AGENCY:

Office of the Secretary of Defense, DoD.

ACTION:

Notice to add a new System of Records.

SUMMARY:

The Office of the Secretary of Defense proposes to add a new system of records, DPFPA 05, entitled “Computer Aided Dispatch and Records Management System (CAD/RMS)” to its inventory of record systems subject to Start Printed Page 64583the Privacy Act of 1974, as amended. This system is used to record incident details related to PFPA investigations or inquiries into incidents under PFPA jurisdiction. Records may be used to develop threat analysis products, reports, and assessments on groups and individuals that have harmed, or have attempted harm; made direct or indirect threats; have a specific interest in high ranking Office of the Secretary of Defense (OSD) personnel, the DoD workforce, or the Pentagon Facilities; or have engaged in organized criminal activity that would impact the Pentagon Facilities. These records are also used to document incident updates (if additional evidence is gathered following initial contact).

DATES:

Comments will be accepted on or before December 1, 2014. This proposed action will be effective the day following the end of the comment period unless comments are received which result in a contrary determination.

ADDRESSES:

You may submit comments, identified by docket number and title, by any of the following methods:

* Federal Rulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.

* Mail: Federal Docket Management System Office, 4800 Mark Center Drive, East Tower, 2nd Floor, Suite 02G09, Alexandria, VA 22350-3100.

Instructions: All submissions received must include the agency name and docket number for this Federal Register document. The general policy for comments and other submissions from members of the public is to make these submissions available for public viewing on the Internet at http://www.regulations.gov as they are received without change, including any personal identifiers or contact information.

FOR FURTHER INFORMATION CONTACT:

Ms. Cindy Allard, Chief, OSD/JS Privacy Office, Freedom of Information Directorate, Washington Headquarters Service, 1155 Defense Pentagon, Washington, DC 20301-1155, or by phone at (571)372-0461.

SUPPLEMENTARY INFORMATION:

The Office of the Secretary of Defense notices for systems of records subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended, have been published in the Federal Register and are available from the address in FOR FURTHER INFORMATION CONTACT or at http://dpclo.defense.gov/​. The proposed system report, as required by 5 U.S.C. 552a(r) of the Privacy Act of 1974, as amended, was submitted on July 30, 2014, to the House Committee on Oversight and Government Reform, the Senate Committee on Governmental Affairs, and the Office of Management and Budget (OMB) pursuant to paragraph 4c of Appendix I to OMB Circular No. A-130, “Federal Agency Responsibilities for Maintaining Records About Individuals,” dated February 8, 1996 (February 20, 1996, 61 FR 6427).

DPFPA 05

System name:

Computer Aided Dispatch and Records Management System (CAD/RMS).

System location:

Pentagon Force Protection Agency (PFPA), 9000 Defense Pentagon, Washington, DC 20301-9000.

Pentagon Force Protection Agency (PFPA), 4800 Mark Center Drive, Alexandria, VA 22350.

Categories of individuals covered by the system:

Individuals who have been the subject of an investigation or police inquiry into incidents occurring at the Pentagon and other facilities under the jurisdiction of PFPA.

Categories of records in the system:

Incident report contains any or all of the following: name; other names used; Social Security Number (SSN); citizenship; legal status; gender; race/ethnicity; employment (e.g., authorized access to the building or room), and education information (e.g., student ID as form of identification); military records; driver's license; other identification numbers (e.g., DoD ID number, passport); date and place of birth; home and office address; home, work, and cell phone numbers; personal email address; photos taken at the scene; personal property information (e.g., vehicle, photographic equipment); biometric information (e.g., fingerprints); handwriting samples (e.g., scans of letters written by the subject mailed to the facility); child information (e.g., in cases where a child needs to be picked up if a parent is arrested), or contact information (e.g. spouse or an adult to provide transportation/assistance, if necessary); medical information (e.g., collected during medical response calls to assist individual); emergency contact, and incident number.

Authority for maintenance of the system:

10 U.S.C. 2674, Operation and Control of Pentagon Reservation and Defense Facilities in National Capital Region; DoD Directive 5105.68, Pentagon Force Protection Agency (PFPA); Administrative Instruction (AI) 30, Force Protection on the Pentagon Reservation; and E.O. 9397 (SSN), as amended.

Purposes:

To record incident details related to PFPA investigations or inquiries into incidents under PFPA jurisdiction. Records may be used to develop threat analysis products, reports, and assessments on groups and individuals that have harmed, or have attempted harm; made direct or indirect threats; have a specific interest in high ranking Office of the Secretary of Defense (OSD) personnel, the DoD workforce, or the Pentagon Facilities; or have engaged in organized criminal activity that would impact the Pentagon Facilities. These records are also used to document incident updates (if additional evidence is gathered following initial contact).

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, as amended, the records contained herein may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

DoD Routine Use 01, Law Enforcement. If a system of records maintained by a DoD Component to carry out its functions indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or by regulation, rule, or order issued pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to the agency concerned, whether federal, state, local, or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, rule, regulation, or order issued pursuant thereto.

To insurance agencies representing an individual who has been the subject of an investigation or police inquiry into incidents occurring at the Pentagon and other facilities under the jurisdiction of PFPA.

The DoD Blanket Routine Uses set forth at the beginning of the Office of the Secretary of Defense (OSD) compilation of systems of records notices may apply to this system.Start Printed Page 64584

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

Paper records in file folders and electronic storage media.

Retrievability:

Name, SSN, date of birth, other names used, driver license, or incident number.

Safeguards:

Records are maintained in areas accessible only to PFPA law enforcement personnel who use the records to perform their duties. All records are maintained on DoD installations with security force personnel performing installation access control and random patrols. Common Access Cards (which contain the user's DoD Public Key Infrastructure Certificates) and personal identification numbers are used to authenticate authorized desktop and laptop computer users. Data in transit and at rest is encrypted and computer servers are scanned to assess system vulnerabilities. Specific firewalls are in place to control the incoming and outgoing data traffic by analyzing the data and determining whether they should be allowed through or not, based on applied rule set. User access is restricted to validated users and activity is regularly monitored. Systems security updates are accomplished on a regular basis. Records are secured in locked or guarded buildings monitored by Closed Circuit TV cameras and intrusion detection systems, locked offices (to include cipher locks), or locked cabinets during non-duty hours, with access restricted during duty hours.

Retention and disposal:

Non-criminal records are destroyed one year after case is closed.

Criminal records are cut off when a case is closed. Files are destroyed 15 years after the cut-off.

System manager(s) and address:

Deputy Director Integrated Emergency Operations Center, Pentagon Force Protection Agency (PFPA), 9000 Defense Pentagon, Washington, DC 20301-9000.

Notification procedure:

An exemption rule has been published, and this Privacy Act system of records is exempt from the notification provisions described in 5 U.S.C. 552a(d).

Record access procedures:

An exemption rule has been published, and this Privacy Act system of records is exempt from the notification provisions described in 5 U.S.C. 552a(d).

Contesting record procedures:

An exemption rule has been published, and this Privacy Act system of records is exempt from the amendment and appeal provisions described in 5 U.S.C. 552a(f).

Record source categories:

Individuals involved in, or witness to, the incident or inquiry, PFPA officers and investigators, state and local law enforcement, and Federal departments and agencies.

Exemptions claimed for the system:

This system of records is used by the Department of Defense for a law enforcement purpose (j)(2) and (k)(2), and the records contained herein are used for criminal, civil, and administrative enforcement requirements. As such, allowing individuals full exercise of the Privacy Act would compromise the existence of any criminal, civil, or administrative enforcement activity. This system of records is exempt from the following provisions of 5 U.S.C. 552a section (c)(3) and (4), (d), (e)(1) through (e)(3), (e)(4)(G) through (e)(4)(I), (e)(5), (e)(8); (f) and (g) of the Act.

An exemption rule for this system has been promulgated in accordance with requirements of 5 U.S.C. 553(b)(1), (2), and (3), (c), and (e) and published in 32 CFR part 311. For additional information contact the system manager.