[Federal Register Volume 64, Number 207 (Wednesday, October 27, 1999)]
[Proposed Rules]
[Pages 57825-57826]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 99-28006]
=======================================================================
-----------------------------------------------------------------------
FEDERAL TRADE COMMISSION
16 CFR Part 4
Privacy Act of 1974; Implementation
AGENCY: Federal Trade Commission (FTC).
ACTION: Proposed rule amendment and request for comment.
-----------------------------------------------------------------------
SUMMARY: The FTC proposes to amend its Privacy Act rules to add a new
system of records that will be used to compile and maintain identity
theft complaint data. This new exempt system of records is necessary to
implement the requirements of the Identity Theft and Assumption
Deterrence Act of 1998. The exemption will help prevent individuals
suspected of engaging in identity theft from obtaining access to
complaint data.
DATES: Comments must be received by November 26, 1999.
ADDRESSES: Submit comments in writing to the Office of the Secretary,
Federal Trade Commission, 600 Pennsylvania Avenue, NW, Washington, DC
20580, ``FTC File No. P994320, Identity Theft Program--Comment.''
FOR FURTHER INFORMATION CONTACT: Alex Tang, Attorney, Office of the
General Counsel, FTC, 600 Pennsylvania Avenue, NW, Washington, DC
20580, (202) 326-2447. For more information about the Commission's
identity theft program, contact Beth Grossman, (202) 326-3019, or
Joanna Crane, (202) 326-3258, Attorneys, Division of Planning &
Information, Bureau of Consumer Protection, FTC, 600 Pennsylvania
Avenue, NW, Washington, DC 20580.
SUPPLEMENTARY INFORMATION: Elsewhere in today's Federal Register, the
FTC, in accordance with the Privacy Act of 1974, as amended, 5 U.S.C.
552a, is publishing a notice of a new agency system of records, to be
designated as FTC-IV-2, ``Identity Theft Complaint Management System--
FTC.'' This system will enable the FTC to fulfill its statutory
responsibilities under section 5 of the Identity Theft and Assumption
Deterrence Act of 1998, Public Law 105-318, 112 Stat. 3007, 3010, 18
U.S.C. 1028 note (``ITADA''), which designates the FTC as a
clearinghouse for the receipt and referral of identity theft
[[Page 57826]]
complaints and requires that the FTC establish procedures: (1) To log
and acknowledge receipt of complaints from individuals who certify that
they have a reasonable belief that one or more of their means of
identification have been assumed, stolen, or otherwise unlawfully
acquired in violation of the statute; (2) to provide informational
materials to such individuals; and (3) to refer such complaints to
``appropriate entities.'' Under the statute, these entities include,
but are not limited to, the three major national consumer reporting
agencies (currently Equifax, Experian and Trans Union), and appropriate
law enforcement agencies for potential law enforcement action.
The Commission believes that the identity theft complaint data
contained in this system must be exempted under the Privacy Act to
prevent certain categories of individuals who will be covered by the
system (i.e., targets of complaints) from invoking the Act to obtain
access to complaint files that may pertain to their activities. A
principal purpose for compiling these complaint files is for law
enforcement, since these complaints focus on specific instances of
suspected illegal identity theft. In many cases, these complaints will
be referred to other law enforcement authorities, as required by the
ITADA, and in certain cases, may also be relevant to Commission
investigations. Under these circumstances, disclosure of the complaint
file to a target would harm or otherwise interfere with law enforcement
efforts. For example, if the complaint data were not exempted from
access, a target could anticipate and evade prosecution by learning
about actual or potential law enforcement referrals, investigations, or
other actions from information maintained in the complaint file. Such
access to the file could also inadvertently facilitate further identity
theft or retaliation by enabling the target to ascertain or confirm
sensitive personal information submitted by and being maintained about
the identity theft victim or about other informants. Thus, the
Commission proposes to exempt this system of records under 5 U.S.C.
552a(k)(2), and to amend Commission Rule 4.13(m), 16 CFR 4.13(m), to
include this system in its inventory of exempt systems. The Commission,
however, reserves the sole discretion to permit access to categories of
individuals covered by the system other than targets (e.g.,
complainants or other individual informants) with respect to
information that was provided by such individuals in order to correct,
update or verify the accuracy of the information or for other related
purposes.
Pursuant to 5 U.S.C. 552a(r), the Commission is providing notice of
this proposal to the appropriate committees of the House of
Representatives and the Senate, and to the Office of Management and
Budget.
List of Subjects in 16 CFR Part 4
Administrative practice and procedure, Freedom of Information,
Privacy, Records, Sunshine Act.
PART 4--MISCELLANEOUS RULES
1. The authority for part 4 continues to read:
Authority: 15 U.S.C. 46, unless otherwise noted.
2. Amend Sec. 4.13 by revising paragraph (m)(2) to read as follows:
Sec. 4.13 Privacy Act rules.
* * * * *
(m) * * *
(2) Pursuant to 5 U.S.C. 552a(k)(2), investigatory materials
compiled for law enforcement purposes in the following systems of
records are exempt from subsections (c)(3), (d), (e)(1), (e)(4)(G),
(H), and (I), and (f) of 5 U.S.C. 552a, and from the provisions of this
section, except as otherwise provided in 5 U.S.C. 552a(k)(2):
Investigational, Legal, and Public Records--FTC
Disciplinary Action Investigatory Files--FTC
Clearance to Participate Applications and the Commission's Responses
Thereto, and Related Documents--FTC
Management Information System--FTC
Office of the Secretary Control and Reporting System--FTC
Office of Inspector General Investigative Files--FTC
Stenographic Reporting Service Requests--FTC
Identity Theft Complaint Management System--FTC
Freedom of Information Act Requests and Appeals--FTC
Privacy Act Requests and Appeals--FTC
Information Retrieval and Indexing System--FTC
* * * * *
By direction of the Commission.
Donald S. Clark,
Secretary.
[FR Doc 99-28006 Filed 10-25-99; 10:38 am]
BILLING CODE 6750-01-P
