Privacy Act of 1974; System of Records, 48956-48964 [2024-12595]

Agencies

• DEPARTMENT OF TRANSPORTATION
• Office of the Secretary

[Federal Register Volume 89, Number 112 (Monday, June 10, 2024)]
[Notices]
[Pages 48956-48964]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-12595]


-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Office of the Secretary

[Docket No. DOT-OST-2024-0042]


Privacy Act of 1974; System of Records

AGENCY: Office of the Departmental Chief Information Officer, Office of 
the Secretary of Transportation, DOT.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the Department of 
Transportation (DOT) proposes to update and reissue a Privacy Act 
System of Records (hereafter referred to as ``Notice'') titled, 
``Department of Transportation, Federal Aviation Administration DOT/FAA 
847 Aviation Records on Individuals.'' This Notice covers records the 
FAA maintains for airman certification and training, safety inspections 
performed by the FAA, and actions under the FAA's compliance and 
enforcement program that are initiated against individuals who violate 
FAA statutes and regulations.

DATES: Submit comments on or before July 10, 2024. The Department may 
publish an amended Systems of Records Notice (hereafter ``Notice'') in 
light of any comments received. This modified system will be effective 
immediately and the modified routine uses will be effective July 10, 
2024.

ADDRESSES: You may submit comments, identified by docket number DOT-
OST-2024-0042 by any of the following methods:
     Federal e-Rulemaking Portal: https://www.regulations.gov. 
Follow the instructions for submitting comments.
     Mail: Docket Management Facility, U.S. Department of 
Transportation, 1200 New Jersey Ave. SE, West Building Ground Floor, 
Room W12-140, Washington, DC 20590-0001.
     Hand Delivery or Courier: West Building Ground Floor, Room 
W12-140, 1200 New Jersey Ave. SE, between 9 a.m. and 5 p.m. ET, Monday 
through Friday, except Federal Holidays.
     Fax: (202) 493-2251.
    Instructions: You must include the agency name and docket number 
DOT-OST-2024-0042. All comments received will be posted without change 
to https://www.regulations.gov, including any personal information 
provided.
    Privacy Act: Anyone is able to search the electronic form of all 
comments received in any of our dockets by the name of the individual 
submitting the comment (or signing the comment, if

[[Page 48957]]

submitted on behalf of an association, business, labor union, etc.). 
You may review the Department of Transportation's complete Privacy Act 
statement in the Federal Register published on April 11, 2000 (65 FR 
19477-78), or you may visit https://DocketsInfo.dot.gov.
    Docket: For access to the docket to read background documents or 
comments received, go to https://www.regulations.gov or to the street 
address listed above. Follow the online instructions for accessing the 
docket.

FOR FURTHER INFORMATION CONTACT: For questions, please contact: Karyn 
Gorman, Departmental Chief Privacy Officer, Privacy Office, Department 
of Transportation, Washington, DC 20590; [email protected]; or 202.366-
3140.

SUPPLEMENTARY INFORMATION:

Notice Updates

    This Notice update includes substantive changes to: system 
location, system manager, authorities, categories of individuals, 
categories of records, record source categories, routine uses of 
records maintained in the system, policies and practices for the 
retrieval of records, policies, and practices for retention and 
disposal of records, and record access procedures; and non-substantive 
changes to: administrative, technical and physical safeguards, 
contesting record procedures, and notification procedures. Additional 
updates include editorial changes to simplify and clarify language, 
reformatting the text of the previously published Notice to align with 
the requirements of the Office of Management and Budget Circular (OMB) 
A-108, and to ensure consistency with other notices issued by the DOT.

Background

    In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the 
Department of Transportation (DOT)/Federal Aviation Administration 
(FAA) proposes to update and reissue a DOT Privacy Act System of 
Records titled, ``DOT/FAA 847 Aviation Records on Individuals.'' To 
provide the public with greater transparency and accountability to its 
business processes and data collection, the FAA updated this Notice to 
group records more precisely and consolidate records with similar 
purposes, authorities, categories of individuals, categories of 
records, records sources, and retention timeframes. Consequently, this 
Notice now covers only those records the FAA maintains for airman 
certification and training, including credentials for individuals such 
as Air Traffic Control Specialists (ATCSs); safety inspections 
performed by the FAA; and compliance and enforcement actions initiated 
against individuals who violate FAA statutes and regulations. 
Additionally, copies of records maintained in systems that are owned 
and managed by the FAA are also included in this Notice but not 
referenced specifically as they are not the source systems. Previously, 
this Notice also covered airmen's medical records and records 
pertaining to accidents, incidents, and investigations. These records 
are now covered by two separate and new Systems of Records Notices 
(SORNs). As for the two new SORNs, the FAA published DOT/FAA 856 
(``Airmen Medical Records'') \1\ which covers records maintained for 
the required airmen medical certification process initiated through the 
airmen medical certificate application. Additionally, the FAA published 
DOT/FAA 857 (``Accidents, Incidents and Investigations'') \2\ which 
covers records of certificated airmen, remote pilots in command (PICs), 
non-certificated individuals, and non-airmen, who have been involved in 
transportation incidents and/or accidents. The breakout of the notices 
will enable the FAA to provide a more detailed and nuanced description 
of these records in the respective notices.
---------------------------------------------------------------------------

    \1\ Department of Transportation DOT/FAA 856 Airmen Medical 
Records (88 FR 37301--July 7, 2023).
    \2\ Department of Transportation DOT/FAA 857 Accidents, 
Incidents and Investigations (88 FR 73070--November 24, 2023).
---------------------------------------------------------------------------

    This Notice covers the airmen records for the following processes:

Certification and Training

    Airmen certification is the process, as defined by 49 United States 
Code (U.S.C.) 44703, by which the FAA issues certificates as evidence 
that an individual is authorized to exercise certain privileges, such 
as flying aircraft of specific categories. The certification process 
begins when an individual submits an airman certification application 
to the FAA for review. For each certificate application type, the 
individual who is submitting the application must submit the required 
documentation in accordance with the applicable parts of 14 Code of 
Federal Regulations (CFR). Once the FAA receives the application, a 
certifying official will identify the applicant in accordance with the 
procedures described in the Drug Enforcement Assistance Act of 1988, 
Public Law 100-690, 102 Stat. 4181 (1988). The certifying official 
determines if the applicant meets the requested certification type's 
regulatory eligibility requirements. The certifying official identifies 
the applicant by viewing the applicant's driver's license, passport, 
military identification, or other government-issued identification, as 
provided in applicable parts of 14 CFR. If copies of identification are 
presented, these records become part of the applicant's file and are 
retained per the applicable records retention schedule. Thereafter, the 
certifying official assigns the applicant practical tests, as required, 
and records the test results. Once the certifying official signs off on 
the test results and approves the application, the FAA's Airmen 
Certification Branch reviews all airmen certificate applications and 
supporting documents and issues certificates to airmen.
    A related process is the credentialing of ATCSs (FAA and Department 
of Defense). Credentialing refers to the ability of these individuals 
to be rated and hold job positions such as radar and tower specialists. 
The credentialing process for these ATCSs is governed by FAA Order 
8000.90, ``Air Traffic Safety Oversight Credentialing and Control Tower 
Operator Certification Programs'' and FAA Order 7720.1, ``Certification 
and Rating Procedures for Department of Defense (DoD) Personnel.'' \3\ 
The individuals hired into the FAA for these two job categories are 
further evaluated by their FAA Proficiency Managers (PMs) and 
Designated Examiners (DEs) to determine if they can be rated. These 
individuals provide their name, birth month, work location, and work 
email before being assigned a credential number by the FAA. If these 
individuals fail to be rated, they are dismissed from the selection 
program and their credentials are made inactive. Ratings are valid for 
not more than two years and are typically renewed during the credential 
holder's birth month. If ratings are not renewed or individuals are 
dismissed, the credentials are made inactive and records are retained 
per the applicable records retention schedule.
---------------------------------------------------------------------------

    \3\ Orders & Notices (faa.gov).
---------------------------------------------------------------------------

Safety Inspections

    To achieve safety in civil aeronautics, the FAA established 
regulatory standards and requirements, found in 14 CFR parts 1-199, 
under the statutory authority in 49 U.S.C. subtitle VII. As part of its 
aviation oversight responsibilities, the FAA monitors and tracks 
oversight, inspections, and certification of organizations and 
individuals. Moreover, the agency captures the overall results of the 
Aviation Safety Inspectors' (ASIs) inspections and surveillance work.

[[Page 48958]]

During the inspection/surveillance, the ASIs observe adherence to 
instructions, procedures, and operations using the relevant federal 
aviation regulations. The inspections could originate from the ASIs' 
observations of unsafe practices and discrepancies, notifications by 
third parties of unsafe operations, or routine surveillance activities.
    FAA personnel, such as managers, supervisors, principal inspectors, 
and others are able to effectively plan the required annual work 
programs, to prioritize activities and specific job tasks, and to 
analyze the safety and compliance status of various elements throughout 
the air transportation industry. The data collected during these 
inspections may include the airman's full name, address, phone number, 
fax number, email address, and Airman Certificate Number, which could 
be the airman's social security number.
    The FAA additionally provides safety courses, flight instruction, 
flight training, seminars, and awards to members of the aviation 
industry, including airmen (pilots including remote pilots and Aviation 
Maintenance Technicians), with the aim of lowering the nation's 
aviation accident rate. The trainings are part of voluntary pilot 
proficiency and aviation maintenance programs and are provided by 
industry volunteers as well as FAA personnel.

Enforcement Actions

    Generally, enforcement actions begin when investigative personnel 
issue a Letter of Investigation (LOI) to an individual when it appears 
that enforcement action is warranted to address that individual's 
apparent statutory or regulatory violation. The FAA issues LOIs to 
certificated individuals and to uncertificated individuals (e.g., 
passengers). An LOI provides the individual with notice that the 
individual is under investigation for an apparent statutory or 
regulatory violation. Additionally, an LOI provides the individual with 
an opportunity to respond to the contents of the letter. Generally, an 
individual is not required to respond.
    Information that the individual provides is included in the 
Enforcement Investigative Report (EIR) generated by the investigating 
office. The EIR provides a means to assemble, organize, and present all 
information relevant to apparent violations and sanction determinations 
obtained during an investigation in matters for which EIRs are 
applicable. The investigating office creates the EIR using FAA Form 
2150-5. The EIR contains specific information about the alleged 
violator, which includes their name, mailing address, date of birth, 
gender, certification number, certificate type, and employer name. The 
investigating office manually enters details about the alleged 
violation into the Enforcement Information System (EIS), or the EIS 
receives this information from other FAA systems. If the investigating 
office determines that legal enforcement action is required, it 
electronically transfers the matter, including the EIR, to the FAA 
Office of the Chief Counsel (AGC) to determine the appropriate course 
of action. AGC stores the EIR in its Case and Document Management 
System (CDMS).

Stakeholder Feedback Tracking

    FAA employees and external individuals can provide feedback on any 
Office of Aviation Safety (AVS) business process to the FAA via the 
following website: https://www.faa.gov/about/office_org/headquarters_offices/avs/stakeholder_feedback. The stakeholder feedback 
form is used by different organizations within AVS. Only feedback 
records forwarded to the Quality Assurance Reporting program are 
covered under this Notice as they are retrievable by an identifier. 
Other feedback records are not covered under this Notice. Of the 
quality assurance records covered by this Notice, the personal 
information included in the feedback could consist of name, phone 
number, and email address. For example, information provided could be 
that a specific named employee at a repair station was especially 
helpful. This could also include the name and contact information of 
external witnesses to issues that are reported.

Flight Standards Service Document Repository

    FAA's Flight Standards Service (FS) and the Office of Hazardous 
Materials Safety (AXH) will maintain a single data repository to store 
documents associated with continued operational safety, certification, 
oversight management, enforcement, and other business processes. 
Certificate holders' records including manuals and airmen check ride 
submissions, as well as EIRs are the types of records that would be 
covered under this Notice. Other records, such as documents related to 
Accidents and Incidents, would be covered under the Accidents, 
Incidents and Investigations SORN. Similarly, there may be additional 
SORNs that apply to the documents maintained in this repository. The 
types of personal information that could be covered under this Notice 
consist of but are not limited to, the individual's name, address, 
phone number, past employment history, and education.

SORN Update

    The previous version of this SORN covered additional categories of 
information and individuals. For purposes of transparency, the FAA 
removed those categories of records from this updated SORN and has 
developed two new SORNs (the ``Airmen Medical Records'' SORN and the 
``Accidents, Incidents and Investigations'' SORN) to better group 
categories of records. The ``Airmen Medical Records'' SORN covers all 
records related to airmen medical certification, including applications 
and subsequent approvals and rejections. Additionally, it includes drug 
and alcohol testing records and records relating to test results and 
refusals to submit to testing. The ``Accidents, Incidents and 
Investigations'' SORN covers all records related to general aviation 
accident/incident records and air carrier incident records. The FAA is 
updating this existing Notice to remove all references to these records 
and to make the following substantive changes:
    1. System Location: This Notice updates the system location for all 
of the systems covered by this Notice. All of the addresses listed in 
the current Notice are hereby removed. However, copies of records may 
be maintained in hard copy or within systems owned and managed by the 
FAA.
    2. System Manager: This Notice updates the system manager to 
include relevant contact information for all systems covered under this 
Notice.
    3. Authorities: This Notice updates the authorities to reflect 
those pertaining to the certification and training, safety inspections, 
and enforcement action records being covered under this Notice. 
Additionally, this notice updates the authorities to reflect records 
collected for stakeholder feedback tracking and the Flight Standards 
document repository. This update removes the following authorities: 49 
United States Code (U.S.C.) 45101, 49 U.S.C. 45102; 49 U.S.C. 45103; 49 
U.S.C. 45104; and 49 U.S.C. 45105. This Notice adds the following 
authorities: 49 Code of Federal Regulations (CFR) part 175.31; and 14 
CFR parts 61 and 65.
    4. Categories of Individuals: This Notice updates the categories of 
individuals to reflect the individuals associated with the 
certification and training, safety inspections, and actions under the 
FAA's compliance and enforcement program being covered under this 
Notice. This includes individuals who provide feedback to the

[[Page 48959]]

FAA on its employees and business processes. This Notice removes any 
references to individuals who are deceased, individuals now covered by 
the two new SORNs, and individuals who are not the subjects of the data 
collection (i.e., employees of drug and alcohol testing facilities, 
witnesses) who do not have Privacy Act rights to information covered 
under this SORN.
    5. Categories of Records: This Notice updates the categories of 
records to remove the Compliance and Enforcement Tracking System (CETS) 
records since they do not require coverage under this or any other 
Privacy Act Notice as those records are not retrieved by personal 
identifiers. Other records being removed include those related to drug 
and alcohol testing, the physical and mental well-being of airmen, 
reports of fatal accidents, and accident investigations. The Notice 
additionally removes reference to the Safety Performance Analysis 
System (SPAS) since the system contains copies of records contained in 
other systems. The records added to this Notice are the contact 
information of the airmen's U.S. designated agents for service. These 
records are not referenced separately but are included under the 
categories of name, address, email, telephone, and fax number. 
Additionally, personal information on individuals providing feedback to 
the FAA is not referenced separately and is included under the 
categories of name, telephone number, email address, employer name, 
mailing address, and tracking number. Finally, copies of identifying 
documents retained in airmen files are added to this Notice.
    6. Record Source Categories: This Notice updates the record source 
categories to reflect only those record sources of airmen certification 
and training, safety inspections, and compliance and enforcement 
records. The record sources being removed from this Notice include 
those pertaining to medical records and drug and alcohol testing 
records and test results, and those pertaining to aviation accident/
incident records. This Notice adds the Office of Commercial Space 
Transportation personnel and Office of Airports personnel as new 
sources of compliance and enforcement action records. Additionally, the 
Notice adds individuals providing feedback to the FAA.
    7. Routine Use: The Notice updates the routine uses to remove the 
following system-specific routine uses because they are no longer 
applicable to this Notice:
    (a) Use contact information to inform airmen of meetings and 
seminars conducted by the FAA regarding aviation safety; and
    (b) Provide information about airmen through the airmen registry 
certification system to the Department of Health and Human Services, 
Office of Child Support Enforcement, and the Federal Parent Locator 
Service that locates non-custodial parents who owe child support. 
Records in this system are used to identify airmen to the child support 
agencies nationwide in enforcing child support obligations, 
establishing paternities, establishing and modifying support orders, 
and location of obligors. Records named within the section on 
Categories of Records will be retrieved using ``Connect: Direct'' 
through the Social Security Administration's secure environment.
    The routine uses transferred to the Airmen Medical Records SORN and 
removed from this Notice are as follows:
    (a) Providing the following categories of information to the public 
upon request:
     Information relating to an individual's physical status or 
condition used to determine statistically the validity of FAA medical 
standards;
    (b) Information relating to an individual's eligibility for medical 
certification, requests for exemption from medical requirements, and 
requests for review of certificate denials;
    (c) Make records of an individual's positive drug test result, 
alcohol test result of 0.04 or greater breath alcohol concentration, or 
refusal to submit to testing required under a DOT-required testing 
program, available to third parties, including employers and 
prospective employers of such individuals. Such records will also 
contain the names and titles of individuals who, in their commercial 
capacity, administer the drug and alcohol testing programs of aviation 
entities;
    (d) Make personally identifiable information about airmen available 
to other Federal agencies for the purpose of verifying the accuracy and 
completeness of medical information provided to FAA in connection with 
applications for airmen medical certification; and
    (e) Make records of past airman medical certification history data 
available to Aviation Medical Examiners (AMEs) on a routine basis so 
that AMEs may render the best medical certification decision.
    The routine use transferred to the Accidents, Incidents and 
Investigations SORN and removed from this Notice is as follows:
     Make airman, aircraft, and operator record elements 
available to users of FAA's Skywatch system, including the Department 
of Defense (DoD), the Department of Homeland Security (DHS), the 
Department of Justice (DOJ) and other authorized government users, for 
their use in managing, tracking, and reporting aviation-related 
security events.
    DOT has included Departmental general routine uses in this Notice, 
as they align with the purpose of this system of records to support 
decision-making and regulatory enforcement activities related to 
medical certification of airmen. As recognized by the Office of 
Management and Budget (OMB) in its Privacy Act Implementation Guidance 
and Responsibilities (65 FR 19746 (July 9, 1975)), the routine uses 
include proper and necessary uses of information in the system, even if 
such uses occur infrequently.
    8. Records Retrieval: This notice updates the retrievability of 
records to remove docket number, medical identification number, 
accident number and/or incident number, and add retrievability by FAA 
Tracking Number (FTN) and credential number.
    9. Retention and Disposal: This Notice updates retention 
requirements to add all retention schedules for the systems requiring 
coverage. It removes the reference to FAA Order 1350.15C, Records 
Organization, Transfer and Destruction Standards in the current Notice.
    10. Records Access: This Notice updates records access procedures 
to reflect that signatures on signed requests for records must either 
be notarized or accompanied by a statement made under penalty of 
perjury in compliance with 28 U.S.C. 1746.
    The following non-substantive changes to the administrative, 
technical, and physical safeguards, contesting records procedures, and 
notification procedures have been made to improve the clarity and 
readability of the Notice.
    1. Administrative, Technical and Physical Safeguards: This Notice 
updates the administrative, technical, and physical safeguards to align 
with the requirements of OMB Circular A-108 and for consistency with 
other DOT/FAA SORNs.
    2. Contesting Records: This Notice updates the procedures for 
contesting records to refer the reader to the record access procedures 
section rather than the ``System Manager.''
    3. Notification: This Notice updates the notification procedures to 
refer the reader to the record access procedures section rather than 
the ``System Manager.''

[[Page 48960]]

Privacy Act

    The Privacy Act (5 U.S.C. 552a) governs the means by which the 
Federal Government collects, maintains, and uses personally 
identifiable information (PII) in a System of Records. A ``System of 
Records'' is a group of any records under the control of a Federal 
agency from which information about individuals is retrieved by name or 
other personal identifier. The Privacy Act requires each agency to 
publish in the Federal Register a System of Records Notice (SORN) 
identifying and describing each System of Records the agency maintains, 
including the purposes for which the agency uses PII in the system, the 
routine uses for which the agency discloses such information outside 
the agency, and how individuals to whom a Privacy Act record pertains 
can exercise their rights under the Privacy Act (e.g., to determine if 
the system contains information about them and to contest inaccurate 
information). In accordance with 5 U.S.C. 552a(r), DOT has provided a 
report of this system of records to the Office of Management and Budget 
and to Congress.

SYSTEM NAME AND NUMBER:
    Department of Transportation, Federal Aviation Administration, DOT/
FAA 847--Aviation Records on Individuals.

SECURITY CLASSIFICATION:
    Sensitive, unclassified

SYSTEM LOCATION:
    1. Air traffic safety specialist credentialing records: FAA Cloud 
Services Amazon Web Services (FCS AWS) East West Public Cloud and the 
Office of Information and Technology Services Enterprise Data Center 
(AIT EDC) Mike Monroney Aeronautical Center (MMAC), 6500 South 
MacArthur Boulevard, Oklahoma City, OK 73169;
    2. Airmen testing records: PSI Services LLC's DataBank Data Center 
at 731 W. Henry Street, Indianapolis, IN 46225;
    3. Airmen certification records: Civil Aviation Registry 
Applications, FAA Enterprise Data Center (EDC) Airmen Records Building 
(ARB) at the MMAC, 6500 South MacArthur Boulevard, Oklahoma City, OK 
73169 and in the Enterprise Architecture and Solutions Environment 
(EASE) Mainframe, which resides at the U.S. Department of Agriculture 
(USDA) National Information Technology Center (NITC) in Kansas City, MO 
64114;
    4. Enforcement Investigation Reports maintained by the Office of 
the Chief Counsel: located in the FAA Cloud Services Amazon Web 
Services (FCS AWS) East West Public Cloud;
    5. Information on regulated entities such as air carriers, air 
agencies and various types of airmen: Office of Information and 
Technology Services Enterprise Data Center (AIT EDC) at the MMAC, 6500 
South MacArthur Boulevard, Oklahoma City, OK 73169;
    6. Information on enforcement actions for statutory or regulatory 
violations concerning the operation and maintenance of aircraft, 
airports, and aircraft equipment by individual airman, air passengers, 
or certified companies: FAA Office of Information and Technology 
Services Enterprise Data Center (AIT EDC) at the MMAC, 6500 South 
MacArthur Boulevard, Oklahoma City, OK 73169;
    7. Information on individuals such as inspection authorization 
holders and airmen: FAA Office of Information and Technology Services 
Enterprise Data Center (AIT EDC) at the MMAC, 6500 South MacArthur 
Boulevard, Oklahoma City, OK 73169;
    8. Information on activity tracking of airmen performing flight 
safety operations such as flight crewmember qualifications: FAA 
Enterprise Data Center Airmen Records Building (EDCARB) at the MMAC, 
6500 South MacArthur Boulevard, Oklahoma City, OK 73169;
    9. Training and awards records: FAA Office of Information and 
Technology Services Enterprise Data Center (AIT EDC) at the MMAC, 6500 
South MacArthur Boulevard, Oklahoma City, OK 73169;
    10. Airmen certificate and registration document tracking records: 
FAA Office of Information and Technology Services Enterprise Data 
Center (AIT EDC) at the MMAC, 6500 South MacArthur Boulevard, Oklahoma 
City, OK 73169;
    11. Safety assurance records: MMAC, 6500 South MacArthur Boulevard, 
Oklahoma City, OK 73169; AWS US East; and Volpe National Transportation 
Systems Center, 55 Broadway, Cambridge, MA 02142; and
    12. Quality assurance reporting records: located in the FCS AWS 
East West Cloud.

SYSTEM MANAGER(S) AND ADRESSES:
    1. Air traffic safety specialist credentialing records: System 
Manager, AOV-240, FAA Headquarters, 800 Independence Avenue SW, 
Washington, DC 20591, Email: faa.gov">9-AVS-AOV-Support@faa.gov;
    2. Airmen testing records: ATLAS AAV System Manager, FAA Airman 
Testing Standards Branch, AFS-630, MMAC, 6500 South MacArthur 
Boulevard, Oklahoma City, OK 73169, Email: 
faa.gov">AirmanKnowledgeTesting@faa.gov;
    3. Airmen certification records: Civil Aviation Registry 
Applications, Manager, FAA Airmen Certification Branch, AFB-720 Federal 
Aviation Administration, MMAC, PO Box 25082, Oklahoma City, OK 73125, 
Email: faa.gov">9-AMC-AFS760-Airmen@faa.gov;
    4. Enforcement Investigation Reports maintained by the Office of 
the Chief Counsel: Manager, FAA AGC-10 Operation Division, 1701 
Columbia Avenue, College Park, GA 30337, Email: faa.gov">9-AGC-IT@faa.gov;
    5. Information on regulated entities such as air carriers, air 
agencies and various types of airmen: Manager, FAA SASO Program Office, 
Safety Analysis and Promotion Division, 13873 Park Center Road, Suite 
160, Herndon, VA 20171, Email: faa.gov">9-AWA-AFS-900-SASO@faa.gov;
    6. Information about enforcement actions for statutory or 
regulatory violations concerning the operation and maintenance of 
aircraft, airports, and aircraft equipment by individual airman, air 
passengers, or certified companies: Manager, FAA Safety Analysis and 
Promotion Division, Automation Systems Management Branch, AFS-950, 
13873 Park Center Road, Suite 160, Herndon, VA 20171, Email: faa.gov">9-avs-afs-cpft@faa.gov;
    7. Information on individuals such as inspection authorization 
holders and airmen: Manager, FAA SASO Program Office, Safety Analysis 
and Promotion Division, 13873 Park Center Road, Suite 160, Herndon, VA 
20171, Email: faa.gov">9-AWA-AFS-900-SASO@faa.gov;
    8. Information on activity tracking of airmen performing flight 
safety operations such as flight crewmember qualifications: Manager, 
FAA--Air Traffic Organization Branch, AJF-2131 Federal Aviation 
Administration, Ronald Reagan Washington National Airport Hanger 6, 
3201 Thomas Avenue, Washington, DC 20001, Email: [email protected];
    9. Training and awards records: FAA Flight Standards Service, FAA 
Office of Safety Standards, General Aviation and Commercial Division, 
Room 821, 800 Independence Avenue SW, Washington, DC 20591, Email: 
faa.gov">faasafety@faa.gov;
    10. Airmen certificate and registration document tracking records: 
Manager, FAA Airmen Certification Branch Manager, 6425 South Denning 
Avenue, Oklahoma City, OK 73169, Email: faa.gov">9-AMC-AFS760-Airmen@faa.gov;
    11. Safety assurance records: Information Technology (IT) Project 
Manager, FAA, 2245 Airport Boulevard, Santa Rosa, CA 95403, Email: faa.gov">SAS-POC@faa.gov; and
    12. Quality assurance reporting records: System Manager, FAA 
Orlando FSDO, 8427 Southpark Circle, Orlando, FL 32819, Phone: 866-835-
5322.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    49 U.S.C. 40101; 49 U.S.C. 40113; 49 U.S.C. 44701; 49 U.S.C. 44702; 
49 U.S.C. 44703; 49 U.S.C. 44709; 49 U.S.C. 45106; 49 U.S.C. 46301; 49 
CFR part 175.31; and 14 CFR parts 61 and 65.

PURPOSE(S) OF THE SYSTEM:
    This system is the official repository of aviation records on 
individuals that are required to be maintained in connection with FAA's 
oversight and enforcement of compliance with safety regulations and 
statutes and orders issued thereunder.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who hold or previously held airmen certificates, and 
applicants for airmen certificates; Air traffic controllers and 
applicants for these positions; Individuals who submit feedback to the 
FAA; and Individuals against whom FAA has initiated informal action, 
compliance action, administrative action or legal enforcement action 
for violating safety regulations and statutes or orders issued 
thereunder.

[[Page 48961]]

CATEGORIES OF RECORDS IN THE SYSTEM:
    Personal information records such as name, date of birth, place of 
residence, mailing address, email address, telephone number, fax 
number, employer name, signature, social security number, citizenship, 
nationality and country, gender, biometric information (height, weight, 
hair color, eye color), self-portrait image, educational records, 
employment records, criminal history, Taxpayer Identification Number 
(TIN)/Employer Identification Number (EIN), copies of identifying 
documents presented during the application process; Certification-
related records such as applications for certification, airman 
certificate number, credential number, applications for tests, results 
of tests, applications for inspection authority, certificates held, 
ratings, certification dates, certification types, titles, stop orders, 
and requests for replacement certificates, contractor designator, 
designator examiner number; flight instructor number, training records, 
inspector's Flight Standards District Office (FSDO) code; Records 
concerning safety compliance notices, compliance actions, informal 
actions, warning notices, oral or written counseling, letters of 
correction, letters of investigation, notices of proposed legal 
enforcement action, final action legal documents in enforcement 
actions, and correspondence with the Office of the Chief Counsel and 
others in enforcement cases; and Other identifier records such as DoD 
identification number (ID), FTN, payment authorization code, generated 
control number, Office of Aviation System Standards Unique Identifier 
(AVN UID), tracking number and FAA ID.

RECORD SOURCE CATEGORIES:
    Airmen certification records are obtained from the individual to 
whom the records pertain, FAA aviation safety inspectors and FAA 
designated representatives; Feedback received by the FAA are obtained 
from both employees and external individuals; and Records of informal 
action, compliance action, administrative action, and legal enforcement 
records are obtained from witnesses, the Office of the Chief Counsel, 
Office of Security and Hazardous Materials (ASH) personnel, Flight 
Standards personnel, Office of Aviation Safety (AVS) personnel, Office 
of Commercial Space Transportation personnel, Office of Airports 
personnel, Aeronautical Center personnel, and the National 
Transportation Safety Board.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside of DOT 
FAA as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

System Specific Routine Uses:
    1. Provide basic airmen certification and qualification information 
to the public upon request; examples of basic information include:
     The type of certificates and ratings held;
     The date, class, and restrictions of the latest physical 
airman's certificate number;
     The status of the airman's certificate (i.e., whether it 
is current or has been amended, modified, suspended or revoked for any 
reason);
     The airman's home address, unless requested by the airman 
to be withheld from public disclosure per 49 U.S.C. 44703(c); and
     Requests for review of certificate denials.
    2. Disclose information to the National Transportation Safety Board 
(NTSB) in connection with its investigation responsibilities.
    3. Provide information about airmen to Federal, State, local, and 
Tribal law enforcement agencies when engaged in an official 
investigation in which an airman is involved.
    4. Provide information about enforcement actions or orders issued 
thereunder to government agencies, the aviation industry, and the 
public upon request;
    5. Make records of delinquent civil penalties owed to the FAA 
available to the U.S. Department of the Treasury (Treasury) and the 
U.S. Department of Justice (DOJ) for collection pursuant to 31 U.S.C. 
3711(g).
    6. Make records of effective orders against the certificates of 
airmen available to their employers if the airmen use the affected 
certificates to perform job responsibilities for those employers.
    7. Make airmen records available to users of FAA's Safety 
Performance Analysis System (SPAS), including the Department of Defense 
Commercial Airlift Division's Air Carrier Analysis Support System 
(ACAS) for its use in identifying safety hazards and risk areas, 
targeting inspection efforts for certificate holders of greatest risk, 
and monitoring the effectiveness of targeted oversight actions.
    8. Provide information about airmen to Federal, State, local, and 
Tribal law enforcement, national security or homeland security agencies 
whenever such agencies are engaged in the performance of threat 
assessments affecting the safety of transportation or national 
security.

Departmental Routine Uses:
    1. In the event that a system of records maintained by DOT to carry 
out its functions indicates a violation or potential violation of law, 
whether civil, criminal or regulatory in nature, and whether arising by 
general statute or particular program pursuant thereto, the relevant 
records in the system of records may be referred, as a routine use, to 
the appropriate agency, whether Federal, State, local or foreign, 
charged with the responsibility of investigating or prosecuting such 
violation or charged with enforcing or implementing the statute, or 
rule, regulation, or order issued pursuant thereto.
    2. A record from this system of records may be disclosed, as a 
routine use, to a Federal, State, or local agency maintaining civil, 
criminal, or other relevant enforcement information or other pertinent 
information, such as current licenses, if necessary to obtain 
information relevant to a DOT decision concerning the hiring or 
retention of an employee, the issuance of a security clearance, the 
letting of a contract, or the issuance of a license, grant or other 
benefit.
    3. A record from this system of records may be disclosed, as a 
routine use, to a Federal agency, in response to its request, in 
connection with the hiring or retention of an employee, the issuance of 
a security clearance, the reporting of an investigation of an employee, 
the letting of a contract, or the issuance of a license, grant, or 
other benefit by the requesting agency, to the extent that the 
information is relevant and necessary to the requesting agency's 
decision on the matter.
    12a. Routine Use for Disclosure for Use in Litigation. It shall be 
a routine use of the records in this system of records to disclose them 
to the Department of Justice or other Federal agency conducting 
litigation when (a) DOT, or any agency thereof, or (b) Any employee of 
DOT or any agency thereof, in his/her official capacity, or (c) Any 
employee of DOT or any agency thereof, in his/her individual capacity 
where the Department of Justice has agreed to represent the employee, 
or (d) The United States or any agency thereof, where DOT determines 
that litigation is likely to affect the United States, is a party to 
litigation or has an interest in such litigation, and the use of such 
records by the Department of Justice or

[[Page 48962]]

other Federal agency conducting the litigation is deemed by DOT to be 
relevant and necessary in the litigation, provided, however, that in 
each case, DOT determines that disclosure of the records in the 
litigation is a use of the information contained in the records that is 
compatible with the purpose for which the records were collected.
    12b. Routine Use for Agency Disclosure in Other Proceedings. It 
shall be a routine use of records in this system to disclose them in 
proceedings before any court or adjudicative or administrative body 
before which DOT or any agency thereof, appears, when (a) DOT, or any 
agency thereof, or (b) Any employee of DOT or any agency thereof in 
his/her official capacity, or (c) Any employee of DOT or any agency 
thereof in his/her individual capacity where DOT has agreed to 
represent the employee, or (d) The United States or any agency thereof, 
where DOT determines that the proceeding is likely to affect the United 
States, is a party to the proceeding or has an interest in such 
proceeding, and DOT determines that use of such records is relevant and 
necessary in the proceeding, provided, however, that in each case, DOT 
determines that disclosure of the records in the proceeding is a use of 
the information contained in the records that is compatible with the 
purpose for which the records were collected.
    13. The information contained in this system of records will be 
disclosed to the Office of Management and Budget, OMB in connection 
with the review of private relief legislation as set forth in OMB 
Circular No. A-19 at any stage of the legislative coordination and 
clearance process as set forth in that Circular.
    14. Disclosure may be made to a Congressional office from the 
record of an individual in response to an inquiry from the 
Congressional office made at the request of that individual. In such 
cases, however, the Congressional office does not have greater rights 
to records than the individual. Thus, the disclosure may be withheld 
from delivery to the individual where the file contains investigative 
or actual information or other materials which are being used, or are 
expected to be used, to support prosecution or fines against the 
individual for violations of a statute, or of regulations of the 
Department based on statutory authority. No such limitations apply to 
records requested for Congressional oversight or legislative purposes; 
release is authorized under 49 CFR 10.35(a)(9).
    15. One or more records from a system of records may be disclosed 
routinely to the National Archives and Records Administration in 
records management inspections being conducted under the authority of 
44 U.S.C. 2904 and 2906.
    16. Routine Use for disclosure to the Coast Guard and to the 
Transportation Security Administration. A record from this system of 
records may be disclosed as a routine use to the Coast Guard and to the 
Transportation Security Administration if information from this system 
was shared with either agency when that agency was a component of the 
Department of Transportation before its transfer to the Department of 
Homeland Security and such disclosure is necessary to accomplish a DOT, 
TSA or Coast Guard function related to this system of records.
    17. DOT may make available to another agency or instrumentality of 
any government jurisdiction, including State and local governments, 
listings of names from any system of records in DOT for use in law 
enforcement activities, either civil or criminal, or to expose 
fraudulent claims, regardless of the stated purpose for the collection 
of the information in the system of records. These enforcement 
activities are generally referred to as matching programs because two 
lists of names are checked for match using automated assistance. This 
routine use is advisory in nature and does not offer unrestricted 
access to systems of records for such law enforcement and related 
antifraud activities. Each request will be considered on the basis of 
its purpose, merits, cost-effectiveness, and alternatives using 
Instructions on reporting computer matching programs to the Office of 
Management and Budget, OMB, Congress, and the public, published by the 
Director, OMB, dated September 20, 1989.
    18. It shall be a routine use of the information in any DOT system 
of records to provide to the Attorney General of the United States, or 
his/her designee, information indicating that a person meets any of the 
disqualifications for receipt, possession, shipment, or transport of a 
firearm under the Brady Handgun Violence Prevention Act. In case of a 
dispute concerning the validity of the information provided by DOT to 
the Attorney General, or his/her designee, it shall be a routine use of 
the information in any DOT system of records to make any disclosures of 
such information to the National Background Information Check System, 
established by the Brady Handgun Violence Prevention Act, as may be 
necessary to resolve such dispute.
    19a. To appropriate agencies, entities, and persons when (1) DOT 
suspects or has confirmed that there has been a breach of the system of 
records; (2) DOT has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, DOT (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with DOT's efforts to respond to the suspected or confirmed 
breach or to prevent, minimize, or remedy such harm.
    19b. To another Federal agency or Federal entity, when DOT 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    20. DOT may disclose records from this system, as a routine use, to 
the Office of Government Information Services for the purpose of (a) 
resolving disputes between FOIA requesters and Federal agencies and (b) 
reviewing agencies' policies, procedures, and compliance in order to 
recommend policy changes to Congress and the President.
    21. DOT may disclose records from this system, as a routine use, to 
contractors and their agents, experts, consultants, and others 
performing or working on a contract, service, cooperative agreement, or 
other assignment for DOT, when necessary to accomplish an agency 
function related to this system of records.
    22. DOT may disclose records from this system, as a routine use, to 
an agency, organization, or individual for the purpose of performing 
audit or oversight operations related to this system of records, but 
only such records as are necessary and relevant to the audit or 
oversight activity. This routine use does not apply to intra-agency 
sharing authorized under section (b)(1) of the Privacy Act.
    23. DOT may disclose from this system, as a routine use, records 
consisting of, or relating to, terrorism information (6 U.S.C. 
485(a)(5)), homeland security information (6 U.S.C. 482(f)(1)), or law 
enforcement information (Guideline 2 Report attached to White House 
Memorandum, ``Information Sharing Environment, November 22, 2006) to a 
Federal, State,

[[Page 48963]]

local, Tribal, Territorial, foreign government and/or multinational 
agency, either in response to its request or upon the initiative of the 
Component, for purposes of sharing such information as is necessary and 
relevant for the agencies to detect, prevent, disrupt, preempt, and 
mitigate the effects of terrorist activities against the territory, 
people, and interests of the United States of America, as contemplated 
by the Intelligence Reform and Terrorism Prevention Act of 2004 (Pub. 
L. 108-458) and Executive Order 13388 (October 25, 2005).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in file folders, on lists and forms, and in 
computer processing storage media. Records are also stored on 
microfiche, on roll microfilm, and as electronic images.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are primarily retrievable by name, birth date, social 
security number, airman certificate number, EIR number, FTN, credential 
number, email address, home address, or other identification numbers of 
the individual on whom the records are maintained.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The retention schedules for the individual systems are as follows:
    Air traffic safety specialist credentialing records: the records 
are covered by retention schedule DAA-0237-2021-0007-0001 and destroyed 
70 years at the end of the last credentialing certification, rating, 
training requirements, and skill evaluation; Airmen testing records: 
the FAA has proposed a replacement retention schedule to provide a 
longer retention period of five years for both airman test applications 
and completed tests. The current retention schedule, NC1-237-77-03, 
Items 21-23, requires retention for four years for applications and 60 
days for completed tests. The FAA will comply with the current 
retention schedule until it receives approval of record disposition 
authority for the retention request; Airmen certification records: is 
designated as the permanent record for airmen certification information 
and, as such, records are covered by retention schedule N1-237-06-001 
and destroyed after 60 years or when no longer needed, whichever is 
later; Enforcement Investigation Reports maintained by the Office of 
the Chief Counsel: these records are covered under N1-237-92-004 and 
transferred to the Federal Records Center (FRC) two years after cases 
are closed in EIS. The FRC destroys records five years after they are 
closed in EIS. Case files resulting in ``no action'' are destroyed 30 
days (or no later than 90 days) after cases are closed in EIS. Case 
files resulting in an indefinite suspension of an airman certificate 
pending successful completion of reexamination or proof of 
qualification are destroyed one month after the date of successful 
completion of reexamination or proof of qualifications; Information on 
regulated entities such as air carriers, air agencies and various types 
of airmen: the records will be covered under retention schedule DAA-
0237-2022-0005-0002 and retained for at least 30 years, but longer 
retention is authorized if necessary for business use; Information 
about enforcement actions for statutory or regulatory violations 
concerning the operation and maintenance of aircraft, airports, and 
aircraft equipment by individual airmen, air passengers, or certified 
companies: the FAA has drafted a retention schedule, DAA-0237-2021-
0014, to provide a retention period of 99 years for airmen records. 
This schedule will replace the current schedule that allows destruction 
within a shorter timeframe. The FAA will maintain these records 
indefinitely until it receives an approval of record disposition 
authority for the retention request; Information on individuals such as 
inspection authorization holders and airmen: the FAA is developing a 
new retention schedule and will treat these records as permanent 
records until it receives an approval of record disposition authority 
for the retention request; Information on activity tracking of airmen 
performing flight safety operations such as flight crewmember 
qualifications: the records will be covered under retention schedule 
DAA-0237-2020-0029-0001. Pursuant to this schedule, the FAA maintains 
these records for three years after the relevant flight activity is no 
longer needed;
    Training and awards records: the FAA is developing a new retention 
schedule and proposes to maintain the records for six years of 
inactivity. The FAA will treat these records as permanent records until 
it receives an approval of record disposition authority for the 
retention request;
    Airmen certificate and registration document tracking records: is 
designated as the temporary repository for airmen registration and 
application data and, as such, the records are covered under retention 
schedule N1-237-09-014 and deleted/destroyed once the forms or related 
applications are superseded or obsolete; Safety assurance records: the 
FAA is developing a new retention schedule and will treat these records 
as permanent records until it receives an approval of record 
disposition authority for the retention request; and Quality assurance 
reporting records: the FAA is developing a new retention schedule and 
will treat these records as permanent records until it receives an 
approval of record disposition authority for the retention request.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records in this system are safeguarded in accordance with 
applicable rules and policies, including all applicable DOT FAA 
automated systems security and access policies. Strict controls have 
been imposed to minimize the risk of compromising the information that 
is being stored. Access to the computer system containing the records 
in this system is limited to individuals who have a need to know the 
information for the performance of their official duties and who have 
appropriate clearances or permissions.

RECORD ACCESS PROCEDURES:
    Individuals seeking notification of whether this system of records 
contains information about them may contact the System Manager at the 
address provided in the section ``System Manager.'' When seeking 
records about yourself from this system of records or any other 
Departmental system of records your request must conform to the Privacy 
Act regulations set forth in 49 CFR part 10. You must sign your 
request, and your signature must either be notarized or submitted under 
28 U.S.C. 1746, a law that permits statements to be made under penalty 
of perjury as a substitute for notarization. If your request is seeking 
records pertaining to another living individual, you must include a 
statement from that individual certifying his/her agreement for you to 
access his/her records.

CONTESTING RECORDS PROCEDURES:
    See ``Record Access Procedures'' above.

NOTIFICATION PROCEDURES:
    See ``Record Access Procedures'' above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Records in this system that relate to administrative actions and 
legal enforcement actions are exempted from certain access and 
disclosure requirements of the Privacy Act of 1974, pursuant to 5 
U.S.C. 552a(k)(2).

[[Page 48964]]

HISTORY:
    A full notice of this system of records, DOT/FAA 847--Aviation 
Records of Individuals, was published in the Federal Register on 
November 9, 2010 (75 FR 68849).

    Issued in Washington, DC.
Karyn Gorman,
Departmental Chief Privacy Officer.
[FR Doc. 2024-12595 Filed 6-7-24; 8:45 am]
BILLING CODE 4910-9X-P