[Federal Register Volume 62, Number 191 (Thursday, October 2, 1997)]
[Notices]
[Pages 51698-51702]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-25952]
=======================================================================
-----------------------------------------------------------------------
NATIONAL COUNTERINTELLIGENCE CENTER
Privacy Act of 1974; Establishment of a New System of Records
AGENCY: National Counterintelligence Center (NACIC).
ACTION: Establishment of Privacy Act system of records including
statement of routine uses and detailed description of system.
-----------------------------------------------------------------------
SUMMARY: On February 27, 1997, the National Counterintelligence Center
(NACIC) published for public comment a notice for the establishment of
a new Privacy Act system of records. It was provided in that notice
that the system of records would become effective without further
notice 40 days after publication unless modified by a subsequent notice
in order to incorporate comments received from the public.
Although no comments were received from members of the public,
reviews internally and by representatives of the Department of Justice
approved the ``routine uses'' as published but otherwise suggested
several clarifications to the descriptions set forth in the sections
entitled ``Categories of records in the system'' and ``Exemptions
claimed for the system.'' Inasmuch as the Privacy Act requires only
that the portion of the system description which describes the
``routine uses'' of a system be published
[[Page 51699]]
for comment, the NACIC Privacy Act declaration, is set forth in its
entirety below.
DATES: This system of records notice is effective October 2, 1997.
FOR FURTHER INFORMATION WRITE: Information and Privacy Coordinator,
Executive Secretariat Office, National Counterintelligence Center, 3W01
NHB, Washington, DC 20505.
SUPPLEMENTARY INFORMATION: Pursuant to the Privacy Act, 5 U.S.C. 552a,
NACIC hereby establishes a new system of records to be maintained at
the NACIC headquarters. The purpose of this notice is to announce the
creation and character of the system of records subject to the Privacy
Act which is maintained by NACIC.
For the convenience of the public, the above referenced
clarifications to the previously published notice include:
(a) Several modifications to the listed categories of records have
been deemed appropriate for record system NACIC-1; they include:
(1) The categories numbered 1-5 and 7 in the notice are deleted in
that these categories of records are neither indexed nor retrievable by
name or other personal identifier and thus do not meet the basic
definition of a Privacy Act system of records;
(2) The category entitled ``Publications, Training Materials and
Regional Seminar Records'' and numbered 8 in the notice is clarified to
include not only ``lists of speakers'' but also speaker qualifications
and courses in which they have participated to the extent such data
exists; it is also clarified in that the materials previously covered
by the term ``case studies'' are now separately listed as a
``Counterintelligence Damage Assessments and Incident Files'';
(3) The category entitled ``Personnel files'' and numbered 9 in the
notice is modified to include NACIC personnel who are independent
contractors;
(4) A new category entitled ``Counterintelligence Damage
Assessments and Incident Files'' is added and includes copies of the
finished assessments of the damage to U.S. intelligence sources and
methods resulting from significant and particular espionage cases as
well as summaries of significant counterintelligence incidents
including the circumstances and characteristics of the target, the
circumstance of the event, and the particular threat presented;
(5) A new category entitled ``Computer and Physical Security
Files'' is added and includes data such as the names, passwords,
accesses and special accesses to both physical locations and computer
systems, relevant audit trails for such accesses, and particular
clearances and certifications of clearances; the individuals covered
include all personnel assigned to NACIC as well as other individuals
holding national security clearances and having authorized access to
NACIC facilities and/or computer systems.
(b) Several corrections to the section of the notice entitled
``Exemptions claimed for the system'' have been determined necessary as
a result of an editing error prior to submission of the notice to the
Federal Register they include:
(1) The specific reference to Privacy Act exemption (k)(1) was
inadvertently omitted from the discussion of the exemption for
classified national security information and is now included;
(2) The listings of Privacy Act exemptions (k) (2)-(6) as
authorized by the Act were also inadvertently omitted and are now
included although their invocation, given the mission of NACIC, will be
rare;
(3) And, the reference to Privacy Act exemption (j)(1) is clarified
so that it applies only to that information in the joint custody of the
Central Intelligence Agency (CIA) and NACIC where the Director of
Central Intelligence (DCI) has determined that such information should
be exempt from certain specified provisions of the Privacy Act pursuant
to the National Security Act of 1947 and the CIA Act of 1949;
(c) An addition to the sections of the notice entitled ``Record
access procedures'' and ``Contesting record procedures'' has also been
determined to be appropriate in order specifically to inform members of
the public of their right to and procedures to effect an administrative
appeal in the event of a denial of their request.
Accordingly, the notice regulating the management of an public
access to the Privacy Act record system maintained by NACIC are set
forth in their entirety below.
Statement of General Routine Uses
The following routine uses apply to, and are incorporated by
reference into each system of records maintained by NACIC. It should be
noted that, before the individual record system notices begin, the
blanket routine uses of the records are published below only once in
the interest of simplicity, economy and to avoid redundancy.
1. Routine Use-Law Enforcement: In the event that a system of
records maintained by NACIC to carry out its functions indicates a
violation or potential violation of law, whether civil, criminal or
regulatory in nature, and whether arising by general statute or by
regulation, rule or order issued pursuant thereto, the relevant records
in the system of records maybe referred, as a routine use, to the
appropriate agency whether Federal, state, local or foreign, charged
with the responsibility of investigating or prosecuting such violation
or charged with enforcing or implementing the statute, rule, regulation
or order issued pursuant thereto.
2. Routine Use-Disclosure When Requesting Information: A record
from a system of records maintained by this component may be disclosed
as a routine use to a Federal, state, or local agency maintaining
civil, criminal, or other relevant enforcement information or other
pertinent information, if necessary to obtain information relevant to a
component decision concerning the hiring or retention of an employee,
the issuance of a security clearance, the letting of a contact, or the
issuance of a license, grant or other benefit.
3. Routine Use-Disclosure of Requested Information: A record from a
system of records maintained by this component may be disclosed to a
Federal agency, in response to its request, in connection with the
hiring or retention of an employee, the issuance of a security
clearance, the reporting of an investigation of an employee, the
letting of a contract, or the issuance of a license, grant or other
benefit by the requesting agency, to the extent that the information is
relevant and necessary to the requesting agency's decision on the
matter.
4. Routine Use-Congressional: Inquiries from a system of records
maintained by this component maybe made to a Congressional office from
the record of an individual in response to an inquiry from the
Congressional office made at the request of that individual.
5. Routine Use-Disclosures Required by International Agreements: A
record from a system of records maintained by this component may be
disclosed to foreign law enforcement, security, investigatory, or
administrative authorities in order to comply with requirements imposed
by, or to claim rights conferred in, international agreements and
arrangements including those regulating the stationing and status in
foreign countries of Department of Defense military and civilian
personnel.
6. Routine Use-disclosure to the Department of Justice for
Litigation: A record from a system of records maintained by this
component may be disclosed as routine use to any component of the
Department of Justice
[[Page 51700]]
for the purpose of representing any officer, employee or member of this
component in pending or potential litigation to which the record is
pertinent.
7. Routine Use-Disclosure of Information to the Information
Security Oversight Office (ISOO): A record from a system of records
maintained by this component may be disclosed as a routine use to the
Information Security Oversight Office (ISOO) or any other executive
branch entity authorized to conduct inspections or develop security
classification policy for the purpose of records management inspections
conducted under authority of 44 U.S.C. 2904 and 2906.
8. Routine Use-Disclosure of Information to the National Archives
and Records Administration (NARA): A record from a system of records
maintained by this component may be disclosed as a routine use to the
National Archives and Records Administration (NARA) for the purpose of
records management inspections conducted under authority of 44 U.S.C.
2904 and 2906.
9. Routine Use-Disclosure to the Merit Systems Protection Board: A
record from a system of records maintained by this component may be
disclosed as a routine use to the Merit Systems Protection Board,
including the Office of the Special Counsel for the purpose of
litigation including administrative proceedings, appeals special
studies of the civil service and other merit systems, review of OPM or
component rules and regulations, investigation of alleged or possible
prohibited personnel practices; including administrative proceedings
involving any individual subject of investigation, and such other
functions, promulgated in 5 U.S.C. 1205 and 1206, or as may be
authorized by law.
10. Routine Use-Counterintelligence Purposes: A record from a
system of records maintained by this component may be disclosed as a
routine use outside the U.S. Government for the purpose of
counterintelligence activities authorized by U.S. Law or executive
Order or for the purpose of enforcing laws which protect the national
security of the United States.
NACIC-1
SYSTEM NAME:
National Counterintelligence Center System of Records (NACIC-1)
SECURITY CLASSIFICATION:
The classification of individual records in the system range from
UNCLASSIFIED to TOP SECRET Codeword.
SYSTEM LOCATION:
National Counterintelligence Center, 3W01 NHB, Washington, DC 20505
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
1. Individuals who are of foreign intelligence or foreign
counterintelligence interest and relate in any manner to foreign
intelligence threats to U.S. national and economic security;
2. Applicants for, and current and former personnel of NACIC who
are federal employees;
3. Individuals associated with NACIC administrative operations or
services including independent contractors, industrial contractor
employees, or individuals otherwise associated with such operations and
services;
4. And, any other individuals authorized access to NACIC
information and facilities.
CATEGORIES OF RECORDS IN THE SYSTEM:
1. Counterintelligence Damage Assessments and Incident Files:
Maintained by the NACIC Threat Assessment Office (TAO); records include
copies of the finished assessments of the damage to U.S. intelligence
sources and methods resulting from significant and particular espionage
cases as well as summaries of significant counterintelligence incidents
including the circumstances and characteristics of the target, the
circumstances of the event, and the particular threat presented;
2. Compromised Names Database: Maintained by the NACIC Threat
Assessment Office (TAO); the database is utilized to notify U.S.
intelligence community personnel whose names were potentially
compromised as a result of espionage or other foreign intelligence
collection activity; the database contains the names of persons
potentially compromised, date of the memo sent to the person or their
employer informing them, and documentary reference(s) to the
compromised information;
3. Computer and Physical Security Files: Maintained by the NACIC
Executive Secretariat Office (ESO); records include the names,
passwords, accesses, and special accesses to both physical locations
and computer systems, relevant audit trails for such accesses, and
particular clearances and certifications of clearances;
4. Publication, Training and Seminar Files: Maintained by NACIC's
Program Integration Office (PIO) Community Training Branch; records
include letters of acceptance, enrollment forms, thank you letters,
lists of attendees, lists of speakers, notes, case studies, syllabi,
training packets, magazine or newspaper articles, and other records
used either for course development purposes or to facilitate the
presentation of seminars;
5. Personnel Files:
a. Specific types of personnel records are maintained by the NACIC
Front Office (FO); these records are maintained in individual official
personnel folders and include, inter alia, papers documenting personnel
actions, performance appraisals, correspondence, travel documents,
contracts, justifications, memorandums, and administrative material;
b. A second type of personnel records is maintained by the NACIC
Executive Secretariat Office (ESO); these records are Memorandums of
Agreement between the detailee's parent organization and NACIC;
c. The third type of personnel records is maintained by the NACIC
Program Integration Office/Community Training Branch (PIO/CTB); these
records include the training documents;
6. Freedom of Information Act (FOIA)/Privacy Act (PA) Requests and
Legal Files: Files created in response to public requests for
information and/or amendment of records under the FOIA/PA, consisting
of the original request, a copy of the reply thereto, and all related
supporting files which may include the official file copy of requested
record or copy thereof; also, all similar records created in response
to administrative appeals and litigations predicated on such initial
requests;
7. Special Search Files: Files created in response to official
United States or foreign government requests for information which may
include requests from executive, congressional, judicial, or diplomatic
sectors consisting of the original tasking or request, a copy of the
reply thereto, and all related supporting files which may include the
official file copy of the requested record or copy thereof.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Section 506(a) of the Federal Records Act of 1950, codified at 44
U.S.C. 3101, and Title 36, Code of Federal Regulations, Chapter XII,
which require Federal agencies to insure that adequate and proper
records are made and preserved to document the organization, functions,
polices, decisions, procedures and transactions and to protect the
legal and financial rights of the Federal Government.
PURPOSE(s):
NACIC was established by Presidential directive for the purpose of
[[Page 51701]]
coordinating national level counterintelligence activities of the
United States. The purposes for the maintenance of these records
include: Coordinating national strategic CI planning efforts, providing
strategic guidance and assessing the effectiveness of CI operations,
facilitating the development of and implementing training for the CI
community, producing national-level foreign intelligence threat
assessments, and coordinating assessments of damage to U.S. interests
resulting from espionage cases.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
See Statement of General Routine Uses.
DISCLOSURE TO CONSUMER REPORTING AGENCIES:
None.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Files are maintained in computerized form and hard copy form;
computerized form may be stored in memory, on disk storage, on computer
tape, and/or on a computer printed listing.
RETRIEVABILITY:
Names and related information are retrievable by automated or hand
search based on extant indices and automated capabilities utilized in
the normal course of business. Under applicable law and regulations,
NACIC may not permit any organization, public or private, outside the
NACIC to have direct access to NACIC files; accordingly, all searchers
of NACIC databases and paper files will be performed on site, within
NACIC space, by NACIC personnel.
SAFEGUARDS:
Records and databases are maintained in a restricted area within
NACIC and are accessed only by NACIC personnel. All employees are
checked to ensure that they hold currently valid security clearances,
are cautioned about divulging classified or other privileged
information contained in NACIC files, and are advised that failure to
abide by these provisions may constitute a violation of federal
criminal law and/or give rise to civil liability. Employees who resign
or retire are also cautioned about divulging information acquired in
their jobs. Registered mail is used to transmit routine hard copy
records while highly classified records are hand carried by individuals
holding appropriate security clearances. Highly classified or sensitive
privacy information, which is electronically transmitted between NACIC
and other offices, is transmitted in encrypted form to prevent
interception.
RETENTION AND DISPOSAL:
Records evaluated as historical and permanent will be transferred
to the National Archives after established retention periods and
administrative needs of the NACIC have elapsed.
SYSTEM MANAGER(S) AND ADDRESS:
Information and privacy Coordinator, Executive Secretariat Office,
National Counterintelligence Center, 3W01 NHB, Washington, DC 20505.
NOTIFICATION PROCEDURE:
See record access procedures, infra.
RECORD ACCESS PROCEDURES;
A request for access to a record from the system shall be made in
writing with the envelope and the letter clearly marked ``Privacy Act
Request.'' Your request should include your full name, complete
address, date of birth, place of birth, notarized signature (or
declaration under penalty of perjury), and other identifying data you
may wish to furnish to assist in making a proper search of NACIC
records. A request for access to records must describe the records
sought in sufficient detail to enable NACIC personnel to locate the
system of records containing the record with a reasonable amount of
effort. Whenever possible, a request for access should describe the
nature of the record sought, and the data of the record or the period
in which the record was compiled. The requester must also provide a
return address for transmitting the information. Requests for access
must be addressed to the System Manager as noted above.
CONTESTING RECORD PROCREDURES:
Individuals desiring to contest or amend information maintained in
the system should also direct their request to the System Manager as
noted above. Such requests should delineate the information believed to
be incorrect and should include the information requested to be
substituted or added to the record.
RECORD SOURCE CATEGORIES:
Record source categories include subject individuals pursuant to
notice, official records and information disseminated to NACIC by other
federal government entities, and official records and information
provided to NACIC by other entities including foreign, state and local
governments as well as individuals and business entities.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
Notice is hereby given that NACIC intends to exempt from certain
provisions of the Privacy Act the following information pursuant to the
following specified authority:
(a) Records or portions of records in the physical possession of
NACIC which were originated by other federal agencies or which contain
information originated by such agencies shall be deemed to be in the
joint legal custody of and mutually maintained by both agencies.
Accordingly, NACIC shall apply any applicable exemptive provisions when
so informed by those agencies;
(b) Records or portions of records in the physical custody of NACIC
which would reveal intelligence sources and methods in contravention of
the National Security Act of 1947 are, pursuant to the exemptions
previously authorized by the Director of Central Intelligence under the
authority of section (j)(1), exempt from disclosure of accounting
(section (c)(3)), disclosure (section (d)), notification of collection
authority (section (e)(3) (A-D)), and notification of existence of
records (sections (e)(4)(G) and (f)(1)); in such instances where
confirmation of the existence of a record may itself jeopardize
intelligence sources and methods, the Coordinator must neither confirm
nor deny the existence of the record and shall advise the requester
that there is no record which is available pursuant to the Privacy Act;
(c) Records or portions of records in the physical custody of NACIC
which are currently and properly classified pursuant to Executive Order
12958 (or predecessor or subsequent Order) are, under the authority of
section (k)(1), exempt from disclosure of accounting (section (c)(3)),
disclosure (section (d)), and notification of existence of records
(sections (e)(4)(G) and (f)(1));
(d) Records or portions of records in the physical custody of NACIC
which are investigatory in nature and compiled for law enforcement
purposes, other than material within the scope of section (j)(2) of the
Act, are, under the authority of section (k)(2), exempt from disclosure
(section (d)); provided however, that if an individual is denied any
right, privilege, or benefit to which he/she is otherwise eligible, as
a result of the maintenance of such material, then such material shall
be provided to that individual except to the extent that the disclosure
would reveal the identity of a source who furnished the information to
the United States
[[Page 51702]]
Government under an express promise of confidentiality, or, prior to
the effective date of this section, under an implied promise of
confidentiality;
(e) Records or portions of records in the physical custody of NACIC
which are maintained in connection with providing protective services
to the President of the United States or other individuals pursuant to
18 U.S.C. section 3056 are, under the authority of section (k)(3),
exempt from disclosure (section (d));
(f) Records or portions of records in the physical custody of NACIC
which are required by statute to be maintained and used solely as
statistical records are, under the authority of section (k)(4), exempt
from disclosure (section (d));
(g) Records or portions of records in the physical custody of NACIC
which are investigatory in nature and compiled solely for the purpose
of determining suitability, eligibility, or qualifications for federal
civilian employment, military service, federal contracts, or access to
classified information are, under the authority of section (k)(5),
exempt from disclosure (section (d)); provided that and only to the
extent that disclosure would reveal the identity of a source who
furnished information to the United States Government under an express
promise of confidentiality, or, prior to the effective date of this
section, under an implied promise of confidentiality;
(h) And, records or portions of records in the physical custody of
NACIC which are testing or examination material used solely to
determine individual qualifications for appointment or promotion in the
federal service are, under the authority of section (k)(6), exempt from
disclosure (section (d)); provided that and only to the extent that
disclosure would compromise the objectivity or fairness of the testing
or examination process.
Michael Waguespack,
Director, National Counterintelligence Center.
[FR Doc. 97-25952 Filed 10-1-97; 8:45 am]
BILLING CODE 6310-02-M
