Privacy Act of 1974: Implementation of Exemptions; Department of Homeland Security/National Protection and Programs Directorate-002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records

Federal Register, Volume 79 Issue 98 (Wednesday, May 21, 2014)

Federal Register Volume 79, Number 98 (Wednesday, May 21, 2014)

Rules and Regulations

Pages 29072-29074

From the Federal Register Online via the Government Printing Office www.gpo.gov

FR Doc No: 2014-11433

=======================================================================

-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

6 CFR Part 5

Docket No. DHS-2011-0033

Privacy Act of 1974: Implementation of Exemptions; Department of Homeland Security/National Protection and Programs Directorate--002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records

AGENCY: Privacy Office, DHS.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Department of Homeland Security is issuing a final rule to amend its regulations to exempt portions of a newly established system of records titled, ``Department of Homeland Security/National Protection and Programs Directorate--002 Chemical Facility Anti-

Terrorism Standards Personnel Surety Program System of Records'' from certain provisions of the Privacy Act. Specifically, the Department exempts portions of the ``Department of Homeland Security/National Protection and Programs Directorate--002 Chemical Facility Anti-

Terrorism Standards Personnel Surety Program System of Records'' from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements.

DATES: Effective Date: This final rule is effective May 21, 2014.

FOR FURTHER INFORMATION CONTACT: For general questions please contact: Emily Andrew (703) 235-2182, Senior Privacy Officer, National Protection and Programs Directorate, Department of Homeland Security, Washington, DC 20528. For privacy issues please contact: Karen L. Neuman (202) 343-1717, Chief Privacy Officer, Privacy Office, Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

Background

The Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) published a notice of proposed rulemaking in the Federal Register, 76 FR 34616, on June 14, 2011, proposing to exempt portions of the system of records from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements. The system of records is the DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records. The DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program system of records notice (SORN) was published concurrently in the Federal Register, 76 FR 34732, June 14, 2011, and comments were invited on both the notice of proposed rulemaking (NPRM) and SORN.

Public Comments

DHS received three comments on the NPRM and one comment on the SORN. Comments on the NPRM and the SORN are outlined below, followed by the Department's responses.

DHS also received a comment in the public docket for the SORN (Document DHS-2011-0032-0003), which addressed the Chemical Facility Anti-Terrorism Standards (CFATS) Personnel Surety Program Information Collection Request (Docket DHS-2009-0026) and other aspects of the Personnel Surety Program, but did not address the SORN, the NPRM, or privacy issues. DHS reviewed that comment, and responded to it in a Federal Register notice, 78 FR 17680, March 22, 2013.

NPRM

Comment: One commenter suggested that the Department did not make ``a good faith effort to provide the public with specific reasons or requirements'' to justify Privacy Act exemptions. For this reason the commenter opposed DHS's proposed exemptions.

Response: The Department believes that it provided adequate justification to support the Privacy Act exemptions described in the NPRM. These exemptions are needed to protect the information (i.e., categories of records) listed in the SORN from disclosure to subjects or others related to the vetting activities described in the SORN. Specifically, the exemptions are required to preclude subjects of the CFATS Personnel Surety Program's vetting activities from frustrating these vetting activities; to avoid disclosure of vetting activity techniques; to protect the identities and physical safety of confidential informants and law enforcement personnel; to ensure the Department's ability to obtain information from third parties and other sources; to protect the privacy of third parties; to safeguard classified information; to safeguard records; and for other reasons discussed in the NPRM. Disclosure of information about persons vetted under the CFATS Personnel Surety Program to those persons could also permit them to avoid detection or apprehension. The exemptions proposed here are standard law enforcement and national security exemptions exercised by a large number of Federal law enforcement and intelligence agencies.

Comment: A commenter is pleased that third-party individuals may be designated to act on behalf of facilities as ``Submitters'' under the CFATS Personnel Surety Program, and seeks clarification on how this will be accomplished. Specifically, the commenter sought clarification from DHS on two points: (a) ``any security or information protection requirements that may be required to serve as a `Submitter' in light of the potential Privacy Act exemption DHS currently seeks and may receive''; and (b) the mechanics of ``how, specifically, authorized third parties will serve as a facility's agent for elements of TSDB compliance.''

Response: The Department does not currently envision any additional or new security or information protection

Page 29073

requirements that will apply to Submitters in light of the Privacy Act exemptions that are the subject of this rulemaking. The Department will publish a user manual when the CFATS Personnel Surety Program is implemented, discussing how different users can access and use the Web portal that the Department intends to establish for the CFATS Personnel Surety Program.

Comment: A commenter stated that the Department's proposal does ``comply with the Privacy Act or follow the corresponding lawful and reasonable exemptions provided in this case by the corresponding Department of Homeland Security Appropriations Act of 2007.'' The commenter also expressed concerns relating to: (a) The length of time it will take the government to conduct screening, and the number of government entities involved in screening; (b) the scope of information being requested and the resulting burden on high-risk chemical facilities; and (c) the duplication involved for those individuals who have already been vetted against the Terrorist Screening Database (TSDB) as part of other government screening programs. The commenter was in favor of the proposed exemptions from portions of the Privacy Act.

Response: The commenter's concerns about the screening procedure, the scope of information requested, and duplicative screening efforts and recommendations are outside the scope of the SORN and this Privacy Act exemptions rulemaking. Nevertheless, the Department addressed the commenter's other concerns in a Federal Register notice that solicited comments about the CFATS Personnel Surety Program Information Collection Request, 78 FR 17680, March 22, 2013.

SORN

Comment: One commenter asked whether or not individuals with national security clearances, individuals with access to restricted areas under the U.S. Army's Chemical Personnel Reliability Program (CPRP), or individuals processed by ``the DHS suitability program'' could be exempted from the TSDB vetting requirements of the Personnel Surety Program.

Response: Whether an individual (or category of individuals) could be exempted from the CFATS Personnel Surety Program is not within the scope of the SORN or this Privacy Act exemptions rulemaking. DHS's responses to comments in this document are limited to addressing the SORN for the Personnel Surety Program, and to Privacy Act exemptions related to the collection and disclosure of information under the Personnel Surety Program Systems of Records.

After considering public comments, the Department will implement the rulemaking as proposed.

List of Subjects in 6 CFR Part 5

Freedom of information; Privacy.

For the reasons stated in the preamble, Chapter I of Title 6, Code of Federal Regulations, is amended as follows:

PART 5--DISCLOSURE OF RECORDS AND INFORMATION

0

1. The authority citation for part 5 continues to read as follows:

Authority: 6 U.S.C. 101 et seq.; Pub. L. 107-296, 116 Stat. 2135; 5 U.S.C. 301. Subpart A also issued under 5 U.S.C. 552. Subpart B also issued under 5 U.S.C. 552a.

0

2. Add at the end of Appendix C to part 5, the following new paragraph ``73'':

Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy Act

* * * * *

73. The DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records consists of electronic and paper records and will be used by DHS and its components. The DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records is a repository of information held by DHS in connection with its several and varied missions and functions, including, but not limited to the enforcement of civil and criminal laws; investigations, inquiries, and proceedings thereunder; and national security and intelligence activities. The DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records contains information that is collected by, on behalf of, in support of, or in cooperation with DHS and its components and may contain personally identifiable information collected by other federal, state, local, tribal, foreign, or international government agencies. The Secretary of Homeland Security has exempted this system from the following provisions of the Privacy Act, subject to limitations set forth therein: 5 U.S.C. 552a(c)(3); (d); (e)(1), (e)(4)(G), (e)(4)(H), (e)(4)(I); and (f). These exemptions are made pursuant to 5 U.S.C. 552a(k)(1) and (k)(2).

In addition to records under the control of DHS, the DHS/NPPD--

002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records may include records originating from systems of records of other law enforcement and intelligence agencies, which may be exempt from certain provisions of the Privacy Act. DHS does not, however, assert exemption from any provisions of the Privacy Act with respect to information submitted by high-risk chemical facilities.

To the extent the DHS/NPPD--002 Chemical Facility Anti-Terrorism Standards Personnel Surety Program System of Records contains records originating from other systems of records, DHS will rely on the exemptions claimed for those records in the originating systems of records. Exemptions from these particular subsections are justified, on a case-by-case basis to be determined at the time a request is made, for the following reasons:

(a) From subsection (c)(3) (Accounting for Disclosures) because release of the accounting of disclosures could alert the subject of an investigation of an actual or potential criminal, civil, or regulatory violation to the existence of that investigation and reveal investigative interest, on the part of DHS as well as the recipient agency. Disclosure of the accounting would therefore present a serious impediment to law enforcement efforts and/or efforts to preserve national security. Disclosure of the accounting would also permit the individual who is the subject of a record to impede the investigation, to tamper with witnesses or evidence, and to avoid detection or apprehension, which would undermine the entire investigative process.

(b) From subsection (d) (Access to Records) because access to the records contained in this system of records could inform the subject of an investigation of an actual or potential criminal, civil, or regulatory violation to the existence of that investigation and reveal investigative interest on the part of DHS or another agency. Access to the records could permit the individual who is the subject of a record to impede the investigation, to tamper with witnesses or evidence, and to avoid detection or apprehension. Amendment of the records could interfere with ongoing investigations and law enforcement activities and would impose an unreasonable administrative burden by requiring investigations to be continually reinvestigated. In addition, permitting access and amendment to such information could disclose security-sensitive information that could be detrimental to homeland security.

(c) From subsection (e)(1) (Relevancy and Necessity of Information) because in the course of investigations into potential violations of federal law, the accuracy of information obtained or introduced occasionally may be unclear, or the information may not be strictly relevant or necessary to a specific investigation. In the interests of effective law enforcement, it is appropriate to retain all information that may aid in establishing patterns of unlawful activity.

(d) From subsections (e)(4)(G), (e)(4)(H), and (e)(4)(I) (Agency Requirements) and (f) (Agency Rules), because portions of this system are exempt from the individual access provisions of subsection (d) for the reasons noted above, and therefore DHS is not required to establish requirements, rules, or procedures with respect to such access. Providing notice to individuals with respect to existence of records pertaining to them in the system of records or otherwise setting up procedures pursuant to which individuals may access and view records pertaining to

Page 29074

themselves in the system would undermine investigative efforts and reveal the identities of witnesses, potential witnesses, and confidential informants.

Dated: May 1, 2014.

Karen L. Neuman,

Chief Privacy Officer, Department of Homeland Security.

FR Doc. 2014-11433 Filed 5-20-14; 8:45 am

BILLING CODE 9110-10-P