Privacy Act and Freedom of Information Act Regulations, 87960-87967 [2023-27473]
Download as PDF
87960
Proposed Rules
Federal Register
Vol. 88, No. 243
Wednesday, December 20, 2023
This section of the FEDERAL REGISTER
contains notices to the public of the proposed
issuance of rules and regulations. The
purpose of these notices is to give interested
persons an opportunity to participate in the
rule making prior to the adoption of the final
rules.
OFFICE OF MANAGEMENT AND
BUDGET
5 CFR Parts 1302 and 1303
RIN 0348–AB87
Privacy Act and Freedom of
Information Act Regulations
Office of Management and
Budget, Executive Office of the
President.
AGENCY:
ACTION:
Proposed rule.
The Office of Management
and Budget (OMB) seeks public
comment on a proposed rule that would
revise OMB’s regulations implementing
the Privacy Act and the Freedom of
Information Act (FOIA). These revisions
would update OMB’s regulations to
reflect changes in OMB’s current
organizational structure and best
practices. The proposed amendments
would also ensure consistency between
the access to records procedures in
OMB’s Privacy Act regulations and
OMB’s FOIA regulations; and with
applicable law and policies that were
enacted after OMB originally issued its
Privacy Act regulations in 1976. The
proposed revisions would also align
OMB’s regulations with those of other
agencies.
SUMMARY:
Comments are due on or before
January 19, 2024.
DATES:
You may send comments
by:
Federal eRulemaking Portal: https://
www.regulations.gov.
Instructions: All submissions must
contain the subject heading ‘‘OMB
Privacy Act and FOIA Regulations.’’
ddrumheller on DSK120RN23PROD with PROPOSALS1
ADDRESSES:
For
questions about these proposed
regulations, please contact Timothy
Ziese, 202–395–8693, OMBPA@
omb.eop.gov. You must include ‘‘OMB
Privacy Act and FOIA Regulations’’ in
the subject line.
FOR FURTHER INFORMATION CONTACT:
SUPPLEMENTARY INFORMATION:
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
Background
OMB proposes to revise its
regulations at 5 CFR part 1302
governing requests and responses under
the Privacy Act of 1974, as amended, 5
U.S.C. 552a (‘‘Privacy Act’’) and
corresponding changes at 5 CFR part
1303 governing requests and responses
under the Freedom of Information Act,
as amended, 5 U.S.C. 552 (‘‘FOIA’’).
The Privacy Act establishes certain
agency responsibilities and individual
rights regarding the collection, use,
maintenance, and disclosure of records
about individuals. To carry out these
responsibilities, the Privacy Act requires
agencies to promulgate regulations that
establish (1) procedures for notifying an
individual if any system of records
named by the individual contains a
record pertaining to that individual; (2)
procedures for making information
pertaining to an individual available to
that individual upon request, including
with respect to timelines and other
requirements; (3) procedures for
reviewing and adjudicating a request
from an individual concerning the
amendment of any record or
information pertaining to the
individual, and generally ensuring that
individuals can fully exercise their
rights under the Privacy Act; and (4)
fees to be charged, if any, to any
individual for making copies of records
pertaining to the individual, excluding
the cost of any search for and review of
the record. 5 U.S.C. 552a(f).
OMB’s current Privacy Act
regulations are codified at 5 CFR part
1302. These regulations were
promulgated in 1976. OMB proposes to
update them for consistency with
OMB’s current organizational structure
and best practices. Amendments would
also ensure consistency with (1) the
access to records procedures in OMB’s
FOIA regulations found at 5 CFR part
1303; and (2) applicable law and
policies that were enacted after 1976.
The proposed revisions would also
make OMB’s regulations more
consistent with those of other agencies,
including as recently proposed by the
Department of Justice (DOJ).
OMB also proposes conforming
revisions to OMB’s FOIA regulations,
most notably with regard to identity
verification. In accordance with 5 U.S.C.
552a(t), this proposal provides FOIA
requesters the benefit of both the
Privacy Act and FOIA disclosure
PO 00000
Frm 00001
Fmt 4702
Sfmt 4702
requirements. Additionally, if a
requested record is not part of a system
of records, or if the FOIA requester is
not an individual for purposes of the
Privacy Act, a FOIA requester may be
required to provide verification of
identity in order to obtain greater access
to records about themselves under the
FOIA. The proposed revisions to the
FOIA regulations therefore account for
the limited circumstances when a FOIA
requester may need to verify their
identity in order to receive information
that would otherwise be withheld under
a FOIA exemption. OMB proposes
additional revisions to OMB’s FOIA
regulations to reflect organizational
changes and clarify language. If a
requester cannot satisfy the identity
verification requirements of OMB’s
proposed Privacy Act regulations, OMB
will process the matter as a FOIA
request.
A shorter summary is available at
www.regulations.gov/docket/OMB-20230022.
Section-by-Section Analysis
General revisions to 5 CFR part 1302:
General revisions are proposed
throughout part 1302 to update
terminology used and to streamline
language for clarity, such as by
including titles for each section
summarizing the relevance of each
provision. The proposed regulation
would also reorder the regulation’s text
for consistency with those of other
agencies, including DOJ’s proposed
Privacy Act regulation (88 FR 1012). All
references to communications that are
written or in writing include
communications in hardcopy and
electronic mail.
Section 1302.1—General provisions:
This new section would include (1) the
purpose and scope of the Privacy Act
regulations; (2) definitions for ‘‘request
for access,’’ ‘‘request for amendment or
correction,’’ ‘‘request for an
accounting,’’ ‘‘requester,’’ and ‘‘system
manager’’; and (3) a clarification that
OMB may disclose any record covered
by the Privacy Act pursuant to a written
request or consent of the individual
about whom the record pertains.
Section 1302.2—Requirements for
making requests for access: This
proposed section, which would include
material that is currently codified in 5
CFR 1302.1 (‘‘Rules for determining if
an individual is the subject of a record’’)
and 1302.2 (‘‘Requests for access’’), is
E:\FR\FM\20DEP1.SGM
20DEP1
ddrumheller on DSK120RN23PROD with PROPOSALS1
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 / Proposed Rules
modeled after DOJ’s proposed Privacy
Act regulations. OMB proposes to
replace its current regulations’ sections
on ‘‘Rules for determining if an
individual is the subject of a record’’
and ‘‘Requests for access’’ with sections
for ‘‘Requirements for making requests
for access’’ and ‘‘Responsibility for
responding to requests.’’ OMB believes
that this revised categorization better
delineates what requesters must do and
what OMB must do.
Proposed paragraph (d) would
describe the method of providing
identity verification and proofing. OMB
believes this paragraph is necessary to
ensure appropriate methods are
available to individuals when verifying
their identity under proposed
paragraphs (e) and (f). As such, OMB
intends to provide a number of methods
pursuant to which individuals may
submit verification information in a
manner that safeguards their personal
information. Failure to use the approved
methods may result in failure to
expunge information consistent with
approved records schedules.
Proposed paragraph (e), which would
include provisions currently codified in
5 CFR 1302.2(b)(2)(vi)(A) through (G),
includes updates to reflect the specific
processes that a requester must perform
to verify their identity.
Proposed paragraph (f), which would
include provisions currently codified in
5 CFR 1302.2(b)(2)(vi)(E) (‘‘Access by
the parent of a minor or legal
guardian’’), describes the additional
processes required for a legal guardian
to request information on behalf of a
minor or an individual determined by a
court of competent jurisdiction to be
incompetent.
Proposed paragraphs (d), (e), and (f)
includes updates to accept remote
identity-proofing and authentication
when an individual makes a request
under the Privacy Act.
Section 1302.3—Responsibility for
responding to requests: This proposed
section, which would include
provisions currently codified in 5 CFR
1302.2(b)(2) (‘‘OMB action on request’’),
includes revisions to reflect the current
statutory requirements of 5 U.S.C. 552a.
Proposed paragraphs (a) and (b)
describe how OMB would acknowledge
a request, including any requests by
OMB for additional information
necessary to process a request.
Proposed paragraphs (c) and (d)
would specify what information OMB
will provide in response to a written
request.
Section 1302.4—Requests for an
Accounting: This proposed section,
which would include provisions
currently codified in 5 CFR 1302.3
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
(‘‘Access to the accounting of
disclosures from records’’), includes a
few editorial changes but otherwise
remains substantively the same as the
current regulation.
Section 1302.5—Requests for an
Amendment or Correction: This
proposed section, which would include
provisions currently codified in 5 CFR
1302.4 (‘‘Request to amend records’’),
adds paragraph (b)(2), which provides
requesters an alternative address to
which to send their Privacy Act request
for amendment to a record. The
requirements for notification and
timelines in proposed paragraph (c),
which would include provisions
currently located in paragraph (b)(2)
(‘‘OMB action on the request’’), are
revised to reflect the current statutory
requirements of 5 U.S.C. 552a.
Section 1302.6—Appeals: This
proposed section, which would include
provisions currently codified in 5 CFR
1302.5 (‘‘Request for review’’), includes
a number of updates. For example,
requests for review should be addressed
to the Senior Agency Official for
Privacy, who is responsible for
reviewing requests, consistent with E.O.
13719, OMB Circular No. A–130, and
OMB’s current practices. The
requirements for notification and
timelines in proposed paragraph (d),
which would include provisions
currently codified in 5 CFR 1302.5(g),
are revised to reflect the current
statutory requirements of 5 U.S.C. 552a.
Section 1302.7—Fees: This proposed
section, which would include
provisions currently codified in 5 CFR
1302.6 (‘‘Schedule of Fees’’), includes a
few editorial changes, but otherwise
remains substantively the same as the
existing regulation.
General Revisions to 5 CFR part 1303:
OMB is proposing limited revisions to
its FOIA regulations to update the
requirements for the verification of
identity, provide further clarity, and
reflect OMB’s current organizational
structure. The revisions to the identity
verification requirements, while
minimal, are significant in that they
describe OMB’s practice of providing
requesters the benefit of both the
Privacy Act and the FOIA. Should a
requester fail to provide adequate
verification of identity under the
Privacy Act, the request will normally
be treated as a FOIA request and subject
to the procedures in OMB’s FOIA
regulations at 5 CFR part 1303.
Nevertheless, under some
circumstances, for instance if the
requester is not an individual for
purposes of the Privacy Act or if the
record is not maintained in a system of
records, a FOIA requester may provide
PO 00000
Frm 00002
Fmt 4702
Sfmt 4702
87961
verification of identity in order to obtain
greater access to records that would
otherwise be exempt under FOIA.
Section 1303.3—Organization:
Proposed paragraph (a)(5) deletes
‘‘Intellectual Property Enforcement
Coordinator’’ because this office is no
longer housed within OMB, and is now
a separate office within the Executive
Office of the President. This proposed
paragraph also inserts the ‘‘Made in
America Office’’ as a statutory office in
OMB.
Section 1303.20—Where to send
requests: Among other things, this
proposed section adds ‘‘or the
Government-wide FOIA.Gov portal’’ to
account for the ability of members of the
public to submit FOIA requests through
the consolidated online request portal
described in 5 U.S.C. 552(m), currently
available at https://www.foia.gov.
Section 1303.21: This proposed
revision would clarify that OMB retains
discretion to request additional
information relating to a FOIA request,
including verification of identity. When
OMB does so it will follow the identity
verification processes as proposed in the
Privacy Act regulations.
Section 1303.30—Responsibility for
responding to requests: Proposed
paragraph (c)(2)(i), concerning
situations when OMB refers records
responsive to FOIA requests to other
agencies, clarifies that OMB will notify
the requester, and will inform them of
the agency that will be processing the
record, so that requesters will be
informed when a referral is made, not
just upon the final determination
concerning the record. In paragraph
(c)(2)(ii), OMB is proposing to revise the
opening language to clarify that the
coordination process is undertaken with
regard to particular records, and not to
the request as a whole, and proposing to
provide additional language to illustrate
circumstances under which the
coordination process would be
appropriate.
Section 1303.40—Timing of responses
to requests: Minimal proposed revisions
are for clarity.
Section 1303.50—Responses to
requests: Among other revisions,
proposed revisions to paragraph (c)
would clarify types of adverse
determinations, and proposed paragraph
(c)(4) adds ‘‘under which the
withholding is being made’’ to clarify
which exemption the regulation refers
to.
Section 1303.60—Notification
procedures for confidential commercial
information: Proposed paragraph (e)(2)
adds ‘‘privileged or’’ for clarity and
consistency with the statutory standard
E:\FR\FM\20DEP1.SGM
20DEP1
87962
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 / Proposed Rules
for withholding under FOIA Exemption
4, 5 U.S.C. 552(b)(4).
Section 1303.70—Appeals: Minimal
proposed revisions are for clarity.
Section 1303.91—Fees to be
charged—general: Among other
revisions, this proposed section replaces
‘‘(see definition in § 1303.30(b))’’ with
‘‘(see 5 U.S.C. 552(a)(4)(A)(vi))’’ because
the former is an unrelated provision,
and the latter forms the statutory basis
of this language.
Section 1303.92—Fees to be
charged—categories of requesters:
Proposed paragraphs (a) through (d)
replace ‘‘reproduction’’ with
‘‘duplication’’ to better match the
relevant statutory language. Proposed
paragraph (d) also replaces
‘‘reproducing’’ with ‘‘producing’’ for
clarity, and replaces ‘‘reproduction’’
with ‘‘producing copies of records’’ for
clarity.
Section 1303.93—Miscellaneous fee
provisions: Among other revisions,
proposed paragraph (d)(1) replaces
‘‘payments’’ with ‘‘a payment’’ to clarify
that a requester’s single failure to pay
fees in a timely fashion may result in
OMB requiring advance payment of
subsequent fees.
Regulatory Certifications
Regulatory Flexibility Act
The Director of OMB, in accordance
with the Regulatory Flexibility Act (5
U.S.C. 605(b)), has reviewed this
proposed rule and certifies that this
proposed rule will not have a significant
economic impact on a substantial
number of small entities. Under the
Privacy Act, agencies may recover only
the direct costs of searching for,
reviewing, and duplicating the records
processed for requesters, and only for
certain classes of requesters and when
particular conditions are satisfied. Thus,
fees assessed by OMB are nominal.
ddrumheller on DSK120RN23PROD with PROPOSALS1
Executive Orders 12866, 13563, and
14094
E.O.s 12866 and 13563 direct agencies
to assess all costs and benefits of
available regulatory alternatives and, if
regulation is necessary, to select
regulatory approaches that maximize
net benefits (including potential
economic, environmental, public health
and safety effects, distributive impacts,
and equity). E.O. 13563 emphasizes the
importance of quantifying both costs
and benefits, of reducing costs, of
harmonizing rules, and of promoting
flexibility. This is not a significant
regulatory action under section 3(f) of
E.O. 12866, as amended by E.O. 14094,
and, therefore was not subject to review
under section 6(b) of E.O. 12866.
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
Unfunded Mandates Reform Act of 1995
This proposed rule will not result in
the expenditure by State, local, and
tribal governments, in the aggregate, or
by the private sector, of $100,000,000 or
more in any one year, and it will not
significantly or uniquely affect small
governments. Therefore, no actions were
deemed necessary under the provisions
of the Unfunded Mandates Reform Act
of 1995.
Comments Requested
Interested persons are invited to
provide written comments concerning
the proposed rule. In particular,
comments are requested regarding
OMB’s proposal to require verification
of identity through approved OMB
processes that will be described on
OMB’s upcoming privacy program web
page. These regulations do not specify
the various methods of submitting
identity verification information
because OMB contemplates those
methods will change based on evolving
market tools and the capability of the
Government to verify identity. Other
methods, such as mail and stand-alone
facsimile submissions, will continue to
be available. OMB currently
contemplates mail, stand-alone
facsimile, password protected
submissions to a designated email
account, digital verification for current
federal employees, and in-person
verification for current OMB employees.
Comments are requested on each of
these methods and whether OMB
should consider other methods of
remote identity verification for all
requesters.
Comments are due no later than 30
days after the date of publication of this
document in the Federal Register. All
comments and suggestions received will
be available for review on
Regulations.gov.
Privacy Act Statement: OMB proposes
this rule pursuant to the Privacy Act of
1974, as amended, 5 U.S.C. 552a
(‘‘Privacy Act’’) and the Freedom of
Information Act, as amended, 5 U.S.C.
552 (‘‘FOIA’’). Submission of comments
is voluntary. The information will be
used to inform sound decision-making.
Please note that all comments received
in response to this document may be
posted or released in their entirety,
including any personal and business
confidential information provided. Do
not include any information you would
not like to be made publicly available.
Additionally, the OMB System of
Records Notice, OMB Public Input
System of Records, OMB/INPUT/01, 88
FR 20913 (available at
www.federalregister.gov/documents/
PO 00000
Frm 00003
Fmt 4702
Sfmt 4702
2023/04/07/2023-07452/privacy-act-of1974-system-of-records), includes a list
of routine uses associated with the
collection of this information.
List of Subjects in 5 CFR Parts 1302 and
1303
Administrative practices and
procedures, Archives and records,
Freedom of information, Privacy.
For the reasons stated in the
preamble, OMB proposes to amend 5
CFR parts 1302 and 1303 as follows:
■ 1. Revise part 1302 to read as follows:
PART 1302—PRIVACY ACT
PROCEDURES
Sec.
1302.1 General provisions.
1302.2 Requirements for making requests
for access.
1302.3 Responsibility for responding to
requests.
1302.4 Requests for an accounting.
1302.5 Requests for an amendment or
correction.
1302.6 Appeals.
1302.7 Fees.
Authority: 5 U.S.C. 552a.
§ 1302.1
General provisions.
(a) Purpose and scope. This part
implements the rules that the Office of
Management and Budget (OMB) follows
under the Privacy Act of 1974, codified
as amended at 5 U.S.C. 552a (Privacy
Act). This part applies to all records in
systems of records maintained by OMB
that are retrieved by an individual’s
name or personal identifier. This part
describes the procedures by which
individuals may request access to
records about themselves, request
amendment or correction of those
records, and request an accounting of
disclosures of those records by OMB.
(b) Definitions. As used in this part:
Request for access to a record means
a request made under 5 U.S.C.
552a(d)(1).
Request for amendment or correction
of a record means a request made under
5 U.S.C. 552a(d)(2).
Request for an accounting means a
request made under 5 U.S.C. 552a(c)(3).
Requester means an individual who
makes a request for access, a request for
amendment or correction, or a request
for an accounting under the Privacy Act.
The Privacy Act defines an ‘‘individual’’
as a citizen of the United States or an
alien lawfully admitted for permanent
residence.
System manager means the OMB
official identified in a system of records
notice as the manager of a system of
records; and for Government-wide
systems of records, the individual
E:\FR\FM\20DEP1.SGM
20DEP1
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 / Proposed Rules
designated by the agency to act on
behalf of the system manager.
(c) Providing written consent to
disclose records protected under the
Privacy Act. OMB may disclose any
record contained in a system of records
by any means of communication to any
person, or to another agency, pursuant
to a written request by, or with the prior
written consent of, the individual about
whom the record pertains. An
individual must verify the individual’s
identity in the same manner as required
by § 1302.2(d) when providing written
consent to disclose a record protected
under the Privacy Act and pertaining to
the individual.
ddrumheller on DSK120RN23PROD with PROPOSALS1
§ 1302.2 Requirements for making
requests for access.
(a) How made and addressed. You
may make a Privacy Act request for
access to an OMB record by submitting
a request in writing to Privacy Officer,
Office of Management and Budget, 725
17th Street NW, Room 9204,
Washington, DC 20503 or by email at
OMBPA@omb.eop.gov or by any other
means described on OMB’s privacy web
page.
(b) Description of the records sought.
In making a request for access, you must
describe the records that you want in
enough detail to enable OMB to locate
the system of records containing them
with a reasonable amount of effort. Your
access request should name the system
of records or contain a concise
description of such system of records.
OMB publishes notices of OMB systems
of records subject to the Privacy Act in
the Federal Register.
(c) Information about yourself. Your
access request should also contain
sufficient information to identify
yourself in order to allow OMB to
determine if there is a record pertaining
to you in a particular system of records.
(d) Verification of identity. To ensure
that information about you is disclosed
only to you or your authorized
representative, you are required to
verify your identity when making a
Privacy Act request for access, as
detailed in paragraphs (d)(1) through (3)
of this section. If OMB cannot verify
your identity, disclosure will be limited
to information that would be required to
be made available if requested under 5
U.S.C. 552 by any person.
(1) You must state your name, current
address, and date and place of birth and
provide either a notarized statement of
identity or a signed submission under
28 U.S.C. 1746; or
(2) When available, verify your
identity through remote identityproofing and authentication using
digital processes.
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
(3) OMB may require you to supply
additional information as necessary in
order to verify your identity.
(e) Verification of guardianship.
When making a request for access as the
parent or guardian of a minor or as the
guardian of someone determined by a
court of competent jurisdiction to be
incompetent, for access to records about
that individual, you must establish the
criteria listed in paragraphs (e)(1)
through (4) of this section. If OMB
cannot verify your identity, disclosure
will be limited to information that
would be required to be made available
if requested under 5 U.S.C. 552 by any
person.
(1) The identity of the individual who
is the subject of the record, by stating
the name, current address, and date and
place of birth;
(2) Your own identity, as required in
this paragraph (e);
(3) That you are the parent or
guardian of that individual, which you
may prove by providing a copy of the
individual’s birth certificate showing
your parentage or by providing a court
order establishing your guardianship;
and
(4) That you are acting on behalf of
that individual in making the request.
(f) Submit identifying information
only using approved OMB processes. In
order to safeguard information you
submit in making a request for access
for purposes of verifying your identity
or verifying guardianship, or any
information about yourself that may
assist in the rapid identification of the
record to which you are requesting
access (e.g., prior names, dates of
employment, etc.) as well as any other
identifying information contained in an
OMB system of records, you must use
one of OMB’s approved processes as
described on OMB’s Privacy web page.
Failure to submit identifying
information through an OMB approved
process may result in the failure to
expunge your information in accordance
with approved OMB records schedules
after your access request has been
processed.
(g) Subsequent requests for access. If
your request for access follows a prior
request under this section, and you
already provided appropriate
verifications with that prior request, you
do not need to include the same
verification or identifying information
in the subsequent request for access if
you reference that prior request or
attach a copy of the OMB response to
that request.
PO 00000
Frm 00004
Fmt 4702
Sfmt 4702
87963
§ 1302.3 Responsibility for responding to
requests.
(a) Acknowledgment of requests. OMB
will acknowledge your request for
access in writing and provide an
individualized tracking number. Upon
request, OMB will make information
available to you about the status of your
request using the assigned tracking
number.
(b) Timing of responses to a Privacy
Act request for access. OMB will
respond to Privacy Act requests for
access to records according to the order
in which OMB receives the requests.
Consistent with OMB’s FOIA
procedures at 5 CFR 1303.40(b), OMB
may designate multiple processing
tracks that distinguish between simple
and more complex Privacy Act requests
for access, based on the estimated
amount of work or time needed to
process the request.
(c) Additional information. If, after
receiving a request, OMB determines
that your request does not reasonably
describe the records sought, OMB will
inform you what additional information
is needed and why the request is
otherwise insufficient. If a request does
not reasonably describe the records
sought, OMB’s response to the request
may be delayed.
(d) Grant of request for access. Once
OMB makes a determination to grant a
request for access, OMB will provide
you a written response, which may
include the following:
(1) A statement as to whether OMB
will grant access by providing a copy of
the record through electronic means or
the mail; and
(2) The amount of fees charged, if any
(see § 1302.7). (Fees are applicable only
to requests for duplicates.)
(e) Adverse determination of request
for access. OMB will notify you of an
adverse determination denying a request
for access in writing. Adverse
determinations, or denials of requests,
consist of: A determination to withhold
any requested record in whole or in
part; a determination that a requested
record does not exist or cannot be
located; a determination that what has
been requested is not a record subject to
the Privacy Act; a determination on any
disputed fee matter; or a denial of a
request for expedited treatment. OMB’s
notification letter to you will include:
(1) The decision of OMB whether to
grant in whole, or deny any part of the
request;
(2) The reasons for the determination
for any portion of the request that is
denied; and
(3) A description of the procedure by
which the OMB decision to deny your
request may be appealed, including the
E:\FR\FM\20DEP1.SGM
20DEP1
87964
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 / Proposed Rules
name and address of the official with
whom you may lodge such an appeal.
§ 1302.4
Requests for an accounting.
You may request an accounting of
disclosures by the same rules governing
requests for access, outlined in § 1302.2.
ddrumheller on DSK120RN23PROD with PROPOSALS1
§ 1302.5 Requests for an amendment or
correction.
(a) Requirement for written requests. If
you want to amend a record that
pertains to you in a system of records
maintained by OMB, you must submit
your request in writing following the
procedures established in this section
unless the system manager waives the
requirements in this section. OMB is not
required to amend records that are not
subject to the Privacy Act of 1974.
However, individuals who believe that
such records are inaccurate may bring
this to the attention of OMB.
(b) Procedures. (1) You should
address your request to amend a record
in a system of records to the system
manager. You should include the name
of the system and a brief description of
the record proposed for amendment. If
the request to amend the record is the
result of you gaining access to the
record in accordance with the
provisions concerning access to records
as set forth in § 1302.2, you may attach
a copy of previous correspondence
between you and OMB instead of
providing a separate description of the
record.
(2) If a requester cannot determine
where within OMB to send the Privacy
Act request to amend a record, the
requester may send it to Privacy Officer,
Office of Management and Budget, 725
17th Street NW, Room 9204,
Washington, DC 20503 or by email at
OMBPA@omb.eop.gov. OMB will
forward the request to the component(s)
it believes most likely to have the
relevant records. For the quickest
possible handling, the requester should
specify on either the letter and
envelope, or in the email subject line, as
applicable, ‘‘Privacy Act Record
Amendment Request.’’
(3) You must validate your identity as
described in § 1302.2(e). If OMB has
previously verified your identity
pursuant to § 1302.2(e), further
verification of identity is not required as
long as the communication does not
suggest that a need for verification is
present.
(4) You should clearly indicate the
exact portion of the record you seek to
have amended. If possible, you should
also propose alternative language, or at
a minimum, identify the facts that you
believe are not accurate, relevant,
timely, or complete, with such
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
particularity as to permit OMB not only
to understand the basis for your request,
but also to make an appropriate
amendment to the record.
(5) Your request must also state why
you believe your record is not accurate,
relevant, timely, or complete. The
burden of persuading OMB to amend a
record will be upon you. You must
furnish sufficient facts to persuade the
official in charge of the system of the
inaccuracy, irrelevancy, timeliness, or
incompleteness of the record.
(6) OMB will not categorically reject
incomplete or inaccurate requests. OMB
will ask you to clarify the request as
needed.
(c) OMB action on the request. (1)
OMB will acknowledge, in writing,
receipt of a request to amend a record
within 10 business days (i.e., excluding
Saturdays, Sundays, and legal Federal
holidays) of OMB’s receipt.
(2) OMB will promptly respond to a
Privacy Act request for amendment or
correction. OMB ordinarily will respond
to Privacy Act requests for amendment
or correction according to their order of
receipt. Consistent with OMB’s FOIA
procedures at 5 CFR 1303.40(b), OMB
may designate multiple processing
tracks that distinguish between simple
and more complex Privacy Act requests
for amendment or correction, based on
the estimated amount of work or time
needed to process the request. The
response reflecting the decision upon a
request for amendment will include the
following:
(i) The decision of OMB whether to
grant in whole, or deny any part of, the
request to amend the record;
(ii) The reasons for the determination
for any portion of the request which is
denied; and
(iii) A description of the procedure by
which the OMB decision to deny your
request may be appealed, including the
name and address of the official with
whom you may lodge such an appeal.
§ 1302.6
Appeals.
(a) If you wish to appeal a decision by
OMB with regard to your request to
access or amend a record in accordance
with the provisions of §§ 1302.2 and
1302.5, you should submit the appeal in
writing and, to the extent possible,
include the information specified in
paragraph (b) of this section.
(b) Your appeal should contain a brief
description of the record involved or
copies of the correspondence from OMB
in which the request to access or to
amend was denied and also the reasons
why you believe that access should be
granted or the information amended, as
relevant. Your appeal should refer to the
information you furnished in support of
PO 00000
Frm 00005
Fmt 4702
Sfmt 4702
your claim and the reasons set forth by
OMB in its decision denying access or
amendment, as required by §§ 1302.2
and 1302.5. In order to make the appeal
process as meaningful as possible, you
should set forth your disagreement in an
understandable manner. In order to
avoid the unnecessary retention of
personal information, OMB reserves the
right to dispose of the material
concerning the request to access or
amend a record if OMB receives no
appeal in accordance with this section
within 180 days of the sending by OMB
of its decision upon an initial request.
OMB may treat an appeal received after
the 180-day period as an initial request
to access or amend a record.
(c) You should address your appeal to
the Senior Agency Official for Privacy.
(d) The Senior Agency Official for
Privacy will review a refusal to amend
a record within 30 business days
(excluding Saturdays, Sundays, and
legal Federal holidays) from the date on
which the individual requests such
review, unless the OMB Director
extends the 30-day period for good
cause. If the Senior Agency Official for
Privacy’s decision does not grant in full
the request, the notice of the decision
will describe the steps you may take to
obtain judicial review of such a
decision.
§ 1302.7
Fees.
(a) Prohibitions against charging fees
for Privacy Act requests. OMB will not
charge you for:
(1) The search and review of requests
for records subject to this part;
(2) Any copies of the record produced
as a necessary part of the process of
making the record available for access;
or
(3) Any copies of the requested record
when OMB determines that the only
way you can access the record is by
providing a copy to you through the
mail.
(b) Waiver. OMB may at no charge
provide copies of a record if it is
determined the production of the copies
is in the interest of the Government.
(c) Fee schedule and method of
payment. OMB will charge fees as
provided in paragraphs (c)(1) through
(5) of this section except as provided in
paragraphs (a) and (b) of this section.
(1) OMB will duplicate records at a
rate of $.10 per page for all copying of
4 pages or more. There is no charge for
duplication 3 or fewer pages.
(2) Where OMB anticipates that the
fees chargeable under this section will
amount to more than $25.00, OMB shall
promptly notify you of the amount of
the anticipated fee or such portion
thereof as can readily be estimated. If
E:\FR\FM\20DEP1.SGM
20DEP1
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 / Proposed Rules
the estimated fees will greatly exceed
$25.00, OMB may require an advance
deposit. OMB’s request for an advance
deposit shall extend an offer to the
requester to consult with OMB
personnel in order to reformulate the
request in a manner which will reduce
the fees, yet still meet the needs of the
requester.
(3) You should pay fees in full before
the requested copies are issued. If the
requester is in arrears for previous
requests, OMB will not provide copies
for any subsequent request until the
arrears have been paid in full.
(4) Remittances shall be in the form
either of a personal check or bank draft
drawn on a bank in the United States,
or a postal money order. Remittances
shall be made payable to the order of the
Treasury of the United States and
mailed or delivered to the Assistant
Director for Management and
Operations, Office of Management and
Budget, Washington, DC 20503.
(5) OMB will provide a receipt for fees
paid upon request.
PART 1303—PUBLIC INFORMATION
PROVISIONS OF THE
ADMINISTRATIVE PROCEDURES ACT
2. The authority citation for part 1303
continues to read as follows:
■
Authority: 5 U.S.C. 301 and 5 U.S.C. 552,
unless otherwise noted.
3. Amend § 1303.3 by revising
paragraph (a)(5) to read as follows:
■
§ 1303.3
Organization.
(a) * * *
(5) Statutory offices include the Office
of Federal Financial Management;
Office of Federal Procurement Policy;
Office of E-government and Information
Technology; Made in America Office;
and Office of Information and
Regulatory Affairs.
*
*
*
*
*
■ 4. Revise § 1303.20 to read as follows:
ddrumheller on DSK120RN23PROD with PROPOSALS1
§ 1303.20
Where to send requests.
The FOIA Officer is responsible for
acting on all initial requests. Individuals
wishing to file a request under the FOIA
should address their request in writing
to FOIA Officer, Office of Management
and Budget, 725 17th Street NW, Room
9272, Washington, DC 20503, via fax to
(202) 395–3504, by email at OMBFOIA@
omb.eop.gov, or the Government-wide
FOIA.Gov portal. Requesters must
provide contact information sufficient to
enable OMB to communicate with the
requester. Additionally, OMB’s FOIA
Public Liaison is available to assist
requesters who have questions and can
be reached at (202) 395–FOIA or in
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
writing at the address provided in this
section.
■ 5. Revise § 1303.21 to read as follows:
§ 1303.21 Requesters making requests
about themselves or on behalf of others.
In order to obtain greater access to
records, a requester who is making a
request for records about the requester
or on behalf of another individual must
comply with the verification of identity
requirements as determined by OMB
pursuant to OMB’s requirements for
making requests for access in 5 CFR part
1302. OMB may require a requester to
supply additional information as
necessary in order to verify the identity
of the requester or to verify that a
particular individual has consented to
disclosure.
■ 6. Amend § 1303.30 by revising
paragraphs (c)(2)(i) and (ii) to read as
follows:
§ 1303.30 Responsibility for responding to
requests.
*
*
*
*
*
(c) * * *
(2) * * *
(i) When OMB believes that a
different agency is best able to
determine whether to disclose the
record, OMB will refer the
responsibility for responding to the
request regarding that record to that
agency, will notify the requester, and
will inform them of the agency which
will be processing the record, including
that agency’s FOIA contact information.
Ordinarily, the agency that originated
the record is best situated to make the
disclosure determination. However, if
OMB and the originating agency jointly
agree that OMB is in the best position
to respond regarding the record, then
OMB may respond to the requester.
(ii) When OMB believes that a
different agency is best able to
determine whether to disclose the
record, but also believes that disclosure
of the identity of the different agency
could harm an interest protected by an
applicable FOIA exemption, such as the
exemptions that protect personal
privacy or national security interests,
OMB will coordinate with the
originating agency to seek its views on
the disclosability of the record and
convey the release determination for the
record that is the subject of the
coordination to the requester. For
example, if a non-law enforcement
agency responding to a request for
records on a living third party locates
within its files records originating with
a law enforcement agency, and if the
existence of that law enforcement
interest in the third party was not
publicly known, then to disclose that
PO 00000
Frm 00006
Fmt 4702
Sfmt 4702
87965
law enforcement interest could cause an
unwarranted invasion of the personal
privacy of the third party. Similarly, if
an agency locates within its files
material originating with an Intelligence
Community agency, and the
involvement of that agency in the matter
is classified and not publicly
acknowledged, then to disclose or give
attribution to the involvement of that
Intelligence Community agency could
cause national security harms.
■ 7. Amend § 1303.40 by revising
paragraphs (e)(1)(iv) and (e)(4) to read as
follows:
§ 1303.40 Timing of responses to
requests.
*
*
*
*
*
(e) * * *
(1) * * *
(iv) There are possible questions, in a
matter of widespread and exceptional
public interest, about the Government’s
integrity which affect public confidence.
*
*
*
*
*
(4) OMB will decide whether to grant
a request for expedited processing and
will notify the requester within 10
calendar days after the date of the
request. If a request for expedited
treatment is granted, OMB will
prioritize the underlying FOIA request,
place the request in the processing track
for expedited requests, and process the
request as soon as practicable. If a
request for expedited processing is
denied, any appeal of that decision will
be acted on expeditiously.
■ 8. Amend § 1303.50 by revising
paragraphs (a), (c) introductory text, and
(c)(4) to read as follows:
§ 1303.50
Responses to requests.
(a) Acknowledgments of requests.
OMB will assign an individualized
tracking number to each request
received that will take longer than ten
days to process; and acknowledge each
request, informing the requester of their
tracking number if applicable; and,
upon request, make available
information about the status of a request
to the requester using the assigned
tracking number, including—
(1) The date on which OMB originally
received the request; and
(2) An estimated date on which OMB
will complete action on the request.
*
*
*
*
*
(c) Adverse determinations of
requests. Adverse determinations, or
denials of requests, include decisions
that the requested record is exempt, in
whole or in part; the request does not
reasonably describe the records sought;
the information requested is not a
record subject to the FOIA; the
requested record does not exist, cannot
E:\FR\FM\20DEP1.SGM
20DEP1
87966
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 / Proposed Rules
be located, or has been destroyed; or the
requested record is not readily
reproducible in the form or format
sought by the requester. Adverse
determinations also include denials
involving fees or fee waiver matters or
denials of requests for expedited
processing. In the case of an adverse
determination, the FOIA Officer will
immediately notify the requester of—
*
*
*
*
*
(4) OMB’s estimate of the volume of
any requested records OMB is
withholding, unless providing such
estimate would harm an interest
protected by the exemption in 5 U.S.C.
552(b) under which the withholding is
being made.
■ 9. Amend § 1303.60 by revising
paragraphs (a)(2) and (e)(2) to read as
follows:
§ 1303.60 Notification procedures for
confidential commercial information.
(a) * * *
(2) Submitter means any person or
entity, including a corporation, State, or
foreign government, but not including
another Federal Government entity, that
provides confidential commercial
information, either directly or
indirectly, to the Federal Government.
*
*
*
*
*
(e) * * *
(2) If a submitter has any objections to
disclosure, it should provide OMB a
detailed written statement that specifies
all grounds for withholding the
particular information under any
exemption of the FOIA. In order to rely
on Exemption 4 as basis for
nondisclosure, the submitter must
explain why the information constitutes
a trade secret or commercial or financial
information that is privileged or
confidential. OMB is not required to
consider any information received after
the date of any disclosure decision.
*
*
*
*
*
■ 10. Amend § 1303.70 by revising
paragraph (a) to read as follows:
ddrumheller on DSK120RN23PROD with PROPOSALS1
§ 1303.70
Appeals.
(a) A requester must appeal to the
head of OMB in writing within 90
calendar days after the date of such
adverse determination addressed to the
FOIA Officer at the address specified in
§ 1303.20. The appeal must include a
statement explaining the basis for the
appeal. Determinations of appeals will
be set forth in writing and signed by the
Deputy Director, or their designee,
within 20 working days. If on appeal the
denial is upheld in whole or in part, the
written determination will also contain
a notification of the provisions for
judicial review, the names of the
persons who participated in the
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
determination, and notice of the
services offered by OGIS as a nonexclusive alternative to litigation.
*
*
*
*
*
■ 11. Amend § 1303.91 by revising the
introductory text and paragraph (i) to
read as follows:
§ 1303.91
Fees to be charged—general.
OMB will charge fees that recoup the
full allowable direct costs it incurs.
Moreover, it will use the most efficient
and least costly methods to comply with
requests for documents made under the
FOIA. For example, employees should
not engage in line-by-line search when
merely duplicating an entire document
would prove the less expensive and
quicker method of complying with a
request. Search should be distinguished,
moreover, from review of material in
order to determine whether the material
is exempt from disclosure. When
documents that would be responsive to
a request are maintained for distribution
by agencies operating statutory-based
fee schedule programs (see 5 U.S.C.
552(a)(4)(A)(vi)), such as the National
Technical Information Service, OMB
will inform requesters of the steps
necessary to obtain records from those
sources.
*
*
*
*
*
(i) No Fees under $25. No fee will be
charged when the total fee, after
deducting the first 100 free pages (or its
cost equivalent) and the first two hours
of search, is equal to or less than $25.
If OMB estimates that the charges are
likely to exceed $25, it will notify the
requester of the estimated amount of
fees, unless the requester has indicated
in advance their willingness to pay fees
as high as those anticipated. Such a
notice shall offer a requester the
opportunity to confer with agency
personnel to meet the requester’s needs
at a lower cost.
■ 12. Amend § 1303.92 by revising
paragraphs (a) through (d) to read as
follows:
§ 1303.92 Fees to be charged—categories
of requesters.
*
*
*
*
*
(a) Commercial use requesters. When
OMB receives a request for documents
for commercial use, it will assess
charges that recover the full direct costs
of searching for, reviewing for release,
and duplicating the record sought.
Commercial use requesters are not
entitled to two hours of free search time
nor 100 free pages of duplication of
documents. OMB may recover the cost
of searching for and reviewing records
even if there is ultimately no disclosure
of records (see § 1303.93(b)).
PO 00000
Frm 00007
Fmt 4702
Sfmt 4702
(b) Educational and non-commercial
scientific institution requesters. OMB
will provide documents to requesters in
this paragraph (b) for the cost of
duplication alone, excluding charges for
the first 100 pages. To be eligible for
inclusion in this paragraph (b), a
requester must meet the criteria in
§ 1303.90(g) or (h). OMB may seek
evidence from the requester that the
request is in furtherance of scholarly
research and will advise requesters of
their placement in this paragraph (b).
(c) Requesters who are representatives
of the news media. OMB will provide
documents to requesters in this
paragraph (c) for the cost of duplication
alone, excluding charges for the first 100
pages. To be eligible for inclusion in
this paragraph (c), a requester must meet
the criteria in § 1303.90(i) and (j) and
not make the request for commercial
use. A request for records supporting
the news dissemination function of the
requester is not a commercial use for
this paragraph (c).
(d) All other requesters. OMB will
charge requesters who do not fit into
any of the categories in paragraphs (a)
through (c) of this section fees that
recover the full reasonable direct cost of
searching for and producing records that
are responsive to the request, except
that the first 100 pages of duplication
and the first two hours of search time
will be furnished without charge.
Moreover, requests for records about the
requesters filed in OMB’s systems of
records will continue to be treated
under the fee provisions of the Privacy
Act of 1974, which permit fees only for
producing copies of records.
■ 13. Amend § 1303.93 by revising
paragraph (a), the first sentence of
paragraph (c), and paragraph (d)(1) to
read as follows:
§ 1303.93
Miscellaneous fee provisions.
(a) Charging interest—notice and rate.
OMB may begin assessing interest
charges on an unpaid bill starting on the
31st day after OMB sends the bill. If
OMB receives the fee within the thirtyday grace period, interest will not
accrue on the paid portion of the bill,
even if the payment is unprocessed.
Interest will be at the rate prescribed in
31 U.S.C. 3717 and will accrue from the
date of the billing.
*
*
*
*
*
(c) * * * When OMB reasonably
believes that a requester, or a group of
requesters acting in concert, is
attempting to divide a single request
into a series of requests for the purpose
of avoiding fees, OMB may aggregate
those requests and charge fees
accordingly. * * *
(d) * * *
E:\FR\FM\20DEP1.SGM
20DEP1
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 / Proposed Rules
(1) OMB will not require a requester
to make an advance payment, i.e.,
payment before work is commenced or
continued on a request, unless OMB
estimates or determines that allowable
charges that a requester may be required
to pay will exceed $250 or the requester
has previously failed to make a payment
due within 30 days of billing.
*
*
*
*
*
Shraddha A. Upadhyaya,
Associate General Counsel, Office of
Management and Budget.
[FR Doc. 2023–27473 Filed 12–19–23; 8:45 am]
BILLING CODE 3110–01–P
NUCLEAR REGULATORY
COMMISSION
10 CFR Parts 50 and 52
[NRC–2023–0216]
Draft Regulatory Guide: Installation,
Inspection, and Testing for Class 1E
Power, Instrumentation, and Control
Equipment at Production and
Utilization Facilities
Nuclear Regulatory
Commission.
ACTION: Draft guide; request for
comment.
I. Obtaining Information and
Submitting Comments
The U.S. Nuclear Regulatory
Commission (NRC) is issuing for public
comment a draft regulatory guide (DG),
DG–1419, ‘‘Installation, Inspection, and
Testing for Class 1E Power,
Instrumentation, and Control
Equipment at Production and
Utilization Facilities.’’ This DG is
proposed Revision 1 to Regulatory
Guide (RG) 1.30, ‘‘Quality Assurance
Requirements for the Installation,
Inspection, and Testing of
Instrumentation and Electric Equipment
(Safety Guide 30).’’ DG–1419 describes
an approach that is acceptable to the
NRC staff to meet the regulatory
requirements for installation,
inspection, and testing for Class 1E
power, instrumentation, and control
equipment at production and utilization
facilities.
DATES: Submit comments by January 19,
2024. Comments received after this date
will be considered if it is practical to do
so, but the NRC is able to ensure
consideration only for comments
received on or before this date.
ADDRESSES: You may submit comments
by any of the following methods;
however, the NRC encourages electronic
comment submission through the
Federal rulemaking website:
• Federal Rulemaking Website: Go to
https://www.regulations.gov and search
A. Obtaining Information
Please refer to Docket ID NRC–2023–
0216 when contacting the NRC about
the availability of information for this
action. You may obtain publicly
available information related to this
action by any of the following methods:
• Federal Rulemaking Website: Go to
https://www.regulations.gov and search
for Docket ID NRC–2023–0216.
• NRC’s Agencywide Documents
Access and Management System
(ADAMS): You may obtain publicly
available documents online in the
ADAMS Public Documents collection at
https://www.nrc.gov/reading-rm/
adams.html. To begin the search, select
‘‘Begin Web-based ADAMS Search.’’ For
problems with ADAMS, please contact
the NRC’s Public Document Room (PDR)
reference staff at 1–800–397–4209, at
301–415–4737, or by email to
PDR.Resource@nrc.gov. The ADAMS
accession number for each document
referenced (if it is available in ADAMS)
is provided the first time that it is
mentioned in this document.
• NRC’s PDR: The PDR, where you
may examine and order copies of
publicly available documents, is open
by appointment. To make an
appointment to visit the PDR, please
send an email to PDR.Resource@nrc.gov
or call 1–800–397–4209 or 301–415–
AGENCY:
SUMMARY:
ddrumheller on DSK120RN23PROD with PROPOSALS1
for Docket ID NRC–2023–0216. Address
questions about Docket IDs in
Regulations.gov to Stacy Schumann;
telephone: 301–415–0624; email:
Stacy.Schumann@nrc.gov. For technical
questions, contact the individuals listed
in the FOR FURTHER INFORMATION
CONTACT section of this document.
• Mail Comments to: Office of
Administration, Mail Stop: TWFN–7–
A60M, U.S. Nuclear Regulatory
Commission, Washington, DC 20555–
0001, ATTN: Program Management,
Announcements and Editing Staff.
For additional direction on obtaining
information and submitting comments,
see ‘‘Obtaining Information and
Submitting Comments’’ in the
SUPPLEMENTARY INFORMATION section of
this document.
FOR FURTHER INFORMATION CONTACT:
Darrell Murdock, Office of Nuclear
Regulatory Research, telephone: 301–
415–1591; email: Darrell.Murdock@
nrc.gov and Michael Eudy, Office of
Nuclear Regulatory Research, telephone:
301–415–3104; email: Michael.Eudy@
nrc.gov. Both are staff of the U.S.
Nuclear Regulatory Commission,
Washington, DC 20555–0001.
SUPPLEMENTARY INFORMATION:
VerDate Sep<11>2014
17:45 Dec 19, 2023
Jkt 262001
PO 00000
Frm 00008
Fmt 4702
Sfmt 4702
87967
4737, between 8 a.m. and 4 p.m. eastern
time (ET), Monday through Friday,
except Federal holidays.
B. Submitting Comments
The NRC encourages electronic
comment submission through the
Federal rulemaking website (https://
www.regulations.gov). Please include
Docket ID NRC–2023–0216 in your
comment submission.
The NRC cautions you not to include
identifying or contact information that
you do not want to be publicly
disclosed in your comment submission.
The NRC will post all comment
submissions at https://
www.regulations.gov as well as enter the
comment submissions into ADAMS.
The NRC does not routinely edit
comment submissions to remove
identifying or contact information.
If you are requesting or aggregating
comments from other persons for
submission to the NRC, then you should
inform those persons not to include
identifying or contact information that
they do not want to be publicly
disclosed in their comment submission.
Your request should state that the NRC
does not routinely edit comment
submissions to remove such information
before making the comment
submissions available to the public or
entering the comment into ADAMS.
II. Additional Information
The NRC is issuing for public
comment a DG in the NRC’s ‘‘Regulatory
Guide’’ series. This series was
developed to describe methods that are
acceptable to the NRC staff for
implementing specific parts of the
agency’s regulations, to explain
techniques that the staff uses in
evaluating specific issues or postulated
events, and to describe information that
the staff needs in its review of
applications for permits and licenses.
The DG, entitled ‘‘Installation,
Inspection, and Testing for Class 1E
Power, Instrumentation, and Control
Equipment at Production and
Utilization Facilities,’’ is temporarily
identified by its task number, DG–1419
(ADAMS Accession No. ML23222A182).
This DG is proposed Revision 1 to RG
1.30 (also known as Safety Guide 30)
and describes an approach that is
acceptable to the NRC staff to meet the
regulatory requirements for installation,
inspection, and testing for Class 1E
power, instrumentation, and control
equipment at production and utilization
facilities. DG–1419 endorses, with a
clarification, Institute of Electrical and
Electronics Engineers (IEEE) Standard
(Std) 336–2020, ‘‘IEEE Recommended
Practice for Installation, Inspection, and
E:\FR\FM\20DEP1.SGM
20DEP1
Agencies
[Federal Register Volume 88, Number 243 (Wednesday, December 20, 2023)]
[Proposed Rules]
[Pages 87960-87967]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-27473]
========================================================================
Proposed Rules
Federal Register
________________________________________________________________________
This section of the FEDERAL REGISTER contains notices to the public of
the proposed issuance of rules and regulations. The purpose of these
notices is to give interested persons an opportunity to participate in
the rule making prior to the adoption of the final rules.
========================================================================
Federal Register / Vol. 88, No. 243 / Wednesday, December 20, 2023 /
Proposed Rules
[[Page 87960]]
OFFICE OF MANAGEMENT AND BUDGET
5 CFR Parts 1302 and 1303
RIN 0348-AB87
Privacy Act and Freedom of Information Act Regulations
AGENCY: Office of Management and Budget, Executive Office of the
President.
ACTION: Proposed rule.
-----------------------------------------------------------------------
SUMMARY: The Office of Management and Budget (OMB) seeks public comment
on a proposed rule that would revise OMB's regulations implementing the
Privacy Act and the Freedom of Information Act (FOIA). These revisions
would update OMB's regulations to reflect changes in OMB's current
organizational structure and best practices. The proposed amendments
would also ensure consistency between the access to records procedures
in OMB's Privacy Act regulations and OMB's FOIA regulations; and with
applicable law and policies that were enacted after OMB originally
issued its Privacy Act regulations in 1976. The proposed revisions
would also align OMB's regulations with those of other agencies.
DATES: Comments are due on or before January 19, 2024.
ADDRESSES: You may send comments by:
Federal eRulemaking Portal: https://www.regulations.gov.
Instructions: All submissions must contain the subject heading
``OMB Privacy Act and FOIA Regulations.''
FOR FURTHER INFORMATION CONTACT: For questions about these proposed
regulations, please contact Timothy Ziese, 202-395-8693,
[email protected]. You must include ``OMB Privacy Act and FOIA
Regulations'' in the subject line.
SUPPLEMENTARY INFORMATION:
Background
OMB proposes to revise its regulations at 5 CFR part 1302 governing
requests and responses under the Privacy Act of 1974, as amended, 5
U.S.C. 552a (``Privacy Act'') and corresponding changes at 5 CFR part
1303 governing requests and responses under the Freedom of Information
Act, as amended, 5 U.S.C. 552 (``FOIA'').
The Privacy Act establishes certain agency responsibilities and
individual rights regarding the collection, use, maintenance, and
disclosure of records about individuals. To carry out these
responsibilities, the Privacy Act requires agencies to promulgate
regulations that establish (1) procedures for notifying an individual
if any system of records named by the individual contains a record
pertaining to that individual; (2) procedures for making information
pertaining to an individual available to that individual upon request,
including with respect to timelines and other requirements; (3)
procedures for reviewing and adjudicating a request from an individual
concerning the amendment of any record or information pertaining to the
individual, and generally ensuring that individuals can fully exercise
their rights under the Privacy Act; and (4) fees to be charged, if any,
to any individual for making copies of records pertaining to the
individual, excluding the cost of any search for and review of the
record. 5 U.S.C. 552a(f).
OMB's current Privacy Act regulations are codified at 5 CFR part
1302. These regulations were promulgated in 1976. OMB proposes to
update them for consistency with OMB's current organizational structure
and best practices. Amendments would also ensure consistency with (1)
the access to records procedures in OMB's FOIA regulations found at 5
CFR part 1303; and (2) applicable law and policies that were enacted
after 1976. The proposed revisions would also make OMB's regulations
more consistent with those of other agencies, including as recently
proposed by the Department of Justice (DOJ).
OMB also proposes conforming revisions to OMB's FOIA regulations,
most notably with regard to identity verification. In accordance with 5
U.S.C. 552a(t), this proposal provides FOIA requesters the benefit of
both the Privacy Act and FOIA disclosure requirements. Additionally, if
a requested record is not part of a system of records, or if the FOIA
requester is not an individual for purposes of the Privacy Act, a FOIA
requester may be required to provide verification of identity in order
to obtain greater access to records about themselves under the FOIA.
The proposed revisions to the FOIA regulations therefore account for
the limited circumstances when a FOIA requester may need to verify
their identity in order to receive information that would otherwise be
withheld under a FOIA exemption. OMB proposes additional revisions to
OMB's FOIA regulations to reflect organizational changes and clarify
language. If a requester cannot satisfy the identity verification
requirements of OMB's proposed Privacy Act regulations, OMB will
process the matter as a FOIA request.
A shorter summary is available at www.regulations.gov/docket/OMB-2023-0022.
Section-by-Section Analysis
General revisions to 5 CFR part 1302: General revisions are
proposed throughout part 1302 to update terminology used and to
streamline language for clarity, such as by including titles for each
section summarizing the relevance of each provision. The proposed
regulation would also reorder the regulation's text for consistency
with those of other agencies, including DOJ's proposed Privacy Act
regulation (88 FR 1012). All references to communications that are
written or in writing include communications in hardcopy and electronic
mail.
Section 1302.1--General provisions: This new section would include
(1) the purpose and scope of the Privacy Act regulations; (2)
definitions for ``request for access,'' ``request for amendment or
correction,'' ``request for an accounting,'' ``requester,'' and
``system manager''; and (3) a clarification that OMB may disclose any
record covered by the Privacy Act pursuant to a written request or
consent of the individual about whom the record pertains.
Section 1302.2--Requirements for making requests for access: This
proposed section, which would include material that is currently
codified in 5 CFR 1302.1 (``Rules for determining if an individual is
the subject of a record'') and 1302.2 (``Requests for access''), is
[[Page 87961]]
modeled after DOJ's proposed Privacy Act regulations. OMB proposes to
replace its current regulations' sections on ``Rules for determining if
an individual is the subject of a record'' and ``Requests for access''
with sections for ``Requirements for making requests for access'' and
``Responsibility for responding to requests.'' OMB believes that this
revised categorization better delineates what requesters must do and
what OMB must do.
Proposed paragraph (d) would describe the method of providing
identity verification and proofing. OMB believes this paragraph is
necessary to ensure appropriate methods are available to individuals
when verifying their identity under proposed paragraphs (e) and (f). As
such, OMB intends to provide a number of methods pursuant to which
individuals may submit verification information in a manner that
safeguards their personal information. Failure to use the approved
methods may result in failure to expunge information consistent with
approved records schedules.
Proposed paragraph (e), which would include provisions currently
codified in 5 CFR 1302.2(b)(2)(vi)(A) through (G), includes updates to
reflect the specific processes that a requester must perform to verify
their identity.
Proposed paragraph (f), which would include provisions currently
codified in 5 CFR 1302.2(b)(2)(vi)(E) (``Access by the parent of a
minor or legal guardian''), describes the additional processes required
for a legal guardian to request information on behalf of a minor or an
individual determined by a court of competent jurisdiction to be
incompetent.
Proposed paragraphs (d), (e), and (f) includes updates to accept
remote identity-proofing and authentication when an individual makes a
request under the Privacy Act.
Section 1302.3--Responsibility for responding to requests: This
proposed section, which would include provisions currently codified in
5 CFR 1302.2(b)(2) (``OMB action on request''), includes revisions to
reflect the current statutory requirements of 5 U.S.C. 552a.
Proposed paragraphs (a) and (b) describe how OMB would acknowledge
a request, including any requests by OMB for additional information
necessary to process a request.
Proposed paragraphs (c) and (d) would specify what information OMB
will provide in response to a written request.
Section 1302.4--Requests for an Accounting: This proposed section,
which would include provisions currently codified in 5 CFR 1302.3
(``Access to the accounting of disclosures from records''), includes a
few editorial changes but otherwise remains substantively the same as
the current regulation.
Section 1302.5--Requests for an Amendment or Correction: This
proposed section, which would include provisions currently codified in
5 CFR 1302.4 (``Request to amend records''), adds paragraph (b)(2),
which provides requesters an alternative address to which to send their
Privacy Act request for amendment to a record. The requirements for
notification and timelines in proposed paragraph (c), which would
include provisions currently located in paragraph (b)(2) (``OMB action
on the request''), are revised to reflect the current statutory
requirements of 5 U.S.C. 552a.
Section 1302.6--Appeals: This proposed section, which would include
provisions currently codified in 5 CFR 1302.5 (``Request for review''),
includes a number of updates. For example, requests for review should
be addressed to the Senior Agency Official for Privacy, who is
responsible for reviewing requests, consistent with E.O. 13719, OMB
Circular No. A-130, and OMB's current practices. The requirements for
notification and timelines in proposed paragraph (d), which would
include provisions currently codified in 5 CFR 1302.5(g), are revised
to reflect the current statutory requirements of 5 U.S.C. 552a.
Section 1302.7--Fees: This proposed section, which would include
provisions currently codified in 5 CFR 1302.6 (``Schedule of Fees''),
includes a few editorial changes, but otherwise remains substantively
the same as the existing regulation.
General Revisions to 5 CFR part 1303: OMB is proposing limited
revisions to its FOIA regulations to update the requirements for the
verification of identity, provide further clarity, and reflect OMB's
current organizational structure. The revisions to the identity
verification requirements, while minimal, are significant in that they
describe OMB's practice of providing requesters the benefit of both the
Privacy Act and the FOIA. Should a requester fail to provide adequate
verification of identity under the Privacy Act, the request will
normally be treated as a FOIA request and subject to the procedures in
OMB's FOIA regulations at 5 CFR part 1303. Nevertheless, under some
circumstances, for instance if the requester is not an individual for
purposes of the Privacy Act or if the record is not maintained in a
system of records, a FOIA requester may provide verification of
identity in order to obtain greater access to records that would
otherwise be exempt under FOIA.
Section 1303.3--Organization: Proposed paragraph (a)(5) deletes
``Intellectual Property Enforcement Coordinator'' because this office
is no longer housed within OMB, and is now a separate office within the
Executive Office of the President. This proposed paragraph also inserts
the ``Made in America Office'' as a statutory office in OMB.
Section 1303.20--Where to send requests: Among other things, this
proposed section adds ``or the Government-wide FOIA.Gov portal'' to
account for the ability of members of the public to submit FOIA
requests through the consolidated online request portal described in 5
U.S.C. 552(m), currently available at https://www.foia.gov.
Section 1303.21: This proposed revision would clarify that OMB
retains discretion to request additional information relating to a FOIA
request, including verification of identity. When OMB does so it will
follow the identity verification processes as proposed in the Privacy
Act regulations.
Section 1303.30--Responsibility for responding to requests:
Proposed paragraph (c)(2)(i), concerning situations when OMB refers
records responsive to FOIA requests to other agencies, clarifies that
OMB will notify the requester, and will inform them of the agency that
will be processing the record, so that requesters will be informed when
a referral is made, not just upon the final determination concerning
the record. In paragraph (c)(2)(ii), OMB is proposing to revise the
opening language to clarify that the coordination process is undertaken
with regard to particular records, and not to the request as a whole,
and proposing to provide additional language to illustrate
circumstances under which the coordination process would be
appropriate.
Section 1303.40--Timing of responses to requests: Minimal proposed
revisions are for clarity.
Section 1303.50--Responses to requests: Among other revisions,
proposed revisions to paragraph (c) would clarify types of adverse
determinations, and proposed paragraph (c)(4) adds ``under which the
withholding is being made'' to clarify which exemption the regulation
refers to.
Section 1303.60--Notification procedures for confidential
commercial information: Proposed paragraph (e)(2) adds ``privileged
or'' for clarity and consistency with the statutory standard
[[Page 87962]]
for withholding under FOIA Exemption 4, 5 U.S.C. 552(b)(4).
Section 1303.70--Appeals: Minimal proposed revisions are for
clarity.
Section 1303.91--Fees to be charged--general: Among other
revisions, this proposed section replaces ``(see definition in Sec.
1303.30(b))'' with ``(see 5 U.S.C. 552(a)(4)(A)(vi))'' because the
former is an unrelated provision, and the latter forms the statutory
basis of this language.
Section 1303.92--Fees to be charged--categories of requesters:
Proposed paragraphs (a) through (d) replace ``reproduction'' with
``duplication'' to better match the relevant statutory language.
Proposed paragraph (d) also replaces ``reproducing'' with ``producing''
for clarity, and replaces ``reproduction'' with ``producing copies of
records'' for clarity.
Section 1303.93--Miscellaneous fee provisions: Among other
revisions, proposed paragraph (d)(1) replaces ``payments'' with ``a
payment'' to clarify that a requester's single failure to pay fees in a
timely fashion may result in OMB requiring advance payment of
subsequent fees.
Regulatory Certifications
Regulatory Flexibility Act
The Director of OMB, in accordance with the Regulatory Flexibility
Act (5 U.S.C. 605(b)), has reviewed this proposed rule and certifies
that this proposed rule will not have a significant economic impact on
a substantial number of small entities. Under the Privacy Act, agencies
may recover only the direct costs of searching for, reviewing, and
duplicating the records processed for requesters, and only for certain
classes of requesters and when particular conditions are satisfied.
Thus, fees assessed by OMB are nominal.
Executive Orders 12866, 13563, and 14094
E.O.s 12866 and 13563 direct agencies to assess all costs and
benefits of available regulatory alternatives and, if regulation is
necessary, to select regulatory approaches that maximize net benefits
(including potential economic, environmental, public health and safety
effects, distributive impacts, and equity). E.O. 13563 emphasizes the
importance of quantifying both costs and benefits, of reducing costs,
of harmonizing rules, and of promoting flexibility. This is not a
significant regulatory action under section 3(f) of E.O. 12866, as
amended by E.O. 14094, and, therefore was not subject to review under
section 6(b) of E.O. 12866.
Unfunded Mandates Reform Act of 1995
This proposed rule will not result in the expenditure by State,
local, and tribal governments, in the aggregate, or by the private
sector, of $100,000,000 or more in any one year, and it will not
significantly or uniquely affect small governments. Therefore, no
actions were deemed necessary under the provisions of the Unfunded
Mandates Reform Act of 1995.
Comments Requested
Interested persons are invited to provide written comments
concerning the proposed rule. In particular, comments are requested
regarding OMB's proposal to require verification of identity through
approved OMB processes that will be described on OMB's upcoming privacy
program web page. These regulations do not specify the various methods
of submitting identity verification information because OMB
contemplates those methods will change based on evolving market tools
and the capability of the Government to verify identity. Other methods,
such as mail and stand-alone facsimile submissions, will continue to be
available. OMB currently contemplates mail, stand-alone facsimile,
password protected submissions to a designated email account, digital
verification for current federal employees, and in-person verification
for current OMB employees. Comments are requested on each of these
methods and whether OMB should consider other methods of remote
identity verification for all requesters.
Comments are due no later than 30 days after the date of
publication of this document in the Federal Register. All comments and
suggestions received will be available for review on Regulations.gov.
Privacy Act Statement: OMB proposes this rule pursuant to the
Privacy Act of 1974, as amended, 5 U.S.C. 552a (``Privacy Act'') and
the Freedom of Information Act, as amended, 5 U.S.C. 552 (``FOIA'').
Submission of comments is voluntary. The information will be used to
inform sound decision-making. Please note that all comments received in
response to this document may be posted or released in their entirety,
including any personal and business confidential information provided.
Do not include any information you would not like to be made publicly
available. Additionally, the OMB System of Records Notice, OMB Public
Input System of Records, OMB/INPUT/01, 88 FR 20913 (available at
www.federalregister.gov/documents/2023/04/07/2023-07452/privacy-act-of-1974-system-of-records), includes a list of routine uses associated
with the collection of this information.
List of Subjects in 5 CFR Parts 1302 and 1303
Administrative practices and procedures, Archives and records,
Freedom of information, Privacy.
For the reasons stated in the preamble, OMB proposes to amend 5 CFR
parts 1302 and 1303 as follows:
0
1. Revise part 1302 to read as follows:
PART 1302--PRIVACY ACT PROCEDURES
Sec.
1302.1 General provisions.
1302.2 Requirements for making requests for access.
1302.3 Responsibility for responding to requests.
1302.4 Requests for an accounting.
1302.5 Requests for an amendment or correction.
1302.6 Appeals.
1302.7 Fees.
Authority: 5 U.S.C. 552a.
Sec. 1302.1 General provisions.
(a) Purpose and scope. This part implements the rules that the
Office of Management and Budget (OMB) follows under the Privacy Act of
1974, codified as amended at 5 U.S.C. 552a (Privacy Act). This part
applies to all records in systems of records maintained by OMB that are
retrieved by an individual's name or personal identifier. This part
describes the procedures by which individuals may request access to
records about themselves, request amendment or correction of those
records, and request an accounting of disclosures of those records by
OMB.
(b) Definitions. As used in this part:
Request for access to a record means a request made under 5 U.S.C.
552a(d)(1).
Request for amendment or correction of a record means a request
made under 5 U.S.C. 552a(d)(2).
Request for an accounting means a request made under 5 U.S.C.
552a(c)(3).
Requester means an individual who makes a request for access, a
request for amendment or correction, or a request for an accounting
under the Privacy Act. The Privacy Act defines an ``individual'' as a
citizen of the United States or an alien lawfully admitted for
permanent residence.
System manager means the OMB official identified in a system of
records notice as the manager of a system of records; and for
Government-wide systems of records, the individual
[[Page 87963]]
designated by the agency to act on behalf of the system manager.
(c) Providing written consent to disclose records protected under
the Privacy Act. OMB may disclose any record contained in a system of
records by any means of communication to any person, or to another
agency, pursuant to a written request by, or with the prior written
consent of, the individual about whom the record pertains. An
individual must verify the individual's identity in the same manner as
required by Sec. 1302.2(d) when providing written consent to disclose
a record protected under the Privacy Act and pertaining to the
individual.
Sec. 1302.2 Requirements for making requests for access.
(a) How made and addressed. You may make a Privacy Act request for
access to an OMB record by submitting a request in writing to Privacy
Officer, Office of Management and Budget, 725 17th Street NW, Room
9204, Washington, DC 20503 or by email at [email protected] or by any
other means described on OMB's privacy web page.
(b) Description of the records sought. In making a request for
access, you must describe the records that you want in enough detail to
enable OMB to locate the system of records containing them with a
reasonable amount of effort. Your access request should name the system
of records or contain a concise description of such system of records.
OMB publishes notices of OMB systems of records subject to the Privacy
Act in the Federal Register.
(c) Information about yourself. Your access request should also
contain sufficient information to identify yourself in order to allow
OMB to determine if there is a record pertaining to you in a particular
system of records.
(d) Verification of identity. To ensure that information about you
is disclosed only to you or your authorized representative, you are
required to verify your identity when making a Privacy Act request for
access, as detailed in paragraphs (d)(1) through (3) of this section.
If OMB cannot verify your identity, disclosure will be limited to
information that would be required to be made available if requested
under 5 U.S.C. 552 by any person.
(1) You must state your name, current address, and date and place
of birth and provide either a notarized statement of identity or a
signed submission under 28 U.S.C. 1746; or
(2) When available, verify your identity through remote identity-
proofing and authentication using digital processes.
(3) OMB may require you to supply additional information as
necessary in order to verify your identity.
(e) Verification of guardianship. When making a request for access
as the parent or guardian of a minor or as the guardian of someone
determined by a court of competent jurisdiction to be incompetent, for
access to records about that individual, you must establish the
criteria listed in paragraphs (e)(1) through (4) of this section. If
OMB cannot verify your identity, disclosure will be limited to
information that would be required to be made available if requested
under 5 U.S.C. 552 by any person.
(1) The identity of the individual who is the subject of the
record, by stating the name, current address, and date and place of
birth;
(2) Your own identity, as required in this paragraph (e);
(3) That you are the parent or guardian of that individual, which
you may prove by providing a copy of the individual's birth certificate
showing your parentage or by providing a court order establishing your
guardianship; and
(4) That you are acting on behalf of that individual in making the
request.
(f) Submit identifying information only using approved OMB
processes. In order to safeguard information you submit in making a
request for access for purposes of verifying your identity or verifying
guardianship, or any information about yourself that may assist in the
rapid identification of the record to which you are requesting access
(e.g., prior names, dates of employment, etc.) as well as any other
identifying information contained in an OMB system of records, you must
use one of OMB's approved processes as described on OMB's Privacy web
page. Failure to submit identifying information through an OMB approved
process may result in the failure to expunge your information in
accordance with approved OMB records schedules after your access
request has been processed.
(g) Subsequent requests for access. If your request for access
follows a prior request under this section, and you already provided
appropriate verifications with that prior request, you do not need to
include the same verification or identifying information in the
subsequent request for access if you reference that prior request or
attach a copy of the OMB response to that request.
Sec. 1302.3 Responsibility for responding to requests.
(a) Acknowledgment of requests. OMB will acknowledge your request
for access in writing and provide an individualized tracking number.
Upon request, OMB will make information available to you about the
status of your request using the assigned tracking number.
(b) Timing of responses to a Privacy Act request for access. OMB
will respond to Privacy Act requests for access to records according to
the order in which OMB receives the requests. Consistent with OMB's
FOIA procedures at 5 CFR 1303.40(b), OMB may designate multiple
processing tracks that distinguish between simple and more complex
Privacy Act requests for access, based on the estimated amount of work
or time needed to process the request.
(c) Additional information. If, after receiving a request, OMB
determines that your request does not reasonably describe the records
sought, OMB will inform you what additional information is needed and
why the request is otherwise insufficient. If a request does not
reasonably describe the records sought, OMB's response to the request
may be delayed.
(d) Grant of request for access. Once OMB makes a determination to
grant a request for access, OMB will provide you a written response,
which may include the following:
(1) A statement as to whether OMB will grant access by providing a
copy of the record through electronic means or the mail; and
(2) The amount of fees charged, if any (see Sec. 1302.7). (Fees
are applicable only to requests for duplicates.)
(e) Adverse determination of request for access. OMB will notify
you of an adverse determination denying a request for access in
writing. Adverse determinations, or denials of requests, consist of: A
determination to withhold any requested record in whole or in part; a
determination that a requested record does not exist or cannot be
located; a determination that what has been requested is not a record
subject to the Privacy Act; a determination on any disputed fee matter;
or a denial of a request for expedited treatment. OMB's notification
letter to you will include:
(1) The decision of OMB whether to grant in whole, or deny any part
of the request;
(2) The reasons for the determination for any portion of the
request that is denied; and
(3) A description of the procedure by which the OMB decision to
deny your request may be appealed, including the
[[Page 87964]]
name and address of the official with whom you may lodge such an
appeal.
Sec. 1302.4 Requests for an accounting.
You may request an accounting of disclosures by the same rules
governing requests for access, outlined in Sec. 1302.2.
Sec. 1302.5 Requests for an amendment or correction.
(a) Requirement for written requests. If you want to amend a record
that pertains to you in a system of records maintained by OMB, you must
submit your request in writing following the procedures established in
this section unless the system manager waives the requirements in this
section. OMB is not required to amend records that are not subject to
the Privacy Act of 1974. However, individuals who believe that such
records are inaccurate may bring this to the attention of OMB.
(b) Procedures. (1) You should address your request to amend a
record in a system of records to the system manager. You should include
the name of the system and a brief description of the record proposed
for amendment. If the request to amend the record is the result of you
gaining access to the record in accordance with the provisions
concerning access to records as set forth in Sec. 1302.2, you may
attach a copy of previous correspondence between you and OMB instead of
providing a separate description of the record.
(2) If a requester cannot determine where within OMB to send the
Privacy Act request to amend a record, the requester may send it to
Privacy Officer, Office of Management and Budget, 725 17th Street NW,
Room 9204, Washington, DC 20503 or by email at [email protected]. OMB
will forward the request to the component(s) it believes most likely to
have the relevant records. For the quickest possible handling, the
requester should specify on either the letter and envelope, or in the
email subject line, as applicable, ``Privacy Act Record Amendment
Request.''
(3) You must validate your identity as described in Sec.
1302.2(e). If OMB has previously verified your identity pursuant to
Sec. 1302.2(e), further verification of identity is not required as
long as the communication does not suggest that a need for verification
is present.
(4) You should clearly indicate the exact portion of the record you
seek to have amended. If possible, you should also propose alternative
language, or at a minimum, identify the facts that you believe are not
accurate, relevant, timely, or complete, with such particularity as to
permit OMB not only to understand the basis for your request, but also
to make an appropriate amendment to the record.
(5) Your request must also state why you believe your record is not
accurate, relevant, timely, or complete. The burden of persuading OMB
to amend a record will be upon you. You must furnish sufficient facts
to persuade the official in charge of the system of the inaccuracy,
irrelevancy, timeliness, or incompleteness of the record.
(6) OMB will not categorically reject incomplete or inaccurate
requests. OMB will ask you to clarify the request as needed.
(c) OMB action on the request. (1) OMB will acknowledge, in
writing, receipt of a request to amend a record within 10 business days
(i.e., excluding Saturdays, Sundays, and legal Federal holidays) of
OMB's receipt.
(2) OMB will promptly respond to a Privacy Act request for
amendment or correction. OMB ordinarily will respond to Privacy Act
requests for amendment or correction according to their order of
receipt. Consistent with OMB's FOIA procedures at 5 CFR 1303.40(b), OMB
may designate multiple processing tracks that distinguish between
simple and more complex Privacy Act requests for amendment or
correction, based on the estimated amount of work or time needed to
process the request. The response reflecting the decision upon a
request for amendment will include the following:
(i) The decision of OMB whether to grant in whole, or deny any part
of, the request to amend the record;
(ii) The reasons for the determination for any portion of the
request which is denied; and
(iii) A description of the procedure by which the OMB decision to
deny your request may be appealed, including the name and address of
the official with whom you may lodge such an appeal.
Sec. 1302.6 Appeals.
(a) If you wish to appeal a decision by OMB with regard to your
request to access or amend a record in accordance with the provisions
of Sec. Sec. 1302.2 and 1302.5, you should submit the appeal in
writing and, to the extent possible, include the information specified
in paragraph (b) of this section.
(b) Your appeal should contain a brief description of the record
involved or copies of the correspondence from OMB in which the request
to access or to amend was denied and also the reasons why you believe
that access should be granted or the information amended, as relevant.
Your appeal should refer to the information you furnished in support of
your claim and the reasons set forth by OMB in its decision denying
access or amendment, as required by Sec. Sec. 1302.2 and 1302.5. In
order to make the appeal process as meaningful as possible, you should
set forth your disagreement in an understandable manner. In order to
avoid the unnecessary retention of personal information, OMB reserves
the right to dispose of the material concerning the request to access
or amend a record if OMB receives no appeal in accordance with this
section within 180 days of the sending by OMB of its decision upon an
initial request. OMB may treat an appeal received after the 180-day
period as an initial request to access or amend a record.
(c) You should address your appeal to the Senior Agency Official
for Privacy.
(d) The Senior Agency Official for Privacy will review a refusal to
amend a record within 30 business days (excluding Saturdays, Sundays,
and legal Federal holidays) from the date on which the individual
requests such review, unless the OMB Director extends the 30-day period
for good cause. If the Senior Agency Official for Privacy's decision
does not grant in full the request, the notice of the decision will
describe the steps you may take to obtain judicial review of such a
decision.
Sec. 1302.7 Fees.
(a) Prohibitions against charging fees for Privacy Act requests.
OMB will not charge you for:
(1) The search and review of requests for records subject to this
part;
(2) Any copies of the record produced as a necessary part of the
process of making the record available for access; or
(3) Any copies of the requested record when OMB determines that the
only way you can access the record is by providing a copy to you
through the mail.
(b) Waiver. OMB may at no charge provide copies of a record if it
is determined the production of the copies is in the interest of the
Government.
(c) Fee schedule and method of payment. OMB will charge fees as
provided in paragraphs (c)(1) through (5) of this section except as
provided in paragraphs (a) and (b) of this section.
(1) OMB will duplicate records at a rate of $.10 per page for all
copying of 4 pages or more. There is no charge for duplication 3 or
fewer pages.
(2) Where OMB anticipates that the fees chargeable under this
section will amount to more than $25.00, OMB shall promptly notify you
of the amount of the anticipated fee or such portion thereof as can
readily be estimated. If
[[Page 87965]]
the estimated fees will greatly exceed $25.00, OMB may require an
advance deposit. OMB's request for an advance deposit shall extend an
offer to the requester to consult with OMB personnel in order to
reformulate the request in a manner which will reduce the fees, yet
still meet the needs of the requester.
(3) You should pay fees in full before the requested copies are
issued. If the requester is in arrears for previous requests, OMB will
not provide copies for any subsequent request until the arrears have
been paid in full.
(4) Remittances shall be in the form either of a personal check or
bank draft drawn on a bank in the United States, or a postal money
order. Remittances shall be made payable to the order of the Treasury
of the United States and mailed or delivered to the Assistant Director
for Management and Operations, Office of Management and Budget,
Washington, DC 20503.
(5) OMB will provide a receipt for fees paid upon request.
PART 1303--PUBLIC INFORMATION PROVISIONS OF THE ADMINISTRATIVE
PROCEDURES ACT
0
2. The authority citation for part 1303 continues to read as follows:
Authority: 5 U.S.C. 301 and 5 U.S.C. 552, unless otherwise
noted.
0
3. Amend Sec. 1303.3 by revising paragraph (a)(5) to read as follows:
Sec. 1303.3 Organization.
(a) * * *
(5) Statutory offices include the Office of Federal Financial
Management; Office of Federal Procurement Policy; Office of E-
government and Information Technology; Made in America Office; and
Office of Information and Regulatory Affairs.
* * * * *
0
4. Revise Sec. 1303.20 to read as follows:
Sec. 1303.20 Where to send requests.
The FOIA Officer is responsible for acting on all initial requests.
Individuals wishing to file a request under the FOIA should address
their request in writing to FOIA Officer, Office of Management and
Budget, 725 17th Street NW, Room 9272, Washington, DC 20503, via fax to
(202) 395-3504, by email at [email protected], or the Government-wide
FOIA.Gov portal. Requesters must provide contact information sufficient
to enable OMB to communicate with the requester. Additionally, OMB's
FOIA Public Liaison is available to assist requesters who have
questions and can be reached at (202) 395-FOIA or in writing at the
address provided in this section.
0
5. Revise Sec. 1303.21 to read as follows:
Sec. 1303.21 Requesters making requests about themselves or on behalf
of others.
In order to obtain greater access to records, a requester who is
making a request for records about the requester or on behalf of
another individual must comply with the verification of identity
requirements as determined by OMB pursuant to OMB's requirements for
making requests for access in 5 CFR part 1302. OMB may require a
requester to supply additional information as necessary in order to
verify the identity of the requester or to verify that a particular
individual has consented to disclosure.
0
6. Amend Sec. 1303.30 by revising paragraphs (c)(2)(i) and (ii) to
read as follows:
Sec. 1303.30 Responsibility for responding to requests.
* * * * *
(c) * * *
(2) * * *
(i) When OMB believes that a different agency is best able to
determine whether to disclose the record, OMB will refer the
responsibility for responding to the request regarding that record to
that agency, will notify the requester, and will inform them of the
agency which will be processing the record, including that agency's
FOIA contact information. Ordinarily, the agency that originated the
record is best situated to make the disclosure determination. However,
if OMB and the originating agency jointly agree that OMB is in the best
position to respond regarding the record, then OMB may respond to the
requester.
(ii) When OMB believes that a different agency is best able to
determine whether to disclose the record, but also believes that
disclosure of the identity of the different agency could harm an
interest protected by an applicable FOIA exemption, such as the
exemptions that protect personal privacy or national security
interests, OMB will coordinate with the originating agency to seek its
views on the disclosability of the record and convey the release
determination for the record that is the subject of the coordination to
the requester. For example, if a non-law enforcement agency responding
to a request for records on a living third party locates within its
files records originating with a law enforcement agency, and if the
existence of that law enforcement interest in the third party was not
publicly known, then to disclose that law enforcement interest could
cause an unwarranted invasion of the personal privacy of the third
party. Similarly, if an agency locates within its files material
originating with an Intelligence Community agency, and the involvement
of that agency in the matter is classified and not publicly
acknowledged, then to disclose or give attribution to the involvement
of that Intelligence Community agency could cause national security
harms.
0
7. Amend Sec. 1303.40 by revising paragraphs (e)(1)(iv) and (e)(4) to
read as follows:
Sec. 1303.40 Timing of responses to requests.
* * * * *
(e) * * *
(1) * * *
(iv) There are possible questions, in a matter of widespread and
exceptional public interest, about the Government's integrity which
affect public confidence.
* * * * *
(4) OMB will decide whether to grant a request for expedited
processing and will notify the requester within 10 calendar days after
the date of the request. If a request for expedited treatment is
granted, OMB will prioritize the underlying FOIA request, place the
request in the processing track for expedited requests, and process the
request as soon as practicable. If a request for expedited processing
is denied, any appeal of that decision will be acted on expeditiously.
0
8. Amend Sec. 1303.50 by revising paragraphs (a), (c) introductory
text, and (c)(4) to read as follows:
Sec. 1303.50 Responses to requests.
(a) Acknowledgments of requests. OMB will assign an individualized
tracking number to each request received that will take longer than ten
days to process; and acknowledge each request, informing the requester
of their tracking number if applicable; and, upon request, make
available information about the status of a request to the requester
using the assigned tracking number, including--
(1) The date on which OMB originally received the request; and
(2) An estimated date on which OMB will complete action on the
request.
* * * * *
(c) Adverse determinations of requests. Adverse determinations, or
denials of requests, include decisions that the requested record is
exempt, in whole or in part; the request does not reasonably describe
the records sought; the information requested is not a record subject
to the FOIA; the requested record does not exist, cannot
[[Page 87966]]
be located, or has been destroyed; or the requested record is not
readily reproducible in the form or format sought by the requester.
Adverse determinations also include denials involving fees or fee
waiver matters or denials of requests for expedited processing. In the
case of an adverse determination, the FOIA Officer will immediately
notify the requester of--
* * * * *
(4) OMB's estimate of the volume of any requested records OMB is
withholding, unless providing such estimate would harm an interest
protected by the exemption in 5 U.S.C. 552(b) under which the
withholding is being made.
0
9. Amend Sec. 1303.60 by revising paragraphs (a)(2) and (e)(2) to read
as follows:
Sec. 1303.60 Notification procedures for confidential commercial
information.
(a) * * *
(2) Submitter means any person or entity, including a corporation,
State, or foreign government, but not including another Federal
Government entity, that provides confidential commercial information,
either directly or indirectly, to the Federal Government.
* * * * *
(e) * * *
(2) If a submitter has any objections to disclosure, it should
provide OMB a detailed written statement that specifies all grounds for
withholding the particular information under any exemption of the FOIA.
In order to rely on Exemption 4 as basis for nondisclosure, the
submitter must explain why the information constitutes a trade secret
or commercial or financial information that is privileged or
confidential. OMB is not required to consider any information received
after the date of any disclosure decision.
* * * * *
0
10. Amend Sec. 1303.70 by revising paragraph (a) to read as follows:
Sec. 1303.70 Appeals.
(a) A requester must appeal to the head of OMB in writing within 90
calendar days after the date of such adverse determination addressed to
the FOIA Officer at the address specified in Sec. 1303.20. The appeal
must include a statement explaining the basis for the appeal.
Determinations of appeals will be set forth in writing and signed by
the Deputy Director, or their designee, within 20 working days. If on
appeal the denial is upheld in whole or in part, the written
determination will also contain a notification of the provisions for
judicial review, the names of the persons who participated in the
determination, and notice of the services offered by OGIS as a non-
exclusive alternative to litigation.
* * * * *
0
11. Amend Sec. 1303.91 by revising the introductory text and paragraph
(i) to read as follows:
Sec. 1303.91 Fees to be charged--general.
OMB will charge fees that recoup the full allowable direct costs it
incurs. Moreover, it will use the most efficient and least costly
methods to comply with requests for documents made under the FOIA. For
example, employees should not engage in line-by-line search when merely
duplicating an entire document would prove the less expensive and
quicker method of complying with a request. Search should be
distinguished, moreover, from review of material in order to determine
whether the material is exempt from disclosure. When documents that
would be responsive to a request are maintained for distribution by
agencies operating statutory-based fee schedule programs (see 5 U.S.C.
552(a)(4)(A)(vi)), such as the National Technical Information Service,
OMB will inform requesters of the steps necessary to obtain records
from those sources.
* * * * *
(i) No Fees under $25. No fee will be charged when the total fee,
after deducting the first 100 free pages (or its cost equivalent) and
the first two hours of search, is equal to or less than $25. If OMB
estimates that the charges are likely to exceed $25, it will notify the
requester of the estimated amount of fees, unless the requester has
indicated in advance their willingness to pay fees as high as those
anticipated. Such a notice shall offer a requester the opportunity to
confer with agency personnel to meet the requester's needs at a lower
cost.
0
12. Amend Sec. 1303.92 by revising paragraphs (a) through (d) to read
as follows:
Sec. 1303.92 Fees to be charged--categories of requesters.
* * * * *
(a) Commercial use requesters. When OMB receives a request for
documents for commercial use, it will assess charges that recover the
full direct costs of searching for, reviewing for release, and
duplicating the record sought. Commercial use requesters are not
entitled to two hours of free search time nor 100 free pages of
duplication of documents. OMB may recover the cost of searching for and
reviewing records even if there is ultimately no disclosure of records
(see Sec. 1303.93(b)).
(b) Educational and non-commercial scientific institution
requesters. OMB will provide documents to requesters in this paragraph
(b) for the cost of duplication alone, excluding charges for the first
100 pages. To be eligible for inclusion in this paragraph (b), a
requester must meet the criteria in Sec. 1303.90(g) or (h). OMB may
seek evidence from the requester that the request is in furtherance of
scholarly research and will advise requesters of their placement in
this paragraph (b).
(c) Requesters who are representatives of the news media. OMB will
provide documents to requesters in this paragraph (c) for the cost of
duplication alone, excluding charges for the first 100 pages. To be
eligible for inclusion in this paragraph (c), a requester must meet the
criteria in Sec. 1303.90(i) and (j) and not make the request for
commercial use. A request for records supporting the news dissemination
function of the requester is not a commercial use for this paragraph
(c).
(d) All other requesters. OMB will charge requesters who do not fit
into any of the categories in paragraphs (a) through (c) of this
section fees that recover the full reasonable direct cost of searching
for and producing records that are responsive to the request, except
that the first 100 pages of duplication and the first two hours of
search time will be furnished without charge. Moreover, requests for
records about the requesters filed in OMB's systems of records will
continue to be treated under the fee provisions of the Privacy Act of
1974, which permit fees only for producing copies of records.
0
13. Amend Sec. 1303.93 by revising paragraph (a), the first sentence
of paragraph (c), and paragraph (d)(1) to read as follows:
Sec. 1303.93 Miscellaneous fee provisions.
(a) Charging interest--notice and rate. OMB may begin assessing
interest charges on an unpaid bill starting on the 31st day after OMB
sends the bill. If OMB receives the fee within the thirty-day grace
period, interest will not accrue on the paid portion of the bill, even
if the payment is unprocessed. Interest will be at the rate prescribed
in 31 U.S.C. 3717 and will accrue from the date of the billing.
* * * * *
(c) * * * When OMB reasonably believes that a requester, or a group
of requesters acting in concert, is attempting to divide a single
request into a series of requests for the purpose of avoiding fees, OMB
may aggregate those requests and charge fees accordingly. * * *
(d) * * *
[[Page 87967]]
(1) OMB will not require a requester to make an advance payment,
i.e., payment before work is commenced or continued on a request,
unless OMB estimates or determines that allowable charges that a
requester may be required to pay will exceed $250 or the requester has
previously failed to make a payment due within 30 days of billing.
* * * * *
Shraddha A. Upadhyaya,
Associate General Counsel, Office of Management and Budget.
[FR Doc. 2023-27473 Filed 12-19-23; 8:45 am]
BILLING CODE 3110-01-P