AGENCY:
National Center for Education Statistics (NCES), Department of Education (ED).
ACTION:
Notice.
SUMMARY:
Under 44 U.S.C. 3506(e), and 44 U.S.C. 3501 (note), the National Center for Education Statistics (NCES) is announcing revisions to the confidentiality pledge(s) it provides to its respondents under the Confidential Information Protection and Statistical Efficiency Act (44 U.S.C. 3501 (note)) (CIPSEA) and under the Education Sciences Reform Act of 2002 (ESRA 2002). These revisions are required by the passage and implementation of provisions of the Federal Cybersecurity Enhancement Act of 2015 (6 U.S.C. 151), which permits and requires the Secretary of Homeland Security to provide Federal civilian agencies' information technology systems with cybersecurity protection for their Internet traffic. More details on this announcement are presented in the SUPPLEMENTARY INFORMATION section below.
DATES:
These revisions become effective upon publication of this notice in the Federal Register.
ADDRESSES:
Questions about this notice should be addressed to Dr. Cleo Redline, National Center for Education Statistics, Potomac Center Plaza, 550 12th Street SW., Washington, DC 20202 or by email at cleo.redline@ed.gov.
FOR FURTHER INFORMATION CONTACT:
Dr. Cleo Redline by telephone at 202-245-7695 (this is not a toll-free number); by email at cleo.redline@ed.gov; or by mail at the National Center for Education Statistics, Potomac Center Plaza, 550 12th Street SW., Washington, DC 20202. Because of delays in the receipt of regular mail related to security screening, respondents are encouraged to use electronic communications.
SUPPLEMENTARY INFORMATION:
Federal statistics provide key information that the Nation uses to measure its performance and make informed choices about education, employment, health, investments, budgets, taxes, and a host of other significant topics. The overwhelming majority of Federal surveys are conducted on a voluntary basis. Respondents, ranging from businesses to households to institutions, may choose whether or not to provide the requested information. Many of the most valuable Federal statistics come from surveys that ask for highly sensitive information such as proprietary business data from companies or particularly personal information or practices from individuals.
Confidential Information and Protection and Statistical Efficiency Act (CIPSEA)
Strong and trusted confidentiality and exclusively statistical use pledges under the Confidential Information Protection and Statistical Efficiency Act (CIPSEA) and similar statistical confidentiality pledges are effective and necessary in honoring the trust that businesses, individuals, and institutions, by their responses, place in statistical agencies. Under CIPSEA and similar statistical confidentiality protection statutes, many Federal statistical agencies make statutory pledges that the information respondents provide will be seen only by statistical agency personnel or their sworn agents, and will be used only for statistical purposes. CIPSEA and similar statutes protect the confidentiality of information that agencies collect solely for statistical purposes and under a pledge of confidentiality. These acts protect such statistical information from administrative, law enforcement, taxation, regulatory, or any other non-statistical use and immunize the information submitted to statistical agencies from legal process. Moreover, many of these statutes carry criminal penalties of a Class E felony (fines up to $250,000, or up to five years in prison, or both) for conviction of a knowing and willful unauthorized disclosure of covered information.
As part of the Consolidated Appropriations Act for Fiscal Year 2016 signed on December 17, 2015, the Congress included the Federal Cybersecurity Enhancement Act of 2015 (6 U.S.C. 151). This Act, among other provisions, permits and requires the Secretary of Homeland Security to provide Federal civilian agencies' information technology systems with cybersecurity protection for their Internet traffic. The technology currently used to provide this protection against cyber malware is known as Einstein 3A; it electronically searches Internet traffic in and out of Federal civilian agencies in real time for malware signatures.
When such a signature is found, the Internet packets that contain the malware signature are shunted aside for further inspection by Department of Homeland Security (DHS) personnel. Because it is possible that such packets entering or leaving a statistical agency's information technology system may contain a small portion of confidential statistical data, statistical agencies can no longer promise their respondents that their responses will be seen only by statistical agency personnel or their sworn agents.
Accordingly, DHS and Federal statistical agencies, in cooperation with their parent departments, have developed a Memorandum of Agreement for the installation of Einstein 3A cybersecurity protection technology to monitor their Internet traffic.
However, many current CIPSEA and similar statistical confidentiality pledges promise that respondents' data will be seen only by statistical agency personnel or their sworn agents. Since it is possible that DHS personnel could see some portion of those confidential data in the course of examining the suspicious Internet packets identified by Einstein 3A sensors, statistical agencies need to revise their confidentiality pledges to reflect this process change.
Therefore, the National Center for Education Statistics (NCES) is providing this notice to alert the public to these confidentiality pledge revisions in an efficient and coordinated fashion.
Under CIPSEA, the following is the revised statistical confidentiality pledge for applicable NCES data collections, with the new line added to address the new cybersecurity monitoring activities bolded for reference only:
The information you provide will be used for statistical purposes only. In accordance with the Confidential Information Protection provisions of Title V, Subtitle A, Public Law 107-347 and other applicable Federal laws, your responses will be kept confidential and will not be disclosed in identifiable form to anyone other than employees or agents. By law, every NCES employee as well as every agent, such as contractors and NAEP coordinators, has taken an oath and is subject to a jail term of up to 5 years, a fine of $250,000, or both if he or she willfully discloses ANY identifiable information about you. Electronic submission of your information will be monitored for viruses, malware, and other threats by Federal employees and contractors in accordance with the Cybersecurity Enhancement Act of 2015.
The following listing shows the current NCES Paperwork Reduction Act (PRA) OMB number and information collection title whose CIPSEA confidentiality pledge will change to reflect the statutory implementation of DHS' Einstein 3A monitoring for cybersecurity protection purposes:
| OMB control number | Information collection title |
|---|---|
| 1850-0928 | National Assessment of Educational Progress (NAEP) 2017. |
Education Sciences Reform Act of 2002 (ESRA 2002)
NCES sample surveys are governed by additional laws, one of which is the Education Sciences Reform Act of 2002 (ESRA 2002) (20 U.S.C. 9573). Under ESRA 2002, the information respondents provide can be seen only by statistical agency personnel or their sworn agents, and may not be disclosed, or used, in identifiable form for any other purpose, except in the case of an authorized investigation or prosecution of an offense concerning national or international terrorism. Under ESRA 2002, the Attorney General is permitted to petition a court of competent jurisdiction for an ex parte order requiring the Secretary of Education to provide data relevant to an authorized investigation or prosecution of an offense concerning national or international terrorism. Thus, ESRA 2002 affords many of the same protections as CIPSEA, that is, surveys conducted under ESRA 2002 are protected from administrative, taxation, regulatory, and many other non-statistical uses and the disclosure of information carries criminal penalties of a Class E felony (fines up to $250,000, or up to five years in prison, or both) for conviction of a knowing and willful unauthorized disclosure of covered information for any non-statistical uses, except as noted previously, in the case of an authorized investigation concerning national or international terrorism.
As part of the Consolidated Appropriations Act for Fiscal Year 2016 signed on December 17, 2015, the Congress included the Federal Cybersecurity Enhancement Act of 2015 (6 U.S.C. 151). This Act, among other provisions, permits and requires the Secretary of Homeland Security to provide Federal civilian agencies' information technology systems with cybersecurity protection for their Internet traffic. Since it is possible that DHS personnel could see some portion of the confidential data collected under ESRA 2002 in the course of examining the suspicious Internet packets identified by Einstein 3A sensors, the National Center for Education Statistics needs to revise the confidentiality pledges made under ESRA 2002 to reflect this process change.
Therefore, the National Center for Education Statistics (NCES) is providing this notice to alert the public to these confidentiality pledge revisions in an efficient and coordinated fashion.
Under ESRA 2002, the following is the revised statistical confidentiality pledge for applicable NCES data collections, with the new line added to address the new cybersecurity monitoring activities bolded for reference only:
All of the information you provide may be used only for statistical purposes and may not be disclosed, or used, in identifiable form for any other purpose except as required by law (20 U.S.C. 9573 and 6 U.S.C. 151).
The following listing shows the current NCES Paperwork Reduction Act (PRA) OMB numbers and information collection titles whose ESRA 2002 confidentiality pledge will change to reflect the statutory implementation of DHS' Einstein 3A monitoring for cybersecurity protection purposes:
| OMB control number | Information collection title |
|---|---|
| 1850-0631 | 2012/17 Beginning Postsecondary Students Longitudinal Study (BPS:12/17). |
| 1850-0695 | Trends in International Mathematics and Science Study (TIMSS 2019) Pilot Test. |
| 1850-0733 | Fast Response Survey System (FRSS) 108: Career and Technical Education (CTE) Programs in Public School Districts. |
| 1850-0755 | Program for International Student Assessment (PISA 2018) Field Test. |
| 1850-0852 | High School Longitudinal Study of 2009 (HSLS:09) Second Follow-up Main Study. |
| 1850-0870 | Program for the International Assessment of Adult Competencies (PIAAC) 2017 National Supplement. |
| 1850-0888 | 2018 Teaching and Learning International Survey (TALIS 2018) Field Test. |
| 1850-0911 | Middle Grades Longitudinal Study of 2017-18 (MGLS:2017) Operational Field Test (OFT) and Recruitment for Main Study Base-year. |
| 1850-0923 | ED School Climate Surveys (EDSCLS) National Benchmark Study. |
| 1850-0929 | International Computer and Information Literacy Study (ICILS 2018) Field Test. |
| 1850-0931 | NCER-NPSAS Grant Study—Connecting Students with Financial Aid (CSFA) 2017: Testing the Effectiveness of FAFSA Interventions on College Outcomes. |
| 1850-0932 | NCER-NPSAS Grant Study—Financial Aid Nudges 2017: A National Experiment to Increase Retention of Financial Aid and College Persistence. |
| 1850-0934 | Principal Follow-Up Survey (PFS 2016-17) to the National Teacher and Principal Survey (NTPS 2015-16). |
| 1850-0803 v.174 | The National Assessment of Educational Progress (NAEP) Oral Reading Fluency Pilot Study 2017. |
| 1850-0803 v.176 | National Assessment of Educational Progress (NAEP) Survey Assessments Innovations Lab (SAIL) English Language Arts (ELA) Collaboration and Inquiry Study 2017. |
| 1850-0803 v.177 | 2017 Integrated Postsecondary Education Data System (IPEDS) Time Use and Burden Cognitive Interviews Round 1. |
| 1850-0803 v.178 | ED School Climate Surveys (EDSCLS) Additional Item Cognitive Interviews—Set 2 Round 2. |
| 1850-0803 v.179 | National Assessment of Educational Progress (NAEP) Pretesting of Survey and Cognitive Items for Pilot in 2017 and 2018. |
| 1850-0803 v.180 | National Assessment of Educational Progress (NAEP) 2017 Feasibility Study of Middle School Transcript Study (MSTS). |
| 1850-0803 v.181 | National Assessment of Educational Progress (NAEP) Digitally Based Assessments (DBA) Usability Study 2017-18. |
| 1850-0803 v.182 | 2017 National Household Education Survey (NHES) Web Data Collection Test. |
| 1850-0803 v.186 | National Household Education Surveys Program 2019 (NHES:2019) Focus Groups with Parents of Students using Virtual Education. |
| 1850-0803 v.187 | National Household Education Surveys Program (NHES) 2017 Web Test Debriefing Interviews for Parents of Homeschoolers. |
| 1850-0803 v.189 | 2017-2018 National Teacher and Principal Survey (NTPS) Portal Usability Testing. |
| 1850-0803 v.191 | NCER-NPSAS Grant Study—Connecting Students with Financial Aid (CSFA) 2017 Cognitive Testing. |
| 1850-0803 v.190 | International Early Learning Study (IELS 2018) Cognitive Items Trial. |
| 1850-0803 v.164 | National Assessment of Educational Progress (NAEP) 2019 Science Items Pretesting. |
| 1850-0803 v.170 | National Assessment of Educational Progress (NAEP) Survey Assessments Innovations Lab (SAIL) Pretesting Activities: Virtual World for English Language Arts Assessment. |
| 1850-0803 v.175 | National Assessment of Educational Progress (NAEP) Science Questionnaire Cognitive Interviews 2017. |
| 1850-0803 v.184 | NCER-NPSAS Grant Study—Connecting Students with Financial Aid (CSFA) 2017 Focus Groups. |
| 1850-0803 v.183 | NCER-NPSAS Grant Study—Financial Aid Nudges 2017 Focus Groups. |
| 1850-0803 v.185 | The School Survey on Crime and Safety (SSOCS) Principals Focus Groups. |
Affected Public: Survey respondents to applicable NCES information collections.
Total Respondents: Unchanged from current collections.
Frequency: Unchanged from current collections.
Total Responses: Unchanged from current collections.
Average Time per Response: Unchanged from current collections.
Estimated Total Burden Hours: Unchanged from current collections.
Estimated Total Cost: Unchanged from current collections.
Dated: April 7, 2017.
Kate Mullan,
Acting Director, Information Collection Clearance Division, Office of the Chief Privacy Officer, Office of Management.
[FR Doc. 2017-07350 Filed 4-11-17; 8:45 am]
BILLING CODE 4000-01-P