Privacy Act of 1974; System of Records

AGENCY:

Department of the Army, DoD.

ACTION:

Notice to alter a system of records.

SUMMARY:

The Department of the Army is proposing to alter a system of records notice in its existing inventory of records systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended.

The Department of the Army is proposing to alter the existing system of records to add new records being maintained, i.e., biographic information including, but not limited to, name, date of birth, place of birth, height, weight, eye color, hair color, race and gender.

DATES:

This proposed action will be effective without further notice on January 27, 2005, unless comments are received which result in a contrary determination.

ADDRESSES:

Department of the Army, Freedom of Information Privacy Division, U.S. Army Records Management and Declassification Agency, ATTN: AHRC-PDD-FPZ, 7701 Telegraph Road, Casey Building, Suite 144, Alexandria, VA 22325-3905.

FOR FURTHER INFORMATION CONTACT:

Ms. Janice Thornton at (703) 428-6504.

SUPPLEMENTARY INFORMATION:

The Department of the Army systems of records notices subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended, have been published in the Federal Register and are available from the address above.

The proposed system report, as required by 5 U.S.C. 552a(r) of the Privacy Act of 1974, as amended, was submitted on November 24, 2004, to the House Committee on Government Reform, the Senate Committee on Governmental Affairs, and the Office of Management and Budget (OMB) pursuant to paragraph 4c of Appendix I to OMB Circular No. A-130, ‘Federal Agency Responsibilities for Maintaining Records About Individuals,’ dated February 8, 1996 (February 20, 1996, 61 FR 6427).

A0380—19 SAIS

System Name:

Information Assurance For Automated Information Systems (AIS) and Defense Biometric Technology Files (July 28, 2003, 68 FR 44309).

Changes:

System Identifier:

Replace entry with ‘A0025—2 SAIS’.

System Name:

Delete entry and replace with ‘Information Assurance for Automated Information Systems (AIS) and Department of Defense Biometric Information Systems’.

System Location:

Delete entry and replace with ‘Defense Biometrics Fusion Center, 347 West Main Street, Clarksburg, WV 26306—2947 and at any Department of Defense system that collects, stores, accesses, retrieves, or uses biometrics technology to recognize the identity, or verify the claimed identity of an individual.’

Categories of Individuals Covered by the System:

Delete entry and replace with ‘Individuals covered include, but is not limited to, military, civilian, and contractor personnel; military reserve personnel; Army and Air National Guard personnel; and other persons requiring or requesting access to DoD information and facilities.'

Categories of Records in the System:

Delete entry and replace with ‘Operator's/user's name, Social Security Number, organization, telephone number, and office symbol; security clearance; level of access; subject interest code; user identification code; data files retained by users; assigned password; magnetic tape reel identification; abstracts of computer programs and names and phone numbers of contributors; similar relevant information; biometrics templates, biometric images, supporting documents, and biographic information including, but not limited to, name, date of birth, place of birth, height, weight, eye color, hair color, race and gender.'

Authority for Maintenance of the System:

Delete entry and replace with ‘Public Law 106-246, Section 112; 10 U.S.C. 3013, Secretary of the Army; 10 U.S.C. 5013, Secretary of the Navy; 10 U.S.C. 8013, Secretary of the Air Force; Department of Defense Directive 8500.1, Information Assurance (IA); DoD Instruction 8500.2, Information Assurance Implementation; Army Regulation 25—2, Information Assurance; and E.O. 9397 (SSN).'

Purpose(s):

Delete second paragraph and replace with ‘To Control logical and physical access to DoD information and facilities, and to recognize the identity or verify the identity of individuals by using a measurable physical or behavioral characteristic.'

Retrievability:

Add to entry ‘and other biometric data'.

Record Source Categories:

Delete entry and replace with ‘From the individual, DoD security offices, system managers, computer facility managers, automated interfaces for user codes on file at Department of Defense sites.’

A0025—2 SAIS

System Name:

Information Assurance for Automated Information systems (AIS) and Department of Defense Biometric Information Systems.

System Location:

Department of Defense Biometrics Fusion Center, 1600 Aviation Way, Bridgeport, WV 26330-9476, and at any Department of Defense system that collects, stores, accesses, retrieves, or uses biometrics technology to recognize the identity, or verify the claimed identity of an individual.

Categories of Individuals Covered by the System:

Individuals covered include, but is not limited to, military, civilian, and contractor personnel; military reserve personnel; Army and Air National Guard personnel, and other persons requiring or requesting access to DoD information and facilities.

Categories of Records in the System:

Operator's/user's name, Social Security Number, organization, telephone number, and office symbol; security clearance; level of access; subject interest code; user identification code; data files retained by users; assigned password; magnetic tape reel identification; abstracts of computer programs and names and phone numbers of contributors; similar relevant information; biometrics templates, biometric images, supporting documents, and biographic information including, but not limited to, name, date of birth, place of birth, height, weight, eye color, hair color, race and gender.

Authority for Maintenance of the System:

Public Law 106-246, Section 112; 10 U.S.C. 3013, Secretary of the Army; 10 U.S.C. 5013, Secretary of the Navy; 10 U.S.C. 8013, Secretary of the Air Force; Department of Defense Directive 8500.1, Information Assurance (IA); DoD Instruction 8500.2, Information Assurance Implementation; Army Regulation 25-2, Information Assurance; and E.O. 9397 (SSN).

Purpose(s):

To administer passwords and identification numbers for operators/users of data in automated media; to identify data processing and communication customers authorized access to or disclosure from data residing in information processing and/or communication activities; and to determine propriety of individual access into the physical data residing in automated media.

To control logical and physical access to DoD information and facilities and to identify or verify the identity of individuals by using a measurable physical or behavioral characteristic.

Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

The DoD ‘Blanket Routine Uses’ set forth at the beginning of the Army's compilation of systems of records notices also apply to this system.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, and Disposing of Records in the System:

Storage:

Paper records in file folders and electronic storage media.

Retrievability:

Name, Social Security Number, subject, application program key word/author, and biometric template, and other biometric data.

Safeguards:

Computerized records maintained in a controlled area are accessible only to authorized personnel. Physical and electronic access is restricted to designated individuals having a need therefore in the performance of official duties.

Retention and Disposal:

Individual data remain on file while a user of computer facility; destroyed on person's reassignment or termination.

System Manager(s) and Address:

Chief Information Officer, Department of the Army, 107 Army Pentagon, Washington, DC 20310-0107.

Director, Department of Defense Biometrics Management Office, 2530 Crystal Drive, Arlington, VA 22202-3934.

Notification Procedure:

Individuals seeking to determine whether information about themselves is contained in this system should address written inquiries to the Chief Information Officer, Department of the Army, 107 Army Pentagon, Washington, DC 20310-0107.

For verification purposes, individual should provide full name, sufficient details to permit locating pertinent records, and signature.

Record Access Procedures:

Individuals seeking access to information about themselves contained in this system should address written inquiries to the Chief Information Officer, Department of the Army, 107 Army Pentagon, Washington, DC 20310-0107.

For verification purposes, individual should provide full name, sufficient details to permit locating pertinent records, and signature.

Contesting Record Procedures:

The Army's rules for accessing records, and for contesting contents and appealing initial agency determinations are contained in Army Regulation 340-21; 32 CFR part 505; or may be obtained from the system manager.

Record Source Categories:

From the individual, DoD security offices, system managers, computer facility managers, automated interfaces for user codes on file at Department of Defense sites.

Exemptions Claimed for the System:

None.