Privacy Act System of Records

AGENCY:

Federal Communications Commission.

ACTION:

Notice of a modified system of records.

SUMMARY:

The Federal Communications Commission (FCC, Commission, or Agency) proposes to modify an existing system of records, FCC/OS–1, Electronic Comment Filing System (ECFS), subject to the Privacy Act of 1974, as amended. This action is necessary to meet the requirements of the Privacy Act to publish in the Federal Register notice of the existence and character of records maintained by the agency. The Commission uses this system to handle and process public comments related to FCC rulemakings and other proceedings. This modification makes various necessary changes to the Categories of Records and identifies a new FCC point of contact.

DATES:

This modified system of records will become effective on December 19, 2023. Written comments on the routine uses are due by January 18, 2024. The routine uses in this action will become effective on January 18, 2024 unless comments are received that require a contrary determination.

ADDRESSES:

Send comments to Brendan McTaggart, Federal Communications Commission, 45 L Street NE, Washington, DC 20554 or privacy@fcc.gov.

FOR FURTHER INFORMATION CONTACT:

Brendan McTaggart, (202) 418–1738, or privacy@fcc.gov (and to obtain a copy of the Narrative Statement and the Supplementary Document, which include details of the proposed alterations to this system of records).

SUPPLEMENTARY INFORMATION:

As required by the Privacy Act of 1974, as amended, 5 U.S.C. 552a(e)(4) and (e)(11), this document sets forth notice of the proposed modification of a system of records maintained by the FCC. The FCC previously provided notice of the system of records, FCC/OS–1 by publication in the Federal Register on October 5, 2023 (88 FR 69180).

The substantive changes and modifications to the previously published version of the FCC/OS–1 system of records include:

1. Modifying the language in the Categories of Records to be more specific about the types of personally identifiable information maintained in the system.

2. Updating the name of the FCC point of contact.

SYSTEM NAME AND NUMBER:

FCC/OS–1, Electronic Comment Filing System (ECFS).

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Office of the Secretary, Federal Communications Commission, 45 L Street NE, Washington, DC 20554 and 1270 Fairfield Road, Gettysburg, PA 17325.

SYSTEM MANAGER:

Office of the Secretary, Federal Communications Commission (FCC), 45 L Street NE, Washington, DC 20554.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

44 U.S.C. Chapter 36; 47 U.S.C. 151 and 154; and Sections 504 and 508 of the Rehabilitation Act, 29 U.S.C. 794.

PURPOSES OF THE SYSTEM:

The ECFS collects comments and related data or metadata received by the FCC, whether electronically through the ECFS via an internet web-browser, by mail, by hand delivery of paper copy, or by other methods, as well as other files and records submitted in response to Commission rulemakings and docketed proceedings, and by the FCC's administrative law staff as the repository for official records for administrative proceedings. In order to comply with the requirements of various statutes and regulations, the FCC offers multiple avenues through which the public can be involved in the FCC decision-making process and can inform the FCC of concerns regarding compliance with FCC rules and requirements. Collecting and maintaining these types of information allows the FCC to be fully informed in decision-making, implementation, and enforcement endeavors. The ECFS also allows staff access to documents and data necessary for key activities discussed in this SORN including analyzing effectiveness and efficiency of related FCC programs and informing future rule and policy-making activity, and improve staff efficiency. Records in this system are available for public inspection.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals and representatives of groups, companies, and other entities who have filed comments as well as other files and records in FCC rulemakings and docketed proceedings or other matters arising under the Communications Act of 1934, as amended, the Rehabilitation Act, or related statutes.

CATEGORIES OF RECORDS IN THE SYSTEM:

Comments received by the FCC, whether electronically through the Electronic Comment Filing System (ECFS) via an internet web-browser, by mail, by hand delivery of paper copy, or other methods which include personally identifiable information provided by the filer such as name, home or business address, phone number, and/or email address. ECFS also collects certain network information from a filer and/or user submitting information to the FCC, such as IP address, geolocation, and computer operating system. The system also contains other files and records submitted in response to Commission rulemakings and docketed proceedings, and by the FCC's administrative law staff as the repository for official records arising out of the conduct of administrative proceedings.

RECORD SOURCE CATEGORIES:

Information in this system is provided by individuals, groups, companies, and other entities who make or provide comments or other files and records in FCC rulemakings and docketed proceedings, as well as FCC staff.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed to authorized entities, as is determined to be relevant and necessary, outside the FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. Public Access—Under the rules of the Commission, public comments as well as other files and records submitted in rulemakings and other docketed proceedings are routinely available to the public—unless confidentiality is requested (47 CFR 0.459)—via the ECFS and may also be disclosed to the public in Commission releases.

2. FCC Enforcement Actions—When a record in this system involves an informal complaint filed alleging a violation of FCC rules, regulations, orders, or requirements by an applicant, licensee, certified or regulated entity, or an unlicensed person or entity, the complaint may be provided to the alleged violator for a response. Where a complainant in filing his or her complaint explicitly requests confidentiality of his or her name from public disclosure, the Commission will endeavor to protect such information from public disclosure. Complaints that contain requests for confidentiality may be dismissed if the Commission determines that the request impedes the Commission's ability to investigate and/or resolve the complaint.

3. Litigation—To disclose records to the Department of Justice (DOJ) when: (a) the FCC or any component thereof; (b) any employee of the FCC in his or her official capacity; (c) any employee of the FCC in his or her individual capacity where the DOJ or the FCC has agreed to represent the employee; or (d) the United States Government is a party to litigation or has an interest in such litigation, and by careful review, the FCC determines that the records are both relevant and necessary to the litigation, and the use of such records by the Department of Justice is for a purpose that is compatible with the purpose for which the FCC collected the records.

4. Adjudication—To disclose records in a proceeding before a court or adjudicative body, when: (a) the FCC or any component thereof; or (b) any employee of the FCC in his or her official capacity; or (c) any employee of the FCC in his or her individual capacity; or (d) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the FCC determines that the records are both relevant and necessary to the litigation, and that the use of such records is for a purpose that is compatible with the purpose for which the agency collected the records.

5. Law Enforcement and Investigation—To disclose pertinent information to appropriate Federal, State, local, Tribal, international, or multinational agencies, or a component of such an agency, responsible for investigating, prosecuting, enforcing, or implementing a statute, rule, regulation, or order, where the FCC becomes aware of an indication of a violation or potential violation of civil or criminal law or regulation.

6. Congressional Inquiries—To provide information to a Congressional office from the record of an individual in response to an inquiry from that Congressional office made at the written request of that individual.

7. Government-wide Program Management and Oversight—To DOJ to obtain that department's advice regarding disclosure obligations under the Freedom of Information Act (FOIA); or to the Office of Management and Budget (OMB) to obtain that office's advice regarding obligations under the Privacy Act.

8. Breach Notification—To appropriate agencies, entities, and persons when: (a) the Commission suspects or has confirmed that there has been a breach of PII maintained in the system of records; (b) the Commission has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Commission (including its information system, programs, and operations), the Federal Government, or national security; and; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Commission's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

9. Assistance to Federal Agencies and Entities Related to Breaches—To another Federal agency or Federal entity, when the Commission determines that information from this system is reasonably necessary to assist the recipient agency or entity in: (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, program, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

10. Non-Federal Personnel—To disclose information to non-Federal personnel, including contractors, other vendors ( e.g., identity verification services), grantees, and volunteers who have been engaged to assist the FCC in the performance of a contract, service, grant, cooperative agreement, or other activity related to this system of records and who need to have access to the records in order to perform their activity.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

This an electronic system of records that resides on the FCC's network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records in this system of records can be retrieved by any category field, e.g., individual name, entity name, rulemaking number, and/or docket number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

The information in this system is maintained and disposed of in accordance with the National Archives and Records Administration (NARA) General Records Schedule 6.6: Rulemaking Records (DAA–GRS–2017–0012).

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

The electronic records, files, and data are stored in a database housed in the FCC computer network. While comments and other files and records are generally publicly available, access to certain information associated with filings is restricted to authorized employees and contractors; and to IT staff, contractors, and vendors who maintain the IT networks and services. Other employees and contractors may be granted access on a need-to-know basis. The electronic files and records are protected by the FCC privacy safeguards, a comprehensive and dynamic set of IT safety and security protocols and features that are designed to meet all Federal privacy standards, including those required by the Federal Information Security Modernization Act of 2014 (FISMA), the Office of Management and Budget (OMB), and the National Institute of Standards and Technology (NIST).

RECORD ACCESS PROCEDURES:

Individuals wishing to request access to and/or amendment of records about themselves should follow the Notification Procedure below.

CONTESTING RECORD PROCEDURES:

Individuals wishing to request access to and/or amendment of records about themselves should follow the Notification Procedure below.

NOTIFICATION PROCEDURES:

Individuals wishing to determine whether this system of records contains information about themselves may do so by writing to privacy@fcc.gov. Individuals requesting access must also comply with the FCC's Privacy Act regulations regarding verification of identity to gain access to records as required under 47 CFR part 0, subpart E.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

88 FR 69180 (October 5, 2023).