AGENCY:

Pension Benefit Guaranty Corporation.

ACTION:

Notice of new system of records.

SUMMARY:

Pursuant to the Privacy Act of 1974, the Pension Benefit Guaranty Corporation (PBGC) is proposing to establish a new system of records, “PBGC–29: Freedom of Information Act and Privacy Act Request Records—PBGC” to reflect PBGC's current practice of processing requests for records made under the provisions of the Freedom of Information Act (FOIA)/Privacy Act (PA), and to assist PBGC in carrying out other responsibilities relating to FOIA and PA including operational, management, and reporting purposes.

DATES:

The new systems of records described herein will become effective July 27, 2023, without further notice, unless comments result in a contrary determination and a notice is published to that effect. Comments must be received on or before July 27, 2023 to be assured of consideration.

ADDRESSES:

You may submit written comments to PBGC by any of the following methods:

• Federal eRulemaking Portal: Follow the website instructions for submitting Start Printed Page 41664 comments at https://www.regulations.gov.

• Email: reg.comments@pbgc.gov. Refer to SORN in the subject line.

• Mail or Hand Delivery: Regulatory Affairs Division, Office of the General Counsel, Pension Benefit Guaranty Corporation, 445 12th Street SW, Washington, DC 20024–2101.

Commenters are strongly encouraged to submit public comments electronically. PBGC expects to have limited personnel available to process public comments that are submitted on paper through U.S. mail. Until further notice, any comments submitted on paper will be considered to the extent practicable.

All submissions must include the agency's name (Pension Benefit Guaranty Corporation, or PBGC) and reference this notice. Comments received will be posted without change to PBGC's website, https://www.pbgc.gov, including any personal information provided. Do not submit comments that include any personally identifiable information or confidential business information. Copies of comments may also be obtained by writing to Disclosure Division, Office of the General Counsel, Pension Benefit Guaranty Corporation, 445 12th Street SW, Washington, DC 20024–2101, or calling 202–326–4040 during normal business hours. (If you are deaf or hard of hearing, or have a speech disability, please dial 7 1 1 to access telecommunications relay services.)

FOR FURTHER INFORMATION CONTACT:

Shawn Hartley, Chief Privacy Officer, Pension Benefit Guaranty Corporation, Office of the General Counsel, 445 12th Street SW, Washington, DC 20024–2101, 202–229–6321. For access to any of PBGC's systems of records, contact D. Camilla Perry, Disclosure Officer, Office of the General Counsel, Disclosure Division, 445 12th Street SW, Washington, DC 20024–2101, or by calling 202–229–4040, or go to https://www.pbgc.gov/​about/​policies/​pg/​privacy-at-pbgc/​system-of-records-notices.

SUPPLEMENTARY INFORMATION:

PBGC Is Establishing a New SORN PBGC–29: Freedom of Information Act and Privacy Act Request Records

PBGC is establishing a new SORN “PBGC–29: Freedom of Information Act and Privacy Act Request Records—PBGC” to reflect PBGC's current practice of processing requests for records made under the provisions of the Freedom of Information Act (FOIA) and Privacy Act (PA) of 1974, and to assist PBGC in carrying out other responsibilities relating to FOIA and PA including operational, management, and reporting purposes.

Pursuant to 5 U.S.C. 552a(e)(11), interested persons are invited to submit written comments on the proposed changes described in this notice. A report has been sent to Congress and the Office of Management and Budget for their evaluation.

For the convenience of the public, PBGC's new system of records is published in full below.

SYSTEM NAME AND NUMBER:

PBGC—29: Freedom of Information Act and Privacy Act Request Records—PBGC

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Pension Benefit Guaranty Corporation (PBGC), 445 12th Street SW, Washington, DC 20024–2101. (Records may be kept at an additional location as backup for continuity of operations at AINS LLC, DBA OPEXUS, 1101 17th St. NW #1200, Washington, DC 20036.)

SYSTEM MANAGER(S):

Deputy General Counsel, Office of the General Counsel (OGC), PBGC, 445 12th Street SW, Washington, DC 20024–2101.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 552, The Freedom of Information Act (FOIA), and 5 U.S.C. 552a, The Privacy Act of 1974 (PA).

PURPOSE(S) OF THE SYSTEM:

The purpose of this system is to process requests for records made under the provisions of the FOIA and PA, and to assist PBGC in carrying out other responsibilities relating to FOIA and PA including operational, management, and reporting purposes.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals or their representatives who have submitted FOIA requests, PA requests, or combined FOIA and PA requests for records or information and administrative appeals or have litigation pending with a federal agency; individuals whose requests, appeals or records have been referred to PBGC by other agencies and/or the PBGC personnel assigned to handle such requests, appeals and litigation.

CATEGORIES OF RECORDS IN THE SYSTEM:

Records in the system may contain names, mailing addresses, email addresses and telephone numbers of individuals making requests for records or information pursuant to the FOIA/PA; online identity verification information (User name and password), and any other information voluntarily submitted, such as an individual's social security number; tracking numbers, correspondence with the requester or the requester's representatives, internal PBGC correspondence and memoranda to or from other agencies or entities having a substantial interest in the determination of the request; responses to the request and appeals, and copies of responsive records. These records may contain personal information retrieved in response to a request. FOIA and PA case records may contain inquiries and requests regarding any of PBGC's other systems of records subject to the FOIA and PA, and information about individuals from any of these other systems may become part of this system of records.

RECORD SOURCE CATEGORIES:

Requesters and persons acting on behalf of requesters, PBGC and other Federal agencies having a substantial interest in the determination of the request, and employees processing the requests.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

Information about covered individuals may be disclosed without consent as permitted by the Privacy Act of 1974, 5 U.S.C. 552a(b), and:

1. To law enforcement in the event the record is connected to a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute, regulation, rule, or order issued pursuant thereto. Such disclosure may be made to the appropriate agency, whether Federal, state, local, or tribal, or other public authority responsible for enforcing, investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if PBGC determines that the records are both relevant and necessary to any enforcement, regulatory, investigative or prospective responsibility of the receiving entity.

2. To a Federal, state, tribal or local agency or to another public or private source maintaining civil, criminal, or other relevant enforcement information or other pertinent information if, and to the extent necessary, to obtain information relevant to a PBGC decision concerning the hiring or retention of an Start Printed Page 41665 employee, the retention of a security clearance, or the letting of a contract.

3. With the approval of the Director, Human Resources Department (or his or her designee), the fact that this system of records includes information relevant to a Federal agency's decision in connection with the hiring or retention of an employee, the retention of a security clearance, the letting of a contract, or the issuance of a license, grant, or other benefit may be disclosed to that Federal agency.

4. A record from this system of records may be disclosed in a proceeding before a court or other adjudicative body in which PBGC, an employee of PBGC in his or her official capacity, an employee of PBGC in his or her individual capacity whom PBGC (or the Department of Justice (DOJ)) has agreed to represent is a party, or the United States or any other Federal agency is a party and PBGC determines that it has an interest in the proceeding, and if PBGC determines that the record is relevant and necessary to the litigation and that the disclosure of the records to use is compatible with the purpose for which PBGC collected the information.

5. When PBGC, an employee of PBGC in his or her official capacity, or an employee of PBGC in his or her individual capacity whom PBGC (or DOJ) has agreed to represent is a party to a proceeding before a court or other adjudicative body, or the United States or any other Federal agency is a party and PBGC determines that it has an interest in the proceeding, a record from this system of records may be disclosed to DOJ if PBGC is consulting with DOJ regarding the proceeding or has decided that DOJ will represent PBGC, or its interest, in the proceeding and PBGC determines that the record is relevant and necessary to the litigation and that the use is compatible with the purpose for which PBGC collected the information.

6. A record from this system of records may be disclosed to a congressional office in response to an inquiry from the congressional office made at the request of the individual.

7. A record from this system of records may be disclosed to appropriate agencies, entities, and persons when (1) PBGC suspects or has confirmed that there has been a breach of the system of records; (2) PBGC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, PBGC (including its information systems, programs and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with PBGC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

8. To the National Archives and Records Administration or to the General Services Administration for records management inspections conducted under 44 U.S.C. 2904 and 2906.

9. To another Federal agency or Federal entity, when PBGC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

10. To the extent needed to perform duties under the contract, to third party contractors who are performing or working on a contract in connection with the performance of an IT service or in support of PBGC's Disclosure Division related to this system of records. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.

11. To respond to FOIA requests and appeals made through the agencies electronic FOIA and PA request system, including the names of FOIA requesters, dates related to the processing of the request, and a description of the records sought by the requester (excluding any personally identifiable information in the description of the records, such as telephone or cell phone numbers, home or email addresses, social security numbers), unless the requester asks for the redaction of any personally identifiable information (PII). This information may also be used to create a publicly available log of requests;

12. To assist PBGC in making an access determination, a record from this system may be shared with (a) the person or entity that originally submitted the record to the agency or is the subject of the record or information; or (b) another Federal entity;

13. To the National Archives and Record Administration's (NARA), Office of Government Information Services (OGIS), to the extent necessary to fulfill its responsibilities in 5 U.S.C. 552(h), to review administrative agency policies, procedures and compliance with the FOIA, and to facilitate OGIS's offering of mediation services to resolve disputes between persons making FOIA requests and administrative agencies;

14. To the Department of Justice (DOJ), to the Department of the Treasury, or to a consumer reporting agency for collection action for unpaid FOIA fees when circumstances warrant; and,

15. To the Office of Management and Budget (OMB) or the DOJ to obtain advice regarding statutory and other requirements under the FOIA or Privacy Act.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records are maintained in electronic databases. Records may also be maintained on back-up tapes, or on a PBGC or a contractor-hosted network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records are retrieved by any one or more of the following: Name, subject, request file/tracking number, or other data element as may be permitted by an automated system.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records are maintained and destroyed in accordance with the National Archives and Record Administration's (NARA) Basic Laws and Authorities (44 U.S.C. 3301, et seq.) or a PBGC records disposition schedule approved by NARA. Records existing on paper are destroyed beyond recognition. Records existing on computer storage media are destroyed according to the applicable PBGC media practice for participant systems and will be maintained in accordance with PBGC Records Schedule. See General Records Schedule (GRS) Items 4.2 Items 001, 010, 020, 040, 050, 090. See also PBGC Records Schedule Item 1.2: Administrative Records—Privacy Act.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

PBGC has established security and privacy protocols that meet the required security and privacy standards issued by the National Institute of Standards and Technology (NIST). Records are maintained in a secure, password protected electronic system that utilizes security hardware and software to include multiple firewalls, active intruder detection, and role-based access controls. PBGC has adopted appropriate administrative, technical, and physical controls in accordance with PBGC's security program to protect the confidentiality, integrity, and availability of the information, and to ensure that records are not disclosed to or accessed by unauthorized Start Printed Page 41666 individuals. Paper records are kept in file folders in areas of restricted access that are locked after office hours.

Electronic records are stored on computer networks, which may include cloud-based systems, and protected by controlled access with Personal Identity Verification (PIV) cards, assigning user accounts to individuals needing access to the records and by passwords set by authorized users that must be changed periodically. Further, for certain systems covered by this notice, heightened security access is required. Such access is granted by the specific permissions group assigned to monitor that particular system and only authorized employees of the agency may retrieve, review or modify those records. All employees are annually required to agree to and comply with PBGC's Rules of Behavior with respect to PBGC's IT systems and PII.

RECORD ACCESS PROCEDURES:

Individuals, or third parties with written authorization from the individual, wishing to request access to their records in accordance with 29 CFR 4902.4, should submit a written request to the Disclosure Officer, PBGC, 445 12th Street SW, Washington, DC 20024–2101, providing their name, address, date of birth, and verification of their identity in accordance with 29 CFR 4902.3(c), or via PBGC's online FOIA/PA system the link to which is located at https://www.pbgc.gov/​about/​pg/​footer/​foia. Individuals or third parties will be required to provide information to verify their identity when making a request.

CONTESTING RECORD PROCEDURES:

Individuals, or third parties with written authorization from the individual, wishing to amend their records must submit a written request, in accordance with 29 CFR 4902.5, identifying the information they wish to correct in their file, in addition to following the requirements of the Record Access Procedure above.

NOTIFICATION PROCEDURES:

Individuals, or third parties with written authorization from the individual, wishing to learn whether this system of records contains information about them should submit a written request to the Disclosure Officer, PBGC, 445 12th Street SW, Washington, DC 20024–2101, providing their name, address, date of birth, and verification of their identity in accordance with 29 CFR 4902.3(c), or via PBGC's online FOIA/PA system the link to which is located at https://www.pbgc.gov/​about/​pg/​footer/​foia. Individuals or third parties will be required to provide information to verify their identity when making a request.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

To the extent that copies of exempt records from other systems of records are entered into this system, PBGC claims the same exemptions for those records that are claimed for the original primary systems of records from which they originated.

HISTORY:

None.