AGENCY:

Department of Homeland Security, Privacy Office.

ACTION:

Notice of Privacy Act system of records.

SUMMARY:

In accordance with the Privacy Act of 1974, the Department of Homeland Security, U.S. Customs and Border Protection proposes to establish a new system of records titled, “U.S. Customs and Border Protection, DHS/CBP-004-Intellectual Property Rights e-Recordation and Search Systems System of Records.” This system of records allows the Department and CBP to collect and maintain records on copyrights, trademarks, and trade names that the respective owners have applied to have recorded with CBP. In addition, the Department is issuing a Notice of Proposed Rulemaking elsewhere in the Federal Register to exempt this system of records from certain provisions of the Privacy Act. This newly established system will be included in the Department's inventory of record systems.

DATES:

Submit comments on or before February 14, 2013. This new system will be effective February 14, 2013.

ADDRESSES:

You may submit comments, identified by docket number DHS-2012-034 by one of the following methods:

• Federal e-Rulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• Fax: 202-343-4010.
• Mail: Jonathan R. Cantor, Acting Chief Privacy Officer, Privacy Office, Department of Homeland Security, Washington, DC 20528.

Instructions: All submissions received must include the agency name and docket number for this rulemaking. All comments received will be posted without change to http://www.regulations.gov,, including any personal information provided.

Docket: For access to the docket to read background documents or comments received, visit http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT:

For general questions, please contact: Laurence E. Castelli, 202-325-0280, CBP Privacy Officer, Office of International Trade/Regulations and Rulings, U.S. Customs and Border Protection, Mint Annex, 799 9th Street NW., Washington, DC 20229-1177. For privacy issues, please contact: Jonathan R. Cantor, 202-343-1717, Acting Chief Privacy Officer, Privacy Office, Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP) proposes to establish a new DHS system of records titled, “DHS/CBP-004-Intellectual Property Rights e-Recordation and Search Systems System of Records.”

The Intellectual Property Rights e-Recordation and Search Systems (IPRRSS) collect, use, and maintain records related to intellectual property rights recordations and their owners. The purpose of IPRRSS is to aid in the enforcement of intellectual property rights by making intellectual property recordations available to the public and to CBP officials.

IPRRSS collectively encompasses three separate systems. The first system is the online Intellectual Property Rights e-Recordation (IPRR) system, which allows intellectual property owners to submit applications for trademark and copyright recordations. The IPRR system shares information with the public Intellectual Property Rights Search (IPRS) system and the CBP Intellectual Property Rights Internal Search (IPRiS) system. Because CBP may collect personally identifiable information (PII) about intellectual property rights holders, their agents, or their licensees in IPRR, IPRS, and IPRiS (collectively IPRRSS), CBP is providing the public notice about how CBP collects, uses, and maintains records related to intellectual property rights recordations.

The authority for this system derives from Section 42 of the Lanham Act (Trademark Act of 1946), as amended, 15 U.S.C. 1124; Sections 101 and 602 through 603 of the Copyright Act of 1976, as amended, 17 U.S.C. 101, 602-603; and Sections 526, 595a, and 624 of the Tariff Act of 1930, as amended, 19 U.S.C. 1526, 1595a, and 1624. The cited sections provide that intellectual property rights owners may submit information to CBP to enable CBP officials to identify infringing articles at the borders and prevent the importation of counterfeit or pirated merchandise. Owners seeking to have merchandise excluded from entry must provide proof to CBP of the validity of the intellectual property rights they seek to protect.

Pursuant to the Independent Offices Appropriations Act of 1952, 31 U.S.C. 9701, and regulations at 19 CFR 133.3, 133.13, and 133.33, intellectual property rights owners or their agents must pay a fee when they apply for the recordation with CBP of their trademark, trade name, or copyright. Through IPRR's web-based interface, the user will be prompted through several steps that capture the user's required application information. Once the applicant has entered all required application information, IPRR will guide the applicant through a series of prompts seeking his/her billing name, billing address, and credit card information. IPRR forwards this payment information to Pay.gov for payment processing, and the applicant name and an IPRR tracking number to the DHS/CBP-003 Credit/Debit Card Data System (CDCDS) System of Records for payment reconciliation. Pay.gov sends a nightly activity file, including the last four digits of the credit card, authorization number, billing name, billing address, IPRR Start Printed Page 3016tracking number, and Pay.gov tracking numbers to CDCDS. Pay.gov also sends a daily batch file with the necessary payment information to a commercial bank for settlement processing. After processing, the commercial bank sends a settlement file, including the full credit card number, authorization number, card type, transaction date, amount, and IPRR tracking number to CDCDS. Once IPRR receives confirmation from Pay.gov that the payment has been processed successfully, IPRR will retain the Pay.gov tracking number for payment reconciliation purposes in accordance with the CDCDS system of records retention schedule.

When an applicant enters the registration number of a copyright or trademark he or she would like to record with CBP, the IPRR system must receive a positive match response from the U.S. Patent and Trademark Office (USPTO) and U.S. Copyright Office Web sites in order for the application to proceed. Only the registration number is shared with the USPTO and U.S. Copyright Office Web sites. If the registration number entered in IPRR does not match an entry in either of these Web sites, the applicant cannot record their trademark or copyright with CBP. Once a positive match response is received from these systems, certain fields in the application are automatically populated with public data taken directly from the U.S. Copyright Office or USPTO Web sites. All of the information copied from the U.S. Copyright Office or U.S. Patent and Trademark Office Web sites is publicly available at www.uspto.gov and www.copyright.gov.

The public may search for trademark, trade name, and copyright information in IPRS, the public facing portion of this system of records. The IPRS database collects and retains only a portion of the information entered by the right holder in IPRR, such as the name, address, and phone number of the right holder or representative, along with a text description of the recorded trademark or copyright. This information allows retailers, consumers, and other businesses to contact the right owner to ensure that they are not obtaining goods that infringe on the owner's intellectual property rights.

CBP and U.S. Immigration and Customs Enforcement (ICE) officials have access to IPRiS to assist in the enforcement of intellectual property rights. IPRiS provides a central searchable database of all trademark, trade name, and copyright recordation information. IPRiS contains the same information as IPRS, but with additional fields containing confidential information submitted by the right holder, including the names of entities who have used the trademark or copyright, the country of manufacture of merchandise, images of the recorded trademark or copyright, lists of licensees, and any additional information relating to enforcement of the intellectual property right. Only CBP and ICE officials may search IPRiS.

Only a few users within CBP have access to an administrative interface to process IPRR recordations. Those authorized CBP users with administrative access process the renewals of existing trademark and copyright recordations, trade name recordations, and information about ownership changes or cancellations.

Consistent with DHS' information-sharing mission, information stored in the DHS/CBP-004-Intellectual Property Rights e-Recordation and Intellectual Property Rights Search Systems may be shared with other DHS components with a need to know the information. In addition these records may be shared with appropriate federal, state, local, tribal, territorial, foreign, or international government agencies so long as the recipient has a need to know the information to carry out functions consistent with the routine uses set forth in this system of records notice (SORN).

In addition, DHS is issuing a Notice of Proposed Rulemaking elsewhere in the Federal Register to exempt certain portions of this system of records from specific provisions of the Privacy Act. DHS is not exempting any data in IPRRSS regarding an individual's application for recordation of his or her trademark, trade name, or copyright. This system of records may contain records or information pertaining to the accounting of disclosures made from IPRRSS to other national security, law enforcement, or intelligence agencies (federal, state, local, foreign, international or tribal) in accordance with the published routine uses or statutory basis for disclosure under 5 U.S.C. 552a(b). For the accounting of these disclosures only, in accordance with 5 U.S.C. 552a(j)(2), DHS will claim exemptions for these records or information. In addition, the system may contain records or information pertaining to individuals who may have used an intellectual property right without the owner's authorization. For information or records pertaining to the unauthorized use of intellectual property rights, in accordance with 5 U.S.C. 552a(k)(2), DHS will claim exemptions for these records or information.

This newly established system of records will be included in DHS's inventory of record systems.

II. Privacy Act

The Privacy Act embodies fair information practice principles in a statutory framework governing the means by which the federal government collects, maintains, uses, and disseminates personally identifiable information. The Privacy Act applies to information that is maintained in a “system of records.” A “system of records” is a group of any records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. In the Privacy Act, an individual is defined to encompass U.S. citizens and lawful permanent residents. As a matter of policy, DHS extends administrative Privacy Act protections to all persons, regardless of citizenship, where systems of records maintain information on U.S. citizens, lawful permanent residents, and visitors.

Below is the description of the DHS/CBP-004-Intellectual Property Rights e-Recordation and Search Systems, System of Records.

In accordance with 5 U.S.C. 552a(r), DHS has provided a report of this system of records to the Office of Management and Budget and to Congress.

System of Records:

DHS/CBP-004

System name:

U.S. Customs and Border Protection, Intellectual Property Rights e-Recordation and Search Systems (IPRRSS).

Security classification:

Unclassified, sensitive.

System location:

Records are maintained at the U.S. Customs and Border Protection Headquarters in Washington, DC and field offices.

Categories of individuals covered by the system:

The individuals included in the system include the owners of the trademark, trade name, or copyright; former owners of the trademark, trade name, or copyright; agents or representatives applying on behalf of the intellectual property right owners; contact persons; individuals authorized to use the trademark, trade name, or copyright; and other individuals who Start Printed Page 3017are alleged to have infringed on the trademark, trade name, or copyright. For trade names, the system may include individuals who are not associated with or related to the trade name applicant, but who have actual knowledge and state that the applicant used the trade name, that the applicant is the only one who may use the trade name, and that the trade name is not identical or confusingly similar to another trademark or trade name used in connection with the same class or kind of merchandise. See 19 CFR 133.13. For copyrights, the names of the performers in the copyrighted work may be included. The photographs may include an individual modeling the trademark or copyrighted work, or an individual depicted in the copyrighted work.

Categories of records in the system:

The categories of records in the system include, but are not limited to:

• Full name (first, middle, and last).
• Address (country, city, state and zip code).
• Telephone number.
• Fax number.
• Email address.
• Citizenship.
• Relationship to trademark, copyright, or trade name owner.
• USPTO or U.S. Copyright Office registration number.
• Description of registered trademark or registered copyright.
• Date of issuance of trademark or copyright registration.
• Country of manufacture of goods bearing the genuine trademark, or genuine copies or phonorecords of the protected work.
• Names of all parties authorized to use the trademark, trade name, or copyright, and the nature of the relationship to the owner.
• Names of any parties, foreign or domestic, who use or claim the trademark, trade name, or copyright, and a description of those uses or claims.
• Filing date of trademark registration.
• If the trademark being registered is a standard character mark.
• Date of expiration of the USPTO registration.
• Supplemental information concerning the trademark (e.g., type of mark or design code category).
• International class of goods covered by the USPTO registration and the specific products entitled to protection.
• Title of copyrighted work.
• Foreign title of the copyrighted work.
• IPRR tracking number.
• Pay.gov payment tracking number.
• Up to five digital images of the protected mark or copyrighted work.

Authority for maintenance of the system:

The authority for this system derives from section 42 of the Lanham Act (Trademark Act of 1946), as amended, 15 U.S.C. 1124; sections 101 and 602 through 603 of the Copyright Act of 1976, as amended, 17 U.S.C. 101, 602-603; and sections 526, 595a, and 624 of the Tariff Act of 1930, as amended, 19 U.S.C. 1526, 1595a, and 1624; the Independent Offices Appropriations Act, 1952, 31 U.S.C. 9701; and regulations at 19 CFR 133.3, 133.13, and 133.33.

Purpose(s):

The purpose of this system is to collect and maintain information on valid trademarks, trade names, and copyrights, to enable CBP officials to identify at the border merchandise that infringes on registered trademarks, registered copyrights, or trade names. IPRRSS collection encompasses three separate systems. The Intellectual Property Rights e-Recordation (IPRR) system allows intellectual property owners to submit applications for trademark and copyright recordations. The IPRR system shares information with two other CBP intellectual property search systems: The public Intellectual Property Rights Search (IPRS) system, and the Intellectual Property Rights Internal Search (IPRiS) system. IPRS provides a web-based search engine for the public to research trademark, trade name, and copyright recordations. IPRiS is used to assist CBP and Immigration and Customs Enforcement (ICE) in enforcing copyrights, trademarks, and trade names.

The Pay.gov tracking number (associated with the payment information provided to Pay.gov and stored in DHS/CBP-003 Credit/Debit Card Data System (CDCDS)) will be used to process application fees and to reconcile issues regarding payment between CDCDS and Pay.gov. Payment information, such as credit card numbers or account information, will not be used for determining recordation in IPRS or IPRiS, and is stored in a separate system (CDCDS) from the IPRR application data.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DHS as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

A. To the Department of Justice (DOJ), including U.S. Attorney Offices, or other federal agency conducting litigation or in proceedings before any court, adjudicative or administrative body, when it is necessary or relevant to the litigation and one of the following is a party to the litigation or has an interest in such litigation:

1. DHS or any component thereof;

2. Any employee of DHS in his/her official capacity;

3. Any employee of DHS in his/her individual capacity where DOJ or DHS has agreed to represent the employee; or

4. The United States or any agency thereof.

B. To a congressional office from the record of an individual in response to an inquiry from that congressional office made pursuant to a written Privacy Act waiver at the request of the individual to whom the record pertains.

C. To the National Archives and Records Administration (NARA) or General Services Administration pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906.

D. To an agency or organization for the purpose of performing audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function.

E. To appropriate agencies, entities, and persons when:

1. DHS suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised;

2. DHS has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by DHS or another agency or entity) or harm to the individuals that rely upon the compromised information; and

3. The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DHS's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

F. To contractors and their agents, grantees, experts, consultants, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for DHS, when necessary to accomplish an agency function related to this system of records. Individuals provided Start Printed Page 3018information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to DHS officers and employees.

G. To appropriate federal, state, tribal, local, or foreign governmental agencies or multilateral governmental organizations responsible for investigating or prosecuting the violations of, or for enforcing or implementing, a statute, rule, regulation, order, or license, where CBP believes the information would assist enforcement of applicable civil or criminal laws.

H. To the U.S. Copyright Office or U.S. Patent and Trademark Office, to confirm that the applicant has a registered copyright or a registered trademark.

I. To Pay.gov, for payment processing and payment reconciliation purposes.

J. To members of the public, through IPRS, a portion of the intellectual property rights information, such as the name, address, and phone number of the intellectual property right owner and the owner's representative; and a description of the recorded trademark, trade name, or copyright. The intellectual property right owner consents to disclosing this portion of information in IPRS upon application for recordation, and the public information in IPRS does not include trade secrets, business proprietary information, or information about enforcement.

K. To the news media and the public, with the approval of the Chief Privacy Officer in consultation with counsel, when there exists a legitimate public interest in the disclosure of the information or when disclosure is necessary to preserve confidence in the integrity of DHS or is necessary to demonstrate the accountability of DHS's officers, employees, or individuals covered by the system, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy.

Disclosure to consumer reporting agencies:

None.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

Records in this system are stored electronically or on paper in secure facilities in a locked drawer behind a locked door. The records are stored on magnetic disc, tape, digital media, and CD-ROM.

Retrievability:

Authorized CBP officials may retrieve information in IPRiS by the data elements supplied by the applicant. The public may search the non-confidential records in IPRS by keyword and Boolean operators, and may limit the search by title, product, description, owner, contact name, firm name, recordation number, or agency registration number; the public may also filter the search by trademarks, copyrights, trade names, exclusion orders, or whether the recordation has expired.

Safeguards:

Records in this system are safeguarded in accordance with applicable rules and policies, including all applicable DHS automated systems security and access policies. Strict controls have been imposed to minimize the risk of compromising the information that is being stored. Access to the computer system containing the records in this system is limited to those individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances or permissions.

Retention and disposal:

CBP will retain expired recordations, which have not been renewed, for seven years after the date of expiration. NARA guidelines for retention and archiving of data will apply to IPRR, IPRS, and IPRiS; CBP is in negotiation with NARA for approval of the IPRRSS data retention and archiving plan.

Payment information is not stored in IPRR, IPRiS or IPRS, but is forwarded to Pay.gov and stored in CBP's financial processing system, CDCDS, pursuant to the DHS/CBP-003, CDCDS system of records notice.

System Manager and address:

Director, Office of Automated Systems, U.S. Customs and Border Protection, 1300 Pennsylvania Avenue NW., Washington, DC 20229.

Notification procedure:

The Secretary of Homeland Security has exempted portions of this system of records from the notification, access, and amendment procedures of the Privacy Act because the records may be used for law enforcement purposes. No exemption shall be asserted with respect to information maintained in the systems as it relates to data submitted by or on behalf of the owner of the trademark, trade name, or copyright, except with respect to information about individuals who are alleged to have infringed on the trademark, trade name, or copyright. DHS/CBP will consider individual requests to determine whether or not information may be released. Thus, individuals seeking notification of and access to any record contained in this system of records, or seeking to contest its content, may submit a request in writing to the CBP FOIA Officer whose contact information can be found at http://www.dhs.gov/​foia under “contacts.” If an individual believes more than one component maintains Privacy Act records concerning him or her the individual may submit the request to the Chief Privacy Officer and Chief Freedom of Information Act Officer, Department of Homeland Security, 245 Murray Drive SW., Building 410, STOP-0655, Washington, DC 20528.

When seeking records about yourself from this system of records or any other Departmental system of records your request must conform with the Privacy Act regulations set forth in 6 CFR part 5. You must first verify your identity, meaning that you must provide your full name, current address and date and place of birth. You must sign your request, and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. While no specific form is required, you may obtain forms for this purpose from the Chief Privacy Officer and Chief Freedom of Information Act Officer, http://www.dhs.gov or 1-866-431-0486. In addition you should:

• Explain why you believe the Department would have information on you;
• Identify which component(s) of the Department you believe may have the information about you;
• Specify when you believe the records would have been created; and
• Provide any other information that will help the FOIA staff determine which DHS component agency may have responsive records.

If your request seeks records pertaining to another living individual, you must also include a statement from that individual certifying his/her agreement for you to access his/her records. Without the information specified above, the component(s) may not be able to conduct an effective search, and your request may be denied due to lack of specificity or lack of compliance with applicable regulations.

Record access procedures:

See “Notification procedure” above.Start Printed Page 3019

Contesting record procedures:

See “Notification procedure” above.

Record source categories:

Records are obtained primarily from the individual submitting the application for recordation of the trademark, trade name, or copyright. If the applicant provides a registered trademark number, the USPTO Web site will provide automatically supplemental information concerning the trademark, the USPTO registration number, the international class of goods covered by the registration and the specific products entitled to protection, the date the owner filed the registration application, and the date it issued the trademark registration. If the applicant provides a registered copyright, the U.S. Copyright Office Web site will provide automatically the title of the copyrighted work, the U.S. Copyright Office registration number, the date it issued the copyright registration, and the name of the copyright owner.

Exemptions claimed for the system:

CBP will not assert any exemptions with respect to information in the systems submitted by the intellectual property right owner or the owner's representative, except with respect to information about individuals who are alleged to have infringed on the trademark, trade name, or copyright. Information in the system pertaining to persons alleged to have infringed on an intellectual property right may be shared with national security, law enforcement, or intelligence agencies pursuant to the above routine uses. The Privacy Act requires DHS to maintain an accounting of the disclosures made pursuant to all routines uses. Disclosing the fact that national security, law enforcement or intelligence agencies have sought particular records may affect ongoing national security, law enforcement, or intelligence activity. As such, pursuant to 5 U.S.C. 552a(j)(2), DHS will claim exemption from subsections (c)(3), (e)(8), and (g) of the Privacy Act of 1974, as amended, as necessary and appropriate to protect this information. In addition, because the system may contain information or records about the unauthorized use of intellectual property rights and disclosure of that information could impede law enforcement investigations, DHS will claim, pursuant to 5 U.S.C. 552a(k)(2), exemption from subsections (c)(3), (d), (e)(1), (e)(4)(G), (e)(4)(H), (e)(4)(I), and (f) of the Privacy Act of 1974, as necessary and appropriate to protect this information.