AGENCY:

Office of the Departmental Chief Information Officer, Office of the Secretary of Transportation, DOT.

ACTION:

Notice of Privacy Act modified system of records and rescission of system of records.

SUMMARY:

In accordance with the Privacy Act of 1974, the Department of Transportation proposes to update and reissue a current Department of Transportation system of records titled, “Department of Transportation—DOT/ALL 017 Freedom of Information Act (FOIA) and Privacy Act Case Files System of Records.” The Department also intends to consolidate the following legacy system, “DOT/MARAD 003 Freedom of Information and Privacy Request Records” as part of the same and rescind DOT/MARAD 003.

This system of records will allow the Department of Transportation, to include its Operating Administrations, the Office of the Inspector General, and Secretarial Offices, to collect and retain records and related correspondence on individuals who have filed requests for information under the Freedom of Information Act and Privacy Act of 1974, including requests for review of final denials of such requests. As a result of a biennial review of this system, records have been updated within the following sections; Security Classification to include classified and sensitive records, Categories of Individuals to include individuals making requests on behalf of the subject individual and individuals whose requests have been referred to the Department for processing by other agencies as well as individuals involved in processing and responding to requests and/or appeals, Categories of Records to provide greater clarity of the type of records and information included in the system, Purposes to include responding to litigation associated with requests, and other activities required to assist the Department in executing its responsibilities, Routine Uses to include three new routine uses to support processing of FOIA and Privacy Act requests, appeals and amendments, and to facilitate understanding of DOT processes, Retrievability to expand the set of identifiers that may be used to retrieve cases, System Manager to provide information on where to find operating administration specific contacts, and Exemptions Claimed to clarify that records requested from other systems are not part of this system of records. Additionally, this notice includes non-substantive changes to simplify the language, formatting, and text of the previously published notice to align with the requirements of Office of Memorandum and Budget Memoranda A-108. This updated system, titled Freedom of Information Act and Privacy Act Case Files, will be included in the Department of Transportation's inventory of record systems.

DATES:

Written comments should be submitted on or before March 18, 2019. The Department may publish an amended Systems of Records Notice in light of any comments received. This new system will be applicable March 18, 2019.

ADDRESSES:

You may submit comments, identified by docket number DOT-OST-2018-0155 by any of the following methods:

• Federal e-Rulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• Mail: Docket Management Facility, U.S. Department of Transportation, 1200 New Jersey Ave. SE, West Building Ground Floor, Room W12-140, Washington, DC 20590-0001.
• Hand Delivery or Courier: West Building Ground Floor, Room W12-140, 1200 New Jersey Ave. SE, between 9 a.m. and 5 p.m. ET, Monday through Friday, except Federal Holidays.
• Fax: (202) 493-2251.

Instructions: You must include the agency name and docket number DOT-OST-2018-0155. All comments received will be posted without change to http://www.regulations.gov,, including any personal information provided.

Privacy Act: Anyone is able to search the electronic form of all comments received in any of our dockets by the name of the individual submitting the comment (or signing the comment, if submitted on behalf of an association, business, labor union, etc.). You may review the Department of Transportation's complete Privacy Act statement in the Federal Register published on April 11, 2000 (65 FR 19477-78), or you may visit http://DocketsInfo.dot.gov.

Docket: For access to the docket to read background documents or comments received, go to http://www.regulations.gov or to the street address listed above. Follow the online instructions for accessing the docket.

FOR FURTHER INFORMATION CONTACT:

For questions, please contact: Claire W. Barrett, Departmental Chief Privacy Officer, Office of the Chief Information Officer, Department of Transportation, Washington, DC 20590; privacy@dot.gov; or 202.527.3284.

SUPPLEMENTARY INFORMATION:

I. Background

In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the Department of Transportation (DOT)/Office of the Secretary (OST) proposes to update and reissue a current DOT wide system of records titled, “Department of Transportation/ALL—017 Freedom of Information Act and Privacy Act Case Files.” The Department also intends to rescind the following legacy system, “DOT/MARAD 003 Freedom of Information and Privacy Request Records” and consolidate records managed under that Notice as part of the same.

The updated system of records consists of information created and used by the Department's Freedom of Information Act (FOIA) and Privacy Act (PA) staff to process requests as well as to manage the FOIA and PA programs.

The publication of this updated system of records notice supports DOT efforts to ensure that all DOT Operating Administrations, Secretarial Offices, and the Office of the Inspector General implement their Privacy Act obligations Start Printed Page 4606and processes for collecting and handling FOIA and PA records in a consistent manner.

Changes to the notices Categories of Records, Categories of Individuals, Purposes, and Retrievability improve the transparency of, but do not reflect substantive changes to, the Notice. The Security Classification section has been modified to be comprehensive inclusive of all the types of records that may be integrated into a case file in terms of records collected that may be responsive to a FOIA and/or PA request. The FOIA and PA case files themselves remain unclassified. The Department is proposing three new Routine Uses to bolster Department transparency and efficiency of its FOIA and Privacy Act programs. The first proposed Routine Use supports efforts to promote appropriate application of access and appeals rights under the Privacy Act. The Department is also proposing a Routine Use to allow disclosure of “FOIA logs” (including requester names, case number) to the public to facilitate understanding of DOT FOIA processes. The Department is proposing an additional Routine Use, which would permit the sharing of initial requestor letters to submitters of responsive records to solicit input about the application of FOIA exemptions, like FOIA Exemption 4, to requested records submitted to the Department. The Department also intends to include a Routine Use to permit the Department to share information with the Office of Government Information Services (OGIS) for the purpose of resolving disputes between requesters seeking information under the Freedom of Information Act (FOIA) and DOT, or OGIS' review of DOT's policies, procedures, and compliance with FOIA. OGIS was created to resolve disputes related to FOIA processing, and FOIA requesters contact OGIS for assistance with FOIA matters. Therefore, sharing records from this system with OGIS for these purposes is compatible with the purpose of collection.

This Notice also includes several of DOT's General Routine Uses, to the extent they are compatible with the purposes of this System. As recognized by the Office of Management and Budget (OMB) in its Privacy Act Implementation Guidance and Responsibilities (65 FR 19746, July 9, 1975), the routine uses include all proper and necessary uses of information in the system, even if such uses occur infrequently. The DOT has included in this SORN routine uses for disclosures to law enforcement when the record, on its face, indicates a violation of law, to DOJ for litigation purposes, or when necessary in with investigating or responding to a breach of this system or other agencies' systems. DOT must take appropriate action to address any apparent violations of the law, and to share information with legal counsel in the Department of Justice when necessary for litigation. The OMB has long recognized that these types of routine uses are “proper and necessary” uses of information and qualify as compatible with agency systems. 65 FR 19476. In addition, by OMB Memorandum M-17-12, OMB directed agencies to include routine uses that will permit sharing of information when needed to investigate, respond to, and mitigate a breach of a Federal information system. The Department also has included routine uses that permit sharing with the National Archives and Records Administration when necessary for an inspection, to any Federal government agency engaged in audit or oversight related to this system, or when DOT determines that the disclosure will detect, prevent, or mitigate terrorism activity. These types of disclosures are necessary and proper uses of information in this system because they further DOT's obligation to fulfil its records management and program management responsibilities by facilitating accountability to agencies charged with oversight in these areas, and the Department's obligation under Intelligence Reform and Terrorism Prevention Act of 2004, Public Law 108-456, and Executive Order 13388 (Oct. 25, 2005) to share information necessary and relevant to detect, prevent, disrupt, preempt, or mitigate the effects of terrorist activities against the territory, people, and interests of the United States. Finally, this system includes a routine use to permit sharing with our contractors, consultants, experts, grantees, and others when necessary to fulfill a DOT function related to this System. Agencies routinely engage assistance of these types of individuals in the fulfillment of their duties, such as contract support necessary to maintain the database in which these records are housed. DOT relies on contract support to maintain this system, and disclosures for this purpose is compatible with the purpose of the collection—to maintain a system that tracks consumer complaints.

The System Manager and Address information have been updated to reflect the current location of DOT records. DOT no longer claims any exemptions for this system, however, records responsive to FOIA and Privacy Act requests that are part of this System of Records would be subject to any exemptions identified in the originating System of Records Notice.

This updated system will be included in DOT's inventory of record systems.

II. Privacy Act

The Privacy Act (5 U.S.C. 552a) governs the means by which the Federal Government collects, maintains, and uses personally identifiable information (PII) in a System of Records. A “System of Records” is a group of any records under the control of a Federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish in the Federal Register a System of Records notice (SORN) identifying and describing each System of Records the agency maintains, including the purposes for which the agency uses PII in the system, the routine uses for which the agency discloses such information outside the agency, and how individuals to whom a Privacy Act record pertains can exercise their rights under the Privacy Act (e.g., to determine if the system contains information about them and to contest inaccurate information).

In accordance with 5 U.S.C. 552a(r), DOT has provided a report of this system of records to the Office of Management and Budget and to Congress.

II. Privacy Act

The Privacy Act (5 U.S.C. 552a) governs the means by which the Federal Government collects, maintains, and uses personally identifiable information (PII) in a System of Records. A “System of Records” is a group of any records under the control of a Federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish in the Federal Register a System of Records notice (SORN) identifying and describing each System of Records the agency maintains, including the purposes for which the agency uses PII in the system, the routine uses for which the agency discloses such information outside the agency, and how individuals to whom a Privacy Act record pertains can exercise their rights under the Privacy Act (e.g., to determine if the system contains information about them and to contest inaccurate information).Start Printed Page 4607

In accordance with 5 U.S.C. 552a(r), DOT has provided a report of this system of records to the Office of Management and Budget and to Congress.

SYSTEM NAME AND NUMBER

Department of Transportation (DOT)/ALL-14, Freedom of Information and Privacy Act Case Files.

SECURITY CLASSIFICATION:

Unclassified, classified, controlled unclassified.

SYSTEM LOCATION:

Records are maintained at the Department of Transportation and in component offices of the Department of Transportation in both Washington, DC and field offices.

SYSTEM MANAGER AND ADDRESS:

For requests for records for Offices of the Secretary, Departmental Freedom of Information Act Officer, Department of Transportation, 1200 New Jersey Avenue SE, Room W94-122, Washington, DC 20590. For all other Operating Administrations see www.transportation.gov/​foia under “DOT FOIA Service Centers and Liaisons.”

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 552, Freedom of Information Act, as amended; 5 U.S.C. 552a, the Privacy Act of 1974, as amended.

PURPOSE(S):

The purpose of this system is to process individuals' record requests and administrative appeals under the Freedom of Information Act (FOIA) and requests for access to or amendment of records under the Privacy Act (PA). Records may also be used to support DOT participation in litigation arising from such requests and appeals, and in assisting DOT in carrying out any other responsibilities under the Freedom of Information Act or Privacy Act.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals who submit FOIA and/or PA requests and administrative appeals to DOT.

CATEGORIES OF RECORDS IN THE SYSTEM:

Categories of records in this system relate to records received, created, and compiled in processing FOIA and PA requests, including:

• Records and related correspondence to/from individuals who have filed requests for information under provisions of the FOIA and/or PA, including initial requests and requests for review of initial denials of such requests;
• Correspondence with individuals or entities that submitted requested records;
• Documents relevant to appeals and lawsuits under FOIA and PA including from Department of Justice and other government litigators.

RECORD SOURCE CATEGORIES:

Records are obtained directly from those individuals who submit initial requests and administrative appeals pursuant to FOIA and PA, and DOT personnel who handle such requests and appeals.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DOT as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

System Specific Routine Uses

1. To another Federal agency (a) with an interest in the record in connection with a referral of a FOIA request to that agency for its views or decisions on disclosure or (b) in order to obtain advice and recommendations concerning matters on which the agency has specialized experience or particular competence that may be useful to DOT in making required determinations under the FOIA.

2. To a Federal, State, territorial, tribal, local, international, or foreign agency or entity for the purpose of consulting with that agency or entity;

a. To assist in making a determination regarding access to or amendment of information, or

b. For the purpose of verifying the identity of an individual or the accuracy of information submitted by an individual who has requested access to or amendment of records maintained in other DOT Privacy Act system of records.

3. To members of the public to facilitate understanding of DOT FOIA processes. Such release will be limited to “FOIA logs” and may include the request number, date of receipt, name of individual or organization making the request, a description of the information sought, response date, and the type of response.

4. To submitters of records for purposes of determining the applicability of FOIA exemptions, such as Exemption 4, to the records. Such release will be limited to initial request letters.

5. To the Office of Government Information Services (OGIS) for the purpose of resolving disputes between requesters seeking information under the Freedom of Information Act (FOIA) and DOT, or OGIS' review of DOT's policies, procedures, and compliance with FOIA.

Department General Routine Uses

6. To the appropriate agency, whether Federal, State, local, or foreign, charged with the responsibility of implementing, investigating, prosecuting, or enforcing a statute, regulation, rule or order, when a record in this system indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, including any records from this system relevant to the implementation, investigation, prosecution, or enforcement of the statute, regulation, rule, or order that was or may have been violated;

7. To a Federal, State, or local agency maintaining civil, criminal, or other relevant enforcement information or other pertinent information, such as current licenses, if necessary for DOT to obtain information relevant to a DOT decision concerning the hiring or retention or an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant or other benefit;

8. To a Federal agency, upon its request, in connection with the requesting Federal agency's hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation or an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information requested is relevant and necessary to the requesting agency's decision on the matter;

9. To the Department of Justice, or any other Federal agency conducting litigation, when (a) DOT, (b) any DOT employee, in his/her official capacity, or in his/her individual capacity if the Department of Justice has agreed to represent the employee, or (c) the United States or any agency thereof, is a party to litigation or has an interest in litigation, and DOT determines that the use of the records by the Department of Justice or other Federal agency conducting the litigation is relevant and necessary to the litigation; provided, however, that DOT determines, in each case, that disclosure of the records in the litigation is a use of the information contained in the records that is compatible with the purpose for which the records where collected.

10. To parties in proceedings before any court or adjudicative or administrative body before which DOT appears when (a) DOT, (b) any DOT employee in his or her official capacity, or in his or her individual capacity Start Printed Page 4608where DOT has agreed to represent the employee, or (c) the United States or any agency thereof is a party to litigation or has an interest in the proceeding, and DOT determined that is relevant and necessary to the proceeding; provided, however, that DOT determines, in each case, that disclosure of the records in the proceeding is a use of the information contained in the records that is compatible with the purpose for which the records where collected.

11. To the National Archives and Records Administration for an inspection under 44 U.S.C. 2904 and 2906.

12. To another agency or instrumentality of any government jurisdiction for use in law enforcement activities, either civil or criminal, or to expose fraudulent claims; however, this routine use only permits the disclosure of names pursuant to a computer matching program that otherwise complies with the requirements of the Privacy Act.

13. To the Attorney General of the United States, of his/her designee, information indicating that a person meets any of the qualifications for receipt, possession, shipment, or transport of a firearm under the Brady Handgun Violence Prevention Act. Should the validity of the information DOT provides to the Attorney General or his/her designee be disputed, DOT may disclose to that National Background Information Check System, established by the Brady Handgun Violence Prevention Act, any information from this system necessary to resolve the dispute.

14. To appropriate agencies, entities, and persons, when (1) DOT suspects or has confirmed that there has been a breach of the system of records; (2) DOT has determined that as a result of the suspected or confirmed compromise there is a risk of harm to individuals, DOT (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, or persons is reasonably necessary to assist in connection with DOT's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

15. To DOT's contractors and their agents, DOT's experts, consultants, and others performing or working on a contract, service, cooperative agreement, or other assignment for DOT, when necessary to accomplish an agency function related to this system of records.

16. To an agency, organization, or individual for the purpose of performing an audit or oversight related to this system or records, provided that DOT determines the records are necessary and relevant to the audit or oversight activity. This routine use does not apply to intra-agency sharing authorized under Section (b)(1) of the Privacy Act.

17. To a Federal, State, local, tribal, foreign government, or multinational agency, either in response to a request or upon DOT's initiative, terrorism information (6 U.S.C. 485(a)(5)), homeland security information (6 U.S.C. 482(f)(1)), or law enforcement information (Guideline 2, report attached to White House Memorandum, “Information Sharing Environment,” Nov. 22, 2006), when DOT finds that disclosure of the record is necessary and relevant to detect, prevent, disrupt, preempt, or mitigate the effects of terrorist activities against the territory, people, and interests of the United States, as contemplated by the Intelligence Reform and Terrorism Prevention Act of 2004, Public Law 108-456, and Executive Order 13388 (Oct. 25, 2005).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records in this system are stored electronically and/or on paper in secure facilities. Electronic records may be stored on magnetic disc, tape, digital media, and CD-ROM.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records may be retrieved by the name of the individual who made the request/appeal, the name of the authorized representative making a request/appeal on behalf of the individual, the case tracking or control number assigned to the request or appeal, or chronologically by date of initial determination.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records will be retained and disposed in accordance with the National Archives and Records Administration (NARA) General Records Schedule (GRS) 4.2, Items 020 and 090, Information Access and Protection Records. Under Item 020, FOIA and PA requests for access to records are destroyed six years after final agency action or three years after final adjudication by the courts, whichever is later, but longer retention is authorized if required for business use. Under Item 090, PA amendment request files are destroyed with the records for which amendment was requested, or four years after the close of the case, whichever is later. Longer retention is authorized if required for business use.

ADMINISTRATIVE, TECHNICAL, AND SAFEGUARDS:

Records in this system are safeguarded in accordance with applicable rules and policies, including all applicable DOT automated systems security and access policies. Appropriate controls have been imposed to minimize the risk of compromising the information that is being stored. Access to records in this system is limited to those individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances or permissions.

RECORD ACCESS PROCEEDURES:

Individuals seeking access to any record contained in this system of records may submit a request in writing to the Departmental FOIA Office whose contact information is listed under the System manager for this notice. If an individual believes more than one component maintains Privacy Act records concerning him or her, the individual may submit the request to the Departmental Freedom of Information Act Office, U.S. Department of Transportation, Room W94-122, 1200 New Jersey Ave. SE, Washington, DC 20590, ATTN: FOIA request.

When seeking records about yourself from this system of records or any other Departmental system of records your request must conform with the Privacy Act regulations set forth in 49 CFR part 10. You must sign your request, and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. While no specific form is required, you may obtain forms for this purpose from the Chief Freedom of Information Act Officer, http://www.transportation.gov/​foia or 202.366.4542. In addition you should provide the following:

An explanation of why you believe the Department would have information on you;

• Identify which component(s) of the Department you believe may have the information about you;
• Specify when you believe the records would have been created;
• Provide any other information that will help the FOIA staff determine which DOT component agency may have responsive records; and

If your request is seeking records pertaining to another living individual, you must include a statement from that individual certifying his/her agreement for you to access his/her records.Start Printed Page 4609

Without this bulleted information the component(s) may not be able to conduct an effective search, and your request may be denied due to lack of specificity or lack of compliance with applicable regulations.

CONTESTING RECORD PROCEDURES:

Individuals seeking to contest the content of any record pertaining to him or her in the system may contact the System Manager following the procedures described in “Record Access Procedures” above.

NOTIFICATION PROCEDURES:

Individuals seeking notification of whether this system contains records about him or her may contact the System Manager following the procedures described in the “Record Access Procedures” above.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

No exemptions are claimed for the records associated with the administrative processing of FOIA and PA requests and appeals. During the course of a FOIA or PA action, copies of exempt materials from other systems of records may become part of the case records in this system. To the extent that copies of exempt records from those `other' systems of records are entered into the FOIA/PA case file, the same exemptions apply for those records, as are claimed for the original systems of records which they are a part.

HISTORY:

71 FR 35320 (June 19, 2006).