87 FR 161 pgs. 51477-51482 - Privacy Act of 1974; Department of Transportation, Federal Aviation Administration; DOT/FAA 807 Facility Access Control at the Mike Monroney Aeronautical Center
Type: NOTICEVolume: 87Number: 161Pages: 51477 - 51482
Pages: 51477, 51478, 51479, 51480, 51481, 51482Docket number: [Docket No. OST-2021-0050]
FR document: [FR Doc. 2022-17945 Filed 8-19-22; 8:45 am]
Agency: Transportation Department
Official PDF Version: PDF Version
[top]
DEPARTMENT OF TRANSPORTATION
Office of the Secretary
[Docket No. OST-2021-0050]
Privacy Act of 1974; Department of Transportation, Federal Aviation Administration; DOT/FAA 807 Facility Access Control at the Mike Monroney Aeronautical Center
AGENCY:
Office of the Departmental Chief Information Officer, Office of the Secretary of Transportation, DOT.
ACTION:
Notice of a modified Privacy Act system of records.
SUMMARY:
[top] In accordance with the Privacy Act of 1974, the United States Department of Transportation (DOT), Federal Aviation Administration (FAA), proposes to rename, update and reissue an existing system of records notice currently titled "Department of Transportation, Federal Aviation Administration, DOT/FAA 807, Traffic Control at the Mike Monroney Aeronautical Center." The Mike Monroney Aeronautical Center (MMAC) is located in Oklahoma City, OK and is home to more than 8,000 full-time employees and receives 10,000 visitors
Notice Updates
This Notice includes both substantive changes and non-substantive changes to the previously published Notice. The substantive changes have been made to the system name, system manager, authority, purpose, categories of individuals, categories of records, record source categories, routine uses, policies and practices for storage of records, policies and practices for retrieval of records, policies and practices for retention and disposal of records, and record access procedures. The non-substantive changes have been made to administrative, technical and physical safeguards, contesting records procedures, and notification procedures, as well as revisions to align with the requirements of the Office of Management and Budget (OMB) Memoranda A-108 and ensure consistency with other Notices issued by the Department of Transportation.
DATES:
Written comments should be submitted on or before September 21, 2022. The Department may publish an amended Systems of Records Notice in light of any comments received. This new system will be effective September 21, 2022.
ADDRESSES:
You may submit comments, identified by docket number DOT-OST-2021-0050 by any of the following methods:
• Federal e-Rulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• Mail: Docket Management Facility, U.S. Department of Transportation, 1200 New Jersey Ave. SE, West Building Ground Floor, Room W12-140, Washington, DC 20590-0001.
• Hand Delivery or Courier: West Building Ground Floor, Room W12-140, 1200 New Jersey Ave. SE, between 9 a.m. and 5 p.m. ET, Monday through Friday, except Federal Holidays.
• Fax: (202) 493-2251.
• Instructions: You must include the agency name and docket number DOT-OST-2021-0050. All comments received will be posted without change to http://www.regulations.gov, including any personal information provided.
Privacy Act: Anyone is able to search the electronic form of all comments received in any of our dockets by the name of the individual submitting the comment (or signing the comment, if submitted on behalf of an association, business, labor union, etc.). You may review the Department of Transportation's complete Privacy Act statement in the Federal Register published on April 11, 2000 (65 FR 19477-78), or you may visit http://DocketsInfo.dot.gov.
Docket: For access to the docket to read background documents or comments received, go to http://www.regulations.gov or to the street address listed above. Follow the online instructions for accessing the docket.
FOR FURTHER INFORMATION CONTACT:
For questions, please contact: Karyn Gorman, Acting Departmental Chief Privacy Officer, Privacy Office, Department of Transportation, Washington, DC 20590; privacy@dot.gov; or 202-527-3284.
SUPPLEMENTARY INFORMATION:
I. Background
In accordance with the Privacy Act of 1974, the Department of Transportation proposes to modify and re-issue a Department of Transportation system of record notice titled, "Department of Transportation, Federal Aviation Administration, DOT/FAA 807 Traffic Control at the Mike Monroney Aeronautical Center (formerly named Law Enforcement Records and Central Files)." This system of records covers records collected and maintained for the purposes of:
• Issuing permanent and temporary parking passes (or decals) to DOT/FAA employees and contractors, and tenants;
• Issuing short-term passes to federal employees and contractors who have forgotten or misplaced their Personal Identification Verification (PIV) card;
• Issuing short-term and long-term passes to visitors;
• Issuing keys (both physical and digital) to federal employees and contractors; and
• Maintaining records of individuals failing to adhere to parking policy and, therefore, cited for parking violations on the MMAC campus.
The following substantive changes have been made to the Notice:
1. System Name and Number: This Notice updates the system name to "Facility Access Control at the Mike Monroney Aeronautical Center" from the previous system name of "Traffic Control at the Mike Monroney Aeronautical Center (formerly named Law Enforcement Records and Central Files)." The update to the system name accounts for the access control conducted by the MMAC, such as visitor passes, parking decals and key access management.
2. System Manager: This Notice updates the system manager to include contact information for the Office of Facility Management which was not included in the previous Notice. The system manager contact information is compatible with the purpose of the system of records.
3. Authority: This Notice updates the authorities to include Chapter 5 of Title 40, United States Code, Property Management, and 41 CFR part 102-74, Facility Management which authorize the administration of programs and systems as well as collection of records to manage to property, and vehicular and pedestrian traffic. Reference to 44 U.S.C. 3101 authorizing the collection and use of agency documents and information related to agency policies, procedures and transactions is not appropriate for activity around the collection of information related to facility access management and has been removed.
4. Purpose: This Notice updates the purpose to incorporate all functions of the MMAC. This includes issuance of short- and long-term passes and parking decals, issuance of keys, and maintenance of individuals who violate parking policy. The records collected, used and maintained are compatible with the purpose of the system of records.
[top] 5. Categories of Individuals: Consistent with the expansion of the purpose of the system, this Notice expands the categories of individuals to include those individuals (employees, contractors, visitors, and tenants) who apply for temporary or long-term passes and parking decals authorizing them to enter the MMAC campus. Additionally, the language in this section has been
6. Categories of Records: This Notice updates categories of records to reflect that the system collects information for the purposes of issuing visitor passes, and parking decals. Visitor pass records include the following data elements, not limited to: full name and signature, temporary badge number, identity (ID) card number (including driver's license number), and phone number. Records collected and maintained for parking (including parking violations) include: full name, handicap (HC) placard number, decal number, tag number and state, vehicle description, vehicle year and make, and comments (including driver's license number). Records collected and maintained for key issuance and management include; key holder name, email address and signature, request ID, and key ID assigned. The categories of records is compatible with the purpose of the system of records.
7. Records Source: This Notice updates records source to reference that information collected and maintained is provided by individuals seeking parking decals and access to MMAC facilities. Items, such as temporary badge number, decal number and HC placard number, are provided by FAA employees and contractors approving these access and parking requests.
8. Routine Uses: This Notice updates routine uses to include the Department of Transportation's general routine uses applicable to this Notice as they were previously only incorporated by reference. OMB Memoranda A-108 recommends that agencies include all routine uses in one notice rather than incorporating general routine uses by reference; therefore, the Department is replacing the statement in DOT/FAA 807 that referenced the "Statement of General Routine Uses" with all of the general routine uses that apply to this system of records. This update does not substantially affect any of the routine uses for records maintained in this system.
9. Records Storage: This Notice updates policies and practices for the storage of records to reflect that current records are electronic. The previously published Notice stated that records are maintained in files and containers, and in password protected electronic databases in rooms secured with the FAA locking system.
10. Records Retrieval: This Notice updates the policies and practices for the retrieval of records to reflect that parking records (including parking violations) can be searched by name, temporary badge number, vehicle tag number or vehicle decal number. Visitor pass records can be retrieved by name. Key access management records may be retrieved by name as well as request ID and key ID. The records retrieval information is compatible with the purpose of the system of records.
11. Retention and Disposal: This Notice updates the policies and practices for retention and disposal of records section to include current National Archives and Records Administration (NARA) schedules governing the various record types. The updated retention schedules include the following groupings of record types: (a) Visitor pass and parking information (including parking violations) are covered by General Records Schedule (GRS) 5.6 Item 111 Visitor Processing Records where records are destroyed when 2 years old. The schedule includes retention for visitor passes in addition to parking; and (b) Key access management information is covered by GRS 5.6 Item 020 Key and Card Access Accountability where records are destroyed when 3 years old. The previously published Notice stated the following: Identification credentials including parking permits: Destroy credentials three months after return to issuing office. Related identification credential papers such as vehicle registrations: Destroy after all listed credentials are accounted for. Reports, statements of witnesses, warning notices, and other papers relating to arrests and traffic violations: Destroy when 2 years old. Records related to witness statements were included incorrectly and are no longer included in the updated Notice.
12. Record Access: This Notice updates the record access procedures to reflect that signatures on signed requests for records must either be notarized or accompanied by a statement made under penalty of perjury in compliance with 28 U.S.C. 1746 while the previous Notice directed the Record Access, Contesting Record and Notification sections to "System Manager."
The following non-substantive changes to the administrative, technical, and physical safeguards, contesting records procedures, and notification procedures, have been made to improve the transparency and readability of the Notice:
13. Administrative, Technical and Physical Safeguards: This Notice updates the administrative, technical and physical safeguards to reference current FAA processes. The purpose of this non-substantive update is to clarify language around security controls to restrict access to authorized users, thereby aligning with the requirements of OMB Memoranda A-108 and for consistency with other DOT/FAA SORNs.
14. Contesting Records: This Notice updates the procedures for contesting records to refer the reader to the record access procedures section. The purpose of this non-substantive update is to align with the requirements of OMB Memoranda A-108 and for consistency with other DOT/FAA SORNs.
15. Notification: This Notice updates the procedures for notification to refer the reader to the record access procedures section. The purpose of this non-substantive update is to align with the requirements of OMB Memoranda A-108 and for consistency with other DOT/FAA SORNs.
II. Privacy Act
The Privacy Act (5 U.S.C. 552a) governs the means by which the Federal Government collects, maintains, and uses personally identifiable information (PII) in a System of Records. A "System of Records" is a group of any records under the control of a Federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish in the Federal Register a System of Records Notice (SORN) identifying and describing each System of Records the agency maintains, including the purposes for which the agency uses PII in the system, the routine uses for which the agency discloses such information outside the agency, and how individuals to whom a Privacy Act record pertains can exercise their rights under the Privacy Act ( e.g., to determine if the system contains information about them and to contest inaccurate information). In accordance with 5 U.S.C. 552a(r), DOT has provided a report of this system of records to the Office of Management and Budget and to Congress.
SYSTEM NAME AND NUMBER:
Department of Transportation (DOT)/Federal Aviation Administration (FAA) 807 Facility Access Control at the Mike Monroney Aeronautical Center.
SECURITY CLASSIFICATION:
Unclassified, sensitive.
SYSTEM LOCATION:
[top] Federal Aviation Administration, Mike Monroney Aeronautical Center (MMAC), 6500 S MacArthur Blvd., Oklahoma City, OK 73169.
SYSTEM MANAGER:
Federal Aviation Administration, Office of Facility Management, AMP-1, Mike Monroney Aeronautical Center, 6500 S MacArthur Blvd., Oklahoma City, OK 73169. Contact information for the system manager is: 405-954-4572.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
40 U.S.C. Chapter 5, and 41 CFR part 102-74, Facility Management.
PURPOSE(S) OF THE SYSTEM:
The purpose of this system includes issuance of short- and long-term passes and parking decals, issuance of keys, and maintenance of records on individuals who violate parking policy.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Records include information on DOT/FAA employees and contractors, visitors, and tenants.
CATEGORIES OF RECORDS IN THE SYSTEM:
Visitor pass records include the following data elements, not limited to: full name and signature, temporary badge number, ID card number (including driver's license number), and phone number. Records collected and maintained for parking (including parking violations) include: full name, HC placard number, decal number, tag number and state, vehicle description, vehicle year and make, and comments (including driver's license number). Records collected and maintained for key issuance and management include; key holder name, email address and signature, request ID, and key ID assigned.
RECORD SOURCE CATEGORIES:
Information maintained in records are provided by individuals seeking parking permits, access to facilities, or issuance of keys. Additional information may be provided by FAA employees and contractors reviewing and approving requests.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to other disclosures, generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DOT as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. In the event that a system of records maintained by DOT to carry out its functions indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to the appropriate agency, whether Federal, State, local or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto.
2. A record from this system of records may be disclosed, as a routine use, to a Federal, State, or local agency maintaining civil, criminal, or other relevant enforcement information or other pertinent information, such as current licenses, if necessary to obtain information relevant to a DOT decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant or other benefit.
3. A record from this system of records may be disclosed, as a routine use, to a Federal agency, in response to its request, in connection with the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
4. Routine Use for Disclosure for Use in Litigation. It shall be a routine use of the records in this system of records to disclose them to the Department of Justice or other Federal agency conducting litigation when (a) DOT, or any agency thereof, or (b) Any employee of DOT or any agency thereof (including a member of the Coast Guard), in his/her official capacity, or (c) Any employee of DOT or any agency thereof (including a member of the Coast Guard), in his/her individual capacity where the Department of Justice has agreed to represent the employee, or (d) The United States or any agency thereof, where DOT determines that litigation is likely to affect the United States, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice or other Federal agency conducting the litigation is deemed by DOT to be relevant and necessary in the litigation, provided, however, that in each case, DOT determines that disclosure of the records in the litigation is a use of the information contained in the records that is compatible with the purpose for which the records were collected. 4b. Routine Use for Agency Disclosure in Other Proceedings. It shall be a routine use of records in this system to disclose them in proceedings before any court or adjudicative or administrative body before which DOT or any agency thereof, appears, when (a) DOT, or any agency thereof, or (b) Any employee of DOT or any agency thereof (including a member of the Coast Guard) in his/her official capacity, or (c) Any employee of DOT or any agency thereof (including a member of the Coast Guard) in his/her individual capacity where DOT has agreed to represent the employee, or (d) The United States or any agency thereof, where DOT determines that the proceeding is likely to affect the United States, is a party to the proceeding or has an interest in such proceeding, and DOT determines that use of such records is relevant and necessary in the proceeding, provided, however, that in each case, DOT determines that disclosure of the records in the proceeding is a use of the information contained in the records that is compatible with the purpose for which the records were collected.
5. The information contained in this system of records will be disclosed to the Office of Management and Budget, OMB in connection with the review of private relief legislation as set forth in OMB Circular No. A-19 at any stage of the legislative coordination and clearance process as set forth in that Circular.
6. Disclosure may be made to a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual. In such cases, however, the Congressional office does not have greater rights to records than the individual. Thus, the disclosure may be withheld from delivery to the individual where the file contains investigative or actual information or other materials which are being used, or are expected to be used, to support prosecution or fines against the individual for violations of a statute, or of regulations of the Department based on statutory authority. No such limitations apply to records requested for Congressional oversight or legislative purposes; release is authorized under 49 CFR 10.35(9).
7. One or more records from a system of records may be disclosed routinely to the National Archives and Records Administration in records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906.
[top] 8. Routine Use for disclosure to the Coast Guard and to Transportation Security Administration. A record from this system of records may be disclosed as a routine use to the Coast Guard and to the Transportation Security Administration if information from this
9. DOT may make available to another agency or instrumentality of any government jurisdiction, including State and local governments, listings of names from any system of records in DOT for use in law enforcement activities, either civil or criminal, or to expose fraudulent claims, regardless of the stated purpose for the collection of the information in the system of records. These enforcement activities are generally referred to as matching programs because two lists of names are checked for match using automated assistance. This routine use is advisory in nature and does not offer unrestricted access to systems of records for such law enforcement and related antifraud activities. Each request will be considered on the basis of its purpose, merits, cost effectiveness and alternatives using Instructions on reporting computer matching programs to the Office of Management and Budget, OMB, Congress, and the public, published by the Director, OMB, dated September 20, 1989.
10. It shall be a routine use of the information in any DOT system of records to provide to the Attorney General of the United States, or his/her designee, information indicating that a person meets any of the disqualifications for receipt, possession, shipment, or transport of a firearm under the Brady Handgun Violence Prevention Act. In case of a dispute concerning the validity of the information provided by DOT to the Attorney General, or his/her designee, it shall be a routine use of the information in any DOT system of records to make any disclosures of such information to the National Background Information Check System, established by the Brady Handgun Violence Prevention Act, as may be necessary to resolve such dispute.
11. a. To appropriate agencies, entities, and persons when (1) DOT suspects or has confirmed that there has been a breach of the system of records; (2) DOT has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOT (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOT's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
b. To another Federal agency or Federal entity, when DOT determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
12. DOT may disclose records from this system, as a routine use, to the Office of Government Information Services for the purpose of (a) resolving disputes between FOIA requesters and Federal agencies and (b) reviewing agencies' policies, procedures, and compliance in order to recommend policy changes to Congress and the President.
13. DOT may disclose records from this system, as a routine use, to contractors and their agents, experts, consultants, and others performing or working on a contract, service, cooperative agreement, or other assignment for DOT, when necessary to accomplish an agency function related to this system of records.
14. DOT may disclose records from this system, as a routine use, to an agency, organization, or individual for the purpose of performing audit or oversight operations related to this system of records, but only such records as are necessary and relevant to the audit or oversight activity. This routine use does not apply to intra-agency sharing authorized under Section (b)(1) of the Privacy Act.
15. DOT may disclose from this system, as a routine use, records consisting of, or relating to, terrorism information (6 U.S.C. 485(a)(5)), homeland security information (6 U.S.C. 482(f)(1)), or Law enforcement information (Guideline 2 Report attached to White House Memorandum, "Information Sharing Environment, November 22, 2006) to a Federal, State, local, tribal, territorial, foreign government and/or multinational agency, either in response to its request or upon the initiative of the Component, for purposes of sharing such information as is necessary and relevant for the agencies to detect, prevent, disrupt, preempt, and mitigate the effects of terrorist activities against the territory, people, and interests of the United States of America, as contemplated by the Intelligence Reform and Terrorism Prevention Act of 2004 (Pub. L. 108-458) and Executive Order 13388 (October 25, 2005).
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
All records in this system are stored electronically. Records are accessed by designated persons who have an official need for the information. All electronic records for the system are backed up to an offsite storage location to facilitate information recovery in the event of a disaster or system failure that removes or makes local data unavailable.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records for parking (including parking violations) can be searched by name, temporary badge number, vehicle tag number or vehicle decal number. Records for visitor passes can be retrieved by name. Records for key access management may be retrieved by name as well as request ID and key ID assigned.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Per GRS 5.6 Item 111, visitor pass and parking records (including parking violations) are retained for 2 years. Per GRS 5.6 Item 020, key access records are retained and destroyed 3 years after return of key. For all records, longer retention is authorized if required for business use.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Records in this system are safeguarded in accordance with applicable rules and policies, including all applicable DOT automated systems security and access policies. Strict controls have been imposed to minimize the risk of compromising the information that is being stored. Access to records in this system is limited to those individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances or permissions.
RECORD ACCESS PROCEDURES:
[top] Individuals seeking notification of whether this system of records contains information about them may contact the System Manager at the address provided in the section "System Manager". When seeking records about yourself from this system of records or any other Departmental system of records your request must conform to the Privacy Act regulations set forth in 49 CFR part 10. You must sign your request and your signature must either be notarized or
CONTESTING RECORD PROCEDURES:
See "Record Access Procedures" above.
NOTIFICATION PROCEDURES:
See "Record Access Procedures" above.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
Previous version of this system of records, DOT/FAA 807-Traffic Control at the Mike Monroney Aeronautical Center was published in the Federal Register on April 11, 2000 (65 FR 19519).
Issued in Washington, DC.
Karyn Gorman,
Acting Departmental Chief Privacy Officer.
[FR Doc. 2022-17945 Filed 8-19-22; 8:45 am]
BILLING CODE 4910-9X-P