Privacy Act of 1974; Implementation, 17749-17751 [2024-05142]
Download as PDF
Federal Register / Vol. 89, No. 49 / Tuesday, March 12, 2024 / Rules and Regulations
not relieve the DIB CS Program
participant or the Government from
obligations to continue to protect
against the unauthorized use or
disclosure of GFI, attribution
information, contractor proprietary
information, third-party proprietary
information, or any other information
exchanged under this program, as
required by law, regulation, contract, or
the FA.
(f) Upon termination of the FA,
change of status as a defense contractor,
and/or change of Facility Security
Clearance (FCL) status below Secret, GFI
must be returned to the Government or
destroyed pursuant to direction of, and
at the discretion of, the Government.
(g) Participation in these activities
does not abrogate the Government’s, or
the DIB CS Program participants’ rights
or obligations regarding the handling,
safeguarding, sharing, or reporting of
information, or regarding any physical,
personnel, or other security
requirements, as required by law,
regulation, policy, or a valid legal
contractual obligation. However,
participation in the voluntary activities
of the DIB CS Program does not
eliminate the requirement for DIB CS
Program participants to report cyber
incidents in accordance with § 236.4.
■ 9. Revise § 236.7 to read as follows:
khammond on DSKJM1Z7X2PROD with RULES
§ 236.7 DoD’s DIB CS Program
requirements.
(a) To participate in the DIB CS
Program, a contractor must own or
operate a covered contractor
information system and shall execute
the standardized FA with the
Government (available during the
application process), which implements
the requirements set forth in §§ 236.5
and 236.6.
(b) In order for DIB CS Program
participants to receive classified cyber
threat information electronically, the
company must be a cleared defense
contractor and must:
(1) Have an existing active facility
clearance level (FCL) to at least the
Secret level in accordance with 32 CFR
part 117;
(2) Have or acquire a Communication
Security (COMSEC) account in
accordance with 32 CFR part 117, which
provides procedures and requirements
for COMSEC activities;
(3) Have or acquire approved
safeguarding for at least Secret
information, and continue to qualify
under 32 CFR part 117 for retention of
its FCL and approved safeguarding; and
(4) Obtain access to DoD’s secure
voice and data transmission systems
supporting the voluntary DIB CS
Program.
VerDate Sep<11>2014
16:07 Mar 11, 2024
Jkt 262001
Dated: March 1, 2024.
Patricia L. Toppings,
OSD Federal Register Liaison Officer,
Department of Defense.
[FR Doc. 2024–04752 Filed 3–11–24; 8:45 am]
BILLING CODE 6001–FR–P
DEPARTMENT OF DEFENSE
Office of the Secretary
32 CFR Part 310
[Docket ID: DoD–2023–OS–0060]
RIN 0790–AL64
Privacy Act of 1974; Implementation
Office of the Secretary of
Defense (OSD), Department of Defense
(DoD).
ACTION: Final rule.
AGENCY:
The Department of Defense
(Department or DoD) is issuing a final
rule to amend its regulations to exempt
portions of the system of records titled
DoD–0019, ‘‘Information Technology
Access and Audit Records,’’ from
certain provisions of the Privacy Act of
1974.
DATES: This rule is effective on March
12, 2024.
FOR FURTHER INFORMATION CONTACT: Ms.
Rahwa Keleta, Privacy and Civil
Liberties Directorate, Office of the
Assistant to the Secretary of Defense for
Privacy, Civil Liberties, and
Transparency, Department of Defense,
4800 Mark Center Drive, Mailbox #24,
Suite 08D09, Alexandria, VA 22350–
1700; OSD.DPCLTD@mail.mil; (703)
571–0070.
SUPPLEMENTARY INFORMATION:
SUMMARY:
Discussion of Comments and Changes
The proposed rule published in the
Federal Register (88 FR 60411–60413)
on September 1, 2023. Comments were
accepted for 60 days until October 31,
2023. No comments were received.
I. Background
In finalizing this rule, DoD is
exempting portions of this system of
records titled, DoD–0019, ‘‘Information
Technology Access and Audit Records,’’
from certain provisions of the Privacy
Act of 1974. The purpose of this system
of records is to support information
systems being established within the
DoD using the same categories of data
for the same purposes. This system of
records covers DoD’s maintenance of
records related to requests for user
access, attempts to access, granting of
access, records of user actions for DoD
information technology (IT) systems,
PO 00000
Frm 00057
Fmt 4700
Sfmt 4700
17749
and user agreements. This includes
details of programs, databases,
functions, and sites accessed and/or
used, and the information products
created, received, or altered during the
use of IT systems. The system consists
of both electronic and paper records and
will be used by DoD components and
offices to maintain records about
individuals who have user agreements,
user access to and activity on networks,
computer systems, applications,
databases, or other digital technologies.
II. Privacy Act Exemption
The Privacy Act allows Federal
agencies to exempt eligible records in a
system of records from certain
provisions of the Act, including those
that provide individuals with a right to
request access to and amendment of
their own records. If an agency intends
to exempt a particular system of records,
it must first go through the rulemaking
process pursuant to 5 U.S.C. 553(b)(1)–
(3), (c), and (e). The OSD is amending
32 CFR part 310 to add a new Privacy
Act exemption rule for this system of
records. The DoD is adding exemptions
for this system of records pursuant to 5
U.S.C. 552a(k)(1) and (2) because some
of its records may contain classified
national security information or
investigatory material compiled for law
enforcement purposes. The DoD is
claiming an exemption from several
provisions of the Privacy Act, including
various access, amendment, disclosure
of accounting, and certain
recordkeeping and notice requirements,
to avoid, among other harms, frustrating
the underlying purposes for which the
information was gathered.
Regulatory Analysis
Executive Order 12866—Regulatory
Planning and Review; Executive Order
13563—Improving Regulation and
Regulatory Review; and Executive Order
14094—Modernizing Regulatory Review
Executive Orders 12866 (as amended
by Executive Order 14094) and 13563
direct agencies to assess all costs and
benefits of available regulatory
alternatives and, if regulation is
necessary, to select regulatory
approaches that maximize net benefits
(including potential economic,
environmental, public health and safety
effects, distributive impacts, and
equity). Executive Order 13563
emphasizes the importance of
quantifying both costs and benefits, of
reducing costs, of harmonizing rules,
and of promoting flexibility. It has been
determined that this rule is not a
significant regulatory action under these
Executive orders.
E:\FR\FM\12MRR1.SGM
12MRR1
17750
Federal Register / Vol. 89, No. 49 / Tuesday, March 12, 2024 / Rules and Regulations
Congressional Review Act
The Congressional Review Act (5
U.S.C. 801 et seq.) generally provides
that before a rule may take effect, the
agency promulgating the rule must
submit a rule report, which includes a
copy of the rule, to each House of the
Congress and to the Comptroller General
of the United States. DoD will submit a
report containing this rule and other
required information to the U.S. Senate,
the U.S. House of Representatives, and
the Comptroller General of the United
States. A major rule may take effect no
earlier than 60 calendar days after
Congress receives the rule report or the
rule is published in the Federal
Register, whichever is later. This rule is
not a ‘‘major rule’’ as defined by 5
U.S.C. 804(2).
Unfunded Mandates Reform Act
Section 202 of the Unfunded
Mandates Reform Act of 1995 (UMRA)
(Pub. L. 104–4; 2 U.S.C. 1532(a))
requires agencies to assess anticipated
costs and benefits before issuing any
rule whose mandates may result in the
expenditure by State, local and Tribal
governments in the aggregate, or by the
private sector, in any one year of $100
million in 1995 dollars, updated
annually for inflation. This rule will not
mandate any requirements for State,
local, or Tribal governments, nor will it
affect private sector costs.
khammond on DSKJM1Z7X2PROD with RULES
Regulatory Flexibility Act
The Assistant to the Secretary of
Defense for Privacy, Civil Liberties, and
Transparency has certified that this rule
is not subject to the Regulatory
Flexibility Act (Pub. L. 96–354; 5 U.S.C.
601 et seq.) because it would not, if
promulgated, have a significant
economic impact on a substantial
number of small entities. This rule is
concerned only with the administration
of Privacy Act systems of records within
the DoD. Therefore, the Regulatory
Flexibility Act, as amended, does not
require DoD to prepare a regulatory
flexibility analysis.
Paperwork Reduction Act
The Paperwork Reduction Act (PRA)
(Pub. L. 96–511; 44 U.S.C. 3501 et seq.)
was enacted to minimize the paperwork
burden for individuals; small
businesses; educational and nonprofit
institutions; Federal contractors; State,
local and Tribal governments; and other
persons resulting from the collection of
information by or for the Federal
Government. The Act requires agencies
to obtain approval from the Office of
Management and Budget before using
identical questions to collect
information from ten or more persons.
VerDate Sep<11>2014
16:07 Mar 11, 2024
Jkt 262001
This rule does not impose reporting or
recordkeeping requirements on the
public.
Executive Order 13132—Federalism
Executive Order 13132 establishes
certain requirements that an agency
must meet when it promulgates a rule
that has federalism implications,
imposes substantial direct requirement
costs on State and local governments,
and is not required by statute, or has
federalism implications and preempts
State law. This rule will not have a
substantial effect on State and local
governments.
Executive Order 13175—Consultation
and Coordination With Indian Tribal
Governments
Executive Order 13175 establishes
certain requirements that an agency
must meet when it promulgates a rule
that imposes substantial direct
compliance costs on one or more Indian
Tribes, preempts Tribal law, or affects
the distribution of power and
responsibilities between the Federal
Government and Indian Tribes. This
rule will not have a substantial effect on
Indian Tribal governments.
List of Subjects in 32 CFR Part 310
Privacy.
Accordingly, 32 CFR part 310 is
amended as follows:
PART 310—PROTECTION OF PRIVACY
AND ACCESS TO AND AMENDEMENT
OF INDIVIDUAL RECORDS UNDER
THE PRIVACY ACT OF 1974
1. The authority citation for 32 CFR
part 310 continues to read as follows:
■
Authority: 5 U.S.C. 552a.
2. Amend § 310.13 by adding
paragraph (e)(14) to read as follows:
■
§ 310.13 Exemptions for DoD-wide
systems.
*
*
*
*
*
(e) * * *
(14) System identifier and name.
DoD–0019, ‘‘Information Technology
Access and Audit Records.’’
(i) Exemptions. This system of records
is exempt from 5 U.S.C. 552a (c)(3);
(d)(1), (2), (3), and (4); (e)(1); (e)(4)(G),
(H), and(I); and (f).
(ii) Authority. 5 U.S.C. 552a(k)(1) and
(2).
(iii) Exemption from the particular
subsections. Exemption from the
particular subsections is justified for the
following reasons:
(A) Subsections (c)(3), (d)(1), and
(d)(2)—(1) Exemption (k)(1). Records in
this system of records may contain
information that is properly classified
PO 00000
Frm 00058
Fmt 4700
Sfmt 4700
pursuant to executive order.
Application of exemption (k)(1) may be
necessary because access to and
amendment of the records, or release of
the accounting of disclosures for such
records, could reveal classified
information. Disclosure of classified
records to an individual may cause
damage to national security.
(2) Exemption (k)(2). Records in this
system of records may contain
investigatory material compiled for law
enforcement purposes other than
material within the scope of 5 U.S.C.
552a(j)(2). Application of exemption
(k)(2) may be necessary because access
to, amendment of, or release of the
accounting of disclosures of such
records could: inform the record subject
of an investigation of the existence,
nature, or scope of an actual or potential
law enforcement or disciplinary
investigation, and thereby seriously
impede law enforcement efforts by
permitting the record subject and other
persons to whom he might disclose the
records or the accounting of records to
avoid criminal penalties, civil remedies,
or disciplinary measures; interfere with
a civil or administrative action or
investigation by allowing the subject to
tamper with witnesses or evidence, and
to avoid detection or apprehension,
which may undermine the entire
investigatory process; reveal
confidential sources who might not
have otherwise come forward to assist
in an investigation and thereby hinder
DoD’s ability to obtain information from
future confidential sources; and result
in an unwarranted invasion of the
privacy of others. Amendment of such
records could also impose a highly
impracticable administrative burden by
requiring investigations to be
continuously reinvestigated.
(B) Subsections (d)(3) and (4). These
subsections are inapplicable to the
extent an exemption is claimed from
subsections (d)(1) and (2). Accordingly,
exemptions from subsections (d)(3) and
(4) are claimed pursuant to (k)(1) and
(2).
(C) Subsection (e)(1). Additionally,
records within this system may be
properly classified pursuant to
executive order. The collection of
information pertaining to the use of
government information technology and
data systems may include classified
records, and it is not always possible to
conclusively determine the relevance
and necessity of such information in the
early stages of a collection. In some
instances, it will be only after the
collected information is evaluated in
light of other information that its
relevance and necessity can be assessed.
Further, disclosure of classified records
E:\FR\FM\12MRR1.SGM
12MRR1
Federal Register / Vol. 89, No. 49 / Tuesday, March 12, 2024 / Rules and Regulations
khammond on DSKJM1Z7X2PROD with RULES
to an individual may cause damage to
national security. Additionally, in the
collection of information for
investigatory or law enforcement
purposes it is not always possible to
conclusively determine the relevance
and necessity of particular information
in the early stages of the investigation or
adjudication. In some instances, it will
be only after the collected information
is evaluated in light of other information
that its relevance and necessity for
effective investigation and adjudication
can be assessed. Collection of such
information permits more informed
decision-making by the Department
when making required investigatory or
law enforcement determinations.
Accordingly, application of exemptions
(k)(1) and (2) may be necessary.
(D) Subsections (e)(4)(G) and (H).
These subsections are inapplicable to
the extent exemption is claimed from
subsections (d)(1) and (2).
(E) Subsection (e)(4)(I). To the extent
that this provision is construed to
require more detailed disclosure than
the broad, generic information currently
published in the system notice, an
exemption from this provision is
necessary to protect national security,
the confidentiality of sources of
information and to protect the privacy
and physical safety of witnesses and
informants. Accordingly, application of
exemptions (k)(1) and (2) may be
necessary.
(F) Subsection (f). The agency’s rules
are inapplicable to those portions of the
system that are exempt. Accordingly,
application of exemptions (k)(1) and (2)
may be necessary.
(iv) Exempt records from other
systems. In the course of carrying out
the overall purpose for this system,
exempt records from other systems of
records may in turn become part of the
records maintained in this system. To
the extent that copies of exempt records
from those other systems of records are
maintained in this system, the DoD
claims the same exemptions for the
records from those other systems that
are entered into this system, as claimed
for the prior system(s) of which they are
a part, provided the reason for the
exemption remains valid and necessary.
Dated: March 6, 2024.
Aaron T. Siegel,
Alternate OSD Federal Register Liaison
Officer, Department of Defense.
[FR Doc. 2024–05142 Filed 3–11–24; 8:45 am]
BILLING CODE 6001–FR–P
VerDate Sep<11>2014
16:07 Mar 11, 2024
Jkt 262001
DEPARTMENT OF HOMELAND
SECURITY
Coast Guard
33 CFR Part 165
[Docket Number USCG–2024–0155]
RIN 1625–AA00
Safety Zone; Gulf of Mexico and South
Bay, Boca Chica Beach, TX
Coast Guard, Department of
Homeland Security (DHS).
ACTION: Temporary final rule.
AGENCY:
The Coast Guard is
establishing two temporary safety zones
to protect personnel, vessels, and the
marine environment from potential
hazards created by commercial
spaceflight activities. One safety zone is
in the navigable waters of South Bay,
TX and the other is in the navigable
waters of the Gulf of Mexico, within 12
nautical miles. Entry of vessels or
persons into these zones are prohibited
unless specifically authorized by the
Captain of the Port, Sector Corpus
Christi (COTP) or a designated
representative.
SUMMARY:
This rule is effective from March
14, 2024 through March 26, 2024, and
subject to enforcement between the
hours of 6 a.m. to noon, each day.
ADDRESSES: To view documents
mentioned in this preamble as being
available in the docket, go to https://
www.regulations.gov, type USCG–2024–
0155 in the ‘‘SEARCH’’ box and click
‘‘SEARCH.’’ Click on Open Docket
Folder on the line associated with this
rule.
FOR FURTHER INFORMATION CONTACT: If
you have questions about this rule, call
or email Lieutenant Commander
Anthony Garofalo, Sector Corpus Christi
Waterways Management Division, U.S.
Coast Guard; telephone 361–939–5130,
email Anthony.M.Garofalo@uscg.mil.
SUPPLEMENTARY INFORMATION:
DATES:
I. Table of Abbreviations
CFR Code of Federal Regulations
DHS Department of Homeland Security
FR Federal Register
NPRM Notice of proposed rulemaking
§ Section
U.S.C. United States Code
II. Background Information and
Regulatory History
The Coast Guard is issuing this
temporary rule without prior notice and
opportunity to comment pursuant to 5
U.S.C. 553(b). This provision authorizes
an agency to issue a rule without prior
notice and opportunity to comment
PO 00000
Frm 00059
Fmt 4700
Sfmt 4700
17751
when the agency for good cause finds
that those procedures are
‘‘impracticable, unnecessary, or contrary
to the public interest.’’ Under 5 U.S.C.
553(b)(B), the Coast Guard finds that
good cause exists for not publishing a
notice of proposed rulemaking (NPRM)
with respect to this rule because it is
impracticable. Space Exploration
Technologies Corporation (SpaceX) will
begin operation of its Starship/Super
Heavy launch operations on March 14,
2024, through March 26, 2024, each day.
There is insufficient time between now
and then to provide notice of a proposal
to create these safety zones, consider
comments received, and publish a final
rule.
In addition, the Coast Guard finds that
good cause also exists under 5 U.S.C.
553(d)(3) for making this rule effective
less than 30 days after publication in the
Federal Register because the safety
zones must be in effect in fewer than 30
days to serve their purpose and it would
be contrary to the public interest to
delay their effective date until after the
hazardous activities begin.
III. Legal Authority and Need for Rule
The Coast Guard is issuing this rule
under authority in 46 U.S.C. 70034. The
Captain of the Port, Sector Corpus
Christi (COTP) has determined that
hazards inherent in rocket launching
activity necessitate provisions to protect
personnel, vessels, and the marine
environment while it is taking place.
The hazards inherent in SpaceX’s rocket
launching activities include free falling
debris and/or descending vehicles or
vehicle components.
IV. Discussion of the Rule
This rule is subject to enforcement
from 6 a.m. to noon each day, from
March 14, 2024, through March 26,
2024. No vessel or person will be
permitted to enter the temporary safety
zones during the period in which the
rule is subject to enforcement without
obtaining permission from the COTP or
a designated representative, who may be
contacted on Channel 16 VHF–FM
(156.8 MHz) or by telephone at 361–
939–0450. The Coast Guard will issue
Broadcast Notices to Mariners, Local
Notices to Mariners, and/or Safety
Marine Information Broadcasts as
appropriate.
V. Regulatory Analyses
We developed this rule after
considering numerous statutes and
Executive orders related to rulemaking.
Below we summarize our analyses
based on a number of these statutes and
Executive orders, and we discuss First
Amendment rights of protestors.
E:\FR\FM\12MRR1.SGM
12MRR1
Agencies
[Federal Register Volume 89, Number 49 (Tuesday, March 12, 2024)]
[Rules and Regulations]
[Pages 17749-17751]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-05142]
-----------------------------------------------------------------------
DEPARTMENT OF DEFENSE
Office of the Secretary
32 CFR Part 310
[Docket ID: DoD-2023-OS-0060]
RIN 0790-AL64
Privacy Act of 1974; Implementation
AGENCY: Office of the Secretary of Defense (OSD), Department of Defense
(DoD).
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Department of Defense (Department or DoD) is issuing a
final rule to amend its regulations to exempt portions of the system of
records titled DoD-0019, ``Information Technology Access and Audit
Records,'' from certain provisions of the Privacy Act of 1974.
DATES: This rule is effective on March 12, 2024.
FOR FURTHER INFORMATION CONTACT: Ms. Rahwa Keleta, Privacy and Civil
Liberties Directorate, Office of the Assistant to the Secretary of
Defense for Privacy, Civil Liberties, and Transparency, Department of
Defense, 4800 Mark Center Drive, Mailbox #24, Suite 08D09, Alexandria,
VA 22350-1700; [email protected]; (703) 571-0070.
SUPPLEMENTARY INFORMATION:
Discussion of Comments and Changes
The proposed rule published in the Federal Register (88 FR 60411-
60413) on September 1, 2023. Comments were accepted for 60 days until
October 31, 2023. No comments were received.
I. Background
In finalizing this rule, DoD is exempting portions of this system
of records titled, DoD-0019, ``Information Technology Access and Audit
Records,'' from certain provisions of the Privacy Act of 1974. The
purpose of this system of records is to support information systems
being established within the DoD using the same categories of data for
the same purposes. This system of records covers DoD's maintenance of
records related to requests for user access, attempts to access,
granting of access, records of user actions for DoD information
technology (IT) systems, and user agreements. This includes details of
programs, databases, functions, and sites accessed and/or used, and the
information products created, received, or altered during the use of IT
systems. The system consists of both electronic and paper records and
will be used by DoD components and offices to maintain records about
individuals who have user agreements, user access to and activity on
networks, computer systems, applications, databases, or other digital
technologies.
II. Privacy Act Exemption
The Privacy Act allows Federal agencies to exempt eligible records
in a system of records from certain provisions of the Act, including
those that provide individuals with a right to request access to and
amendment of their own records. If an agency intends to exempt a
particular system of records, it must first go through the rulemaking
process pursuant to 5 U.S.C. 553(b)(1)-(3), (c), and (e). The OSD is
amending 32 CFR part 310 to add a new Privacy Act exemption rule for
this system of records. The DoD is adding exemptions for this system of
records pursuant to 5 U.S.C. 552a(k)(1) and (2) because some of its
records may contain classified national security information or
investigatory material compiled for law enforcement purposes. The DoD
is claiming an exemption from several provisions of the Privacy Act,
including various access, amendment, disclosure of accounting, and
certain recordkeeping and notice requirements, to avoid, among other
harms, frustrating the underlying purposes for which the information
was gathered.
Regulatory Analysis
Executive Order 12866--Regulatory Planning and Review; Executive Order
13563--Improving Regulation and Regulatory Review; and Executive Order
14094--Modernizing Regulatory Review
Executive Orders 12866 (as amended by Executive Order 14094) and
13563 direct agencies to assess all costs and benefits of available
regulatory alternatives and, if regulation is necessary, to select
regulatory approaches that maximize net benefits (including potential
economic, environmental, public health and safety effects, distributive
impacts, and equity). Executive Order 13563 emphasizes the importance
of quantifying both costs and benefits, of reducing costs, of
harmonizing rules, and of promoting flexibility. It has been determined
that this rule is not a significant regulatory action under these
Executive orders.
[[Page 17750]]
Congressional Review Act
The Congressional Review Act (5 U.S.C. 801 et seq.) generally
provides that before a rule may take effect, the agency promulgating
the rule must submit a rule report, which includes a copy of the rule,
to each House of the Congress and to the Comptroller General of the
United States. DoD will submit a report containing this rule and other
required information to the U.S. Senate, the U.S. House of
Representatives, and the Comptroller General of the United States. A
major rule may take effect no earlier than 60 calendar days after
Congress receives the rule report or the rule is published in the
Federal Register, whichever is later. This rule is not a ``major rule''
as defined by 5 U.S.C. 804(2).
Unfunded Mandates Reform Act
Section 202 of the Unfunded Mandates Reform Act of 1995 (UMRA)
(Pub. L. 104-4; 2 U.S.C. 1532(a)) requires agencies to assess
anticipated costs and benefits before issuing any rule whose mandates
may result in the expenditure by State, local and Tribal governments in
the aggregate, or by the private sector, in any one year of $100
million in 1995 dollars, updated annually for inflation. This rule will
not mandate any requirements for State, local, or Tribal governments,
nor will it affect private sector costs.
Regulatory Flexibility Act
The Assistant to the Secretary of Defense for Privacy, Civil
Liberties, and Transparency has certified that this rule is not subject
to the Regulatory Flexibility Act (Pub. L. 96-354; 5 U.S.C. 601 et
seq.) because it would not, if promulgated, have a significant economic
impact on a substantial number of small entities. This rule is
concerned only with the administration of Privacy Act systems of
records within the DoD. Therefore, the Regulatory Flexibility Act, as
amended, does not require DoD to prepare a regulatory flexibility
analysis.
Paperwork Reduction Act
The Paperwork Reduction Act (PRA) (Pub. L. 96-511; 44 U.S.C. 3501
et seq.) was enacted to minimize the paperwork burden for individuals;
small businesses; educational and nonprofit institutions; Federal
contractors; State, local and Tribal governments; and other persons
resulting from the collection of information by or for the Federal
Government. The Act requires agencies to obtain approval from the
Office of Management and Budget before using identical questions to
collect information from ten or more persons. This rule does not impose
reporting or recordkeeping requirements on the public.
Executive Order 13132--Federalism
Executive Order 13132 establishes certain requirements that an
agency must meet when it promulgates a rule that has federalism
implications, imposes substantial direct requirement costs on State and
local governments, and is not required by statute, or has federalism
implications and preempts State law. This rule will not have a
substantial effect on State and local governments.
Executive Order 13175--Consultation and Coordination With Indian Tribal
Governments
Executive Order 13175 establishes certain requirements that an
agency must meet when it promulgates a rule that imposes substantial
direct compliance costs on one or more Indian Tribes, preempts Tribal
law, or affects the distribution of power and responsibilities between
the Federal Government and Indian Tribes. This rule will not have a
substantial effect on Indian Tribal governments.
List of Subjects in 32 CFR Part 310
Privacy.
Accordingly, 32 CFR part 310 is amended as follows:
PART 310--PROTECTION OF PRIVACY AND ACCESS TO AND AMENDEMENT OF
INDIVIDUAL RECORDS UNDER THE PRIVACY ACT OF 1974
0
1. The authority citation for 32 CFR part 310 continues to read as
follows:
Authority: 5 U.S.C. 552a.
0
2. Amend Sec. 310.13 by adding paragraph (e)(14) to read as follows:
Sec. 310.13 Exemptions for DoD-wide systems.
* * * * *
(e) * * *
(14) System identifier and name. DoD-0019, ``Information Technology
Access and Audit Records.''
(i) Exemptions. This system of records is exempt from 5 U.S.C. 552a
(c)(3); (d)(1), (2), (3), and (4); (e)(1); (e)(4)(G), (H), and(I); and
(f).
(ii) Authority. 5 U.S.C. 552a(k)(1) and (2).
(iii) Exemption from the particular subsections. Exemption from the
particular subsections is justified for the following reasons:
(A) Subsections (c)(3), (d)(1), and (d)(2)--(1) Exemption (k)(1).
Records in this system of records may contain information that is
properly classified pursuant to executive order. Application of
exemption (k)(1) may be necessary because access to and amendment of
the records, or release of the accounting of disclosures for such
records, could reveal classified information. Disclosure of classified
records to an individual may cause damage to national security.
(2) Exemption (k)(2). Records in this system of records may contain
investigatory material compiled for law enforcement purposes other than
material within the scope of 5 U.S.C. 552a(j)(2). Application of
exemption (k)(2) may be necessary because access to, amendment of, or
release of the accounting of disclosures of such records could: inform
the record subject of an investigation of the existence, nature, or
scope of an actual or potential law enforcement or disciplinary
investigation, and thereby seriously impede law enforcement efforts by
permitting the record subject and other persons to whom he might
disclose the records or the accounting of records to avoid criminal
penalties, civil remedies, or disciplinary measures; interfere with a
civil or administrative action or investigation by allowing the subject
to tamper with witnesses or evidence, and to avoid detection or
apprehension, which may undermine the entire investigatory process;
reveal confidential sources who might not have otherwise come forward
to assist in an investigation and thereby hinder DoD's ability to
obtain information from future confidential sources; and result in an
unwarranted invasion of the privacy of others. Amendment of such
records could also impose a highly impracticable administrative burden
by requiring investigations to be continuously reinvestigated.
(B) Subsections (d)(3) and (4). These subsections are inapplicable
to the extent an exemption is claimed from subsections (d)(1) and (2).
Accordingly, exemptions from subsections (d)(3) and (4) are claimed
pursuant to (k)(1) and (2).
(C) Subsection (e)(1). Additionally, records within this system may
be properly classified pursuant to executive order. The collection of
information pertaining to the use of government information technology
and data systems may include classified records, and it is not always
possible to conclusively determine the relevance and necessity of such
information in the early stages of a collection. In some instances, it
will be only after the collected information is evaluated in light of
other information that its relevance and necessity can be assessed.
Further, disclosure of classified records
[[Page 17751]]
to an individual may cause damage to national security. Additionally,
in the collection of information for investigatory or law enforcement
purposes it is not always possible to conclusively determine the
relevance and necessity of particular information in the early stages
of the investigation or adjudication. In some instances, it will be
only after the collected information is evaluated in light of other
information that its relevance and necessity for effective
investigation and adjudication can be assessed. Collection of such
information permits more informed decision-making by the Department
when making required investigatory or law enforcement determinations.
Accordingly, application of exemptions (k)(1) and (2) may be necessary.
(D) Subsections (e)(4)(G) and (H). These subsections are
inapplicable to the extent exemption is claimed from subsections (d)(1)
and (2).
(E) Subsection (e)(4)(I). To the extent that this provision is
construed to require more detailed disclosure than the broad, generic
information currently published in the system notice, an exemption from
this provision is necessary to protect national security, the
confidentiality of sources of information and to protect the privacy
and physical safety of witnesses and informants. Accordingly,
application of exemptions (k)(1) and (2) may be necessary.
(F) Subsection (f). The agency's rules are inapplicable to those
portions of the system that are exempt. Accordingly, application of
exemptions (k)(1) and (2) may be necessary.
(iv) Exempt records from other systems. In the course of carrying
out the overall purpose for this system, exempt records from other
systems of records may in turn become part of the records maintained in
this system. To the extent that copies of exempt records from those
other systems of records are maintained in this system, the DoD claims
the same exemptions for the records from those other systems that are
entered into this system, as claimed for the prior system(s) of which
they are a part, provided the reason for the exemption remains valid
and necessary.
Dated: March 6, 2024.
Aaron T. Siegel,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
[FR Doc. 2024-05142 Filed 3-11-24; 8:45 am]
BILLING CODE 6001-FR-P