Privacy Act of 1974; System of Records, 23024-23028 [2020-08723]

Agencies

• FEDERAL COMMUNICATIONS COMMISSION

[Federal Register Volume 85, Number 80 (Friday, April 24, 2020)]
[Notices]
[Pages 23024-23028]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-08723]


-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

[FRS 16684]


Privacy Act of 1974; System of Records

AGENCY: Federal Communications Commission.

ACTION: Notice of a modified System of Records.

-----------------------------------------------------------------------

SUMMARY: The Federal Communications Commission (FCC or Commission or 
Agency) has modified and renamed an existing system of records, FCC/
PSHSB-1, FCC Emergency and Continuity Alerts and Contacts System 
(ECACS) (formerly: FCC/PSHSB-1, FCC Emergency and Continuity Contacts 
System (ECCS)), subject to the Privacy Act of 1974, as amended. This 
action is necessary to meet the requirements of the Privacy Act to 
publish in the Federal Register notice of the existence and character 
of records maintained by the Agency. The FCC's Public Safety and 
Homeland Security Bureau (PSHSB) uses the information in ECACS to 
prepare for and coordinate crisis response activities wherever they 
occur in the United States and its territories. PSHSB is modifying FCC/
PSHSB-1 to include information it will use to evaluate the 
effectiveness of Wireless Emergency Alerts (WEA), including 
participating Commercial Mobile Service Providers' (``providers'') 
implementation of enhanced geo-targeting for WEA.

DATES: This action will become effective on April 24, 2020. Written 
comments on the system's routine uses are due by May 26, 2020. The 
routine uses in this action will become effective on May 26, 2020 
unless written comments are received that require a contrary 
determination.

ADDRESSES: Send comments to Leslie F. Smith, Privacy Manager, 
Information Technology (IT), Room 1-C216, Federal Communications 
Commission, 445 12th Street SW, Washington, DC 20554, or via email at 
[email protected].

FOR FURTHER INFORMATION CONTACT: Leslie F. Smith, (202) 418-0217, or 
[email protected] (and to obtain a copy of the Narrative Statement 
and the Supplementary Document, which includes details of the 
modifications to this system of records).

SUPPLEMENTARY INFORMATION: This notice serves to update and modify FCC/
PSHSB-1 to include the Commission's collection of personally 
identifiable information (PII) through surveys used to evaluate the 
effectiveness of WEA, including Participating Commercial Mobile Service 
(CMS) providers' implementation of enhanced geo-targeting in support of 
public safety. As outlined In the Matter of Wireless Emergency Alerts 
Amendments to Part 11 of the Commission's Rules Regarding the Emergency 
Alert System, PS Docket Nos. 15-91 and 15-94, Second Report and Order 
and Second Order on

[[Page 23025]]

Reconsideration, 33 FCC Rcd 1320, 1324-25, para. 6 (2018) (``Second 
Report and Order''), the Commission's enhanced geo-targeting rules, 
effective December 13, 2019, require that the Participating CMS 
providers match a target area specified by an alert originator (i.e., 
deliver an alert message to 100% of the geographic area that the alert 
originator targets with no more than a 0.1 mile overshoot). PSHSB 
intends to test the effectiveness of this and related functionality to 
inform PSHSB's coordination and mitigation work when regions and 
communities face potentially imminent threats of the loss of life or 
property. Additionally, the SORN is being modified to make various 
necessary changes and updates, including the use of more advanced 
electronic information technologies, i.e., cloud technology, and format 
changes required by OMB Circular A-108 since its previous publication. 
The substantive changes and modifications to the previously published 
version of the FCC/PSHSB-1 system of records include:
    1. Changing the name of the system of records to FCC/PSHSB-1, FCC 
Emergency and Continuity Alerts and Contacts System (ECACS) to show 
that the system now includes information PSHSB will use to evaluate the 
effectiveness of Wireless Emergency Alerts (WEA), including 
participating Commercial Mobile Service (CMS) providers' implementation 
of enhanced geo-targeting for WEA.
    2. Updating the Security Classification to be consistent with FCC 
policies and Executive Order 13556.
    3. Updating/revising the language in the Categories of Individuals 
to include individuals representing institutions, organizations, and 
other groups engaged in crisis management and emergency preparedness 
functions, activities, and actions as part of the system's emergency 
management contacts information; FCC employees and contractors who are 
members of the Bureau/Office Emergency Response Group (ERG), Devolution 
Emergency Response Group (DERG) and FCC and bureau and office (B/O) 
lines of succession; and individuals who volunteer to participate in 
PSHSB surveys, including surveys to evaluate the effectiveness of WEA 
and providers' implementation of enhanced geo-targeting for WEA.
    4. Updating/revising the Categories of Records to include the 
information collected by PSHSB surveys pertaining to the respondents, 
the locations from which individuals respond to the survey, and other 
information that PSHSB will collect including, but not limited to type 
of device, operating system, and wireless service provider.
    5. Updating/revising the Purposes to include coordination of 
activities such as emergencies and crisis management actions, 
responses, and related functions; enabling the FCC to manage and 
maintain the contact and response system for FCC employees and 
contractors for purposes that include, but are not limited to 
coordinating Continuity of Operations Plan (COOP) actions and related 
functions; and conducting voluntary surveys evaluating the 
effectiveness of WEA, including implementation of enhanced geo-
targeting by providers and other related emergency notification 
systems, functions, and activities.
    6. Updating/revising the Records Source Categories to include 
survey respondents' inputs transmitted through their wireless devices 
or through other means of communication.
    7. Deleting two routine uses ((1) Emergency Response and (9) First 
Responders) that are covered by 5 U.S.C. 552a(b)(8) and therefore 
unnecessary.
    8. Updating and/or revising language in eight routine uses: (1) 
Adjudication and Litigation; (2) Law Enforcement and Investigation; (3) 
Congressional Inquiries; (4) Government-Wide Program Management and 
Oversight; (5) Employment, Clearances, Licensing, Contract, Grant or 
other Benefits Decisions by the FCC; (6) Labor Relations; (7) Breach 
Notification, updated/revised as required by OMB Memorandum M-17-12; 
and (10) Contracted Third Parties (previously Routine Use (10)).
    9. Adding three new routine uses: (8) Assistance to Federal 
Agencies and Entities, to allow the FCC to provide assistance to other 
Federal agencies in their data breach situations, as required by OMB 
Memorandum M-17-12; (9) Contract Services, Grants, or Cooperative 
Agreements, to allow contractors performing or working on a contract 
for the Federal Government access to information in this system; (11) 
Test Partners, to allow PSHSB's test partners, which may include state 
or local government entities, private sector organizations, or 
volunteers to help plan, conduct, and analyze the test results used to 
evaluate WEA's effectiveness and the provider's implementation of 
enhanced WEA's geo-targeting.
    10. Adding two new sections: Reporting to a Consumer Reporting 
Agency, to address valid and overdue debts owed by individuals to the 
FCC under the Debt Collection Act, as recommended by OMB; and a History 
section referencing the previous publication of this SORN in the 
Federal Register, as required by OMB Circular A-108.
    11. Updating the Policies and Practices for Retention and Disposal 
of Records in this system to state that the records in this system are 
covered by the National Archives and Records Administration's (NARA) 
General Records Schedule (GRS) 5.3, Continuity and Emergency Planning 
Records (January 2017 GRS revision).
    The system of records is also updated to reflect various 
administrative changes related to the system managers and system 
addresses; policy and practices for storage and retrieval of the 
information; administrative, technical, and physical safeguards; and 
updated notification, records access, and procedures to contest 
records.

SYSTEM NAME AND NUMBER:
    FCC/PSHSB-1, FCC Emergency and Continuity Alerts and Contacts 
System (ECACS).

SECURITY CLASSIFICATION:
    The Security Operations Center (SOC) has not assigned a security 
classification to ECACS; however, information in this system may be 
designated as: Controlled Unclassified Information, Non-Public, For 
Internal Use Only, or For Official Use Only.

SYSTEM LOCATION:
    Public Safety and Homeland Security Bureau (PSHSB), Federal 
Communications Commission, 445 12th Street SW, Washington, DC 20554.

SYSTEM MANAGER(S):
    Public Safety and Homeland Security Bureau (PSHSB), 445 12th Street 
SW, Washington, DC 20554.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM
    Executive Order 12472, Assignment of National Security and 
Emergency Preparedness Telecommunications Functions, April 3, 1984, as 
amended February 28, 2003 and June 26, 2006; Presidential Decision 
Directive 67, Enduring Constitutional Government and Continuity of 
Government Operations, October 21, 1998; Homeland Security Act of 2002, 
6 U.S.C. 101 et seq., November 25, 2002; National Security Presidential 
Directive 51/Homeland Security Presidential Directive 20, National 
Continuity Policy, May 9, 2007; National Communications System 
Directive 3-10, Minimum Requirements for Continuity Communications 
Capabilities, July 25, 2007; National Continuity Policy Implementation 
Plan, Homeland Security Council, August 2007; Federal Continuity 
Directive 1, Federal

[[Page 23026]]

Executive Branch National Continuity Program and Requirements, February 
2008; Federal Continuity Directive 2, Federal Executive Branch Mission 
Essential Function and Primary Mission Essential Function 
Identification and Submission Process, February 2008.

PURPOSE(S) OF THE SYSTEM
    The FCC uses the records in this system for purposes that include, 
but are not limited to:
    1. Enabling the FCC to respond to and coordinate activities that 
including emergencies and crisis management actions, responses, and 
related functions;
    2. Enabling the FCC to manage and maintain the contact and response 
system for FCC employees and contractors for coordinating Continuity of 
Operations Plan (COOP) actions and related functions;
    3. Enabling the FCC to use an automated telephone and email system 
to contact its Emergency Contacts and COOP Contacts;
    4. Conducting voluntary surveys evaluating the effectiveness of 
WEA, including implementation of enhanced geo-targeting by providers, 
and other related emergency notification systems, functions, and 
activities.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM
    The categories of individuals in this system include, but are not 
limited to:
    1. FCC employees, Federal Government contacts, State, Tribal, 
Territorial, Local Government and private sector contacts along with 
individuals representing institutions, organizations, and other groups 
engaged in crisis management and emergency preparedness functions, 
activities, and actions as part of this system's emergency management 
contacts information.
    2. FCC employees and contractors who are members of the Bureau and 
Office (B/O) Emergency Response Group (ERG), Devolution Emergency 
Response Group (DERG), and FCC and B/O lines of succession.
    3. Individuals who volunteer to participate in PSHSB surveys, 
including surveys to evaluate the effectiveness of WEA and providers' 
implementations of enhanced geo-targeting for WEA.

CATEGORIES OF RECORDS IN THE SYSTEM
    The records in this system include, but are not limited to:
    1. Emergency contacts include individual and/or business name(s), 
position title, business telephone number(s), business cell phone 
number(s), business satellite phone number(s), business pager 
number(s), business facsimile number(s), business address(es), business 
email address(es), home telephone number(s), personal cell phone 
number(s), personal pager number (s), personal facsimile number(s), and 
personal email address(es).
    2. COOP contacts include FCC employee's and contractor's name(s), 
position title, security clearance information, line of succession 
information, work and personal telephone number(s), work and personal 
facsimile number(s), work and personal cell phone number(s), satellite 
telephone number(s), FCC Government Emergency Telecommunications System 
(GETS) and Wireless Priority System (WPS) information, satellite 
telephone number(s), Government passport numbers, work and personal 
pager number(s), and work and personal email address(es).
    3. PSHSB survey information includes the individual respondents' 
identification numbers, email addresses, street addresses (street, 
city, state, and zip code) at the location that the individual responds 
to the survey, and other information that PSHSB will collect including 
but not limited to type of device, operating system, and wireless 
service provider.

RECORD SOURCE CATEGORIES
    1. The sources for the emergency contacts information include, but 
are not limited to FCC employees, Federal Government, State, Tribal, 
Territorial, and Local Government contacts, and private sector 
contactors along with individuals representing institutions and 
organizations with crisis management and emergency preparedness 
functions.
    2. The sources for the COOP contact participants' information are 
FCC employees and contractors.
    3. The sources for the survey information that PSHSB will use 
include the survey respondents' inputs transmitted through their 
wireless devices, or through other means of communication.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES
    In addition to those disclosures generally permitted under section 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed to authorized 
entities, as is determined to be relevant and necessary, outside the 
FCC, as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows.
    1. Adjudication and Litigation--To disclose information to the 
Department of Justice (DOJ), or to a court or adjudicative body before 
which the FCC is authorized to appear, when: (a) the FCC or any 
component thereof; or (b) any employee of the FCC in his or her 
official capacity; or (c) any employee of the FCC in his or her 
individual capacity where the DOJ or the FCC have agreed to represent 
the employee; or (d) the United States is a party to litigation or have 
an interest in such litigation, and the use of such records by the DOJ 
or the FCC is deemed by the FCC to be relevant and necessary to the 
litigation.
    2. Law enforcement and Investigation--To disclose pertinent 
information to the appropriate Federal, State, and/or local agency 
responsible for investigating, prosecuting, enforcing, or implementing 
a statute, rule, regulation, or order, where the FCC becomes aware of 
an indication of a violation or potential violation of civil or 
criminal law or regulation.
    3. Congressional Inquiries--To provide information to a 
Congressional office from the record of an individual in response to an 
inquiry from that Congressional office made at the written request of 
that individual.
    4. Government-Wide Program Management and Oversight--To disclose 
information to the National Archives and Records Administration (NARA) 
for use in its records management inspections; to the Government 
Accountability Office (GAO) for oversight purposes; to the Department 
of Justice (DOJ) to obtain that department's advice regarding 
disclosure obligations under the Freedom of Information Act (FOIA); or 
to the Office of Management and Budget (OMB) to obtain that office's 
advice regarding obligations under the Privacy Act.
    5. Employment, Clearances, Licensing, Contract, Grant or other 
Benefits Decisions by the FCC--To disclose to a Federal, State, local 
or foreign, tribal, or other public agency or authority maintaining 
civil, criminal, or other relevant enforcement records, or other 
pertinent records, or to another public authority or professional 
organization, if necessary to obtain information relevant to an 
investigation concerning the hiring or retention of an employee or 
other personnel action, the issuance or retention of a security 
clearance, classifying of jobs, letting of a contract, or the issuance 
or retention of a license, grant, or other benefit by the Commission, 
to the extent that the information is relevant and necessary to the 
requesting agency's decision on the matter.

[[Page 23027]]

    6. Labor Relations--To officials of labor organizations recognized 
under 5 U.S.C. 71 upon receipt of a formal request and in accord with 
the conditions of 5 U.S.C. 7114 when relevant and necessary to their 
duties of exclusive representation concerning personnel policies, 
practices, and matters affecting working conditions.
    7. Breach Notification--To appropriate agencies, entities, and 
persons when (a) the Commission suspects or has confirmed that there 
has been a breach of the system of records; (b) the Commission has 
determined that as a result of the suspected or confirmed breach there 
is a risk of harm to individuals, the Commission (including its 
information systems, programs, and operations), the Federal Government, 
or national security; and (c) the disclosure made to such agencies, 
entities, and persons is reasonably necessary to assist in connection 
with Commission efforts to respond to the suspected or confirmed breach 
or to prevent, minimize, or remedy such harm.
    8. Assistance to Federal Agencies and Entities--To another Federal 
agency or Federal entity, when the Commission determines that 
information from this system is reasonably necessary to assist the 
recipient agency or entity in: (a) Responding to a suspected or 
confirmed breach or (b) preventing, minimizing, or remedying the risk 
of harm to individuals, the recipient agency or entity (including its 
information systems, program, and operations), the Federal Government, 
or national security, resulting from a suspected or confirmed breach.
    9. Contract Services, Grants, or Cooperative Agreements--To 
disclose information to FCC contractors, grantees, or volunteers who 
have been engaged to assist the FCC in the performance of a contract 
service, grant, cooperative agreement, or other activity related to 
this system of records and who need to have access to the records in 
order to perform their activity. Recipients shall be required to comply 
with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 
552a.
    10. Contracted Third Parties--To external contracted parties 
throughout the United States for required maintenance, data input, and/
or extraction requirements, testing, and activation of an automated 
telephone and email system.
    11. Test Partners--To PSHSB's test partner entities who help plan, 
conduct, and analyze the results of tests used to evaluate the 
effectiveness of WEA, including providers' implementations of enhanced 
geo-targeting for WEA.

REPORTING TO A CONSUMER REPORTING AGENCY:
    In addition to the routine uses listed above, the Commission may 
share information from this system of records with a consumer reporting 
agency regarding an individual who has not paid a valid and overdue 
debt owed to the Commission, following the procedures set out in the 
Debt Collection Act, 31 U.S.C. 3711(e).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Information in ECACS consists of electronic data, files, and 
records, which are housed in the FCC's computer network databases, and 
paper documents, files, and records, which are stored in file cabinets 
in the PSHSB office suite.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information in the Emergency Contacts and the COOP Contacts 
databases is retrieved by searching any field in the respective 
database(s).

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The FCC maintains and disposes of these records in accordance with 
the requirements of the General Records Schedules (GRS) issued by the 
National Archives and Records Administration (NARA) as follows:
    GRS 5.3, Disposition Authorities:
    Item 010: DAA-GRS-2016-0004-0001: Continuity planning and related 
emergency planning files; and
    Item 020: DAA-GRS-2016-0004-0002: Employee emergency contact 
information.
    GRS 4.1, Disposition Authority: Item 030: DAA-GRS-2013-0002-0008: 
Vital or essential records program records.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    1. The electronic records, data, and files are stored within FCC 
accreditation boundaries and maintained in a database housed in the FCC 
computer network databases. The data in the FCC's computer network is 
protected by the FCC and third-party privacy safeguards, a 
comprehensive and dynamic set of IT safety and security protocols and 
features that are designed to meet all Federal IT privacy standards, 
including those required by the National Institute of Standards and 
Technology (NIST), the Office of Management and Budget (OMB), and the 
Federal Information Security Modernization Act of 2014 (FISMA).
    2. There are a limited number of paper documents, files, and 
records, which are stored in file cabinets in the PSHSB office suite. 
These cabinets are locked when not in use and/or at the end of the 
business day. All access points for the PSHSB office suites are 
monitored.
    3. Furthermore, as part of the FCC's privacy safeguards, only 
authorized PSHSB supervisors, employees, PSHSB's Test Partners, and 
contractors, including IT contractors who manage the FCC's computer 
network, may have access to the electronic data and the paper document 
files. Other FCC employees may be granted access on a need-to-know 
basis. The FCC's Test Partners will not have direct access to the FCC's 
computer network or information systems; however, PSHSB will provide 
the Test Partners data necessary to evaluate the effectiveness of WEA, 
including providers' implementation of enhanced geo-targeting. The Test 
Partners will be required to implement privacy safeguards against the 
disclosure of electronic data and paper document files provided by the 
FCC, unless disclosure is otherwise required by applicable federal or 
other laws.

RECORD ACCESS PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about them should follow the Notification Procedure below.

CONTESTING RECORD PROCEDURES:
    Individuals wishing to request an amendment of records about them 
should follow the Notification Procedure below.

NOTIFICATION PROCEDURES:
    Individuals wishing to determine whether this system of records 
contains information about them may do so by writing to Leslie F. 
Smith, Privacy Manager, Information Technology, Federal Communications 
Commission, 445 12th Street SW, Washington, DC 20554, or by emailing 
[email protected] and following the procedures set forth in the 
FCC's Privacy Act regulations regarding verification of identity and 
access to records, 47 CFR Part 0, Subpart E.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    The FCC last gave full notice of this system of records, FCC/PSHSB-
1, formerly titled FCC Emergency and Continuity Contacts System (ECCS), 
by publication in the Federal Register on September 19, 2011 (76 FR 
57989).


[[Page 23028]]


Federal Communications Commission.
Marlene Dortch,
Secretary.
[FR Doc. 2020-08723 Filed 4-23-20; 8:45 am]
 BILLING CODE 6712-01-P