Privacy Act of 1974; System of Records

SUPPLEMENTARY INFORMATION:

This notice serves to update and modify FCC/OS-2 as a result of various necessary changes and updates. The substantive changes and modifications to the previously published version of the FCC/OS-2 system of records include:

1. Renumbering the former “OMD-12” SORN as “OS-2” to align with the current numbering system for FCC SORNs.

2. Updating and/or revising language in seven routine uses (listed by the routine use number provided in this SORN): (1) Litigation and (2) Adjudication (now two separate routine uses); (3) Law Enforcement and Investigation; (4) Congressional Inquiries; (5) Government-wide Program Management and Oversight; (7) Assistance to Federal Agencies and Entities Related to Breaches, which is required by OMB M-17-12; and (8) Nonfederal Personnel.

3. Deleting former routine use (8) Recovering Overdue Library Materials, which is unnecessary because the disclosures described in that routine use are covered by U.S.C. 552a(b)(1).

The system of records is also updated to reflect various administrative changes related to the system managers and system addresses; policy and practices for storage retrieval of the information; administrative, technical, and physical safeguards; records retention schedules; and updated notification, records access, and contesting records procedures.

SYSTEM NAME AND NUMBER:

FCC/OS-2, Integrated Library System (ILS) Records.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

FCC Library, OS, OMD, FCC, 45 L Street NE, Washington, DC 20554.

SYSTEM MANAGER(S):

OS, OMD, FCC, 45 L Street NE, Washington, DC 20554.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

44 U.S.C. 3101 and 47 U.S.C. 154(i).

PURPOSE(S) OF THE SYSTEM:

The information is maintained and used to keep track of items borrowed by registered users from the FCC Library's collection and to ensure that all items are returned to the FCC Library in a timely manner and/or upon a FCC employee's departure from the Commission.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Current and former FCC employees who have registered as library users.

CATEGORIES OF RECORDS IN THE SYSTEM:

Information in this system includes records on checked-out and/or checked-in items contained in the FCC Library collection. For each item, and for each individual who checked out/in the item, the records collected may include the individual's name, telephone number, email address, library barcode identifier ( i.e., library patron username), and position category ( e.g., attorney, engineer, etc.).

RECORD SOURCE CATEGORIES:

FCC employees who provide information in order to check out materials from the FCC Library.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed to authorized entities, as is determined to be relevant and necessary, outside of the FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. Litigation—Records may be disclosed to the Department of Justice (DOJ) when: (a) the FCC or any component thereof; (b) any employee of the FCC in his or her official capacity; (c) any employee of the FCC in his or her individual capacity where the DOJ or the FCC has agreed to represent the employee; or (d) the United States Government is a party to litigation or has an interest in such litigation, and by careful review, the FCC determines that the records are both relevant and necessary to the litigation, and the use of such records by the Department of Justice is for a purpose that is compatible with the purpose for which the FCC collected the records.

2. Adjudication—Records may be disclosed in a proceeding before a court or adjudicative body, when: (a) the FCC or any component thereof; or (b) any employee of the FCC in his or her official capacity; or (c) any employee of the FCC in his or her individual capacity; or (d) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the FCC determines that the records are both relevant and necessary to the litigation, and that the use of such records is for a purpose that is compatible with the purpose for which the agency collected the records.

3. Law Enforcement and Investigation—When the FCC investigates any violation or potential violation of a civil or criminal law, regulation, policy, executed consent decree, order, or any other type of compulsory obligation, and determines that a record in this system, either alone or in conjunction with other information, indicates a violation or potential violation of law, regulation, policy, consent decree, order, or other compulsory obligation, the FCC may disclose pertinent information as it deems necessary to the target of an investigation, as well as with the appropriate Federal, State, local, Tribal, international, or multinational agencies, or a component of such an agency, responsible for investigating, prosecuting, enforcing, or implementing a statute, rule, regulation, or order.

4. Congressional Inquiries—Records may be provided to a Congressional office in response to an inquiry from that Congressional office made at the written request of the individual to whom the records pertain.

5. Government-wide Program Management and Oversight—Records may be disclosed to the DOJ to obtain that department's advice regarding disclosure obligations under the Freedom of Information Act (FOIA); or to the Office of Management and Budget (OMB) to obtain that office's advice regarding obligations under the Privacy Act.

6. Breach Notification—Records may be disclosed to appropriate agencies, entities, and persons when: (a) the Commission suspects or has confirmed that there has been a breach of the system of records; (b) the Commission has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Commission (including its information system, programs, and operations), the Federal Government, or national security; and; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Commission's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

7. Assistance to Federal Agencies and Entities Related to Breaches—Records may be disclosed to another Federal agency or Federal entity, when the Commission determines that information from this system is reasonably necessary to assist the recipient agency or entity in: (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, program, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

8. Non-Federal Personnel—Records may be disclosed to non-Federal personnel, including contractors, other vendors ( e.g., identity verification services), grantees, and volunteers who have been engaged to assist the FCC in the performance of a service, grant, cooperative agreement, or other activity related to this system of records and who need to have access to the records in order to perform their activity.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

This an electronic system of records that resides on the FCC's network or on an FCC vendor's network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records in this system of records can be retrieved by an authorized FCC user by many category fields— e.g., name, office telephone number, email address, and barcode number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Information in this system is maintained and disposed of in accordance with National Archives and Records Administration (NARA) General Records Schedule (GRS) 4.4, Library Records (DAA-GRS-2015-0003).

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

Access to the records is restricted to Office of the Secretary (OS) and IT staff; ILS and IT contractors; and vendors who maintain the networks and services. Other FCC employees, contractors, vendors, and users may be granted access on a “need-to-know” basis. The records are stored within FCC or a vendor's accreditation boundaries and maintained in a database housed in the FCC's or vendor's computer network databases. The electronic files and records are protected by the FCC and third-party privacy safeguards, a comprehensive and dynamic set of IT safety and security protocols and features that are designed to meet all Federal privacy standards, including those required by the Federal Information Security Modernization Act of 2014 (FISMA), the Office of Management and Budget (OMB), and the National Institute of Standards and Technology (NIST).

RECORD ACCESS PROCEDURES:

Individuals wishing to request access to and/or amendment of records about themselves should follow the Notification Procedures below.

CONTESTING RECORD PROCEDURES:

Individuals wishing to request access to and/or amendment of records about themselves should follow the Notification Procedures below.

NOTIFICATION PROCEDURES:

Individuals wishing to determine whether this system of records contains information about themselves may do so by writing to privacy@fcc.gov. Individuals requesting access must also comply with the FCC's Privacy Act regulations regarding verification of identity to gain access to records as required under 47 CFR part 0, subpart E.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

84 FR 18532 (May 1, 2019).

[FR Doc. 2024-25673 Filed 11-4-24; 8:45 am]

BILLING CODE 6712-01-P