Privacy Act of 1974; Implementation, 60411-60413 [2023-18681]
Download as PDF
<![CDATA[
Federal Register / Vol. 88, No. 169 / Friday, September 1, 2023 / Proposed Rules
Dated: August 29, 2023.
Anna Davis,
General Counsel.
Ms.
Rahwa Keleta, OSD.DPCLTD@mail.mil;
(703) 571–0070.
SUPPLEMENTARY INFORMATION:
FOR FURTHER INFORMATION CONTACT:
[FR Doc. 2023–18970 Filed 8–31–23; 8:45 am]
BILLING CODE 6732–01–P
DEPARTMENT OF DEFENSE
Office of the Secretary
32 CFR Part 310
[Docket ID: DoD–2023–OS–0060]
RIN 0790–AL64
Privacy Act of 1974; Implementation
Office of the Secretary of
Defense (OSD), Department of Defense
(DoD).
ACTION: Proposed rule.
AGENCY:
The Department of Defense
(Department or DoD) is giving
concurrent notice of a new Departmentwide system of records pursuant to the
Privacy Act of 1974 for the DoD–0019,
‘‘Information Technology Access and
Audit Records,’’ system of records and
this proposed rulemaking. In this
proposed rulemaking, the Department
proposes to exempt portions of this
system of records from certain
provisions of the Privacy Act of 1974, as
amended, because of national security
requirements and to avoid interference
during the conduct of criminal, civil, or
administrative actions or investigations.
DATES: Send comments on or before
October 31, 2023.
SUMMARY:
You may submit comments,
identified by docket number, Regulation
Identifier Number (RIN), and title, by
any of the following methods.
* Federal Rulemaking Portal: https://
www.regulations.gov. Follow the
instructions for submitting comments.
* Mail: Department of Defense, Office
of the Assistant to the Secretary of
Defense for Privacy, Civil Liberties, and
Transparency, Regulatory Directorate,
4800 Mark Center Drive, Attn: Mailbox
24, Suite 08D09, Alexandria, VA 22350–
1700.
Instructions: All submissions received
must include the agency name and
docket number or RIN for this Federal
Register document. The general policy
for comments and other submissions
from members of the public is to make
these submissions available for public
viewing on the internet at https://
www.regulations.gov as they are
received without change, including any
personal identifiers or contact
information.
lotter on DSK11XQN23PROD with PROPOSALS1
ADDRESSES:
VerDate Sep<11>2014
16:27 Aug 31, 2023
Jkt 259001
I. Background
In accordance with the Privacy Act of
1974, the DoD is establishing a new
Department-wide system of records
titled ‘‘Information Technology Access
and Audit Records,’’ DoD–0019. The
purpose of this system of records is to
support information systems being
established within the DoD using the
same categories of data for the same
purposes. This system of records covers
DoD’s maintenance of records related to
requests for user access, attempts to
access, granting of access, records of
user actions for DoD information
technology (IT) systems, and user
agreements. This includes details of
programs, databases, functions, and
sites accessed and/or used, and the
information products created, received,
or altered during the use of IT systems.
The system consists of both electronic
and paper records and will be used by
DoD components and offices to
maintain records about individuals who
have user agreements, user access to and
activity on networks, computer systems,
applications, databases, or other digital
technologies.
II. Privacy Act Exemption
The Privacy Act permits Federal
agencies to exempt eligible records in a
system of records from certain
provisions of the Act, including that
provide individuals with a right to
request access to and amendment of
their own records and accountings of
disclosures of such records. If an agency
intends to exempt a particular system of
records, it must first go through the
rulemaking process pursuant to 5 U.S.C.
553(b)(1)–(3), (c), and (e). This proposed
rule explains why an exemption is being
claimed for this system of records and
invites public comment, which DoD
will consider before the issuance of a
final rule implementing the exemption.
The DoD proposes to modify 32 CFR
part 310 to add a new Privacy Act
exemption rule for DoD–0019,
‘‘Information Technology Access and
Audit Records.’’ The DoD proposes to
exempt portions of this system of
records from certain provisions of the
Privacy Act because information in this
system of records may fall within the
scope of the following Privacy Act
exemptions: (k)(1) and (k)(2).
The DoD proposes to exempt this
system of records because some of these
records may contain classified national
security information and providing
notice, access, amendment, and
PO 00000
Frm 00027
Fmt 4702
Sfmt 4702
60411
disclosure of accounting of those
records to an individual, as well as
certain record-keeping requirements,
may cause damage to national security.
The Privacy Act, pursuant to 5 U.S.C.
552a(k)(1), authorizes agencies to claim
an exemption for systems of records that
contain information properly classified
pursuant to executive order. DoD is
proposing to claim an exemption from
several provisions of the Privacy Act,
including various access, amendment,
disclosure of accounting, and certain
record-keeping and notice requirements,
to prevent disclosure of any information
properly classified pursuant to
executive order, as implemented by DoD
Instruction 5200.01 and DoD Manual
5200.01, Volumes 1 and 3.
The DoD is also proposing this
exemption rule because this system of
records may contain investigatory
material compiled for law enforcement
purposes within the scope of 5 U.S.C.
552a(k)(2). This exemption allows DoD
entities to claim an exemption for
systems of records that contain
investigatory materials compiled for law
enforcement purposes, other than
material within the scope of 5 U.S.C.
552a(j)(2), which describes certain
material related to the enforcement of
criminal laws maintained by principalfunction criminal law enforcement
agencies. The Department therefore is
proposing to claim an exemption from
several provisions of the Privacy Act,
including various access, amendment,
disclosure of accounting, and certain
record-keeping and notice requirements,
to prevent, among other harms, the
identification of actual or potential
subjects of investigation and/or sources
of investigative information and to
avoid frustrating the underlying law
enforcement purpose for which the
records were collected.
Records in this system of records are
only exempt from the Privacy Act to the
extent the purposes underlying the
exemption pertain to the record. A
notice of a new system of records for
DoD–0019, ‘‘Information Technology
Access and Audit Records,’’ is also
published in this issue of the Federal
Register.
Regulatory Analysis
Executive Order 12866, ‘‘Regulatory
Planning and Review’’ and Executive
Order 13563, ‘‘Improving Regulation
and Regulatory Review’’
Executive Orders 12866 and 13563
direct agencies to assess all costs and
benefits of available regulatory
alternatives and, if regulation is
necessary, to select regulatory
approaches that maximize net benefits
E:\FR\FM\01SEP1.SGM
01SEP1
60412
Federal Register / Vol. 88, No. 169 / Friday, September 1, 2023 / Proposed Rules
(including potential economic,
environmental, public health and safety
effects, distribute impacts, and equity).
Executive Order 13563 emphasizes the
importance of quantifying both costs
and benefits, of reducing costs, of
harmonizing rules, and of promoting
flexibility. It has been determined that
this rule is not a significant regulatory
action.
Congressional Review Act (5 U.S.C.
804(2))
The Congressional Review Act, 5
U.S.C. 801 et seq., generally provides
that before a rule may take effect, the
agency promulgating the rule must
submit a rule report, which includes a
copy of the rule, to each House of the
Congress and to the Comptroller General
of the United States. DoD will submit a
report containing this rule and other
required information to the U.S. Senate,
the U.S. House of Representatives, and
the Comptroller General of the United
States. A major rule may take effect no
earlier than 60 calendar days after
Congress receives the rule report or the
rule is published in the Federal
Register, whichever is later. This rule is
not a ‘‘major rule’’ as defined by 5
U.S.C. 804(2).
Section 202, Public Law 104–4,
‘‘Unfunded Mandates Reform Act’’
Section 202(a) of the Unfunded
Mandates Reform Act of 1995 (UMRA)
(2 U.S.C. 1532(a)) requires agencies to
assess anticipated costs and benefits
before issuing any rule whose mandates
may result in the expenditure by State,
local, and tribal governments in the
aggregate, or by the private sector, in
any one year of $100 million in 1995
dollars, updated annually for inflation.
This rule will not mandate any
requirements for State, local, or tribal
governments, nor will it affect private
sector costs.
lotter on DSK11XQN23PROD with PROPOSALS1
Public Law 96–354, ‘‘Regulatory
Flexibility Act’’ (5 U.S.C. 601 et seq.)
The Assistant to the Secretary of
Defense for Privacy, Civil Liberties, and
Transparency has certified that this rule
is not subject to the Regulatory
Flexibility Act (5 U.S.C. 601 et seq.)
because it would not, if promulgated,
have a significant economic impact on
a substantial number of small entities.
This rule is concerned only with the
administration of Privacy Act systems of
records within the DoD. Therefore, the
Regulatory Flexibility Act, as amended,
does not require us to prepare a
regulatory flexibility analysis.
VerDate Sep<11>2014
16:27 Aug 31, 2023
Jkt 259001
Public Law 96–511, ‘‘Paperwork
Reduction Act’’ (44 U.S.C. 3501 et seq.)
The Paperwork Reduction Act (44
U.S.C. 3501 et seq.) was enacted to
minimize the paperwork burden for
individuals; small businesses;
educational and nonprofit institutions;
Federal contractors; State, local and
tribal governments; and other persons
resulting from the collection of
information by or for the Federal
Government. The Act requires agencies
obtain approval from the Office of
Management and Budget before using
identical questions to collect
information from ten or more persons.
This rule does not impose reporting or
recordkeeping requirements on the
public.
Executive Order 13132, ‘‘Federalism’’
It has been determined that this rule
does not have federalism implications.
This rule does not have substantial
direct effects on the States, on the
relationship between the Federal
Government and the States, or on the
distribution of power and
responsibilities among the various
levels of government.
Executive Order 13175, ‘‘Consultation
and Coordination With Indian Tribal
Governments’’
Executive Order 13175 establishes
certain requirements that an agency
must meet when it promulgates a
proposed rule (and subsequent final
rule) that imposes substantial direct
compliance costs on one or more Indian
tribes, preempts tribal law, or affects the
distribution of power and
responsibilities between the Federal
Government and Indian tribes. This rule
will not have a substantial effect on
Indian tribal governments.
List of Subjects in 32 CFR Part 310
Privacy.
Accordingly, 32 CFR part 310 is
proposed to be amended as follows:
PART 310—PROTECTION OF PRIVACY
AND ACCESS TO AND AMENDEMENT
OF INDIVIDUAL RECORDS UNDER
THE PRIVACY ACT OF 1974
1. The authority citation for part 310
continues to read as follows:
■
Authority: 5 U.S.C. 552a.
2. Amend § 310.13 by adding
paragraph (e)(14) to read as follows:
■
§ 310.13 Exemptions for DoD-wide
systems.
*
*
*
(e) * * *
PO 00000
Frm 00028
*
Fmt 4702
*
Sfmt 4702
(14) System identifier and name.
DoD–0019, ‘‘Information Technology
Access and Audit Records.’’
(i) Exemptions. This system of records
is exempt from 5 U.S.C. 552a (c)(3);
(d)(1), (2), (3), and (4); (e)(1); (e)(4)(G),
(H), and (I); and (f).
(ii) Authority. 5 U.S.C. 552a(k)(1) and
(k)(2).
(iii) Exemption from the particular
subsections. Exemption from the
particular subsections is justified for the
following reasons:
(A) Subsections (c)(3), (d)(1), and
(d)(2).
(1) Exemption (k)(1). Records in this
system of records may contain
information that is properly classified
pursuant to executive order.
Application of exemption (k)(1) may be
necessary because access to and
amendment of the records, or release of
the accounting of disclosures for such
records, could reveal classified
information. Disclosure of classified
records to an individual may cause
damage to national security.
(2) Exemption (k)(2). Records in this
system of records may contain
investigatory material compiled for law
enforcement purposes other than
material within the scope of 5 U.S.C.
552a(j)(2). Application of exemption
(k)(2) may be necessary because access
to, amendment of, or release of the
accounting of disclosures of such
records could: inform the record subject
of an investigation of the existence,
nature, or scope of an actual or potential
law enforcement or disciplinary
investigation, and thereby seriously
impede law enforcement efforts by
permitting the record subject and other
persons to whom he might disclose the
records or the accounting of records to
avoid criminal penalties, civil remedies,
or disciplinary measures; interfere with
a civil or administrative action or
investigation by allowing the subject to
tamper with witnesses or evidence, and
to avoid detection or apprehension,
which may undermine the entire
investigatory process; reveal
confidential sources who might not
have otherwise come forward to assist
in an investigation and thereby hinder
DoD’s ability to obtain information from
future confidential sources; and result
in an unwarranted invasion of the
privacy of others. Amendment of such
records could also impose a highly
impracticable administrative burden by
requiring investigations to be
continuously reinvestigated.
(B) Subsections (d)(3) and (4). These
subsections are inapplicable to the
extent an exemption is claimed from
subsections (d)(1) and (2). Accordingly,
exemptions from subsections (d)(3) and
E:\FR\FM\01SEP1.SGM
01SEP1
lotter on DSK11XQN23PROD with PROPOSALS1
Federal Register / Vol. 88, No. 169 / Friday, September 1, 2023 / Proposed Rules
(d)(4) are claimed pursuant to (k)(1) and
(k)(2).
(C) Subsection (e)(1). Additionally,
records within this system may be
properly classified pursuant to
executive order. The collection of
information pertaining to the use of
government information technology and
data systems may include classified
records, and it is not always possible to
conclusively determine the relevance
and necessity of such information in the
early stages of a collection. In some
instances, it will be only after the
collected information is evaluated in
light of other information that its
relevance and necessity can be assessed.
Further, disclosure of classified records
to an individual may cause damage to
national security. Additionally, in the
collection of information for
investigatory or law enforcement
purposes it is not always possible to
conclusively determine the relevance
and necessity of particular information
in the early stages of the investigation or
adjudication. In some instances, it will
be only after the collected information
is evaluated in light of other information
that its relevance and necessity for
effective investigation and adjudication
can be assessed. Collection of such
information permits more informed
decision-making by the Department
when making required investigatory or
law enforcement determinations.
Accordingly, application of exemptions
(k)(1) and (2) may be necessary.
(D) Subsections (e)(4)(G) and (H).
These subsections are inapplicable to
the extent exemption is claimed from
subsections (d)(1) and (2).
(E) Subsection (e)(4)(I). To the extent
that this provision is construed to
require more detailed disclosure than
the broad, generic information currently
published in the system notice, an
exemption from this provision is
necessary to protect national security,
the confidentiality of sources of
information and to protect the privacy
and physical safety of witnesses and
informants. Accordingly, application of
exemptions (k)(1) and (2) may be
necessary.
(F) Subsection (f). The agency’s rules
are inapplicable to those portions of the
system that are exempt. Accordingly,
application of exemptions (k)(1) and (2)
may be necessary.
(iv) Exempt records from other
systems. In the course of carrying out
the overall purpose for this system,
exempt records from other systems of
records may in turn become part of the
records maintained in this system. To
the extent that copies of exempt records
from those other systems of records are
maintained in this system, the DoD
VerDate Sep<11>2014
16:27 Aug 31, 2023
Jkt 259001
60413
claims the same exemptions for the
records from those other systems that
are entered into this system, as claimed
for the prior system(s) of which they are
a part, provided the reason for the
exemption remains valid and necessary.
FOR FURTHER INFORMATION CONTACT:
Dated: August 24, 2023.
Aaron T. Siegel,
Alternate OSD Federal Register Liaison
Officer, Department of Defense.
I. Background
The Copyright Act provides two
sources of materials that can be selected
by the Library of Congress for its
collections. The first is the ‘‘mandatory
deposit’’ requirement set forth in section
407 of title 17. Under section 407,
owners of copyright-protected works
published in the United States must
generally deposit two complete copies
of the best edition of the work ‘‘for the
use or disposition of the Library of
Congress.’’ 1 ‘‘The ‘best edition’ of a
work’’ is defined as ‘‘the edition,
published in the United States at any
time before the date of deposit, that the
Library of Congress determines to be
most suitable for its purposes.’’ 2 The
Office’s regulations, including § 202.19
and Appendix B of part 202, set forth
rules and criteria for the different types
of works subject to mandatory deposit.
The second source of materials is
section 408, which requires applicants
seeking to register the copyright in
published works to provide the Office
with ‘‘two complete copies or
phonorecords of the best edition.’’ 3 To
avoid the duplication of deposits,
section 408 specifies that copies or
phonorecords deposited under section
407 ‘‘may be used to satisfy the deposit
provisions’’ of section 408 if they ‘‘are
accompanied by the prescribed
application and fee.’’ 4 Registration
deposits are ‘‘available to the Library of
Congress for its collections,’’ and items
not selected by the Library are retained
by the Office for a period of time.5
Both sections 407 and 408 grant the
Register of Copyrights broad regulatory
authority to specify the nature of the
[FR Doc. 2023–18681 Filed 8–31–23; 8:45 am]
BILLING CODE 5001–06–P
LIBRARY OF CONGRESS
Copyright Office
37 CFR Part 202
[Docket No. 2023–3]
Access to Electronic Works
U.S. Copyright Office, Library
of Congress.
ACTION: Notice of proposed rulemaking.
AGENCY:
The U.S. Copyright Office is
issuing a notice of proposed rulemaking
to update its regulation governing
electronic deposits of published works
submitted to the Office that have been
selected for addition to the collections
of the Library of Congress. The current
regulation permits the Library to collect
and provide limited on-site access to
groups of newspapers electronically
submitted for registration, as well as
electronic serials and books submitted
for mandatory deposit. The proposed
rule expands the categories of electronic
deposits covered by the regulation with
the same limitations on access as are
currently in place. The proposed
changes are part of ongoing steps by the
Library and the Office to encourage the
submission of works in electronic form
and reduce the need for copyright
owners to deposit physical copies.
DATES: Written comments must be
received by no later than 11:59 p.m.
Eastern Time on October 2, 2023. Reply
written comments must be received no
later than 11:59 p.m. Eastern Time on
October 16, 2023.
ADDRESSES: For reasons of government
efficiency, the Copyright Office is using
the regulations.gov system for the
submission and posting of public
comments in this proceeding. All
comments are therefore to be submitted
electronically through regulations.gov.
Specific instructions for submitting
comments are available on the
Copyright Office website at https://
www.copyright.gov/rulemaking/
edeposit-access.
SUMMARY:
PO 00000
Frm 00029
Fmt 4702
Sfmt 4702
Rhea Efthimiadis, Assistant to the
General Counsel, by email at meft@
copyright.gov or telephone at 202–707–
8350.
SUPPLEMENTARY INFORMATION:
1 17
U.S.C. 407, 407(b).
at 101.
3 Id. at 408(b)(2). Section 408(b) also sets out the
deposit requirements for the registration of
unpublished works (id. at 408(b)(1)), works first
published outside of the United States (id. at
408(b)(3)), and contributions to collective works (id.
at 408(b)(4)).
4 Id. at 408(b). Although section 408 states that
copies deposited pursuant to the mandatory deposit
provision in section 407 may be used to satisfy the
registration deposit requirement in section 408, in
practice, the Office treats copies of works submitted
for registration as satisfying the mandatory deposit
requirement (assuming the deposit requirements are
the same), and not vice versa. 37 CFR 202.19(f)(1),
202.20(e); see Registration of Claims to Copyright
Deposit Requirements, 43 FR 763, 768 (Jan. 4, 1978).
5 17 U.S.C. 704(b), 704(d). Deposits of works
submitted under either sections 407 and 408 are
‘‘property of the United States Government’’ and
can be used by the Library for its collections. Id.
at 704(a), 704(b).
2 Id.
E:\FR\FM\01SEP1.SGM
01SEP1
]]>Agencies
[Federal Register Volume 88, Number 169 (Friday, September 1, 2023)]
[Proposed Rules]
[Pages 60411-60413]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-18681]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF DEFENSE
Office of the Secretary
32 CFR Part 310
[Docket ID: DoD-2023-OS-0060]
RIN 0790-AL64
Privacy Act of 1974; Implementation
AGENCY: Office of the Secretary of Defense (OSD), Department of Defense
(DoD).
ACTION: Proposed rule.
-----------------------------------------------------------------------
SUMMARY: The Department of Defense (Department or DoD) is giving
concurrent notice of a new Department-wide system of records pursuant
to the Privacy Act of 1974 for the DoD-0019, ``Information Technology
Access and Audit Records,'' system of records and this proposed
rulemaking. In this proposed rulemaking, the Department proposes to
exempt portions of this system of records from certain provisions of
the Privacy Act of 1974, as amended, because of national security
requirements and to avoid interference during the conduct of criminal,
civil, or administrative actions or investigations.
DATES: Send comments on or before October 31, 2023.
ADDRESSES: You may submit comments, identified by docket number,
Regulation Identifier Number (RIN), and title, by any of the following
methods.
* Federal Rulemaking Portal: https://www.regulations.gov. Follow the
instructions for submitting comments.
* Mail: Department of Defense, Office of the Assistant to the
Secretary of Defense for Privacy, Civil Liberties, and Transparency,
Regulatory Directorate, 4800 Mark Center Drive, Attn: Mailbox 24, Suite
08D09, Alexandria, VA 22350-1700.
Instructions: All submissions received must include the agency name
and docket number or RIN for this Federal Register document. The
general policy for comments and other submissions from members of the
public is to make these submissions available for public viewing on the
internet at https://www.regulations.gov as they are received without
change, including any personal identifiers or contact information.
FOR FURTHER INFORMATION CONTACT: Ms. Rahwa Keleta, [email protected];
(703) 571-0070.
SUPPLEMENTARY INFORMATION:
I. Background
In accordance with the Privacy Act of 1974, the DoD is establishing
a new Department-wide system of records titled ``Information Technology
Access and Audit Records,'' DoD-0019. The purpose of this system of
records is to support information systems being established within the
DoD using the same categories of data for the same purposes. This
system of records covers DoD's maintenance of records related to
requests for user access, attempts to access, granting of access,
records of user actions for DoD information technology (IT) systems,
and user agreements. This includes details of programs, databases,
functions, and sites accessed and/or used, and the information products
created, received, or altered during the use of IT systems. The system
consists of both electronic and paper records and will be used by DoD
components and offices to maintain records about individuals who have
user agreements, user access to and activity on networks, computer
systems, applications, databases, or other digital technologies.
II. Privacy Act Exemption
The Privacy Act permits Federal agencies to exempt eligible records
in a system of records from certain provisions of the Act, including
that provide individuals with a right to request access to and
amendment of their own records and accountings of disclosures of such
records. If an agency intends to exempt a particular system of records,
it must first go through the rulemaking process pursuant to 5 U.S.C.
553(b)(1)-(3), (c), and (e). This proposed rule explains why an
exemption is being claimed for this system of records and invites
public comment, which DoD will consider before the issuance of a final
rule implementing the exemption.
The DoD proposes to modify 32 CFR part 310 to add a new Privacy Act
exemption rule for DoD-0019, ``Information Technology Access and Audit
Records.'' The DoD proposes to exempt portions of this system of
records from certain provisions of the Privacy Act because information
in this system of records may fall within the scope of the following
Privacy Act exemptions: (k)(1) and (k)(2).
The DoD proposes to exempt this system of records because some of
these records may contain classified national security information and
providing notice, access, amendment, and disclosure of accounting of
those records to an individual, as well as certain record-keeping
requirements, may cause damage to national security. The Privacy Act,
pursuant to 5 U.S.C. 552a(k)(1), authorizes agencies to claim an
exemption for systems of records that contain information properly
classified pursuant to executive order. DoD is proposing to claim an
exemption from several provisions of the Privacy Act, including various
access, amendment, disclosure of accounting, and certain record-keeping
and notice requirements, to prevent disclosure of any information
properly classified pursuant to executive order, as implemented by DoD
Instruction 5200.01 and DoD Manual 5200.01, Volumes 1 and 3.
The DoD is also proposing this exemption rule because this system
of records may contain investigatory material compiled for law
enforcement purposes within the scope of 5 U.S.C. 552a(k)(2). This
exemption allows DoD entities to claim an exemption for systems of
records that contain investigatory materials compiled for law
enforcement purposes, other than material within the scope of 5 U.S.C.
552a(j)(2), which describes certain material related to the enforcement
of criminal laws maintained by principal-function criminal law
enforcement agencies. The Department therefore is proposing to claim an
exemption from several provisions of the Privacy Act, including various
access, amendment, disclosure of accounting, and certain record-keeping
and notice requirements, to prevent, among other harms, the
identification of actual or potential subjects of investigation and/or
sources of investigative information and to avoid frustrating the
underlying law enforcement purpose for which the records were
collected.
Records in this system of records are only exempt from the Privacy
Act to the extent the purposes underlying the exemption pertain to the
record. A notice of a new system of records for DoD-0019, ``Information
Technology Access and Audit Records,'' is also published in this issue
of the Federal Register.
Regulatory Analysis
Executive Order 12866, ``Regulatory Planning and Review'' and Executive
Order 13563, ``Improving Regulation and Regulatory Review''
Executive Orders 12866 and 13563 direct agencies to assess all
costs and benefits of available regulatory alternatives and, if
regulation is necessary, to select regulatory approaches that maximize
net benefits
[[Page 60412]]
(including potential economic, environmental, public health and safety
effects, distribute impacts, and equity). Executive Order 13563
emphasizes the importance of quantifying both costs and benefits, of
reducing costs, of harmonizing rules, and of promoting flexibility. It
has been determined that this rule is not a significant regulatory
action.
Congressional Review Act (5 U.S.C. 804(2))
The Congressional Review Act, 5 U.S.C. 801 et seq., generally
provides that before a rule may take effect, the agency promulgating
the rule must submit a rule report, which includes a copy of the rule,
to each House of the Congress and to the Comptroller General of the
United States. DoD will submit a report containing this rule and other
required information to the U.S. Senate, the U.S. House of
Representatives, and the Comptroller General of the United States. A
major rule may take effect no earlier than 60 calendar days after
Congress receives the rule report or the rule is published in the
Federal Register, whichever is later. This rule is not a ``major rule''
as defined by 5 U.S.C. 804(2).
Section 202, Public Law 104-4, ``Unfunded Mandates Reform Act''
Section 202(a) of the Unfunded Mandates Reform Act of 1995 (UMRA)
(2 U.S.C. 1532(a)) requires agencies to assess anticipated costs and
benefits before issuing any rule whose mandates may result in the
expenditure by State, local, and tribal governments in the aggregate,
or by the private sector, in any one year of $100 million in 1995
dollars, updated annually for inflation. This rule will not mandate any
requirements for State, local, or tribal governments, nor will it
affect private sector costs.
Public Law 96-354, ``Regulatory Flexibility Act'' (5 U.S.C. 601 et
seq.)
The Assistant to the Secretary of Defense for Privacy, Civil
Liberties, and Transparency has certified that this rule is not subject
to the Regulatory Flexibility Act (5 U.S.C. 601 et seq.) because it
would not, if promulgated, have a significant economic impact on a
substantial number of small entities. This rule is concerned only with
the administration of Privacy Act systems of records within the DoD.
Therefore, the Regulatory Flexibility Act, as amended, does not require
us to prepare a regulatory flexibility analysis.
Public Law 96-511, ``Paperwork Reduction Act'' (44 U.S.C. 3501 et seq.)
The Paperwork Reduction Act (44 U.S.C. 3501 et seq.) was enacted to
minimize the paperwork burden for individuals; small businesses;
educational and nonprofit institutions; Federal contractors; State,
local and tribal governments; and other persons resulting from the
collection of information by or for the Federal Government. The Act
requires agencies obtain approval from the Office of Management and
Budget before using identical questions to collect information from ten
or more persons. This rule does not impose reporting or recordkeeping
requirements on the public.
Executive Order 13132, ``Federalism''
It has been determined that this rule does not have federalism
implications. This rule does not have substantial direct effects on the
States, on the relationship between the Federal Government and the
States, or on the distribution of power and responsibilities among the
various levels of government.
Executive Order 13175, ``Consultation and Coordination With Indian
Tribal Governments''
Executive Order 13175 establishes certain requirements that an
agency must meet when it promulgates a proposed rule (and subsequent
final rule) that imposes substantial direct compliance costs on one or
more Indian tribes, preempts tribal law, or affects the distribution of
power and responsibilities between the Federal Government and Indian
tribes. This rule will not have a substantial effect on Indian tribal
governments.
List of Subjects in 32 CFR Part 310
Privacy.
Accordingly, 32 CFR part 310 is proposed to be amended as follows:
PART 310--PROTECTION OF PRIVACY AND ACCESS TO AND AMENDEMENT OF
INDIVIDUAL RECORDS UNDER THE PRIVACY ACT OF 1974
0
1. The authority citation for part 310 continues to read as follows:
Authority: 5 U.S.C. 552a.
0
2. Amend Sec. 310.13 by adding paragraph (e)(14) to read as follows:
Sec. 310.13 Exemptions for DoD-wide systems.
* * * * *
(e) * * *
(14) System identifier and name. DoD-0019, ``Information Technology
Access and Audit Records.''
(i) Exemptions. This system of records is exempt from 5 U.S.C. 552a
(c)(3); (d)(1), (2), (3), and (4); (e)(1); (e)(4)(G), (H), and (I); and
(f).
(ii) Authority. 5 U.S.C. 552a(k)(1) and (k)(2).
(iii) Exemption from the particular subsections. Exemption from the
particular subsections is justified for the following reasons:
(A) Subsections (c)(3), (d)(1), and (d)(2).
(1) Exemption (k)(1). Records in this system of records may contain
information that is properly classified pursuant to executive order.
Application of exemption (k)(1) may be necessary because access to and
amendment of the records, or release of the accounting of disclosures
for such records, could reveal classified information. Disclosure of
classified records to an individual may cause damage to national
security.
(2) Exemption (k)(2). Records in this system of records may contain
investigatory material compiled for law enforcement purposes other than
material within the scope of 5 U.S.C. 552a(j)(2). Application of
exemption (k)(2) may be necessary because access to, amendment of, or
release of the accounting of disclosures of such records could: inform
the record subject of an investigation of the existence, nature, or
scope of an actual or potential law enforcement or disciplinary
investigation, and thereby seriously impede law enforcement efforts by
permitting the record subject and other persons to whom he might
disclose the records or the accounting of records to avoid criminal
penalties, civil remedies, or disciplinary measures; interfere with a
civil or administrative action or investigation by allowing the subject
to tamper with witnesses or evidence, and to avoid detection or
apprehension, which may undermine the entire investigatory process;
reveal confidential sources who might not have otherwise come forward
to assist in an investigation and thereby hinder DoD's ability to
obtain information from future confidential sources; and result in an
unwarranted invasion of the privacy of others. Amendment of such
records could also impose a highly impracticable administrative burden
by requiring investigations to be continuously reinvestigated.
(B) Subsections (d)(3) and (4). These subsections are inapplicable
to the extent an exemption is claimed from subsections (d)(1) and (2).
Accordingly, exemptions from subsections (d)(3) and
[[Page 60413]]
(d)(4) are claimed pursuant to (k)(1) and (k)(2).
(C) Subsection (e)(1). Additionally, records within this system may
be properly classified pursuant to executive order. The collection of
information pertaining to the use of government information technology
and data systems may include classified records, and it is not always
possible to conclusively determine the relevance and necessity of such
information in the early stages of a collection. In some instances, it
will be only after the collected information is evaluated in light of
other information that its relevance and necessity can be assessed.
Further, disclosure of classified records to an individual may cause
damage to national security. Additionally, in the collection of
information for investigatory or law enforcement purposes it is not
always possible to conclusively determine the relevance and necessity
of particular information in the early stages of the investigation or
adjudication. In some instances, it will be only after the collected
information is evaluated in light of other information that its
relevance and necessity for effective investigation and adjudication
can be assessed. Collection of such information permits more informed
decision-making by the Department when making required investigatory or
law enforcement determinations. Accordingly, application of exemptions
(k)(1) and (2) may be necessary.
(D) Subsections (e)(4)(G) and (H). These subsections are
inapplicable to the extent exemption is claimed from subsections (d)(1)
and (2).
(E) Subsection (e)(4)(I). To the extent that this provision is
construed to require more detailed disclosure than the broad, generic
information currently published in the system notice, an exemption from
this provision is necessary to protect national security, the
confidentiality of sources of information and to protect the privacy
and physical safety of witnesses and informants. Accordingly,
application of exemptions (k)(1) and (2) may be necessary.
(F) Subsection (f). The agency's rules are inapplicable to those
portions of the system that are exempt. Accordingly, application of
exemptions (k)(1) and (2) may be necessary.
(iv) Exempt records from other systems. In the course of carrying
out the overall purpose for this system, exempt records from other
systems of records may in turn become part of the records maintained in
this system. To the extent that copies of exempt records from those
other systems of records are maintained in this system, the DoD claims
the same exemptions for the records from those other systems that are
entered into this system, as claimed for the prior system(s) of which
they are a part, provided the reason for the exemption remains valid
and necessary.
Dated: August 24, 2023.
Aaron T. Siegel,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
[FR Doc. 2023-18681 Filed 8-31-23; 8:45 am]
BILLING CODE 5001-06-P
