the conditions of 5 U.S.C. 7114 when 
relevant and necessary to their duties of exclusive representation 
concerning personnel policies, practices, and matters affecting working 
conditions.
    10. National Security and Intelligence Matters--disclosure of these 
records may be disclosed to Federal, State, local agencies, or other 
appropriate entities or individuals, or through established liaison 
channels to selected foreign government in order to enable an 
intelligence agency to carry out its responsibilities under the 
National Security Act of 1947, as amended, the CIA Act of 1949, as 
amended, Executive Order 12333 or any successor order, applicable to 
national security directives, or classified implementing procedures 
approved by the Attorney General and promulgated pursuant to such 
statutes, orders, or directives.
    The FCC will use the records in FCC/OMD-16, ``Personal Security 
Files,'' to conduct background investigations to determine compliance 
with Federal regulations and/or to make a determination about an 
individual's suitability, eligibility, and fitness for Federal 
employment or contractual services, access to classified materials and/
or restricted areas, to evaluate the appropriate security clearance(s), 
and to take action on or to respond to a complaint about a threat, 
harassment, intimidation, violence, or other inappropriate behavior 
involving FCC employees, interns, volunteers, and contractors.
    The proposed routine uses for FCC/OMD-24, Physical Access Control 
System (PACS), are:
    1. Litigation by the Department of Justice--when (a) the FCC or any 
component thereof; or (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the FCC or the Department of Justice (DOJ) has agreed to 
represent the employee; or (d) the United States Government, is a party 
to litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records by the DOJ is 
therefore deemed by the FCC to be for a purpose compatible with the 
purpose for which the FCC collected the records.
    2. Court or Adjudicative Body--in a proceeding when: (a) The FCC or 
any component thereof; (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the Department of Justice (DOJ) has agreed to represent 
the employee; or (d) the United States Government, is a party to 
litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records is therefore 
deemed by the FCC to be for a purpose that is compatible with the 
purpose for which the FCC collected the records;
    3. Law Enforcement and Investigation--except as noted on Forms SF 
85, 85-P, and 86, when a record on its face, or in conjunction with 
other records, indicates a violation or potential violation of a law, 
whether civil, criminal, or regulatory in nature, and whether arising 
by general statute or particular program statute, or by regulation, 
rule, or order issued pursuant thereto, disclosure may be made to the 
appropriate public authority, whether Federal, foreign, State, local, 
or tribal, otherwise, responsible for enforcing, investigating, or 
prosecuting such violation or charged with enforcing or implementing 
the statute, or rule, regulation, or order issued pursuant thereto, if 
the information disclosed is relevant to any enforcement, regulatory, 
investigative, or prosecutorial responsibility of the receiving entity.
    4. Congressional Inquiries--when requested by a Congressional 
office in response to an inquiry by an individual made to the 
Congressional office for their own records;
    5. Government-wide Program Management and Oversight--when requested 
by the National Archives and Records Administration or the General 
Services Administration for the purpose of records management 
inspections conducted under authority of 44 U.S.C. 2904 and 2906; when 
the U.S. Department of Justice is contacted in order to obtain that 
department's advice regarding disclosure obligations under the Freedom 
of Information Act; or when the Office of Management and Budget is 
contacted in order to obtain that office's advice regarding obligations 
under the Privacy Act, or when necessary for the review of private 
relief legislation pursuant to OMB Circular No. A-19;
    6. Contract Services, Grants, or Cooperative Agreements--a record 
may be disclosed to FCC contractors, grantees, or volunteers who have 
been engaged to assist the FCC in the performance of a contract 
service, grant, cooperative agreement, or other activity related to 
this system of records and who need to have access to the records in 
order to perform their activity. Recipients shall be required to comply 
with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 
552a.
    7. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by the agency--disclosure may be made to a Federal, 
State, or local government maintaining civil, criminal, or other 
relevant enforcement records, or other pertinent records, or to another 
public authority or professional organization, if necessary to obtain 
information relevant to an investigation concerning the retention of an 
employee or other personnel action (other than hiring), the retention 
of a security clearance, the letting of a contract, or the issuance or 
retention of a grant or other benefit;
    8. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by other than the agency--disclosure may be made to 
a Federal, State, local, or tribal government, or other public 
authority of

[[Page 55790]]

the fact that this system of records contains information relevant to 
the retention of an employee, the retention of a security clearance, 
the letting of a contract, or the issuance or retention of a license, 
grant, or other benefit. The other agency or licensing organization may 
then make a request supported by the written consent of the individual 
for the entire records if it so chooses. No disclosure will be made 
unless the information has been determined to be sufficiently reliable 
to support a referral to another office within the agency or to another 
Federal agency for criminal, civil, administrative, personnel or 
regulatory action;
    9. Labor Relations--A record from this system may be disclosed to 
officials of labor organizations recognized under 5 U.S.C. Chapter 71 
upon receipt of a formal request and in accord with the conditions of 5 
U.S.C. 7114 when relevant and necessary to their duties of exclusive 
representation concerning personnel policies, practices, and matters 
affecting working conditions.
    10. National Security and Intelligence Matters--disclosure of these 
records may be disclosed to Federal, State, local agencies, or other 
appropriate entities or individuals, or through established liaison 
channels to selected foreign government in order to enable an 
intelligence agency to carry out its responsibilities under the 
National Security Act of 1947, as amended, the CIA Act of 1949, as 
amended, Executive Order 12333 or any successor order, applicable to 
national security directives, or classified implementing procedures 
approved by the Attorney General and promulgated pursuant to such 
statutes, orders, or directives;
    11. Invalid PIV Card Notification --disclosure may be made to 
notify another Federal agency, when, or to verify whether, a PIV card 
is no longer valid; and


    Note: Disclosures to the FCC of data pertaining to date and time 
of entry and exit of a Commission employee working in the District 
of Columbia may not be made to supervisors, managers, or any other 
individuals (other than the individual to whom the information 
applies) to verify the employee's time and attendance record for 
personnel actions because 5 U.S.C. 6106 prohibits Federal Executive 
Agencies (other than the Bureau of Engraving and Printing) from 
using a recording clock within the District of Columbia, unless the 
clock is used as part of a flexible schedule program under 5 U.S.C. 
6120 et seq. The FCC will use records in FCC/OMD-24, ``Physical 
Access Control System (PACS),'' to ensure the safety and security of 
FCC facilities, systems, and information, employees, contractors, 
interns, guests, frequent visitors, while they are within the FCC 
buildings and facilities; to verify that all individuals entering 
the FCC buildings and other Federal facilities, and using FCC and 
Federal information resources have such authorization; and to track 
and control FCC badges issued to individuals entering and existing 
FCC facilities, using FCC systems, and/or accessing classified 
information.
    This notice meets the requirement documenting the change in the 
two FCC systems of records, and provides the public, Congress, and 
the Office of Management and Budget (OMB) an opportunity to comment.

FCC/OMD-16

System Name:
    Personnel Security Files.\1\
---------------------------------------------------------------------------

    \1\ This system of records was formerly titled ``Personnel 
Investigation Records.''
---------------------------------------------------------------------------

Security Classification:
    Most personnel identity verification records are not classified. 
However, in some cases, records of certain individuals, or portions of 
some records may have national defense/foreign policy classifications.

System Location:
    Security Operations Center, Office of Managing Director, Federal 
Communications Commission (FCC), 445 12th Street, SW., Room 1-B458, 
Washington, DC 20554.

Categories of Individuals Covered by the System:
    Information includes:
    1. Current and former Federal Communications Commission (FCC) 
employees, including Commission retirees and those who resigned from 
the Commission, other Federal employees, applicants for employment in 
the Federal service or contracts, contractors of the FCC, experts, 
instructors, consultants to FCC and other Federal programs, visitors, 
and all others who may require regular, on-going access to FCC and 
other Federal facilities, information technology systems, or 
information classified in the interest of national security, and 
individuals formerly in any of these positions;
    2. Individuals who are authorized to perform or to use services 
provide in FCC facilities, e.g., FCC credit union and employee 
assistance program staff (EAP); and
    3. Individuals who are neither applicants nor employees of the 
Federal Government, but who are or were involved in Federal programs 
under a co-operative agreement, e.g., students and interns.

Categories of Records in the System:
    Information includes:
    1. Data needed to identify an individual, including: Individual's 
last, first, middle names (filed alphabetically by last name), and 
former name(s) (as applicable); Social Security Number; date of birth; 
birthplace; home address; home telephone number(s); residential 
history; organizational unit; position title;
    2. Individual's citizenship; security classification; types and 
dates of investigations; and agency conducting investigation, 
investigation dates, security clearance(s) and grant date(s), and 
position sensitivity level(s); and miscellaneous investigation 
comments;
    3. Names of relatives; birth date(s), home address, and 
citizenship; relatives who work for the Federal government;
    4. Reports about the individual's qualifications for a position, 
e.g., employee/applicant's employment/work history, summary report of 
investigation, results of suitability decisions, employment references 
and contact information; and educational/training institutions 
attended, degrees and certifications earned, and educational and 
training references;
    5. Information needed to investigate an individual's character, 
conduct, and behavior in the community where he or she lives or lived; 
criminal history, e.g., arrests and convictions for violations against 
the law; mental health history; drug use; financial information, e.g., 
income tax return information and credit reports; reports of interviews 
with present and former supervisors, co-workers, associates, educators, 
and other related personal references and contact information;
    6. Reports of inquiries with law enforcement agencies, employers, 
and reports of action after the Office of Personnel Management or FBI 
Section 8(d) Full Field Investigation; Notices of Security 
Investigation and other information developed from the above described 
Certificates of Clearance, e.g., date of security clearances, requests 
for appeals, witness statements, investigator's notes, security 
violations, circumstances of violations, and agency action(s) taken;
    7. Information needed to investigate allegations of FCC employee's 
misconduct;
    8. Information needed to investigate miscellaneous complaints not 
covered by the FCC's formal or informal grievance procedure;
    9. Information needed to conduct inquiries under the ``President's 
Program to Eliminate Waste and Fraud in Government;'' and
    10. Information needed to investigate violence, threats, 
harassment, intimidation, or other inappropriate

[[Page 55791]]

behavior causing an FCC employee, contractor, or visitor(s) to fear for 
his/her personal safety in the FCC workplace: Case number, victim's 
name, office telephone number, room number, organizational unit, duty 
station, position, supervisor, supervisor's telephone number, location 
of incident, activity at time of incident, circumstances surrounding 
the incident, perpetrator, name(s) and telephone number(s) of 
witness(es), injured party(s), medical treatment(s), medical report, 
property damages, report(s) to police and/or Federal Protective 
Services, and related miscellaneous information.
    11. Information obtained from SF-85, SF-85P, SF-86, and SF-87 
forms; summary reports from OPM or another Federal agency conducting 
background investigations; and results of adjudications and security 
violations. (Note: This system of records does not duplicate or 
supersede the Office of Personnel Management (OPM) Central-9 system of 
records, which covers the investigations OPM and its contractors 
conduct on behalf of other agencies.)

Authority for Maintenance of the System:
    Depending upon the purpose(s) for the investigation, the U.S. 
government is authorized to ask for this information under 5 U.S.C. 
1303, 1304, 3301, 7902, 9101; 42 U.S.C. 2165 and 2201; 50 U.S.C. 781 to 
887; 5 CFR Parts 5, 732, and 736; Executive Orders 9397, 10450, 10865, 
12196, 12333, 12356, and 12674; and Homeland Security Presidential 
Directive (HSPD) 12, ``Policy for a Common Identification Standard for 
Federal Employees and Contractors,'' August 27, 2004.

Purpose(s):
    FCC Security Officer and the Personnel Security Specialist use this 
information to document and support decisions:
    1. To determine compliance with Federal regulations and/or to make 
a determination about an individual's suitability, eligibility, and 
fitness for Federal employment, access to classified information or 
restricted areas, position sensitivity, security clearances, 
evaluations of qualifications, and loyalty to the United States, and to 
document such determinations;
    2. To evaluate an applicant's qualifications and suitability to 
perform contractual services for the U.S. Government and to document 
such determinations;
    3. To evaluate the eligibility and suitability of students, 
interns, or volunteers to the extent that their duties require access 
to FCC and other Federal facilities, information, systems, or 
applications, and to document such determinations;
    4. To respond to a written inquiry conducted under the 
``President's Program to Eliminate Waste and Fraud in the Government;''
    5. To take action on, or to respond to a complaint about a threat, 
harassment, intimidation, violence, or other inappropriate behavior 
involving one or more FCC employees and/or contract employees, and to 
counsel employees; and
    6. To document security violations and supervisory actions taken.

Routine Uses of Records Maintained in the System, Including Categories 
of Users and the Purposes of Such Uses:
    Information about individuals in this system of records may 
routinely be disclosed under the following conditions:
    1. Litigation by the Department of Justice--when (a) the FCC or any 
component thereof; or (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the Department of Justice (DOJ) has agreed to represent 
the employee; or (d) the United States Government, is a party to 
litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records by the DOJ is 
therefore deemed by the FCC to be for a purpose compatible with the 
purpose for which the FCC collected the records.
    2. A Court or Adjudicative Body--in a proceeding when: (a) The FCC 
or any component thereof; (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the Department of Justice (DOJ) has agreed to represent 
the employee; or (d) the United States Government, is a party to 
litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records is therefore 
deemed by the FCC to be for a purpose that is compatible with the 
purpose for which the FCC collected the records;
    3. Law Enforcement and Investigation--except as noted on Forms SF 
85, 85-P, and 86, when a record on its face, or in conjunction with 
other records, indicates a violation or potential violation of a law, 
whether civil, criminal, or regulatory in nature, and whether arising 
by general statute or particular program statute, or by regulation, 
rule, or order issued pursuant thereto, disclosure may be made to the 
appropriate public authority, whether Federal, foreign, State, local, 
or tribal, otherwise, responsible for enforcing, investigating, or 
prosecuting such violation or charged with enforcing or implementing 
the statute, or rule, regulation, or order issued pursuant thereto, if 
the information disclosed is relevant to any enforcement, regulatory, 
investigative, or prosecutorial responsibility of the receiving entity.
    4. Congressional Inquiries--when requested by a Congressional 
office in response to an inquiry by an individual made to the 
Congressional office for their own records;
    5. Government-wide Program Management and Oversight--when requested 
by the National Archives and Records Administration or the General 
Services Administration for the purpose of records management 
inspections conducted under authority of 44 U.S.C. 2904 and 2906; when 
the U.S. Department of Justice is contacted in order to obtain that 
department's advice regarding disclosure obligations under the Freedom 
of Information Act; or when the Office of Management and Budget is 
contacted in order to obtain that office's advice regarding obligations 
under the Privacy Act, or when necessary to the review of private 
relief legislation pursuant to OMB Circular A-19;
    6. Contract Services, Grants, or Cooperative Agreements--a record 
may be disclosed to FCC contractors, grantees, or volunteers who have 
been engaged to assist the FCC in the performance of a contract 
service, grant, cooperative agreement, or other activity related to 
this system of records and who need to have access to the records in 
order to perform their activity. Recipients shall be required to comply 
with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 
552a.
    7. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by the agency--disclosure may be made to a Federal, 
State, or local government maintaining civil, criminal, or other 
relevant enforcement records, or other pertinent records, or to another 
public authority or professional organization, if necessary to obtain 
information relevant to an investigation concerning the retention of an 
employee or other personnel action (other than hiring), the retention 
of a security clearance, the letting of a contract, or the issuance or 
retention of a grant or other benefit. The other agency or licensing 
organization may then make a request supported by

[[Page 55792]]

the written consent of the individual for the entire record if it so 
chooses. No disclosure will be made unless the information has been 
determined to be sufficiently reliable to support a referral to another 
office within the FCC or to another Federal agency for criminal, civil, 
administrative personnel, or regulatory action;
    8. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by other than the agency--disclosure may be made to 
a Federal, State, local, or tribal government, or other public 
authority of the fact that this system of records contains information 
relevant to the retention of an employee, the retention of a security 
clearance, the letting of a contract, or the issuance or retention of a 
license, grant, or other benefit. The other agency or licensing 
organization may then make a request supported by the written consent 
of the individual for the entire record if it so chooses. No disclosure 
will be made unless the information has been determined to be 
sufficiently reliable to support a referral to another office within 
the FCC or to another Federal agency for criminal, civil, 
administrative personnel, or regulatory action.
    9. Labor Relations--disclosure may be made to officials of labor 
organizations recognized under 5 U.S.C. Chapter 71 upon receipt of a 
formal request and in accord with the conditions of 5 U.S.C. 7114 when 
relevant and necessary to their duties of exclusive representation 
concerning personnel policies, practices, and matters affecting working 
conditions.
    10. National Security and Intelligence Matters--disclosure of these 
records may be disclosed to Federal, State, local agencies, or other 
appropriate entities or individuals, or through established liaison 
channels to selected foreign government in order to enable an 
intelligence agency to carry out its responsibilities under the 
National Security Act of 1947, as amended, the CIA Act of 1949, as 
amended, Executive Order 12333 or any successor order, applicable to 
national security directives, or classified implementing procedures 
approved by the Attorney General and promulgated pursuant to such 
statutes, orders, or directives.
    In each of these cases, the FCC will determine whether disclosure 
of the records is compatible with the purpose for which the records 
were collected.

Disclosure to Consumer Reporting Agencies:
    None.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, 
and Disposing of Records in the System:
Storage:
    Information is stored on paper records, which are stored in file 
folders in security containers, and in electronic records that are 
maintained in a stand-alone computer database.

Retrievability:
    Records are retrieved by an individual's name or Social Security 
Number (SSN).

Safeguards:
    Comprehensive paper records are maintained in file folders and 
stored in approved security containers, which are locked and located 
within a secure, access-controlled area. Access is limited to approved 
security office and administrative personnel who have a need for them 
in the performance of their official duties, e.g., who have 
responsibility for suitability determinations. Paper records limited 
(in number and scope) are kept in the FCC's regional offices and 
laboratory facilities in locked metal file cabinets in locked rooms.
    Comprehensive electronic records are maintained in networked 
computer database(s). The computer database is secured through 
controlled access and passwords restricted to Federal employee and 
contractor security and administrative personnel on a ``need to know'' 
basis, e.g., who have a need for them in the performance of their 
official duties, e.g., who have responsibility for suitability 
determinations. Access to the records is restricted to those with a 
specific role in the Personal Identification Verification (PIV) process 
that requires access to background investigation forms to perform their 
duties, and who have been given a password to access that part of the 
system including background investigation records. The FCC Security 
Office staff maintains an audit trail. Individuals given roles in the 
PIV process must complete training specific to their roles to ensure 
that they are knowledgeable about how to protect individually 
identifiable information. The databases are backed-up on a daily basis 
to floppy disk(s), which are then stored in a secured area.

Retention and Disposal:
    These records are retained and disposed of in accordance with 
General Records Schedule 18, item 22a, approved by the National 
Archives and Records Administration (NARA). Both paper and electronic 
records are retained during employment or while an individual is 
actively involved in Federal programs. As appropriate, records are 
returned to investigating agencies after employment terminates; 
otherwise, the records are destroyed upon notification of death or not 
later than five years after the employee's retirement or separation 
from the FCC, or the employee's transfer to another Federal agency or 
department, whichever is applicable.
    In accordance with NARA guidelines, the FCC destroys paper records 
are by shredding; and electronic records are destroyed by electronic 
erasure. Individuals interested in further information about retention 
and disposal may request a copy of the disposition instructions from 
the FCC Privacy Act Officer.

System Manager(s) and Address:
    Security Operations Center, Office of the Managing Director, 
Federal Communications Commission (FCC), 445 12th Street, SW., Room 1-
B458, Washington, DC 20554.

Notification Procedure:
    Under the authority granted to heads of agencies by 5 U.S.C. 552a 
(k), the FCC has determined (47 CFR 0.561) that this system of records 
is exempt from disclosing its notification procedure for this system of 
records.

Record Access Procedures:
    Under the authority granted to heads of agencies by 5 U.S.C. 552a 
(k), the FCC has determined (47 CFR 0.561) that this system of records 
is exempt from disclosing its record access procedures for this system 
of records.

Contesting Record Procedure:
    Under the authority granted to heads of agencies by 5 U.S.C. 552a 
(k), the FCC has determined (47 CFR 0.561) that this system of records 
is exempt from disclosing its contesting record procedure for this 
system of records.

Record Source Categories:
    Under the authority granted to heads of agencies by 5 U.S.C. 552a 
(k), the FCC has determined (47 CFR 0.561) that this system of records 
is exempt from disclosing its record sources for this system of 
records.

Exemption from Certain Provisions of the Act:
    This system of records is exempt from sections (c)(3), (d), 
(e)(4)(G), (H), and (I), and (f) of the Privacy Act of 1974, 5 U.S.C. 
552a, and from 47 CFR 0.554-0.557 of the Commission's rules. These 
provisions concern the notification, record access, and contesting 
procedures described above, and also

[[Page 55793]]

the publication of record sources. The system is exempt from these 
provisions because it contains the following types of information:
    1. Investigative material compiled for law enforcement purposes as 
defined in Section (k)(2) of the Privacy Act;
    2. Properly classified information, obtained from another Federal 
agency during the course of a personnel investigation, which pertains 
to national defense and foreign policy, as stated in Section (k)(1) of 
the Privacy Act; and
    3. Investigative material compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, as described in Section (k)(5) of the Privacy Act, 
as amended. (Information will be withheld to the extent it identifies 
witnesses promised confidentiality as a condition of providing 
information during the course of the background investigation.)
FCC/OMD-24

System Name:
    Physical Access Control System (PACS)\2\
---------------------------------------------------------------------------

    \2\ This system of records was formerly titled ``Access Control 
System.''
---------------------------------------------------------------------------

Security Classification:
    None.

System Location:
    Information in this system is maintained in the following location: 
Security Operations Center, Office of the Managing Director, Federal 
Communications Commission (FCC), 445 12th Street, SW., Room 1-B458, 
Washington, DC 20554. This location is in a Federal building, where 
staffed guard stations have been established and which has an installed 
Personal Identity Verification (PIV) card reader system.

Categories of Individuals Covered by the System:
    Any individual who requires regular, on-going access to FCC 
facilities and information technology systems. This includes but is not 
limited to:
    1. Current FCC employees and current contractors;
    2. Frequent visitors, temporary hires, special parking access 
users, and day contractors;
    3. Applicants for Federal employment or contract work;
    4. FCC students, interns, volunteers, affiliates, and individuals 
formerly in these positions, e.g., retired FCC employees; and
    5. Non-FCC employees who are authorized to perform or use services 
in FCC facilities on an on-going basis, e.g., credit union employees, 
restaurant employees, and building maintenance and cleaning employees.
    This system does apply to occasional visitors or short-term guests 
to whom the FCC will issue temporary identification and credentials, 
who may include:
    1. All visitors to FCC, e.g., non-FCC federal employees and 
contractors, students, interns, volunteers, and affiliates; and
    2. Individuals authorized to perform or use services provided in 
FCC facilities on an infrequent basis, e.g., and service and 
maintenance workers performing cleaning, maintenance, and repair duties 
in the Commission's buildings and facilities.

Categories of Records in the System:
    The system consists of a computer database containing records on 
those individuals to whom the FCC has issued credentials. The records 
are filed alphabetically by last name, with a corresponding badge 
number.
    1. FCC employee/temporary hire database includes: Full name (first, 
middle, and last names), Social Security Number (SSN), birth date, 
signature, image (photograph), fingerprints, hair color, eye color, 
height, weight, FCC telephone number, FCC Bureau/Office, FCC office/
room number, personal identification number (PIN), background 
investigation form data and results, date the personal identify 
verification (PIV) card was issued and expiration dates, PIV registrar 
approval signature, PIV card serial number, emergency responder 
designation, copies of documents verifying identification or 
information derived from such documents, e.g, document title, document 
issuing authority, document number, document expiration date, other 
document information), national security level clearance and expiration 
date, parking permit data, computer system user name, user access and 
permission rights, authentication certificates, and digital signature 
information.
    2. Contractor database includes: First, middle, and last name, 
Social Security Number (SSN), birth date, signature, image 
(photograph), fingerprints, hair color, eye color, height, weight, 
contractor company name, Federal supervisor, telephone number, FCC 
point of contact, FCC Bureau/Office, FCC office/room number, FCC 
telephone number, and FCC contractor badge number, personal 
identification number (PIN), background investigation form data and 
results, date the personal identify verification (PIV) card was issued 
and expiration dates, PIV registrar approval signature, PIV card serial 
number, emergency responder designation, copies of documents verifying 
identification or information derived from such documents, e.g., 
document title, document issuing authority, document number, document 
expiration date, other document information), national security level 
clearance and expiration date, parking permit data, computer system 
user name, user access and permission rights, authentication 
certificates, and digital signature information.
    3. Frequent Visitor's database includes: First and last names, 
employer's name, address, telephone number, image (photograph), and 
date of issuance and expiration date.
    4. Day contractor database includes: First and last name along with 
badge number, date of issuance and expiration date.
    5. Visitor database includes: First and last name, image 
(photograph), FCC point of contact and date of issuance.
    6. Special Parking Access database includes: First and last name, 
telephone number, employer, FCC point of contact, and date of issuance.


    Note: Records maintained on cardholders entering FCC facilities 
or using FCC systems, e.g., FCC employees and contractors, include: 
Individual's first, middle, and last name, PIV card number, date, 
time, and location of entry and exit, FCC bureau/office, contractor/
visitor's employer's name, address, telephone number, level of 
national security clearance and expiration date, digital signature 
information, and computer networks/applications/data accessed, and 
FCC point of contact.

Authority for Maintenance of the System:
    5 U.S.C. 301; Federal Information Security Act (Pub. L. 104-106, 
sec. 5113); Electronic Government Act (Pub. L. 104-347, sec. 203); 
Paperwork Reduction Act of 1995 (44 U.S.C. 3501); Government Paperwork 
Elimination Act (Pub. L. 105-277, 44 U.S.C. 3504); Homeland Security 
Presidential Directive (HSPD) 12, ``Policy for a Common Identification 
Standard for Federal Employees and Contractors,'' August 27, 2004; 
Federal Property and Administrative Act of 1949, as amended; and 
Department of Justice Report, ``Vulnerability Assessment of Federal 
Facilities,'' June 28, 1995.

Purpose(s):
    The purposes of the system are:
    1. To ensure the safety and security of FCC facilities, systems, 
and information, FCC employees, contractors, interns, guests, and 
frequent visitors;
    2. To verify that all people entering the FCC facilities, using FCC 
and

[[Page 55794]]

Federal information resources (or accessing classified information), 
are authorized to do so;
    3. To track and control FCC badges (PIV cards) issued to 
individuals entering and exiting these facilities, using FCC systems, 
or accessing classified information; and
    4. To provide a method by which the FCC may ascertain the times 
each person was in these facilities.

Routine Uses of Records Maintained in the System, Including Categories 
of Users and the Purposes of Such Uses:
    1. Litigation by the Department of Justice--when (a) the FCC or any 
component thereof; or (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the FCC or the Department of Justice (DOJ) has agreed to 
represent the employee; or (d) the United States Government, is a party 
to litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records by the DOJ is 
therefore deemed by the FCC to be for a purpose compatible with the 
purpose for which the FCC collected the records;
    2. Court or Adjudicative Body--in a proceeding when: (a) The FCC or 
any component thereof; (b) any employee of the FCC in his or her 
official capacity; (c) any employee of the FCC in his or her individual 
capacity where the Department of Justice (DOJ) has agreed to represent 
the employee; or (d) the United States Government, is a party to 
litigation or has an interest in such litigation, and by careful 
review, the FCC determines that the records are both relevant and 
necessary to the litigation and the use of such records is therefore 
deemed by the FCC to be for a purpose that is compatible with the 
purpose for which the FCC collected the records;
    3. Law Enforcement and Investigation--except as noted on Forms SF 
85, 85-P, and 86, when a record on its face, or in conjunction with 
other records, indicates a violation or potential violation of a law, 
whether civil, criminal, or regulatory in nature, and whether arising 
by general statute or particular program statute, or by regulation, 
rule, or order issued pursuant thereto, disclosure may be made to the 
appropriate public authority, whether Federal, foreign, State, local, 
or tribal, otherwise, responsible for enforcing, investigating, or 
prosecuting such violation or charged with enforcing or implementing 
the statute, or rule, regulation, or order issued pursuant thereto, if 
the information disclosed is relevant to any enforcement, regulatory, 
investigative, or prosecutorial responsibility of the receiving entity;
    4. Congressional Inquiries--when requested by a Congressional 
office in response to an inquiry by an individual made to the 
Congressional office for their own records;
    5. Government-wide Program Management and Oversight--when requested 
by the National Archives and Records Administration or the General 
Services Administration for the purpose of records management 
inspections conducted under authority of 44 U.S.C. 2904 and 2906; when 
the U.S. Department of Justice is contacted in order to obtain that 
department's advice regarding disclosure obligations under the Freedom 
of Information Act; or when the Office of Management and Budget is 
contacted in order to obtain that office's advice regarding obligations 
under the Privacy Act, or when necessary for the review of private 
relief legislation pursuant to OMB Circular No. A-19;
    6. Contract Services, Grants, or Cooperative Agreements--a record 
may be disclosed to FCC contractors, grantees, or volunteers who have 
been engaged to assist the FCC in the performance of a contract 
service, grant, cooperative agreement, or other activity related to 
this system of records and who need to have access to the records in 
order to perform their activity. Recipients shall be required to comply 
with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 
552a;
    7. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by the agency--disclosure may be made to a Federal, 
State, or local government maintaining civil, criminal, or other 
relevant enforcement records, or other pertinent records, or to another 
public authority or professional organization, if necessary to obtain 
information relevant to an investigation concerning the retention of an 
employee or other personnel action (other than hiring), the retention 
of a security clearance, the letting of a contract, or the issuance or 
retention of a grant or other benefit;
    8. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by other than the agency--disclosure may be made to 
a Federal, State, local, or tribal government, or other public 
authority of the fact that this system of records contains information 
relevant to the retention of an employee, the retention of a security 
clearance, the letting of a contract, or the issuance or retention of a 
license, grant, or other benefit. The other agency or licensing 
organization may then make a request supported by the written consent 
of the individual for the entire records if it so chooses. No 
disclosure will be made unless the information has been determined to 
be sufficiently reliable to support a referral to another office within 
the agency or to another Federal agency for criminal, civil, 
administrative, personnel or regulatory action;
    9. Labor Relations--A record from this system may be disclosed to 
officials of labor organizations recognized under 5 U.S.C. Chapter 71 
upon receipt of a formal request and in accord with the conditions of 5 
U.S.C. 7114 when relevant and necessary to their duties of exclusive 
representation concerning personnel policies, practices, and matters 
affecting working conditions;
    10. National Security and Intelligence Matters--disclosure of these 
records may be disclosed to Federal, State, local agencies, or other 
appropriate entities or individuals, or through established liaison 
channels to selected foreign government in order to enable an 
intelligence agency to carry out its responsibilities under the 
National Security Act of 1947, as amended, the CIA Act of 1949, as 
amended, Executive Order 12333 or any successor order, applicable to 
national security directives, or classified implementing procedures 
approved by the Attorney General and promulgated pursuant to such 
statutes, orders, or directives; and
    11. Invalid PIV Card Notification--disclosure may be made to notify 
another Federal agency, when, or to verify whether, a PIV card is no 
longer valid.
    In each of these cases, the FCC will determine whether disclosure 
of the records is compatible with the purpose for which the records 
were collected.


    Note: Disclosures to the FCC of data pertaining to date and time 
of entry and exit of a Commission employee working in the District 
of Columbia may not be made to supervisors, managers, or any other 
individuals (other than the individual to whom the information 
applies) to verify the employee's time and attendance record for 
personnel actions because 5 U.S.C. 6106 prohibits Federal Executive 
Agencies (other than the Bureau of Engraving and Printing) from 
using a recording clock within the District of Columbia, unless the 
clock is used as part of a flexible schedule program under 5 U.S.C. 
6120 et seq.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, 
and Disposing of Records in the System:
Storage:
    The information is maintained in a password-protected or logical 
access

[[Page 55795]]

controlled electronic media, e.g., computer database(s), and in 
securely controlled paper files.

Retrievability:
    The information can be retrieved by: (1) The name of the 
individual; (2) Social Security Number (SSN); (3) other ID number, 
e.g., FCC employee, contractor, or frequent visitor badge number; or 
(4) PIV card serial number.

Safeguards:
    Paper records are kept in locked cabinets in secure facilities and 
access to them is restricted to individuals, e.g., FCC Security 
Operations Center staff, whose role requires use of the information. 
The computer servers in which the information is stored are located in 
FCC facilities that are secured by limited access card readers. The 
computer servers themselves are password-protected. Access by 
individuals working at guard stations is password-protected; each 
person granted access to the system at guard stations must be 
individually authorized to use the system. A Privacy Act Warning Notice 
appears on the monitor screen when records containing information on 
individuals are first displayed. The FCC Security Operations Center 
staff performs a backup operation on these files on a regular basis 
using a secure medium. The backup data are stored in a locked and 
controlled room in a secure location.

Retention and Disposal:
    Records relating to individuals with FCC access cards, covered by 
this system, are retained in accordance with General Records Schedule 
18, Item 17 approved by the National Archives and Records 
Administration (NARA). The records disposal is done in accordance with 
the Commission's disposal policies. Unless retained for specific, on-
going security investigations, records of facility access are 
maintained for one year and then destroyed.
    All other records relating to individuals are retained and disposed 
of in accordance with General Records Schedule 18, item 22a, approved 
by NARA. The records are disposed of in accordance with FCC Security 
Operations Center disposal policies, as follows:
    1. When an employee/contractor/temporary hire/special parking 
access leaves the FCC, the file in the database is deleted.
    2. Frequent visitor badges are given a two-year valid period, after 
which the card will automatically deactivate.
    3. All returned day contractor cards will be reused on a daily 
basis.
    4. Transaction data for all cards will be stored using a secure 
medium and retained for one year in the FCC Security Operations Center, 
which is locked and secured with an alarm system. Otherwise, access 
records are destroyed upon notification of death, or not later than one 
year after the employee's retirement or separation from the FCC, or the 
employee's transfer to another Federal agency, whichever is applicable.
    In accordance with HSPD-12, PIV Cards are deactivated within 
eighteen (18) hours of notification of cardholder separation, loss of 
card, or expiration. The information on PIV Cards is maintained in 
accordance with General Records Schedule 11, Item 4. PIV Cards are 
destroyed by burning in an approved Federal burn-facility.

System Manager(s) and Address:
    Security Operations Center, Office of Managing Director, Federal 
Communications Commission (FCC), 445 12th Street, SW., Room 1-B458, 
Washington, DC 20554.

Notification Procedure:
    Individuals wishing to inquire whether this system of records 
contains information about them should contact the system manager 
indicated above. Individuals must furnish their full name, birth date, 
Federal agency name, and work location for their records to be located 
and identified. An individual requesting notification of records in 
person must provide identity documents sufficient to satisfy the system 
manager of the records that the requester is entitled to access, e.g., 
government-issued photo ID. Individuals requesting notification via 
mail or telephone must furnish, at a minimum, their name, date of 
birth, Social Security Number, and home address to establish identity. 
See 47 CFR 0.554-0.555.

Record Access Procedures:
    Individuals wishing to request access to records about them should 
contact the system manager indicated above. Individuals must furnish 
their full name (first, middle, and last name), birth date, for their 
record to be located and identified. An individual requesting access 
must also follow FCC Privacy Act regulations regarding verification of 
identity and access to records. See 47 CFR 0.554-0.555.

Contesting Record Procedures:
    Individuals wishing to request amendment of their records should 
contact the system manager indicated above. Individuals must furnish 
their full name (first, middle, and last name), birth date, for their 
record to be located and identified. An individual requesting amendment 
must also follow the FCC Privacy Act regulations regarding verification 
of identity and amendment of records. See 47 CFR 0.556-0.557.

Record Source Categories:
    The individual FCC employee to whom the information applies, 
contractor, or applicant for employment; sponsoring agency; former 
sponsoring agency; other federal agencies; contract employer; and/or 
former employee.

Exemptions Claimed for the System:
    None.

Federal Communications Commission.
Marlene H. Dortch,
Secretary.
[FR Doc. 06-8182 Filed 9-22-06; 8:45 am]
BILLING CODE 6712-01-P