AGENCY:

Corporation for National and Community Service.

ACTION:

Notice of a modified system of records.

SUMMARY:

The Freedom of Information Act (FOIA) gives the public the right to access many types of records which are maintained by a Federal agency. The Privacy Act gives the public the right to access and amend many types of records about themselves which are maintained by a Federal agency. In accordance with the Privacy Act, the Corporation for National and Community Service (CNCS) Office of General Counsel proposes to modify and rename a current CNCS system of records, Freedom of Information Act and Privacy Act Request Files—Corporation-12 (67 FR 4395, 4406, January 30, 2002), to include substantive changes and modifications described in detail in the supplementary section.

CNCS uses the system of records to:

1. Track, process, and respond to CNCS's FOIA and Privacy Act inquiries and any disputes involving those inquiries (collectively, “Requests”);

2. Create reports about those Requests for oversight and reporting purposes; and

3. Execute other responsibilities related to FOIA and the Privacy Act.

The records in the system, stored in both paper and electronic form include, but are not limited to: FOIA and Privacy Act requests, follow-up correspondence, documents created to prepare responses, redacted and unredacted copies of responsive records, and final responses.

DATES:

You may submit comments until May 30, 2019. This System of Records Notice (SORN) will be effective May 31, 2019 unless CNCS receives any timely comments which would result in a contrary determination.

ADDRESSES:

You may submit comments, identified by system name and number, to CNCS via any of the following methods:

1. Electronically through regulations.gov.

Once you access regulations.gov, locate the web page for this SORN by searching for CNCS-02-OGC-FOIA/PA—Freedom of Information Act (FOIA)/Privacy Act (PA) Request Files. If you upload any files, please make sure they include your first name, last name, and the name of the proposed SORN.

2. By email at privacy@cns.gov.

3. By mail: Corporation for National and Community Service, Attn: Chief Privacy Officer, OIT, 250 E St. SW, Washington, DC 20525.

4. By hand delivery or courier to CNCS at the address for mail between 9:00 a.m. and 4:00 p.m. Eastern Standard Time, Monday through Friday, except for Federal holidays.

Please note that all submissions received may be posted without change to regulations.gov, including any personal information.

FOR FURTHER INFORMATION CONTACT:

If you have general questions about the system of record, you can email them to FOIA@cns.gov or mail them to the address in the ADDRESSES section above. Please include the system of record's name and number.

SUPPLEMENTARY INFORMATION:

This notice serves to update and modify CNCS's system of records notice titled “CORPORATION-12” to incorporate changes to the system, include more details, and conform to SORN template requirements prescribed in Office of Management and Budget Circular No. A-108. The substantive changes and modifications to the currently published version of CORPORATION-12 include:

1. Renumbering and renaming the SORN as CNCS-02-OGC-FOIA/PA—Freedom of Information Act (FOIA)/Privacy Act (PA) Request Files.

2. Stating that the records in the system are Unclassified.

3. Updating all addresses to reflect the system's new location.

4. Expanding the purpose of the system to manage all aspects of the FOIA and Privacy Act Request process.

5. Stating that the system may also include information about individuals who help fulfill a Request or are referenced in the requested records.

6. Replacing the current set of routine uses with new and modified routine uses that are specific to the system.

7. Stating that records may also be retrieved by the name of the individual who filed a Request.

8. Revising the retention and disposal section to reflect updated guidance from the National Archives and Records Administration.

9. Revising the safeguards section to reflect updated cybersecurity guidance and practices.

10. Updating the record access, contesting record, and notification procedures to inform individuals that they may email or fax an inquiry, establish a more efficient process, and clarify what individuals should include in an inquiry.

CNCS determined that these changes are the most efficient, logical, taxpayer-friendly, and user-friendly method of complying with the publication requirements of the Privacy Act. The subject records reflect a common purpose, common functions, and common user community. This Notice of a Modified Systems of Records, as required by 5 U.S.C. 552a, also fully complies with all Office of Management and Budget policies.

SYSTEM NAME AND NUMBER

CNCS-02-OGC-FOIA/PA—Freedom of Information Act (FOIA)/Privacy Act (PA) Request Files.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Office of General Counsel, Corporation for National and Community Service, 250 E St. SW, Washington, DC 20525.

SYSTEM MANAGER(S):

FOIA Officer/Privacy Act Officer, Office of General Counsel, Corporation for National and Community Service, 250 E St. SW, Washington, DC 20525.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

The Freedom of Information Act of 1966, as amended, and the Privacy Act of 1974, as amended.

PURPOSE(S) OF THE SYSTEM:

The Corporation for National and Community Service (CNCS) Office of General Counsel uses the system to:

• Track, process, and respond to CNCS's FOIA and Privacy Act inquiries and any disputes involving those inquiries (collectively, “Requests”);
• Create reports about those Requests for oversight and reporting purposes; and
• Execute other responsibilities related to those Requests.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

The system contains records about individuals who:

• Sent a written Request to CNCS which cited to, or was handled according to, FOIA or the Privacy Act, plus anyone who represented those individuals (collectively, “Requestors”);
• Participate in responding to a Request on behalf of CNCS (collectively, “Respondents”);Start Printed Page 18269
• Are the subject of a Request;
• Are referenced in the requested records; and
• Are otherwise connected to a Request.

CATEGORIES OF RECORDS IN THE SYSTEM:

Records in the system may contain:

• Requests;
• Correspondence with Requestors to establish their identities, clarify Requests, discuss fees, and discuss the timing of responses;
• Intra-agency search process correspondence;
• Written decisions to release or withhold requested records;
• Redacted and unredacted copies of responsive records; and
• Final responses to Requesters.

RECORD SOURCE CATEGORIES:

The sources of records in the system include Requestors and Respondents. The documents gathered to respond to a Request can come from, but are not limited to, CNCS'S system of records, individuals and their representatives, public sources, and other entities connected to CNCS.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in the system may be disclosed to authorized entities, as is determined to be relevant and necessary, as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. To another Federal, foreign, state, local, tribal, or other public agency with an interest in, or control over, information in records responsive to or otherwise related to a Request, for the following purposes:

a. Consulting the other agency for its views about providing access to the information or assistance in verifying the identity or background information of an individual or the accuracy of information sought to be amended or corrected;

b. Informing the other agency of CNCS'S response or intended response; or

c. Referring the request to the most appropriate federal agency for response.

2. When FOIA permits CNCS to exempt a record from disclosure, the identity of the Requestor and a description of the requested record may be disclosed to the subject of the record, or the individual or entity that provided the record, to obtain their view on whether the information should be released.

3. To the Office of the President, a Member of Congress, or their staff in response to a Request made on behalf of, and at the request of, the individual who is the subject of the record. These advocates will receive the same records that individuals would have received if they filed their own Request.

4. To the Department of Justice (DOJ) to obtain DOJ's advice on whether records must be disclosed under FOIA and the Privacy Act in response to a Request.

5. To the DOJ when:

a. The agency, or any component thereof;

b. Any employee of the agency in his or her official capacity;

c. Any employee of the agency in his or her individual capacity where DOJ has agreed to represent the employee; or

d. The United States, where the agency determines that litigation is likely to affect the agency or any of its components is a party to litigation or has an interest in litigation, and the use of such records by the DOJ is deemed by the agency to be relevant and necessary to the litigation, provided, however, that in each case, the agency determines that disclosure of the records to the DOJ is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

6. To a court, administrative body, or adjudicative body before which the agency is authorized to appear, when:

a. The agency, or any component thereof;

b. Any employee of the agency in his or her official capacity;

c. Any employee of the agency in his or her individual capacity where the agency has agreed to represent the employee; or

d. The United States, where the agency determines that litigation is likely to affect the agency or any of its components, is a party to litigation or has an interest in litigation, and the use of such records by the DOJ is deemed by the agency to be relevant and necessary to the litigation, provided, however, that in each case, the agency determines that disclosure of the records to the DOJ is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

7. To prospective claimants and their attorneys to negotiate the settlement of an actual or prospective claim against CNCS or its current or former employees, in advance of the initiation of formal litigation or proceedings.

8. To another Federal or State agency, a court, or a party in litigation or in an administrative or adjudicative proceeding conducted by a Federal or State agency, when the Government is a party to the judicial or administrative proceeding and the record is relevant and necessary to that proceeding.

9. To an appropriate Federal, State, local, tribal, international, or foreign law enforcement agency or other appropriate authority charged with investigating or prosecuting a violation or enforcing or implementing a statute, rule, regulation, or order, when a record, either on its face or in conjunction with other information, indicates a violation or potential violation of civil or criminal law or regulatory violations and such disclosure is proper and consistent with the official duties of the person making the disclosure.

10. To an agency or organization to audit or oversee operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function.

11. To appropriate agencies, entities, and persons when:

a. CNCS suspects or has confirmed that there has been a breach of the system of records;

b. CNCS has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, CNCS (including its information systems, programs, and operations), the Federal Government, or national security; and

c. The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with CNCS's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

12. To another Federal agency or Federal entity, when CNCS determines that information from the system of records is reasonably necessary to assist the recipient agency or entity in:

a. Responding to a suspected or confirmed breach or

b. Preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

13. To the National Archives and Records Administration (NARA) as needed to assist CNCS with records management, conduct inspections of CNCS's records management practices, and carry out other activities required by 44 U.S.C. 2904 and 2906.

14. To NARA's Office of Government Information Services so that it may review agency compliance with FOIA, provide mediation services to resolve Start Printed Page 18270FOIA disputes, and identify policies and procedures for improving FOIA compliance, and to the extent necessary to fulfill its responsibilities as required by 5 U.S.C. 552(h)(2-3).

15. To a Federal agency in connection with hiring or retaining an employee, vetting a service member, in response to the issuance of a security clearance, conducting of a background, suitability or security investigation of an individual, classifying jobs, the letting of a contract, or the issuance of a license, contract, grant, or other benefit by the requesting agency, and to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.

16. To agency contractors, grantees, interns, and other authorized individuals engaged to assist the agency in the performance of a contract, service, grant, cooperative agreement, or other activity and require access to the records to accomplish an agency function, task or assignment. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to CNCS officials and employees.

17. To the Equal Employment Opportunity Commission when requested in connection with investigations into alleged or possible discrimination practices in the Federal sector, compliance by Federal agencies with the Uniform Guidelines on Employee Selection Procedures or other functions vested in the Commission and to otherwise ensure compliance with the provisions of 5 U.S.C. 7201.

18. To any official or designee charged with the responsibility to conduct qualitative assessments at a designated statistical agency as defined under 42 U.S.C 3501 Sec. 522 (e.g., U.S. Census Bureau, U.S. Department of Labor, Social Security Administration), and other well established and trusted public or private research organizations, academic institutions, or agencies for an evaluation, study, research, or other analytic or statistical purposes.

19. To the news media and the public, with the approval of the Chief Privacy Officer in consultation with counsel, when there exists a legitimate public interest in the disclosure of the information, when disclosure is necessary to preserve confidence in the integrity of CNCS, or when disclosure is necessary to demonstrate the accountability of CNCS'S officers, employees, or individuals covered by the system, except to the extent the Chief Privacy Officer determines that release of the specific information in the context of a particular case would constitute a clearly unwarranted invasion of personal privacy.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Paper records are stored in locked rooms, file cabinets, and desks. Electronic records and backups are stored on secure servers and encrypted media to include, but are not limited to, the computers and network drives used by Respondents.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records in the system may be retrieved by year of the Request, Request tracking number, name of Requestor, or any combination of these items.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records in the system are maintained according to General Records Schedule 4.2, Information Access and Protection Records, as listed in NARA's most recent General Records Schedule Transmittal.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

Paper records are maintained in locked rooms, file cabinets, and desks when not in use. Electronic records are maintained in accordance with National Institute of Standards and Technology Special Publication 800-53 Rev. 4, Security and Privacy Controls for Federal Information Systems and Organizations or the updated equivalent. Access to the records is limited to authorized personnel who require the information to complete their assigned tasks and have been trained how to properly handle and safeguard the records.

RECORD ACCESS PROCEDURES:

In accordance with 45 CFR part 2508, Implementation of the Privacy Act of 1974, individuals wishing to access their own records as stored within the system of records may contact the FOIA Officer/Privacy Act Officer by sending (1) an email to FOIA@cns.gov, (2) a letter to the System Manager, or (3) a facsimile to 202-606-3467. Individuals may also go in-person to the System Location and ask to speak to the FOIA Officer/Privacy Act Officer within the Office of General Counsel. Individuals who make a request must include enough identifying information (i.e., full name, current address, date, and signature) to locate their records, indicate that they want to access their records, and be prepared to confirm their identity as required by 45 CFR part 2508.

CONTESTING RECORD PROCEDURES:

Individuals who wish to contest their own records as stored within the system of records may contact the FOIA Officer/Privacy Act Officer in writing via the contact information in the RECORD ACCESS PROCEDURES section. Individuals who make a request must include enough identifying information to locate their records, an explanation of why they think their records are incomplete or inaccurate, and be prepared to confirm their identity as required by 45 CFR part 2508.

NOTIFICATION PROCEDURES:

Individuals who wish to contest their own records as stored within the system of records may contact the FOIA Officer/Privacy Act Officer via the contact information in the RECORD ACCESS PROCEDURES section. Individuals who make a request must include enough identifying information to locate their records, indicate that they want to be notified whether their records are included in the system, and be prepared to confirm their identity as required by 45 CFR part 2508.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

64 FR 10879, 10889, March 5, 1999; 65 FR 46890, 46900, August 1, 2000; 67 FR 4395, 4406, January 30, 2002.