Privacy Act of 1974; System of Records, 71093-71097 [2021-27042]

Agencies

• National Aeronautics and Space Administration

[Federal Register Volume 86, Number 237 (Tuesday, December 14, 2021)]
[Notices]
[Pages 71093-71097]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-27042]



[[Page 71093]]

-----------------------------------------------------------------------

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

[NOTICE: (21-083)]


Privacy Act of 1974; System of Records

AGENCY: National Aeronautics and Space Administration (NASA).

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, the 
National Aeronautics and Space Administration is issuing public notice 
of its proposal to significantly alter a previously noticed system of 
records Security Records System/NASA 10SECR. This notice incorporates 
locations and NASA standard routine uses previously published 
separately from, and cited by reference in, this and other NASA systems 
of records notices. This notice also adds a purpose statement, updates 
authorities, revises two NASA standard routine uses and adds three new 
ones, as set forth below under the caption SUPPLEMENTARY INFORMATION.

DATES: Submit comments within 30 calendar days from the date of this 
publication. The changes will take effect at the end of that period, if 
no adverse comments are received.

ADDRESSES: Patti F. Stockman, Privacy Act Officer, Office of the Chief 
Information Officer, National Aeronautics and Space Administration 
Headquarters, Washington, DC 20546-0001, (202) 358-4787, [email protected].

FOR FURTHER INFORMATION CONTACT: NASA Privacy Act Officer, Patti F. 
Stockman, (202) 358-4787, [email protected].

SUPPLEMENTARY INFORMATION: This system notice includes minor revisions 
to NASA's existing system of records notice to bring its format into 
compliance with OMB guidance and to update records access, 
notification, and contesting procedures consistent with NASA Privacy 
Act regulations. It incorporates in whole, as appropriate, information 
formerly published separately in the Federal Register as Appendix A, 
Location Numbers and Mailing Addresses of NASA Installations at which 
Records are Located, and Appendix B, Standard Routine Uses--NASA. This 
notice provides a new statement of PURPOSE OF THE SYSTEM; updates 
AUTHORITY FOR MAINTENANCE OF THE SYSTEM and adds an Executive Order; 
updates PHYSICAL SAFEGUARDS to reflect current information technology 
security protocols; and adds a new routine use that allows release to 
news media and the public under limited circumstances. The notice 
revises NASA's Standard Routine Use 5 to clarify conditions under which 
NASA will release records to a legal body for a proceeding involving 
NASA.. It revises NASA Standard Routine Use 6 and adds a new Standard 
Routine Use 9, both to enable the Agency to release records as 
necessary (1) to respond to a breach of the agency's personally 
identifiable information (PII) or (2) to assist another agency in 
response to a breach of its PII; and adds new Standard Routine Uses 10 
and 11 allowing release to other agencies to aid their functions of 
inspection, audit or oversight as authorized by law.

Cheryl Parker,
Federal Register Liaison Officer.

SYSTEM NAME AND NUMBER:
    Security Records System, NASA 10SECR.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    The centralized data system is located at George C. Marshall Space 
Flight Center (NASA), Marshall Space Flight Center, AL 35812-0001.
    Records are also located at:
    Mary W. Jackson NASA Headquarters (NASA), Washington, DC 20546-
0001;
    Ames Research Center (NASA), Moffett Field, CA 94035-1000;
    Armstrong Flight Research Center (NASA), PO Box 273, Edwards, CA 
93523-0273;
    John H. Glenn Research Center at Lewis Field (NASA), 21000 
Brookpark Road, Cleveland, OH 44135-3191;
    Goddard Space Flight Center (NASA), Greenbelt, MD 20771-0001;
    Lyndon B. Johnson Space Center (NASA), Houston, TX 77058-3696;
    John F. Kennedy Space Center (NASA), Kennedy Space Center, FL 
32899-0001;
    Langley Research Center (NASA), Hampton, VA 23681-2199;
    George C. Marshall Space Flight Center (NASA), Marshall Space 
Flight Center, AL 35812-0001;
    John C. Stennis Space Center (NASA), Stennis Space Center, MS 
39529-6000;
    Michoud Assembly Facility (NASA), PO Box 29300, New Orleans, LA 
70189; and
    White Sands Test Facility (NASA), PO Drawer MM, Las Cruces, NM 
88004-0020.

SYSTEM MANAGER(S):
    System Manager: Deputy Assistant Administrator of the Office of 
Protective Services, NASA Headquarters (see System Location above for 
address).
    Subsystem Managers: Chief of Security/Protective Services at each 
subsystem location at:
    NASA Headquarters (see System Location above for address);
    NASA Ames Research Center (see System Location above for address);
    NASA Armstrong Flight Research Center (see System Location above 
for address);
    NASA Glenn Research Center (see System Location above for address);
    NASA Goddard Space Flight Center (see System Location above for 
address);
    NASA Johnson Space Center (see System Location above for address);
    NASA Kennedy Space Center (see System Location above for address);
    NASA Langley Research Center (see System Location above for 
address);
    NASA Marshall Space Flight Center (see System Location above for 
address);
    NASA Stennis Space Center (see System Location above for address); 
and
    Michoud Assembly Facility (see System Location above for address);
    White Sands Test Facility (see System Location above for address).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    18 U.S.C. 202-208--Bribery, graft, and conflicts of interest;
    18 U.S.C. 371--Conspiracy to commit offense or to defraud United 
States;
    18 U.S.C. 793-799--Espionage and Information Control Statutes;
    18 U.S.C. 2151-2157--Sabotage statutes;
    18 U.S.C. 3056--Powers, authorities, and duties of United States 
Secret Service;
    40 U.S.C. 1441--Responsibilities regarding efficiency, security, 
and privacy of Federal computer systems;
    42 U.S.C. 2011 et seq.--Development and control of atomic energy; 
congressional declaration of policy;
    44 U.S.C. 3101--Records management by agency heads; general duties;
    50 U.S.C.--McCarran Internal Security Act;
    51 U.S.C. 20101--National and commercial space programs; short 
title;
    Exec. Order No. 9397, as amended--Numbering system for Federal 
accounts relating to individual persons;
    Exec. Order No. 10450--Security requirements for Government 
employment;
    Exec. Order No. 10865--Safeguarding classified information within 
industry;
    Exec. Order No. 12968, as amended--Access to classified 
information;
    Exec. Order No. 13526, as amended--Classified national security 
information;
    Executive Order 13587, Structural Reform to Improve the Security of

[[Page 71094]]

Classified Networks and Responsible Sharing and Safeguarding of 
Classified Information;
    Pub. L. 81-733--Summary suspension of employment of civilian 
officers and employees;
    Pub. L. 107-347--Federal Information Security Management Act 2002;
    HSPD 12--Policy for a common identification standard for Federal 
employees and contractors;
    14 CFR 1203(b)--National Aeronautics and Space Administration; 
information security program;
    14 CFR 1213--Release of information to news and information media;
    15 CFR pt. 744--Export administration regulations; control policy: 
end-user and end-use based;
    22 CFR pt. 62--Department of State; exchange visitor program;
    22 CFR 120-130--Foreign Relations Export Control;
    41 CFR pt. 101--Federal property management regulations.

PURPOSE(S) OF THE SYSTEM:
    The maintenance of these records supports NASA protective services 
and security operations as well as the establishment of identities, 
processing of access requests, and issuance of credentials in NASA's 
authoritative identity source.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system maintains information on NASA (1) civil servant 
employees and applicants; (2) committee members; (3) consultants; (4) 
experts; (5) Resident Research Associates; (6) guest workers; (7) 
contractor employees; (8) detailees; (9) visitors; (10) correspondents 
(written and telephonic); (11) Faculty Fellows; (12) Intergovernmental 
Personnel Mobility Act (IPA) Employees, interns, Grantees, and 
Cooperative Employees; and (13) Remote Users of NASA Non-Public 
Information Technology Resources. This system also maintains 
information on all non-U.S. citizens, to include Lawful Permanent 
Residents seeking access to NASA facilities, resources, laboratories, 
contractor sites, Federally Funded Research and Development Centers or 
NASA sponsored events for unclassified purposes to include employees of 
NASA or NASA contractors; prospective NASA or NASA contractor 
employees; employees of other U.S. Government agencies or their 
contractors; foreign students at U.S. institutions; officials or other 
persons employed by foreign governments or other foreign institutions 
who may or may not be involved in cooperation with NASA under 
international agreements; foreign media representatives; and 
representatives or agents of foreign national governments seeking 
access to NASA facilities, to include high-level protocol visits; or 
international relations. While not considered `individuals' under The 
Privacy Act, this system maintains records on international individuals 
when applicable.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Personnel Security Records, Personal Identity Records including 
NASA visitor files, Emergency Data Records, Criminal Matters, Traffic 
Management Records, and Access Management Records. Specific records 
fields include, but are not limited to: Name, former names, date of 
birth, place of birth, social security number, home address, phone 
numbers, email address, citizenship, duty Center, traffic infraction, 
security violation, security incident, security violation discipline 
status, action taken, access permissions, area accessed, and date 
accessed.

RECORD SOURCE CATEGORIES:
    Information is obtained from a variety of sources including from 
the employee, contractor, or applicant directly or via use of the 
Standard Form (SF) SF-85, SF-85P, or SF-86 and personal interviews; 
employers' and former employers' records; FBI criminal history records 
and other databases; financial institutions and credit reports; medical 
records and health care providers; educational institutions; interviews 
of witnesses such as neighbors, friends, coworkers, business 
associates, teachers, landlords, or family members; tax records; and 
other public records. Security violation information is obtained from a 
variety of sources, such as guard reports, security inspections, 
witnesses, supervisor's reports, audit reports.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    Any disclosures of information will be compatible with the purpose 
for which the Agency collected the information. Under the following 
routine uses that are unique to this system of records, information in 
this system may be disclosed:
    (1) To the Department of Justice (DOJ) when: (a) The agency or any 
component thereof; (b) any employee of the agency in his or her 
official capacity; (c) any employee of the agency in his or her 
individual capacity where agency or the DOJ has agreed to represent the 
employee; or (d) the United States Government, is a party to litigation 
or has an interest in such litigation, and by careful review, the 
agency determines that the records are both relevant and necessary to 
the litigation and the use of such records by DOJ is therefore deemed 
by the agency to be for a purpose compatible with the purpose for which 
the agency collected the records.
    (2) to a court or adjudicative body in a proceeding when: (a) The 
agency or any component thereof; (b) any employee of the agency in his 
or her official capacity; (c) any employee of the agency in his or her 
individual capacity where agency or the Department of Justice has 
agreed to represent the employee; or (d) the United States Government, 
is a party to litigation or has an interest in such litigation, and by 
careful review, the agency determines that the records are both 
relevant and necessary to the litigation and the use of such records is 
therefore deemed by the agency to be for a purpose that is compatible 
with the purpose for which the agency collected the records.
    (3) to an Agency in order to provide a basis for determining 
preliminary visa eligibility.
    (4) to a staff member of the Executive Office of the President in 
response to an inquiry from the White House.
    (5) to the National Archives and Records Administration or to the 
General Services Administration for records management inspections 
conducted under 44 U.S.C. 2904 and 2906.
    (6) to agency contractors, grantees, or volunteers who have been 
engaged to assist the agency in the performance of a contract service, 
grant, cooperative agreement, or other activity related to this system 
of records and who need to have access to the records in order to 
perform their activity. Recipients shall be required to comply with the 
requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
    (7) to other Federal agencies and relevant contractor facilities to 
determine eligibility of individuals to access classified National 
Security information.
    (8) to any official investigative or judicial source from which 
information is requested in the course of an investigation, to the 
extent necessary to identify the individual, inform the source of the 
nature and purpose of the investigation, and to identify the type of 
information requested.
    (9) to the news media or the general public, factual information 
the disclosure of which would be in the public interest and which would 
not constitute an unwarranted invasion of personal privacy, consistent 
with Freedom of Information Act standards.

[[Page 71095]]

    (10) to a Federal, State, or local agency, or other appropriate 
entities or individuals, or through established liaison channels to 
selected foreign governments, in order to enable an intelligence agency 
to carry out its responsibilities under the National Security Act of 
1947 as amended, the CIA Act of 1949 as amended, Executive Order 12333 
or any successor order, applicable national security directives, or 
classified implementing procedures approved by the Attorney General and 
promulgated pursuant to such statutes, orders or directives.
    (11) in order to notify an employee's next-of-kin or contractor in 
the event of a mishap involving that employee or contractor.
    (12) to notify another Federal agency when, or verify whether, a 
PIV card is valid.
    (13) to provide relevant information to an internal or external 
organization or element thereof conducting audit activities of a NASA 
contractor or subcontractor.
    (14) to a NASA contractor, subcontractor, grantee, or other 
Government organization information developed in an investigation or 
administrative inquiry concerning a violation of a Federal or state 
statute or regulation on the part of an officer or employee of the 
contractor, subcontractor, grantee, or other Government organization.
    (15) to foreign governments or international organizations if 
required by treaties, international conventions, or executive 
agreements.
    (16) to members of a NASA Advisory Committee or Committees and 
interagency boards charged with responsibilities pertaining to 
international visits and assignments and/or national security when 
authorized by the individual or to the extent the committee(s) is so 
authorized and such disclosure is required by law.
    (18) to the following individuals for the purpose of providing 
information on traffic accidents, personal injuries, or the loss or 
damage of property: (a) Individuals involved in such incidents; (b) 
persons injured in such incidents; (c) owners of property damaged, lost 
or stolen in such incidents; and/or (d) these individuals' duly 
verified insurance companies, personal representatives, employers, and/
or attorneys. The release of information under these circumstances 
should only occur when it will not: (a) Interfere with ongoing law 
enforcement proceedings, (b) risk the health or safety of an 
individual, or (c) reveal the identity of an informant or witness that 
has received an explicit assurance of confidentiality. Social security 
numbers should not be released under these circumstances unless the 
social security number belongs to the individual requester. The intent 
of this use is to facilitate information flow to parties who need the 
information to adjudicate a claim.
    (19) to the Transportation Security Administration, with consent of 
the individual on whom the records are maintained, to establish 
eligibility for the TSA Pre[check] program.
    (20) in accordance with NASA standard routine uses as set forth 
here. In addition, the following routine uses of information contained 
in SORs, subject to the Privacy Act of 1974, are standard for many NASA 
systems. They are cited by reference in the paragraph ``Routine uses of 
records maintained in the system, including categories of users and the 
purpose of such uses'' of the Federal Register Notice on those systems 
to which they apply. Any disclosures of information will be compatible 
with the purpose for which the Agency collected the information.
    Standard Routine Use No. 1--In the event this system of records 
indicates a violation or potential violation of law, whether civil, 
criminal, or regulatory in nature, and whether arising by general 
statute or particular program statute, or by regulation, rule or order 
issued pursuant thereto, the relevant records in the SOR may be 
referred to the appropriate agency, whether Federal, State, local or 
foreign, charged with the responsibility of investigating or 
prosecuting such violation or charged with enforcing or implementing 
the statute, or rule, regulation or order issued pursuant thereto.
    Standard Routine Use No. 2--A record from this SOR may be disclosed 
to a Federal, State, or local agency maintaining civil, criminal, or 
other relevant enforcement information or other pertinent information, 
such as current licenses, if necessary to obtain information relevant 
to an agency decision concerning the hiring or retention of an 
employee, the issuance of a security clearance, the letting of a 
contract, or the issuance of a license, grant, or other benefit.
    Standard Routine Use No. 3-- A record from this SOR may be 
disclosed to a Federal agency, in response to its request, in 
connection with the hiring or retention of an employee, the issuance of 
a security clearance, the reporting of an investigation of an employee, 
the letting of a contract, or the issuance of a license, grant, or 
other benefit by the requesting agency, to the extent that the 
information is relevant and necessary to the requesting agency's 
decision on the matter.
    Standard Routine Use No. 4--A record from this system may be 
disclosed to the Department of Justice including United States Attorney 
Offices, or other federal agency conducting litigation or in 
proceedings before any court, adjudicative or administrative body, when 
it is relevant or necessary to the litigation or has an interest in 
such litigation when (a) the Agency, or any component thereof; or (b) 
any employee of the Agency in his or her official capacity; or (c) any 
employee of the Agency in his or her individual capacity where the 
Department of Justice or the Agency has agreed to represent the 
employee or former employee; or (d) the United States, where the Agency 
determines that litigation is likely to affect the Agency or any of its 
components, is a party to litigation or has an interest in such 
litigation, and the use of such records by the Department of Justice or 
the Agency is deemed by the Agency to be relevant and necessary to the 
litigation.
    Standard Routine Use No. 5--A record from this SOR may be disclosed 
in an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body, when NASA determines that the 
records are relevant to the proceeding; or in an appropriate proceeding 
before an administrative or adjudicative body when the adjudicator 
determines the records to be relevant to the proceeding.
    Standard Routine Use No. 6--A record from this SOR may be disclosed 
to appropriate agencies, entities, and persons when (1) NASA suspects 
or has confirmed that there has been a breach of the system of records; 
(2) NASA has determined that as a result of the suspected or confirmed 
breach there is a risk of harm to individuals, NASA (including its 
information systems, programs, and operations), the Federal Government, 
or national security; and (3) the disclosure made to such agencies, 
entities, and persons is reasonably necessary to assist in connection 
with NASA's efforts to respond to the suspected or confirmed breach or 
to prevent, minimize, or remedy such harm.
    Standard Routine Use No. 7--A record from this system may be 
disclosed to contractors, grantees, experts, consultants, students, and 
others performing or working on a contract, service, grant, cooperative 
agreement, or other assignment for the federal government, when 
necessary to accomplish an Agency function related to this system of 
records.

[[Page 71096]]

    Standard Routine Use No. 8--A record from this system may be 
disclosed to a Member of Congress or staff acting upon the Member's 
behalf when the Member or staff requests the information on behalf of, 
and at the request of, the individual who is the subject of the record.
    Standard Routine Use No. 9--A record from this system may be 
disclosed to another Federal agency or Federal entity, when NASA 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    Standard Routine Use No. 10--To the National Archives and Records 
Administration (NARA) or the General Services Administration (GSA) 
pursuant to records management inspections being conducted under the 
authority of 44 U.S.C. 2904 and 2906.
    Standard Routine Use 11--To another agency, or organization for 
purpose of performing audit or oversight operations as authorized by 
law, but only such information as is necessary and relevant to such 
audit or oversight function.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in this system are maintained electronically and in hard-
copy documents.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved from the system by individual's name, file 
number, badge number, decal number, payroll number, Agency-specific 
unique personal identification code, and/or Social Security Number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Personnel Security Records are maintained in Agency files and 
destroyed in accordance with NASA Records Retention Schedules (NRRS), 
Schedule 1 Item 103. Foreign national files are maintained and 
destroyed in accordance with NRRS, Schedule 1 Item 35.
    Personal Identity Records are maintained in Agency files and 
destroyed in accordance with NRRS, Schedule 1 Item 103. Visitor files 
are maintained and destroyed in accordance with NRRS, Schedule 1 Item 
114.
    Emergency Data Records are maintained and destroyed in accordance 
with NRRS 1, Item 100B.
    Criminal Matter Records are maintained and destroyed in accordance 
with NRRS 1, Schedule 97.5, Items A and B.
    Traffic Management Records are maintained and destroyed in 
accordance with NRRS 1, Schedule 97.5, Item C.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Electronic records are maintained on secure NASA servers and 
protected in accordance with all Federal standards and those 
established in NASA regulations at 14 CFR 1212.605. Additionally, 
server and data management environments employ infrastructure 
encryption technologies both in data transmission and at rest on 
servers. Approved security plans are in place for information systems 
containing the records in accordance with the Federal Information 
Security Management Act of 2002 (FISMA) and OMB Circular A-130, 
Management of Federal Information Resources (OA-9999-M-MSF-2712, OA-
9999-M-MSF-2707, IE-999-M-MSF-1654). Only authorized personnel 
requiring information in the official discharge of their duties are 
authorized access to records through approved access or authentication 
methods. Access to electronic records is achieved only by utilizing 
NASA agency managed authentication mechanisms. Non-electronic records 
are secured in access-controlled rooms with electronic security 
countermeasures and agency managed, PIV enabled, physical 
authentication mechanisms.

RECORD ACCESS PROCEDURES:
    In accordance with 14 CFR part 1212, Privacy Act--NASA Regulations, 
information may be obtained by contacting in person or in writing the 
system or subsystem manager listed above at the location where the 
records are created and/or maintained. Requests must contain the 
identifying data concerning the requester, e.g., first, middle and last 
name; date of birth; description and time periods of the records 
desired. NASA Regulations also address contesting contents and 
appealing initial determinations regarding records access.
    Personnel Security Records compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, Federal contracts, or access to classified 
information have been exempted by the Administrator under 5 U.S.C. 
552a(k)(5) from the access provisions of the Act.
    Personal Identity Records: Requests from individuals should be 
addressed to the cognizant system or subsystem manager listed above.
    Emergency Data Records: Requests from individuals should be 
addressed to the cognizant system or subsystem manager listed above.
    Criminal Matter Records compiled for civil or criminal law 
enforcement purposes have been exempted by the Administrator under 5 
U.S.C. 552a(k)(2) from the access provision of the Act.
    Traffic Management Records: Requests from individuals should be 
addressed to the cognizant system or subsystem manager listed above.

CONTESTING RECORD PROCEDURES:
    In accordance with 14 CFR part 1212, Privacy Act--NASA Regulations, 
information may be obtained by contacting in person or in writing the 
system or subsystem manager listed above at the location where the 
records are created and/or maintained. Requests must contain the 
identifying data concerning the requester, e.g., first, middle and last 
name; date of birth; description and time periods of the records 
desired. NASA Regulations also address contesting contents and 
appealing initial determinations regarding records access.

NOTIFICATION PROCEDURES:
    In accordance with 14 CFR part 1212, Privacy Act--NASA Regulations, 
information may be obtained by contacting in person or in writing the 
system or subsystem manager listed above at the location where the 
records are created and/or maintained. Requests must contain the 
identifying data concerning the requester, e.g., first, middle and last 
name; date of birth; description and time periods of the records 
desired. NASA Regulations also address contesting contents and 
appealing initial determinations regarding records access.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Personnel Security Records compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, Federal contracts, or access to classified 
information, but only to the extent that the disclosure of such 
material would reveal the identity of a confidential source, are exempt 
from the following sections of the Privacy Act of 1974, 5 U.S.C. 
552a(c)(3) relating to access to the disclosure accounting; (d) 
relating to access to the records; (e)(1) relating to the type of 
information maintained in the records; (e)(4)(G), (H) and (I) relating 
to publishing in the annual system

[[Page 71097]]

notice information as to agency procedures for access and correction 
and information as to the categories of sources of records; and (f) 
relating to developing agency rules for gaining access and making 
corrections. The determination to exempt the Personnel Security Records 
portion of the Security Records System has been made by the 
Administrator of NASA in accordance with 5 U.S.C. 552a(k)(5) and 
Subpart 5 of the NASA regulations appearing in 14 CFR part 1212.
    Criminal Matter Records to the extent they constitute investigatory 
material compiled for law enforcement purposes are exempt from the 
following sections of the Privacy Act of 1974, 5 U.S.C. 552a(c)(3) 
relating to access to the disclosure accounting; (d) relating to access 
to the records; (e)(1) relating to the type of information maintained 
in the records; (e)(4)(G), (H) and (I) relating to publishing in the 
annual system notice information as to agency procedures for access and 
correction and information as to the categories of sources of records; 
and (f) relating to developing agency rules for gaining access and 
making corrections. The determination to exempt the Criminal Matter 
Records portion of the Security Records System has been made by the 
Administrator of NASA in accordance with 5 U.S.C. 552a(k)(2) and 
subpart 5 of the NASA regulations appearing in 14 CFR part 1212.
    Records subject to the provisions of 5 U.S.C. 552(b)(1) required by 
Executive Order to be kept secret in the interest of national defense 
or foreign policy are exempt from the following sections of the Privacy 
Act of 1974, 5 U.S.C. 552a:(c)(3) relating to access to the disclosure 
accounting; (d) relating to the access to the records; (e)(1) relating 
to the type of information maintained in the records; (e)(4)(G), (H) 
and (I) relating to publishing in the annual system notice information 
as to agency procedures for access and correction and information as to 
the categories of sources of records; and (f) relating to developing 
agency rules for gaining access and making corrections.
    The determination to exempt this portion of the Security Records 
System has been made by the Administrator of NASA in accordance with 5 
U.S.C. 552a(k)(1) and subpart 5 of the NASA regulations appearing in 14 
CFR part 1212.

HISTORY:
    (15-115, 80 FR 246, pp. 79937-79947)
    (15-068, 80 FR 193, pp. 60410-60411)
    (11-091, 76 FR 200, pp. 64112-64114)

[FR Doc. 2021-27042 Filed 12-13-21; 8:45 am]
BILLING CODE 7510-13-P