Privacy Act of 1974; Department of Homeland Security National Protection and Programs Directorate-002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records, 28752-28757 [2014-11431]
Download as PDF
28752
Federal Register / Vol. 79, No. 96 / Monday, May 19, 2014 / Notices
Information Act Officer, Department of
Homeland Security, 245 Murray Drive
SW., Building 410, STOP–0655,
Washington, DC 20528.
When seeking records about yourself
from this system of records or any other
Departmental system of records, your
request must conform with the Privacy
Act regulations set forth in 6 CFR Part
5. You must first verify your identity,
meaning that you must provide your full
name, current address, and date and
place of birth. You must sign your
request, and your signature must either
be notarized or submitted under 28
U.S.C. 1746, a law that permits
statements to be made under penalty of
perjury as a substitute for notarization.
While no specific form is required, you
may obtain forms for this purpose from
the Chief Privacy Officer and Chief
Freedom of Information Act Officer,
https://www.dhs.gov/foia or 1–866–431–
0486. In addition you should:
• Explain why you believe the
Department would have information on
you;
• Identify which component(s) of the
Department you believe may have the
information about you;
• Specify when you believe the
records would have been created;
• Provide any information that will
help the FOIA staff determine which
DHS component agency may have
responsive records; and
If your request is seeking records
pertaining to another living individual,
you must include a statement from that
individual certifying his/her agreement
for you to access his/her records.
Without this bulleted information the
component(s) may not be able to
conduct an effective search, and your
request may be denied due to lack of
specificity or lack of compliance with
applicable regulations.
RECORD ACCESS PROCEDURES:
See ‘‘Notification procedure’’ above.
CONTESTING RECORD PROCEDURES:
See ‘‘Notification procedure’’ above.
mstockstill on DSK4VPTVN1PROD with NOTICES
RECORD SOURCE CATEGORIES:
Records are obtained from individuals
who apply for and individuals who are
insured under the NFIP; WYO
companies; flood insurance agents and
lenders; individuals requesting NFIP
information; insurance appraisal
records, title reports, homeowner
reports, notations, and documents from
homeowner/condominium associations,
and NFIP flood maps. DHS/FEMA and
WYO companies use various Housing
and Urban Development (HUD) and
FEMA forms to collect information
within this system of records.
VerDate Mar<15>2010
17:17 May 16, 2014
Jkt 232001
EXEMPTIONS CLAIMED FOR THE SYSTEM:
None.
Dated: May 8, 2014
Karen L. Neuman,
Chief Privacy Officer, Department of
Homeland Security.
[FR Doc. 2014–11386 Filed 5–16–14; 8:45 am]
BILLING CODE 4410–10–P
DEPARTMENT OF HOMELAND
SECURITY
Office of the Secretary
[Docket No. DHS–2014–0013]
Privacy Act of 1974; Department of
Homeland Security National Protection
and Programs Directorate—002
Chemical Facility Anti-Terrorism
Standards Personnel Surety Program
System of Records
Department of Homeland
Security, Privacy Office.
ACTION: Notice of Privacy Act System of
Records.
AGENCY:
In accordance with the
Privacy Act of 1974, the Department of
Homeland Security proposes to update
and reissue a current Department of
Homeland Security system of records
titled, ‘‘Department of Homeland
Security/National Protection and
Programs Directorate—002 Chemical
Facility Anti-Terrorism Standards
Personnel Surety Program System of
Records.’’ This system of records allows
the Department of Homeland Security/
National Protection and Programs
Directorate to collect and maintain
records on individuals—facility
personnel and unescorted visitors—who
have or are seeking access to restricted
areas and critical assets at high-risk
chemical facilities and compare this
information to the Terrorist Screening
Database, the terrorist watchlist
maintained by the Federal Bureau of
Investigation’s Terrorist Screening
Center. As a result of a biennial review
of this system and changes to the
Chemical Facility Anti-Terrorism
Standards Personnel Surety Program,
the Department of Homeland Security/
National Protection and Programs
Directorate is updating this system of
records notice to include a new category
of record and routine use.
Administrative updates are being made
globally to better align the description of
the program with other CFATS
Personnel Surety Program
documentation. Additionally, the
Department of Homeland Security is
concurrently issuing a Final Rule to
exempt this system of records from
SUMMARY:
PO 00000
Frm 00082
Fmt 4703
Sfmt 4703
certain provisions of the Privacy Act,
elsewhere in the Federal Register. This
notice also includes non-substantive
changes to simplify the formatting and
text of the previously published notice.
This updated system will be included in
the Department of Homeland Security’s
inventory of record systems.
DATES: Submit comments on or before
June 18, 2014. This updated system will
be effective June 18, 2014.
ADDRESSES: You may submit comments,
identified by docket number DHS–
2014–0013 by one of the following
methods:
• Federal e-Rulemaking Portal:
https://www.regulations.gov. Follow the
instructions for submitting comments.
• Fax: 202–343–4010.
• Mail: Karen L. Neuman, Chief
Privacy Officer, Privacy Office,
Department of Homeland Security,
Washington, DC 20528.
Instructions: All submissions received
must include the agency name and
docket number for this rulemaking. All
comments received will be posted
without change to https://
www.regulations.gov, including any
personal information provided.
Docket: For access to the docket to
read background documents or
comments received, please visit https://
www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: For
general questions, please contact: Emily
Andrew, (703) 235–2182, Privacy
Officer, National Protection and
Programs Directorate, Department of
Homeland Security, Washington, DC
20528. For privacy questions, please
contact: Karen L. Neuman, (202) 343–
1717, Chief Privacy Officer, Privacy
Office, Department of Homeland
Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
I. Background
In accordance with the Privacy Act of
1974, 5 U.S.C. 552a, the Department of
Homeland Security (DHS) National
Protection and Programs Directorate
(NPPD) proposes to update and reissue
a current DHS system of records titled,
‘‘DHS/NPPD—002 Chemical Facility
Anti-Terrorism Standards Personnel
Surety Program System of Records.’’
On October 4, 2006, the President
signed the DHS Appropriations Act of
2007 (the Act), Public Law 109–295.
Section 550 of the Act (Section 550)
provides DHS with the authority to
regulate the security of high-risk
chemical facilities. DHS has
promulgated regulations implementing
Section 550, the Chemical Facility AntiTerrorism Standards (CFATS), 6 CFR
Part 27.
E:\FR\FM\19MYN1.SGM
19MYN1
mstockstill on DSK4VPTVN1PROD with NOTICES
Federal Register / Vol. 79, No. 96 / Monday, May 19, 2014 / Notices
Section 550 requires that DHS
establish Risk Based Performance
Standards (RBPS) as part of CFATS.
RBPS–12 (6 CFR 27.230(a)(12)(iv))
requires that regulated chemical
facilities implement ‘‘measures
designed to identify people with
terrorist ties.’’ The ability to identify
individuals with terrorist ties is an
inherently governmental function and
requires the use of information held in
government-maintained databases,
which are unavailable to high-risk
chemical facilities. Therefore, DHS is
implementing the CFATS Personnel
Surety Program, which will allow
chemical facilities to comply with
RBPS–12 by implementing ‘‘measures
designed to identify people with
terrorist ties.’’
The CFATS Personnel Surety Program
will work with the DHS Transportation
Security Administration (TSA) to
identify individuals who have terrorist
ties by vetting information submitted by
each high-risk chemical facility against
the Terrorist Screening Database
(TSDB). The TSDB is the Federal
Government’s consolidated and
integrated terrorist watchlist of known
and suspected terrorists, maintained by
the Department of Justice (DOJ) Federal
Bureau of Investigation’s (FBI) Terrorist
Screening Center (TSC). For more
information on the TSDB, see DOJ/FBI—
019 Terrorist Screening Records System,
72 FR 47073 (August 22, 2007).
High-risk chemical facilities or their
designees will submit the information
of: (1) Facility personnel who have or
who are seeking access, either
unescorted or otherwise, to restricted
areas or critical assets; and (2)
unescorted visitors who have or who are
seeking access to restricted areas or
critical assets. These persons, about
whom high-risk chemical facilities and
facilities’ designees will submit
information to DHS, are referred to in
this notice as ‘‘affected individuals.’’
Individual high-risk facilities may
classify particular contractors or
categories of contractors either as
‘‘facility personnel’’ or as ‘‘visitors.’’
This determination should be a facilityspecific determination, and should be
based on facility security, operational
requirements, and business practices.
With the publication of this updated
system of records, DHS is making the
following changes: (1) Category of
records has been updated to include
Trusted Traveler Program information
and information necessary to assist in
verifying status of enrollment in another
DHS program; and (2) routine use K has
been added. Under routine use K, DHS
may provide records to high-risk
chemical facilities, or their designees,
VerDate Mar<15>2010
17:17 May 16, 2014
Jkt 232001
for the purpose of ensuring that
information on all affected individuals
submitted by or on behalf of the facility
who have or are seeking access to
restricted areas or critical assets has
been appropriately submitted to DHS. A
high-risk chemical facility may have
access to information on the affected
individuals that were submitted by the
facility or on behalf of the facility.
Designees of high-risk chemical
facilities may only have access to
information on the affected individuals
that the designee submitted on behalf of
the facility. Routine use K is compatible
with the purposes for which the
information is collected because the
information will be used to ensure that
the appropriate affected individuals are
receiving the required terrorist ties
checks.
In addition, administrative updates
are being made globally to better align
the description of the program with
other CFATS Personnel Surety Program
documentation. This notice also
includes non-substantive changes to
simplify the formatting and text of the
previously published notice.
Under the CFATS Personnel Surety
Program, for each affected individual a
high-risk chemical facility, or its
designee, may use the following options
for submitting information to the
Department (in addition to other
options, not discussed in this systems of
records notice, that would not involve
submission of information to DHS):
Option 1—Direct vetting: High-risk
chemical facilities (or their designees)
may submit information to NPPD about
an affected individual to be compared
on a recurrent basis against identifying
information of known or suspected
terrorists, and/or
Option 2—Use of vetting conducted
under other DHS programs: High-risk
chemical facilities (or their designees)
may submit information to NPPD about
an affected individual’s enrollment in
the Transportation Worker
Identification Credential (TWIC)
Program, Hazardous Materials
Endorsement (HME) Program, or the
NEXUS, Secure Electronic Network for
Travelers Rapid Inspection (SENTRI),
Free and Secure Trade (FAST), and
Global Entry Trusted Traveler Programs.
Each of those programs conducts
recurrent vetting, which is equivalent to
the terrorist ties vetting conducted
under Option 1.
Information will be submitted to
DHS/NPPD through the Chemical
Security Assessment Tool (CSAT), the
online data collection portal for CFATS.
The high-risk chemical facility or its
designees will submit the information of
affected individuals to DHS through
PO 00000
Frm 00083
Fmt 4703
Sfmt 4703
28753
CSAT. The submitters of this
information (Submitters) for each highrisk chemical facility will also affirm, to
the best of their knowledge, that the
information is: (1) True, correct, and
complete; and (2) collected and
submitted in compliance with the
facility’s Site Security Plan (SSP) or
Alternative Security Program (ASP), as
authorized and/or approved in
accordance with 6 CFR 27.245. The
Submitter(s) of each high-risk chemical
facility will also affirm that, in
accordance with its Site Security Plans,
notice required by the Privacy Act of
1974, 5 U.S.C. 552a, has been given to
affected individuals before their
information is submitted to DHS.
DHS previously indicated in the June
14, 2011 Chemical Facility AntiTerrorism Standards Personnel Surety
Program System of Records that it
would issue a ‘‘verification of receipt’’
to the Submitter(s) of each high-risk
chemical facility when a high-risk
chemical facility: (1) Submits
information about an affected individual
for the first time; (2) submits additional,
updated, or corrected information about
an affected individual; or (3) notifies
DHS that an affected individual no
longer has or is seeking access to that
facility’s restricted areas or critical
assets. However, DHS now intends to
provide high-risk chemical facilities,
and their designees, the ability to create
an alert within the CSAT Personnel
Surety application that can notify them
when DHS has received information
about an affected individual(s) under
Option 1 or Option 2. Further, DHS will
also allow high-risk chemical facilities
the ability to view the status (e.g., that
some information about an affected
individual has been inputted into CSAT
but not yet submitted to DHS under
Option 1 or Option 2; or that
information about an affected individual
has been submitted) of records about
affected individuals associated with
their facility within the CSAT Personnel
Surety application. High-risk chemical
facilities may also have the ability to
download reports from CSAT. These
reports may include information
submitted about affected individuals
with access to that facility as well as
status of enrollment in other DHS
programs. High-risk chemical facilities
will be responsible for managing their
user roles and determining what access
each user may have within the CFATS
Personnel Surety application to ensure
that only the appropriate users have
access to the information about affected
individuals being submitted to DHS.
Upon receipt of each affected
individual’s information in CSAT using
Option 1—Direct vetting, DHS/NPPD
E:\FR\FM\19MYN1.SGM
19MYN1
mstockstill on DSK4VPTVN1PROD with NOTICES
28754
Federal Register / Vol. 79, No. 96 / Monday, May 19, 2014 / Notices
will send a copy of the information to
DHS/TSA. Within DHS/TSA, the Office
of Transportation Threat Assessment
and Credentialing (TTAC) conducts
vetting against the TSDB for several
DHS programs. DHS/TSA/TTAC will
compare the information of affected
individuals collected by DHS (via
CSAT) to information in the TSDB on a
recurrent basis. DHS/TSA/TTAC will
forward potential matches to the DOJ/
FBI/TSC, which will make a final
determination of whether an
individual’s information is identified as
a match to a record in the TSDB.
Upon receipt of each affected
individual’s information in CSAT using
Option 2—Use of vetting conducted
under other DHS programs, DHS/NPPD
will send information to DHS/TSA to
verify enrollment in the TWIC or HME
Program or to DHS/U.S. Customs and
Border Protection (CBP) to verify
enrollment in the Trusted Traveler
Program. If an affected individual’s
enrollment in one of these programs is
verified, NPPD will periodically reverify the affected individual’s
continued enrollment. If the affected
individual’s enrollment in one of these
programs is no longer verified, then
NPPD will notify the high-risk chemical
facility, or its designee. NPPD may
initiate vetting under Option 1, as
appropriate. The high-risk chemical
facility will be responsible for taking
action in accordance with its SSP or
ASP, which may include submitting
new or updated information on that
affected individual.
In certain instances, DHS/NPPD may
contact a high-risk chemical facility to
request additional information (e.g., visa
information) pertaining to particular
individuals in order to clarify suspected
data errors or resolve potential matches
(e.g., when an affected individual has a
common name). Such requests do not
imply, and should not be construed to
indicate that an individual’s
information has been confirmed as a
match to a TSDB record.
DHS/NPPD may also conduct data
accuracy reviews and audits as part of
the CFATS Personnel Surety Program.
High-risk chemical facilities may
propose to maintain different sorts of
records or information related to RBPS
12 as part of their SSP or ASP, and DHS
expects that the records or information
available could vary from one high-risk
chemical facility to another. The types
of information DHS may request from
high-risk chemical facilities as part of
data accuracy reviews or audits could
thus vary from facility to facility, based
on each facility’s standard business
practices and SSP or ASP. The records
requested may contain information
VerDate Mar<15>2010
17:17 May 16, 2014
Jkt 232001
pertaining to affected individuals that
was previously provided to DHS/NPPD
by the high-risk chemical facility.
Consistent with DHS’s informationsharing mission, information stored in
the DHS/NPPD—002 Chemical Facility
Anti-Terrorism Standards Personnel
Surety Program System of Records may
be shared with other DHS components
that have a need to know the
information to carry out their national
security, law enforcement, immigration,
intelligence, or other homeland security
functions. In addition, DHS/NPPD may
share information with appropriate
federal, state, local, tribal, territorial,
foreign, or international government
agencies consistent with the routine
uses set forth in this system of records
notice.
Additionally, DHS is concurrently
issuing a Final Rule to exempt this
system of records from certain
provisions of the Privacy Act elsewhere
in the Federal Register. This updated
system will be included in DHS’s
inventory of record systems.
II. Privacy Act
The Privacy Act embodies fair
information practice principles in a
statutory framework governing the
means by which federal government
agencies collect, maintain, use, and
disseminate individuals’ records. The
Privacy Act applies to information that
is maintained in a ‘‘system of records.’’
A ‘‘system of records’’ is a group of any
records under the control of an agency
from which information is retrieved by
the name of an individual or by some
identifying number, symbol, or other
identifying particular assigned to the
individual. In the Privacy Act, an
individual is defined to encompass U.S.
citizens and lawful permanent
residents. As a matter of policy, DHS
extends administrative Privacy Act
protections to all individuals when
systems of records maintain information
on U.S. citizens, lawful permanent
residents, and visitors.
Below is the description of the DHS/
NPPD—002 Chemical Facility AntiTerrorism Standards Personnel Surety
Program System of Records.
In accordance with 5 U.S.C. 552a(r),
DHS has provided a report of this
system of records to the Office of
Management and Budget and to
Congress.
System of Records
Department of Homeland Security
(DHS)/National Protection and Programs
Directorate (NPPD)—002.
PO 00000
Frm 00084
Fmt 4703
Sfmt 4703
SYSTEM NAME:
DHS/NPPD—002 Chemical Facility
Anti-Terrorism Standards Personnel
Surety Program
SECURITY CLASSIFICATION:
Unclassified, Sensitive, For Official
Use Only, Law Enforcement-Sensitive,
and Classified.
SYSTEM LOCATION:
Records are maintained at the DHS
and NPPD Headquarters in Washington,
DC and field offices.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
(1) High-risk chemical facility
personnel and unescorted visitors who
have or are seeking access to restricted
areas or critical assets at high-risk
chemical facilities (see 6 CFR
27.230(a)(12)), referred to in this notice
as ‘‘affected individuals’’;
(2) High-risk chemical facility
personnel or designees who contact
DHS/NPPD or a federal law enforcement
entity with follow-up questions
regarding submission of an individual’s
information to DHS/NPPD;
(3) Individuals listed in the TSDB
against whom potential or confirmed
matches have been made; and
(4) Individuals who have been or seek
to be distinguished from individuals
listed in the TSDB through redress or
other means as a result of the Personnel
Surety Program.
CATEGORIES OF RECORDS IN THE SYSTEM:
(1) High-risk chemical facilities are
required to submit the following
information on all facility personnel and
unescorted visitors who have or are
seeking access to restricted areas or
critical assets:
a. U.S. Citizens and Lawful
Permanent Residents
i. Full name;
ii. Date of birth; and
iii. Citizenship or Gender.
b. Non-U.S. persons
i. Full name;
ii. Date of birth;
iii. Citizenship; and
iv. Passport information and/or alien
registration number.
(2) To reduce the likelihood of false
positives in matching against the TSDB,
high-risk chemical facilities may also
(optionally) submit the following
information on facility personnel and
unescorted visitors who have or are
seeking access to restricted areas or
critical assets:
a. Aliases;
b. Gender (for Non-U.S. persons);
c. Place of birth; and
d. Redress Number.
E:\FR\FM\19MYN1.SGM
19MYN1
mstockstill on DSK4VPTVN1PROD with NOTICES
Federal Register / Vol. 79, No. 96 / Monday, May 19, 2014 / Notices
(3) High-risk chemical facilities may
submit different information on
individuals who maintain DHS
screening program credentials or
endorsements that require TSDB checks
equivalent to the checks to be performed
as part of the CFATS Personnel Surety
Program. Instead of submitting the
information listed in category (1), above,
high risk chemical facilities may submit
the following information for such
individuals:
a. Full name;
b. Date of birth;
c. Name of the DHS program that
conducts equivalent vetting against the
TSDB, such as the Transportation
Worker Identification Credential (TWIC)
Program, the Hazardous Materials
Endorsement (HME) Program, or
Trusted Traveler Program;
d. Unique number, or other program
specific verifying information associated
with a DHS screening program,
necessary to verify an individual’s
enrollment, such as TWIC Serial
Number for the TWIC Program,
Commercial Driver’s License (CDL)
Number and CDL issuing state(s) for the
HME Program, or PASS ID Number for
the Trusted Traveler Program; and
e. Expiration date of the credential
endorsed or issued by the DHS
screening program.
This alternative is optional—high-risk
chemical facilities may either submit
the information listed in category (1) for
such individuals, or may submit the
information listed in category (3) for
such individuals.
(4) When high-risk chemical facilities
choose to submit the information listed
in category (3), above, they may also
(optionally) submit the following
information on facility personnel and
unescorted visitors who have or are
seeking access to restricted areas or
critical assets:
a. Aliases;
b. Place of Birth;
c. Gender;
d. Citizenship; and
e. Redress Number.
(5) DHS could collect additional
identifying information from a high-risk
chemical facility as necessary to confirm
or clear a potential match to a TSDB
record. Information collected by highrisk chemical facilities and submitted to
DHS for this purpose could include any
information listed in categories (1)
through (4), passport information, visa
information, driver’s license
information, or other available
identifying particulars, used to compare
the identity of an individual being
screened with information listed in the
TSDB;
VerDate Mar<15>2010
17:17 May 16, 2014
Jkt 232001
(6) In the event that a confirmed
match is identified as part of the CFATS
Personnel Surety Program, in addition
to other records listed under the
categories of records section of this
SORN, DHS will obtain references to or
information from other government law
enforcement and intelligence databases,
as well as other relevant databases that
may contain terrorism information;
(7) Information necessary to assist in
tracking submissions and transmission
of records or verifying status of
enrollment in another DHS program,
including electronic verification that
DHS has received a particular record;
and
(8) Information provided by
individuals covered by this system in
support of any redress request,
including DHS Redress Numbers and/or
any of the above categories of records.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
DHS Appropriations Act of 2007,
Section 550, Public Law 109–295, 120
Stat. 1355 (October 4, 2006), as
amended; and the Chemical Facility
Anti-Terrorism Standards, 6 CFR Part
27.
PURPOSE(S):
The purpose of this system is to
identify persons listed in the TSDB who
have or are seeking access to restricted
areas or critical assets at high-risk
chemical facilities.
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:
In addition to those disclosures
generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a
portion of the records or information
contained in this system may be
disclosed outside DHS as a routine use
pursuant to 5 U.S.C. 552a(b)(3) as
follows:
A. To the Department of Justice (DOJ),
including Offices of the U.S. Attorneys,
or other federal agencies conducting
litigation or in proceedings before any
court, adjudicative, or administrative
body, when it is relevant or necessary to
the litigation and one of the following
is a party to the litigation or has an
interest in such litigation:
1. DHS or any component thereof;
2. Any employee or former employee
of DHS in his/her official capacity;
3. Any employee or former employee
of DHS in his/her individual capacity
when DOJ or DHS has agreed to
represent the employee; or
4. The U.S. or any agency thereof.
B. To a congressional office from the
record of an individual in response to
an inquiry from that congressional office
PO 00000
Frm 00085
Fmt 4703
Sfmt 4703
28755
made at the request of the individual to
whom the record pertains.
C. To the National Archives and
Records Administration (NARA) or
General Services Administration
pursuant to records management
inspections being conducted under the
authority of 44 U.S.C. 2904 and 2906.
D. To an agency or organization for
the purpose of performing audit or
oversight operations as authorized by
law, but only such information as is
necessary and relevant to such audit or
oversight function.
E. To appropriate agencies, entities,
and persons when:
1. DHS suspects or has confirmed that
the security or confidentiality of
information in the system of records has
been compromised;
2. DHS has determined that as a result
of the suspected or confirmed
compromise, there is a risk of identity
theft or fraud, harm to economic or
property interests, harm to an
individual, or harm to the security or
integrity of this system or other systems
or programs (whether maintained by
DHS or another agency or entity) that
rely upon the compromised
information; and
3. The disclosure made to such
agencies, entities, and persons is
reasonably necessary to assist in
connection with DHS’s efforts to
respond to the suspected or confirmed
compromise and prevent, minimize, or
remedy such harm.
F. To contractors and their agents,
grantees, experts, consultants, and
others performing or working on a
contract, service, grant, cooperative
agreement, or other assignment for DHS,
when necessary to accomplish an
agency function related to this system of
records. Individuals provided
information under this routine use are
subject to the same Privacy Act
requirements and limitations on
disclosure as are applicable to DHS
officers and employees.
G. To an appropriate federal, state,
tribal, local, international, or foreign law
enforcement agency or other appropriate
authority charged with investigating or
prosecuting a violation or enforcing or
implementing a law, rule, regulation, or
order, when a record, either on its face
or in conjunction with other
information, indicates a violation or
potential violation of law, which
includes criminal, civil, or regulatory
violations and such disclosure is proper
and consistent with the official duties of
the person making the disclosure.
H. To federal, state, local, tribal,
territorial, foreign, multinational, or
private sector entities as appropriate to
assist in coordination of terrorist threat
E:\FR\FM\19MYN1.SGM
19MYN1
28756
Federal Register / Vol. 79, No. 96 / Monday, May 19, 2014 / Notices
awareness, assessment, analysis, or
response.
I. To an appropriate federal, state,
tribal, local, international, or foreign
agency or other appropriate authority
regarding individuals who pose, or are
suspected of posing a risk to national
security.
J. To an appropriate federal, state,
tribal, local, international, foreign
agency, other appropriate governmental
entities or authority to:
1. Determine whether an individual is
a positive identity match to an identity
in the TSDB;
2. Facilitate operational, law
enforcement, or intelligence responses,
if appropriate, when vetted individuals’
identities match identities contained in
the TSDB;
3. Provide information and analysis
about terrorist encounters and known or
suspected terrorists to appropriate
domestic and foreign government
agencies and officials for
counterterrorism purposes; or
4. Perform technical implementation
functions necessary for the CFATS
Personnel Surety Program.
K. To high-risk chemical facilities, or
their designees, for the purpose of
ensuring that information on all affected
individuals submitted by or on behalf of
the facility who have or are seeking
access to restricted areas or critical
assets at a high-risk chemical facility
has been appropriately submitted to the
Department.
L. To the news media and the public,
with the approval of the Chief Privacy
Officer in consultation with counsel,
when there exists a legitimate public
interest in the disclosure of the
information, when disclosure is
necessary to preserve confidence in the
integrity of DHS, or when disclosure is
necessary to demonstrate the
accountability of DHS’s officers,
employees, or individuals covered by
the system, except to the extent the
Chief Privacy Officer determines that
release of the specific information in the
context of a particular case would
constitute an unwarranted invasion of
personal privacy.
DISCLOSURE TO CONSUMER REPORTING
AGENCIES:
mstockstill on DSK4VPTVN1PROD with NOTICES
None.
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
DHS/NPPD stores records in this
system electronically or on paper in
secure facilities in a locked drawer
behind a locked door. The records may
be stored on magnetic disc, tape, digital
media.
VerDate Mar<15>2010
17:17 May 16, 2014
Jkt 232001
RETRIEVABILITY:
Records may be retrieved by searching
any of the categories of records listed
above. Records may also be retrievable
by relevant chemical facility name,
chemical facility location, chemical
facility contact information, and by
other facility-specific data points.
SAFEGUARDS:
DHS/NPPD safeguards records in this
system according to applicable rules
and policies, including all applicable
DHS automated systems security and
access policies. NPPD has imposed
strict controls to minimize the risk of
compromising the information that is
being stored. Access to the computer
system containing the records in this
system is limited to those individuals
who have a need to know the
information for the performance of their
official duties and who have appropriate
clearances or permissions.
RETENTION AND DISPOSAL:
A proposed schedule for the retention
and disposal of records collected under
the DHS/NPPD—002 Chemical Facility
Anti-Terrorism Standards Personnel
Surety Program System of Records is
being developed by the DHS and NPPD
Offices of Records Management for
approval by NARA.
The length of time DHS/NPPD will
retain information on individuals will
depend on individual TSDB vetting
results. Specifically, individuals’
information will be retained as
described below, based on the
individuals’ placements into three
categories:
(1) Information pertaining to an
individual who is not a potential or
confirmed match to a TSDB record will
be retained for one year after a high-risk
chemical facility has notified NPPD that
the individual no longer has or is
seeking access to the restricted areas or
critical assets of the facility;
(2) Information pertaining to an
individual who may originally have
appeared to be a match a TSDB record,
but who was subsequently determined
not to be a match, will be retained for
seven years after completion of TSDB
matching, or one year after the high-risk
chemical facility that submitted that
individual’s information has notified
DHS/NPPD that the individual no
longer has or is seeking access to the
restricted areas or critical assets of the
facility, whichever is later; and
(3) Information pertaining to an
individual who is a positive match to a
TSDB record will be retained for ninetynine years after completion of matching
activity, or seven years after DHS/NPPD
PO 00000
Frm 00086
Fmt 4703
Sfmt 4703
learns that the individual is deceased,
whichever is earlier.
DHS/TSA/TTAC will maintain
records within its possession in
accordance with the DHS/TSA–002—
Transportation Security Threat
Assessment System of Records, 75 FR
28046 (May 19, 2010). DHS/CBP will
maintain records in its possession in
accordance with the DHS/CBP–002—
Global Enrollment System of Records,
71 FR 20708 (April 21, 2006).
DHS/NPPD will also retain records to
conduct inspections or audits under 6
CFR 27.245 and 6 CFR 27.250 to ensure
that high-risk chemical facilities are in
compliance with CFATS. These records
could include the names of individuals
with access to high-risk chemical
facilities’ restricted areas and critical
assets, the periods of time during which
high-risk chemical facilities indicate
that such individuals have/had access,
and any other information listed
elsewhere in this notice, as appropriate.
The retention periods for these
records provide reasonable amounts of
time for law enforcement, intelligence,
or redress matters involving individuals
who have or are seeking access to
restricted areas or critical assets at highrisk chemical facilities.
SYSTEM MANAGER AND ADDRESS:
CFATS Personnel Surety Program
Manager, 250 Murray Lane SW., Mail
Stop 0610, Washington, DC 20528.
NOTIFICATION PROCEDURE:
The Secretary of Homeland Security
has exempted this system from the
notification, access, and amendment
procedures of the Privacy Act. However,
DHS/NPPD will consider individual
requests to determine whether or not
information may be released. Thus,
individuals seeking notification of and
access to any record contained in this
system of records, or seeking to contest
its content, may submit a request in
writing to the Chief Privacy Officer and
DHS or NPPD FOIA Officer, whose
contact information can be found at
https://www.dhs.gov/foia under
‘‘Contacts.’’ If an individual believes
more than one component maintains
Privacy Act records concerning him or
her, the individual may submit the
request to the Chief Privacy Officer and
Chief Freedom of Information Act
Officer, Department of Homeland
Security, 245 Murray Drive SW.,
Building 410, Mail Stop 0655,
Washington, DC 20528.
When seeking records about yourself
from this system of records or any other
Departmental system of records, your
request must conform with the Privacy
Act regulations set forth in 6 CFR Part
E:\FR\FM\19MYN1.SGM
19MYN1
Federal Register / Vol. 79, No. 96 / Monday, May 19, 2014 / Notices
5. You must first verify your identity,
meaning that you must provide your full
name, current address, and date and
place of birth. You must sign your
request, and your signature must either
be notarized or submitted under 28
U.S.C. § 1746, a law that permits
statements to be made under penalty of
perjury as a substitute for notarization.
While no specific form is required, you
may obtain forms for this purpose from
the Chief Privacy Officer and Chief
Freedom of Information Act Officer,
https://www.dhs.gov/foia or 1–866–431–
0486. In addition, you should:
• Explain why you believe the
Department would have information on
you;
• Identify which component(s) of the
Department you believe may have the
information about you;
• Specify when you believe the
records would have been created; and
• Provide any other information that
will help the FOIA staff determine
which DHS component agency may
have responsive records;
If your request is seeking records
pertaining to another living individual,
you must include a statement from that
individual certifying his/her agreement
for you to access his/her records.
Without the above information, the
component(s) may not be able to
conduct an effective search, and your
request may be denied due to lack of
specificity or lack of compliance with
applicable regulations.
RECORD ACCESS PROCEDURES:
See ‘‘Notification procedure’’ above.
CONTESTING RECORD PROCEDURES:
See ‘‘Notification procedure’’ above.
mstockstill on DSK4VPTVN1PROD with NOTICES
RECORD SOURCE CATEGORIES:
NPPD obtains records from high-risk
chemical facilities and their designees.
High-risk chemical facilities must
provide notice to each affected
individual prior to submission of the
affected individual’s information to
DHS/NPPD. This will include notice
that additional information may be
requested after the initial submission.
NPPD may also obtain information from
other DHS programs when DHS verifies
enrollment of an affected individual in
another vetting or credentialing
program. Information may also be
obtained from the DOJ/FBI—019
Terrorist Screening Records System, 72
FR 47073 (August 22, 2007), or from
other FBI sources.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
The Secretary of Homeland Security,
pursuant to 5 U.S.C. 552a(k)(1) and
(k)(2), has exempted this system from
VerDate Mar<15>2010
19:11 May 16, 2014
Jkt 232001
the following provisions of the Privacy
Act, 5 U.S.C. 552a(c)(3); (d); (e)(1);
(e)(4)(G), (e)(4)(H), (e)(4)(I); and (f).
When this system receives a record
from another system exempted in that
source system under 5 U.S.C. 552a(j) or
(k), DHS will claim the same
exemptions for those records that are
claimed for the original primary systems
of records from which they originated
and claims any additional exemptions
set forth here. For more information on
the FBI’s Terrorist Screening Records
System, see DOJ/FBI—019 Terrorist
Screening Records System, 72 FR 47073
(August 22, 2007).
DHS does not claim any exemptions
for the information high-risk chemical
facilities or their designees submit to
DHS as part of this system of records.
Dated: May 1, 2014.
Karen L. Neuman,
Chief Privacy Officer, Department of
Homeland Security.
[FR Doc. 2014–11431 Filed 5–16–14; 8:45 am]
BILLING CODE 9110–9P–P
DEPARTMENT OF HOMELAND
SECURITY
U.S. Citizenship and Immigration
Services
[OMB Control Number 1615–0105]
Agency Information Collection
Activities: Notice of Entry of
Appearance as Attorney or Accredited
Representative; Notice of Entry of
Appearance as Attorney In Matters
Outside the Geographical Confines of
the United States, Form G–28; G–28I;
Revision of a Currently Approved
Collection.
ACTION:
60-Day notice.
The Department of Homeland
Security (DHS), U.S. Citizenship and
Immigration Services (USCIS) invites
the general public and other Federal
agencies to comment upon this
proposed revision of a currently
approved collection of information. In
accordance with the Paperwork
Reduction Act (PRA) of 1995, the
information collection notice is
published in the Federal Register to
obtain comments regarding the nature of
the information collection, the
categories of respondents, the estimated
burden (i.e., the time, effort, and
resources used by the respondents to
respond), the estimated cost to the
respondent, and the actual information
collection instruments.
USCIS is also soliciting comments
regarding additional features proposed
for incorporation into form G–28. The
SUMMARY:
PO 00000
Frm 00087
Fmt 4703
Sfmt 4703
28757
new features clarify USCIS notification
practices relating to represented parties.
Specifically, USCIS is revising the G–28
to provide that, for represented parties
DHS will send all original notices and
documents regarding any application or
petition filed with DHS to the
applicants and petitioners directly with
a courtesy copy sent to the attorney of
record or accredited representative.
However, on the form the applicant or
petitioner may instruct USCIS to (a)
send any notice regarding an
application or petition that he or she has
filed with DHS to the business address
of their attorney of record or accredited
representative as listed in the form, or;
(b) send any secure identity document,
such as a Permanent Resident Card or
Employment Authorization Document,
that he or she is approved, for to the
official business address of his or her
attorney of record or accredited
representative. The proposed new forms
are available for review in the docket.
DATES: Comments are encouraged and
will be accepted for 60 days until July
18, 2014.
ADDRESSES: All submissions received
must include the OMB Control Number
1615–0105 in the subject box, the
agency name and Docket ID USCIS–
2008–0037. To avoid duplicate
submissions, please use only one of the
following methods to submit comments:
(1) Online. Submit comments via the
Federal eRulemaking Portal Web site at
www.regulations.gov under e-Docket ID
number USCIS–2008–0037;
(2) Email. Submit comments to
USCISFRComment@uscis.dhs.gov;
(3) Mail. Submit written comments to
DHS, USCIS, Office of Policy and
Strategy, Chief, Regulatory Coordination
Division, 20 Massachusetts Avenue
NW., Washington, DC 20529–2140.
SUPPLEMENTARY INFORMATION:
Comments
Regardless of the method used for
submitting comments or material, all
submissions will be posted, without
change, to the Federal eRulemaking
Portal at https://www.regulations.gov,
and will include any personal
information you provide. Therefore,
submitting this information makes it
public. You may wish to consider
limiting the amount of personal
information that you provide in any
voluntary submission you make to DHS.
DHS may withhold information
provided in comments from public
viewing that it determines may impact
the privacy of an individual or is
offensive. For additional information,
please read the Privacy Act notice that
E:\FR\FM\19MYN1.SGM
19MYN1
Agencies
[Federal Register Volume 79, Number 96 (Monday, May 19, 2014)]
[Notices]
[Pages 28752-28757]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-11431]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
[Docket No. DHS-2014-0013]
Privacy Act of 1974; Department of Homeland Security National
Protection and Programs Directorate--002 Chemical Facility Anti-
Terrorism Standards Personnel Surety Program System of Records
AGENCY: Department of Homeland Security, Privacy Office.
ACTION: Notice of Privacy Act System of Records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act of 1974, the Department of
Homeland Security proposes to update and reissue a current Department
of Homeland Security system of records titled, ``Department of Homeland
Security/National Protection and Programs Directorate--002 Chemical
Facility Anti-Terrorism Standards Personnel Surety Program System of
Records.'' This system of records allows the Department of Homeland
Security/National Protection and Programs Directorate to collect and
maintain records on individuals--facility personnel and unescorted
visitors--who have or are seeking access to restricted areas and
critical assets at high-risk chemical facilities and compare this
information to the Terrorist Screening Database, the terrorist
watchlist maintained by the Federal Bureau of Investigation's Terrorist
Screening Center. As a result of a biennial review of this system and
changes to the Chemical Facility Anti-Terrorism Standards Personnel
Surety Program, the Department of Homeland Security/National Protection
and Programs Directorate is updating this system of records notice to
include a new category of record and routine use. Administrative
updates are being made globally to better align the description of the
program with other CFATS Personnel Surety Program documentation.
Additionally, the Department of Homeland Security is concurrently
issuing a Final Rule to exempt this system of records from certain
provisions of the Privacy Act, elsewhere in the Federal Register. This
notice also includes non-substantive changes to simplify the formatting
and text of the previously published notice. This updated system will
be included in the Department of Homeland Security's inventory of
record systems.
DATES: Submit comments on or before June 18, 2014. This updated system
will be effective June 18, 2014.
ADDRESSES: You may submit comments, identified by docket number DHS-
2014-0013 by one of the following methods:
Federal e-Rulemaking Portal: https://www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 202-343-4010.
Mail: Karen L. Neuman, Chief Privacy Officer, Privacy
Office, Department of Homeland Security, Washington, DC 20528.
Instructions: All submissions received must include the agency name
and docket number for this rulemaking. All comments received will be
posted without change to https://www.regulations.gov, including any
personal information provided.
Docket: For access to the docket to read background documents or
comments received, please visit https://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: For general questions, please contact:
Emily Andrew, (703) 235-2182, Privacy Officer, National Protection and
Programs Directorate, Department of Homeland Security, Washington, DC
20528. For privacy questions, please contact: Karen L. Neuman, (202)
343-1717, Chief Privacy Officer, Privacy Office, Department of Homeland
Security, Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
I. Background
In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the
Department of Homeland Security (DHS) National Protection and Programs
Directorate (NPPD) proposes to update and reissue a current DHS system
of records titled, ``DHS/NPPD--002 Chemical Facility Anti-Terrorism
Standards Personnel Surety Program System of Records.''
On October 4, 2006, the President signed the DHS Appropriations Act
of 2007 (the Act), Public Law 109-295. Section 550 of the Act (Section
550) provides DHS with the authority to regulate the security of high-
risk chemical facilities. DHS has promulgated regulations implementing
Section 550, the Chemical Facility Anti-Terrorism Standards (CFATS), 6
CFR Part 27.
[[Page 28753]]
Section 550 requires that DHS establish Risk Based Performance
Standards (RBPS) as part of CFATS. RBPS-12 (6 CFR 27.230(a)(12)(iv))
requires that regulated chemical facilities implement ``measures
designed to identify people with terrorist ties.'' The ability to
identify individuals with terrorist ties is an inherently governmental
function and requires the use of information held in government-
maintained databases, which are unavailable to high-risk chemical
facilities. Therefore, DHS is implementing the CFATS Personnel Surety
Program, which will allow chemical facilities to comply with RBPS-12 by
implementing ``measures designed to identify people with terrorist
ties.''
The CFATS Personnel Surety Program will work with the DHS
Transportation Security Administration (TSA) to identify individuals
who have terrorist ties by vetting information submitted by each high-
risk chemical facility against the Terrorist Screening Database (TSDB).
The TSDB is the Federal Government's consolidated and integrated
terrorist watchlist of known and suspected terrorists, maintained by
the Department of Justice (DOJ) Federal Bureau of Investigation's (FBI)
Terrorist Screening Center (TSC). For more information on the TSDB, see
DOJ/FBI--019 Terrorist Screening Records System, 72 FR 47073 (August
22, 2007).
High-risk chemical facilities or their designees will submit the
information of: (1) Facility personnel who have or who are seeking
access, either unescorted or otherwise, to restricted areas or critical
assets; and (2) unescorted visitors who have or who are seeking access
to restricted areas or critical assets. These persons, about whom high-
risk chemical facilities and facilities' designees will submit
information to DHS, are referred to in this notice as ``affected
individuals.'' Individual high-risk facilities may classify particular
contractors or categories of contractors either as ``facility
personnel'' or as ``visitors.'' This determination should be a
facility-specific determination, and should be based on facility
security, operational requirements, and business practices.
With the publication of this updated system of records, DHS is
making the following changes: (1) Category of records has been updated
to include Trusted Traveler Program information and information
necessary to assist in verifying status of enrollment in another DHS
program; and (2) routine use K has been added. Under routine use K, DHS
may provide records to high-risk chemical facilities, or their
designees, for the purpose of ensuring that information on all affected
individuals submitted by or on behalf of the facility who have or are
seeking access to restricted areas or critical assets has been
appropriately submitted to DHS. A high-risk chemical facility may have
access to information on the affected individuals that were submitted
by the facility or on behalf of the facility. Designees of high-risk
chemical facilities may only have access to information on the affected
individuals that the designee submitted on behalf of the facility.
Routine use K is compatible with the purposes for which the information
is collected because the information will be used to ensure that the
appropriate affected individuals are receiving the required terrorist
ties checks.
In addition, administrative updates are being made globally to
better align the description of the program with other CFATS Personnel
Surety Program documentation. This notice also includes non-substantive
changes to simplify the formatting and text of the previously published
notice.
Under the CFATS Personnel Surety Program, for each affected
individual a high-risk chemical facility, or its designee, may use the
following options for submitting information to the Department (in
addition to other options, not discussed in this systems of records
notice, that would not involve submission of information to DHS):
Option 1--Direct vetting: High-risk chemical facilities (or their
designees) may submit information to NPPD about an affected individual
to be compared on a recurrent basis against identifying information of
known or suspected terrorists, and/or
Option 2--Use of vetting conducted under other DHS programs: High-
risk chemical facilities (or their designees) may submit information to
NPPD about an affected individual's enrollment in the Transportation
Worker Identification Credential (TWIC) Program, Hazardous Materials
Endorsement (HME) Program, or the NEXUS, Secure Electronic Network for
Travelers Rapid Inspection (SENTRI), Free and Secure Trade (FAST), and
Global Entry Trusted Traveler Programs. Each of those programs conducts
recurrent vetting, which is equivalent to the terrorist ties vetting
conducted under Option 1.
Information will be submitted to DHS/NPPD through the Chemical
Security Assessment Tool (CSAT), the online data collection portal for
CFATS. The high-risk chemical facility or its designees will submit the
information of affected individuals to DHS through CSAT. The submitters
of this information (Submitters) for each high-risk chemical facility
will also affirm, to the best of their knowledge, that the information
is: (1) True, correct, and complete; and (2) collected and submitted in
compliance with the facility's Site Security Plan (SSP) or Alternative
Security Program (ASP), as authorized and/or approved in accordance
with 6 CFR 27.245. The Submitter(s) of each high-risk chemical facility
will also affirm that, in accordance with its Site Security Plans,
notice required by the Privacy Act of 1974, 5 U.S.C. 552a, has been
given to affected individuals before their information is submitted to
DHS.
DHS previously indicated in the June 14, 2011 Chemical Facility
Anti-Terrorism Standards Personnel Surety Program System of Records
that it would issue a ``verification of receipt'' to the Submitter(s)
of each high-risk chemical facility when a high-risk chemical facility:
(1) Submits information about an affected individual for the first
time; (2) submits additional, updated, or corrected information about
an affected individual; or (3) notifies DHS that an affected individual
no longer has or is seeking access to that facility's restricted areas
or critical assets. However, DHS now intends to provide high-risk
chemical facilities, and their designees, the ability to create an
alert within the CSAT Personnel Surety application that can notify them
when DHS has received information about an affected individual(s) under
Option 1 or Option 2. Further, DHS will also allow high-risk chemical
facilities the ability to view the status (e.g., that some information
about an affected individual has been inputted into CSAT but not yet
submitted to DHS under Option 1 or Option 2; or that information about
an affected individual has been submitted) of records about affected
individuals associated with their facility within the CSAT Personnel
Surety application. High-risk chemical facilities may also have the
ability to download reports from CSAT. These reports may include
information submitted about affected individuals with access to that
facility as well as status of enrollment in other DHS programs. High-
risk chemical facilities will be responsible for managing their user
roles and determining what access each user may have within the CFATS
Personnel Surety application to ensure that only the appropriate users
have access to the information about affected individuals being
submitted to DHS.
Upon receipt of each affected individual's information in CSAT
using Option 1--Direct vetting, DHS/NPPD
[[Page 28754]]
will send a copy of the information to DHS/TSA. Within DHS/TSA, the
Office of Transportation Threat Assessment and Credentialing (TTAC)
conducts vetting against the TSDB for several DHS programs. DHS/TSA/
TTAC will compare the information of affected individuals collected by
DHS (via CSAT) to information in the TSDB on a recurrent basis. DHS/
TSA/TTAC will forward potential matches to the DOJ/FBI/TSC, which will
make a final determination of whether an individual's information is
identified as a match to a record in the TSDB.
Upon receipt of each affected individual's information in CSAT
using Option 2--Use of vetting conducted under other DHS programs, DHS/
NPPD will send information to DHS/TSA to verify enrollment in the TWIC
or HME Program or to DHS/U.S. Customs and Border Protection (CBP) to
verify enrollment in the Trusted Traveler Program. If an affected
individual's enrollment in one of these programs is verified, NPPD will
periodically re-verify the affected individual's continued enrollment.
If the affected individual's enrollment in one of these programs is no
longer verified, then NPPD will notify the high-risk chemical facility,
or its designee. NPPD may initiate vetting under Option 1, as
appropriate. The high-risk chemical facility will be responsible for
taking action in accordance with its SSP or ASP, which may include
submitting new or updated information on that affected individual.
In certain instances, DHS/NPPD may contact a high-risk chemical
facility to request additional information (e.g., visa information)
pertaining to particular individuals in order to clarify suspected data
errors or resolve potential matches (e.g., when an affected individual
has a common name). Such requests do not imply, and should not be
construed to indicate that an individual's information has been
confirmed as a match to a TSDB record.
DHS/NPPD may also conduct data accuracy reviews and audits as part
of the CFATS Personnel Surety Program. High-risk chemical facilities
may propose to maintain different sorts of records or information
related to RBPS 12 as part of their SSP or ASP, and DHS expects that
the records or information available could vary from one high-risk
chemical facility to another. The types of information DHS may request
from high-risk chemical facilities as part of data accuracy reviews or
audits could thus vary from facility to facility, based on each
facility's standard business practices and SSP or ASP. The records
requested may contain information pertaining to affected individuals
that was previously provided to DHS/NPPD by the high-risk chemical
facility.
Consistent with DHS's information-sharing mission, information
stored in the DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards
Personnel Surety Program System of Records may be shared with other DHS
components that have a need to know the information to carry out their
national security, law enforcement, immigration, intelligence, or other
homeland security functions. In addition, DHS/NPPD may share
information with appropriate federal, state, local, tribal,
territorial, foreign, or international government agencies consistent
with the routine uses set forth in this system of records notice.
Additionally, DHS is concurrently issuing a Final Rule to exempt
this system of records from certain provisions of the Privacy Act
elsewhere in the Federal Register. This updated system will be included
in DHS's inventory of record systems.
II. Privacy Act
The Privacy Act embodies fair information practice principles in a
statutory framework governing the means by which federal government
agencies collect, maintain, use, and disseminate individuals' records.
The Privacy Act applies to information that is maintained in a ``system
of records.'' A ``system of records'' is a group of any records under
the control of an agency from which information is retrieved by the
name of an individual or by some identifying number, symbol, or other
identifying particular assigned to the individual. In the Privacy Act,
an individual is defined to encompass U.S. citizens and lawful
permanent residents. As a matter of policy, DHS extends administrative
Privacy Act protections to all individuals when systems of records
maintain information on U.S. citizens, lawful permanent residents, and
visitors.
Below is the description of the DHS/NPPD--002 Chemical Facility
Anti-Terrorism Standards Personnel Surety Program System of Records.
In accordance with 5 U.S.C. 552a(r), DHS has provided a report of
this system of records to the Office of Management and Budget and to
Congress.
System of Records
Department of Homeland Security (DHS)/National Protection and
Programs Directorate (NPPD)--002.
System name:
DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards Personnel
Surety Program
Security classification:
Unclassified, Sensitive, For Official Use Only, Law Enforcement-
Sensitive, and Classified.
System location:
Records are maintained at the DHS and NPPD Headquarters in
Washington, DC and field offices.
Categories of individuals covered by the system:
(1) High-risk chemical facility personnel and unescorted visitors
who have or are seeking access to restricted areas or critical assets
at high-risk chemical facilities (see 6 CFR 27.230(a)(12)), referred to
in this notice as ``affected individuals'';
(2) High-risk chemical facility personnel or designees who contact
DHS/NPPD or a federal law enforcement entity with follow-up questions
regarding submission of an individual's information to DHS/NPPD;
(3) Individuals listed in the TSDB against whom potential or
confirmed matches have been made; and
(4) Individuals who have been or seek to be distinguished from
individuals listed in the TSDB through redress or other means as a
result of the Personnel Surety Program.
Categories of records in the system:
(1) High-risk chemical facilities are required to submit the
following information on all facility personnel and unescorted visitors
who have or are seeking access to restricted areas or critical assets:
a. U.S. Citizens and Lawful Permanent Residents
i. Full name;
ii. Date of birth; and
iii. Citizenship or Gender.
b. Non-U.S. persons
i. Full name;
ii. Date of birth;
iii. Citizenship; and
iv. Passport information and/or alien registration number.
(2) To reduce the likelihood of false positives in matching against
the TSDB, high-risk chemical facilities may also (optionally) submit
the following information on facility personnel and unescorted visitors
who have or are seeking access to restricted areas or critical assets:
a. Aliases;
b. Gender (for Non-U.S. persons);
c. Place of birth; and
d. Redress Number.
[[Page 28755]]
(3) High-risk chemical facilities may submit different information
on individuals who maintain DHS screening program credentials or
endorsements that require TSDB checks equivalent to the checks to be
performed as part of the CFATS Personnel Surety Program. Instead of
submitting the information listed in category (1), above, high risk
chemical facilities may submit the following information for such
individuals:
a. Full name;
b. Date of birth;
c. Name of the DHS program that conducts equivalent vetting against
the TSDB, such as the Transportation Worker Identification Credential
(TWIC) Program, the Hazardous Materials Endorsement (HME) Program, or
Trusted Traveler Program;
d. Unique number, or other program specific verifying information
associated with a DHS screening program, necessary to verify an
individual's enrollment, such as TWIC Serial Number for the TWIC
Program, Commercial Driver's License (CDL) Number and CDL issuing
state(s) for the HME Program, or PASS ID Number for the Trusted
Traveler Program; and
e. Expiration date of the credential endorsed or issued by the DHS
screening program.
This alternative is optional--high-risk chemical facilities may
either submit the information listed in category (1) for such
individuals, or may submit the information listed in category (3) for
such individuals.
(4) When high-risk chemical facilities choose to submit the
information listed in category (3), above, they may also (optionally)
submit the following information on facility personnel and unescorted
visitors who have or are seeking access to restricted areas or critical
assets:
a. Aliases;
b. Place of Birth;
c. Gender;
d. Citizenship; and
e. Redress Number.
(5) DHS could collect additional identifying information from a
high-risk chemical facility as necessary to confirm or clear a
potential match to a TSDB record. Information collected by high-risk
chemical facilities and submitted to DHS for this purpose could include
any information listed in categories (1) through (4), passport
information, visa information, driver's license information, or other
available identifying particulars, used to compare the identity of an
individual being screened with information listed in the TSDB;
(6) In the event that a confirmed match is identified as part of
the CFATS Personnel Surety Program, in addition to other records listed
under the categories of records section of this SORN, DHS will obtain
references to or information from other government law enforcement and
intelligence databases, as well as other relevant databases that may
contain terrorism information;
(7) Information necessary to assist in tracking submissions and
transmission of records or verifying status of enrollment in another
DHS program, including electronic verification that DHS has received a
particular record; and
(8) Information provided by individuals covered by this system in
support of any redress request, including DHS Redress Numbers and/or
any of the above categories of records.
Authority for maintenance of the system:
DHS Appropriations Act of 2007, Section 550, Public Law 109-295,
120 Stat. 1355 (October 4, 2006), as amended; and the Chemical Facility
Anti-Terrorism Standards, 6 CFR Part 27.
Purpose(s):
The purpose of this system is to identify persons listed in the
TSDB who have or are seeking access to restricted areas or critical
assets at high-risk chemical facilities.
Routine uses of records maintained in the system, including categories
of users and the purposes of such uses:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed outside DHS as a
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice (DOJ), including Offices of the
U.S. Attorneys, or other federal agencies conducting litigation or in
proceedings before any court, adjudicative, or administrative body,
when it is relevant or necessary to the litigation and one of the
following is a party to the litigation or has an interest in such
litigation:
1. DHS or any component thereof;
2. Any employee or former employee of DHS in his/her official
capacity;
3. Any employee or former employee of DHS in his/her individual
capacity when DOJ or DHS has agreed to represent the employee; or
4. The U.S. or any agency thereof.
B. To a congressional office from the record of an individual in
response to an inquiry from that congressional office made at the
request of the individual to whom the record pertains.
C. To the National Archives and Records Administration (NARA) or
General Services Administration pursuant to records management
inspections being conducted under the authority of 44 U.S.C. 2904 and
2906.
D. To an agency or organization for the purpose of performing audit
or oversight operations as authorized by law, but only such information
as is necessary and relevant to such audit or oversight function.
E. To appropriate agencies, entities, and persons when:
1. DHS suspects or has confirmed that the security or
confidentiality of information in the system of records has been
compromised;
2. DHS has determined that as a result of the suspected or
confirmed compromise, there is a risk of identity theft or fraud, harm
to economic or property interests, harm to an individual, or harm to
the security or integrity of this system or other systems or programs
(whether maintained by DHS or another agency or entity) that rely upon
the compromised information; and
3. The disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with DHS's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
F. To contractors and their agents, grantees, experts, consultants,
and others performing or working on a contract, service, grant,
cooperative agreement, or other assignment for DHS, when necessary to
accomplish an agency function related to this system of records.
Individuals provided information under this routine use are subject to
the same Privacy Act requirements and limitations on disclosure as are
applicable to DHS officers and employees.
G. To an appropriate federal, state, tribal, local, international,
or foreign law enforcement agency or other appropriate authority
charged with investigating or prosecuting a violation or enforcing or
implementing a law, rule, regulation, or order, when a record, either
on its face or in conjunction with other information, indicates a
violation or potential violation of law, which includes criminal,
civil, or regulatory violations and such disclosure is proper and
consistent with the official duties of the person making the
disclosure.
H. To federal, state, local, tribal, territorial, foreign,
multinational, or private sector entities as appropriate to assist in
coordination of terrorist threat
[[Page 28756]]
awareness, assessment, analysis, or response.
I. To an appropriate federal, state, tribal, local, international,
or foreign agency or other appropriate authority regarding individuals
who pose, or are suspected of posing a risk to national security.
J. To an appropriate federal, state, tribal, local, international,
foreign agency, other appropriate governmental entities or authority
to:
1. Determine whether an individual is a positive identity match to
an identity in the TSDB;
2. Facilitate operational, law enforcement, or intelligence
responses, if appropriate, when vetted individuals' identities match
identities contained in the TSDB;
3. Provide information and analysis about terrorist encounters and
known or suspected terrorists to appropriate domestic and foreign
government agencies and officials for counterterrorism purposes; or
4. Perform technical implementation functions necessary for the
CFATS Personnel Surety Program.
K. To high-risk chemical facilities, or their designees, for the
purpose of ensuring that information on all affected individuals
submitted by or on behalf of the facility who have or are seeking
access to restricted areas or critical assets at a high-risk chemical
facility has been appropriately submitted to the Department.
L. To the news media and the public, with the approval of the Chief
Privacy Officer in consultation with counsel, when there exists a
legitimate public interest in the disclosure of the information, when
disclosure is necessary to preserve confidence in the integrity of DHS,
or when disclosure is necessary to demonstrate the accountability of
DHS's officers, employees, or individuals covered by the system, except
to the extent the Chief Privacy Officer determines that release of the
specific information in the context of a particular case would
constitute an unwarranted invasion of personal privacy.
Disclosure to consumer reporting agencies:
None.
Policies and practices for storing, retrieving, accessing, retaining,
and disposing of records in the system:
Storage:
DHS/NPPD stores records in this system electronically or on paper
in secure facilities in a locked drawer behind a locked door. The
records may be stored on magnetic disc, tape, digital media.
Retrievability:
Records may be retrieved by searching any of the categories of
records listed above. Records may also be retrievable by relevant
chemical facility name, chemical facility location, chemical facility
contact information, and by other facility-specific data points.
Safeguards:
DHS/NPPD safeguards records in this system according to applicable
rules and policies, including all applicable DHS automated systems
security and access policies. NPPD has imposed strict controls to
minimize the risk of compromising the information that is being stored.
Access to the computer system containing the records in this system is
limited to those individuals who have a need to know the information
for the performance of their official duties and who have appropriate
clearances or permissions.
Retention and disposal:
A proposed schedule for the retention and disposal of records
collected under the DHS/NPPD--002 Chemical Facility Anti-Terrorism
Standards Personnel Surety Program System of Records is being developed
by the DHS and NPPD Offices of Records Management for approval by NARA.
The length of time DHS/NPPD will retain information on individuals
will depend on individual TSDB vetting results. Specifically,
individuals' information will be retained as described below, based on
the individuals' placements into three categories:
(1) Information pertaining to an individual who is not a potential
or confirmed match to a TSDB record will be retained for one year after
a high-risk chemical facility has notified NPPD that the individual no
longer has or is seeking access to the restricted areas or critical
assets of the facility;
(2) Information pertaining to an individual who may originally have
appeared to be a match a TSDB record, but who was subsequently
determined not to be a match, will be retained for seven years after
completion of TSDB matching, or one year after the high-risk chemical
facility that submitted that individual's information has notified DHS/
NPPD that the individual no longer has or is seeking access to the
restricted areas or critical assets of the facility, whichever is
later; and
(3) Information pertaining to an individual who is a positive match
to a TSDB record will be retained for ninety-nine years after
completion of matching activity, or seven years after DHS/NPPD learns
that the individual is deceased, whichever is earlier.
DHS/TSA/TTAC will maintain records within its possession in
accordance with the DHS/TSA-002--Transportation Security Threat
Assessment System of Records, 75 FR 28046 (May 19, 2010). DHS/CBP will
maintain records in its possession in accordance with the DHS/CBP-002--
Global Enrollment System of Records, 71 FR 20708 (April 21, 2006).
DHS/NPPD will also retain records to conduct inspections or audits
under 6 CFR 27.245 and 6 CFR 27.250 to ensure that high-risk chemical
facilities are in compliance with CFATS. These records could include
the names of individuals with access to high-risk chemical facilities'
restricted areas and critical assets, the periods of time during which
high-risk chemical facilities indicate that such individuals have/had
access, and any other information listed elsewhere in this notice, as
appropriate.
The retention periods for these records provide reasonable amounts
of time for law enforcement, intelligence, or redress matters involving
individuals who have or are seeking access to restricted areas or
critical assets at high-risk chemical facilities.
System Manager and address:
CFATS Personnel Surety Program Manager, 250 Murray Lane SW., Mail
Stop 0610, Washington, DC 20528.
Notification procedure:
The Secretary of Homeland Security has exempted this system from
the notification, access, and amendment procedures of the Privacy Act.
However, DHS/NPPD will consider individual requests to determine
whether or not information may be released. Thus, individuals seeking
notification of and access to any record contained in this system of
records, or seeking to contest its content, may submit a request in
writing to the Chief Privacy Officer and DHS or NPPD FOIA Officer,
whose contact information can be found at https://www.dhs.gov/foia under
``Contacts.'' If an individual believes more than one component
maintains Privacy Act records concerning him or her, the individual may
submit the request to the Chief Privacy Officer and Chief Freedom of
Information Act Officer, Department of Homeland Security, 245 Murray
Drive SW., Building 410, Mail Stop 0655, Washington, DC 20528.
When seeking records about yourself from this system of records or
any other Departmental system of records, your request must conform
with the Privacy Act regulations set forth in 6 CFR Part
[[Page 28757]]
5. You must first verify your identity, meaning that you must provide
your full name, current address, and date and place of birth. You must
sign your request, and your signature must either be notarized or
submitted under 28 U.S.C. Sec. 1746, a law that permits statements to
be made under penalty of perjury as a substitute for notarization.
While no specific form is required, you may obtain forms for this
purpose from the Chief Privacy Officer and Chief Freedom of Information
Act Officer, https://www.dhs.gov/foia or 1-866-431-0486. In addition,
you should:
Explain why you believe the Department would have
information on you;
Identify which component(s) of the Department you believe
may have the information about you;
Specify when you believe the records would have been
created; and
Provide any other information that will help the FOIA
staff determine which DHS component agency may have responsive records;
If your request is seeking records pertaining to another living
individual, you must include a statement from that individual
certifying his/her agreement for you to access his/her records.
Without the above information, the component(s) may not be able to
conduct an effective search, and your request may be denied due to lack
of specificity or lack of compliance with applicable regulations.
Record access procedures:
See ``Notification procedure'' above.
Contesting record procedures:
See ``Notification procedure'' above.
Record source categories:
NPPD obtains records from high-risk chemical facilities and their
designees. High-risk chemical facilities must provide notice to each
affected individual prior to submission of the affected individual's
information to DHS/NPPD. This will include notice that additional
information may be requested after the initial submission. NPPD may
also obtain information from other DHS programs when DHS verifies
enrollment of an affected individual in another vetting or
credentialing program. Information may also be obtained from the DOJ/
FBI--019 Terrorist Screening Records System, 72 FR 47073 (August 22,
2007), or from other FBI sources.
Exemptions claimed for the system:
The Secretary of Homeland Security, pursuant to 5 U.S.C. 552a(k)(1)
and (k)(2), has exempted this system from the following provisions of
the Privacy Act, 5 U.S.C. 552a(c)(3); (d); (e)(1); (e)(4)(G),
(e)(4)(H), (e)(4)(I); and (f).
When this system receives a record from another system exempted in
that source system under 5 U.S.C. 552a(j) or (k), DHS will claim the
same exemptions for those records that are claimed for the original
primary systems of records from which they originated and claims any
additional exemptions set forth here. For more information on the FBI's
Terrorist Screening Records System, see DOJ/FBI--019 Terrorist
Screening Records System, 72 FR 47073 (August 22, 2007).
DHS does not claim any exemptions for the information high-risk
chemical facilities or their designees submit to DHS as part of this
system of records.
Dated: May 1, 2014.
Karen L. Neuman,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2014-11431 Filed 5-16-14; 8:45 am]
BILLING CODE 9110-9P-P