Privacy Act of 1974: Implementation of Exemptions; Department of Homeland Security Transportation Security Administration, DHS/TSA-021, TSA Pre✓TM, 2-5 [2013-31183]
Download as PDF
<![CDATA[
2
Federal Register / Vol. 79, No. 1 / Thursday, January 2, 2014 / Rules and Regulations
withdrew and rescinded the notice of
revocation and final rule amending
Appendix A to part 2641 of title 5. See
78 FR 70191. In the withdrawal notice,
OGE indicated that it planned to
republish this notice and final rule in
January 2014.
Accordingly, OGE is now
republishing that notice and final rule.
OGE hereby gives notice that the abovereferenced post-employment
exemptions, granted on October 29,
1991; November 10, 2003; and
December 4, 2003, respectively, will
expire and are revoked effective on
April 2, 2014. As of the effective date,
a person occupying any one of these
positions will become subject to the
post-employment restrictions of 18
U.S.C. 207(c) and (f) if the rate of basic
pay for the position is equal to or greater
than 86.5 percent of the rate of basic pay
payable for level II of the Executive
Schedule.
As stated in 5 CFR 2641.301(j)(3)(ii),
the Director of OGE is required to
‘‘maintain a listing of positions or
categories of positions in Appendix A to
[5 CFR part 2641] for which the 18
U.S.C. 207(c) restriction has been
waived.’’ As such, Appendix A of this
part is being amended to remove
references to those SEC positions that
are no longer exempt from the
restrictions of 18 U.S.C. 207(c) and (f).
These positions include: Solicitor,
Office of General Counsel; Chief
Litigation Counsel, Division of
Enforcement; Deputy Chief Litigation
Counsel, Division of Enforcement; SK–
17 Positions; SK–16 and lower-graded
SK positions supervised by employees
in SK–17 positions; and SK–16 and
lower-graded SK positions not
supervised by employees in SK–17
positions.
chapter 6) that this final rule would not
have a significant economic impact on
a substantial number of small entities
because it primarily affects current and
former Federal executive branch
employees.
II. Matters of Regulatory Procedure
List of Subjects in 5 CFR Part 2641
Conflict of interests, Government
employees.
mstockstill on DSK4VPTVN1PROD with RULES
Administrative Procedure Act
Pursuant to the Administrative
Procedure Act (APA), 5 U.S.C. 553(b),
OGE finds good cause to waive the
notice-and-comment requirements of
the APA, as the codification of OGE’s
revocation of exempted positions is
technical in nature, and it is important
and in the public interest that the
codification of OGE’s revocation of
exempted positions be published in the
Federal Register as promptly as
possible. For these reasons, OGE is
issuing this regulation as a final rule
effective 90 days after publication.
Paperwork Reduction Act
The Paperwork Reduction Act (44
U.S.C. chapter 35) does not apply
because this regulation does not contain
information collection requirements that
require approval of the Office of
Management and Budget.
Unfunded Mandates Reform Act
For purposes of the Unfunded
Mandates Reform Act of 1995 (2 U.S.C.
chapter 5, subchapter II), this final rule
would not significantly or uniquely
affect small governments and will not
result in increased expenditures by
State, local, and tribal governments, in
the aggregate, or by the private sector, of
$100 million or more (as adjusted for
inflation) in any one year.
Executive Order 12866
In promulgating this final rule, the
Office of Government Ethics has
adhered to the regulatory philosophy
and the applicable principles of
regulation set forth in section 1 of
Executive Order 12866, Regulatory
Planning and Review. This rule has not
been reviewed by the Office of
Management and Budget under that
Executive order since it is not
‘‘significant’’ under the order.
Executive Order 12988
As Director of the Office of
Government Ethics, I have reviewed this
final rule in light of section 3 of
Executive Order 12988, Civil Justice
Reform, and certify that it meets the
applicable standards provided therein.
Approved: December 18, 2013.
Walter M. Shaub, Jr.,
Director, Office of Government Ethics.
Accordingly, for the reasons set forth
in the preamble, the Office of
Government Ethics is amending part
2641 of subchapter B of chapter XVI of
title 5 of the Code of Federal
Regulations as follows:
PART 2641—POST-EMPLOYEMENT
CONFLICT OF INTEREST
RESTRICTIONS
Regulatory Flexibility Act
■
As Director of the Office of
Government Ethics, I certify under the
Regulatory Flexibility Act (5 U.S.C.
Authority: 5 U.S.C. App. (Ethics in
Government Act of 1978); 18 U.S.C. 207; E.O.
VerDate Mar<15>2010
18:52 Dec 31, 2013
Jkt 232001
1. The authority citation for part 2641
continues to read as follows:
PO 00000
Frm 00002
Fmt 4700
Sfmt 4700
12674, 54 FR 15159, 3 CFR, 1989 Comp., p.
215, as modified by E.O. 12731, 55 FR 42547,
3 CFR, 1990 Comp., p. 306.
Appendix A to Part 2641 [Amended]
2. Appendix A to part 2641 is
amended by removing the listing for the
Securities and Exchange Commission
(and all positions thereunder).
■
[FR Doc. 2013–30668 Filed 12–31–13; 8:45 am]
BILLING CODE 6345–03–P
DEPARTMENT OF HOMELAND
SECURITY
Office of the Secretary
6 CFR Part 5
[Docket No. DHS–2013–0041]
Privacy Act of 1974: Implementation of
Exemptions; Department of Homeland
Security Transportation Security
Administration, DHS/TSA–021, TSA
Pre✓TM Application Program System
of Records
Department of Homeland
Security.
ACTION: Final rule.
AGENCY:
The Department of Homeland
Security is issuing a final rule to amend
its regulations to exempt portions of a
newly established system of records
titled, ‘‘Department of Homeland
Security/Transportation Security
Administration–021, TSA Pre✓TM
Application Program System of
Records,’’ from one or more provisions
of the Privacy Act because of criminal,
civil, and administrative enforcement
requirements.
SUMMARY:
DATES:
Effective January 2, 2014.
For
general questions please contact: Peter
Pietra, TSA Privacy Officer, TSA–036,
601 South 12th Street, Arlington, VA
20598–6036; or email at TSAprivacy@
dhs.gov. For privacy questions, please
contact: Karen L. Neuman, (202) 343–
1717, Chief Privacy Officer, Privacy
Office, Department of Homeland
Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
FOR FURTHER INFORMATION CONTACT:
Background
The Department of Homeland
Security (DHS)/Transportation Security
Administration (TSA) published a
Notice of Proposed Rulemaking (NPRM)
in the Federal Register, 78 FR 55657
(Sept. 11, 2013), proposing to exempt
portions of the newly established ‘‘DHS/
TSA–021, TSA Pre✓TM Application
Program System of Records’’ from one
or more provisions of the Privacy Act
E:\FR\FM\02JAR1.SGM
02JAR1
Federal Register / Vol. 79, No. 1 / Thursday, January 2, 2014 / Rules and Regulations
because of criminal, civil, and
administrative enforcement
requirements. The DHS/TSA–021 TSA
Pre✓TM Application Program System of
Records Notice (SORN) was published
in the Federal Register, 78 FR 55274
(Sept. 10, 2013), and comments were
invited on both the NPRM and SORN.
Public Comments
DHS received 12 comments on the
NPRM and five comments on the SORN.
NPRM
mstockstill on DSK4VPTVN1PROD with RULES
Several comments exceeded the scope
of the exemption rulemaking and chose
instead to comment on TSA security
measures. DHS/TSA will not respond to
those comments.
DHS/TSA received a few comments
that objected to the proposal to claim
any exemptions from the Privacy Act for
the release of information collected
pursuant to the SORN. As stated in the
NPRM, no exemption will be asserted
regarding information in the system that
is submitted by a person if that person,
or his or her agent, seeks access to or
amendment of such information.
However, this system may contain
records or information created or
recompiled from information contained
in other systems of records that are
exempt from certain provisions of the
Privacy Act, such as law enforcement or
national security investigation or
encounter records, or terrorist screening
records. Disclosure of these records
from other systems, as noted in the
NPRM, could compromise investigatory
material compiled for law enforcement
or national security purposes. DHS will
examine each request on a case-by-case
basis and, after conferring with the
appropriate component or agency, may
waive applicable exemptions in
appropriate circumstances and when it
would not appear to interfere with or
adversely affect the investigatory
purposes of the systems from which the
information is recompiled or in which
it is contained.1
1 The TSA Pre✓TM Application Program performs
checks that are very similar to those performed for
populations such as TSA Transportation Worker
Identification Credential (TWIC) and Hazardous
Material Endorsement (HME) programs.
Accordingly, TSA proposed most of the same
Privacy Act exemptions for the TSA Pre✓TM
Application Program that are claimed for the
applicable System of Records Notice for the TWIC
and HME programs. The Privacy Act exemptions
claimed from the Transportation Security Threat
Assessment System of Records strike the right
balance of permitting TWIC and HME applicants to
correct errors or incomplete information in other
systems of records that may affect their ability to
receive one of these credentials, while also
protecting sensitive law enforcement or national
security information that may be included in other
systems of records.
VerDate Mar<15>2010
17:09 Dec 31, 2013
Jkt 232001
DHS/TSA received one comment from
a private individual recommending that
foreign service employees and their
families be automatically included this
program. The comment misapprehends
the program for which the NPRM was
published. The NPRM was published in
association with the SORN for the TSA
Pre✓TM Application program, which is
designed to allow individuals to apply
to be included in the program.
Separately, DHS/TSA continues to
evaluate populations that may otherwise
be eligible for TSA Pre✓TM screening.
DHS/TSA received one comment from
a private individual concerned that
exemptions under the Privacy Act
would allow TSA to engage in
discriminatory conduct based on race
and appearance, and that an individual
whose application is denied would have
limited recourse because TSA would
not provide enough information. The
security threat assessment involves
recurrent checks against law
enforcement, immigration, and
intelligence databases. TSA does not
make decisions regarding eligibility for
the TSA Pre✓TM Application Program
based on race or appearance. Eligibility
for the TSA Pre✓TM Application
Program is within the sole discretion of
TSA, which will notify individuals who
are denied eligibility in writing of the
reasons for the denial. If initially
deemed ineligible, applicants will have
an opportunity to correct cases of
misidentification or inaccurate criminal
or immigration records. Individuals
whom TSA determines are ineligible for
the TSA Pre✓TM Application Program
will continue to be screened at airport
security checkpoints according to TSA
standard screening protocols.
DHS/TSA received one comment from
a public interest research center that
asserting Privacy Act exemptions
contravenes the intent of the Privacy
Act. DHS does not agree that asserting
exemptions provided within the Privacy
Act contravenes the Privacy Act. As
reflected in the OMB Privacy Act
Implementation Guidelines, ‘‘the
drafters of the Act recognized that
application of all the requirements of
the Act to certain categories of records
would have had undesirable and often
unacceptable effects upon agencies in
the conduct of necessary public
business.’’ 40 FR 28948, 28971 (July 9,
1975).
The same commenter recognized the
need to withhold information pursuant
to Privacy Act exemptions during the
period of the investigation, but also
stated that individuals should be able to
receive such information after an
investigation is completed or made
public, with appropriate redactions to
PO 00000
Frm 00003
Fmt 4700
Sfmt 4700
3
protect the identities of witnesses and
informants. This commenter stated that
such post-investigation disclosures
would provide individuals with the
ability to address potential inaccuracies
in these records, and noted that the TSA
Pre✓TM Application Program will
provide applicants an opportunity to
correct inaccurate or incomplete
criminal records or immigration records.
As stated above, DHS will consider
requests on a case-by-case basis, and in
certain instances may waive applicable
exemptions and release material that
otherwise would be withheld. However,
certain information gathered in the
course of law enforcement or national
security investigations or encounters,
and created or recompiled from
information contained in other exempt
systems of records, will continue to be
exempted from disclosure. Some of
these records would reveal investigative
techniques, sensitive security
information, and classified information,
or permit the subjects of investigations
to interfere with related investigations.
Continuing to exempt these sensitive
records from disclosure is consistent
with the intent and spirit of the Privacy
Act. This information contained in a
document qualifying for exemption does
not lose its exempt status when
recompiled in another record if the
purposes underlying the exemption of
the original document pertain to the
recompilation as well.
While access under the Privacy Act
may be withheld under an appropriate
exemption, the DHS Traveler Redress
Inquiry Program (DHS TRIP) is a single
point of contact for individuals who
have inquiries or seek resolution
regarding difficulties they experienced
during their travel screening at
transportation hubs, and has been used
by individuals whose names are the
same or similar to those of individuals
on watch lists. See https://www.dhs.gov/
dhs-trip.
SORN
DHS/TSA received five comments on
the SORN. One commenter asked if TSA
Pre✓TM Application Program applicants
would be advised as to the reasons for
a denial of that application. As
explained in the SORN and NPRM, TSA
will notify applicants who are denied
eligibility in writing of the reasons for
the denial. If initially deemed ineligible,
applicants will have an opportunity to
correct cases of misidentification or
inaccurate criminal or immigration
records.
Consistent with 28 CFR 50.12 in cases
involving criminal records, and before
making a final eligibility decision, TSA
will advise the applicant that the FBI
E:\FR\FM\02JAR1.SGM
02JAR1
mstockstill on DSK4VPTVN1PROD with RULES
4
Federal Register / Vol. 79, No. 1 / Thursday, January 2, 2014 / Rules and Regulations
criminal record discloses information
that would disqualify him or her from
the TSA ✓TM Application Program.
Within 30 days after being advised that
the criminal record received from the
FBI discloses a disqualifying criminal
offense, the applicant must notify TSA
in writing of his or her intent to correct
any information he or she believes to be
inaccurate. The applicant must provide
a certified revised record, or the
appropriate court must forward a
certified true copy of the information,
prior to TSA approving eligibility of the
applicant for the TSA ✓TM Application
Program. With respect to immigration
records, within 30 days after being
advised that the immigration records
indicate that the applicant is ineligible
for the TSA Pre✓TM Application
Program, the applicant must notify TSA
in writing of his or her intent to correct
any information believed to be
inaccurate. TSA will review any
information submitted and make a final
decision. If neither notification nor a
corrected record is received by TSA,
TSA may make a final determination to
deny eligibility.
One advocacy group stated that
records of travel itineraries should be
expunged because, as the commenter
claimed, they are records of how
individuals exercise their First
Amendment rights. The TSA Pre✓TM
Application Program neither requests
nor maintains applicant travel itinerary
records, so this comment is
inapplicable.
Contrary to some commenters’
assertion that the TSA Pre✓TM
Application Program infringes upon an
individual’s right to travel, this program
will provide an added convenience to
the majority of the traveling public.
A public interest research center
noted that according to the SORN,
Known Traveler Numbers (KTNs) will
be granted to individuals who pose a
‘‘low’’ risk to transportation security,
while the Secure Flight regulation (see
49 CFR 1560.3) provides that when a
known traveler program is instituted,
individuals for whom the Federal
government has conducted a security
threat assessment and who do ‘‘not pose
a security threat’’ will be provided a
KTN. This commenter stated that DHS
thus used the SORN to amend the
Secure Flight regulation. DHS disagrees
that the use of these two phrases
constitutes a change in the Secure Flight
regulation for who may receive a KTN.
In response to comments on the Secure
Flight proposed rule, TSA stated that it
intended ‘‘to develop and implement
the Known Traveler Number as part of
the Secure Flight program. . . .’’ and
that a KTN will be assigned to
VerDate Mar<15>2010
17:09 Dec 31, 2013
Jkt 232001
individuals ‘‘for whom the Federal
government has already conducted a
terrorist security threat assessment and
has determined does not pose a terrorist
security threat.’’ See 73 FR 64018, 64034
(Oct. 28, 2008).
TSA will compare TSA Pre✓TM
Application Program applicants to
terrorist watch lists to determine
whether the individuals pose a terrorist
threat, but its threat assessment also will
include law enforcement records checks
to determine whether applicants in
other ways pose a security threat.2
Applicants who are found to present a
low risk to security, i.e., they do not
pose either a terrorist security threat nor
a more general security threat, will be
provided a KTN.3
The use of the phrase ‘‘low risk’’ is
neither an expansion nor a contraction
of the population that was anticipated to
receive KTNs under the Secure Flight
rule; rather, as the TSA Pre✓TM program
was developed, the use of the term ‘‘low
risk’’ was employed to more accurately
describe who will receive a KTN. The
TSA Pre✓TM Application Program is a
trusted traveler program, not a program
open to all except those who present a
terrorist threat. This standard also is
consistent with the statutory
authorization TSA received from the
Congress to ‘‘[e]stablish requirements to
implement trusted passenger programs
and use available technologies to
expedite security screening of
passengers who participate in such
programs, thereby allowing security
screening personnel to focus on those
passengers who should be subject to
more extensive screening.’’ See sec.
109(a)(3) of the Aviation and
Transportation Security Act (ATSA),
Public Law 107–71 (115 Stat. 597, 613,
2 As TSA developed its known traveler program
under the Secure Flight rule, it determined that it
would require a security threat assessment similar
to the threat assessment used for the TWIC and
HME programs. The threat assessments for the
TWIC and HME programs compare applicant names
to watch lists and to law enforcement records to
determine whether applicants pose a terrorist threat
or other security threat. As part of this assessment,
certain criminal convictions (e.g., espionage) are
determined to be permanent bars to receiving a
TWIC or HME, while other convictions (e.g.,
smuggling) require a period of time to have passed
post-conviction or post-imprisonment before the
applicant will be considered for the program. See
49 CFR 1572.103. The TWIC and HME programs
thus consider not only whether an applicant poses
a terrorist threat, but also whether the applicant
otherwise poses a security threat.
3 In developing its known traveler program, TSA
relied on its expertise in aviation security to
determine that a ‘‘threat’’ includes a declaration of
intent to cause harm, or something likely to cause
harm. Furthermore, TSA determined that a ‘‘risk’’
only represents a chance of something going wrong
or a possibility of danger. Therefore, TSA deemed
that ‘‘low risk’’ individuals ‘‘do not pose a security
threat’’ to aviation security.
PO 00000
Frm 00004
Fmt 4700
Sfmt 4700
Nov. 19, 2001, codified at 49 U.S.C. 114
note).
TSA promulgated the Secure Flight
rule under the Administrative
Procedure Act (APA), 5 U.S.C. 553, and
clearly indicated that TSA was still
developing its KTN program. The
method that TSA selected to determine
who receives KTNs under the TSA
Pre✓TM Application Program does not
substantively affect the public to a
degree sufficient to implicate the policy
interests underlying notice-andcomment rulemaking requirements. As
noted in the SORN, the TSA Pre✓TM
Application Program does not impose
any impediment on any individual
traveler that is different from that
experienced by the general traveling
public, and individuals who TSA
determines to be ineligible for the
program will continue to be screened at
airport security checkpoints according
to TSA standard screening protocols.
See 78 FR 55274, 55275. Specifically, a
traveler denied admission into a TSA
Pre✓TM lane because he or she does not
have a KTN will face no greater
screening impediment than anyone in
the standard screening lane. Thus,
notice-and-comment rulemaking is not
required because the Secure Flight
regulation notified the public that TSA
would retain the ability to determine
who might receive a KTN, and also
because no new substantive burden or
impediment for any traveler has been
created. As such, the use of the phrase
‘‘low risk’’ does not constitute an
amendment to the Secure Flight
regulation.
The same commenter also suggested
that TSA should make public its
algorithms or thresholds for determining
which TSA Pre✓TM; Application
Program applicants are approved. If
TSA were to make its algorithms public,
it would be possible for individuals who
seek to disrupt civil aviation to
circumvent the algorithms. Such
disclosure would be contrary to TSA’s
mission and might endanger the flying
public.
Other commenters suggested that
applicant information should be
destroyed immediately after providing
eligible individuals a KTN. For those
individuals granted KTNs, TSA will
maintain the application data while the
KTN is valid and for one additional year
to ensure that the security mission of
the agency is properly protected.
Without the application data, TSA
would be unable to identify instances of
fraud, identity theft, evolving risks, and
other security issues. Moreover,
destruction of the underlying
application information will hinder
TSA’s ability to assist KTN holders who
E:\FR\FM\02JAR1.SGM
02JAR1
Federal Register / Vol. 79, No. 1 / Thursday, January 2, 2014 / Rules and Regulations
have lost their numbers and could cause
them to have to reapply for the program.
TSA also will retain application data to
protect applicants’ right to correct
underlying information in the case of an
initial denial.
Two commenters questioned whether
applicant information should be shared
both within and outside DHS. TSA
follows standard information-sharing
principles among DHS components in
accordance with the Privacy Act. In
addition, TSA has narrowly tailored the
routine uses that it has proposed to
serve its mission and promote efficiency
within the Federal Government.
A public interest research center
objected to three of the routine uses
proposed for the system of records,
arguing that the routine uses would
result in blanket sharing with law
enforcement agencies, foreign entities,
and the public for other purposes. DHS
has considered the comment but
disagrees. The exercise of any routine
use is subject to the requirement that
sharing be compatible with the purposes
for which the information was collected.
Several commenters objected that the
TSA Pre✓TM Application Program
violates the U.S. Constitution or
international treaty. DHS disagrees with
the commenters as to the
Constitutionality of the program, and
notes that the treaty cited by an
advocacy group expressly contradicts
the position taken by the commenter by
excluding requirements provided by law
or necessary for national security from
the treaty’s proscription.
After careful consideration of public
comments, the Department will
implement the rulemaking as proposed.
List of Subjects in 6 CFR Part 5
Freedom of information; Privacy.
For the reasons stated in the
preamble, DHS amends Chapter I of
Title 6, Code of Federal Regulations, as
follows:
PART 5—DISCLOSURE OF RECORDS
AND INFORMATION
1. The authority citation for Part 5
continues to read as follows:
■
Authority: 6 U.S.C. 101 et seq.; Pub. L.
107–296, 116 Stat. 2135; 5 U.S.C. 301.
Subpart A also issued under 5 U.S.C. 552.
Subpart B also issued under 5 U.S.C. 552a.
2. Add new paragraph 71 to Appendix
C to Part 5 to read as follows:
mstockstill on DSK4VPTVN1PROD with RULES
■
Appendix C to Part 5—DHS Systems of
Records Exempt From the Privacy Act
*
*
*
*
*
71. The Department of Homeland Security
(DHS)/Transportation Security
Administration (TSA)-021 TSA Pre✓TM
VerDate Mar<15>2010
17:09 Dec 31, 2013
Jkt 232001
Application Program System of Records
consists of electronic and paper records and
will be used by DHS/TSA. The DHS/TSA–
021 Pre✓TM Application Program System of
Records is a repository of information held
by DHS/TSA on individuals who voluntarily
provide personally identifiable information
(PII) to TSA in return for enrollment in a
program that will make them eligible for
expedited security screening at designated
airports. This System of Records contains PII
in biographic application data, biometric
information, pointer information to law
enforcement databases, payment tracking,
and U.S. application membership decisions
that support the TSA Pre✓TM Application
Program membership decisions. The DHS/
TSA–021 TSA Pre✓TM Application Program
System of Records contains information that
is collected by, on behalf of, in support of,
or in cooperation with DHS and its
components and may contain PII collected by
other federal, state, local, tribal, territorial, or
foreign government agencies. The Secretary
of Homeland Security, pursuant to 5 U.S.C.
552a(k)(1) and (k)(2), has exempted this
system from the following provisions of the
Privacy Act: 5 U.S.C. 552a(c)(3); (d); (e)(1);
(e)(4)(G), (H), and (I); and (f). Where a record
received from another system has been
exempted in that source system under 5
U.S.C. 552a(k)(1) and (k)(2), DHS will claim
the same exemptions for those records that
are claimed for the original primary systems
of records from which they originated and
claims any additional exemptions set forth
here. Exemptions from these particular
subsections are justified, on a case-by-case
basis to be determined at the time a request
is made, for the following reasons:
(a) From subsection (c)(3) (Accounting for
Disclosures) because release of the
accounting of disclosures could alert the
subject of an investigation of an actual or
potential criminal, civil, or regulatory
violation to the existence of that investigation
and reveal investigative interest on the part
of DHS as well as the recipient agency.
Disclosure of the accounting would therefore
present a serious impediment to law
enforcement efforts and/or efforts to preserve
national security. Disclosure of the
accounting also would permit the individual
who is the subject of a record to impede the
investigation, to tamper with witnesses or
evidence, and to avoid detection or
apprehension, which would undermine the
entire investigative process.
(b) From subsection (d) (Access to Records)
because access to the records contained in
this system of records could inform the
subject of an investigation of an actual or
potential criminal, civil, or regulatory
violation to the existence of that investigation
and reveal investigative interest on the part
of DHS or another agency. Access to the
records could permit the individual who is
the subject of a record to impede the
investigation, to tamper with witnesses or
evidence, and to avoid detection or
apprehension. Amendment of the records
could interfere with ongoing investigations
and law enforcement activities and would
impose an unreasonable administrative
burden by requiring investigations to be
continually reinvestigated. In addition,
PO 00000
Frm 00005
Fmt 4700
Sfmt 4700
5
permitting access and amendment to such
information could disclose security-sensitive
information that could be detrimental to
homeland security.
(c) From subsection (e)(1) (Relevancy and
Necessity of Information) because in the
course of investigations into potential
violations of federal law, the accuracy of
information obtained or introduced
occasionally may be unclear, or the
information may not be strictly relevant or
necessary to a specific investigation. In the
interests of effective law enforcement, it is
appropriate to retain all information that may
aid in establishing patterns of unlawful
activity.
(d) From subsections (e)(4)(G), (H), and (I)
(Agency Requirements) and (f) (Agency
Rules), because portions of this system are
exempt from the individual access provisions
of subsection (d) for the reasons noted above,
and therefore DHS is not required to establish
requirements, rules, or procedures with
respect to such access. Providing notice to
individuals with respect to the existence of
records pertaining to them in the system of
records or otherwise setting up procedures
pursuant to which individuals may access
and view records pertaining to themselves in
the system would undermine investigative
efforts and reveal the identities of witnesses,
potential witnesses, and confidential
informants.
Dated: December 20, 2013.
Karen L. Neuman,
Chief Privacy Officer, Department of
Homeland Security.
[FR Doc. 2013–31183 Filed 12–31–13; 8:45 am]
BILLING CODE 9110–9M–P
DEPARTMENT OF AGRICULTURE
Food and Nutrition Service
7 CFR Part 271, 272, 274, 276, and 277
RIN 0584–AD99
Automated Data Processing and
Information Retrieval System
Requirements: System Testing
Food and Nutrition Service,
USDA.
ACTION: Final rule.
AGENCY:
The Food and Nutrition
Service (FNS) is adopting as a final rule,
without substantive changes, the
proposed rule that amends the
Supplemental Nutrition Assistance
Program (SNAP) regulations to
implement Section 4121 of the Food,
Conservation, and Energy Act of 2008
(the Farm Bill), which requires adequate
system testing before and after
implementation of a new State
automated data processing (ADP) and
information retrieval system, including
the evaluation of data from pilot
projects in limited areas for major
SUMMARY:
E:\FR\FM\02JAR1.SGM
02JAR1
]]>Agencies
[Federal Register Volume 79, Number 1 (Thursday, January 2, 2014)]
[Rules and Regulations]
[Pages 2-5]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2013-31183]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
6 CFR Part 5
[Docket No. DHS-2013-0041]
Privacy Act of 1974: Implementation of Exemptions; Department of
Homeland Security Transportation Security Administration, DHS/TSA-021,
TSA Pre[check]TM Application Program System of Records
AGENCY: Department of Homeland Security.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Department of Homeland Security is issuing a final rule to
amend its regulations to exempt portions of a newly established system
of records titled, ``Department of Homeland Security/Transportation
Security Administration-021, TSA Pre[check]TM Application
Program System of Records,'' from one or more provisions of the Privacy
Act because of criminal, civil, and administrative enforcement
requirements.
DATES: Effective January 2, 2014.
FOR FURTHER INFORMATION CONTACT: For general questions please contact:
Peter Pietra, TSA Privacy Officer, TSA-036, 601 South 12th Street,
Arlington, VA 20598-6036; or email at TSAprivacy@dhs.gov. For privacy
questions, please contact: Karen L. Neuman, (202) 343-1717, Chief
Privacy Officer, Privacy Office, Department of Homeland Security,
Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
Background
The Department of Homeland Security (DHS)/Transportation Security
Administration (TSA) published a Notice of Proposed Rulemaking (NPRM)
in the Federal Register, 78 FR 55657 (Sept. 11, 2013), proposing to
exempt portions of the newly established ``DHS/TSA-021, TSA
Pre[check]TM Application Program System of Records'' from
one or more provisions of the Privacy Act
[[Page 3]]
because of criminal, civil, and administrative enforcement
requirements. The DHS/TSA-021 TSA Pre[check]TM Application
Program System of Records Notice (SORN) was published in the Federal
Register, 78 FR 55274 (Sept. 10, 2013), and comments were invited on
both the NPRM and SORN.
Public Comments
DHS received 12 comments on the NPRM and five comments on the SORN.
NPRM
Several comments exceeded the scope of the exemption rulemaking and
chose instead to comment on TSA security measures. DHS/TSA will not
respond to those comments.
DHS/TSA received a few comments that objected to the proposal to
claim any exemptions from the Privacy Act for the release of
information collected pursuant to the SORN. As stated in the NPRM, no
exemption will be asserted regarding information in the system that is
submitted by a person if that person, or his or her agent, seeks access
to or amendment of such information. However, this system may contain
records or information created or recompiled from information contained
in other systems of records that are exempt from certain provisions of
the Privacy Act, such as law enforcement or national security
investigation or encounter records, or terrorist screening records.
Disclosure of these records from other systems, as noted in the NPRM,
could compromise investigatory material compiled for law enforcement or
national security purposes. DHS will examine each request on a case-by-
case basis and, after conferring with the appropriate component or
agency, may waive applicable exemptions in appropriate circumstances
and when it would not appear to interfere with or adversely affect the
investigatory purposes of the systems from which the information is
recompiled or in which it is contained.\1\
---------------------------------------------------------------------------
\1\ The TSA Pre[check]TM Application Program performs
checks that are very similar to those performed for populations such
as TSA Transportation Worker Identification Credential (TWIC) and
Hazardous Material Endorsement (HME) programs. Accordingly, TSA
proposed most of the same Privacy Act exemptions for the TSA
Pre[check]TM Application Program that are claimed for the
applicable System of Records Notice for the TWIC and HME programs.
The Privacy Act exemptions claimed from the Transportation Security
Threat Assessment System of Records strike the right balance of
permitting TWIC and HME applicants to correct errors or incomplete
information in other systems of records that may affect their
ability to receive one of these credentials, while also protecting
sensitive law enforcement or national security information that may
be included in other systems of records.
---------------------------------------------------------------------------
DHS/TSA received one comment from a private individual recommending
that foreign service employees and their families be automatically
included this program. The comment misapprehends the program for which
the NPRM was published. The NPRM was published in association with the
SORN for the TSA Pre[check]TM Application program, which is
designed to allow individuals to apply to be included in the program.
Separately, DHS/TSA continues to evaluate populations that may
otherwise be eligible for TSA Pre[check]TM screening.
DHS/TSA received one comment from a private individual concerned
that exemptions under the Privacy Act would allow TSA to engage in
discriminatory conduct based on race and appearance, and that an
individual whose application is denied would have limited recourse
because TSA would not provide enough information. The security threat
assessment involves recurrent checks against law enforcement,
immigration, and intelligence databases. TSA does not make decisions
regarding eligibility for the TSA Pre[check]TM Application
Program based on race or appearance. Eligibility for the TSA
Pre[check]TM Application Program is within the sole
discretion of TSA, which will notify individuals who are denied
eligibility in writing of the reasons for the denial. If initially
deemed ineligible, applicants will have an opportunity to correct cases
of misidentification or inaccurate criminal or immigration records.
Individuals whom TSA determines are ineligible for the TSA
Pre[check]TM Application Program will continue to be
screened at airport security checkpoints according to TSA standard
screening protocols.
DHS/TSA received one comment from a public interest research center
that asserting Privacy Act exemptions contravenes the intent of the
Privacy Act. DHS does not agree that asserting exemptions provided
within the Privacy Act contravenes the Privacy Act. As reflected in the
OMB Privacy Act Implementation Guidelines, ``the drafters of the Act
recognized that application of all the requirements of the Act to
certain categories of records would have had undesirable and often
unacceptable effects upon agencies in the conduct of necessary public
business.'' 40 FR 28948, 28971 (July 9, 1975).
The same commenter recognized the need to withhold information
pursuant to Privacy Act exemptions during the period of the
investigation, but also stated that individuals should be able to
receive such information after an investigation is completed or made
public, with appropriate redactions to protect the identities of
witnesses and informants. This commenter stated that such post-
investigation disclosures would provide individuals with the ability to
address potential inaccuracies in these records, and noted that the TSA
Pre[check]TM Application Program will provide applicants an
opportunity to correct inaccurate or incomplete criminal records or
immigration records.
As stated above, DHS will consider requests on a case-by-case
basis, and in certain instances may waive applicable exemptions and
release material that otherwise would be withheld. However, certain
information gathered in the course of law enforcement or national
security investigations or encounters, and created or recompiled from
information contained in other exempt systems of records, will continue
to be exempted from disclosure. Some of these records would reveal
investigative techniques, sensitive security information, and
classified information, or permit the subjects of investigations to
interfere with related investigations. Continuing to exempt these
sensitive records from disclosure is consistent with the intent and
spirit of the Privacy Act. This information contained in a document
qualifying for exemption does not lose its exempt status when
recompiled in another record if the purposes underlying the exemption
of the original document pertain to the recompilation as well.
While access under the Privacy Act may be withheld under an
appropriate exemption, the DHS Traveler Redress Inquiry Program (DHS
TRIP) is a single point of contact for individuals who have inquiries
or seek resolution regarding difficulties they experienced during their
travel screening at transportation hubs, and has been used by
individuals whose names are the same or similar to those of individuals
on watch lists. See https://www.dhs.gov/dhs-trip.
SORN
DHS/TSA received five comments on the SORN. One commenter asked if
TSA Pre[check]TM Application Program applicants would be
advised as to the reasons for a denial of that application. As
explained in the SORN and NPRM, TSA will notify applicants who are
denied eligibility in writing of the reasons for the denial. If
initially deemed ineligible, applicants will have an opportunity to
correct cases of misidentification or inaccurate criminal or
immigration records.
Consistent with 28 CFR 50.12 in cases involving criminal records,
and before making a final eligibility decision, TSA will advise the
applicant that the FBI
[[Page 4]]
criminal record discloses information that would disqualify him or her
from the TSA [check]TM Application Program. Within 30 days
after being advised that the criminal record received from the FBI
discloses a disqualifying criminal offense, the applicant must notify
TSA in writing of his or her intent to correct any information he or
she believes to be inaccurate. The applicant must provide a certified
revised record, or the appropriate court must forward a certified true
copy of the information, prior to TSA approving eligibility of the
applicant for the TSA [check]TM Application Program. With
respect to immigration records, within 30 days after being advised that
the immigration records indicate that the applicant is ineligible for
the TSA Pre[check]TM Application Program, the applicant must
notify TSA in writing of his or her intent to correct any information
believed to be inaccurate. TSA will review any information submitted
and make a final decision. If neither notification nor a corrected
record is received by TSA, TSA may make a final determination to deny
eligibility.
One advocacy group stated that records of travel itineraries should
be expunged because, as the commenter claimed, they are records of how
individuals exercise their First Amendment rights. The TSA
Pre[check]TM Application Program neither requests nor
maintains applicant travel itinerary records, so this comment is
inapplicable.
Contrary to some commenters' assertion that the TSA
Pre[check]TM Application Program infringes upon an
individual's right to travel, this program will provide an added
convenience to the majority of the traveling public.
A public interest research center noted that according to the SORN,
Known Traveler Numbers (KTNs) will be granted to individuals who pose a
``low'' risk to transportation security, while the Secure Flight
regulation (see 49 CFR 1560.3) provides that when a known traveler
program is instituted, individuals for whom the Federal government has
conducted a security threat assessment and who do ``not pose a security
threat'' will be provided a KTN. This commenter stated that DHS thus
used the SORN to amend the Secure Flight regulation. DHS disagrees that
the use of these two phrases constitutes a change in the Secure Flight
regulation for who may receive a KTN. In response to comments on the
Secure Flight proposed rule, TSA stated that it intended ``to develop
and implement the Known Traveler Number as part of the Secure Flight
program. . . .'' and that a KTN will be assigned to individuals ``for
whom the Federal government has already conducted a terrorist security
threat assessment and has determined does not pose a terrorist security
threat.'' See 73 FR 64018, 64034 (Oct. 28, 2008).
TSA will compare TSA Pre[check]TM Application Program
applicants to terrorist watch lists to determine whether the
individuals pose a terrorist threat, but its threat assessment also
will include law enforcement records checks to determine whether
applicants in other ways pose a security threat.\2\ Applicants who are
found to present a low risk to security, i.e., they do not pose either
a terrorist security threat nor a more general security threat, will be
provided a KTN.\3\
---------------------------------------------------------------------------
\2\ As TSA developed its known traveler program under the Secure
Flight rule, it determined that it would require a security threat
assessment similar to the threat assessment used for the TWIC and
HME programs. The threat assessments for the TWIC and HME programs
compare applicant names to watch lists and to law enforcement
records to determine whether applicants pose a terrorist threat or
other security threat. As part of this assessment, certain criminal
convictions (e.g., espionage) are determined to be permanent bars to
receiving a TWIC or HME, while other convictions (e.g., smuggling)
require a period of time to have passed post-conviction or post-
imprisonment before the applicant will be considered for the
program. See 49 CFR 1572.103. The TWIC and HME programs thus
consider not only whether an applicant poses a terrorist threat, but
also whether the applicant otherwise poses a security threat.
\3\ In developing its known traveler program, TSA relied on its
expertise in aviation security to determine that a ``threat''
includes a declaration of intent to cause harm, or something likely
to cause harm. Furthermore, TSA determined that a ``risk'' only
represents a chance of something going wrong or a possibility of
danger. Therefore, TSA deemed that ``low risk'' individuals ``do not
pose a security threat'' to aviation security.
---------------------------------------------------------------------------
The use of the phrase ``low risk'' is neither an expansion nor a
contraction of the population that was anticipated to receive KTNs
under the Secure Flight rule; rather, as the TSA
Pre[check]TM program was developed, the use of the term
``low risk'' was employed to more accurately describe who will receive
a KTN. The TSA Pre[check]TM Application Program is a trusted
traveler program, not a program open to all except those who present a
terrorist threat. This standard also is consistent with the statutory
authorization TSA received from the Congress to ``[e]stablish
requirements to implement trusted passenger programs and use available
technologies to expedite security screening of passengers who
participate in such programs, thereby allowing security screening
personnel to focus on those passengers who should be subject to more
extensive screening.'' See sec. 109(a)(3) of the Aviation and
Transportation Security Act (ATSA), Public Law 107-71 (115 Stat. 597,
613, Nov. 19, 2001, codified at 49 U.S.C. 114 note).
TSA promulgated the Secure Flight rule under the Administrative
Procedure Act (APA), 5 U.S.C. 553, and clearly indicated that TSA was
still developing its KTN program. The method that TSA selected to
determine who receives KTNs under the TSA Pre[check]TM
Application Program does not substantively affect the public to a
degree sufficient to implicate the policy interests underlying notice-
and-comment rulemaking requirements. As noted in the SORN, the TSA
Pre[check]TM Application Program does not impose any
impediment on any individual traveler that is different from that
experienced by the general traveling public, and individuals who TSA
determines to be ineligible for the program will continue to be
screened at airport security checkpoints according to TSA standard
screening protocols. See 78 FR 55274, 55275. Specifically, a traveler
denied admission into a TSA Pre[check]TM lane because he or
she does not have a KTN will face no greater screening impediment than
anyone in the standard screening lane. Thus, notice-and-comment
rulemaking is not required because the Secure Flight regulation
notified the public that TSA would retain the ability to determine who
might receive a KTN, and also because no new substantive burden or
impediment for any traveler has been created. As such, the use of the
phrase ``low risk'' does not constitute an amendment to the Secure
Flight regulation.
The same commenter also suggested that TSA should make public its
algorithms or thresholds for determining which TSA
Pre[check]TM; Application Program applicants are approved.
If TSA were to make its algorithms public, it would be possible for
individuals who seek to disrupt civil aviation to circumvent the
algorithms. Such disclosure would be contrary to TSA's mission and
might endanger the flying public.
Other commenters suggested that applicant information should be
destroyed immediately after providing eligible individuals a KTN. For
those individuals granted KTNs, TSA will maintain the application data
while the KTN is valid and for one additional year to ensure that the
security mission of the agency is properly protected. Without the
application data, TSA would be unable to identify instances of fraud,
identity theft, evolving risks, and other security issues. Moreover,
destruction of the underlying application information will hinder TSA's
ability to assist KTN holders who
[[Page 5]]
have lost their numbers and could cause them to have to reapply for the
program. TSA also will retain application data to protect applicants'
right to correct underlying information in the case of an initial
denial.
Two commenters questioned whether applicant information should be
shared both within and outside DHS. TSA follows standard information-
sharing principles among DHS components in accordance with the Privacy
Act. In addition, TSA has narrowly tailored the routine uses that it
has proposed to serve its mission and promote efficiency within the
Federal Government.
A public interest research center objected to three of the routine
uses proposed for the system of records, arguing that the routine uses
would result in blanket sharing with law enforcement agencies, foreign
entities, and the public for other purposes. DHS has considered the
comment but disagrees. The exercise of any routine use is subject to
the requirement that sharing be compatible with the purposes for which
the information was collected.
Several commenters objected that the TSA Pre[check]TM
Application Program violates the U.S. Constitution or international
treaty. DHS disagrees with the commenters as to the Constitutionality
of the program, and notes that the treaty cited by an advocacy group
expressly contradicts the position taken by the commenter by excluding
requirements provided by law or necessary for national security from
the treaty's proscription.
After careful consideration of public comments, the Department will
implement the rulemaking as proposed.
List of Subjects in 6 CFR Part 5
Freedom of information; Privacy.
For the reasons stated in the preamble, DHS amends Chapter I of
Title 6, Code of Federal Regulations, as follows:
PART 5--DISCLOSURE OF RECORDS AND INFORMATION
0
1. The authority citation for Part 5 continues to read as follows:
Authority: 6 U.S.C. 101 et seq.; Pub. L. 107-296, 116 Stat.
2135; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552.
Subpart B also issued under 5 U.S.C. 552a.
0
2. Add new paragraph 71 to Appendix C to Part 5 to read as follows:
Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy
Act
* * * * *
71. The Department of Homeland Security (DHS)/Transportation
Security Administration (TSA)-021 TSA Pre[check]TM
Application Program System of Records consists of electronic and
paper records and will be used by DHS/TSA. The DHS/TSA-021
Pre[check]TM Application Program System of Records is a
repository of information held by DHS/TSA on individuals who
voluntarily provide personally identifiable information (PII) to TSA
in return for enrollment in a program that will make them eligible
for expedited security screening at designated airports. This System
of Records contains PII in biographic application data, biometric
information, pointer information to law enforcement databases,
payment tracking, and U.S. application membership decisions that
support the TSA Pre[check]TM Application Program
membership decisions. The DHS/TSA-021 TSA Pre[check]TM
Application Program System of Records contains information that is
collected by, on behalf of, in support of, or in cooperation with
DHS and its components and may contain PII collected by other
federal, state, local, tribal, territorial, or foreign government
agencies. The Secretary of Homeland Security, pursuant to 5 U.S.C.
552a(k)(1) and (k)(2), has exempted this system from the following
provisions of the Privacy Act: 5 U.S.C. 552a(c)(3); (d); (e)(1);
(e)(4)(G), (H), and (I); and (f). Where a record received from
another system has been exempted in that source system under 5
U.S.C. 552a(k)(1) and (k)(2), DHS will claim the same exemptions for
those records that are claimed for the original primary systems of
records from which they originated and claims any additional
exemptions set forth here. Exemptions from these particular
subsections are justified, on a case-by-case basis to be determined
at the time a request is made, for the following reasons:
(a) From subsection (c)(3) (Accounting for Disclosures) because
release of the accounting of disclosures could alert the subject of
an investigation of an actual or potential criminal, civil, or
regulatory violation to the existence of that investigation and
reveal investigative interest on the part of DHS as well as the
recipient agency. Disclosure of the accounting would therefore
present a serious impediment to law enforcement efforts and/or
efforts to preserve national security. Disclosure of the accounting
also would permit the individual who is the subject of a record to
impede the investigation, to tamper with witnesses or evidence, and
to avoid detection or apprehension, which would undermine the entire
investigative process.
(b) From subsection (d) (Access to Records) because access to
the records contained in this system of records could inform the
subject of an investigation of an actual or potential criminal,
civil, or regulatory violation to the existence of that
investigation and reveal investigative interest on the part of DHS
or another agency. Access to the records could permit the individual
who is the subject of a record to impede the investigation, to
tamper with witnesses or evidence, and to avoid detection or
apprehension. Amendment of the records could interfere with ongoing
investigations and law enforcement activities and would impose an
unreasonable administrative burden by requiring investigations to be
continually reinvestigated. In addition, permitting access and
amendment to such information could disclose security-sensitive
information that could be detrimental to homeland security.
(c) From subsection (e)(1) (Relevancy and Necessity of
Information) because in the course of investigations into potential
violations of federal law, the accuracy of information obtained or
introduced occasionally may be unclear, or the information may not
be strictly relevant or necessary to a specific investigation. In
the interests of effective law enforcement, it is appropriate to
retain all information that may aid in establishing patterns of
unlawful activity.
(d) From subsections (e)(4)(G), (H), and (I) (Agency
Requirements) and (f) (Agency Rules), because portions of this
system are exempt from the individual access provisions of
subsection (d) for the reasons noted above, and therefore DHS is not
required to establish requirements, rules, or procedures with
respect to such access. Providing notice to individuals with respect
to the existence of records pertaining to them in the system of
records or otherwise setting up procedures pursuant to which
individuals may access and view records pertaining to themselves in
the system would undermine investigative efforts and reveal the
identities of witnesses, potential witnesses, and confidential
informants.
Dated: December 20, 2013.
Karen L. Neuman,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2013-31183 Filed 12-31-13; 8:45 am]
BILLING CODE 9110-9M-P
