Privacy Act of 1974; System of Records

AGENCY:

Postal Service®.

ACTION:

Notice of establishment of new system of records.

SUMMARY:

The United States Postal Service® (Postal Service) is proposing to establish a new Customer Privacy Act System of Records (SOR) to support the Informed Delivery^TM notification service.

DATES:

This system will become effective without further notice on September 26, 2016 unless, in response to comments received on or before that date, the Postal Service makes any substantive change to the purpose or routine uses set forth, or to expand the availability of information in this system, as described in this notice. If the Postal Service determines that certain portions of this SOR should not be implemented, or that implementation of certain portions should be postponed in light of comments received, the Postal Service may choose to implement the remaining portions of the SOR on the stated effective date, and will provide notice of that action.

ADDRESSES:

Comments may be mailed or delivered to the Privacy and Records Office, United States Postal Service, 475 L'Enfant Plaza SW., Room 1P830, Washington, DC 20260-0004. Copies of all written comments will be available at this address for public inspection and photocopying between 8 a.m. and 4 p.m., Monday through Friday.

FOR FURTHER INFORMATION CONTACT:

Janine Castorina, Chief Privacy Officer/A, Privacy and Records Office, 202-268-3089 or privacy@usps.gov.

SUPPLEMENTARY INFORMATION:

This notice is in accordance with the Privacy Act requirement that agencies publish their systems of records in the Federal Register when there is a revision, change, or addition, or when the agency establishes a new system of records. The Postal Service is establishing a new system of records to support an expansion of its Informed Delivery^TM notification service.

I. Background

Informed Delivery^TM is a digital service that allows enrolled users to receive an email notification that contains grayscale images of the outside of their letter-sized mailpieces processed by USPS automation equipment prior to delivery. This service is offered at no cost to the consumer. Informed Delivery^TM is currently available in areas of New York, Connecticut, and Northern Virginia (NoVa). The Postal Service intends to expand this service to the Capital Region (Washington, DC, Baltimore, and Richmond) in September 2016, with national expansion planned for 2017. The establishment of this new USPS Privacy Act System of Records is intended to support this expansion.

II. Rationale for Changes to USPS Privacy Act Systems of Records

Expansion and User Acquisition Strategy

Informed Delivery^TM is making mail a more valuable and effective communication channel for consumers, increasing the relevancy of physical mail in today's highly digital environment. Informed Delivery^TM offers residential customers the convenience of knowing what is in their mailbox from anywhere, even while traveling. Providing advance notice of mail delivery also allows consumers to take action before important pieces reach their mailbox, revolutionizing the customer experience with mail. In some cases, email notifications with mailpiece images will include interactive content, such as “ride-along” images or related links from the business mailer. Lastly, users will have access to an online dashboard, which will display their mailpiece images from the previous six days.

Currently, there are over 75,000 Informed Delivery^TM users in areas of Northern Virginia, New York, and Connecticut. According to USPS data, 90 percent of users surveyed in Northern Virginia have said they would recommend Informed Delivery^TM to friends or family, and 97 percent of those surveyed in New York would likely continue using the service. In light of the positive feedback that the Postal Service has received from Informed Delivery^TM users, the Postal Service intends to expand the Informed Delivery^TM notification service to the Washington, DC, Baltimore, and Richmond metropolitan areas in September 2016, with national expansion planned for 2017. To achieve this goal, the Postal Service has developed a comprehensive user acquisition strategy that includes a direct mail referral campaign, email campaigns sent to My USPS and USPS.com users, and promotion at retail locations. For the referral campaign, USPS will send a mailpiece to current Informed Delivery^TM users with the request that they send the provided tear-off cards to friends and family who may be interested in the service. As part of the user acquisition strategy, the Postal Service will be collecting personal information from internal and external sources, as identified below.

Informed Delivery^TM is currently supported by two Privacy Act Systems of Records, USPS 810.100, www.usps.com Registration and USPS 820.200, Mail Management and Tracking Activity. The Postal Service has determined that a new system of records should be established to support the planned expansion of the service and to promote transparency with regard to its collection and use of customer information.

Purposes and Disclosures

USPS is using customer information to link physical mail with digital content in order to provide consumers with a convenient, innovative, and relevant way to access their mailpieces. Specifically, customer information will be used to support the Informed Delivery^TM notification service, providing users with a daily email notification containing images of their letter-sized mailpieces that will be arriving in their mailbox soon. Additionally, this information will help USPS maintain up-to-date user records and prevent fraudulent transactions, resulting in an improved customer experience. USPS will also collect data analytics from mail campaigns sent through Informed Delivery^TM in order to determine the outcomes of each campaign and help guide business decisions.

Security and Privacy

The Postal Service takes the privacy of customers' mail very seriously and takes measures to ensure that all personal information is protected. To obtain the mail images, the Postal Service relies on existing automated mail processing equipment that is used every day to sort mail so that it can be delivered to the proper address. The scanned images that the Postal Service sends to enrolled users show only the exterior, front-side of letter-sized mail; the daily notification does not contain any information about the contents of the scanned mailpieces. The sanctity of the mail is also protected by the U.S. Postal Inspection Service.

To enroll in Informed Delivery^TM, consumers must live in a ZIP Code where the service is active and have an eligible address, which can be confirmed through the Informed Delivery^TM Web site. Eligible consumers must then successfully complete one of several available verification processes. Once these steps are complete, a consumer will be able to access the Informed Delivery^TM notification service. During the sign-up and verification process, a consumer's household address is only collected and maintained to ensure that he or she only receives images of mail intended for delivery at the verified address. Other methods to ensure the security of the data are described below in the Safeguards section of the new Informed Delivery^TM SOR.

III. Description of the New System of Records

Pursuant to 5 U.S.C. 552a(e)(11), interested persons are invited to submit written data, views, or arguments on this proposal. A report of the establishment of this SOR has been sent to Congress and to the Office of Management and Budget for their evaluations. The Postal Service does not expect the establishment of this SOR to have any adverse effect on individual privacy rights. Accordingly, for the reasons stated above, the Postal Service proposes a new system of records as follows:

USPS 820.300

SYSTEM NAME:

Informed Delivery^TM.

SYSTEM LOCATION:

USPS Headquarters; Wilkes-Barre Solutions Center; and Eagan, MN.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

1. Customers who are enrolled in Informed Delivery^TM notification service.

2. Mailers that use Informed Delivery^TM notification service to enhance the value of the physical mail sent to customers.

CATEGORIES OF RECORDS IN THE SYSTEM:

1. Customer information: Name; customer ID(s); mailing (physical) address(es) and corresponding 11-digit delivery point ZIP Code; phone number(s); email address(es); text message number(s) and carrier.

2. Customer account preferences: Individual customer preferences related to email and online communication participation level for USPS and marketing information.

3. Customer feedback: Information submitted by customers related to Informed Delivery^TM notification service or any other Postal product or service.

4. Subscription information: Date of customer sign-up for services through an opt-in process; date customer opts-out of services; nature of service provided.

5. Data on mailpieces: Destination address of mailpiece; Intelligent Mail barcode (IMb); 11-digit delivery point ZIP Code; and delivery status; identification number assigned to equipment used to process mailpiece.

6. Mail Images: Electronic files containing images of mail pieces captured during normal mail processing operations.

7. User Data associated with 11-digit ZIP Codes: Information related to the user's interaction with Informed Delivery^TM email messages, including, but not limited to email open and click-through rates, dates, times, and open rates appended to mailpiece images (user data is not associated with personally identifiable information).

8. Data on Mailings: Intelligent Mail barcode (IMb) and its components including the Mailer Identifier (Mailer ID or MID), Service Type Identifier (STID) and Serial Number.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

39 U.S.C. 401, 403, and 404.

Purpose(s):

1. To support the Informed Delivery^TM notification service which provides customers with electronic notification of physical mail that is intended for delivery at the customer's address.

2. To provide daily email communication to consumers with images of the letter-sized mailpieces that they can expect to be delivered to their mailbox each day.

3. To provide an enhanced customer experience and convenience for mail delivery services by linking physical mail to electronic content.

4. To obtain and maintain current and up-to-date address and other contact information to assure accurate and reliable delivery and fulfillment of postal products, services, and other material.

5. To determine the outcomes of marketing or advertising campaigns and to guide policy and business decisions through the use of analytics.

6. To identify, prevent, or mitigate the effects of fraudulent transactions.

7. To demonstrate the value of Informed Delivery^TM in enhancing the responsiveness to physical mail and to promote use of the mail by commercial mailers and other postal customers.

Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses

Standard routine uses 1-7, 10 and 11 apply.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, and Disposing of Records in the System

Storage

Automated database and computer storage media.

Retrievability

By customer email address, 11-Digit ZIP Code and/or the Mailer ID component of the Intelligent Mail Barcode.

Safeguards

Computers and computer storage media are located in controlled-access areas under supervision of program personnel. Access to these areas is limited to authorized personnel, who must be identified with a badge. Access to records is limited to individuals whose official duties require such access. Contractors and licensees are subject to contract controls and unannounced on-site audits and inspections. Computers are protected by mechanical locks, card key systems, or other physical access control methods. The use of computer systems is regulated with installed security software, computer logon identifications, and operating system controls including access controls, terminal and transaction logging, and file management software. Online data transmissions are protected by encryption. Access is controlled by logon ID and password. Online data transmissions are protected by encryption.

Retention and Disposal

Mailpiece images will be retained up to 7 days (mailpiece images are not associated with personally identifiable information). Records stored in the subscription database are retained until the customer cancels or opts-out of the service.

User data is retained for 2 years, 11 months.

Records existing on computer storage media are destroyed according to the applicable USPS media sanitization practice. Any records existing on paper will be destroyed by burning, pulping, or shredding.

System Manager(s) and Address

Vice President, New Products and Innovation, United States Postal Service, 475 L'Enfant Plaza SW., Washington, DC 20260

Notification Procedure

Customers wanting to know if information about them is maintained in this system of records must address inquiries in writing to the system manager. Inquiries must contain name, address, email and other identifying information.

Record Access Procedures

Requests for access must be made in accordance with the Notification Procedure above and USPS Privacy Act regulations regarding access to records and verification of identity under 39 CFR 266.6.

Contesting Record Procedures

See Notification Procedure and Record Access Procedures above.

Record Source Categories

Individual customers who request Informed Delivery^TM notification service; USPS.com account holders; other USPS systems and applications including those that support online change of address, mail hold services, Premium Forwarding Service or PO Boxes Online; commercial entities, including commercial mailers or other Postal Service business partners and third-party mailing list providers.