Privacy Act of 1974; System of Records

AGENCY:

Federal Communications Commission.

ACTION:

Notice of a modified system of records.

SUMMARY:

The Federal Communications Commission (FCC, Commission, or Agency) has modified an existing system of records, FCC/OMD-2, Labor Relations and Employee Performance Files, subject to the Privacy Act of 1974, as amended. This action is necessary to meet the requirements of the Privacy Act to publish in the Federal Register notice of the existence and character of records maintained by the Agency. The records in this system contain information on Commission employees that the Human Resources Management (HRM) in the Office of Managing Director (OMD) uses for purposes such as litigation, law enforcement, congressional inquiries, labor organization inquiries, and government-wide program oversight.

DATES:

This system of records will become effective on March 12, 2021. Written comments on the routine uses are due by April 12, 2021. The routine uses will become effective on April 12, 2021, unless written comments are received that require a contrary determination.

ADDRESSES:

Send comments to Margaret Drake, at privacy@fcc.gov, or at Federal Communications Commission (FCC), 45 L Street NE, Washington, DC 20554 at (202) 418-1707.

FOR FURTHER INFORMATION CONTACT:

Margaret Drake, (202) 418-1707, or privacy@fcc.gov (and to obtain a copy of the Narrative Statement and the Supplementary Document, which includes details of the modifications to this system of records).

SUPPLEMENTARY INFORMATION:

FCC/OMB-2 contains information on Commission employees that the Human Resources Management (HRM) in the Office of Managing Director (OMD) uses for purposes such as litigation, law enforcement, congressional inquiries, labor organization inquiries, and government-wide program oversight. This notice serves to modify FCC/OMB-2 to reflect various necessary changes and updates, including format changes required by OMB Circular A-108 since its previous publication and the addition of two routine uses to address data breaches, as required by OMB Memorandum M-17-12. The substantive changes and modification to the previously published version of FCC/OMB-2 system of records include:

1. Updating the Security Classification to follow OMB and FCC guidance.

2. Updating the System Location to show the FCC's new headquarters address.

3. Modifying the Categories of Records to add employee grievances to the list that currently includes only employee responses or appeals.

4. Adding the Equal Employment Opportunity Commission (EEOC) to the record sources for this system when an underlying action (e.g., suspension) is challenged before the EEOC, the EEO-related records may also be subject to the governmentwide EEOC SORN.

5. Revising language in four Routine Uses: (1) Adjudication and Litigation, (2) Law Enforcement and Investigation, (3) Congressional Inquiries, and (4) Government-wide Program Management and Oversight.

6. Deleting three existing Routine Uses: (5) Employment, Clearances, Licensing, Contract, Grant, or other Benefits Decisions by the agency, (6) Employment, Clearances, Licensing, Contract, Grant, or other Benefits Decisions by other than the agency, and (7) Labor Relations.

7. Adding four new Routine Uses: (5) Breach Notification, to allow the FCC address information breaches at the Commission; (6) Assistance to Federal Agencies and Entities, to allow the FCC to provide assistance to other Federal agencies in their data breach situations; (7) For Non-Federal Personnel, to allow contractors performing or working on a contract for the Federal Government access to information in this system; and (8) Non-FCC Individuals and Organizations, to disclose information to individuals, including former FCC employees, and organizations, to obtain information pertinent to an investigation or proceeding. New Routine Uses (5) and (6) are required by OMB Memorandum M-17-12.

8. Replacing the Disclosures to Consumer Reporting section with a new Reporting to a Consumer Reporting Agency section to address valid and overdue debts owed by individuals to the FCC under the Debt Collection Act, as recommended by OMB.

9. Modifying the Policies and Practices for Retrieval of Records to add the employee name as a retrieval metric and, when applicable, examining case logs will disclose an employee's name associated with a case number.

10. Updating the Records Retention and Disposal section with a new National Archives and Records (NARA) General Records Schedule (GRS) 2.3 (DAA-GRS-2018-0002).

10. Adding a History section referencing the previous publication of this SORN in the Federal Register, as required by OMB Circular A-108.

The system of records is also updated to reflect various administrative changes related to the policy and practices for storage of the information; administrative, technical, and physical safeguards; and updated notification, records access, and procedures to contest records.

SYSTEM NAME AND NUMBER:

FCC/OMD-2, Labor Relations and Employee Performance Files

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Human Resources Management (HRM), Office of Managing Director (OMD), Federal Communications Commission (FCC), 45 L Street NE, Washington, DC, 20554.

SYSTEM MANAGER(S):

Human Resources Management (HRM), Office of Managing Director (OMD), Federal Communications Commission (FCC).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 35, 43, 61, 63, 71, 73, 75, and 77.

PURPOSE(S):

These records contain information on Commission employees for purposes such as litigation, law enforcement, congressional inquiries, labor organization inquiries, and government-wide program oversight.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Current and former Federal Communications Commission (FCC) employees.

CATEGORIES OF RECORDS IN THE SYSTEM:

This system contains a variety of records relating to formal and informal actions based on conduct or performance and also includes files dealing with grievances filed under the negotiated or administrative grievance procedures, requests for reconsideration, arbitrations, appeals, and miscellaneous inquiries and complaints. These records may include:

1. Case number, employee name, Social Security Number, grade, job title, and employment history; and

2. Copies of notices of proposed actions; materials relied on by the agency to support the proposed action; statements of witnesses; employee grievances, responses, or appeals; transcripts; and agency decisions.

RECORD SOURCE CATEGORIES:

This system of records includes information provided by an individual on whom the record is maintained; testimony of witnesses, supervisors and managers, and union officials; and decisions by arbitrators and other third-parties, e.g., Department of Labor, Equal Employment Opportunity Commission, Federal Labor Relations Authority, and Merit System Protection Board.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USE:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed to authorized entities, as is determined to be relevant and necessary, outside the FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows.

1. Adjudication and Litigation—To disclose information to the Department of Justice (DOJ), or to other administrative or adjudicative bodies before which the FCC is authorized to appear, when: (a) The FCC or any component thereof; (b) any employee of the FCC in his or her official capacity; (c) any employee of the FCC in his or her individual capacity where the DOJ or the FCC have agreed to represent the employee; or (d) the United States is a party to litigation or has an interest in such litigation, and the use of such records by the DOJ or the FCC is deemed by the FCC to be relevant and necessary to the litigation.

2. Law Enforcement and Investigation—To disclose pertinent information to the appropriate Federal, State, local, or tribal agency responsible for investigating, prosecuting, enforcing, or implementing a statute, rule, regulation, or order, where the FCC becomes aware of an indication of a violation or potential violation of civil or criminal law or regulation.

3. Congressional Inquiries—To provide information to a Congressional office from the record of an individual in response to an inquiry from that Congressional office made at the written request of that individual.

4. Government-wide Program Management and Oversight—To disclose information to the U.S. Treasury to disburse payment determination information to pay a claimant once the compensation decision has been reached; to the Department of Justice (DOJ) to obtain that department's advice regarding disclosure obligations under the Freedom of Information Act (FOIA); or to the Office of Management and Budget (OMB) to obtain that office's advice regarding obligations under the Privacy Act.

5. Breach Notification—To appropriate agencies, entities, and persons when: (a) The Commission suspects or has confirmed that there has been a breach of data maintained in the system of records; (b) the Commission has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Commission (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Commission's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

6. Assistance to Federal Agencies and Entities—To another Federal agency or Federal entity, when the Commission determines that information from this system is reasonably necessary to assist the recipient agency or entity in: (a) Responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

7. For Non-Federal Personnel—To disclose information to non-Federal personnel, i.e., contractors, performing or working on a contract in connection with human resources management and/or IT services for the Federal Government, who may require access to this system of records.

8. Non-FCC Individuals and Organizations—To disclose information to individuals, including former FCC employees, and organizations, in the course of an investigation or proceeding to the extent necessary to obtain information pertinent to the investigation or proceeding.

REPORTING TO A CONSUMER REPORTING AGENCIES:

In addition to the routine uses cited above, the Commission may share information from this system of records with a consumer reporting agency regarding an individual who has not paid a valid and overdue debt owed to the Commission, following the procedures set out in the Debt Collection Act, 31 U.S.C. 3711(e).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Information in this system includes both paper and electronic records. The paper records, documents, and files are maintained in file cabinets that are located in OMD. The electronic records, files, and data are stored in the FCC's computer network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

These records are retrieved preliminarily by case number or employee name. Where applicable, an examination of case logs will disclose the name of an employee associated with a case number.

POLICIES AND PRACTIES FOR RETENTION AND DISPOSAL OF RECORDS:

Records in this system are subject to General Records Schedule 2.3 (DAA-GRS-2018-0002). Disposal is by shredding or burning for paper files and deletion for electronic files.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

The electronic records, files, and data are stored within FCC accreditation boundaries and maintained in a database housed in the FCC's computer network databases. Access to the electronic files is restricted to authorized OMD employees and contractors; and to IT staff, contractors, and vendors who maintain the IT networks and services. Other FCC employees and contractors may be granted access on a need-to-know basis. The FCC's electronic files and records are protected by the FCC and third-party privacy safeguards, a comprehensive and dynamic set of IT safety and security protocols and features that are designed to meet all Federal IT privacy standards, including those required by the Federal Information Security Modernization Act of 2014 (FISMA), the Office of Management and Budget (OMB), and the National Institute of Standards and Technology (NIST). Paper records are kept in file cabinets in non-public rooms in the OMD office suite. The file cabinets are locked at the end of the day, or when not in use. Access to these office suites is through card-coded doors. The access points to these offices are also monitored. Only authorized OMD supervisors and staff have access to these paper records.

RECORD ACCESS PROCEDURES:

Individuals wishing to request access to and/or amendment of records about themselves should follow the Notification Procedure below.

CONTESTING RECORD PROCEDURES:

Individuals wishing to request access to and/or amendment of records about themselves should follow the Notification Procedure below.

NOTIFICATION PROCEDURE:

Individuals wishing to determine whether this system of records contains information about themselves may do so by writing Privacy@fcc.gov. Individuals requesting access must also comply with the FCC's Privacy Act regulations regarding verification of identity to gain access to records as required under 47 CFR part 0, subpart E.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None.

HISTORY:

The FCC previously gave full notice of FCC/OMD-2, Labor Relations and Employee Performance Files, by publication in the Federal Register on April 5, 2006 (71 FR 17248).