Internal Revenue Service; Privacy Act, Implementation

AGENCY:

Office of the Secretary, Treasury.

ACTION:

Final rule.

SUMMARY:

In accordance with the requirements of the Privacy Act of 1974, 5 U.S.C. 552a, as amended, the Department of the Treasury gives notice of a final rule to exempt an Internal Revenue Service system of records entitled “IRS Audit Trail and Security Records System—Treasury/IRS 34.037,” from certain provisions of the Privacy Act. The exemption is intended to comply with the legal prohibitions against the disclosure of certain kinds of information and to protect certain information, about individuals, maintained in this system of records.

EFFECTIVE DATE:

September 20, 2000.

FOR FURTHER INFORMATION CONTACT:

David Silverman, Tax Law Specialist, 6103/Privacy Operations, Governmental Liaison and Disclosure, Internal Revenue Service, at 202-622-6200.

SUPPLEMENTARY INFORMATION:

The Department of the Treasury published a notice of a proposed rule exempting a system of records from certain provisions of the Privacy Act of 1974, as amended, on November 17, 1999, at 64 FR 62620-62622. The Internal Revenue Service (IRS) published the system notice in its entirety on November 19, 1999, at 63 FR 63108. Under 5 U.S.C. 552a(k)(2), the head of an agency may promulgate rules to exempt any system of records within the agency from certain provisions of the Privacy Act of 1974, as amended, if the system is investigatory material compiled for law enforcement purposes. The IRS Audit Trail and Security Records System—Treasury/IRS 34.037 contains investigatory material compiled for law enforcement purposes.

The proposed rule requested that public comments be sent to the Governmental Liaison and Disclosure Office, Internal Revenue Service, 1111 Constitution Ave., NW, Washington, DC 20224, no later than January 22, 1999. The Governmental Liaison and Disclosure Office received comments addressing the issues below from one individual. As discussed below, no changes to the rule were made on the basis of these comments.

First, the commenter stated that the system notice lacked specificity as to the users of the system because the notice provided that “[o]utside of IRS information systems, the office of the Treasury Inspector General for Tax Administration is the principal user of the data contained in this system of records.” The use of the word “principal” would permit other personnel to have access to this system of records. The language in the current rule is the same that is used for the Treasury/IRS 34.020, the Audit Lead Trail Analysis System. This is because it is impossible to predict that only the information systems personnel and the Treasury Inspector General for Tax Administration may have a need to use this system. This system concerns primarily audit logs that track access to sensitive but unclassified data for almost all IRS computer systems. Although generally the people who monitor such logs are information system administrators, there may be exceptions where personnel from another IRS function monitor the logs.

The commenter also expressed concern that government and non-law enforcement personnel will have access to and use of the system, and that the system should only exempt certain records depending on whether the information is being used for law enforcement purposes. All of the information is being used for law enforcement purposes, specifically to detect violations of applicable statutes, including 18 U.S.C. 1030(a)(2)(B) and 26 U.S.C. 6103, 7213, 7213A. Therefore, the entire system is entitled to the law enforcement exemption. The final concern expressed by the commenter was a lack of description of the specific records to be covered. This system is broad because it would be burdensome and confusing to the public to create multiple systems with corresponding multiple notices for the purpose of printing the same description of audit logs and security records used to monitor access.

Accordingly, the Department of the Treasury is hereby giving notice that the system of records entitled “IRS Audit Trail and Security Records System—Treasury/IRS 34.037,” is exempt from certain provisions of the Privacy Act. The provisions of the Privacy Act from which exemption is claimed pursuant to 5 U.S.C. 552a(k)(2) are as follows: 5 U.S.C. 552a (c)(3), (d)(1), (d)(2), (d)(3), (d)(4), (e)(1), (e)(4)(G) , (H) and (f).

As required by Executive Order 12866, it has been determined that this proposed rule is not a significant regulatory action, and therefore, does not require a regulatory impact analysis.

The regulation will not have a substantial direct effect on the States, on the relationship between the national Government and the States, or on the distribution of power and responsibilities among the various levels of government. Therefore, it is determined that this final rule does not have federalism implications under Executive Order 13132.

Pursuant to the requirements of the Regulatory Flexibility Act, 5 U.S.C. 601-612, it is hereby certified that these regulations will not significantly affect a substantial number of small entities. The proposed rule imposes no duties or obligations on small entities.

In accordance with the provisions of the Paperwork Reduction Act of 1995, the Department of the Treasury has determined that this final rule would not impose new record keeping, application, reporting, or other types of information collection requirements.

List of Subjects in 31 CFR Part 1

• Privacy

Part 1 of Title 31 of the Code of Federal Regulations is amended as follows:

1. The authority citation for part 1 continues to read as follows:

Authority: 5 U.S.C. 301 and 31 U.S.C. 321. Subpart A also issued under 5 U.S.C. 552, as amended. Subpart C also issued under 5 U.S.C. 552a.

2. Section 1.36 of Subpart C is amended by adding the following text in numerical order in paragraph (b)(1) under the heading THE INTERNAL REVENUE SERVICE:

(b) * * *

(1) * * *