[Federal Register Volume 76, Number 108 (Monday, June 6, 2011)]
[Notices]
[Pages 32355-32357]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-13364]
=======================================================================
-----------------------------------------------------------------------
BROADCASTING BOARD OF GOVERNORS
Privacy Act of 1974: New System Of Records
AGENCY: Broadcasting Board of Governors (BBG).
ACTION: Notice of a new system of records.
-----------------------------------------------------------------------
SUMMARY: BBG proposes to add a new system of records to its inventory
of records systems subject to the Privacy Act of 1974 (5 U.S.C. 522a),
as amended. The primary purposes of the system are: (a) To ensure the
safety and security of BBG facilities, systems, or information, and our
occupants and uses; (b) To verify that all persons entering federal
facilities, using federal information resources, or accessing
classified information are authorized to do so; (c) To track and
control PIV card issued to persons entering and exiting the facilities
using systems, or accessing classified information. This action is
necessary to meet the requirements of the Privacy Act to publish in the
Federal Register notice of the existence and character of records
maintained by the agency (5 U.S.C. 522a(e)(4)).
DATES: This action will be effective without further notice on July 18,
2011 unless comments are received that would result in a contrary
determination.
ADDRESSES: Send written comments to the Broadcasting Board of
Governors, Attn: Paul Kollmer, Chief Privacy Officer, 330 Independence
Avenue, Room 3349, Washington, DC 20237.
FOR FURTHER INFORMATION CONTACT: Michael Lawrence, 202-382-7779.
SUPPLEMENTARY INFORMATION: The creation of this system of records is
required to implement the Homeland Security Presidential Directive 12
(HSPD-12) mandate to create a common identification standard for all
Federal employees and contractors.
International Broadcasting Bureau.
Richard M. Lobo,
Director.
Broadcasting Board of Governors (BBG)
System of Records Notice (SORN) for Personal Identity Verification
(PIV) System
BROADCASTING BOARD OF GOVERNORS [BBG-20]
SYSTEM NAME:
M/SEC-Office of Security (Personal Identity Verification (PIV)
System).
SYSTEM LOCATION:
Broadcasting Board of Governors (BBG), 330 Independence Avenue,
SW., Washington, DC 20237.
[[Page 32356]]
SECURITY CLASSIFICATION:
None.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals who require regular, ongoing access to BBG facilities,
information technology systems, or information classified in the
interest of national security, including applicants for employment or
contracts, federal employees, contractors, and individuals formerly in
any of these positions. The system also includes individuals accused of
security violations or found in violation. The system also includes
individuals authorized to perform or use services provided in agency
facilities (e.g., Fitness Center, Cafeteria, or etc.)
The system does not apply to occasional visitors or short-term
guests to whom BBG will issue temporary identification and credentials.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records maintained on individuals issued credentials by BBG include
the following data fields: Full name; Social Security number; date of
birth; signature; image (photograph); fingerprints; hair color; eye
color; height; weight; organization/office of assignment; company name;
telephone number; copy of background investigation form; PIV card issue
and expiration dates; personal identification number (PIN); results of
background investigation; PIV request form; PIV security sponsor
approval signature; PIV card serial number; copies of documents used to
verify identification or information derived from those documents such
as document title, document issuing authority, document number,
document expiration date, document other information); computer system
user name; user access and permission rights, authentication
certificates; and digital signature information.
Records maintained on card holders entering BBG facilities or using
BBG systems include: Name, PIV Card serial number; date, time, and
location of entry and exit; company name; contain in the record but not
on the PIV card and expiration date; digital signature information;
computer networks/applications/data accessed.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301; Federal Information Security Act (Pub. L. 104-106,
sec. 5113); Electronic Government Act (Pub. L. 104-347, sec. 203); the
Paperwork Reduction Act of 1995 (44 U.S.C. 3501); and the Government
Paperwork Elimination Act (Pub. L. 105-277, 44 U.S.C. 3504); Homeland
Security Presidential Directive (HSPD) 12, Policy for a Common
Identification Standard for Federal Employees and Contractors, August
27, 2004; Federal Property and Administrative Act of 1949, as amended.
PURPOSE:
The primary purposes of the system are: (a) To ensure the safety
and security of BBG facilities, systems, or information, and our
occupants and users; (b) To verify that all persons entering federal
facilities, using federal information resources, or accessing
classified information are authorized to do so; (c) To track and
control PIV cards issued to persons entering and exiting the
facilities, using systems, or accessing classified information.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
Information about covered individuals may be disclosed without
consent as permitted by the Privacy Act of 1974, 5 U.S.C. 552a(b) the
Statement of General Routine Uses Applicable to All BBG System of
Records Files, and:
To a court or adjudicative body in a proceeding when: (a)
The agency or any component thereof; (b) any employee of the agency in
his or her official capacity; (c) any employee of the agency in his or
her individual capacity where agency or the Department of Justice has
agreed to represent the employee; or (d) the United States Government,
is a party to litigation or has an interest in such litigation, and by
careful review, the agency determines that the records are both
relevant and necessary to the litigation and the use of such records is
therefore deemed by the agency to be for a purpose that is compatible
with the purpose for which the agency collected the records.
Except as noted on Forms SF 85, 85-P, and 86, when a
record on its face, or in conjunction with other records, indicates a
violation or potential violation of law, whether civil, criminal, or
regulatory in nature, and whether arising by general statute or
particular program statute, or by regulation, rule, or order issued
pursuant thereto, disclosure may be made to the appropriate public
authority, whether Federal, foreign, State, local, or tribal, or
otherwise, responsible for enforcing, investigating or prosecuting such
violation or charged with enforcing or implementing the statute, or
rule, regulation, or order issued pursuant thereto, if the information
disclosed is relevant to any enforcement, regulatory, investigative or
prosecutorial responsibility of the receiving entity.
To a Federal State, or local agency, or other appropriate
entities or individuals, or through established liaison channels to
selected foreign governments, in order to enable an intelligence agency
to carry out its responsibilities under the National Security Act of
1947 as amended, the CIA Act of 1949 as amended, Executive Order 12333
or any successor order, applicable national security directives, or
classified implementing procedures approved by the Attorney General and
promulgated pursuant to such statutes, orders or directives.
To notify another federal agency when, or verify whether,
a PIV card is no longer valid.
DISCLOSURE TO CONSUMER REPORTING AGENCIES:
Privacy Act information may be reported to consumer reporting
agencies pursuant to 5 U.S.C. 552a(b)(12).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in electronic media or in paper files in a
secured Federal facility and a lockable storage area.
RETRIEVABILITY:
Records are retrievable by name, Social Security number, other ID
number, PIV card serial number, image (photograph), and fingerprint.
SAFEGUARDS:
Paper records are kept in a controlled area, which uses electronic
high security lock that is armed with motion detector. The motion
detector is connected to a guard station that is manned on a constant
basis. The controlled area is equipped with locked cabinets within a
Security File Room. Access to paper records is restricted to
individuals whose role requires use of the records. The computer
servers in which records are stored are located in facilities that are
secured by alarm systems and off-master key access. The computer
servers themselves are password-protected. Access by individuals
working at guard stations is password-protected; each person granted
access to the system at guard stations must be individually authorized
to use the system. A Privacy Act Warning Notice appears on the monitor
screen when records containing information on individuals are first
displayed. Data exchanged between the servers and the client PCs at the
guard stations and badging office is encrypted. Backup tapes are stored
in a locked and controlled room in a secure, off-site location.
[[Page 32357]]
An audit trail is maintained and reviewed periodically to identify
unauthorized access. Persons given roles in the PIV process must
complete training specific to their roles to ensure they are
knowledgeable about how to protect personally identifiable information.
RETENTION AND DISPOSAL:
Pursuant to GRS 18, Item 22a records used to initiate background
investigations; register and enroll individuals; manage the PIV card
lifecycle; and, verify, authenticate and revoke PIV cardholder access
to Federal resources are destroyed upon notification of death or not
later than 5 years after separation or transfer of employee or no later
than 5 years after contract relationship expires, whichever is
applicable.
Pursuant to GRS 11, Item PIV cards are destroyed three months after
they are returned to the issuing office. Pursuant to GRS 11, Item 4a
identification credentials are destroyed by cross-cut shredding no
later than 90 days after deactivation.
Pursuant to GRS 18, Item 17 registers or logs used to record names
of outside contractors, service personnel, visitors, employees admitted
to areas, and reports on automobiles and passengers for areas under
maximum security are destroyed five years after final entry or five
years after date of document, as appropriate.
Other documents pursuant to GRS 18, Item 17b are destroyed two
years after final entry or two years after date of document, as
appropriate.
SYSTEM MANAGER(S) AND ADDRESS:
Michael Lawrence, Director of Security (DAA/SAO), International
Broadcasting Bureau, 330 C Street, SW., Room 4117, Washington, DC
20237, (202) 382-7779, [email protected].
NOTIFICATION PROCEDURES:
Individuals seeking notification of and access to any record
contained in this system of records, or seeking to contest its content,
may submit a request in writing to the BBG FOIA Office, whose contact
information can be found at http://www.bbg.gov/reports/foia/. If an
individual believes more than one component maintains Privacy Act
records concerning him or her, the individual may submit the request to
the Chief FOIA Officer, Broadcasting Board of Governors, 330
Independence Avenue, SW., Room 3349, Washington, DC 20237.
When seeking records about yourself from this system of records or
any other Agency system of records your request must conform with the
Privacy Act regulations set forth in 6 CFR part 5. You must first
verify your identity, meaning that you must provide your full name,
current address and date and place of birth. You must sign your
request, and your signature must either be notarized or submitted under
28 U.S.C. 1746, a law that permits statements to be made under penalty
or perjury as a substitute for notarization. While no specific form is
required, you may obtain forms for this purpose from the BBG FOIA
Office at the address above or by calling 202-203-4550.
In addition to the requirements above, in your request you should:
--Provide an explanation of why you believe the Agency would have
information about you;
--Identify which component(s) of the Agency you believe may have
the information about you;
--Specify when you believe the records would have been created;
--Provide any other information that will help the FOIA staff
determine which BBG component agency may have responsive records;
--If your request is seeking records pertaining to another living
individual, you must include a statement from that individual
certifying his/her agreement for you to access his/her records.
Without this bulleted information the component(s) will not be able
to conduct an effective search, and your request may be denied due to
lack of specificity or lack of compliance with applicable regulations.
RECORDS ACCESS PROCEDURES:
See ``Notification Procedures'' above.
CONTESTING RECORD PROCEDURES:
See ``Notification Procedures'' above.
RECORD SOURCE CATEGORIES:
Employee, contractor, or applicant; sponsoring agency; former
sponsoring agency; other federal agencies; contract employer; former
employer.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
None.
[FR Doc. 2011-13364 Filed 6-3-11; 8:45 am]
BILLING CODE 8610-01-P