Privacy Act of 1974; System of Records, 4957-4961 [2022-01063]

Download as PDF Federal Register / Vol. 87, No. 20 / Monday, January 31, 2022 / Notices NATIONAL SCIENCE FOUNDATION Notice of Meeting for the Proposal Review Panel for Materials Research; Correction ACTION: Notice; correction. The National Science Foundation (NSF) published a document in the Federal Register of January 21, 2022, concerning a Partopen, 1-day, virtual site visit meeting for the Proposal Review Panel for Materials Research. The virtual site visit date will be corrected from April 27, 2022 to May 27, 2022. FOR FURTHER INFORMATION CONTACT: Please contact Crystal Robinson crrobins@nsf.gov or 703–292–8687. SUPPLEMENTARY INFORMATION: SUMMARY: Correction In the Federal Register published January 21, 2022, in FR Doc. 2022– 01100 (Filed 1–20–22; 8:45 a.m.), on page 3369, first column, Date and Time Section, please change the meeting date to May 27, 2022. Dated: January 26, 2022. Crystal Robinson, Committee Management Officer, National Science Foundation. [FR Doc. 2022–01910 Filed 1–28–22; 8:45 am] BILLING CODE 7555–01–P NATIONAL SCIENCE FOUNDATION Notice of Intent to Seek Approval To Renew an Information Collection National Science Foundation. Notice and request for comments. AGENCY: ACTION: The National Science Foundation (NSF) is announcing plans to request OMB’s approval to renew this collection. In accordance with the requirements of the Paperwork Reduction Act of 1995, we are providing an opportunity for public comment on this action. After obtaining and considering public comment, NSF will prepare a submission requesting OMB clearance for this collection for no longer than three years. DATES: Interested persons are invited to send comments regarding the burden or any other aspect of this collection of information by April 1, 2022. FOR FURTHER INFORMATION CONTACT: Suzanne H. Plimpton, Reports Clearance Officer, National Science Foundation, 2415 Eisenhower Ave., Rm. W 18253, Alexandria, VA 22314; telephone: (703) 292–7556; email: splimpto@nsf.gov. Individuals who use a khammond on DSKJM1Z7X2PROD with NOTICES SUMMARY: VerDate Sep<11>2014 17:38 Jan 28, 2022 Jkt 256001 telecommunications device for the deaf (TDD) may call the Federal Information Relay Service (FIRS) at 1–800–877– 8339, which is accessible 24 hours a day, 7 days a week, 365 days a year (including federal holidays). SUPPLEMENTARY INFORMATION: Comments: Written comments are invited on (a) whether the proposed collection of information is necessary for the proper performance of the functions of the Agency, including whether the information shall have practical utility; (b) the accuracy of the Agency’s estimate of the burden of the proposed collection of information; (c) ways to enhance the quality, utility, and clarity of the information on respondents, including through the use of automated collection techniques or other forms of information technology; or (d) ways to minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology. Title of Collection: Grantee Reporting Requirements for the Research Experiences for Undergraduates (REU) Program. OMB Approval Number: 3145–0224. Expiration Date: July 31, 2022. Overview of information collection: NSF’s Research Experiences for Undergraduates (REU) program funds REU Site grants and REU Supplements to organizations to provide authentic research experiences and related training for postsecondary students in STEM fields. All NSF Principal Investigators in all programs are required to submit annual and final project reports through the NSF Project Reports System in Research.gov. The REU Program Module is a component of the NSF Project Reports System that is designed to gather basic information about the pool of student applicants and participants in REU Site and REU Supplement projects. The information allows NSF to assess the demand and allocate resources for REU student positions within each discipline, to analyze the types of academic institutions and the educational levels represented by the participants, and to identify the participants for inclusion in periodic program evaluations. NSF is committed to providing stakeholders with information regarding the expenditure of taxpayer funds on its investments in human capital, including activities such as REU Sites and REU Supplements. If NSF could not collect information about the students who PO 00000 Frm 00126 Fmt 4703 Sfmt 4703 4957 participate in undergraduate research experiences, NSF would have no other means to consistently document the number and diversity of the participants or to identify the participants for inclusion in efforts that gauge the quality of programmatic activities and the long-term effects of the activities on the students. Without the REU Program Module, NSF also would not have information about the competitiveness of the REU opportunities, which informs the management of the program’s budget. Consultation With Other Agencies and the Public This information collection is specific to a subset of NSF grantees. NSF has not consulted with other agencies but has gathered information from its grantee community through attendance at PI conferences. A request for public comments will be solicited through announcement of data collection in the Federal Register. Background All NSF Principal Investigators are required to use the project reporting functionality in Research.gov to report on progress, accomplishments, participants, and activities annually and at the conclusion of their project. Information from annual and final reports provides yearly updates on project inputs, activities, and outcomes for use by NSF program officers in monitoring projects and for agency reporting purposes. If project participants include undergraduate students supported by a Research Experiences for Undergraduates (REU) Sites grant or by an REU Supplement, then the Principal Investigator is required to complete the REU Program Module in addition to the questions in NSF’s standard report template. Respondents: Individuals (Principal Investigators). Number of Principal Investigator Respondents: 3,900 annually. Burden on the Public: 650 total hours. Dated: January 25, 2022. Suzanne H. Plimpton, Reports Clearance Officer, National Science Foundation. [FR Doc. 2022–01863 Filed 1–28–22; 8:45 am] BILLING CODE 7555–01–P POSTAL SERVICE Privacy Act of 1974; System of Records AGENCY: E:\FR\FM\31JAN1.SGM Postal ServiceTM. 31JAN1 4958 ACTION: Federal Register / Vol. 87, No. 20 / Monday, January 31, 2022 / Notices Notice of a modified system of records. The United States Postal ServiceTM (USPSTM) is proposing to modify a General Privacy Act System of Records to support the implementation of a suite of cloud-based workplace productivity software. DATES: These revisions will become effective without further notice on March 2, 2022, unless comments received on or before that date result in a contrary determination. ADDRESSES: Comments may be submitted via email to the Privacy and Records Management Office, United States Postal Service Headquarters (privacy@usps.gov). Arrangements to view copies of any written comments received, to facilitate public inspection, will be made upon request. FOR FURTHER INFORMATION CONTACT: Janine Castorina, Chief Privacy and Records Management Officer, Privacy and Records Management Office, 202– 268–3069 or privacy@usps.gov. SUPPLEMENTARY INFORMATION: This notice is in accordance with the Privacy Act requirement that agencies publish their systems of records in the Federal Register when there is a revision, change, or addition, or when the agency establishes a new system of records. SUMMARY: I. Background The Postal Service is constantly seeking methods to improve employee productivity and efficiency. To that end, the Postal Service will implement a suite of cloud-based workplace productivity applications. These applications will expand employee access to various programs, allowing more employees to utilize resources to increase productivity and team collaboration. khammond on DSKJM1Z7X2PROD with NOTICES The Postal Service is proposing to modify USPS System of Records (SOR) 550.100 Commercial Information Technology Resources- Applications to support the implementation of a suite of cloud-based workplace productivity software. This system will be modified in conjunction with USPS 550.000 Commercial Information Technology Resources- Infrastructure and USPS 550.200 Commercial Information Technology Resources- Administrative to reflect the full scope of application implementation. Revisions to these SORs will be submitted independent of this notice. More information on accompanying changes can be found within those SORs. 17:38 Jan 28, 2022 Jkt 256001 III. Description of the Modified System of Records Pursuant to 5 U.S.C. 552a (e)(11), interested persons are invited to submit written data, views, or arguments on this proposal. A report of the proposed revisions has been sent to Congress and to the Office of Management and Budget for their evaluations. The Postal Service does not expect this amended system of records to have any adverse effect on individual privacy rights. The notice for USPS 550.100 Commercial Information Technology Resources- Applications, provided below in its entirety, is as follows: SYSTEM NAME AND NUMBER: 550.100 Commercial Information Technology Resources- Applications SECURITY CLASSIFICATION: None. SYSTEM LOCATION: All USPS facilities and contractor sites. II. Rationale for Changes to USPS Privacy Act Systems of Records VerDate Sep<11>2014 This system specifically reflects data elements created through normal use and interactions in a software application. Revisions to the existing SOR to support this implementation are documented as additions to existing categories of records Collaboration application records beginning with ‘‘Total Number Of Video Conferences,’’ Communication Application Records beginning with ‘‘Chat User Action,’’ and Limited Use Application records beginning with ‘‘Users Allowed To Access Application ‘‘, as well as the creation of three new categories of records: Cloud-based storage records, Email Application records, and Web Browser Records. Accompanying the addition of these new categories of records are policies and practices for the retrieval of these records and policies and practices for retention and disposal of these records. SYSTEM MANAGER(S): For records of computer access authorizations: Chief Information Officer and Executive Vice President, United States Postal Service, 475 L’Enfant Plaza SW, Washington, DC 20260. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 39 U.S.C. 401, 403, and 404. PURPOSE(S) OF THE SYSTEM: 1. To provide event registration services to USPS customers, contractors, and other third parties. 2. To allow task allocation and tracking among team members. 3. To allow users to communicate by telephone, instant-messaging, and email PO 00000 Frm 00127 Fmt 4703 Sfmt 4703 through local machine and web-based applications on desktop and mobile operating systems. 4. To share your personal image via your device camera during meetings and web conferences, if you voluntarily choose to turn the camera on, enabling virtual face-to-face conversations. 5. To provide for the creation and storage of media files, including video recordings, audio recordings, desktop recording, and web-based meeting recordings. 6. To provide a collaborative platform for viewing video and audio recordings. 7. To create limited use applications using standard database formats. 8. To review distance driven by approved individuals for accurate logging and compensation. 9. To develop, maintain, and share computer code. 10. To comply with Security Executive Agent Directive (SEAD) 3 requirements for self-reporting of unofficial foreign travel pertaining to covered individuals who have access to classified information or who hold a sensitive position. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: 1. Individuals with authorized access to USPS computers, information resources, and facilities, including employees, contractors, business partners, suppliers, and third parties. 2. Individuals participating in webbased meetings, web-based video conferencing, web-based communication applications, and webbased collaboration applications. CATEGORIES OF RECORDS IN THE SYSTEM: 1. Third-party Information records: Records relating to non-Postal, thirdparty individuals utilizing an information system, application, or piece of software, including: Third-Party Name, Third Party Date Request, Third Party Free Text, Guest User Information. 2. Collaboration application records: Records relating to web-conferencing and web-collaboration applications, including; Collaborative Group Names, Collaborative Group IDs, Action Name, Number Of Actions Sent, Number Of Action Responses, Employee Phone Number, Collaborative Group Chat History, Profile Information, Collaborative Group Membership, Contacts, Project Owner, Project Creator, Event Start Time, Event Status, Event Organizer, Event Presenter, Event Producer, Event Production Type, Event Recording Setting, Total Number Of Event Media Viewings, Number Of Active Users, Number Of Active Users In Collaborative Groups, Number Of E:\FR\FM\31JAN1.SGM 31JAN1 khammond on DSKJM1Z7X2PROD with NOTICES Federal Register / Vol. 87, No. 20 / Monday, January 31, 2022 / Notices Active Collaborative Group Communication Channels, Number Of Messages Sent, Number Of Calls Participated In, Last Activity Date Of A User, Number Of Guest Users In A Collaborative Group, Event Name, Event Description, Event Start Date, Event End Date, Video Platform Group Name, Video Platform Group Email Alias, Video Platform Group Description, Video Platform Group Classification, Video Platform Group Access Level, Video Platform Channel Name, Video Platform Channel Description, Video Platform Channel Access, Video Platform Live Event Recording, Total Number Of Video Conferences, Add Room Member To Collaborative Group, Attachment Downloaded From Collaborative Group, Attachment Uploaded From Collaborative Group, Direct Message Started From Collaborative Group, Invite Sent From Collaborative Group, Message Edited From Collaborative Group, Message Posted In Collaborative Group, Remove Room Member From Collaborative Group, Room Created In Collaborative Group, Add Service Account Permission To Enterprise Collaborative Group, Remove Service Account Permission To Enterprise Collaborative Group, Added User To Enterprise Collaborative Group, Added User Role To Enterprise Collaborative Group, Removed User From Enterprise Collaborative Group, Request To Join Enterprise Collaborative Group, Approve Join Request From Enterprise Collaborative Group, Reject Join Request From Enterprise Collaborative Group, Invite User To Enterprise Collaborative Group, Accept Invitation For Enterprise Collaborative Group, Reject Invitation For Enterprise Collaborative Group, Revoke Invitation For Enterprise Collaborative Group, Join Enterprise Collaborative Group, Ban User Including With Moderation In Enterprise Collaborative Group, Unban User From Enterprise Collaborative Group, Add All Users In Domain For Enterprise Collaborative Group, Create Group In Enterprise Collaborative Group, Delete Group In Enterprise Collaborative Group, Create Namespace In Enterprise Collaborative Group, Delete Namespace In Enterprise Collaborative Group, Change Info Setting In Enterprise Collaborative Group, Add Info Setting In Enterprise Collaborative Group, Remove Info Setting In Enterprise Collaborative Group, Add Member Role In Enterprise Collaborative Group, Remove User Role In Enterprise Collaborative Group, Membership Expiration Added In Enterprise Collaborative Group, Membership Expiration Removed In VerDate Sep<11>2014 17:38 Jan 28, 2022 Jkt 256001 Enterprise Collaborative Group, Membership Expiration Updated In Enterprise Collaborative Group, ACL Permission Changed In Collaborative Group, Collaborative Group Invitation Accepted, Join Request Approved, User Joined Collaborative Group, User Requested To Join Collaborative Group, Collaborative Group Basic Setting Changed, Collaborative Group Created, Collaborative Group Deleted, Collaborative Group Identity Setting Changed, Collaborative Group Info Setting Added, Collaborative Group Info Setting Changed, Collaborative Group Info Setting Removed, Collaborative Group New Member Restriction Changed, Collaborative Group Post Reply Settings Changed, Collaborative Group Spam Moderation Settings Changed, Collaborative Group Topic Setting Changed, Collaborative Group Message Moderated, User Posts Will Always Be Posted, User Added To Collaborative Group, User Banned From Collaborative Group, User Invitation Revoked From A Collaborative Group, User Invited To Collaborative Group, User Join Request Rejected From A Collaborative Group, User Reinvited To Collaborative Group, User Removed From Collaborative Group, Call Event Abuse Report Submitted, Call Event Endpoint Left, Call Event Livestream Watched, Individual Form Response, Form Respondent Email Address, Whiteboard Software Updated, Whiteboard Reboot Requested, Whiteboard Export Requested, Attachment Deleted, Attachment Uploaded, Note Content Edited, Note Created, Note Deleted, Note Permissions Edited. 3. Communication Application Records: Enterprise Social Network User Name, Enterprise Social Network User State, Enterprise Social Network User State Change Date, Enterprise Social Network User Last Activity Date, Number Of Messages Posted By An Enterprise Social Network User In Specified Time Period, Number Of Messages Viewed By An Enterprise Social Network User, Number Of Liked Messages By An Enterprise Social Network User, Products Assigned To A Enterprise Social Network User, Home Network Information, External Network Information, External Network Name, External Network Description, External Network Image, Network Creation Date, Network Usage Policy, External Network User Name, External Network User Email Address, External Group Name, Number Of Users On A Network, Network ID, Live Event Video Links, Files Added Or Modified In Enterprise Social Network, Message ID, Thread ID, PO 00000 Frm 00128 Fmt 4703 Sfmt 4703 4959 Message Privacy Status, Full Body Of Message, Chat User Action, Chat Room Member Added, Chat Attachment Downloaded, Chat Attachment Uploaded, Chat Room Blocked, Chat User Blocked, Chat Direct Message Started, Chat Invitation Accepted, Chat Invitation Declined, Chat Invitation Sent, Chat Message Edited, Chat Message Posted, Chat Room Member Removed, Chat Room Created. 4. Multimedia records: Records relating to media associated with or originating from an information system, including; Video Platform User ID, Video Name, Videos Uploaded By User, Videos Accessed By User, Channels Created By User, User Group Membership, Comments Left By User On Videos, Screen Recordings, Video Transcript, Deep Search Captions, Video Metadata, Audio Metadata, Phone Number, Time Phone Call Started, User Name, Call Type, Phone Number Called To, Phone Number Called From, Called To Location, Called From Location, Telephone Minutes Used, Telephone Minutes Available, Charges For Use Of Telephone Services, Currency Of Charged Telephone Services, Call Duration, Call ID, Conference ID, Phone Number Type, Blocked Phone Numbers, Blocking Action, Reason For Blocking Action, Blocked Phone Number Display Name, Date And Time Of Blocking, Call Start Time, User Display Name, SIP Address, Caller Number, Called To Number, Call Type, Call Invite Time, Call Failure Time, Call End Time, Call Duration, Number Type, Media Bypass, SBC FQDN, Data Center Media Path, Data Center Signaling Path, Event Type, Final SIP, Final Vendor Subcode, Final SIP Phrase, Unique Customer Support ID. 5. Limited Use Application records: Records relating to applications with a specific, limited use, including; Application Authoring Application Name, Application Authoring Application Author, Voice Search Text Strings, Miles Driven, Mileage Rates, Country Currency, Destination, Destination Classification, Car Make, Car Model, Working Hours, Total Number Of Monthly Drives, Total Number Of Monthly Miles, Total Number Of Personal Drives, Total Number Of Personal Drives, Users Allowed To Access Application, Application Authoring Application Security Settings, Total Number Of Cloud-Based Searches Performed, Total Number Of Cloud-Based Search Queries From Web Browsers, Total Number Of Cloud-Based Search Queries From Android Operating Systems, Total Number Of Cloud-Based Search Queries From iOS Operating Systems, Data E:\FR\FM\31JAN1.SGM 31JAN1 khammond on DSKJM1Z7X2PROD with NOTICES 4960 Federal Register / Vol. 87, No. 20 / Monday, January 31, 2022 / Notices Visualization Report Email Delivery Added, Data Visualization Asset Created, Data Visualization Data Exported, Data Visualization Asset Deleted, Data Visualization Report Downloaded, Data Visualization Asset Edited, Data Visualization Asset Restored, Data Visualization Report Email Delivery Stopped, Data Visualization Asset Trashed, Data Visualization Report Email Delivery Updated, Data Visualization Asset Viewed, Data Visualization Link Sharing Access Type Changed, Data Visualization Link Sharing Visibility Changed, Data Visualization User Sharing Permissions Changed. 6. Development Records: Records relating to applications used for the creation, sharing, or modification of software code, including: Data Repository User ID, Data Repository Password, Data Repository User Address, Data Repository Payment Information, Data Repository User First Name, Data Repository User Last Name, Data Repository Profile Picture, Data Repository Profile Biography, Data Repository Profile Location, Data Repository User Company, Data Repository User Preferences, Data Repository User Preference Analytics, Data Repository Transaction Date, Data Repository Transaction Time, Data Repository Transaction Amount Charged, Data Repository Webpages Viewed, Data Repository Referring Website, Data Repository Date Of Webpage Request, Data Repository Time Of Webpage Request, Data Repository User Commits, Data Repository User Commit Comment Body Text, Data Repository Pull Request Comment Body Text, Data Repository Issue Comment Body Text, Data Repository User Comment Body Text, Data Repository User Authentication, Language Of Device Accessing Data Repository, Operating System Of Device Accessing Data Repository, Application Version Of Device Accessing Data Repository, Device Type Of Device Accessing Data Repository, Device ID Of Device Accessing Data Repository, Device Model Of Device Accessing Data Repository, Device Manufacturer Of Device Accessing Data Repository, Browser Version Of Device Accessing Data Repository, Client Application Information Of Device Accessing Data Repository, Data Repository User Usage Information, Data Repository Transactional Information, Data Repository API Notification Status, Data Repository API Issue Status, Data Repository API Pull Status, Data Repository API Commit Status, Data Repository API Review Status, Data VerDate Sep<11>2014 17:38 Jan 28, 2022 Jkt 256001 Repository API Label, Data Repository API User Account Signin Status, Data Repository API Schedule Status, Data Repository API Schedule List. 7. Unofficial Foreign Travel Monitoring: Records relating to covered individuals for the administration of the SEAD 3 program, including: Title, Name Of Traveler, Information Type: PreTravel And Post-Travel, Start Date Of Travel, End Date Of Travel, Carrier Of Transportation, Countries You Are Visiting, Passport Number, Passport Expiration Date, Names And Association Of Foreign National Travel Companions, Planned Foreign Contacts, Emergency Contact Name, Emergency Contact Phone Number, Emergency Contact Relationship, Post-Travel Questions Relating To Activity, Events, And Interactions. 8. Cloud-based storage records: Records relating to activity within cloud-based storage systems, including: Number Of Files Made Publicly Available, Number Of Files Made Available With A Link, Number Of Files Shared With Domain Users, Number Of Files Shared With Domain Users Through Link, Number Of Files Shared With Users Outside Domain, Number Of Files Shared With User Or Group In Domain, Number Of Files Not Shared At All, Number Of Spreadsheet Documents Added, Number Of Text Documents Added, Number Of Presentation Documents, Number Of Form Documents Added, Number Of Other Files Added, Number Of Files Edited, Number Of Files Viewed, Number Of Files Added, Total Cloud Storage Space Used, Last Time Storage Accessed By User, Item Added To Folder, Item Approval Cancelled, Comment Added On Approval Of Item, Due Date Time Change Requested, Item Approval Requested, Reviewer Change Requested For Item Approval, Item Approval Reviewed, Document Copy Created, Document Created, Document Deleted, Document Downloaded, Document Shared As Email Attachment, Document Edited, Label Applied, Label Value Changed, Label Removed, Item Locked, Item Moved, Item Previewed, Item Printed, Item Removed From Folder, Item Renamed, Item Restored, Item Trashed, Item Unlocked, Item Uploaded, Item Viewed, Security Update Applied To File, Security Update Applied To All Files In Folder, Publish Status Changed, Editor Settings Changed, Link Sharing Access Type Changed, Link Sharing Access Changed From Parent Folder, Link Sharing Visibility Changed, Link Sharing Visibility Changed From Parent Folder, Security Update Removed From File, Membership Role Changed, Shared PO 00000 Frm 00129 Fmt 4703 Sfmt 4703 Storage Settings Changed, Spreadsheet Range Enabled, User Sharing Permissions Changed, User Sharing Permissions Changed From Parent Folder, User Storage Updated, File Viewed, File Renamed, File Created, File Edited, File Previewed, File Printed, File Updated, File Deleted, File Uploaded, File Downloaded, File Shared. 9. Email Application records: Records relating to regular use of email applications, including: Email Body Text, Email Metadata, Total Number Of Emails Sent, Total Number Of Emails Received, Total Number Of Emails Sent And Received, Last Time User Accessed Email Client Through A Post Office Protocol (POP) Mail Server, Last Time User Accessed Email Client Through An Internet Message Access Protocol (IMAP) Mail Server, Last Time User Accessed Through Web-Based Server, Total Email Client Storage Space Used, Calendar Access Level(S) Changed, Calendar Country Changed, Calendar Created, Calendar Deleted, Calendar Description Changed, Calendar Location Changed, Calendar Timezone Changed, Calendar Title Changed, Calendar Notification Triggered, Calendar Subscription Added, Calendar Subscription Deleted, Calendar Event Created, Calendar Event Deleted, Calendar Event Guest Added, Calendar Event Guest Auto-Response, Calendar Event Guest Removed, Calendar Event Guest Response Changed, Calendar Event Modified, Calendar Event Removed From Trash, Calendar Event Restored, Calendar Event Start Time Changed, Calendar Event Title Modified, Successful Availability Lookup Of A Calendar Between Email Clients, Successful Availability Lookup Of Email Client Resource, Successful Email Client Resource List Lookup, Unsuccessful Availability Lookup Of A Calendar On Email Client, Unsuccessful Availability Lookup Of Email Client Resource, Unsuccessful Email Client Resource List Lookup. 10. Web Browser Records: Records relating to activity within a web browser, including: Web Browser Password Changed, Web Browser Password Reused, Malware Detected in Transferred Content for User, Sensitive Data Detected In Transferred Content, Unsafe Website Visit Detected For User. RECORD SOURCE CATEGORIES: Employees; contractors; customers. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: Standard routine uses 1. through 9. apply. In addition: E:\FR\FM\31JAN1.SGM 31JAN1 Federal Register / Vol. 87, No. 20 / Monday, January 31, 2022 / Notices (a) To appropriate agencies, entities, and persons when (1) the Postal Service suspects or has confirmed that there has been a breach of the system of records; (2) the Postal Service has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Postal Service (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Postal Service’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm. POLICIES AND PRACTICES FOR STORAGE OF RECORDS: Automated database, computer storage media, and paper. POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: 1. Records relating to third-parties are retrievable by name and email address. 2. Records relating to collaboration are retrievable by name, email address, and user ID. 3. Records relating to communication are retrievable by name, email address, and user ID. 4. Records pertaining to multimedia are retrievable by user name and media title. 5. Records relating to application development are retrievable by user ID and application name. 6. Records relating to limited use applications are retrievable by name, email address, and user ID. 7. Records relating to Unofficial Foreign Travel Monitoring for covered individuals are retrievable by name. 8. Records relating to Cloud-based storage are retrievable by name, email address, and user ID. 9. Records relating to Email Applications are retrievable by name, email address, and user ID. 10. Records relating to Web Browsers are retrievable by name, email address, and user ID. khammond on DSKJM1Z7X2PROD with NOTICES POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: 1. Records relating to third-parties are retained for twenty-four months. 2. Records relating to collaboration are retained for twenty-four months. 3. Records relating to communication are retained for twenty-four months. 4. Multimedia recordings are retained for twenty-four months. 5. Records relating to application development are retained for twentyfour months. VerDate Sep<11>2014 19:28 Jan 28, 2022 Jkt 256001 6. Records relating to limited use applications are retained for twenty-four months. 7. Records relating to Unofficial Foreign Travel Monitoring for covered individuals are retained for twenty-five years. 8. Records relating to Cloud-based storage are retained for twenty-four months. 9. Records relating to Email Applications are retained for twentyfour months. 10. Records relating to Web Browsers are retained for twenty-four months. ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: Paper records, computers, and computer storage media are located in controlled-access areas under supervision of program personnel. Computer access is limited to authorized personnel with a current security clearance, and physical access is limited to authorized personnel who must be identified with a badge. Access to records is limited to individuals whose official duties require such access. Contractors and licensees are subject to contract controls and unannounced on-site audits and inspections. Computers are protected by encryption, mechanical locks, card key systems, or other physical access control methods. The use of computer systems is regulated with installed security software, computer logon identifications, and operating system controls including access controls, terminal and transaction logging, and file management software. RECORD ACCESS PROCEDURES: Requests for access must be made in accordance with the Notification Procedure above and USPS Privacy Act regulations regarding access to records and verification of identity under 39 CFR 266.5. CONTESTING RECORD PROCEDURES: See Notification Procedure and Record Access Procedures above. NOTIFICATION PROCEDURES: Customers wanting to know if other information about them is maintained in this system of records must address inquiries in writing to the Chief Information Officer and Executive Vice President and include their name and address. EXEMPTIONS PROMULGATED FOR THE SYSTEM: None. PO 00000 Frm 00130 Fmt 4703 Sfmt 4703 4961 HISTORY: * May 11, 2021; 86 FR 25899. * * * * Joshua J. Hofer, Attorney, Ethics and Legal Compliance. [FR Doc. 2022–01063 Filed 1–28–22; 8:45 am] BILLING CODE 7710–12–P POSTAL SERVICE Privacy Act of 1974; System of Records Postal ServiceTM. ACTION: Notice of a modified system of records. AGENCY: The United States Postal ServiceTM (USPSTM) is proposing to modify a General Privacy Act System of Records to support the implementation of a suite of cloud-based workplace productivity software. DATES: These revisions will become effective without further notice on March 2, 2022, unless comments received on or before that date result in a contrary determination. ADDRESSES: Comments may be submitted via email to the Privacy and Records Management Office, United States Postal Service Headquarters (privacy@usps.gov). Arrangements to view copies of any written comments received, to facilitate public inspection, will be made upon request. FOR FURTHER INFORMATION CONTACT: Janine Castorina, Chief Privacy and Records Management Officer, Privacy and Records Management Office, 202– 268–3069 or privacy@usps.gov. SUPPLEMENTARY INFORMATION: This notice is in accordance with the Privacy Act requirement that agencies publish their systems of records in the Federal Register when there is a revision, change, or addition, or when the agency establishes a new system of records. SUMMARY: I. Background The Postal Service is constantly seeking methods to improve employee productivity and efficiency. To that end, the Postal Service will implement a suite of cloud-based workplace productivity applications. These applications will expand employee access to various programs, allowing more employees to utilize resources to increase productivity and team collaboration. II. Rationale for Changes to USPS Privacy Act Systems of Records The Postal Service is proposing to modify USPS System of Records (SOR) 550.000 Commercial Information E:\FR\FM\31JAN1.SGM 31JAN1

Agencies

[Federal Register Volume 87, Number 20 (Monday, January 31, 2022)]
[Notices]
[Pages 4957-4961]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-01063]


=======================================================================
-----------------------------------------------------------------------

POSTAL SERVICE


Privacy Act of 1974; System of Records

AGENCY: Postal Service\TM\.

[[Page 4958]]


ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The United States Postal Service\TM\ (USPS\TM\) is proposing 
to modify a General Privacy Act System of Records to support the 
implementation of a suite of cloud-based workplace productivity 
software.

DATES: These revisions will become effective without further notice on 
March 2, 2022, unless comments received on or before that date result 
in a contrary determination.

ADDRESSES: Comments may be submitted via email to the Privacy and 
Records Management Office, United States Postal Service Headquarters 
([email protected]). Arrangements to view copies of any written comments 
received, to facilitate public inspection, will be made upon request.

FOR FURTHER INFORMATION CONTACT: Janine Castorina, Chief Privacy and 
Records Management Officer, Privacy and Records Management Office, 202-
268-3069 or [email protected].

SUPPLEMENTARY INFORMATION: This notice is in accordance with the 
Privacy Act requirement that agencies publish their systems of records 
in the Federal Register when there is a revision, change, or addition, 
or when the agency establishes a new system of records.

I. Background

    The Postal Service is constantly seeking methods to improve 
employee productivity and efficiency. To that end, the Postal Service 
will implement a suite of cloud-based workplace productivity 
applications. These applications will expand employee access to various 
programs, allowing more employees to utilize resources to increase 
productivity and team collaboration.

II. Rationale for Changes to USPS Privacy Act Systems of Records

    The Postal Service is proposing to modify USPS System of Records 
(SOR) 550.100 Commercial Information Technology Resources- Applications 
to support the implementation of a suite of cloud-based workplace 
productivity software. This system will be modified in conjunction with 
USPS 550.000 Commercial Information Technology Resources- 
Infrastructure and USPS 550.200 Commercial Information Technology 
Resources- Administrative to reflect the full scope of application 
implementation. Revisions to these SORs will be submitted independent 
of this notice. More information on accompanying changes can be found 
within those SORs.
    This system specifically reflects data elements created through 
normal use and interactions in a software application. Revisions to the 
existing SOR to support this implementation are documented as additions 
to existing categories of records Collaboration application records 
beginning with ``Total Number Of Video Conferences,'' Communication 
Application Records beginning with ``Chat User Action,'' and Limited 
Use Application records beginning with ``Users Allowed To Access 
Application ``, as well as the creation of three new categories of 
records: Cloud-based storage records, Email Application records, and 
Web Browser Records. Accompanying the addition of these new categories 
of records are policies and practices for the retrieval of these 
records and policies and practices for retention and disposal of these 
records.

III. Description of the Modified System of Records

    Pursuant to 5 U.S.C. 552a (e)(11), interested persons are invited 
to submit written data, views, or arguments on this proposal. A report 
of the proposed revisions has been sent to Congress and to the Office 
of Management and Budget for their evaluations. The Postal Service does 
not expect this amended system of records to have any adverse effect on 
individual privacy rights. The notice for USPS 550.100 Commercial 
Information Technology Resources- Applications, provided below in its 
entirety, is as follows:

SYSTEM NAME AND NUMBER:
    550.100 Commercial Information Technology Resources- Applications

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    All USPS facilities and contractor sites.

SYSTEM MANAGER(S):
    For records of computer access authorizations: Chief Information 
Officer and Executive Vice President, United States Postal Service, 475 
L'Enfant Plaza SW, Washington, DC 20260.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    39 U.S.C. 401, 403, and 404.

PURPOSE(S) OF THE SYSTEM:
    1. To provide event registration services to USPS customers, 
contractors, and other third parties.
    2. To allow task allocation and tracking among team members.
    3. To allow users to communicate by telephone, instant-messaging, 
and email through local machine and web-based applications on desktop 
and mobile operating systems.
    4. To share your personal image via your device camera during 
meetings and web conferences, if you voluntarily choose to turn the 
camera on, enabling virtual face-to-face conversations.
    5. To provide for the creation and storage of media files, 
including video recordings, audio recordings, desktop recording, and 
web-based meeting recordings.
    6. To provide a collaborative platform for viewing video and audio 
recordings.
    7. To create limited use applications using standard database 
formats.
    8. To review distance driven by approved individuals for accurate 
logging and compensation.
    9. To develop, maintain, and share computer code.
    10. To comply with Security Executive Agent Directive (SEAD) 3 
requirements for self-reporting of unofficial foreign travel pertaining 
to covered individuals who have access to classified information or who 
hold a sensitive position.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    1. Individuals with authorized access to USPS computers, 
information resources, and facilities, including employees, 
contractors, business partners, suppliers, and third parties.
    2. Individuals participating in web-based meetings, web-based video 
conferencing, web-based communication applications, and web-based 
collaboration applications.

CATEGORIES OF RECORDS IN THE SYSTEM:
    1. Third-party Information records: Records relating to non-Postal, 
third-party individuals utilizing an information system, application, 
or piece of software, including: Third-Party Name, Third Party Date 
Request, Third Party Free Text, Guest User Information.
    2. Collaboration application records: Records relating to web-
conferencing and web-collaboration applications, including; 
Collaborative Group Names, Collaborative Group IDs, Action Name, Number 
Of Actions Sent, Number Of Action Responses, Employee Phone Number, 
Collaborative Group Chat History, Profile Information, Collaborative 
Group Membership, Contacts, Project Owner, Project Creator, Event Start 
Time, Event Status, Event Organizer, Event Presenter, Event Producer, 
Event Production Type, Event Recording Setting, Total Number Of Event 
Media Viewings, Number Of Active Users, Number Of Active Users In 
Collaborative Groups, Number Of

[[Page 4959]]

Active Collaborative Group Communication Channels, Number Of Messages 
Sent, Number Of Calls Participated In, Last Activity Date Of A User, 
Number Of Guest Users In A Collaborative Group, Event Name, Event 
Description, Event Start Date, Event End Date, Video Platform Group 
Name, Video Platform Group Email Alias, Video Platform Group 
Description, Video Platform Group Classification, Video Platform Group 
Access Level, Video Platform Channel Name, Video Platform Channel 
Description, Video Platform Channel Access, Video Platform Live Event 
Recording, Total Number Of Video Conferences, Add Room Member To 
Collaborative Group, Attachment Downloaded From Collaborative Group, 
Attachment Uploaded From Collaborative Group, Direct Message Started 
From Collaborative Group, Invite Sent From Collaborative Group, Message 
Edited From Collaborative Group, Message Posted In Collaborative Group, 
Remove Room Member From Collaborative Group, Room Created In 
Collaborative Group, Add Service Account Permission To Enterprise 
Collaborative Group, Remove Service Account Permission To Enterprise 
Collaborative Group, Added User To Enterprise Collaborative Group, 
Added User Role To Enterprise Collaborative Group, Removed User From 
Enterprise Collaborative Group, Request To Join Enterprise 
Collaborative Group, Approve Join Request From Enterprise Collaborative 
Group, Reject Join Request From Enterprise Collaborative Group, Invite 
User To Enterprise Collaborative Group, Accept Invitation For 
Enterprise Collaborative Group, Reject Invitation For Enterprise 
Collaborative Group, Revoke Invitation For Enterprise Collaborative 
Group, Join Enterprise Collaborative Group, Ban User Including With 
Moderation In Enterprise Collaborative Group, Unban User From 
Enterprise Collaborative Group, Add All Users In Domain For Enterprise 
Collaborative Group, Create Group In Enterprise Collaborative Group, 
Delete Group In Enterprise Collaborative Group, Create Namespace In 
Enterprise Collaborative Group, Delete Namespace In Enterprise 
Collaborative Group, Change Info Setting In Enterprise Collaborative 
Group, Add Info Setting In Enterprise Collaborative Group, Remove Info 
Setting In Enterprise Collaborative Group, Add Member Role In 
Enterprise Collaborative Group, Remove User Role In Enterprise 
Collaborative Group, Membership Expiration Added In Enterprise 
Collaborative Group, Membership Expiration Removed In Enterprise 
Collaborative Group, Membership Expiration Updated In Enterprise 
Collaborative Group, ACL Permission Changed In Collaborative Group, 
Collaborative Group Invitation Accepted, Join Request Approved, User 
Joined Collaborative Group, User Requested To Join Collaborative Group, 
Collaborative Group Basic Setting Changed, Collaborative Group Created, 
Collaborative Group Deleted, Collaborative Group Identity Setting 
Changed, Collaborative Group Info Setting Added, Collaborative Group 
Info Setting Changed, Collaborative Group Info Setting Removed, 
Collaborative Group New Member Restriction Changed, Collaborative Group 
Post Reply Settings Changed, Collaborative Group Spam Moderation 
Settings Changed, Collaborative Group Topic Setting Changed, 
Collaborative Group Message Moderated, User Posts Will Always Be 
Posted, User Added To Collaborative Group, User Banned From 
Collaborative Group, User Invitation Revoked From A Collaborative 
Group, User Invited To Collaborative Group, User Join Request Rejected 
From A Collaborative Group, User Reinvited To Collaborative Group, User 
Removed From Collaborative Group, Call Event Abuse Report Submitted, 
Call Event Endpoint Left, Call Event Livestream Watched, Individual 
Form Response, Form Respondent Email Address, Whiteboard Software 
Updated, Whiteboard Reboot Requested, Whiteboard Export Requested, 
Attachment Deleted, Attachment Uploaded, Note Content Edited, Note 
Created, Note Deleted, Note Permissions Edited.
    3. Communication Application Records: Enterprise Social Network 
User Name, Enterprise Social Network User State, Enterprise Social 
Network User State Change Date, Enterprise Social Network User Last 
Activity Date, Number Of Messages Posted By An Enterprise Social 
Network User In Specified Time Period, Number Of Messages Viewed By An 
Enterprise Social Network User, Number Of Liked Messages By An 
Enterprise Social Network User, Products Assigned To A Enterprise 
Social Network User, Home Network Information, External Network 
Information, External Network Name, External Network Description, 
External Network Image, Network Creation Date, Network Usage Policy, 
External Network User Name, External Network User Email Address, 
External Group Name, Number Of Users On A Network, Network ID, Live 
Event Video Links, Files Added Or Modified In Enterprise Social 
Network, Message ID, Thread ID, Message Privacy Status, Full Body Of 
Message, Chat User Action, Chat Room Member Added, Chat Attachment 
Downloaded, Chat Attachment Uploaded, Chat Room Blocked, Chat User 
Blocked, Chat Direct Message Started, Chat Invitation Accepted, Chat 
Invitation Declined, Chat Invitation Sent, Chat Message Edited, Chat 
Message Posted, Chat Room Member Removed, Chat Room Created.
    4. Multimedia records: Records relating to media associated with or 
originating from an information system, including; Video Platform User 
ID, Video Name, Videos Uploaded By User, Videos Accessed By User, 
Channels Created By User, User Group Membership, Comments Left By User 
On Videos, Screen Recordings, Video Transcript, Deep Search Captions, 
Video Metadata, Audio Metadata, Phone Number, Time Phone Call Started, 
User Name, Call Type, Phone Number Called To, Phone Number Called From, 
Called To Location, Called From Location, Telephone Minutes Used, 
Telephone Minutes Available, Charges For Use Of Telephone Services, 
Currency Of Charged Telephone Services, Call Duration, Call ID, 
Conference ID, Phone Number Type, Blocked Phone Numbers, Blocking 
Action, Reason For Blocking Action, Blocked Phone Number Display Name, 
Date And Time Of Blocking, Call Start Time, User Display Name, SIP 
Address, Caller Number, Called To Number, Call Type, Call Invite Time, 
Call Failure Time, Call End Time, Call Duration, Number Type, Media 
Bypass, SBC FQDN, Data Center Media Path, Data Center Signaling Path, 
Event Type, Final SIP, Final Vendor Subcode, Final SIP Phrase, Unique 
Customer Support ID.
    5. Limited Use Application records: Records relating to 
applications with a specific, limited use, including; Application 
Authoring Application Name, Application Authoring Application Author, 
Voice Search Text Strings, Miles Driven, Mileage Rates, Country 
Currency, Destination, Destination Classification, Car Make, Car Model, 
Working Hours, Total Number Of Monthly Drives, Total Number Of Monthly 
Miles, Total Number Of Personal Drives, Total Number Of Personal 
Drives, Users Allowed To Access Application, Application Authoring 
Application Security Settings, Total Number Of Cloud-Based Searches 
Performed, Total Number Of Cloud-Based Search Queries From Web 
Browsers, Total Number Of Cloud-Based Search Queries From Android 
Operating Systems, Total Number Of Cloud-Based Search Queries From iOS 
Operating Systems, Data

[[Page 4960]]

Visualization Report Email Delivery Added, Data Visualization Asset 
Created, Data Visualization Data Exported, Data Visualization Asset 
Deleted, Data Visualization Report Downloaded, Data Visualization Asset 
Edited, Data Visualization Asset Restored, Data Visualization Report 
Email Delivery Stopped, Data Visualization Asset Trashed, Data 
Visualization Report Email Delivery Updated, Data Visualization Asset 
Viewed, Data Visualization Link Sharing Access Type Changed, Data 
Visualization Link Sharing Visibility Changed, Data Visualization User 
Sharing Permissions Changed.
    6. Development Records: Records relating to applications used for 
the creation, sharing, or modification of software code, including: 
Data Repository User ID, Data Repository Password, Data Repository User 
Address, Data Repository Payment Information, Data Repository User 
First Name, Data Repository User Last Name, Data Repository Profile 
Picture, Data Repository Profile Biography, Data Repository Profile 
Location, Data Repository User Company, Data Repository User 
Preferences, Data Repository User Preference Analytics, Data Repository 
Transaction Date, Data Repository Transaction Time, Data Repository 
Transaction Amount Charged, Data Repository Webpages Viewed, Data 
Repository Referring Website, Data Repository Date Of Webpage Request, 
Data Repository Time Of Webpage Request, Data Repository User Commits, 
Data Repository User Commit Comment Body Text, Data Repository Pull 
Request Comment Body Text, Data Repository Issue Comment Body Text, 
Data Repository User Comment Body Text, Data Repository User 
Authentication, Language Of Device Accessing Data Repository, Operating 
System Of Device Accessing Data Repository, Application Version Of 
Device Accessing Data Repository, Device Type Of Device Accessing Data 
Repository, Device ID Of Device Accessing Data Repository, Device Model 
Of Device Accessing Data Repository, Device Manufacturer Of Device 
Accessing Data Repository, Browser Version Of Device Accessing Data 
Repository, Client Application Information Of Device Accessing Data 
Repository, Data Repository User Usage Information, Data Repository 
Transactional Information, Data Repository API Notification Status, 
Data Repository API Issue Status, Data Repository API Pull Status, Data 
Repository API Commit Status, Data Repository API Review Status, Data 
Repository API Label, Data Repository API User Account Signin Status, 
Data Repository API Schedule Status, Data Repository API Schedule List.
    7. Unofficial Foreign Travel Monitoring: Records relating to 
covered individuals for the administration of the SEAD 3 program, 
including: Title, Name Of Traveler, Information Type: Pre-Travel And 
Post-Travel, Start Date Of Travel, End Date Of Travel, Carrier Of 
Transportation, Countries You Are Visiting, Passport Number, Passport 
Expiration Date, Names And Association Of Foreign National Travel 
Companions, Planned Foreign Contacts, Emergency Contact Name, Emergency 
Contact Phone Number, Emergency Contact Relationship, Post-Travel 
Questions Relating To Activity, Events, And Interactions.
    8. Cloud-based storage records: Records relating to activity within 
cloud-based storage systems, including: Number Of Files Made Publicly 
Available, Number Of Files Made Available With A Link, Number Of Files 
Shared With Domain Users, Number Of Files Shared With Domain Users 
Through Link, Number Of Files Shared With Users Outside Domain, Number 
Of Files Shared With User Or Group In Domain, Number Of Files Not 
Shared At All, Number Of Spreadsheet Documents Added, Number Of Text 
Documents Added, Number Of Presentation Documents, Number Of Form 
Documents Added, Number Of Other Files Added, Number Of Files Edited, 
Number Of Files Viewed, Number Of Files Added, Total Cloud Storage 
Space Used, Last Time Storage Accessed By User, Item Added To Folder, 
Item Approval Cancelled, Comment Added On Approval Of Item, Due Date 
Time Change Requested, Item Approval Requested, Reviewer Change 
Requested For Item Approval, Item Approval Reviewed, Document Copy 
Created, Document Created, Document Deleted, Document Downloaded, 
Document Shared As Email Attachment, Document Edited, Label Applied, 
Label Value Changed, Label Removed, Item Locked, Item Moved, Item 
Previewed, Item Printed, Item Removed From Folder, Item Renamed, Item 
Restored, Item Trashed, Item Unlocked, Item Uploaded, Item Viewed, 
Security Update Applied To File, Security Update Applied To All Files 
In Folder, Publish Status Changed, Editor Settings Changed, Link 
Sharing Access Type Changed, Link Sharing Access Changed From Parent 
Folder, Link Sharing Visibility Changed, Link Sharing Visibility 
Changed From Parent Folder, Security Update Removed From File, 
Membership Role Changed, Shared Storage Settings Changed, Spreadsheet 
Range Enabled, User Sharing Permissions Changed, User Sharing 
Permissions Changed From Parent Folder, User Storage Updated, File 
Viewed, File Renamed, File Created, File Edited, File Previewed, File 
Printed, File Updated, File Deleted, File Uploaded, File Downloaded, 
File Shared.
    9. Email Application records: Records relating to regular use of 
email applications, including: Email Body Text, Email Metadata, Total 
Number Of Emails Sent, Total Number Of Emails Received, Total Number Of 
Emails Sent And Received, Last Time User Accessed Email Client Through 
A Post Office Protocol (POP) Mail Server, Last Time User Accessed Email 
Client Through An Internet Message Access Protocol (IMAP) Mail Server, 
Last Time User Accessed Through Web-Based Server, Total Email Client 
Storage Space Used, Calendar Access Level(S) Changed, Calendar Country 
Changed, Calendar Created, Calendar Deleted, Calendar Description 
Changed, Calendar Location Changed, Calendar Timezone Changed, Calendar 
Title Changed, Calendar Notification Triggered, Calendar Subscription 
Added, Calendar Subscription Deleted, Calendar Event Created, Calendar 
Event Deleted, Calendar Event Guest Added, Calendar Event Guest Auto-
Response, Calendar Event Guest Removed, Calendar Event Guest Response 
Changed, Calendar Event Modified, Calendar Event Removed From Trash, 
Calendar Event Restored, Calendar Event Start Time Changed, Calendar 
Event Title Modified, Successful Availability Lookup Of A Calendar 
Between Email Clients, Successful Availability Lookup Of Email Client 
Resource, Successful Email Client Resource List Lookup, Unsuccessful 
Availability Lookup Of A Calendar On Email Client, Unsuccessful 
Availability Lookup Of Email Client Resource, Unsuccessful Email Client 
Resource List Lookup.
    10. Web Browser Records: Records relating to activity within a web 
browser, including: Web Browser Password Changed, Web Browser Password 
Reused, Malware Detected in Transferred Content for User, Sensitive 
Data Detected In Transferred Content, Unsafe Website Visit Detected For 
User.

RECORD SOURCE CATEGORIES:
    Employees; contractors; customers.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Standard routine uses 1. through 9. apply. In addition:

[[Page 4961]]

    (a) To appropriate agencies, entities, and persons when (1) the 
Postal Service suspects or has confirmed that there has been a breach 
of the system of records; (2) the Postal Service has determined that as 
a result of the suspected or confirmed breach there is a risk of harm 
to individuals, the Postal Service (including its information systems, 
programs, and operations), the Federal Government, or national 
security; and (3) the disclosure made to such agencies, entities, and 
persons is reasonably necessary to assist in connection with the Postal 
Service's efforts to respond to the suspected or confirmed breach or to 
prevent, minimize, or remedy such harm.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Automated database, computer storage media, and paper.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    1. Records relating to third-parties are retrievable by name and 
email address.
    2. Records relating to collaboration are retrievable by name, email 
address, and user ID.
    3. Records relating to communication are retrievable by name, email 
address, and user ID.
    4. Records pertaining to multimedia are retrievable by user name 
and media title.
    5. Records relating to application development are retrievable by 
user ID and application name.
    6. Records relating to limited use applications are retrievable by 
name, email address, and user ID.
    7. Records relating to Unofficial Foreign Travel Monitoring for 
covered individuals are retrievable by name.
    8. Records relating to Cloud-based storage are retrievable by name, 
email address, and user ID.
    9. Records relating to Email Applications are retrievable by name, 
email address, and user ID.
    10. Records relating to Web Browsers are retrievable by name, email 
address, and user ID.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    1. Records relating to third-parties are retained for twenty-four 
months.
    2. Records relating to collaboration are retained for twenty-four 
months.
    3. Records relating to communication are retained for twenty-four 
months.
    4. Multimedia recordings are retained for twenty-four months.
    5. Records relating to application development are retained for 
twenty-four months.
    6. Records relating to limited use applications are retained for 
twenty-four months.
    7. Records relating to Unofficial Foreign Travel Monitoring for 
covered individuals are retained for twenty-five years.
    8. Records relating to Cloud-based storage are retained for twenty-
four months.
    9. Records relating to Email Applications are retained for twenty-
four months.
    10. Records relating to Web Browsers are retained for twenty-four 
months.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Paper records, computers, and computer storage media are located in 
controlled-access areas under supervision of program personnel. 
Computer access is limited to authorized personnel with a current 
security clearance, and physical access is limited to authorized 
personnel who must be identified with a badge.
    Access to records is limited to individuals whose official duties 
require such access. Contractors and licensees are subject to contract 
controls and unannounced on-site audits and inspections.
    Computers are protected by encryption, mechanical locks, card key 
systems, or other physical access control methods. The use of computer 
systems is regulated with installed security software, computer logon 
identifications, and operating system controls including access 
controls, terminal and transaction logging, and file management 
software.

RECORD ACCESS PROCEDURES:
    Requests for access must be made in accordance with the 
Notification Procedure above and USPS Privacy Act regulations regarding 
access to records and verification of identity under 39 CFR 266.5.

CONTESTING RECORD PROCEDURES:
    See Notification Procedure and Record Access Procedures above.

NOTIFICATION PROCEDURES:
    Customers wanting to know if other information about them is 
maintained in this system of records must address inquiries in writing 
to the Chief Information Officer and Executive Vice President and 
include their name and address.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    May 11, 2021; 86 FR 25899.
* * * * *

Joshua J. Hofer,
Attorney, Ethics and Legal Compliance.
[FR Doc. 2022-01063 Filed 1-28-22; 8:45 am]
BILLING CODE 7710-12-P