AGENCY:

Postal Service.

ACTION:

Notice of new system of records.

SUMMARY:

The purpose of this document is to publish notice of a new Privacy Act system of records, USPS 400.010, eServices Customer Program Records—USPS eServices Registration System (eRS). The new system contains records about individuals and companies who register to use Postal Service Internet-based services.

DATES:

Any interested party may submit written comments on the proposed new system of records. This proposal will become effective without further notice on May 9, 2001, unless comments received on or before that date result in a contrary determination.

ADDRESSES:

Written comments on this proposal should be mailed or delivered to Finance Administration/FOIA, United States Postal Service, 475 L'Enfant Plaza SW., Rm 8141, Washington, DC 20260-5202. Copies of all written comments will be available at the above address for public inspection and photocopying between 8 a.m. and 4 p.m., Monday through Friday.

FOR FURTHER INFORMATION CONTACT:

Robert J. Faruq at (202) 268-2608.

SUPPLEMENTARY INFORMATION:

The United States Postal Service (USPS) is developing a variety of services that have an Internet-based customer interface and/or service capability. USPS eServices Registration provides a centralized infrastructure platform and method for customers to register with the USPS in order to use these services. This notice establishes a new Privacy Act system of records, USPS 400.010, the USPS eServices Registration System, to cover records collected and maintained as a result of customers registering for USPS Internet-based services.

To register, a customer is required to fill out an e-Form presented via the eServices Registration portion of the USPS Web site (http://www.usps.com).

The USPS eServices Registration System standardizes a customer's registration process for all services that use it as a registration interface. It provides a customer the ability to register through one interface, making the registration process for various USPS applications convenient and efficient. While capturing application-specific user information for each online service offered by the USPS, the Start Printed Page 17452eServices Registration System will maintain a look and feel that is consistent with other USPS Web site interfaces.

When a customer registers for any of the services supported by eServices Registration, a single customer registration information file is created for the registering customer. eServices Registration manages the customer information that has been provided and cross-references common data elements between services from this record as authorized by the customer.

eServices Registration will cross reference data between applications so customers are not required to re-enter the same information each time they sign up for an additional service. If a user attempts to use an application, but has not previously registered for the service, the customer information specific to that application will be pre-populated with the user's current information, and the user will be required to enter only that additional information that is still needed by the new application. Once registered, the user will also be allowed to edit the information at any time.

Because the USPS eServices Registration System stores data in a central database, when a customer updates the registration information, the changes automatically become available for all applications that have authorization to access the information. In addition, through interconnection with (a) the USPS channel for customers who are moving to file an official Change of Address and (b) the Address Management System, each customer's address will be automatically standardized using approved postal formats and will be updated across applications recorded in the eRS.

General routine-use statements b, e, f, and j, listed in the prefatory statement at the beginning of the Postal Service's published system notices, apply to this system of records and are applicable to most of the Postal Service's systems of records in that they are disclosures routinely necessary to conduct business. These include the need to disclose information in litigation involving the Postal Service; to an agency contractor fulfilling an agency function; to a congressional office at the request of the records subject; and to outside auditors in connection with an audit of Postal Service finances. These general routine uses were last published in the Federal Register on October 26, 1989 (54 FR 43654-43655).

In addition, five routine uses have been added: Routine Use 1 permits disclosure to the Postal Service technology and/or service provider who is acting as an agent on behalf of the Postal Service. Routine Use 2 permits disclosure to a payee or financial institution for bill payment in conjunction with USPS electronic bill presentment and payment services. Routine Use 3 permits disclosure to an authorized credit bureau or another government agency for the purpose of identity verification. Routine Use 4 permits disclosure for law enforcement purposes, but only pursuant to a federal search warrant. Routine Use 5 permits disclosure pursuant to a federal court order.

The new system is not expected to have an adverse effect on individual privacy rights. Any contractor that maintains information collected by this system is made subject to the Privacy Act in accordance with subsection (m) of the Act and is required to apply appropriate protections subject to audit and inspection by the Postal Inspection Service. Procedures are in place to verify identity of individuals, the accuracy of information maintained, and the security of information maintained and transmitted.

USPS envisions that certain services will (a) require eServices Registration to request construction of a USPS-approved Public Key Infrastructure (PKI)-based digital certificate from a Certificate Authority and (b) electronically deliver the digital certificate to customers in order for them to use the service. As part of this process, customers will be required to provide information and complete the necessary steps that enable their identity to be adequately verified. Customers wishing to use this type of service must agree to and comply with the USPS subscriber agreement that applies to the USPS-approved digital certificate(s) issued to them, as well as any service-specific terms and conditions that provide for enrollment to the requested service, if identity or other information cannot be verified. Customers must further accept the responsibility, if issued a USPS-approved digital certificate, to protect both their system and their USPS PKI private key access passwords, not share them with others, and report any suspected compromise of their USPS PKI private key as directed.

Security controls have been applied to protect the information during transmission and physical maintenance. The system is housed within a secure facility in a restricted area. Access is controlled by an installed security software package, logon identifications and passwords, and operating system controls. Information is transmitted in a secure session established by Secure Socket Layer (SSL) equivalent, or better, technology. These technologies encrypt or scramble the transmitted information so it is virtually impossible for anyone other than the Postal Service or its contracted agent to read it while in transit.

Pursuant to 5 U.S.C. 552a(e)(11), interested persons are invited to submit written data, views, or arguments on this proposal. A report of the following proposed system has been sent to Congress and to the Office of Management and Budget for their evaluation.

USPS 400.010

System Name:

eService Customer Program Records—USPS eServices Registration System (eRS) Records, USPS 400.010.

System Location:

Office of Chief Technology Officer; National Customer Support Center (Memphis, TN), Postal Headquarters; and contractor site.

Categories of Individuals Covered by the System:

Customers who register for USPS services via the USPS Web site: www.usps.com will use the Services Registration System (eRS) as its registration platform.

Categories of Records in the System:

Depending on the service or product requested by the customer, this information is collected in order to provide that service or product and, if necessary, to verify the customer's identity. Customer-provided registration information captured and stored within eServices Registration will include username, password, verification question and answer, customer name, home/mailing address, e-mail address(es), and a promotional advertising acceptance (opt-in) answer. Depending on the service(s) requested by the customer, eRS information may also include secondary mailing address(es), employer name and address, date of birth, tax identification number, home and work phone number, fax phone number, public key data related to the customer, bank account information (name, type, account number, routing/transit number), credit card information (number, expiration date, type), driver's license information or state ID information (number, state, and expiration date), military ID information (number, branch, expiration date), or passport/visa information (number, expiration date, and issuing country). Start Printed Page 17453

In some cases, depending on the service or product requested by the customer, eServices Registration may collect a customer's Social Security Number as part of the registration process in order for the application to provide the customer the desired product or service.

Authority for Maintenance of the System:

39 U.S.C. 401, 403, and 404.

Purpose(s):

Information in this system is used to provide online registration capability to postal customers who request an Internet-based eService, and to provide that service.

Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses:

General routine-use statements b, e, f, and j, listed in the prefatory statement at the beginning of the Postal Service's published system notices apply to this system. Other routine uses of information from this system are as follows:

1. Disclosure to a Postal Service technology and/or service provider who is acting as an agent on behalf of the Postal Service, such as a Registration Authority or Customer Care/helpdesk operator.

2. Disclosure to a payee or financial institution for billing payment.

3. Disclosure to an authorized credit bureau or government agency maintaining a system of records (Social Security Administration, Health Care Finance Administration, etc.) for the purpose of identity verification.

4. Disclosure for law enforcement purposes to a government agency, either federal, state, local, or foreign, but only pursuant to a federal warrant duly issued under Rule 41 of the Federal Rules of Criminal Procedure. See Administrative Support Manual 274.6 for procedures relating to search warrants.

5. Disclosure pursuant to the order of a federal court of competent jurisdiction.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, and Disposing of Records in the System:

Storage:

Automated database, computer storage media, and paper forms.

Retrievability:

Information is retrieved by customer identification name or number, email address, phone number, customer name, and/or physical address.

Safeguards:

Paper records and computer storage tapes and disks are maintained in controlled-access areas or under general scrutiny of program personnel. Computers containing information are located in controlled-access areas with personnel access controlled by a cypher lock system, card key system, or other physical access control method, as appropriate. Authorized persons must be identified by a badge. Computer systems are protected with an installed security software package, computer logon identifications, and operating system controls including access controls, terminal and user identifications, and file management. Online data transmission is protected by encryption. Contractors must provide similar protection subject to operational security compliance review by the Postal Inspection Service.

Retention and Disposal:

Personal enrollment information stored in the eServices Registration database is maintained until the customer cancels the profile record or the profile information has not been accessed for any purpose for a period of 12 months; the information is then archived for 2 years. If an individual has been issued a USPS digital certificate, the maintenance of that person's profile information in the eRS database will be extended beyond this 12-month disuse period, to coincide with the certificate's expiration date. Thereafter, the information is archived on nonportable computer hard disk or magnetic tape for seven (7) years. Customers who have requested postal services or products requiring in-person identity authentication will have a USPS Form 2001, Identity Validation Form, maintained on file as part of this record system. The information on this paper record will be maintained for seven (7) years. At the end of the retention period, data on magnetic tape is destroyed by over-recording, data on hard disk is deleted or over-recorded, and, if issued, USPS Form 2001 is shredded.

System Manager(s) and Address:

Chief Technology Officer Senior Vice President, United States Postal Service, 475 L'Enfant Plaza SW RM 2100, Washington DC 20260-4400.

Notification Procedure:

Individuals wanting to know whether information about them is maintained in this system of records must address inquiries in writing to the system manager. Inquiries must contain name and address or other identifying information.

Record Access Procedures:

Requests for access must be made in accordance with the Notification Procedure above and the Postal Service Privacy Act regulations regarding access to records and verification of identity under 39 CFR 266.6.

Contesting Record Procedures:

See Notification Procedure and Record Access Procedures above.

Record Source Categories:

Customers registering for USPS eServices.