Privacy Act of 1974; System of Records, 79006-79013 [2022-28026]

Agencies

• Postal Service

[Federal Register Volume 87, Number 246 (Friday, December 23, 2022)]
[Notices]
[Pages 79006-79013]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-28026]


-----------------------------------------------------------------------

POSTAL SERVICE


Privacy Act of 1974; System of Records

AGENCY: Postal ServiceTM.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The United States Postal Service[supreg] (USPS[supreg]) is 
proposing to revise one General Privacy Act Systems of Records (SOR) 
500.000 Property Management Records and one Customer Privacy Act 
Systems of Records (SOR) 890.000 Sales, Marketing, Events, and 
Publications. These updates are being made to facilitate the 
implementation of enhanced functionality for web-based collaboration 
and communication applications.

DATES: These revisions will become effective without further notice on 
January 23, 2023, unless comments received on or before that date 
result in a contrary determination.

[[Page 79007]]


ADDRESSES: Comments may be submitted via email to the Privacy and 
Records Management Office, United States Postal Service Headquarters 
([email protected]). Arrangements to view copies of any 
written comments received, to facilitate public inspection, will be 
made upon request.

SUPPLEMENTARY INFORMATION: 

I. Background

    The Postal Service is proposing to enhance the functionality of a 
web-based collaboration and communication application used enterprise 
wide for online web-based meetings through the implementation of 
software upgrades. Notice of proposed modifications to relevant SORs is 
being provided to meet Privacy Act requirements and promote 
transparency.
    Notices for the original implementation of these applications were 
previously published in the Federal Register on June 1, 2020.

 Document Citation: 85 FR 33212 for SOR 500.000 Property 
Management Records
 Document Citation: 85 FR 33208 for SOR 890.000 Sales, 
Marketing, Events, and Publications

    In addition, selected information is being deleted from SOR 500.000 
Property Management Records, as it was previously incorporated into 
three new General Systems of Records:

USPS System of Records (SOR) 550.000 Commercial Information Technology 
Resources--Infrastructure May 10th, 2021; 86 FR 24907; January 31, 
2022; Document Citation: 87 FR 4961
USPS System of Records (SOR) 550.100 Commercial Information Technology 
Resources--Applications May 11, 2021; 86 FR 25899; January 31, 2022; 
Document Citation: 87 FR 4957
USPS System of Records (SOR) 550.200 Commercial Information Technology 
Resources--Administrative May 10th, 2021; 86 FR 24902; January 31, 
2022, Document Citation: 87 FR 4964
    For further information contact, Janine Castorina, Chief Privacy 
and Records Management Officer, Privacy and Records Management Office, 
[email protected].

II. Rationale for Changes to USPS Privacy Act Systems of Records

    The Postal Service is proposing to modify SOR 500.000 as follows:
    Existing purposes and categories of records will be deleted or 
modified from the existing SOR to eliminate duplication within the 
three separate SORs listed above.
    The following purpose will be removed from this SOR:
    To allow task allocation and tracking among team members.
    The following purpose will strike ``by telephone and instant-
messaging'' from its current language:
    To allow users to communicate by telephone and instant-messaging 
through web-based applications.
    The following categories of records will be modified to include new 
data elements:

Participant session data from web-based meetings and web conferences
Device data from web-based meetings and web conferences (formerly 
Historical device usage data from web-based meetings and web 
conferences)

    One new purpose will be added to the existing SOR, appearing as 
purpose 12 within the revised list of purposes.
    New categories of records will be added to the existing SOR, 
appearing as numbers 5. 7, 8, 9, 10, and 11.
    The Postal Service is proposing to modify SOR 890.000 as follows:
    Existing purposes and categories of records will be deleted or 
modified from the existing SOR to eliminate duplication within the 
three separate SORs listed above.
    The following purpose will be removed from this SOR:
    To allow task allocation and tracking among team members.
    The following purpose will strike ``by telephone and instant-
messaging'' from its current language:
    To allow users to communicate by telephone and instant-messaging 
through web-based applications.
    One new purpose has been added to the existing SOR appearing as 
purpose 10.
    The following categories of records will be modified to include new 
data elements:

Participant session data from web-based meetings and web conferences
    Device data from web-based meetings and web conferences (formerly 
Historical device usage data from web-based meetings and web 
conferences)
    New categories of records will be added to the existing SOR, 
appearing as numbers 12, 13, 14, 15, and 16.
    The following categories of records will be removed from this SOR:

Event session data from web-based meetings and web conferences
Historical application usage data from web-based meetings and web 
conferences
Web-based Public Switched Telephone Network data records
Web-based Direct Routing Public Switched Telephone Network records

III. Description of the Modified System of Records

    Pursuant to 5 U.S.C. 552a (e)(11), interested persons are invited 
to submit written data, views, or arguments on this proposal. A report 
of the proposed revisions has been sent to Congress and to the Office 
of Management and Budget for their evaluations. The Postal Service does 
not expect these amended systems of records to have any adverse effect 
on individual privacy rights.
    The notices for modifications to USPS SOR 500.000, Property 
Management Records and USPS SOR 890.000, Sales, Marketing, Events, and 
Publications are provided below in their entirety, as follows:

SYSTEM NAME AND NUMBER:
    USPS 500.000, Property Management Records.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    All USPS facilities and contractor sites.

SYSTEM MANAGER(S):
    For records of accountable property, carpool membership, and use of 
USPS parking facilities: Vice President, Facilities, United States 
Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.
    For records of building access and Postal Inspector computer access 
authorizations: Chief Postal Inspector, Inspection Service, United 
States Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.
    For other records of computer access authorizations: Chief 
Information Officer and Executive Vice President, United States Postal 
Service, 475 L'Enfant Plaza SW, Washington, DC 20260.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    39 U.S.C. 401.

PURPOSE(S) OF THE SYSTEM:
    1. To ensure personal and building safety and security by 
controlling access to USPS facilities.
    2. To ensure accountability for property issued to persons.
    3. To assign computer logon IDs; to identify USPS computer users to 
resolve their computer access problems by telephone; and to monitor and 
audit the use of USPS information resources as necessary to ensure 
compliance with USPS regulations.
    4. To enable access to the USPS meeting and video web conferencing 
applications.

[[Page 79008]]

    5. To enhance your online meeting experience by utilizing enhanced 
features and functionality, including voluntary polling to gather 
responses from attendees to generate reports or the interactive chat 
feature.
    6. To facilitate team collaboration and communication through 
information sharing and cross-functional participation.
    7. To allow users to communicate through web-based applications.
    8. To facilitate and support cybersecurity investigations of 
detected or reported information security incidents.
    9. To share your personal image via your device camera during 
meetings and web conferences,
    if you voluntarily choose to turn the camera on, enabling virtual 
face-to-face conversations.
    10. To authenticate user identity for the purpose of accessing USPS 
information systems.
    11. To provide parking and carpooling services to individuals who 
use USPS parking facilities.
    12. To provide pre-registration for guest access to online meetings 
and web conferences

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    1. Individuals who are granted regular access to USPS facilities 
through the issuance of a building access badge, or who are assigned 
accountable property.
    2. Individuals with authorized access to USPS computers and 
information resources, including USPS employees, contractors, and other 
individuals; Individuals participating in web-based meetings, video 
conferences, collaboration, and communication applications.
    3. Individuals who are members of carpools with USPS employees or 
otherwise regularly use USPS parking facilities.

CATEGORIES OF RECORDS IN THE SYSTEM:
    1. Building access information: Records related to issuance of 
building access badges, including name, Social Security Number, 
Employee Identification Number, date of birth, photograph, postal 
assignment information, work contact information, finance number(s), 
duty location, and pay location.
    2. Property issuance information: Records related to issuance of 
accountable USPS property, equipment, and controlled documents, 
including name, Social Security Number, equipment description, 
equipment serial numbers, and issuance date.
    3. Computer access authorization information: Records related to 
computer users, including logon ID, Social Security Number, Employee 
Identification Number, or other assigned identifier, employment status 
information or contractor status information, and extent of access 
granted.
    4. Participant session data from web-based meetings and web 
conferences: Participant Name, Participant's Webcam-Generated Image 
(Including Presenters), Recorded Participant Audio, Video, And Shared 
Meeting Screen Content, Chat Interaction, Polling Questions And 
Associated Responses, Participant Join Time And Leave Time, Meeting 
Duration, Participant Location, Participant Media Hardware Information, 
Participant Job Information, Participant Stated Locale, Participant 
Connection Type, Participant Data Center, Participant Device Type, 
Participant Domain, Participant Full Data Center, Participant Hard Disk 
ID, Participant ID, Participant IP Address, Participant Join Time, 
Participant Camera Name, Participant MAC Address, Participant 
Microphone Name, Participant Network Type, Participant PC Name, 
Participant Role, Participant Share Settings, Participant Speaker Name, 
Participant Status, Participant User ID, Participant User Name, 
Participant Zoom, Participant SIP URL, Participant Leave Reason, 
Participant AS Input, Participant AS Output, Participant Audio Input, 
Participant Audio Output, Participant CPU Usage, Participant Video 
Input, Participant Video Output, Participant Quality, Participant 
Sharing Details, Participant Recording Details.
    5. Web-Based Meeting And Web Conference Application Data: In-
Meeting Messages, Meeting Transcriptions, Written Feedback Responses, 
Invitation Tails, Meeting Name, Chat Name, Meeting Agenda, Meeting 
Host, Meeting Department, Meeting Duration, Meeting Email, Meeting End 
Time, Meeting Media Settings, Meeting ID, Meeting Participants, Meeting 
Participants In Room, Meeting Start Time, Meeting Topic, Meeting 
Tracking Fields, Meeting User Type, Meeting UU ID, Meeting Audio 
Quality, Meeting Video Quality, Meeting Screen Share Quality, Meeting 
Duration, Meeting Contacts, Meeting Contact Email, Meeting Settings.
    Web Conferences Custom Keys, Web Conferences Department, Web 
Conferences Duration, Web Conferences Email, Web Conferences End Time, 
Web Conferences Settings, Web Conferences ID, Web Conferences 
Participants, Web Conference Start Time, Web Conferences Topic, Web 
Conferences User Type, Web Conferences UU ID, Web Conferences Audio 
Quality, Web Conferences Video Quality, Web Conferences Screen Share 
Quality, Web Conferences Host Name, Web Conferences Participant Camera 
Name, Web Conferences Participant Connection Type, Web Conferences 
Participant Data Center, Web Conferences Participant Device Type, Web 
Conferences Participant Domain, Web Conferences Participant From SIP 
Uri, Web Conferences Participant Full Data Center, Web Conferences 
Participant Hard Disk ID, Web Conferences Participant ID, Web 
Conferences Participant IP Address, Web Conferences Participant Join 
Time, Web Conferences Participant Leave Reason, Web Conferences 
Participant Leave Time, Web Conferences Participant Location, Web 
Conferences Participant MAC Address, Web Conferences Participant 
Microphone Name, Web Conferences Participant Network Type, Web 
Conferences Participant PC Name, Web Conferences Participant Role, Web 
Conferences Participant Share Settings, Web Conferences Participant SIP 
URI, Web Conferences Participant Speaker Name, Web Conferences 
Participant Status, Web Conferences Participant User ID, Web 
Conferences Participant User Name, Web Conferences Participant Version, 
Web Conferences Participant AS Input, Web Conferences Participant AS 
Output, Web Conferences Participant Audio Input, Web Conferences 
Participant Audio Output, Web Conferences Participant CPU Usage, Web 
Conferences Participant Video Input, Web Conferences Participant Video 
Output, Web Conferences Participant Recording Details, Web Conferences 
Participant Sharing Details, Web Conferences Participant Customer Key, 
Web Conferences Poll Title, Web Conferences Poll Status, Web 
Conferences Poll Start Time, Web Conferences Q&A Question Email, Web 
Conferences Q&A Question Name, Web Conferences Q&A Question Details, 
Web Conferences Q&A Question Start Time, Web Conferences Registrant 
Address, Web Conferences Registrant City, Web Conferences Registrant 
Comments, Web Conferences Registrant Country, Web Conferences 
Registrant Create Time, Web Conferences Registrant Custom Questions, 
Web Conferences Registrant Email, Web Conferences Registrant Name, Web 
Conferences Registrant ID, Web Conferences Registrant Industry, Web 
Conferences Registrant Join URL, Web Conferences Registrant Job Title, 
Web Conferences Registrant Number Of Employees, Web Conferences 
Registrant

[[Page 79009]]

Organization, Web Conferences Registrant Phone, Web Conferences 
Registrant Purchasing Time Frame, Web Conferences Registrant State, Web 
Conferences Registrant Status, Web Conferences Registrant ZIP Code, Web 
Conferences Poll Results, Web Conferences Panelist Email, Web 
Conferences Panelist Name.
    Meeting Registrant Name, Meeting Registrant Email, Meeting 
Invitation Text, Meeting Attendee Name, Meeting Attendee Join URL, 
Meeting Registrant Address, Meeting Registrant City, Meeting Registrant 
Comments, Meeting Registrant Country, Meeting Registrant Create Time, 
Meeting Registrant Custom Questions, Meeting Registrant Email, Meeting 
Registrant Name, Meeting Registrant ID, Meeting Registrant Industry, 
Meeting Registrant Job Title, Meeting Registrant Number Of Employees, 
Meeting Registrant Organization, Meeting Registrant Phone Number, 
Meeting Registrant Purchasing Time Frame, Meeting Registrant Role In 
Purchase Process, Meeting Registrant State, Meeting Registrant Status, 
Meeting Registrant ZIP Code, Meeting Registrant Language, Meeting 
Registrant Join URL, Meeting Attendee Poll Response, Meeting Attendee 
Department.
    Cloud Recording Registrant City, Cloud Recording Registrant 
Comments, Cloud Recording Registrant Country, Cloud Recording 
Registrant Create Time, Cloud Recording Registrant Custom Questions, 
Cloud Recording Registrant Email, Cloud Recording Registrant Name, 
Cloud Recording Registrant ID, Cloud Recording Registrant Industry, 
Cloud Recording Registrant Job Title, Cloud Recording Registrant Number 
of Employees, Cloud Recording Registrant Organization, Cloud Recording 
Registrant Phone, Cloud Recording Registrant Purchasing Time Frame, 
Cloud Recording Registrant Role in Purchase Process, Cloud Recording 
Registrant Share URL, Cloud Recording Registrant Status, Cloud 
Recording Registrant ZIP Code, Cloud Recording Registrant Address, 
Cloud Recording Registrant State, Cloud Recording Registrant Meeting 
ID, Cloud Recording Registrant Field Name, Cloud Recording Registrant 
List of Registrants.
    6. Device Data From Web-Based Meetings And Web Conferences: Device 
type (such as mobile, desktop, or tablet), Device Operating System, 
Number of users of related Operating Systems, Operating System Version, 
Operating System Type, MAC address, IP address, hard disk ID, PC Name, 
Bluetooth Information, Packet Loss, internet Connection Type, Bluetooth 
Device Name, Bluetooth Device Type, Device Architecture, Central 
Processing Unit (CPU) Core Type, CPU core frequency, CPU Brand, 
Available Memory, Total CPU Capacity, Total Capacity Utilized by 
Application, Memory Used by Application, API Permissions, API 
Authentication, Authentication Secret Key, Graphics Processing Unit 
(GPU) Brand, GPU Type, Custom Attributes Defined by Organization, 
Archived Meeting Files, Archive Meeting Account Name, Archived Meeting 
File Download User, Archived Meeting File Extension, Archived Meeting 
File Size, Archived Meeting File Type, Archived Meeting File ID, 
Archived Meeting File Participant Email, Archived Meeting Participant 
Join Time, Archived Meeting Participant Leave Time, Archived Meeting 
File Recording Type, Archived Meeting File Status, Archived Meeting 
Complete Time, Archived Meeting Complete Time Duration, Archived 
Meeting Duration, Archived Meeting Duration In Seconds, Archived 
Meeting Host ID, Archived Meeting ID, Archived Meeting Settings, 
Archived Meeting Type, Archived Meeting Recording Count, Archived 
Meeting Start Time, Archived Meeting Topic, Archived Meeting Total 
Size, Archived Meeting UU ID, Past Meeting Participant ID, Past Meeting 
Participant Name, Past Meeting Participant Email, SIP Phone 
Authorization Name, SIP Phone Domain, SIP Phone ID, SIP Phone Password, 
SIP Phone Proxy Servers, SIP Phone Register Servers, SIP Phone 
Registration Expire Time, SIP Phone Transport Protocols, SIP Phone User 
Email, SIP Phone User Name, SIP Phone Voice Voicemail.
    7. User Data From Web-Based Meetings And Web Conferences: User 
Creation Date, User Department, User Email Address, User Employee ID, 
User Name, User System ID, User Chat Group Ids, User System Client 
Version, User Last Login Time, User Picture URL, User PMI, User Status, 
User Timezone, User Type, User Verified Status, User Password, User 
JID, User Language, User Manager, User Personal Meeting URL, User Role 
ID, User Role Name, User Use PMI Status, User Phone Country, User 
Company, User Custom Attributes, User CMS User ID, User Pronouns, User 
Vanity Name, User Assistant Email, User Assistant ID, User Permissions, 
User Presence Status, User Scheduler Email, User Scheduler ID, User 
Settings, User Token, User Meeting Minutes, User Number Of Meetings, 
User Participant Number, User's Web Conferences Template, User 
Scheduled Web Conferences, User Web Conferences Settings, User Web 
Conferences Recurrence Settings, User Web Conferences Password, User 
Web Conferences Agenda, User Web Conferences Duration, User Web 
Conferences Start Time, User Web Conferences Template ID, User Web 
Conferences Topic. User Web Conferences Tracking Fields, User Web 
Conferences Time zone User Web Conferences Created Date, User Web 
Conferences Host ID, User Web Conferences Type, User Web Conferences UU 
ID, User Web Conferences Start URL, User TSP Account Conference Code, 
User TSP Account Dial-In Numbers, User TSP Account ID, User TSP Account 
Leader PIN, User TSP account TSP Bridge, User TSP Audio URL, Chat 
Messaging Content.
    8. Web-Based Meeting And Web Conference Administration Data: 
Account Administrator Name, Account Contact Information Account ID, 
Account Billing Information, Account Plan Information, Conference Room 
Account type, Conference Room calendar name, conference room camera 
name, conference room device IP address, conference room email address, 
conference room health, conference room ID, conference room issues, 
conference room last start time, conference room microphone name, 
conference room name, conference room speaker name, conference room 
status, Conference Room live meeting, Conference Room past meetings, 
conference room activation code, conference room support email, 
conference room support phone, conference room passcode, conference 
room settings, conference room location description, conference room 
location name, User Sign In And Sign Out Times, Group admin name, Group 
admin email, group admin ID, group member email, group member first 
name, group member last name, group member ID, group member type, chat 
group ID, chat group name, chat croup total members, chat group, Files 
sent through chat, GIPHYs sent through chat, groups sent through chat, 
p2p sent through chat, text sent through chat, total sent through chat, 
audio sent through chat, code snippet sent through chat, Operation Log 
action, operation log category type, operation log operation detail, 
operation log user, operation log time, Role member department, role 
member email, role member first name, role member ID, role member type, 
client feedback detail email, client feedback detail meeting ID, client 
feedback detail participant name, client feedback detail time.
    9. Web-Based Meeting And Web Conference Telemetry Data: Event Time, 
Client Type, Event Location, Event,

[[Page 79010]]

Subevent, UUID, Client Version, UserID, Client OS, Meeting ID.
    10. Persistent Message Application Telemetry Data: User Email, 
Group Chat, Message Type, In Meeting Message, Status, Do Not Disturb 
Time, Notification Setting, Show Group On Contact List, File Type, File 
Location, Link URL, Keywords, GIF Keywords, Emoji Code, Audio Setting, 
Video Setting, Is E2E Enabled, Message ID, IP Address.
    11. Communication Data: Deleted Persistent Message Sender, Deleted 
Persistent Message Time, Deleted Persistent Message ID, Deleted 
Persistent Message Text, Deleted Persistent Message Main Message ID, 
Deleted Persistent Message Main Message Timestamp, Deleted Persistent 
Message File Name, Deleted Persistent Message File Size, Edited 
Persistent Message Sender, Edited Persistent Message Time, Edited 
Persistent Message ID, Edited Persistent Message Text, Edited 
Persistent Message Main Message ID, Edited Persistent Message Main 
Message Timestamp, Edited Persistent Message File Name, Edited 
Persistent Message File Size, Persistent Message Sender, Persistent 
Message Time, Persistent Message ID, Persistent Message Main Message 
ID, Persistent Message Main Message Timestamp, Persistent Message File, 
Persistent Message File Size, Persistent Message Images Exchanged, 
Persistent Message Files Exchanged, Persistent Message Videos 
Exchanged, Persistent Message Channel Title, Persistent Message 
Whiteboard Annotations, Persistent Message Text, Deleted Message 
Sender, Deleted Message Time, Deleted Message ID, Deleted Message Text, 
Deleted Message Main Message ID, Deleted Message Main Message 
Timestamp, Deleted Message File Name, Deleted Message File Size, Edited 
Message Sender, Edited Message Time, Edited Message ID, Edited Message 
Text, Edited Message Main Message ID, Edited Message Main Message 
Timestamp, Edited Message File Name, Edited Message File Size, Message 
Sender, Message Time, Message ID, Message Main Message ID, Message Main 
Message Timestamp, Message File, Message File Size, Message Text.
    12. Identity verification information: Question, answer, and email 
address.
    13. Carpool and parking information: Records related to membership 
in carpools with USPS employees or about individuals who otherwise 
regularly use USPS parking facilities, including name, space number, 
principal's and others' license numbers, home address, and contact 
information.

RECORD SOURCE CATEGORIES:
    Employees; contractors; subject individuals; and other systems of 
records.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Standard routine uses 1. through 9. apply.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Automated database, computer storage media, and paper.

POLICIES OF PRACTICES FOR RETRIEVAL OF RECORDS:
    1. Records about building access and issuance of accountable 
property are retrieved by name, Social Security Number, or Employee 
Identification Number.
    2. Records about authorized access to computer and information 
resources are retrieved by name, logon ID, Employee Identification 
Number, or other unique identifier of the individual.
    3. Report and tracking data created during web-based meetings and 
video conferences that pertain to individual participants, content 
shared, conference codes and other relevant session data and historical 
device usage data are retrieved by meeting ID, host name or host email 
address.
    4. Records pertaining to web-based collaboration and communication 
applications are retrieved by organizer name and other associated 
personal identifiers.
    5. Media recordings created during web-based meetings and video 
conferences are retrieved by meeting ID, host name or host email 
address.
    6. Records of carpools and parking facilities are retrieved by 
name, ZIP Code, space number, or parking license number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    1. Building access and accountable property records are retained 
until termination of access or accountability.
    2. Records of computer access privileges are retained 1 year after 
all authorizations are cancelled.
    3. Report and tracking data created during web-based meeting and 
video conferences, such as other relevant session data and historical 
device usage data, are retained for twenty-four months.
    4. Records pertaining to web-based collaboration and communication 
applications are retained for twenty-four months.
    5. Web-based meeting or video session recordings are retained for 
twenty-four months.
    6. Records of carpool membership and use of USPS parking facilities 
are retained 6 years.
    7. Records existing on paper are destroyed by burning, pulping, or 
shredding. Records existing on computer storage media are destroyed 
according to the applicable USPS media sanitization practice.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Paper records, computers, and computer storage media are located in 
controlled-access areas under supervision of program personnel. Access 
to these areas is limited to authorized personnel, who must be 
identified with a badge.
    Access to records is limited to individuals whose official duties 
require such access. Contractors and licensees are subject to contract 
controls and unannounced on-site audits and inspections. Computers are 
protected by mechanical locks, card key systems, or other physical 
access control methods. The use of computer systems is regulated with 
installed security software, computer logon identifications, and 
operating system controls including access controls, terminal and 
transaction logging, and file management software.

RECORD ACCESS PROCEDURES:
    Requests for access must be made in accordance with the 
Notification Procedure above and USPS Privacy Act regulations regarding 
access to records and verification of identity under 39 CFR 266.5.

CONTESTING RECORD PROCEDURES:
    See Notification Procedure and Record Access Procedures above.

NOTIFICATION PROCEDURES:
    Inquiries for records about building access, accountable property, 
carpool membership, and use of USPS parking facilities must be 
addressed to the facility head. Inquiries about computer access 
authorization records must be directed to the Manager, Corporate 
Information Security, 475 L'Enfant Plaza SW, Suite 2141, Washington, DC 
20260. For Inspection Service computer access records, inquiries must 
be submitted to the Inspector in Charge, Information Technology 
Division, 2111 Wilson Blvd., Suite 500, Arlington, VA 22201. Inquiries 
must include full name, Social Security Number or Employee 
Identification Number, and period of employment or residency at the 
location.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

[[Page 79011]]

HISTORY:
    August 4, 2020, 85 FR 47258; June 1, 2020, 85 FR 33210; April 11, 
2014, 79 FR 20249; June 27, 2012, 77 FR 38342; June 17, 2011, 76 FR 
35483; April 29, 2005, 70 FR 22516.

SYSTEM NAME AND NUMBER:
    USPS 890.000, Sales, Marketing, Events, and Publications.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    USPS Headquarters Marketing and Public Policy; Integrated Business 
Solutions Services Centers; National Customer Service Center; Area and 
District USPS facilities; Post Offices; and contractor sites.

SYSTEM MANAGER(S):
    Chief Customer and Marketing Officer and Executive Vice President, 
United States Postal Service, 475 L'Enfant Plaza SW, Washington, DC 
20260-4016.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    39 U.S.C. 401, 403, 404.

PURPOSE(S) OF THE SYSTEM:
    1. To understand the needs of customers and improve USPS sales and 
marketing efforts.
    2. To provide appropriate materials and publications to customers.
    3. To conduct registration for USPS and related events.
    4. To enable access to the USPS meeting and video web conferencing 
application.
    5. To enhance your online meeting experience by utilizing enhanced 
features and functionality, including voluntary polling to gather 
responses from attendees to generate reports or the interactive chat 
feature.
    6. To facilitate team collaboration and communication through 
information sharing and cross-functional participation.
    7. To provide users outside of the USPS limited collaboration and 
communication capabilities through guest account access.
    8. To facilitate and support cybersecurity investigations of 
detected or reported information security incidents.
    9. To share your personal image via your device camera during 
meetings and web conferences, if you voluntarily choose to turn the 
camera on, enabling virtual face-to-face conversations.
    10. To provide pre-registration for guest access to online meetings 
and web conferences
    11. To facilitate and support marketing initiatives, advertising 
campaigns, brand strategy, customer experience with products and 
service, including call centers, strategic customer programs, and 
innovation and product improvement development.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    1. Customers who interact with USPS sales personnel, respond to 
direct marketing messages, request publications, respond to contests 
and surveys, voluntarily participate in focus groups, interviews, 
diaries, observational studies, prototype assessments, A/B comparison 
tests, and attend USPS events.
    2. Customers and other individuals who participate in web-based 
meeting, video conference, collaboration, and communication 
applications sponsored by the USPS.

CATEGORIES OF RECORDS IN THE SYSTEM:
    1. Customer information: Customer and key contacts' names, date of 
birth, age, home mailing address, and email address; phone, fax, and 
pager numbers; company name, job descriptions, titles, roles, level, 
and company address; other names and emails provided by customers.
    2. Identifying information: Customer ID(s), D-U-N-S Numbers, USPS 
account numbers, meter numbers, and signatures.
    3. Business specific information: Firm name, size, and years in 
business; number of employees; sales and revenue information; business 
sites and locations; URLs; company age; industrial classification 
numbers; use of USPS and competitor's products and services; types of 
customers served; customer equipment and services; advertising agency 
and spending; names of USPS employees serving the firm; and calls made.
    4. Information specific to companies that act as suppliers to USPS: 
Contract start and end dates, contract award number, contract value, 
products and/or services sold under contract.
    5. Information provided by customers as part of a survey or 
contest.
    6. Payment information: Credit and/or debit card number, type, 
expiration date, and check information; and ACH information.
    7. Event information: Name of event; role at event; itinerary; and 
membership in a PCC.
    8. Customer preferences: Preferences for badge name and 
accommodations.
    9. Survey data: customer perception, feelings, habits, past 
behaviors, preferences, recommended improvements, willingness to buy, 
ownership, and hypothetical future scenarios.
    10. Participant session data from web-based meetings and web 
conferences: Participant name, participant's webcam-generated image 
(including presenters), recorded participant audio, video, and shared 
meeting screen content, chat interaction, polling questions and 
associated responses, participant join time and leave time, meeting 
duration, participant location, and participant media hardware 
information, Participant Job Information, Participant Stated Locale, 
Participant Connection Type, Participant Data Center, Participant 
Device Type, Participant Domain, Participant Full Data Center, 
Participant Hard Disk ID, Participant ID, Participant IP Address, 
Participant Join Time, Participant Camera Name, Participant MAC 
Address, Participant Microphone Name, Participant Network Type, 
Participant PC Name, Participant Role, Participant Share Settings, 
Participant Speaker Name, Participant Status, Participant User ID, 
Participant User Name, Participant Zoom, Participant SIP URL, 
Participant Leave Reason, Participant AS Input, Participant AS Output, 
Participant Audio Input, Participant Audio Output, Participant CPU 
Usage, Participant Video Input, Participant Video Output, Participant 
Quality, Participant Sharing Details, Participant Recording Details.
    11. Device data from web-based meetings and web conferences: Device 
type (such as mobile, desktop, or tablet), Device Operating System, 
Number of users of related Operating Systems, Operating System Version, 
Operating System Type, MAC address, and IP address, hard disk ID, PC 
Name, Bluetooth Information, Packet Loss, internet Connection Type, 
Bluetooth Device Name, Bluetooth Device Type, Device Architecture, 
Central Processing Unit (CPU) Core Type, CPU core frequency, CPU Brand, 
Available Memory, Total CPU Capacity, Total Capacity Utilized by 
Application, Memory Used by Application, API Permissions, API 
Authentication, Authentication Secret Key, Graphics Processing Unit 
(GPU) Brand, GPU Type, Custom Attributes Defined by Organization, 
Archived Meeting Files, Archive Meeting Account Name, Archived Meeting 
File Download User, Archived Meeting File Extension, Archived Meeting 
File Size, Archived Meeting File Type, Archived Meeting File ID, 
Archived Meeting File Participant Email, Archived Meeting Participant 
Join Time, Archived Meeting Participant Leave Time, Archived Meeting 
File Recording Type, Archived Meeting File Status, Archived Meeting 
Complete Time, Archived Meeting

[[Page 79012]]

Complete Time Duration, Archived Meeting Duration, Archived Meeting 
Duration In Seconds, Archived Meeting Host ID, Archived Meeting ID, 
Archived Meeting Settings, Archived Meeting Type, Archived Meeting 
Recording Count, Archived Meeting Start Time, Archived Meeting Topic, 
Archived Meeting Total Size, Archived Meeting UU ID, Past Meeting 
Participant ID, Past Meeting Participant Name, Past Meeting Participant 
Email, SIP Phone Authorization Name, SIP Phone Domain, SIP Phone ID, 
SIP Phone Password, SIP Phone Proxy Servers, SIP Phone Register 
Servers, SIP Phone Registration Expire Time, SIP Phone Transport 
Protocols, SIP Phone User Email, SIP Phone User Name, SIP Phone Voice 
Voicemail.
    12. User data from web-based meetings and web conferences: User 
Creation Date, User Department, User Email Address, User Employee ID, 
User Name, User System ID, User Chat Group Ids, User System Client 
Version, User Last Login Time, User Picture URL, User PMI, User Status, 
User Timezone, User Type, User Verified Status, User Password, User 
JID, User Language, User Manager, User Personal Meeting URL, User Role 
ID, User Role Name, User Use PMI Status, User Phone Country, User 
Company, User Custom Attributes, User CMS User ID, User Pronouns, User 
Vanity Name, User Assistant Email, User Assistant ID, User Permissions, 
User Presence Status, User Scheduler Email, User Scheduler ID, User 
Settings, User Token, User Meeting Minutes, User Number Of Meetings, 
User Participant Number, User's Web Conferences Template, User 
Scheduled Web Conferences, User Web Conferences Settings, User Web 
Conferences Recurrence Settings, User Web Conferences Password, User 
Web Conferences Agenda, User Web Conferences Duration, User Web 
Conferences Start Time, User Web Conferences Template ID, User Web 
Conferences Topic. User Web Conferences Tracking Fields, User Web 
Conferences Time zone User Web Conferences Created Date, User Web 
Conferences Host ID, User Web Conferences Type, User Web Conferences UU 
ID, User Web Conferences Start URL, User TSP Account Conference Code, 
User TSP Account Dial-In Numbers, User TSP Account ID, User TSP Account 
Leader PIN, User TSP account TSP Bridge, User TSP Audio URL, Chat 
Messaging Content.
    13. Web-based meeting and web conference administration data: 
Account Administrator Name, Account Contact Information Account ID, 
Account Billing Information, Account Plan Information, Conference Room 
Account type, Conference Room calendar name, conference room camera 
name, conference room device IP address, conference room email address, 
conference room health, conference room ID, conference room issues, 
conference room last start time, conference room microphone name, 
conference room name, conference room speaker name, conference room 
status, Conference Room live meeting, Conference Room past meetings, 
conference room activation code, conference room support email, 
conference room support phone, conference room passcode, conference 
room settings, conference room location description, conference room 
location name, User Sign In And Sign Out Times, Deleted Message Sender, 
Deleted Message Time, Deleted Message ID, Deleted Message Text, Deleted 
Message Main Message ID, Deleted Message Main Message Timestamp, 
Deleted Message File Name, Deleted Message File Size, Edited Message 
Sender, Edited Message Time, Edited Message ID, Edited Message Text, 
Edited Message Main Message ID, Edited Message Main Message Timestamp, 
Edited Message File Name, Edited Message File Size, Message Sender, 
Message Time, Message ID, Message Main Message ID, Message Main Message 
Timestamp, Message File, Message File Size, Group admin name, Group 
admin email, group admin ID, group member email, group member first 
name, group member last name, group member ID, group member type, chat 
group ID, chat group name, chat croup total members, chat group, Files 
sent through chat, GIPHYs sent through chat, groups sent through chat, 
p2p sent through chat, text sent through chat, total sent through chat, 
audio sent through chat, code snippet sent through chat, Operation Log 
action, operation log category type, operation log operation detail, 
operation log user, operation log time, Role member department, role 
member email, role member first name, role member ID, role member type, 
client feedback detail email, client feedback detail meeting ID, client 
feedback detail participant name, client feedback detail time.
    14. Web-Based Meeting And Web Conference Telemetry Data: Event 
Time, Client Type, Event Location, Event, Subevent, UUID, Client 
Version, UserID, Client OS, Meeting ID.
    15. Chat Application Telemetry Data: User Email, Group Chat, 
Message Type, In Meeting Message, Status, Do Not Disturb Time, 
Notification Setting, Show Group On Contact List, File Type, File 
Location, Link URL, Keywords, GIF Keywords, Emoji Code, Audio Setting, 
Video Setting, Is E2E Enabled, Message ID, IP Address.
    16. Communication Data: Deleted Persistent Message Sender, Deleted 
Persistent Message Time, Deleted Persistent Message ID, Deleted 
Persistent Message Text, Deleted Persistent Message Main Message ID, 
Deleted Persistent Message Main Message Timestamp, Deleted Persistent 
Message File Name, Deleted Persistent Message File Size, Edited 
Persistent Message Sender, Edited Persistent Message Time, Edited 
Persistent Message ID, Edited Persistent Message Text, Edited 
Persistent Message Main Message ID, Edited Persistent Message Main 
Message Timestamp, Edited Persistent Message File Name, Edited 
Persistent Message File Size, Persistent Message Sender, Persistent 
Message Time, Persistent Message ID, Persistent Message Main Message 
ID, Persistent Message Main Message Timestamp, Persistent Message File, 
Persistent Message File Size, Persistent Message Images Exchanged, 
Persistent Message Files Exchanged, Persistent Message Videos 
Exchanged, Persistent Message Channel Title, Persistent Message 
Whiteboard Annotations, Persistent Message Text, Deleted Message 
Sender, Deleted Message Time, Deleted Message ID, Deleted Message Text, 
Deleted Message Main Message ID, Deleted Message Main Message 
Timestamp, Deleted Message File Name, Deleted Message File Size, Edited 
Message Sender, Edited Message Time, Edited Message ID, Edited Message 
Text, Edited Message Main Message ID, Edited Message Main Message 
Timestamp, Edited Message File Name, Edited Message File Size, Message 
Sender, Message Time, Message ID, Message Main Message ID, Message Main 
Message Timestamp, Message File, Message File Size, Message Text.
    17. Survey data: customer perception, feelings, habits, past 
behaviors, preferences, recommended improvements, willingness to buy, 
ownership, and hypothetical future scenarios.

RECORD SOURCE CATEGORIES:
    Customers, USPS personnel, and list providers.

ROUTINE USES OF RECORDS IN THE SYSTEM, INCLUDING CATEGORIES OF USERS 
AND THE PURPOSES OF SUCH USES:
    Standard routine uses 1. through 7., 10., and 11. apply.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Automated databases, computer storage media, and paper.

[[Page 79013]]

POLICIES OF PRACTICES FOR RETRIEVAL OF RECORDS:
    1. For sales, events, and publications, information is retrieved by 
customer name or customer ID(s), mail or email address, and phone 
number.
    2. For direct marketing, information is retrieved by Standard 
Industry Code (SIC) or North American Industry Classification System 
(NAISC) number, and company name.
    3. Report and tracking data created during web-based meetings and 
video conferences that pertain to individual participants, content 
shared, conference codes and other relevant session data and historical 
device usage data, are retrieved by meeting ID, host name or host email 
address.
    4. Records pertaining to web-based collaboration and communication 
applications are retrieved by organizer name and other associated 
personal identifiers.
    5. Media recordings created during web-based meetings and video 
conferences are retrieved by meeting ID, host name or host email 
address.
    6. Web-based meeting and video session recordings are retrieved by 
meeting ID, host name or host email address.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    1. Records relating to organizations and publication mailing lists 
are retained until the customer ceases to participate.
    2. ACH records are retained up to 2 years. Records relating to 
direct marketing, advertising, and promotions are retained 5 years.
    3. Other records are retained 3 years after the relationship ends.
    4. Report and tracking data created during web-based meeting and 
video conferences, such as session data and historical device usage 
data, are retained for twenty-four months.
    5. Records pertaining to web-based collaboration and communication 
applications are retained for twenty-four months.
    6. Web-based meeting and video session recordings are retained for 
twenty-four months.
    7. Customer insight, market research, and survey records will be 
retained for 3 years.
    Records existing on paper are destroyed by burning, pulping, or 
shredding. Records existing on computer storage media are destroyed 
according to the applicable USPS media sanitization practice.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Paper records, computers, and computer storage media are located in 
controlled-access areas under supervision of program personnel. Access 
to these areas is limited to authorized personnel, who must be 
identified with a badge.
    Access to records is limited to individuals whose official duties 
require such access. Contractors and licensees are subject to contract 
controls and unannounced on-site audits and inspections.
    Computers are protected by mechanical locks, card key systems, or 
other physical access control methods. The use of computer systems is 
regulated with installed security software, computer logon 
identifications, and operating system controls including access 
controls, terminal and transaction logging, and file management 
software. Online data transmission is protected by encryption.

RECORD ACCESS PROCEDURES:
    Requests for access must be made in accordance with the 
Notification Procedure above and USPS Privacy Act regulations regarding 
access to records and verification of identity under 39 CFR 266.5.

CONTESTING RECORD PROCEDURES:
    See Notification Procedure and Record Access Procedures above.

NOTIFICATION PROCEDURES:
    For information pertaining to sales, inquiries should be addressed 
to: Sales and Customer Relations 475 L'Enfant Plaza SW, Washington, DC 
20260.
    Customers wanting to know if other information about them is 
maintained in this system of records must address inquiries in writing 
to the Chief Customer and Marketing Officer and Executive Vice 
President and include their name and address.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    August 4, 2020, 85 FR 47258; June 1, 2020, 85 FR 33208; October 24, 
2011, 76 FR 65756; April 29, 2005, 70 FR 22516.

Ruth Stevenson,
Chief Counsel, Ethics and Legal Compliance.
[FR Doc. 2022-28026 Filed 12-22-22; 8:45 am]
BILLING CODE P