[Federal Register Volume 74, Number 133 (Tuesday, July 14, 2009)]
[Notices]
[Pages 34033-34035]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E9-16595]
-----------------------------------------------------------------------
DEPARTMENT OF THE INTERIOR
Geological Survey
Privacy Act of 1974, as Amended; Notice of a New System of
Records
AGENCY: U.S. Geological Survey, Department of the Interior.
ACTION: Notice of creation of a new system of records.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as
amended (5 U.S.C. 552a), the Department of the Interior (DOI) is
issuing a public notice of its intent to create the U.S. Geological
Survey ``Earthquake Hazards Program Earthquake Information'' system of
records. The system includes individuals' e-mail addresses, and in some
cases their name and address, for Program staff to reply to inquiries
from those individuals for dissemination of requested earthquake-
related information in real time, and for creating Web-accessible maps
of earthquake-shaking by Zip code in real time.
DATES: Comments must be received by August 24, 2009.
ADDRESSES: Any person interested in commenting on this new notice may
do so by: Submitting comments in writing to USGS Privacy Act Officer,
12201 Sunrise Valley Drive, MS807, Reston, Virginia 20192; hand-
delivering comments to 12201 Sunrise Valley Drive, Reston, Virginia
20192; or e-mailing comments to dkimball@usgs.gov. Before including
your address, phone number, e-mail address, or other personal
identifying information in your comment, you should be aware that your
entire comment--including your personal identifying information--may be
made publicly available at any time. While you can ask us in your
comment to withhold your personal identifying information from public
review, we cannot guarantee that we will be able to do so.
FOR FURTHER INFORMATION CONTACT: U.S. Geological Survey Privacy Act
Officer, Deborah Kimball, 12201 Sunrise Valley Drive, Reston, Virginia
20192 by e-mail to dkimball@usgs.gov, or by phone at (703) 648-7158.
SUPPLEMENTARY INFORMATION: U.S. Geological Survey maintains the
Earthquake Hazards Program Earthquake Information system of records.
The purpose of this system is to make earthquake information available
to members of the public who request to participate in exchanges of
earthquake information by e-mail notification, Web site publications,
and real-time data pushes/pulls to clients. The new system will be
effective as proposed at the end of the comment period (the comment
period will end 40 days after the publication of this notice in the
Federal Register), unless comments are received which would require a
contrary determination. DOI will publish a revised notice if changes
are made based upon a review of the comments received.
Deborah Kimball,
USGS Privacy Act Officer.
USGS-2
SYSTEM NAME:
``Earthquake Hazards Program Earthquake Information'', USGS-2.
SYSTEM LOCATION(S):
USGS Geologic Hazards Team, 1711 Illinois St, Golden, CO 80401.
Denver Federal Center, Building 53, Lakewood, CO 80225.
USGS Earthquake Hazards Team, 345 Middlefield Rd., Menlo Park, CA
94025.
USGS Pasadena Field Office, 525 S. Wilson Ave., Pasadena, CA 91106.
EROS Data Center, 47914 252nd St., Sioux Falls, SD 57198.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
(1) Individuals who have requested information from the Earthquake
Hazards Program (EHP) or have reported a Web site problem to the EHP
Web Team. (2) Individuals who have signed up to receive e-mail
announcements from various projects within the EHP. (3) Individuals who
have subscribed to the Earthquake Notification Service. (4) Individuals
who have entered data in the citizen science system(s).
CATEGORIES OF RECORDS IN THE SYSTEM:
The information retained in the system contains the following
information from the individuals covered by the system: e-mail address,
in some cases login id, login password, username, and non-mandatory
data that may include the name, affiliation, phone number, and postal
address.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
This system of records is maintained under the authority of NEHRP
(National Earthquake Hazards Reduction Program), established by
Congress in 1977 (Pub. L. 95-124) and the Advanced National Seismic
System (Pub. L. 106-503 and Pub. L. 108-360).
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
The primary purposes of the records is: To make earthquake
information available to members of the public who request to
participate in exchanges of earthquake information by e-mail
notification, Web site publications, and real-time data pushes/pulls to
clients.
DISCLOSURES OUTSIDE DOI MAY BE MADE WITHOUT THE CONSENT OF THE
INDIVIDUAL TO WHOM THE RECORD PERTAINS UNDER THE ROUTINE USES LISTED
BELOW:
(1)(a) To any of the following entities or individuals, when the
circumstances set forth in paragraph (b) are met:
(i) The U.S. Department of Justice (DOJ);
(ii) A court or an adjudicative or other administrative body;
(iii) A part in litigation before a court or an adjudicative or
other administrative body; or
(iv) Any DOI employee acting in his or her individual capacity if
DOI or DOJ has agreed to represent that employee or pay for private
representation of the employee;
(b) When:
(i) One of the following is a party to the proceeding or has an
interest in the proceeding:
(A) DOI or any component of DOI;
(B) Any other Federal agency appearing before the Office of
Hearings and Appeals;
(C) Any DOI employee acting in his or her official capacity;
(D) Any DOI employee acting in his or her individual capacity if
DOI or DOJ has agreed to represent that employee or pay for private
representation of the employee;
(E) The United States, when DOJ determines that DOI is likely to be
affected by the proceeding; and
(ii) DOI deems the disclosure to be:
(A) Relevant and necessary to the proceeding; and
(B) Compatible with the purpose for which the records were
compiled.
(2) To a congressional office in response to a written inquiry that
an individual covered by the system, or the heir of such individual if
the covered individual is deceased, has made to the office.
(3) To any criminal, civil, or regulatory law enforcement authority
(whether Federal, State, territorial, local, Tribal or foreign) when a
record, either alone or in conjunction with other information,
indicates a violation or
[[Page 34034]]
potential violation of law--criminal, civil, or regulatory in nature,
and the disclosure is compatible with the purpose for which the records
were compiled.
(4) To an official of another Federal agency to provide information
needed in the performance of official duties related to reconciling or
reconstructing data files or to enable that agency to respond to an
inquiry by the individual to whom the record pertains.
(5) To Federal, State, territorial, local, Tribal, or foreign
agencies that have requested information relevant or necessary to the
hiring, firing or retention of an employee or contractor, or the
issuance of a security clearance, license, contract, grant or other
benefit, when the disclosure is compatible with the purpose for which
the records were compiled.
(6) To representatives of the National Archives and Records
Administration to conduct records management inspections under the
authority of 44 U.S.C. 2904 and 2906.
(7) To State and local governments and Tribal organizations to
provide information needed in response to court order and/or discovery
purposes related to litigation, when the disclosure is compatible with
the purpose for which the records were compiled.
(8) To an expert, consultant, or contractor (including employees of
the contractor) of DOI that performs services requiring access to these
records on DOI's behalf to carry out the purposes of the system.
(9) To appropriate agencies, entities, and persons when:
(a) It is suspected or confirmed that the security or
confidentiality of information in the system of records has been
compromised; and
(b) The Department has determined that as a result of the suspected
or confirmed compromise there is a risk of harm to economic or property
interest, identity theft or fraud, or harm to the security or integrity
of this system or other systems or programs (whether maintained by the
Department or another agency or entity) that rely upon the compromised
information; and
(c) The disclosure is made to such agencies, entities and persons
who are reasonably necessary to assist in connection with the
Department's efforts to respond to the suspected or confirmed
compromise and prevent, minimize, or remedy such harm.
(10) To the Office of Management and Budget during the coordination
and clearance process in connection with legislative affairs as
mandated by OMB Circular A-19.
(11) To the Department of the Treasury to recover debts owed to the
United States.
(12) To the news media when the disclosure is compatible with the
purpose for which the records were compiled.
(13) To a consumer reporting agency if the disclosure requirements
of the Debt Collection Act, as outlined at 31 U.S.C. 3711(e)(1), have
been met.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
All records are maintained in a relational MySQL database stored on
hard disk on each of the Web servers in Golden, CO; Denver, CO; Menlo
Park, CA; Pasadena, CA; Sioux Falls, SD, and backed up on magnetic
tape. Electronic requests sent to the ``Web Team'' e-mail contact
designated in the footer of every Web page on the Earthquake Hazards
Program Web site, which contains the return e-mail address of the
inquirer, are deleted as soon as a response to the inquiry is sent to
the inquirer.
RETRIEVABILITY:
All data in the database can be accessed by the database
administrators by any mandatory field, which includes e-mail address or
account name.
SAFEGUARDS:
(1) Physical Security: The systems are physically housed in
Government offices consisting of locked rooms with floor to ceiling
walls. Access is granted through a proximity card system. Backup tapes
are stored at the Denver Federal Center in Building 25 in Room 1860,
with access granted through a proximity card system, and in Menlo Park
Building 11 and 3, with access granted through a proximity card system.
(2) Technical Security: Electronic records are maintained in
conformity with Office of Management and Budget, National Institute of
Standards Technology and Departmental requirements reflecting the
implementation of the Federal Information Security Management Act.
Electronic data is protected through user identification, passwords,
database permissions, a Privacy Act Warning, and software controls.
These security measures establish different degrees of access for
different types of users. The security controls protecting these
databases are implemented in a hierarchical manner. The top layer is
the Department of the Interior's Enterprise Services Network (ESN)
security infrastructure which includes firewalls maintained in
accordance with Department of Interior standards, Active-Scout
Intrusion Detection, and a Juniper Intrusion Detection and Prevention
(IDP) system. Additional security methods are implemented at each site:
Firewalls, SSH, TCPwrappers, and Microsoft Active Directory. In
addition to the layers of security described above, database access is
controlled by restricted access to http://usgs.gov domains and by IP
address, system user authentication, database access (table and row
level) via grants, and specific database-table access by user account
restrictions. Privacy information sent via the Internet is encrypted by
SSL. The Security Plan addresses the Department's Privacy Act safeguard
requirements for Privacy Act systems at 43 CFR 2.51. A Privacy Impact
Assessment was completed to ensure that Privacy Act requirements and
safeguards are sufficient and in place. Its provisions will be updated
as needed to ensure that Privacy Act requirements continue to be met.
(3) Administrative Security: Access is strictly limited to
authorized personnel whose official duties require such access. All
Departmental and contractor employees with access to the records are
required to complete Privacy Act, Federal Records Act, and Information
Technology Security Awareness training prior to being given access to
the system, and on an annual basis, thereafter. All users sign security
forms stating they will neither misuse government computers nor the
information contained therein. In addition, managers and supervisors of
users monitor the use of the database and ensure that the information
is used in accordance with certified and accredited business practices.
RETENTION AND DISPOSAL:
The records in the system are retained and disposed of in
accordance with National Archives and Records Administration procedures
and General Records Schedule 308-01 and 310-01.
SYSTEM MANAGER AND ADDRESS:
ANSS Manager, USGS-GD-GHT, DFC P.O. Box 25046 MS-966, Denver, CO
80225.
NOTIFICATION PROCEDURES:
An individual requesting notification of the existence of records
on himself or herself should send a signed, written inquiry to the
Systems Manager identified above. The request envelope and letter
should both be clearly marked ``PRIVACY ACT INQUIRY.'' A request for
notification must meet the requirements of 43 CFR 2.60.
[[Page 34035]]
RECORDS ACCESS PROCEDURES:
An individual requesting records on himself or herself should send
a signed, written inquiry to the System Manager identified above. The
request should describe the records sought as specifically as possible.
The request envelopes and letter should both be clearly marked
``PRIVACY ACT REQUEST FOR ACCESS.'' A request for access must meet the
requirements of 43 CFR 2.63.
CONTESTING RECORD PROCEDURES:
An individual requesting corrections or the removal of material
from his or her records should send a signed, written request to the
System Manager identified above. A request for corrections or removal
must meet the requirements of 43 CFR 2.71.
RECORD SOURCE CATEGORIES:
Information in this system is obtained from the individuals who
access the Earthquake Hazards Program Web site and fill out one of the
forms either to provide information or to request information.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
None.
[FR Doc. E9-16595 Filed 7-13-09; 8:45 am]
BILLING CODE 4311-AM-P