Privacy Act Exemptions

SUPPLEMENTARY INFORMATION:

Background

On August 9, 2023, the President issued Executive Order 14105, 88 FR 54867 (the Outbound Order), which declares a national emergency to address the threat to the United States posed by countries of concern, which seek to develop and exploit sensitive technologies or products critical for military, intelligence, surveillance, or cyber-enabled capabilities. Among other things, the Outbound Order directs the Secretary of the Treasury to issue regulations that require U.S. persons to provide notification of information to the Department of the Treasury (Treasury) regarding certain transactions involving a person of a country of concern that is engaged in certain activities involving covered national security technologies and products that may contribute to the threat to the national security of the United States as identified under the Order. The Outbound Order also directs the Secretary of the Treasury to issue regulations that prohibit certain transactions by a U.S. person involving a person of a country of concern that is engaged in certain activities involving covered national security technologies and products that pose a particularly acute national security threat to the United States. The Outbound Order authorizes the Secretary of the Treasury to exempt from applicable prohibitions or notification requirements any transaction or transactions determined to be in the national interest of the United States. On August 9, 2023, Treasury issued an advance notice of proposed rulemaking, 88 FR 54961 (published August 14, 2023), to explain initial considerations and seek public comment on implementation of the Order.

On June 21, 2024, Treasury issued a notice of proposed rulemaking (NPRM) to seek public comment on the proposed rule, 89 FR 55846 (published July 5, 2024). Treasury intends to require U.S. persons to provide notification of certain transactions under its implementing regulations. This information would include relevant details on the U.S. person(s) involved in the transaction as well as information on the transaction and the foreign person(s) involved. These notifications would increase the U.S. Government's visibility into transactions by U.S. persons or their controlled foreign entities and involving technologies and products relevant to the threat to the national security of the United States due to the policies and actions of countries of concern. These notifications would also be helpful in highlighting aggregate sector trends and related capital flows as well as informing future policy development. Treasury also intends to require any U.S. person seeking a national interest exemption for a particular transaction to submit information to Treasury regarding the scope of that transaction including, as applicable, the information that would be required for a notification under the implementing regulations. These transactions are the subject of this document.

In a systems of records notice published elsewhere in this issue of the Federal Register , Treasury's Departmental Offices is proposing to establish a system of records for information collected in connection with the implementation of the Order.

Privacy Act

Treasury, Departmental Offices is hereby giving notice of a proposed rule to exempt the Outbound Investment Security Program Notification System from certain provisions of the Privacy Act pursuant to 5 U.S.C. 552a(k)(1) and (k)(2) and the authority vested in the Secretary of the Treasury by 31 CFR 1.23(c).

Under 5 U.S.C. 552a(k)(1), the head of a Federal agency may promulgate rules to exempt a system of records from certain provisions of 5 U.S.C. 552a if the system of records is subject to the exemption contained in section 552(b)(1) of this title. (Freedom of Information Act, exemption (b)(1) protects from disclosure information that has been deemed classified “under criteria established by an Executive order to be kept secret in the interest of national defense or foreign policy” and is “in fact properly classified pursuant to such Executive order.”)

Under 5 U.S.C. 552a(k)(2), the head of a Federal agency may promulgate rules to exempt a system of records from certain provisions of 5 U.S.C. 552a if the system of records contains investigatory materials compiled for law enforcement purposes that are not within the scope of subsection (j)(2) of the Privacy Act (which applies to agencies and components thereof that perform as their principal function any activity pertaining to the enforcement of criminal laws).

To the extent that this system of records contains classified information protected by 5 U.S.C. 552a(k)(1) or investigatory materials compiled for law enforcement purposes protected by 5 U.S.C. 552a(k)(2), Treasury proposes to exempt the following system of records from various provisions of the Privacy Act:

DO .413—Outbound Investment Security Program Notification System

Under 5 U.S.C. 552a(k)(1) and (k)(2), Treasury proposes that certain records in the above-referenced system of records be exempt from 5 U.S.C. 552a(c)(3), (d)(1) through (4), (e)(1), (e)(4)(G) through (I), and (f) of the Privacy Act. See 31 CFR 1.36.

The following are the reasons why the classified records and investigatory materials contained in the above-referenced system of records may be exempted from various provisions of the Privacy Act pursuant to 5 U.S.C. 552a(k)(1) and (2).

1. 5 U.S.C. 552a(c)(3) requires an agency to make any accounting of disclosures of records required by 5 U.S.C. 552a(c)(1) available to the individual named in the record upon his or her request. Exemption from this requirement is appropriate because release of the accounting of disclosures of the records in this system could alert individuals whether they have been identified as the subject of an analysis related to the national security interests of the United States, to the existence of the analysis, and reveal the interest on the part of Treasury as well as the recipient agency. Disclosure of the accounting would present a serious impediment to efforts to protect national security interests by giving individuals an opportunity to learn whether they have been identified as subjects of a national security-related analysis. As further described in the following paragraph, access to such knowledge would impair Treasury's ability to carry out its mission, since individuals could:

i. Take steps to avoid analysis;

ii. Inform associates that a national security analysis is in progress;

iii. Learn the nature of the national security analysis;

iv. Learn the scope of the national security analysis;

v. Begin, continue, or resume conduct that may pose a threat to national security upon inferring they may not be part of a national security analysis because their records were not disclosed; or

vi. Destroy information relevant to the national security analysis.

2. 5 U.S.C. 552a(d)(1) through (4) grant individuals access to records containing information about them and permit them to request amendment of a record pertaining to them and require the agency either to amend the record or note the disputed portion of the record and, if the agency refuses to amend the record, to provide a copy of the individual's statement of disagreement with the agency's refusal, to persons or other agencies to whom the record is thereafter disclosed. Exemption from this requirement is appropriate because access to a portion of the records contained in this system of records could inform individuals whether they have been identified as the subject of an analysis related to the national security interests of the United States, to the existence of the analysis and reveal the interest on the part of Treasury or another agency. Access to the records would present a serious impediment to efforts to protect national security interests by permitting the individual who is the subject of a record to learn whether they have been identified as a subject of a national security-related analysis. Access to such knowledge would impair Treasury's ability to carry out its mission, since individuals could take steps to impede the analysis and avoid detection, including the steps described in paragraphs 1.i. through vi. of this section. Amendment of the records would interfere with ongoing analysis and impose an impossible administrative burden. The information contained in the system may also include classified information, the release of which would pose a threat to the national security of the United States. In addition, permitting access and amendment to such information could disclose sensitive security information that could be detrimental to Treasury.

3. 5 U.S.C. 552a(e)(1) requires an agency to maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or Executive order. Exemption from this requirement is appropriate because what information is relevant and necessary may not always be apparent at the time of collection. In the interests of national security, it is appropriate to include a broad range of information that may aid in identifying and assessing the nature and scope of national security threats to the United States. Additionally, the accuracy of information obtained or introduced occasionally may be unclear, or the information may not be strictly relevant or necessary to a specific analysis. In the interests of national security, it is appropriate to retain all information that may aid in establishing patterns of suspicious activity.

4. 5 U.S.C. 552a(e)(4)(G) throuh (I) and 5 U.S.C. 552a(f) require an agency to publish the agency procedures whereby individuals can be notified if the system of records pertains to them, how they can gain access to any record pertaining to them in the system of records and contest its content, and the categories of sources of records in the system. Exemption from these requirements is appropriate because, as noted above, this system is exempt from the access and amendment provisions of subsection (d).

Any records from another Treasury system of records or another Executive Branch agency's system of records for which an exemption is claimed under 5 U.S.C. 552a(j) or (k) that may also be included in this system of records retains the same exempt status as such records have in the system for which such exemption is claimed.

Regulatory Analysis

This proposed rule is not a “significant regulatory action” under Executive Order 12866. Pursuant to the requirements of the Regulatory Flexibility Act (RFA), 5 U.S.C. 601 et seq., it is hereby certified that this proposed rule will not have a significant economic impact on a substantial number of small entities. This proposed rule, issued pursuant to 5 U.S.C. 552a(k), is to exempt certain information maintained by Treasury in the above-referenced systems of records from certain provisions of the Privacy Act. Small entities, as defined in the RFA, are not provided rights under the Privacy Act and are outside the scope of this regulation.

The related information collections have been submitted to the Office of Management and Budget on July 8, 2024 under control number: 202407-1505-002.

For the reasons stated in the preamble, Treasury proposes to amend 31 CFR part 1 as follows:

1. The authority citation for part 1 continues to read as follows:

Authority: 5 U.S.C. 301, 552, 552a, 553; 31 U.S.C. 301, 321; 31 U.S.C. 3717.

2. Amend § 1.36 by adding, in alphanumeric order, an entry for “DO .413—Outbound Investment Security Program Notification System” in table 8 to paragraph (e)(1)(ii) and table 11 to paragraph (g)(1)(ii) to read as follows:

(e) * * *

(1) * * *

(ii) * * *