Privacy Act of 1974; System of Records, 66601-66602 [2021-25498]

Agencies

• Postal Service

[Federal Register Volume 86, Number 223 (Tuesday, November 23, 2021)]
[Notices]
[Pages 66601-66602]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-25498]


=======================================================================
-----------------------------------------------------------------------

POSTAL SERVICE


Privacy Act of 1974; System of Records

AGENCY: Postal Service.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The United States Postal Service[supreg] (Postal Service) is 
proposing to modify a General Privacy Act System of Records (SOR) to 
support a program that provides employees with USPS approved brand 
content to share to their personal social media accounts. Sharing is 
made easy for participating employees through an intuitive website and 
mobile application interfaced as an internal social media platform 
tool.

DATES: These revisions will become effective without further notice on 
December 23, 2021, unless, in response to comments received on or 
before that date result in a contrary determination.

ADDRESSES: Comments may be submitted via email to the Privacy and 
Records Management Office, United States Postal Service Headquarters 
([email protected]). To facilitate public inspection, arrangements to 
view copies of any written comments received will be made upon request.

FOR FURTHER INFORMATION CONTACT: Janine Castorina, Chief Privacy and 
Records Management Officer, Privacy and Records Management Office, 202-
268-3069 or [email protected].

SUPPLEMENTARY INFORMATION: This notice is in accordance with the 
Privacy Act requirement that agencies publish their systems of records 
in the Federal Register when there is a revision, change, or addition, 
or when the agency establishes a new system of records. The Postal 
Service is proposing revisions to an existing system of records (SOR) 
to support an employee advocacy program which utilizes an all-in-one 
social media platform. The voluntary program will provide USPS approved 
content to current participating employees across the country to share 
on their personal social media platforms.

I. Background

    The Postal Service is sponsoring a new voluntary program that 
provides USPS approved content to current participating employees 
across the country to share on their personal social media platforms. 
Employee advocacy program leverages the power of employees to promote 
the value of the USPS brand through the eyes of passionate employees 
vested in the success of the organization. The program will share 
content on stamps, licensing partnerships, organizational facts and 
history, business-focused content, and more. The program is completely 
voluntary as it is preferred that participants use their personal 
social accounts. Many employees already share information about USPS 
that they find on their own accord, so the program allows for USPS to 
provide consistent and accurate information being shared with the 
public. While the program does rely on two-way communication, customer 
service is not the focus, so program managers are instructing 
participants to refer any service issues and inquiries to the USPS 
Customer Care Center for customer service.

II. Rationale for Changes to USPS Privacy Act Systems of Records

    The Postal Service is proposing to modify USPS SOR 100.450 User 
Profile Support Records Related to Digital Services in support of a 
program which provides USPS approved content to current participating 
employees across the country to share on their personal social media 
platforms.
    Program objectives:

--Increase brand presence and improve brand reputation on social media 
by providing quality content to employees who love their jobs and want 
to promote the brand.
--Amplify earned reach at minimal costs by repurposing content on USPS 
corporate pages and creating content with existing agency contracts.
--Leverage through an intuitive website and mobile application for a 
unified marketing strategy for prominent USPS campaigns, including 
Informed Delivery[supreg], peak season, and more.
--Improve marketing and social content through the feedback 
participants provide from two-way communication with their social 
networks.

III. Description of the Modified System of Records

    Pursuant to 5 U.S.C. 552a(e)(11), interested persons are invited to 
submit written data, views, or arguments on this proposal. A report of 
the proposed revisions to this SOR has been sent to Congress and to the 
Office of Management and Budget for their evaluations. The Postal 
Service does not expect this modified system of records to have any 
adverse effect on individual privacy rights. Accordingly, for the 
reasons stated above, the Postal Service proposes revisions to this 
system of records as follows:

SYSTEM NAME AND NUMBER:
    USPS 100.450; User Profile Support Records Related to Employee 
Programs.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    Contractor sites.

SYSTEM MANAGER(S) AND ADDRESS:
    Chief Information Officer and Executive Vice President, United 
States Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.
    Vice President Corporate Communications, United States Postal 
Service, 475 L'Enfant Plaza SW, Washington, DC 20260.

[[Page 66602]]

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    39 U.S.C. 401, 403, 404; 1003, 1004, and 1201-1209.

PURPOSE(S):
    1. To provide administrative support to assist end users with 
technical questions and issues.
    2. To provide account management assistance.
    3. To provide account security and to deter and detect fraud.
    4. To allow USPS employees to share pre-approved USPS brand 
messages or content on social media via personal social media accounts.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Current USPS employees that voluntarily opt-in to participate in 
employee programs.

CATEGORIES OF RECORDS IN THE SYSTEM:
    1. User profile information: Name, date of birth, email, gender, 
phone, internally assigned identifier, username, physical address, 
employee identification number (EIN), contact information, customer 
ID(s), text message number, date of account creation, method of 
referral to website, date of last logon, and authentication method 
preferences.
    2. User preferences for communications: Frequency and channel opt 
in/opt out and preferred means of contact for service alerts and 
notifications, and language.
    3. Online user information: Internet Protocol (IP) address, domain 
name, operating system versions, browser version, date and time of 
first and last connection, and geographic location.
    4. Identity verification information: Username, user ID, email 
address, text message number, and results of identity proofing 
validation.
    5. Employee social media program: Work contact information, social 
media user handle, photograph, feedback received regarding content, and 
aggregate feedback metrics not associated with personally identifiable 
information.

RECORD SOURCE CATEGORIES:
    Individual end user.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Standard routine uses 1-9 apply.

STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN 
THE SYSTEM:
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Automated database, computer storage media, and digital files.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    For system administrators and/or customer service representatives, 
by internally assigned identifier, or end user account details such as 
name, phone number, etc. to assist end users with access or use of USPS 
social media access and to understand and fulfill end user needs.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    1. Records stored in digital service are retained until (1) the end 
user cancels the account, (2) six years after the end user last 
accesses their account, (3) until the relationship ends, or (4) after 
reasonable notice has been provided to the end user to export their 
account information in the event the agreement is terminated.
    2. Records existing on computer storage media are destroyed 
according to the applicable USPS media sanitization practice.
    3. Records are retained as long as the employee is active in the 
program data is maintained. When user is in-active, user data is marked 
as inactive, but data is retained.
    4. Records for social media historical data, posts, feedback 
received regarding content, and aggregate feedback metrics not 
associated with personally identifiable information are maintained 
indefinitely.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Paper records, computers, and computer storage media are located in 
controlled-access areas under supervision of program personnel. Access 
to these areas is limited to authorized personnel, who must be 
identified with a badge.
    Access to records is limited to individuals whose official duties 
require such access. Contractors and licensees are subject to contract 
controls and unannounced on-site audits and inspections. Computers are 
protected by mechanical locks, card key systems, or other physical 
access control methods.
    The use of computer systems is regulated with installed security 
software, computer logon identifications, and operating system controls 
including access controls, terminal and transaction logging, and file 
management software.

RECORD ACCESS PROCEDURES:
    Requests for access must be made in accordance with the 
Notification Procedure above and USPS Privacy Act regulations regarding 
access to records and verification of identity under 39 CFR 266.5.

CONTESTING RECORD PROCEDURES:
    See Notification Procedures and Record Access Procedures.

NOTIFICATION PROCEDURES:
    Individuals wanting to know if information about them is maintained 
in this system must address inquiries in writing to the system manager. 
Inquiries must include full name, date of birth, physical address, 
email address, username, and other identifying information, if 
requested.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    August 14, 2015, 80 FR 48935.
* * * * *

Ruth Stevenson,
Chief Counsel, Ethics & Legal Compliance.
[FR Doc. 2021-25498 Filed 11-22-21; 8:45 am]
BILLING CODE 7710-12-P