Privacy Act Systems of Records; APHIS Comprehensive Electronic Permitting System (ePermits), 23406-23409 [E8-9407]

Agencies

• Office of the Secretary
• DEPARTMENT OF AGRICULTURE

[Federal Register Volume 73, Number 84 (Wednesday, April 30, 2008)]
[Notices]
[Pages 23406-23409]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E8-9407]


-----------------------------------------------------------------------

DEPARTMENT OF AGRICULTURE

Office of the Secretary

[Docket No. APHIS-2006-0185]


Privacy Act Systems of Records; APHIS Comprehensive Electronic 
Permitting System (ePermits)

AGENCY: Office of the Secretary, USDA.

ACTION: Notice of a proposed new system of records; request for 
comment.

-----------------------------------------------------------------------

SUMMARY: The U.S. Department of Agriculture proposes to add a system of 
records to its inventory of records systems subject to the Privacy Act 
of 1974, as amended. The system of records being proposed is the APHIS 
Comprehensive Electronic Permitting System (ePermits). This notice is 
necessary to meet the requirements of the Privacy Act to publish in the 
Federal Register notice of the existence and character of record 
systems maintained by the agency.
    Although the Privacy Act requires only that the portion of the 
system that describes ``routine uses'' of the system be published for 
comment, we invite comment on all portions of this notice.

DATES: Effective Date: This system will be adopted without further 
notice on June 9, 2008 unless modified to respond to comments received 
from the public and published in a subsequent notice.
    Comment date: Comments must be received, in writing, on or before 
May 30, 2008.

ADDRESSES: You may submit comments by either of the following methods:
     Federal eRulemaking Portal: Go to https://
www.regulations.gov/fdmspublic/component/main?main=
DocketDetail&d=APHIS-2006-0185, and follow the instructions for 
submitting comments.

[[Page 23407]]

     Postal Mail/Commercial Delivery: Docket No. APHIS-2006-
0185, Regulatory Analysis and Development, PPD, APHIS, Station 3A-03.8, 
4700 River Road Unit 118, Riverdale, MD 20737-1238.
    Docket: You may view comments we receive at the Federal eRulemaking 
Portal (Web address above) or in our reading room. The reading room is 
located in room 1141 of the USDA South Building, 14th Street and 
Independence Avenue, SW., Washington, DC. Normal reading room hours are 
8 a.m. to 4:30 p.m., Monday through Friday, except holidays. To be sure 
someone is there to help you, please call (202) 690-2817 before coming.

FOR FURTHER INFORMATION CONTACT: Ms. Alison Young, Branch Chief, 
Project Management, Information Technology Development and 
Coordination, Plant Protection and Quarantine, APHIS, 4700 River Road 
Unit 144, Riverdale, MD 20737; (301) 734-3821.

SUPPLEMENTARY INFORMATION: The Privacy Act of 1974, as amended (5 
U.S.C. 552a), requires agencies to publish in the Federal Register a 
notice of new or revised system of records maintained by the agency. A 
system of records is a group of any records under the control of any 
agency, from which information is retrieved by the name of an 
individual or by some identifying number, symbol, or other identifying 
particular assigned to an individual.
    The Animal and Plant Health Inspection Service (APHIS) is proposing 
to add a new system of records, entitled APHIS Comprehensive Electronic 
Permitting System (ePermits), that will be used to support the 
permitting processes for the Plant Protection and Quarantine (PPQ), 
Veterinary Services (VS), and Biotechnology Regulatory Services (BRS) 
programs within APHIS.
    Under the authority of the Plant Protection Act (7 U.S.C. 7701 et 
seq.) and the Animal Health Protection Act (7 U.S.C. 8301 et seq.), 
APHIS regulates the importation, entry, exportation, and interstate 
movement of animals, plants, biological control organisms, noxious 
weeds, animal and plant products, and other articles, as necessary to 
prevent the introduction and interstate spread of plant pests, and 
pests and diseases of livestock. Under the authority of the Honeybee 
Act (7 U.S.C. 281 et seq.), APHIS regulates the importation of 
honeybees and honeybee semen into the United States to prevent the 
introduction of diseases and parasites of honeybees and of undesirable 
species, such as African honeybees.
    In many cases, APHIS requires persons wishing to move a regulated 
commodity into, from, or within the United States, to apply for a 
permit. The ePermits system enables customers to apply for a permit, 
pay permit application fees, check the status of a permit application, 
and view issued permits and other information online in a secure 
manner. Individuals who may use this system include designated 
collaborators and permit applicants such as importers, agents, brokers, 
and researchers. Applicants will enter necessary information into the 
system in order to create an application for a permit. Such information 
includes personal information such as name, business name, mailing 
address, telephone number, e-mail address, and fax number; information 
concerning the regulated article for which a permit is sought, such as 
the proposed article, shipment information, country of origin, and 
proposed treatment methods; and may also include supporting 
documentation such as compliance and inspection reports and agreements. 
For permits that require fee payments, the system uses such information 
as payment amount, payment date, and user fee account number, check 
number, or last four digits of the credit card. The system also uses 
information about APHIS permit staff employees, including name, 
address, telephone number, e-mail address, organization name and job 
function, and, in some cases, a digital image of the handwritten 
employee signature.
    This information is necessary for APHIS to evaluate data in order 
to manage and issue permits and notifications; perform inspections, 
investigations, and permit-related activities; prepare permits, 
letters, and other documents; generate reports to evaluate quality 
control and effectiveness of the program; determine if the action 
requested in the permit application would be additionally subject to 
other Federal or State authorities; and facilitate and account for 
payments.

Routine Uses of Records Maintained in the System, Including Categories 
of Users and the Purposes of Such Uses

    APHIS may disclose information in the ePermits system to the 
Department of Homeland Security's Customs and Border Protection agency, 
which inspects shipments that arrive at United States ports for 
compliance with permit conditions. APHIS may also disclose information 
in the ePermits system to cooperative Federal, State, and local 
government officials, employees, or contractors, and other parties 
engaged in administering the program. APHIS may disclose information to 
State government regulatory officials in the State of destination for 
review and comment. Other routine uses of this information include 
releases related to investigations pertaining to violations of law or 
related to litigation. A complete listing of the routine uses for this 
system is included in the accompanying document that is published along 
with this notice.
    The proposed information collection devices associated with the 
ePermits system have been approved by the Office of Management and 
Budget under the Paperwork Reduction Act.

Title and Business Address of the Agency Official Responsible for the 
System of Record

    Chief Information Officer, U.S. Department of Agriculture, 1400 
Independence Avenue, SW., Washington, DC 20250.

Report on New System

    A report on the new system of records, required by 5 U.S.C. 
552a(r), as implemented by Office of Management and Budget Circular A-
130, was sent to the Chairman, Committee on Homeland Security and 
Governmental Affairs, United States Senate; the Chairman, Committee on 
Oversight and Government Reform, U.S. House of Representatives; and the 
Administrator, Office of Information and Regulatory Affairs, Office of 
Management and Budget.

    Dated: April 17, 2008.
Edward T. Schafer,
Secretary.


System name:
    APHIS Comprehensive Electronic Permitting System (ePermits), USDA-
APHIS-10.

Security classification:
    None.

System location:
    Paper files for the APHIS Comprehensive Electronic Permitting 
System (ePermits) are maintained in the offices of Biotechnology 
Regulatory Services (BRS), Plant Protection and Quarantine (PPQ), and 
Veterinary Services (VS) in Riverdale, MD. The ePermits production 
system and associated electronic files are maintained at USDA's 
National Information Technology Center (NITC) in Kansas City, MO.

[[Page 23408]]

Categories of individuals covered by the system:
    Permit applicants and designated collaborators, such as importers, 
agents, brokers, and researchers; and APHIS permit staff employees.

Categories of records in the system:
    The records in this system may contain name, business name, mailing 
address, e-mail address, telephone and fax numbers, proposed articles 
to be permitted, shipment information, country of origin, proposed 
treatment methods, and compliance and inspection agreements or reports. 
For permits that require fee payments, the system may contain 
information about payment amount, payment date, and user fee account 
number, check number, or last four digits of the credit card.

Authority for maintenance of the system:
    The Honeybee Act, 7 U.S.C. 281-286; the Plant Protection Act, 7 
U.S.C. 7701-7772 and 7781-7786; and the Animal Health Protection Act, 7 
U.S.C. 8301-8321.

Purposes(s) of the system:
    This system will be used to enable persons wishing to move a 
regulated commodity into, from, or within the United States to apply 
for a permit, pay permit application fees, check the status of a permit 
application, and view issued permits and other information online in a 
secure manner.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, records maintained in the system may be 
disclosed outside USDA as follows:
    (1) To the Department of Homeland Security's Customs and Border 
Protection agency, which inspects shipments that arrive at United 
States ports for compliance with permit conditions;
    (2) To cooperative Federal, State, and local government officials, 
employees, or contractors, and other parties engaged to assist in 
administering the program. Such contractors and other parties will be 
bound by the nondisclosure provisions of the Privacy Act. This routine 
use assists the agency in carrying out the program, and thus is 
compatible with the purpose for which the records are created and 
maintained;
    (3) To State government regulatory officials in the State of 
destination for review and comment;
    (4) To the appropriate agency, whether Federal, State, local, or 
foreign, charged with responsibility of investigating or prosecuting a 
violation of law or of enforcing, implementing, or complying with a 
statute, rule, regulation, or order issued pursuant thereto, of any 
record within this system when information available indicates a 
violation or potential violation of law, whether civil, criminal, or 
regulatory in nature, and either arising by general statute or 
particular program statute, or by rule, regulation, or court order 
issued pursuant thereto;
    (5) To the Department of Justice when the agency, or any component 
thereof, or any employee of the agency in his or her official capacity, 
or any employee of the agency in his or her individual capacity where 
the Department of Justice has agreed to represent the employee, or the 
United States, in litigation, where the agency determines that 
litigation is likely to affect the agency or any of its components, is 
a party to litigation or has an interest in such litigation, and the 
use of such records by the Department of Justice is deemed by the 
agency to be relevant and necessary to the litigation; provided, 
however, that in each case, the agency determines that disclosure of 
the records to the Department of Justice is a use of the information 
contained in the records that is compatible with the purpose for which 
the records were collected;
    (6) For use in a proceeding before a court or adjudicative body 
before which the agency is authorized to appear, when the agency, or 
any component thereof, or any employee of the agency in his or her 
official capacity, or any employee of the agency in his or her 
individual capacity where the agency has agreed to represent the 
employee, or the United States, where the agency determines that 
litigation is likely to affect the agency or any of its components, is 
a party to litigation or has an interest in such litigation, and the 
agency determines that use of such records is relevant and necessary to 
the litigation; provided, however, that in each case, the agency 
determines that disclosure of the records to the court is a use of the 
information contained in the records that is compatible with the 
purpose for which the records were collected;
    (7) To appropriate agencies, entities, and persons when the agency 
suspects or has confirmed that the security or confidentiality of 
information in the system of records has been compromised; the agency 
has determined that as a result of the suspected or confirmed 
compromise there is a risk of harm to economic or property interests, a 
risk of identity theft or fraud, or a risk of harm to the security or 
integrity of this system or other systems or programs (whether 
maintained by the agency or another agency or entity) that rely upon 
the compromised information; and the disclosure made to such agencies, 
entities, and persons is reasonably necessary to assist in connection 
with the agency's efforts to respond to the suspected or confirmed 
compromise and prevent, minimize, or remedy such harm;
    (8) To USDA contractors, partner agency employees or contractors, 
or private industry employed to identify patterns, trends or anomalies 
indicative of fraud, waste, or abuse; and
    (9) To the National Archives and Records Administration or to the 
General Services Administration for records management inspections 
conducted under 44 U.S.C. 2904 and 2906.

Disclosure to consumer reporting agencies:
    None.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Paper files for the APHIS Comprehensive Electronic Permitting 
System are maintained, according to the responsible program, in the 
offices of BRS, PPQ, and VS in Riverdale, MD. The USDA National 
Information Technology Center in Missouri will house the ePermits 
system servers.

Retrievability:
    Records are retrieved by use of individual's name, business name, 
business address, regulated article, country of origin, application 
number, and permit number.

Safeguards:
    All ePermits users are required to complete USDA's registration 
process called eAuthentication, a system that enables individuals to 
obtain user-identification accounts that allow password protected 
access to certain USDA web-based applications and services through the 
Internet. The web-based service identifies and validates USDA customers 
before they can access ePermits.
    Role-based security and access rights are implemented to protect 
the security of the information. Additionally, the ePermits security 
plan includes management, operational, and technical controls to 
prevent misuse of data by system users.

[[Page 23409]]

Retention and disposal:
    Paper records will be held according to the record retention 
schedules of each program. BRS and VS paper records will be retained 
for 5 years. PPQ paper records will be retained for a period of 3 to 7 
years depending on the type of permit issued. Electronic records will 
be maintained for 15 years consistent with record retention 
requirements for policy-related information.

System manager(s) and address:
    For BRS records: Branch Chief, Biotechnology Regulatory Operations, 
Biotechnology Regulatory Services, USDA, APHIS, 4700 River Road Unit 
91, Riverdale, MD 20737.
    For PPQ records: Director, Permits, Registrations, Imports & 
Manuals, Plant Health Programs, USDA, APHIS, 4700 River Road Unit 133, 
Riverdale, MD 20737.
    For VS records: Director, National Center for Import and Export, 
Technical Trade Services Team, Veterinary Services, USDA, APHIS, 4700 
River Road Unit 140, Riverdale, MD 20737.

Notification procedure:
    Any individual may request general information regarding this 
system of records or information as to whether the system contains 
records pertaining to him/her from the system manager at the address 
above. All inquiries pertaining to this system should be in writing, 
must name the system of records as set forth in the system notice, and 
must contain the individual's name, telephone number, address, and e-
mail address.

Record access procedures:
    Any individual may obtain information from a record in the system 
that pertains to him or her. Requests for hard copies of records should 
be in writing, and the request must contain the requesting individual's 
name, address, name of the system of records, timeframe for the records 
in question, any other pertinent information to help identify the file, 
and a copy of his/her photo identification containing a current address 
for verification of identification. All inquiries should be addressed 
to the Freedom of Information and Privacy Act Staff, Legislative and 
Public Affairs, APHIS, 4700 River Road Unit 50, Riverdale, MD 20737-
1232.

Contesting record procedures:
    Any individual may contest information contained within a record in 
the system that pertains to him/her by submitting a written request to 
the system manager at the address above. Include the reason for 
contesting the record and the proposed amendment to the information 
with supporting documentation to show how the record is inaccurate.

Record source categories:
    Information in this system comes primarily from the user. APHIS 
employees and State government regulatory officials will also enter 
data into the system.

Exemptions claimed for the system:
    None.

[FR Doc. E8-9407 Filed 4-29-08; 8:45 am]
BILLING CODE 3410-34-P