Privacy Act of 1974; System of Records, 73898-73899 [E7-25272]

Agencies

• Office of the Director of National Intelligence
• Office of the National Counterintelligence Executive

[Federal Register Volume 72, Number 248 (Friday, December 28, 2007)]
[Notices]
[Pages 73898-73899]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E7-25272]


=======================================================================
-----------------------------------------------------------------------

OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE

Office of the National Counterintelligence Executive


Privacy Act of 1974; System of Records

AGENCY: Office of the National Counterintelligence Executive, Office of 
the Director of National Intelligence.

ACTION: Notice to establish systems of records.

-----------------------------------------------------------------------

SUMMARY: The Office of the National Counterintelligence Executive 
(ONCIX) is establishing a system of records subject to the Privacy Act 
of 1974, as amended, 5 U.S.C. 552a. This system of records is 
maintained by ONCIX.

DATES: This action will be effective on February 6, 2008, unless 
comments are received that result in a contrary determination.

ADDRESSES: You may submit comments, identified by [ RIN number], by any 
of the following methods:
    Federal eRulemaking Portal: https://www.regulations.gov.
    Mail: Director, Information Management Office, Office of the 
Director of National Intelligence, Washington, DC 20511.

FOR FURTHER INFORMATION CONTACT: Mr. John F. Hackett, Director, 
Information Management Office, 703-482-3610.

SUPPLEMENTARY INFORMATION: The National Counterintelligence Executive 
and the Office of the National Counterintelligence Executive (ONCIX) 
were established in statute by the Counterintelligence Enhancement Act 
of 2002 and codified as an element of the Office of the Director of 
National Intelligence (ODNI) in the Intelligence Reform and Terrorism 
Prevention Act IRTPA) of 2004.
    The mission of the ONCIX is to serve as the head of national 
counterintelligence for the United States Government. The 
counterintelligence components of the United States Government are 
responsible for identifying, assessing, prioritizing, and countering 
the intelligence threats to the United States. The ONCIX is charged 
with fostering integration of these components to best address threats 
presented by the intelligence services of foreign states and similar 
organizations of non-state actors, such as transnational terrorist 
groups.
    The National Counterintelligence Executive serves as the principal 
advisor to the Director of National Intelligence (DNI) on issues 
relating to the overall strategy and performance of the Intelligence 
Community relating to counterintelligence. Under the direction of the 
National Counterintelligence Executive, ONCIX develops an annual 
integrated national counterintelligence strategy, sets priorities for 
counterintelligence collection, investigations and operations, and 
ensures that budget and staffing recommendations conform to established 
programmatic priorities. The ONCIX produces annual foreign intelligence 
threat assessments and other analytic counterintelligence products, 
including in-depth espionage damage assessments.
    The DNI has designated the National Counterintelligence Executive 
as the Mission Manager for Counterintelligence. As Mission Manager, the 
National Counterintelligence Executive works through the National 
Counterintelligence Policy Board to meet the goals of the nation's 
strategic counterintelligence mission. Partner organizations on the 
Board include, but are not limited to: Central Intelligence Agency; 
Department of Defense/Joint Chiefs of Staff; Department of Energy; 
Department of Homeland Security; Department of Justice/ Federal Bureau 
of Investigation and Department of State.
    The system of records published herewith contains information about 
acts of espionage or other intelligence-related crimes. Accordingly, to 
protect classified and sensitive law enforcement information and to 
prevent the compromise of counterintelligence investigations and 
methods, the DNI is proposing to exempt this system of records from 
certain portions of the Privacy Act and to continue to exempt from 
certain portions of the Privacy Act those records for which the source 
agency claimed exemption.
    As required by the Privacy Act, a proposed rule is being published 
concurrently with this notice to seek public comment on the proposal to 
exempt this system. In accordance with 5 U.S.C. 552a(r), the ODNI has 
provided a report of this new system of records to the Office of 
Management and Budget and to Congress.

    Dated: December 13, 2007.
John F. Hackett,
Director, Information Management Office.

SYSTEM NAME:
    Damage Assessment Records (ONCIX/ODNI-001).

SECURITY CLASSIFICATION:
    The classification of records in this system can range from 
UNCLASSIFIED to CLASSIFIED.

SYSTEM LOCATION:
    Office of the National Counterintelligence Executive (ONCIX), 
Office of the Director of National Intelligence (ODNI), Washington, DC 
20505.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals convicted of or indicted for espionage or other 
intelligence-related crimes; individuals whose identities and 
government affiliation are known or believed to have been compromised 
as a result of unauthorized disclosures; individuals interviewed in 
response to significant and particular unauthorized disclosures of 
classified information or individuals mentioned in such interviews, 
including colleagues of individuals convicted of or indicted for 
espionage or intelligence-related crimes or individuals with any 
knowledge of the facts surrounding the unauthorized disclosure; 
individuals who may have knowledge of facts surrounding significant and 
particular unauthorized disclosures of classified information.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Final damage assessments; records about unauthorized disclosures of 
classified material including law enforcement records (e.g., 
convictions, subpoenae, rap sheets) and records of investigations 
conducted by the FBI or other law enforcement elements; transcripts of 
ONCIX debriefings/interviews with individuals charged with or convicted 
of intelligence crimes, and with associates potentially knowledgeable 
of the disclosure or the resulting damage to national security; 
publicly available information about and psychological evaluations/
profiles of the individuals charged/convicted of

[[Page 73899]]

espionage or intelligence crimes; personal information and personally 
identifiable information (such as address, phone number, social 
security number (SSN), date of birth (DOB)) belonging to individuals 
charged or convicted or other individuals interviewed in connection 
with an investigation of the disclosure or assessment of the damage.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The Intelligence Reform and Terrorism Prevention Act of 2004, Pub. 
L. 108-458, 118 Stat. 3638 (Dec. 17, 2004); The Counterintelligence 
Enhancement Act of 2002, as amended, 50 U.S.C. 402b, 402c; The National 
Security Act of 1947, as amended, 50 U.S.C. 401-442; Exec. Order No. 
12,333, 46 Fed. Reg. 59,941 (1981); Exec. Order No. 13,354, 69 Fed. 
Reg. 53,589 (2004).

PURPOSE:
    The ONCIX Counterintelligence Damage Assessment Record System 
supports the ONCIX's statutory responsibility to evaluate the extent to 
which the national security or the nation's intelligence activities may 
have been compromised as a result of the record subject's unauthorized 
disclosure of classified material.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Final Damage Assessments may be disclosed as set forth in the 
General Routine Uses Applicable to More Than One ODNI Privacy Act 
System of Records, Subpart C of the ODNI's Privacy Act Regulation 
published concurrently with this notice and incorporated by reference 
(see also https://www.dni.gov).

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Electronic records are stored in secure file-servers located within 
secure facilities under the control of the ODNI. Paper and other hard 
copy records are stored in secured areas within the control of ONCIX.

RETRIEVABILITY:
    The records in this system are retrieved by name, personal 
identifier, subject matter.

SAFEGUARDS:
    Information in this system is safeguarded in accordance with 
recommended and/or prescribed administrative, physical, and technical 
safeguards. Records are maintained in a secure government facility with 
access to the facility limited to only authorized personnel or 
authorized and escorted visitors. Physical security protections include 
guards and locked facilities requiring badges and passwords for access. 
Records are accessed only by authorized government personnel and 
contractors holding an appropriate security clearance and who have a 
``need to know.'' Software controls are in place to limit access, and 
other safeguards exist to monitor and audit access and to detect 
intrusions. Communications are encrypted where required.

RETENTION AND DISPOSAL:
    Pursuant to 44 U.S.C. 3303a(d) and 36 CFR Chapter 12, Subchapter B, 
Part 1228-Disposition of Federal Records, records will not be disposed 
of until such time as the National Archives and Records Administration 
(NARA) approves an applicable ODNI Records Control Schedule.

SYSTEM MANAGER(S) AND ADDRESS:
    ONCIX Damage Assessment system Manager, c/o Director, Information 
Management Office, Office of the Director of National Intelligence, 
Washington DC 20511.

NOTIFICATION PROCEDURES:
    As specified below, records in this system have been exempted from 
certain notification, access and amendment procedures. Individuals 
seeking to learn if this system contains information about them should 
address inquiries to the ONCIX at the address and according to the 
requirements set forth below under the heading ``Record Access 
Procedures.''

RECORD ACCESS PROCEDURES:
    As specified below, records in this system have been exempted from 
certain notification, access, and amendment procedures. A request for 
access to non-exempt records shall be made in writing with the envelope 
and letter clearly marked ``Privacy Act Request.''
    Requesters shall provide their full name and complete address. The 
requester must sign the request and have it verified by a notary 
public. Alternately, the request may be submitted under 28 U.S.C. 1746, 
certifying the requester's identity and acknowledging that obtaining a 
record under false pretenses constitutes a criminal offense. Requests 
for access to information must be addressed to the Director, 
Information Management Office, Office of the Director of National 
Intelligence, Washington, DC 20511. Regulations for obtaining access to 
records or for appealing an initial determination concerning access to 
records are contained in the ODNI Privacy Act regulation, published in 
this volume of the Federal Register.

CONTESTING RECORD PROCEDURES:
    As specified below, records in this system have been exempted from 
certain notification, access and amendment procedures. Individuals 
seeking to correct or amend non-exempt records should address their 
requests to the ONCIX at the address and according to the requirements 
set forth above under the heading ``Record Access Procedures.'' 
Regulations regarding requests to amend, for disputing the contents of 
one's record or for appealing initial determinations concerning these 
matters are contained in the ODNI Privacy Act regulation, published in 
this volume of the Federal Register.

RECORD SOURCE CATEGORIES:
    Records derived from human and record sources consulted in the 
course of investigating disclosure of classified information.

EXEMPTIONS:
    Records contained within this System of Records may be exempted 
from the requirements of subsections (c)(3); (d)(1),(2),(3),(4); (e)(1) 
and (e)(4),(G),(H),(I); and (f) of the Privacy Act pursuant to 5 U.S.C. 
552a(k)(1) and (k)(2). Records may be exempted from these subsections 
or, additionally, from the requirements of subsections (c)(4); 
(e)(2),(3),(5),(8) and(12); and (g) of the Privacy Act consistent with 
any exemptions claimed under 5 U.S.C. 552a(j) or (k) by the originator 
of the record, provided the reason for protecting the record from 
disclosure remains valid and necessary.

[FR Doc. E7-25272 Filed 12-27-07; 8:45 am]
BILLING CODE 3910-A7-P