Privacy Act of 1974; System of Records, 964-974 [2022-00075]

Agencies

• FEDERAL TRADE COMMISSION

[Federal Register Volume 87, Number 5 (Friday, January 7, 2022)]
[Notices]
[Pages 964-974]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-00075]


=======================================================================
-----------------------------------------------------------------------

FEDERAL TRADE COMMISSION


Privacy Act of 1974; System of Records

AGENCY: Federal Trade Commission (FTC).

ACTION: Notice of modified systems of records.

-----------------------------------------------------------------------

SUMMARY: The FTC is making technical revisions to several of the 
notices that it has published under the Privacy Act of 1974 to describe 
its systems of records. This action is intended to make these notices 
clearer, more accurate, and up-to-date.

DATES: This notice shall become final and effective on January 7, 2022.

FOR FURTHER INFORMATION CONTACT: G. Richard Gold, Attorney, Office of 
the General Counsel, FTC, 600 Pennsylvania Avenue NW, Washington, DC 
20580, (202) 326-3355.

SUPPLEMENTARY INFORMATION: To inform the public, the FTC publishes in 
the Federal Register and posts on its website a ``system of records 
notice'' (SORN) for each system of records that the FTC currently 
maintains within the meaning of the Privacy Act of 1974, as amended, 5 
U.S.C. 552a (``Privacy Act'' or ``Act''). See https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems. The Privacy Act 
protects records about individuals in systems of records collected and 
maintained by Federal agencies. (A system is not a ``system of 
records'' under the Act unless the agency maintains and retrieves 
records in the system by the relevant individual's name or other 
personally assigned identifier.) Each Federal agency, including the 
FTC, must publish a SORN that describes the records maintained in each 
of its Privacy Act systems, including the categories of individuals 
that the records in the system are about where and how the agency 
maintains these records, and how individuals can find out whether an 
agency system contains any records about them or request access to 
their records, if any. The FTC, for example, maintains 40 systems of 
records under the Act. Some of these systems contain records about the 
FTC's own employees, such as personnel and payroll files. Other FTC 
systems contain records about members of the public, such as public 
comments, consumer complaints, or phone numbers submitted to the FTC's 
Do Not Call Registry.
    The FTC's SORNs discussed in this notice apply only to the FTC's 
own Privacy Act record systems. They do not cover Privacy Act records 
that other Federal agencies may collect and maintain in their own 
systems. Likewise, the FTC's SORNs and the Privacy Act of 1974 do not 
cover personal records that private businesses or other non-FTC 
entities may collect, which may be covered by other privacy laws.
    On June 12, 2008, the FTC republished and updated all of its SORNs, 
describing all of the agency's systems of records covered by the 
Privacy Act in a single document for ease of use and reference. See 73 
FR 33592. To ensure the SORNs remain accurate, FTC staff reviews each 
SORN on a periodic basis. As a result of this systematic review, the 
FTC made revisions to several of its SORNs on April 17, 2009 (74 FR 
17863), August 27, 2010 (75 FR 52749), February 23, 2015 (80 FR 9460), 
November 2, 2017

[[Page 965]]

(82 FR 50871), November 6, 2018 (83 FR 55541), April 19, 2019 (84 FR 
16493) and March 23, 2020 (85 FR 16361).
    Based on a periodic review of its SORNs, the FTC is publishing 
these additional technical revisions, to ensure that the FTC's SORNs 
and Appendices remain clear, accurate, and up-to-date:
     First, the FTC is amending several SORNs to clarify or 
update information about the applicable records disposition schedules 
published or approved by the National Archives and Records 
Administration (NARA). These schedules determine how long agency 
records in each system should be retained and destroyed.
     Second, the FTC is amending multiple SORNs to make other 
technical changes (e.g., updating the official title of the system 
manager, the authority for maintenance of the system, and the policies 
and practices for storage of records).
     Third, the FTC is republishing the full text of each of 
the above SORNs, incorporating the technical amendments, for the 
convenience of the reader and in accordance with OMB Circular A-108 
(2016), which reorganized the format and content for SORNs published by 
Federal agencies.
    The FTC is not substantively adding or amending any routine uses of 
its Privacy Act system records. Accordingly, the FTC is not required to 
provide prior public comment or notice to OMB or Congress for these 
technical amendments, which are final upon publication. See 5 U.S.C. 
552a(e)(11) and 552a(r); OMB Circular A-108, supra.
    A SORN-by-SORN summary, including a more detailed description of 
each SORN and how it is being amended, appears below, followed by the 
full text of the SORNs, as amended.

I. Federal Trade Commission Law Enforcement Systems of Records

    FTC-I-2 (Disciplinary Action Investigatory Files--FTC). This SORN 
covers records compiled to determine whether the FTC should refer an 
individual practicing before the FTC to appropriate authorities for 
alleged ethical or other misconduct. The Commission has updated the 
System Manager from formerly being the Deputy General Counsel for Legal 
Counsel to now being the Principal Deputy General Counsel. We have also 
updated the section for Policies and Practices for Storage of Records.
    FTC-I-3 (Informal Advisory Opinion Request and Response Files--
FTC). This SORN covers the records of individuals who have requested 
informal advisory opinions from the FTC staff and records of the 
responses to such requests. We have updated the section for Policies 
and Practices for Storage of Records.
    FTC-I-4 (Clearance Applications and Response Files--FTC). This SORN 
covers records of individuals who have requested clearance to 
participate or appear on behalf of other parties in FTC matters, and 
records of the FTC's responses to such requests. We have updated the 
title for the System Manager from Deputy General Counsel to Designated 
Agency Ethics Official. We have also updated the section for Policies 
and Practices for Storage of Records.
    FTC-I-6 (Public Records--FTC). This SORN covers the FTC's system of 
public records, which includes comments submitted by consumers and 
others in rulemakings, workshops, or other FTC proceedings. The FTC 
makes these public records routinely available for public inspection 
and copying, including by posting copies of such records on the 
internet. Most public comments are collected for the FTC by the 
government-wide Federal Docket Management System (FDMS), through 
www.regulations.gov, which is now maintained and operated on behalf of 
all Federal agencies by the General Services Administration (GSA). The 
FTC's SORN has been updated to show that the GSA is the inter-agency 
service provider for FDMS and that FDMS is covered by a GSA SORN. We 
have also updated the section for Policies and Practices for Storage of 
Records.

II. Federal Trade Commission Personnel Systems of Records

    FTC-II-7 (Ethics Program Records--FTC). This SORN covers annual 
financial statements and other filings or requests made by FTC 
officials and employees under the FTC's ethics program. The Commission 
is updating the section on Retention and Disposal to cite the 
applicable General Records Schedule that was recently approved by NARA 
for government-wide use.
    FTC-II-9 (Claimants Under Federal Tort Claims Act and Military 
Personnel and Civilian Employees' Claims Act--FTC). This SORN covers 
records generated by tort claims and other claims filed with the FTC by 
its employees or others under the named statutes. The FTC is updating 
the section for Policies and Practices for Storage of Records.

III. Federal Trade Commission Financial Systems of Records

    FTC-III-5 (Employee Transportation Program Records--FTC). This SORN 
covers records relating to FTC employee transportation programs, 
including programs administered by the Department of Transportation 
(DOT) that cover certain commuting costs. The corresponding DOT SORN is 
DOT/ALL 8 (Employee Transportation Facilitation). See 80 FR 64493-64495 
(2015). The Commission has updated the official title of the FTC system 
manager. The Commission is also updating the section on Retention and 
Disposal to cite the applicable General Records Schedule that was 
recently approved by NARA for government-wide use.

VII. FTC Miscellaneous Systems of Records

    FTC-VII-3 (Computer Systems User Identification and Access 
Records--FTC). This SORN covers records that the FTC maintains on 
individual users of computer systems operated by the FTC or on its 
behalf in order to monitor and control their usage of such systems. The 
FTC has updated the Authority for Maintenance of the System.
    FTC-VII-6 (Document Management and Retrieval System--FTC). This 
SORN covers legacy and current electronic data collections of FTC 
memoranda and other agency records that may be managed by and retrieved 
by the author's name or other personal identifiers. We have updated the 
section for Policies and Practices for Storage of Records.

FTC Systems of Records Notices

    In light of the updated SORN template set forth in the revised OMB 
Circular A-108 (2016), the FTC is reprinting the entire text of each 
amended SORN when necessary for the public's benefit, to read as 
follows:

I. Law Enforcement Systems of Records

* * * * *

SYSTEM NAME AND NUMBER:
    Disciplinary Action Investigatory Files--FTC (FTC-I-2).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Principal Deputy General Counsel, Office of General Counsel, 
Federal

[[Page 966]]

Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580, 
email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Trade Commission Act, 15 U.S.C. 41 et seq.; Executive Order 
10450.

PURPOSE(S) OF THE SYSTEM:
    To conduct disciplinary action investigations; to make 
determinations based upon the results of the investigations; to report 
results of investigations to other agencies and authorities for their 
use in evaluating their programs and imposition of criminal, civil, or 
administrative sanctions; to report the results of investigations to 
other agencies or other regulatory bodies for any action deemed 
appropriate; and to maintain records related to those matters.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    FTC personnel, counsel for parties in investigative or adjudicative 
proceedings, and others participating in FTC matters who may be subject 
to investigation for possible improper or unethical conduct.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Name, address, employment status, age, date of birth, financial 
information, credit information, personal history, and records 
collected and generated during the investigation, which may include 
correspondence relating to the investigation; internal staff memoranda; 
copies of subpoenas issued during the investigation, affidavits, 
statements from witnesses, transcripts of testimony taken in the 
investigation, and accompanying exhibits; documents, records or copies 
obtained during the investigation; interview notes, investigative 
notes, staff working papers, draft materials, and other documents and 
records relating to the investigation; opening reports, progress 
reports, and closing reports; and other investigatory information or 
data relating to alleged violations.

RECORD SOURCE CATEGORIES:
    Individual on whom the record is maintained, complainants, 
informants, witnesses, and Commission personnel having knowledge or 
providing analysis of matter.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system:
    (1) May be used to determine whether disciplinary action, including 
suspension or disbarment from practice before the Commission, is 
warranted;
    (2) May be transferred to the Office of Personnel Management, to a 
court, or a bar association; and
    (3) May be used by personnel of other agencies, courts, or bar 
associations to whom the matter is referred.
    For other ways that the Privacy Act permits the FTC to use or 
disclose system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The FTC generally maintains these records in electronic or paper 
format.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are indexed by individual's name, company name, industry 
investigation title, file or docket number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and disposed of under applicable schedules and 
procedures approved by the National Archives and Records 
Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access is restricted to agency personnel or contractors whose 
responsibilities require access. Paper records are maintained in 
lockable rooms or file cabinets. Access to electronic records is 
controlled by ``user ID'' and password combination and/or other 
appropriate electronic access or network controls (e.g., firewalls). 
FTC buildings are guarded and monitored by security personnel, cameras, 
ID checks, and other physical security measures.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Pursuant to 5 U.S.C. 552a(k)(2), records in this system are exempt 
from the requirements of subsections (c)(3), (d), (e)(1), (e)(4) (G), 
(H), (I), and (f) of 5 U.S.C. 552a. See Sec.  4.13(m) of the FTC Rules 
of Practice, 16 CFR 4.13(m).

HISTORY:
    73 FR 33591-33634 (June 12, 2008).

SYSTEM NAME AND NUMBER:
    Informal Advisory Opinion Request and Response Files--FTC (FTC-I-
3).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Director, Records and Filings Office, Federal Trade Commission, 600 
Pennsylvania Avenue NW, Washington, DC 20580, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Trade Commission Act, 15 U.S.C. 41 et seq.

PURPOSE(S) OF THE SYSTEM:
    To respond to requests for informal advisory opinions; to maintain 
records of such requests and the staff's responses; for use by staff in 
coordinating and preparing future advisory opinions and assuring the 
consistency of such opinions; to make records of such requests and 
staff responses available within the FTC for historical, legal 
research, investigational, and similar purposes (see FTC-VII-6, 
Document Management and Retrieval System--FTC); and also to make 
appropriate portions of such records available to the public (see FTC-
I-6, Public Records--FTC).

[[Page 967]]

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Applicants for informal advisory opinions from FTC staff under 
Sec.  1.1(b) of the Commission's Rules of Practice, 16 CFR 1.1(b). 
(Applicants for formal advisory opinions from the Commission under 
Sec.  1.1(a) of the Rules of Practice, 16 CFR 1.1(a), are covered by 
FTC-I-1, Nonpublic Investigational and Other Nonpublic Legal Program 
Records--FTC.)

CATEGORIES OF RECORDS IN THE SYSTEM:
    Name, address, and other contact information of requester; 
correspondence or other documents about the business and the proposed 
course of action about which an advisory opinion is being sought; FTC 
staff responses to requests.

RECORD SOURCE CATEGORIES:
    Individual proprietorship, corporation, or other business 
organization, counsel seeking or receiving a staff advisory opinion, 
and FTC employees.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system may be:
    (1) Referred to appropriate federal or state agencies for advice, 
for law enforcement, or where law enforcement action may be warranted; 
and
    (2) Disclosed on the FTC's public record under the FTC's Rules of 
Practice. See FTC-I-6, Public Records--FTC.
    For other ways that the Privacy Act permits the FTC to use or 
disclose system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The FTC generally maintains these records in electronic or paper 
format.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are indexed by name of requesting party.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and disposed of under applicable schedules and 
procedures approved by the National Archives and Records 
Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    For records other than those made public, access is restricted to 
agency personnel or contractors whose responsibilities require access. 
Paper records are maintained in lockable rooms or file cabinets. Access 
to electronic records is controlled by ``user ID'' and password 
combination and/or other appropriate electronic access or network 
controls (e.g., firewalls). FTC buildings are guarded and monitored by 
security personnel, cameras, ID checks, and other physical security 
measures.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    73 FR 33591-33634 (June 12, 2008).

SYSTEM NAME AND NUMBER:
    Clearance Application and Response Files--FTC (FTC-I-4).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Designated Agency Ethics Official, Office of General Counsel, 
Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 
20580, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Trade Commission Act, 15 U.S.C. 41 et seq.

PURPOSE(S) OF THE SYSTEM:
    To evaluate applications; to make determinations in response to 
those applications; to maintain records of consideration given to 
applications requesting authorization to appear in Commission 
proceedings; to ensure no conflict of interest between former members 
or employees of the Commission and active proceedings; to make records 
of such applications and the agency's responses available within the 
FTC for historical, legal research, investigational, and similar 
purposes (see FTC-VII-6, Document Management and Retrieval System--
FTC); and also to make appropriate portions of such records available 
to the public (see FTC-I-6, Public Records--FTC).

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Former members or employees of the Commission who request 
authorization to appear or participate in a proceeding or 
investigation, formal or informal, which was pending in any manner in 
the Commission during that individual's tenure at the Commission.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Name, address, and current employment status of the requesting 
individual, as well as the nature of any connection with the proceeding 
or investigation for which clearance is sought; letters responding to 
those requests indicating the determination of the Commission and 
outlining reasons for any denial or restriction; internal Commission 
memoranda evaluating the request and discussing the status of any 
relevant pending matters.

RECORD SOURCE CATEGORIES:
    Individual on whom the record is maintained and Commission staff 
who prepare the memoranda and response to request.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system may be disclosed on the FTC's public record 
under the FTC's Rules of Practice. See FTC-I-6, Public Records--FTC.
    For other ways that the Privacy Act permits the FTC to use or 
disclose

[[Page 968]]

system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55541, 55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The FTC generally maintains these records in electronic or paper 
format.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Indexed by name of the applicant and by the name of the 
investigation or proceeding.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and disposed of under applicable schedules and 
procedures approved by the National Archives and Records 
Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    For records other than those made public, access is restricted to 
agency personnel or contractors whose responsibilities require access. 
Paper records are maintained in lockable rooms or file cabinets. Access 
to electronic records is controlled by ``user ID'' and password 
combination and/or other appropriate electronic access or network 
controls (e.g., firewalls). FTC buildings are guarded and monitored by 
security personnel, cameras, ID checks, and other physical security 
measures.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems at 73 FR 33592, 33634 
(June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems at 73 FR 33592, 33634 
(June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Copies of records contained in this system that have been placed on 
the FTC public record are available upon request or from the FTC's 
website, where applicable. See FTC-I-6, Public Records--FTC. However, 
pursuant to 5 U.S.C. 552a(k)(2), records in this system, which reflect 
records that are contained in other systems of records that are 
designated as exempt, are exempt from the requirements of subsections 
(c)(3), (d), (e)(1), (e)(4)(G), (H), (I), and (f) of 5 U.S.C. 552a. See 
Sec.  4.13(m) of the FTC Rules of Practice, 16 CFR 4.13(m).

HISTORY:
    73 FR 33591-33634 (June 12, 2008).
* * * * *

SYSTEM NAME AND NUMBER:
    Public Records--FTC (FTC-I-6).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Director, Records and Filings Office, Federal Trade Commission, 600 
Pennsylvania Avenue NW, Washington, DC 20580, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Trade Commission Act, 15 U.S.C. 41 et seq.; Executive Order 
10450; Freedom of Information Act, 5 U.S.C. 552; 16 CFR 4.9.

PURPOSE(S) OF THE SYSTEM:
    To make appropriate portions of the records in FTC matters 
available to the public; to enable members of the public to review and 
comment on or respond to such comments; to maintain records of 
Commission activities related to those matters.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Participants in Commission investigations, rulemaking, advisory, 
and law enforcement proceedings; parties requesting formal advisory 
opinions; and consumers who have received redress or who are entitled 
to redress pursuant to Commission or court orders. (Businesses, sole 
proprietorships, or corporations are not covered by this system.)

CATEGORIES OF RECORDS IN THE SYSTEM:
    Public comments and other records that an individual may submit in 
an agency matter, where such record is subject to routine inspection 
and copying under the FTC's Rules of Practice, 16 CFR 4.9(b). These 
records include records that either have become or are likely to become 
the subject of subsequent requests for substantially the same records 
under the Freedom of Information Act (FOIA). See 5 U.S.C. 552(a)(2)(D). 
This system (FTC I-6) is limited to files and records that are about an 
individual, and only when the file or record is pulled (``retrieved'') 
by the name of that individual or other identifying particular assigned 
to that individual (e.g., number, symbol, fingerprint, etc.). Public 
comments received in connection with FTC rulemakings, workshops and 
consent agreements are also collected on behalf of the FTC and 
maintained by the Government-wide Federal Docket Management System 
(FDMS) through a website (www.regulations.gov). The General Services 
Administration (GSA) manages and operates the FDMS on behalf of the 
Federal Government, and has published a system of records notice to 
cover the FDMS, including any records collected on behalf of the FTC 
through that system. See GSA/OGP-1 (e-Rulemaking Program Administrative 
System).

RECORD SOURCE CATEGORIES:
    Individual respondent(s) or proposed respondent(s), company 
records, complainants, informants, witnesses, participants, and FTC 
employees.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system may be:
    (1) Disclosed on the FTC's public record under the FTC's Rules of 
Practice, including by posting copies of such records on the FTC's 
website, www.ftc.gov, or made public by other electronic or non-
electronic means. See 16 CFR 4.9(b); or
    (2) Disclosed publicly through the FDMS or for any other routine 
use set forth in the system of records notice published for that system 
of records, GSA/OGP-1, or any successor system notice for that system.
    For other ways that the Privacy Act permits the FTC to use or 
disclose

[[Page 969]]

system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55541, 55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The FTC maintains these records in electronic and non-electronic 
formats. The FTC maintains electronic records in this system using a 
combination of different databases and applications, rather than 
maintaining them in a single electronic system.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Indexed by respondent's, participant's, or FTC staff member's name; 
company name; industry investigation title; and FTC matter number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and disposed of under applicable schedules and 
procedures approved by the National Archives and Records 
Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The FTC's websites are secured and monitored to protect against 
unauthorized deletion or alteration of records posted on such sites. 
Access to the official record copy of such records is restricted, where 
appropriate, to agency personnel or contractors whose responsibilities 
require access.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems at 73 FR 33592, 33634 
(June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems at 73 FR 33592, 33634 
(June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    73 FR 33591-33634 (June 12, 2008).
* * * * *

II. Commission Personnel Systems of Records

* * * * *

SYSTEM NAME AND NUMBER:
    Ethics Program Records--FTC (FTC-II-7).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Designated Agency Ethics Official, Office of General Counsel, 
Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 
20580, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Ethics in Government Act of 1978, 5 U.S.C. app.; Ethics Reform Act 
of 1989, Public Law 101-194; 5 CFR parts 735 & 2634, and other 
applicable ethics-related laws, rules, and Executive Orders.

PURPOSE(S) OF THE SYSTEM:
    To meet Federal requirements regarding the filing of employment and 
financial interest statements; and to assist senior Commission 
employees and members of the General Counsel's Office to review 
statements of employment and financial interests to ascertain whether a 
conflict of interest or apparent conflict of interest exists and, if 
so, to ensure that appropriate action is taken to remove the conflict; 
to ensure that travel reimbursements are accepted only from qualified 
non-Federal sources; to comply with other ethics program requirements 
under Federal law, policy and regulation.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Commission officials and employees required by FTC regulations to 
file statements of employment and financial interests, to enter into 
ethics agreements, or to obtain clearance or approval for travel 
reimbursements or outside employment. This system corresponds to the 
systems described and covered by the Government-wide system of record 
notices (SORNs) issued by the Office of Government Ethics (OGE) for 
agency ethics program records. See OGE/GOVT-1 (Executive Branch 
Personnel Public Financial disclosure Reports and Other Name-Retrieved 
Ethics Program Records); OGE/GOVT-2 (Executive Branch Confidential 
Financial Disclosure Reports). Visit OGE's website, www.oge.gov, for 
more information.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Statements of employment and financial interests (containing name, 
organization, statement of personal and family holdings and other 
interests in business enterprises and real property, listings of 
creditors and outside employment, opinions of counsel, and other 
information related to conflict of interest disclosures and 
determinations); ethics agreements; and other disclosure forms. This 
system also includes FTC employee requests for and documentation of 
ethics clearance or approval of travel reimbursements or outside 
employment, as well as other name-retrieved ethics records on FTC 
employees.

RECORD SOURCE CATEGORIES:
    The subject individual or a designated person, such as a trustee, 
attorney, accountant, banker, or relative; federal officials who review 
the statements to make conflict of interest determinations; and persons 
alleging conflict of interests or violations of other ethics laws and 
persons contacted during any investigation of the allegations.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system may be disclosed for any of the routine uses 
set forth in OGE/GOVT-1 and OGE/GOVT-2, as applicable. In addition, 
records in this system may be disclosed to a source when necessary to 
obtain information relevant to a conflict of interest investigation or 
determination.
    For other ways that the Privacy Act permits the FTC to use or 
disclose system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC

[[Page 970]]

Privacy Act Systems of Records), available on the FTC's website at 
https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 55541, 55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Electronic and paper records.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    By name of Commission official or employee.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    In accordance with GRS-2.8, the National Archives and Records 
Administration General Records Schedule for ethics program records, 
these records are generally retained for a period of six years after 
filing, or for such other period of time as is provided for in that 
schedule for certain specified types of ethics records. In cases where 
records are filed by, or with respect to, a nominee for an appointment 
requiring confirmation by the Senate when the nominee is not appointed 
and Presidential and Vice-Presidential candidates who are not elected, 
the records are generally destroyed one year after the date the 
individual ceased being under Senate consideration for appointment or 
is no longer a candidate for office. However, if any records are needed 
in an ongoing investigation, they will be retained until no longer 
needed in the investigation. Destruction is by shredding, use of burn 
bags, or electronic deletion.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access is restricted to agency personnel and contractors whose 
responsibilities require access. Paper records are maintained in 
lockable file cabinets and offices. Access to electronic records is 
controlled by ``user ID'' and password combination and other access and 
network controls (e.g., firewalls). FTC buildings are guarded and 
monitored by security personnel, cameras, ID checks, and other physical 
security measures.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https:/www.ftc.gov/about-
ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https:/www.ftc.gov/about-
ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    80 FR 9460-9465 (February 23, 2015).
    75 FR 52749-52751 (August 27, 2010).
    74 FR 17863-17866 (April 17, 2009).
    73 FR 33591-33634 (June 12, 2008).
* * * * *

SYSTEM NAME AND NUMBER:
    Claimants Under Federal Tort Claims Act and Military Personnel and 
Civilian Employees' Claims Act--FTC. (FTC-II-9).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Deputy General Counsel for Legal Counsel, Office of the General 
Counsel, Federal Trade Commission, 600 Pennsylvania Avenue NW, 
Washington, DC 20580, email: [email protected].
    Assistant Chief Financial Officer for Financial Systems, Internal 
Control and Policy, Financial Management Office, Federal Trade 
Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580, email: 
[email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Tort Claims Act, 28 U.S.C. 1346(b), 28 U.S.C. 2671-2680; 
Military Personnel and Civilian Employees' Claims Act, 31 U.S.C. 3721.

PURPOSE(S) OF THE SYSTEM:
    To consider claims made under the above-cited statutes; to 
investigate those claims; to determine appropriate responses to those 
claims; and to maintain records outlining all considerations and 
actions related to those claims.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who have claimed reimbursement from FTC under Federal 
Tort Claims Act and Military Personnel and Civilian Employees' Claims 
Act.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Personal information relating to incidents in which the FTC may be 
liable for property damage, loss, or personal injuries; reimbursement 
applications; internal memoranda; and witness statements.

RECORD SOURCE CATEGORIES:
    Individual about whom the record pertains (claimant); FTC employee 
involved in incident; other FTC employees or other persons having 
knowledge of the circumstances; official police report (if any); and 
insurance company representing claimant (if any).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system:
    (1) May be referred to Department of Justice, General Services 
Administration, or other federal agency when the matter comes within 
the jurisdiction of such agency; and
    (2) May be used in discussions and correspondence with insurance 
companies, with other persons or entities that may be liable, with 
potential witnesses or others having knowledge of the matter.
    For other ways that the Privacy Act permits the FTC to use or 
disclose system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55541, 55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic or paper format.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Indexed by individual's name.

[[Page 971]]

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained for 7 years after the matter has been 
resolved, and then destroyed, as provided in General Records Schedule 
1.1, item 80, issued by the National Archives and Records 
Administration, except any claims files that are affected by court 
order or subject to litigation proceedings, which are destroyed when 
the court order is lifted or the litigation is concluded, or when the 
files are 7 years, whichever is later.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access is restricted to agency personnel or contractors whose 
responsibilities require access. Paper records are maintained in 
lockable rooms or file cabinets. Access to electronic records is 
controlled by ``user ID'' and password combination and/or other 
appropriate access or network controls (e.g., firewalls). FTC buildings 
are guarded and monitored by security personnel, cameras, ID checks, 
and other physical security measures.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    84 FR 16493-16510 (April 19, 2019).
    80 FR 9460-9465 (February 23, 2015).
    74 FR 17863-17866 (April 17, 2009).
    73 FR 33591-33634 (June 12, 2008).
* * * * *

III. Federal Trade Commission Financial Systems of Records

SYSTEM NAME AND NUMBER:
    Employee Transportation Program Records--FTC (FTC-III-5).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Chief Administrative Services Officer, Office of the Chief 
Administrative Services Officer, Office of the Executive Director, 
Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 
20580, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 7905 note; Public Law 103-172; Executive Order 13150.

PURPOSE(S) OF THE SYSTEM:
    Transit subsidy records are collected and maintained to implement 
Federal law encouraging Federal employees to use public transportation 
for commuting to and from work. Such records are used to authorize 
subsidies for qualified FTC employees to help cover such commuting 
costs; to ensure the accurate and timely disbursement of subsidies to 
such employees; and to audit and otherwise detect or prevent fraud or 
abuse, if any, of such subsidies. Other employee transportation program 
records may be collected and maintained to administer those programs, 
including for building security purposes (e.g., drivers' license 
numbers maintained for individuals who have been issued garage parking 
permits).

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Past and present FTC employees who have applied for public 
transportation subsidies to commute for work, or who may apply to 
participate in other employee transportation-related programs (e.g., 
parking garage permits) that the DOT or FTC may administer from time to 
time, if any.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Data that the FTC may compile, generate, and maintain in connection 
with reviewing and approving transit subsidy applications filed by 
eligible FTC employees with the online system operated by Department of 
Transportation (DOT), which administers and distributes Federal transit 
subsidies.
    This FTC system notice applies to application data about FTC 
employees that the FTC may access from DOT's system, or that the FTC 
may itself generate, in reviewing and approving transit subsidies 
requested by its employees, or to audit and verify transit 
disbursements made to such employees, to the extent the FTC maintains 
and retrieves this data from its own system of records by employee name 
or other identifier assigned to such individuals. This system notice 
does not cover the transit application data compiled and maintained by 
DOT, which is covered by DOT's system notice. See DOT/ALL 8 (Employee 
Transportation Facilitation), or any successor system notice for that 
system, for the categories of records maintained in DOT's system.

RECORD SOURCE CATEGORIES:
    Past and current FTC employees who have applied to participate in 
the subsidy program; FTC offices; Department of Transportation.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system:
    (1) May be disclosed to the U.S. Department of Transportation (DOT) 
for purposes of processing and distributing subsidies to FTC employees 
and verifying employee compliance with program rules, and may be used 
and disclosed by DOT under the routine uses set forth in the applicable 
DOT system notice, DOT/ALL 8 (Employee Transportation Facilitation), or 
any successor system notice for that system; and
    (2) May be disclosed to other investigatory or law enforcement 
authorities, where necessary, to investigate, prosecute, discipline, or 
pursue other appropriate action against suspected program fraud or 
abuse, if any.
    For other ways that the Privacy Act permits the FTC to use or 
disclose system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55542-55543 (Nov. 6, 2018).

[[Page 972]]

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic or paper format.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are maintained and retrieved alphabetically by employee's 
last name.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Transportation subsidy program administrative records are retained 
for three years or longer if required for business use in accordance 
with GRS 2.4, Item 130. Transportation subsidy program individual case 
files are retained for two years or longer if required for business use 
in accordance with GRS 2.4, Item 131.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access is restricted to FTC personnel or contractors whose 
responsibilities require access. Records are maintained in passphrase 
protected computer systems or locked file cabinets, accessible only to 
the program manager or other FTC staff whose job duties require access. 
FTC buildings are guarded and monitored by security personnel, cameras, 
ID checks, and other physical security measures. Obsolete records are 
destroyed by disposal in burn bags, by shredding, or by similarly 
secure means.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    82 FR 50871-50882 (November 2, 2017).
    73 FR 33591-33634 (June 12, 2008).

VII. FTC Miscellaneous Systems of Records

* * * * *

SYSTEM NAME AND NUMBER:
    Computer Systems User Identification and Access Records--FTC (FTC-
VII-3).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580.
    For other locations where records may be maintained or accessed, 
see Appendix III (Locations of FTC Buildings and Regional Offices), 
available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 (Feb. 
23, 2015).

SYSTEM MANAGER(S):
    Core Engineering and ISSO Services Program Manager, Office of the 
Chief Information Officer, Federal Trade Commission, 600 Pennsylvania 
Avenue NW, Washington, DC 20580, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Trade Commission Act, 15 U.S.C. 41 et seq.; Federal 
Information Security Modernization Act of 2014, 44 U.S.C. 3551 et seq.

PURPOSE(S) OF THE SYSTEM:
    To monitor usage of computer systems; to support server and desktop 
hardware and software; to ensure the availability and reliability of 
the agency computer facilities; to help document and/or control access 
to various computer systems; to audit, log, and alert responsible FTC 
personnel when certain personally identifying information is accessed 
in specified systems; to prepare budget requests for automated 
services; to identify the need for and to conduct training programs, 
which can include the topics of information security, acceptable 
computer practices, and FTC information security policies and 
procedures; to monitor security on computer systems; to add and delete 
users; to investigate and make referrals for disciplinary or other 
action if improper or unauthorized use is suspected or detected.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Commission employees and others (e.g., contractors) with access to 
FTC computer systems, including various system platforms, applications, 
and databases (e.g., Outlook, Business Objects, Oracle, Redress, 
STAFFID, CIS, etc.), operated by the FTC or by a contractor for the 
FTC.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This Privacy Act system consists of the login and other user 
identification and access records that FTC computer systems routinely 
compile and maintain about users of those systems. These records 
include user data such as: User name; email address; employee or other 
user identification number; organization code; systems or services to 
which the individual has access; systems and services used; amount of 
time spent using each system; number of usage sessions; and user 
profile. These system records include log-in, passphrase, and other 
system usage files and directories when they contain data on specific 
users. Many FTC computer systems collect and maintain additional 
information, other than system use data, about individuals inside and 
outside the FTC. See a complete list of FTC Privacy Act systems on the 
FTC's website, https://www.ftc.gov/foia/listofpaysystems.shtm, to learn 
about other categories of information collected and maintained about 
individuals in the FTC's computer systems.

RECORD SOURCE CATEGORIES:
    Individual about whom record is maintained; internal and external 
information systems that record usage.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system may be disclosed to contractors in 
connection with developing, maintaining, operating or servicing FTC 
computerized systems.
    For other ways that the Privacy Act permits the FTC to use or 
disclose system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Electronic and paper records.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Indexed by individual's name; employee identification number; and

[[Page 973]]

organization code, or other searchable data fields or codes.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained according to GRS 3.2, item 030, and are 
destroyed when business use ceases.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access is restricted to agency personnel and contractors whose 
responsibilities require access. Paper records, if any, maintained in 
lockable rooms or file cabinets. Access to electronic records is 
controlled by ``user ID'' and passphrase combination and/or other 
appropriate electronic access or network controls (e.g., firewalls). 
FTC buildings are guarded and monitored by security personnel, cameras, 
ID checks, and other physical security measures.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How To Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    85 FR 16349-16361 (March 23, 2020).
    80 FR 9460-9465 (February 23, 2015).
    74 FR 17863-17866 (April 17, 2009).
    73 FR 33591-33634 (June 12, 2008).
* * * * *

SYSTEM NAME AND NUMBER:
    Document Management And Retrieval System--FTC (FTC-VII-6).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, 
DC 20580. For other locations where records may be maintained or 
accessed, see Appendix III (Locations of FTC Buildings and Regional 
Offices), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 80 FR 9460, 9465 
(Feb. 23, 2015).

SYSTEM MANAGER(S):
    Director, Records and Filings Office, Federal Trade Commission, 600 
Pennsylvania Avenue NW, Washington, DC 20580, email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Trade Commission Act, 15 U.S.C. 41 et seq.

PURPOSE(S) OF THE SYSTEM:
    To provide staff with the ability to search for and access copies 
of agency documents needed for legal and economic research activities 
of the Commission (e.g., internal memoranda, economic reports, other 
agency work product); to provide FTC staff processing Freedom of 
Information Act or other disclosure requests with the ability to search 
for and access copies of potentially responsive documents outlining the 
actions and considerations of the Commission, individual Commissioners, 
and the staff; to provide the ability, once the automated system is 
fully implemented, to electronically manage the writing, editing, 
storage, retrieval and disposal of such documents (e.g., memoranda, 
correspondence), and to provide for additional document management 
functions, if any.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who have written documents contained in Commission 
files, and other individuals whose names or other personally 
identifying data are used to search and retrieve documents from the 
system.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Name of author and documents written by that individual; names or 
other data about other individuals by which documents in the system are 
searched and retrieved; finding aids or document indexes. Records in 
this system may duplicate records included in other FTC systems of 
records. See, e.g., FTC-I-1 (Nonpublic Investigational and Other 
Nonpublic Legal Program Records--FTC), FTC-I-6 (Public Records--FTC).

RECORD SOURCE CATEGORIES:
    FTC employees and others who submit documents to the Commission.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records in this system may be disclosed to contractors in 
connection with document processing, storage, disposal and similar 
records management and retrieval activities.
    For other ways that the Privacy Act permits the FTC to use or 
disclose system records outside the agency, see Appendix I (Authorized 
Disclosures and Routine Uses Applicable to All FTC Privacy Act Systems 
of Records), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 83 FR 
55541, 55542-55543 (Nov. 6, 2018).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Older records are stored on electronic and non-electronic formats. 
The system also comprises one or more structured databases using 
commercial software applications to search, retrieve, and manage 
records stored electronically.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Indexed by author of the document, or other data fields or codes.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and destroyed in accordance with schedules and 
procedures issued or approved by the National Archives and Records 
Administration.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access is restricted to agency personnel and contractors whose 
responsibilities require access. Paper or other non-digital records are 
stored in lockable file cabinets or offices. Access to electronic 
records is controlled by ``user ID'' and password combination, and/or 
other appropriate electronic access or network controls (e.g., 
firewalls). FTC buildings are guarded and monitored by security 
personnel, cameras, ID checks, and other physical security measures.

RECORD ACCESS PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems and at 73 FR 33592, 
33634 (June 12, 2008).

[[Page 974]]

CONTESTING RECORD PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems at 73 FR 33592, 33634 
(June 12, 2008).

NOTIFICATION PROCEDURES:
    See Sec.  4.13 of the FTC's Rules of Practice, 16 CFR 4.13. For 
additional guidance, see also Appendix II (How to Make A Privacy Act 
Request), available on the FTC's website at https://www.ftc.gov/about-ftc/foia/foia-reading-rooms/privacy-act-systems at 73 FR 33592, 33634 
(June 12, 2008).

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Records contained in this system that have been placed on the FTC 
public record are available upon request or, where applicable, made 
available online. See FTC-I-6 (Public Records--FTC). However, pursuant 
to 5 U.S.C. 552a(k)(2), records in this system, which reflect records 
that are contained in other systems of records that are designated as 
exempt, are exempt from the requirements of subsections (c)(3), (d), 
(e)(1), (e)(4)(G), (H), (I), and (f) of 5 U.S.C. 552a. See Sec.  
4.13(m) of the FTC Rules of Practice, 16 CFR 4.13(m).

HISTORY:
    73 FR 33591-33634 (June 12, 2008).
* * * * *

Josephine Liu,
Assistant General Counsel for Legal Counsel.
[FR Doc. 2022-00075 Filed 1-6-22; 8:45 am]
BILLING CODE 6750-01-P