AGENCY:

National Science Foundation.

ACTION:

Notice of a new system of records.

SUMMARY:

The National Science Foundation (NSF) is establishing a new system of records, NSF–80, Education and Training Application Data System (ETAP), subject to the Privacy Act of 1974. This new system of records shall contain records about individuals interested in participating in NSF education and training activities, and individuals engaged in the planning, management, and implementation of those activities. These records will bolster the agency's capacity to conduct robust evidence-building activities, including monitoring, targeted research, and rigorous evaluation of its education and training activities.

DATES:

This system notice is effective as of October 24, 2023. The routine uses described in this notice will take effect on November 24, 2023, unless modified by a subsequent notice to incorporate comments received from the public. Submit comments on or before November 24, 2023.

ADDRESSES:

You may submit comments, identified as “SORN NSF–80 (ETAP),” by any of the following methods:

• Federal eRulemaking Portal: https://www.regulations.gov. Follow the instructions for submitting comments.

• Email: Dorothy Aronson, Senior Agency Official for Privacy, daronson@nsf.gov. Include “SORN NSF–80 (ETAP)” in the subject line of the message.

• Mail: Dorothy Aronson, Senior Agency Official for Privacy, Office of Information and Resource Management, National Science Foundation, 2415 Eisenhower Ave., Alexandria, VA 22314.

Instructions: NSF will post all comments on the NSF's website ( https://www.nsf.gov). All comments submitted in response to this Notice will become a matter of public record. Therefore, you should submit only information that you wish to make publicly available.

FOR FURTHER INFORMATION CONTACT:

If you wish to submit general questions about this new system of records, please contact Dorothy Aronson, Senior Agency Official for Privacy, at daronson@nsf.gov or by telephone at 703–292–4299 or NSF FOIA/PA Officer, Sandra Evans, at sevans@nsf.gov, or by telephone at 703–292–8060.

SUPPLEMENTARY INFORMATION:

NSF supports students and early career professionals at all stages of their academic journey through a wide range of opportunities that foster professional growth, facilitating exposure to and induction into the practice of science. The new system of records, NSF–80, Education and Training Application Data System (ETAP), will be used to collect, maintain, and manage individual applications to education and training opportunities funded by NSF, allow tracking of participants' program experiences and career outcomes over time, and provide high-quality data that NSF can use to respond to Administration priorities, the Foundations for Evidence-Based Policymaking Act of 2018 (Evidence Act), the America COMPETES Reauthorization Act of 2010, and the CHIPS+ Act.

SYSTEM NAME AND NUMBER:

Education and Training Application Data System Records (ETAP), NSF–80.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

National Science Foundation, 2415 Eisenhower Ave., Alexandria, VA 22314.

SYSTEM MANAGER(S):

Chief Evaluation Officer and Division Director, Division of Information Systems, NSF.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 1862 & 1870; 44 U.S.C. 3101; Pub. L. 105–277, t. 4, sec. 414, as amended, codified at 8 U.S.C. 1101 note (NSF S–STEM Program); and other program statutes, including 42 U.S.C. 1862p–6, 42 U.S.C. 1862p–7, 42 U.S.C. 1862p–13, 42 U.S.C. 1862p–15, 42 U.S.C. 1862t, 42 U.S.C. 1869c, 42 U.S.C.1885a.

PURPOSE(S) OF THE SYSTEM:

(1) To provide high-quality data that NSF can use for robust evidence-building activities including monitoring, targeted research, and rigorous evaluations of its activities, including programs.

(2) To provide the public with a transparent, accessible, and centralized location of information on NSF education and training opportunities Start Printed Page 73049 and reduce burden on individuals (mostly students), who will be able to use a common application to apply to multiple training opportunities funded by NSF.

(3) To lower barriers to entry into NSF programs for new and aspiring Principal Investigators (PIs), who will be able to leverage a robust and secure data collection system, free of charge, to manage applications to their projects, and reduce administrative costs for existing PIs.

(4) To provide NSF's community of stakeholders (including PIs, Co–PIs, and NSF program officers and leadership) with timely access to data analytics on applicants and participants to inform decision making and support improvement efforts.

(5) To enable longitudinal tracking of outputs and outcomes to assess the effectiveness of NSF's education and training activities and inform decisions.

(6) To provide demographic data that NSF can use to ensure equitable representation of groups that are traditionally underrepresented in science, technology, engineering, and mathematics (STEM).

(7) To recognize the achievements of distinguished individuals, their actions, products, or ideas and disseminate information of relevant opportunities to support individuals' careers in STEM.

(8) To support NSF efforts to disseminate information about the agency's education and training opportunities, as appropriate, and about the effectiveness of its activities.

(9) To provide data that may be used for NSF compliance with applicable laws and policies, and conflict of interest management.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

This system contains information on members of the public interested in participating in education and training opportunities supported by NSF. These include individuals who apply to, participate in, and/or are supported by NSF education and training programs, projects and activities, including but not limited to students, other youth and early career individuals, teachers, higher education faculty, mentors, administrators, and parents/legal guardians (where applicable). The system also maintains information on individuals engaged in the management and implementation of those opportunities, including PIs and Co–PIs of NSF awards and their designees involved in recruitment and selection of program participants. The system covers these individuals only to the extent that the records are about the individual and are retrieved from the system by that individual's name or other personally assigned identifier.

CATEGORIES OF RECORDS IN THE SYSTEM:

Records vary by categories of individuals and, for applicants, the type of education and training opportunities to which they are applying. Records may include information such as individuals' names, contact information, date of birth, demographic information, parental education and occupation, higher education degree information, school/institution names, academic records, college financial aid information, prior research experiences, work experience (if a teacher: including school name, teaching grade and subject, years of teaching experience, teaching certification), awareness of a given program, opportunity applying for, preferences for data sharing with other NSF opportunities for which they have not applied, additional materials requested by PIs (which may include personal statement, transcripts, CV or résumé, references' contact information, and other materials), reference letters of support (relationship with applicant, applicant skills and abilities assessments, and letter of recommendation), admission decisions, acceptances, participation, and NSF funding, program experiences (weeks spent in program, support from faculty and staff, program activities, type of mentor, time spent with mentor, experiences with mentor, benefits of program, satisfaction with experience) and feedback, and employment information. In addition, records may include information about the opportunity, including its NSF award/proposal ID and its associated metadata, such as opportunity name, location, external website link, application window, application type (open competition or invitation-only), opportunity start and end date, description of the opportunity, eligibility requirements and certification, fields of study, and research topics or keywords.

RECORD SOURCE CATEGORIES:

Individuals registering with NSF (1) to apply and participate in NSF education and training opportunities ( e.g., prospective applicants and participants), or (2) to create, manage, or administer such opportunities ( e.g., PIs, Co–PIs, and their designated individuals, NSF staff and external qualified reviewers). System data on individuals may be collected from the individuals directly, from third-party individuals or entities, or be derived from other related NSF systems of records ( e.g., PI and reviewer files, see NSF–50 and –51, respectively).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

The following NSF standard routine uses apply:

1. Members of Congress. Information from a system may be disclosed to congressional offices in response to inquiries from the congressional offices made at the request of the individual to whom the record pertains.

2. Freedom of Information Act/Privacy Act Compliance. Information from a system may be disclosed to the Department of Justice or the Office of Management and Budget in order to obtain advice regarding NSF's obligations under the Freedom of Information Act and the Privacy Act.

3. Counsel. Information from a system may be disclosed to NSF's legal representatives, including the Department of Justice and other outside counsel, where the agency is a party in litigation or has an interest in litigation and the information is relevant and necessary to such litigation, including when any of the following is a party to the litigation or has an interest in such litigation: (a) NSF, or any component thereof; (b) any NSF employee in his or her official capacity; (c) any NSF employee in his or her individual capacity, where the Department of Justice has agreed to, or is considering a request to, represent the employee; or (d) the United States, where NSF determines that litigation is likely to affect the agency or any of its components.

4. National Archives, General Services Administration. Information from a system may be disclosed to representatives of the General Services Administration and the National Archives and Records Administration (NARA) during the course of records management inspections conducted under the authority of 44 U.S.C. 2904 and 2906.

5. Response to an Actual or Suspected Compromise or Breach of Personally Identifiable Information. NSF may disclose information from the system to appropriate agencies, entities, and persons when: (1) NSF suspects or has confirmed that there has been a breach of the system of records; (2) NSF has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals; NSF (including its information systems, programs, and operations); the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is Start Printed Page 73050 reasonably necessary to assist in connection with NSF efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm. Furthermore, NSF may disclose information from the system to another Federal agency or Federal entity, when NSF determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in: (1) Responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

6. Courts. Information from a system may be disclosed to the Department of Justice or other agencies in the event of a pending court or formal administrative proceeding, when the information is relevant and necessary to that proceeding, for the purpose of representing the government, or in the course of presenting evidence, or the information may be produced to parties or counsel involved in the proceeding in the course of pre-trial discovery.

7. Contractors. Information from a system may be disclosed to contractors, agents, experts, consultants, or others performing work on a contract, service, cooperative agreement, job, or other activity for NSF and who have a need to access the information in the performance of their duties or activities for NSF.

8. Audit. Information from a system may be disclosed to government agencies and other entities authorized to perform audits, including financial and other audits, of the agency and its activities.

9. Law Enforcement. Information from a system may be disclosed, where the information indicates a violation or potential violation of civil or criminal law, including any rule, regulation or order issued pursuant thereto, to appropriate Federal, State, or local agencies responsible for investigating, prosecuting, enforcing, or implementing such statute, rule, regulation, or order.

10. Disclosure When Requesting Information. Information from a system may be disclosed to Federal, State, or local agencies which maintain civil, criminal, or other relevant enforcement information or other pertinent information, such as current licenses, if necessary, to obtain information relevant to an agency decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant, or other benefit.

11. To the news media and the public when: (1) A matter has become public knowledge, (2) the NSF Office of the Director determines that disclosure is necessary to preserve confidence in the integrity of NSF or is necessary to demonstrate the accountability of NSF's officers, employees, or individuals covered by this system, or (3) the Office of the Director determines that there exists a legitimate public interest in the disclosure of the information, except to the extent that the Office of the Director determines in any of these situations that disclosure of specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy.

In addition to the above standard routine uses, information may be routinely disclosed:

12. To PIs, Co–PIs, and their designated individuals (for opportunities funded through NSF awards), and NSF staff and external qualified reviewers (for opportunities administered by NSF) for their assessment of applicants or nominees (and their application materials, where applicable), including in the case of individuals who have expressed interest in such opportunity or provided consent to be contacted by opportunities they have not applied for, as part of the application review process and to support operations; and to other Government agencies or other entities needing information regarding the applicants or nominees as part of a joint application review process, or in order to coordinate programs or policy.

13. To NSF partners, affiliates, or grantees, as well as other entities to merge records, to carry out studies for, or to otherwise assist NSF with program management, implementation, evaluation, or reporting.

14. To applicants (including the individual nominee or ultimate participant), their nominators or reference writers, and the institution they are applying to, attending, planning to attend, or employed by, who may be given information (such as name, field of study, and other information directly relating to the NSF opportunity, review status including the admission decision, time of participation, whether receiving international travel allowance or a mentoring assistantship), for purposes of facilitating application review and admissions decisions, administering the program or award, and supporting dissemination and student engagement activities.

15. To the Department of Treasury for preparation of checks or electronic fund transfer authorizations in the case of participants receiving stipends directly from the Government.

16. To the National Student Clearinghouse, for tracking applicants and participants through their postsecondary enrollment and graduation trajectories, and other third-party entities, for the purposes of validating contact information, disambiguating records, or cross-checking of information, and tracking education or employment outcomes.

17. To an agency or other organization or unit, such as the National Center for Science and Engineering Statistics (NCSES), for the purposes of merging or linking needed data for monitoring, research, or evaluation purposes, to the extent authorized by applicable privacy and security laws, regulations, and NSF policies and guidance.

18. To the public, about an individual's involvement with NSF education and training programs ( e.g., participant name, baccalaureate institution, current institution, and field of study) for purposes of media releases or other public announcements about these programs. Other information about the individual's involvement in these programs may be publicly disclosed with written consent of that individual (or, where applicable, the individual's legal guardian or other legal representative).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records are stored on electronic digital media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records are retrieved by name, date of birth, email, identification number, zip code, state, or institution.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

This System of Records is governed by one or more general and/or NSF-specific (Record Group RG–0307) records retention schedules approved by the National Archives and Records Administration (NARA) and applicable to NSF proposal, reviewer, and grant files and related administrative records. These schedules can be found at https://archives.gov.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

The National Science Foundation's IT Security and Privacy program includes policies, plans, training, and technical safeguards to protect sensitive information, including personally Start Printed Page 73051 identifiable information (PII). NSF routinely reviews PII in IT systems in addition to monitoring technical, physical, and administrative controls in place to assure that PII is appropriately protected. NSF's major applications and general support systems are assessed and authorized by NSF's continuous monitoring and ongoing authorization program. The authorization process requires a thorough security and privacy control review.

All NSF systems are covered by a system security plan, and major applications and general support systems are authorized to operate. Applications and devices hosted on the NSF network are subjected to extensive vulnerability scanning and compliance checking against standard security configurations. Robust virus protection capabilities, anti-malware, and network intrusion detection and prevention devices provide 24/7 protection against external threats. NSF's strong access controls ensure that resources are made available only to authorized users, programs, processes or systems by reference to rules of access that are defined by attributes and policies.

NSF uses the capabilities of a Trusted internet Connections (TIC) compliant provider for routing agency network traffic and uses the federally provided intrusion detection system (IDS), including advanced continuous monitoring and risk management analysis. NSF has a well-established computer security incident response program. NSF's incident response procedures include a strong digital forensics capability to investigate and review data and identify relevant evidence and malicious activity.

RECORD ACCESS PROCEDURES:

Follow the procedures found at 45 CFR part 613 (NSF Privacy Act Regulations).

CONTESTING RECORD PROCEDURES:

Follow the procedures found at 45 CFR part 613.

NOTIFICATION PROCEDURES:

See 45 CFR part 613.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

None.