SUPPLEMENTARY INFORMATION:

I. Background

The U.S. Department of Homeland Security (DHS) Federal Emergency Management Agency (FEMA) published a Notice of Proposed Rulemaking (NPRM) in the Federal Register , 86 FR 15138, March 22, 2021, proposing to exempt portions of the system of records from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements. The system of records is the DHS/FEMA-015 Fraud Investigations System of Records. The DHS/FEMA-015 Fraud Investigations System of Records Notice (SORN) was published concurrently in the Federal Register , 86 FR 15237, on March 22, 2021, and comments were invited on the NPRM and SORN.

II. Public Comments

DHS/FEMA received a total of one public comment. The one comment was received on the NPRM.

NPRM

DHS/FEMA received one public comment in support of the NPRM. The individual noted that they were “in agreeance with this proposed regulation. However, the individual also cited concerns about the parameters or stipulations from which a fraud investigation can be launched. The publication process for the Fraud Investigations SORN, as required by the Privacy Act, promotes the accountability, responsibility, legislative oversight, and open government requested by the commenter. In addition to the publication of the Fraud Investigations SORN in the Federal Register , FEMA also provides transparency into its systems by publishing Privacy Impact Assessments (PIA). PIAs are conducted in accordance with the E-Government Act of 2002 (Pub. L. 107-347) by FEMA Privacy personnel, are reviewed by the DHS Privacy Office, and signed by the DHS Chief Privacy Officer. PIAs describe how FEMA information technology systems work, what information they collect, how FEMA uses that information, any external parties with whom the information is shared, and the privacy risks and corresponding mitigations employed by FEMA. All DHS and FEMA PIAs are published on the DHS website, www.dhs.gov/​privacy.

SORN

DHS received no comments on the SORN. After consideration of the one public comment, the Department will implement the rulemaking as proposed.

For the reasons stated in the preamble, DHS/FEMA amends Chapter I of Title 6, Code of Federal Regulations, as follows:

1. The authority citation for part 5 continues to read as follows:

Authority: 6 U.S.C. 101 et seq.;Pub. L. 107-296, 116 Stat. 2135; 5 U.S.C. 301. 6 U.S.C. 142; DHS Del. No. 13001, Rev. 01 (June 2, 2020).

Subpart A also issued under 5 U.S.C. 552.

Subpart B also issued under 5 U.S.C. secs. 552a and 552 note.

2. In appendix C to part 5, add paragraph 90 to read as follows:

Appendix C to Part 5—DHS Systems of Records Exempt From the Privacy Act

90. The DHS/FEMA-015 Fraud Investigations System of Records consists of electronic and paper records that DHS and its components will use. The DHS/FEMA-015 Fraud Investigations System of Records is a repository of information held by DHS in connection with its several and varied missions and functions, including, but not limited to, the enforcement of civil and criminal laws; investigations, inquiries, and proceedings there under; national security and intelligence activities; and protection of the President of the U.S. or other individuals pursuant to Section 3056 and 3056A of Title 18. The DHS/FEMA-015 Fraud Investigations System of Records contains information that is collected by, on behalf of, in support of, or in cooperation with DHS and its components and may contain personally identifiable information collected by other federal, state, local, tribal, foreign, or international government agencies. The Secretary of Homeland Security, pursuant to 5 U.S.C. 522a (k)(2), has exempted this system from the following provisions of the Privacy Act, subject to limitations set forth in 5 U.S.C. secs. 552a(c)(3); (d); (e)(1); (e)(4)(G); (e)(4)(H); (e)(4)(I); and (f). When a record received from another system has been exempted in that source system under 5 U.S.C. 552a(j)(2), DHS will claim the same exemptions for those records that are claimed for the original primary systems of records from which they originated and claims any additional exemptions set forth here. ( print page 91248)

Exemptions from these particular subsections are justified on a case-by-case basis to be determined at the time a request is made for the following reasons:

(a) From subsection (c)(3) (Accounting for Disclosures) because the release of the accounting of disclosures could alert the subject of an investigation of an actual or potential criminal, civil, or regulatory violation to the existence of the investigation and reveal investigative interest on the part of DHS as well as the recipient agency. Disclosure of the accounting would, therefore, present a serious impediment to law enforcement efforts and/or efforts to preserve national security. Disclosure of the accounting would also permit the individual who is the subject of a record to impede the investigation, tamper with witnesses or evidence, and avoid detection or apprehension, which would undermine the entire investigative process.

(b) From subsection (d) (Access and Amendment to Records) because access to the records contained in this system of records could apprise the subject of an investigation of an actual or potential criminal, civil, or regulatory violation to the existence of the investigation and reveal investigative interest on the part of DHS or another agency. Access to the records could permit the individual who is the subject of a record to impede the investigation, tamper with witnesses or evidence, and avoid detection or apprehension. Amendment of the records could interfere with ongoing investigations and law enforcement activities and impose an unreasonable administrative burden by requiring investigations to be continually reinvestigated. In addition, permitting access and amendment to such information could disclose security-sensitive information that could be detrimental to homeland security.

(c) From subsection (e)(1) (Relevancy and Necessity of Information) because in the course of investigations into potential violations of federal law, the accuracy of information obtained or introduced occasionally may be unclear, or the information may not be strictly relevant or necessary to a specific investigation. In the interests of effective law enforcement, it is appropriate to retain all information that may aid in establishing patterns of unlawful activity.

(d) From subsections (e)(4)(G), (e)(4)(H), and (e)(4)(I) (Agency Requirements) and (f) (Agency Rules), because portions of this system are exempt from the individual access provisions of subsection (d) for the reasons noted above, and DHS is therefore not required to establish requirements, rules, or procedures with respect to such access. Providing notice to individuals concerning the existence of records about them in the system of records or otherwise setting up procedures pursuant to which individuals may access and view records pertaining to themselves in the system would undermine investigative efforts and reveal the identities of witnesses, potential witnesses, and confidential informants.