Privacy Act of 1974 System of Records Notice, 2048-2051 [2012-547]

Agencies

• Commodity Futures Trading Commission

[Federal Register Volume 77, Number 9 (Friday, January 13, 2012)]
[Notices]
[Pages 2048-2051]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-547]


=======================================================================
-----------------------------------------------------------------------

COMMODITY FUTURES TRADING COMMISSION


Privacy Act of 1974 System of Records Notice

AGENCY: Commodity Futures Trading Commission.

ACTION: Notice; publication of existence and character of two new 
systems of records.

-----------------------------------------------------------------------

SUMMARY: The Commodity Futures Trading Commission is establishing two 
new systems of records under the Privacy Act of 1974: one, for the 
collection of information related to new procedures for accounting and 
determining financial responsibility for lost, stolen, damaged or 
destroyed CFTC property assigned to CFTC employees, volunteers, 
interns, contractors and consultants; and two, for the collection of 
information related to internal electronic collaboration tools which 
use Microsoft SharePoint, including the CFTC Intranet and social media 
tools within the Intranet.

DATES: Comments must be received on or before February 13, 2012.

ADDRESSES: You may submit comments identified by ``Lost or Damaged 
Property SORN'' or ``Internal Electronic Collaboration Tools SORN'' as 
applicable, by any of the following methods:
     Agency Web site, via its Comments Online process: https://comments.cftc.gov. Follow the instructions for submitting comments 
through the Web site.
     Federal eRulemaking Portal: Comments may be submitted at 
https://www.regulations.gov. Follow the instructions for submitting 
comments.
     Mail: David A. Stawick, Secretary of the Commission, 
Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st 
Street, NW., Washington, DC 20581.
     Hand Delivery/Courier: Same as mail above.
    Please submit your comments using only one method.
    All comments must be submitted in English, or if not, accompanied 
by an English translation. Comments will be posted as received to 
www.cftc.gov. You should submit only information that you wish to make 
available publicly. If you wish the Commission to consider information 
that you believe is exempt from disclosure under the Freedom of 
Information Act, a petition for confidential treatment of the exempt 
information may be submitted according to the procedures established in 
Sec.  145.9 of the Commission's regulations, 17 CFR 145.9.
    The Commission reserves the right, but shall have no obligation, to 
review, pre-screen, filter, redact, refuse or remove any or all of a 
submission from www.cftc.gov that it may deem to be inappropriate for 
publication, such as obscene language. All submissions that have been 
redacted or removed that contain comments on the merits of the notice 
will be retained in the public comment file and will be considered as 
required under all applicable laws, and may be accessible under the 
Freedom of Information Act.

FOR FURTHER INFORMATION CONTACT: Kathy Harman-Stokes, Chief Privacy 
Officer, kharman-stokes@cftc.gov, (202) 418-6629, Office of the 
Executive Director, Commodity Futures Trading Commission, Three 
Lafayette Centre, 1155 21st Street, NW., Washington, DC 20581.

SUPPLEMENTARY INFORMATION:

[[Page 2049]]

I. The Privacy Act

    Under the Privacy Act of 1974, 5 U.S.C. 552a, a ``system of 
records'' is defined as any group of records under the control of a 
Federal Government agency from which information about individuals is 
retrieved by name or other personal identifier. The Privacy Act 
establishes the means by which government agencies must collect, 
maintain, and use personally identifiable information associated with 
an individual in a government system of records.
    Each government agency is required to publish a notice in the 
Federal Register of a system of records in which the agency identifies 
and describes each system of records it maintains, the reasons why the 
agency uses the personally identifying information therein, the routine 
uses for which the agency will disclose such information outside the 
agency, and how individuals may exercise their rights under the Privacy 
Act to determine if the system contains information about them.

II. Lost, Stolen, Damaged or Destroyed CFTC Property

    The CFTC assigns its employees, interns, volunteers, contractors 
and consultants (``employees'') certain accountable CFTC property for 
their use in accomplishing their official duties. The CFTC is obligated 
to account for such property for financial responsibility and audit 
purposes and, in certain situations, to recover costs for property that 
has been lost, stolen, damaged or destroyed. The property for which an 
accounting is required includes, but is not limited to, sensitive 
property, such as a Blackberry or laptop, that requires special 
controls or is especially vulnerable to loss, theft or misuse, and 
other property, including printers, monitors, scanners, and cameras.
    The Commission is establishing a new business process to require 
employees to report when CFTC property is lost, stolen, damaged or 
destroyed, and for the CFTC to document the determination of financial 
responsibility for the property. The new Privacy Act system of records 
includes information supplied by the employee; evidence and records 
requested to facilitate the determination of financial responsibility, 
such as copies of police reports, accident reports and photographs; 
Property Survey Board interviews and other notes, meeting minutes, and 
findings and recommendations concerning responsibility for 
reimbursement; and information related to the final decision by the 
Executive Director. The system of records also contains information on 
reimbursement and, if an employee disagrees with a finding of 
responsibility, records related to the employee's appeal.

III. Internal Electronic Collaboration Tools

    The CFTC is implementing internal electronic collaboration tools 
utilizing the Microsoft SharePoint platform. These tools will upgrade 
the Commission's intranet, allow users to set up team collaboration 
workspaces, facilitate sharing of documents, policies and information, 
and allow limited social networking through the SharePoint ``MySites'' 
feature. The new Intranet, built on these tools, will include 
Commission policies, procedures, forms, organization charts, news 
clips, links to other sites that are helpful for staff members, and 
links to other CFTC SharePoint sites containing shared documents and 
other information. The Intranet will include content regarding program 
offices, services and support, and projects and activities. By 
connecting to a CFTC network administration database, the Intranet will 
display a directory of all CFTC users, including titles, contact 
information and the photograph used for CFTC credentials for all 
employees, interns, volunteers, consultants and contractors 
(collectively ``users''). Certain SharePoint sites may include personal 
contact information for users. The MySites feature will allow CFTC 
users to set up a personal profile, identify subject matter areas about 
which they are knowledgeable, upload pictures, and publish notes, tags, 
content, and messages that are similar to email. MySites includes a 
``newsfeed'' to alert selected users when one user has added or changed 
information on his or her MySites page. Users will be able to manually 
select ``colleagues,'' which the colleague may approve or deny, and 
create and join groups. Overall, the internal collaboration tools will 
provide invaluable dissemination and exchange of information, allowing 
users to stay connected within a dashboard that each user can 
personalize.
    While most of the information in the collaboration tools will 
involve Commission policies, forms, activities and other business, the 
tools will display personally identifiable information (``PII'') in the 
form of the CFTC user name, title, business contact information, the 
photograph a user uses for credentials to access CFTC facilities, and 
organizational chart and hierarchy information. Those users who elect 
to participate in MySites will be able to publish additional personal 
information to selected colleagues only, to specified teams or groups, 
and/or to all CFTC users, as they choose. That personal information may 
include personal photographs, information about their family status 
(such as whether they are married or have children), their hobbies or 
personal activities, and other content.
    All CFTC users will need to use the internal electronic 
collaboration tools to perform their official duties, for example, to 
use the Intranet to obtain business phone numbers of other CFTC users, 
to view internal policies, to link to specific SharePoint sites 
containing Commission business information, or use SharePoint 
workspaces with other team members. On the other hand, the use of 
MySites is purely voluntary. Those who elect to use MySites will have 
some control over which other users may see their personal information; 
however, as will be explained to MySites users, Intranet site 
administrators and other CFTC staff members with a legitimate need to 
know the information for official purposes will have full access to 
view all content, including all personal content posted through 
MySites. Intranet users will be clearly informed that, if they use 
MySites, they have no reasonable expectation of privacy in any 
information they post, as with any other information passing through or 
stored on CFTC equipment.
    The Internal Electronic Collaboration Tools system of records will 
contain CFTC business information, business contact information and 
photographs for CFTC users, at times personal contact information, and 
any personal information a user chooses to post within MySites.

IV. Notice: Lost, Stolen, Damaged or Destroyed CFTC Property

System Number:
    CFTC-46.

SYSTEM NAME:
    Lost, Stolen, Damaged or Destroyed CFTC Property.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    This system is located in the Commission's principal office at 
Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st 
Street, NW., Washington, DC 20581.

[[Page 2050]]

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    CFTC employees, interns, volunteers, contractors and consultants 
who have experienced the loss, theft, damage or destruction of CFTC 
accountable property assigned to them.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system of records includes the information provided by 
employees, volunteers, interns, contractors or consultants on a Lost, 
Stolen, Damaged or Destroyed CFTC Property reporting form, such as 
name, office contact information, and details concerning the loss, 
theft, damage or destruction of property; evidence and records 
collected from the employee, volunteer, intern, contractor or 
consultant, his or her supervisor or others interviewed; copies of 
police reports, accident reports, photographs and notes from 
interviews; meeting minutes from Property Survey Board meetings; 
findings, recommendations and the final decision concerning 
responsibility for reimbursement; information concerning reimbursement; 
and, if applicable, records related to an appeal.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Commodity Exchange Act Section 2(a)(5) (7 U.S.C. 2(a)(5)), Section 
2(a)(6) (7 U.S.C. 2(a)(6)) and Section 2(a)(12) (7 U.S.C. 2(a)(12)), 
and the rules and regulations promulgated thereunder; the Federal 
Property and Administrative Services Act of 1949, 40 U.S.C. 471 et 
seq.; the Federal Managers' Financial Integrity Act of 1982, 31 U.S.C. 
3512(b) and (c); and the Government Employee's Standard of Conduct, 5 
CFR 2635.704.

PURPOSE(S):
    The purpose of the new system of records is to facilitate reporting 
by employees, interns, volunteers, contractors and consultants when 
CFTC property assigned to them is lost, stolen, damaged or destroyed, 
to allow the CFTC Logistics and Operations Unit (L&O), a new Property 
Survey Board, and/or the Commission's Executive Director to review 
reports and related evidence, to determine whether the employee, 
intern, volunteer, contractor or consultant should be held financially 
responsible for reimbursing the CFTC for the costs of the property, and 
to allow an appeal of a decision.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    The information in this system will be routinely used by CFTC staff 
in the Office of the Executive Director, including L&O, Financial 
Management Branch, and, as needed, the Human Resources Branch, to 
facilitate the accounting for and determination of financial 
responsibility of employees, volunteers, interns, contractors and 
consultants for lost, stolen, damaged or destroyed CFTC property 
assigned to them. Information in this system may also be disclosed in 
accordance with the blanket routine uses that appear in the 
Commission's Privacy Act Systems of Records Notices, see, e.g., 76 FR 
5974 (Feb. 2, 2011).

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESS CONTROLS, 
RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Paper records are stored in file folders, binders, computer disks, 
and are uploaded into the CFTC network. Electronic records, including 
emails, spreadsheets, PDF files and documents maintained on a 
SharePoint site, are stored on the Commission's network and other 
electronic media as needed, such as encrypted hard drives and back-up 
media.

RETRIEVABILITY:
    By name of the employee, volunteer, intern, contractor or 
consultant who completes and provides to L&O staff the Lost, Stolen, 
Damaged or Destroyed CFTC Property Report and provides other evidence.

ACCESS CONTROLS, SAFEGUARDS:
    Records in the system are protected from unauthorized access and 
misuse through various administrative, technical and physical security 
measures. Technical security measures within CFTC include restrictions 
on computer access to authorized individuals, required use of strong 
passwords that are frequently changed, use of encryption for certain 
data types and transfers, and regular review of security procedures and 
best practices to enhance security. Physical measures include 
restrictions on building access to authorized individuals only and 
maintaining records in lockable offices and filing cabinets.

RETENTION AND DISPOSAL:
    The records will be maintained in accordance with records 
disposition schedules approved by the National Archives and Records 
Administration. The schedules are available at www.cftc.gov.

SYSTEM MANAGER(S) AND ADDRESS:
    The Commission's Logistics and Operations Unit, Property Management 
Officer, located at the Commodity Futures Trading Commission, Three 
Lafayette Centre, 1155 21st Street NW., Washington, DC 20581.

NOTIFICATION PROCEDURE:
    Individuals seeking to determine whether this system of records 
contains information about themselves or seeking access to records 
about themselves in this system of records, or contesting the content 
of records about themselves contained in this system of records should 
address written inquiry to the Office of General Counsel, Paralegal 
Specialist, Commodity Futures Trading Commission, Three Lafayette 
Centre, 1155 21st Street NW., Washington, DC 20581. Telephone (202) 
418-5011.

RECORD SOURCE CATEGORIES:
    Employees, volunteers, interns, contractors or consultants who 
provide information through the Lost, Stolen, Damaged or Destroyed CFTC 
Property Report or in discussions with L&O staff, the Property Survey 
Board or Executive Director; selected L&O staff and the Property Survey 
Board members involved in reviewing a particular situation to make a 
recommendation regarding responsibility for reimbursement; the 
Executive Director, who makes the final decision regarding 
responsibility; and personnel in the Commission's Financial Management 
Branch who handle financial reimbursement issues.

EXEMPTIONS CLAIMED FOR THIS SYSTEM:
    None.

V. Notice: Internal Electronic Collaboration Tools

System Number:
    CFTC-47.

SYSTEM NAME:
    Internal Electronic Collaboration Tools.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    This system is located in the Commodity Futures Trading Commission 
headquarters, Three Lafayette Centre, 1155 21st Street NW., Washington, 
DC 20581.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    CFTC employees, interns, volunteers, contractors and consultants 
who are given access to the CFTC network.

CATEGORIES OF RECORDS IN THE SYSTEM:
    CFTC user name, title, business and personal contact information, 
and

[[Page 2051]]

organizational chart and hierarchy information. Those users who elect 
to participate in MySites will be able to publish additional personal 
information, such as personal photographs, information about their 
family status (such as whether they are married or have children), 
their hobbies, subject matter areas of Commission business about which 
they are knowledgeable, personal activities, notes, messages and other 
content. Also, the Internal Electronic Collaboration Tools will contain 
documents in electronic form covered by other CFTC Privacy Act System 
of Record Notices.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301; Commodity Exchange Act, 7 U.S.C. Sec.  1 et seq. 
including Section 12(b) of the Commodity Exchange Act, at 7 U.S.C. 
16(b)(3), and the rules and regulations promulgated thereunder.

PURPOSE(S):
    The purpose of the new system of records is to enhance and improve 
efficiencies in the dissemination and exchange of information within 
the Commission and allow colleagues to connect with each other. The 
internal electronic collaboration tools, utilizing the Microsoft 
SharePoint platform, will upgrade the Commission's intranet, allow 
users to set up team collaboration workspaces, facilitate sharing of 
documents, policies and information, and allow limited social 
networking through the SharePoint ``MySites'' feature. The new intranet 
will include Commission policies, procedures, forms, organization 
charts, news clips, links to other sites that are helpful for staff 
members, and links to other CFTC SharePoint sites containing shared 
documents and other information. The intranet will include content 
regarding program offices, services and support, and projects and 
activities. By connecting to a CFTC network administration database, 
the intranet will display a directory of all CFTC users, including 
titles, contact information and the photograph used for CFTC 
credentials for all employees, interns, volunteers, consultants and 
contractors (collectively ``users''). The MySites feature will allow 
CFTC users to set up a personal profile, upload pictures, and publish 
content and messages that are similar to email. MySites also allows 
users to join groups, connect with colleagues and receive a newsfeed 
when new information is posted.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    The information in this system will be routinely used by CFTC users 
to disseminate and share information, collaborate and communicate with 
each other with the goal of more efficiently conducting Commission 
business. Also, the Internal Electronic Collaboration Tools system will 
contain documents in electronic form covered by other System of Record 
Notices, and the routine uses for those System of Record Notices apply. 
In addition, information in this system may be disclosed in accordance 
with the blanket routine uses that appear in the Commission's Privacy 
Act Systems of Records Notices, see, e.g., 76 FR 5974 (Feb. 2, 2011).

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESS CONTROLS, 
RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Electronic records, including emails, spreadsheets, PDF files, 
other documents and content maintained in or through this system are 
stored on the Commission's network and other electronic media as 
needed, such as encrypted hard drives and back-up media. Print-outs of 
records in this system are stored in file folders, binders and similar 
filing methods.

RETRIEVABILITY:
    By name of the employee, volunteer, intern, consultant or 
contractor who has access to the CFTC network.

ACCESS CONTROLS, SAFEGUARDS:
    Records in the system are protected from unauthorized access and 
misuse through various administrative, technical and physical security 
measures. Technical security measures within CFTC include restrictions 
on computer access to authorized individuals, required use of strong 
passwords that are frequently changed, use of encryption for certain 
data types and transfers, and regular review of security procedures and 
best practices to enhance security. Physical measures include 
restrictions on building access to authorized individuals only and 
maintaining records in lockable offices and filing cabinets.

RETENTION AND DISPOSAL:
    The records will be maintained and dispositioned in accordance with 
records disposition schedules approved by the National Archives and 
Records Administration.

SYSTEM MANAGER(S) AND ADDRESS:
    The Commission's Office of Data and Technology, located at the 
Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st 
Street NW., Washington, DC 20581.

NOTIFICATION PROCEDURE:
    Individuals seeking to determine whether this system of records 
contains information about themselves or seeking access to records 
about themselves in this system of records, or contesting the content 
of records about themselves contained in this system of records should 
address written inquiry to the Office of General Counsel, Paralegal 
Specialist, Commodity Futures Trading Commission, Three Lafayette 
Centre, 1155 21st Street NW., Washington, DC 20581. Telephone (202) 
418-5011.

RECORD SOURCE CATEGORIES:
    CFTC employees, volunteers, interns, contractors or consultants who 
have access to the CFTC network and post information within the 
Internal Electronic Collaboration Tools. The source of user directory 
information is the network administration database.

EXEMPTIONS CLAIMED FOR THIS SYSTEM:
    The Internal Electronic Collaboration Tools system will contain 
documents in electronic form covered by other System of Record Notices, 
and the exemptions for those System of Record Notices apply.

    Issued in Washington, DC, this 5th day of January, 2012, by the 
Commission.
David Stawick,
Secretary of the Commission.
[FR Doc. 2012-547 Filed 1-12-12; 8:45 am]
BILLING CODE P