AGENCY:

Office of the Secretary, USDA.

ACTION:

Notice of a proposed new system of records; request for comment.

SUMMARY:

The U.S. Department of Agriculture proposes to add a system of records to its inventory of records systems subject to the Privacy Act of 1974, as amended. The system of records being proposed is the APHIS Comprehensive Electronic Permitting System (ePermits). This notice is necessary to meet the requirements of the Privacy Act to publish in the Federal Register notice of the existence and character of record systems maintained by the agency.

Although the Privacy Act requires only that the portion of the system that describes “routine uses” of the system be published for comment, we invite comment on all portions of this notice.

DATES:

Effective Date: This system will be adopted without further notice on June 9, 2008 unless modified to respond to comments received from the public and published in a subsequent notice.

Comment date: Comments must be received, in writing, on or before May 30, 2008.

ADDRESSES:

You may submit comments by either of the following methods:

• Federal eRulemaking Portal: Go to http://www.regulations.gov/​fdmspublic/​component/​main?​main=​DocketDetail&​d=​APHIS-2006-0185, and follow the instructions for submitting comments. Start Printed Page 23407
• Postal Mail/Commercial Delivery: Docket No. APHIS-2006-0185, Regulatory Analysis and Development, PPD, APHIS, Station 3A-03.8, 4700 River Road Unit 118, Riverdale, MD 20737-1238.

Docket: You may view comments we receive at the Federal eRulemaking Portal (Web address above) or in our reading room. The reading room is located in room 1141 of the USDA South Building, 14th Street and Independence Avenue, SW., Washington, DC. Normal reading room hours are 8 a.m. to 4:30 p.m., Monday through Friday, except holidays. To be sure someone is there to help you, please call (202) 690-2817 before coming.

FOR FURTHER INFORMATION CONTACT:

Ms. Alison Young, Branch Chief, Project Management, Information Technology Development and Coordination, Plant Protection and Quarantine, APHIS, 4700 River Road Unit 144, Riverdale, MD 20737; (301) 734-3821.

SUPPLEMENTARY INFORMATION:

The Privacy Act of 1974, as amended (5 U.S.C. 552a), requires agencies to publish in the Federal Register a notice of new or revised system of records maintained by the agency. A system of records is a group of any records under the control of any agency, from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to an individual.

The Animal and Plant Health Inspection Service (APHIS) is proposing to add a new system of records, entitled APHIS Comprehensive Electronic Permitting System (ePermits), that will be used to support the permitting processes for the Plant Protection and Quarantine (PPQ), Veterinary Services (VS), and Biotechnology Regulatory Services (BRS) programs within APHIS.

Under the authority of the Plant Protection Act (7 U.S.C. 7701 et seq.) and the Animal Health Protection Act (7 U.S.C. 8301 et seq.), APHIS regulates the importation, entry, exportation, and interstate movement of animals, plants, biological control organisms, noxious weeds, animal and plant products, and other articles, as necessary to prevent the introduction and interstate spread of plant pests, and pests and diseases of livestock. Under the authority of the Honeybee Act (7 U.S.C. 281 et seq.), APHIS regulates the importation of honeybees and honeybee semen into the United States to prevent the introduction of diseases and parasites of honeybees and of undesirable species, such as African honeybees.

In many cases, APHIS requires persons wishing to move a regulated commodity into, from, or within the United States, to apply for a permit. The ePermits system enables customers to apply for a permit, pay permit application fees, check the status of a permit application, and view issued permits and other information online in a secure manner. Individuals who may use this system include designated collaborators and permit applicants such as importers, agents, brokers, and researchers. Applicants will enter necessary information into the system in order to create an application for a permit. Such information includes personal information such as name, business name, mailing address, telephone number, e-mail address, and fax number; information concerning the regulated article for which a permit is sought, such as the proposed article, shipment information, country of origin, and proposed treatment methods; and may also include supporting documentation such as compliance and inspection reports and agreements. For permits that require fee payments, the system uses such information as payment amount, payment date, and user fee account number, check number, or last four digits of the credit card. The system also uses information about APHIS permit staff employees, including name, address, telephone number, e-mail address, organization name and job function, and, in some cases, a digital image of the handwritten employee signature.

This information is necessary for APHIS to evaluate data in order to manage and issue permits and notifications; perform inspections, investigations, and permit-related activities; prepare permits, letters, and other documents; generate reports to evaluate quality control and effectiveness of the program; determine if the action requested in the permit application would be additionally subject to other Federal or State authorities; and facilitate and account for payments.

Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses

APHIS may disclose information in the ePermits system to the Department of Homeland Security's Customs and Border Protection agency, which inspects shipments that arrive at United States ports for compliance with permit conditions. APHIS may also disclose information in the ePermits system to cooperative Federal, State, and local government officials, employees, or contractors, and other parties engaged in administering the program. APHIS may disclose information to State government regulatory officials in the State of destination for review and comment. Other routine uses of this information include releases related to investigations pertaining to violations of law or related to litigation. A complete listing of the routine uses for this system is included in the accompanying document that is published along with this notice.

The proposed information collection devices associated with the ePermits system have been approved by the Office of Management and Budget under the Paperwork Reduction Act.

Title and Business Address of the Agency Official Responsible for the System of Record

Chief Information Officer, U.S. Department of Agriculture, 1400 Independence Avenue, SW., Washington, DC 20250.

Report on New System

A report on the new system of records, required by 5 U.S.C. 552a(r), as implemented by Office of Management and Budget Circular A-130, was sent to the Chairman, Committee on Homeland Security and Governmental Affairs, United States Senate; the Chairman, Committee on Oversight and Government Reform, U.S. House of Representatives; and the Administrator, Office of Information and Regulatory Affairs, Office of Management and Budget.

System name:

APHIS Comprehensive Electronic Permitting System (ePermits), USDA-APHIS-10.

Security classification:

None.

System location:

Paper files for the APHIS Comprehensive Electronic Permitting System (ePermits) are maintained in the offices of Biotechnology Regulatory Services (BRS), Plant Protection and Quarantine (PPQ), and Veterinary Services (VS) in Riverdale, MD. The ePermits production system and associated electronic files are maintained at USDA's National Information Technology Center (NITC) in Kansas City, MO. Start Printed Page 23408

Categories of individuals covered by the system:

Permit applicants and designated collaborators, such as importers, agents, brokers, and researchers; and APHIS permit staff employees.

Categories of records in the system:

The records in this system may contain name, business name, mailing address, e-mail address, telephone and fax numbers, proposed articles to be permitted, shipment information, country of origin, proposed treatment methods, and compliance and inspection agreements or reports. For permits that require fee payments, the system may contain information about payment amount, payment date, and user fee account number, check number, or last four digits of the credit card.

Authority for maintenance of the system:

The Honeybee Act, 7 U.S.C. 281-286; the Plant Protection Act, 7 U.S.C. 7701-7772 and 7781-7786; and the Animal Health Protection Act, 7 U.S.C. 8301-8321.

Purposes(s) of the system:

This system will be used to enable persons wishing to move a regulated commodity into, from, or within the United States to apply for a permit, pay permit application fees, check the status of a permit application, and view issued permits and other information online in a secure manner.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, records maintained in the system may be disclosed outside USDA as follows:

(1) To the Department of Homeland Security's Customs and Border Protection agency, which inspects shipments that arrive at United States ports for compliance with permit conditions;

(2) To cooperative Federal, State, and local government officials, employees, or contractors, and other parties engaged to assist in administering the program. Such contractors and other parties will be bound by the nondisclosure provisions of the Privacy Act. This routine use assists the agency in carrying out the program, and thus is compatible with the purpose for which the records are created and maintained;

(3) To State government regulatory officials in the State of destination for review and comment;

(4) To the appropriate agency, whether Federal, State, local, or foreign, charged with responsibility of investigating or prosecuting a violation of law or of enforcing, implementing, or complying with a statute, rule, regulation, or order issued pursuant thereto, of any record within this system when information available indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and either arising by general statute or particular program statute, or by rule, regulation, or court order issued pursuant thereto;

(5) To the Department of Justice when the agency, or any component thereof, or any employee of the agency in his or her official capacity, or any employee of the agency in his or her individual capacity where the Department of Justice has agreed to represent the employee, or the United States, in litigation, where the agency determines that litigation is likely to affect the agency or any of its components, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice is deemed by the agency to be relevant and necessary to the litigation; provided, however, that in each case, the agency determines that disclosure of the records to the Department of Justice is a use of the information contained in the records that is compatible with the purpose for which the records were collected;

(6) For use in a proceeding before a court or adjudicative body before which the agency is authorized to appear, when the agency, or any component thereof, or any employee of the agency in his or her official capacity, or any employee of the agency in his or her individual capacity where the agency has agreed to represent the employee, or the United States, where the agency determines that litigation is likely to affect the agency or any of its components, is a party to litigation or has an interest in such litigation, and the agency determines that use of such records is relevant and necessary to the litigation; provided, however, that in each case, the agency determines that disclosure of the records to the court is a use of the information contained in the records that is compatible with the purpose for which the records were collected;

(7) To appropriate agencies, entities, and persons when the agency suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; the agency has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, a risk of identity theft or fraud, or a risk of harm to the security or integrity of this system or other systems or programs (whether maintained by the agency or another agency or entity) that rely upon the compromised information; and the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the agency's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm;

(8) To USDA contractors, partner agency employees or contractors, or private industry employed to identify patterns, trends or anomalies indicative of fraud, waste, or abuse; and

(9) To the National Archives and Records Administration or to the General Services Administration for records management inspections conducted under 44 U.S.C. 2904 and 2906.

Disclosure to consumer reporting agencies:

None.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

Paper files for the APHIS Comprehensive Electronic Permitting System are maintained, according to the responsible program, in the offices of BRS, PPQ, and VS in Riverdale, MD. The USDA National Information Technology Center in Missouri will house the ePermits system servers.

Retrievability:

Records are retrieved by use of individual's name, business name, business address, regulated article, country of origin, application number, and permit number.

Safeguards:

All ePermits users are required to complete USDA's registration process called eAuthentication, a system that enables individuals to obtain user-identification accounts that allow password protected access to certain USDA web-based applications and services through the Internet. The web-based service identifies and validates USDA customers before they can access ePermits.

Role-based security and access rights are implemented to protect the security of the information. Additionally, the ePermits security plan includes management, operational, and technical controls to prevent misuse of data by system users. Start Printed Page 23409

Retention and disposal:

Paper records will be held according to the record retention schedules of each program. BRS and VS paper records will be retained for 5 years. PPQ paper records will be retained for a period of 3 to 7 years depending on the type of permit issued. Electronic records will be maintained for 15 years consistent with record retention requirements for policy-related information.

System manager(s) and address:

For BRS records: Branch Chief, Biotechnology Regulatory Operations, Biotechnology Regulatory Services, USDA, APHIS, 4700 River Road Unit 91, Riverdale, MD 20737.

For PPQ records: Director, Permits, Registrations, Imports & Manuals, Plant Health Programs, USDA, APHIS, 4700 River Road Unit 133, Riverdale, MD 20737.

For VS records: Director, National Center for Import and Export, Technical Trade Services Team, Veterinary Services, USDA, APHIS, 4700 River Road Unit 140, Riverdale, MD 20737.

Notification procedure:

Any individual may request general information regarding this system of records or information as to whether the system contains records pertaining to him/her from the system manager at the address above. All inquiries pertaining to this system should be in writing, must name the system of records as set forth in the system notice, and must contain the individual's name, telephone number, address, and e-mail address.

Record access procedures:

Any individual may obtain information from a record in the system that pertains to him or her. Requests for hard copies of records should be in writing, and the request must contain the requesting individual's name, address, name of the system of records, timeframe for the records in question, any other pertinent information to help identify the file, and a copy of his/her photo identification containing a current address for verification of identification. All inquiries should be addressed to the Freedom of Information and Privacy Act Staff, Legislative and Public Affairs, APHIS, 4700 River Road Unit 50, Riverdale, MD 20737-1232.

Contesting record procedures:

Any individual may contest information contained within a record in the system that pertains to him/her by submitting a written request to the system manager at the address above. Include the reason for contesting the record and the proposed amendment to the information with supporting documentation to show how the record is inaccurate.

Record source categories:

Information in this system comes primarily from the user. APHIS employees and State government regulatory officials will also enter data into the system.

Exemptions claimed for the system:

None.