Privacy Act System of Records

AGENCY:

Federal Communications Commission (FCC or Commission or Agency)

ACTION:

Notice of a new system of records.

SUMMARY:

The FCC proposes to add a new system of records, FCC/CGB-5, CGB Stakeholder Database, to its inventory of records systems subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended. This action is necessary to meet the requirements of the Privacy Act to publish in the Federal Register notice of the existence and character of records maintained by the agency (5 U.S.C. 552a(e)(4)). The FCC's Consumer and Governmental Affairs Bureau (CGB or Bureau) will use FCC/CGB-5 to cover the personally identifiable information (PII) contained in a database of its stakeholders to provide information concerning its public events as well as recent developments at the FCC as part of its outreach activities.

DATES:

Written comments are due on or before August 18, 2016. This action will become effective on August 29, 2016 unless comments are received that require a contrary determination.

ADDRESSES:

Send comments to Leslie F. Smith, Privacy Manager, Information Technology (IT), Room 1-C216, Federal Communications Commission, 445 12th Street SW., Washington, DC 20554, or via the Internet at Leslie.Smith@fcc.gov.

FOR FURTHER INFORMATION CONTACT:

Leslie F. Smith, (202) 418-0217, or Leslie.Smith@fcc.gov.

SUPPLEMENTARY INFORMATION:

The CGB Stakeholder Database allows CGB to fulfill its outreach responsibilities as set forth in 47 CFR 0.141. The database contains contact information for individuals who interact with the Bureau through electronic or in-person contact with the Bureau.

FCC/CGB-5

SYSTEM NAME:

CGB Stakeholder Database.

SECURITY CLASSIFICATION:

The FCC's CIO will develop a security classification to this system of records based on NIST FIPS-199 standards.

SYSTEM LOCATION:

Consumer and Governmental Affairs Bureau (CGB), Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Members of the general public; representatives of federal, state, local and tribal governments; and representatives of public and private companies, trade groups, and interest groups.

CATEGORIES OF RECORDS IN THE SYSTEM:

The categories of records in this information system include the contact information that individuals have provided in their interactions with the Bureau, including: Personal contact information (including but not limited to, name, personal cell phone number, business cell phone number, home telephone number, business telephone number, personal and professional email address, personal and professional facsimile number, business and home mailing address, and social media contact information) and job-related data (including but not limited to organizational affiliation and title).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

47 U.S.C. 151, 152, 155, 303; 47 CFR 0.141.

PURPOSE(S):

These records enable CGB personnel to contact interested parties concerning its public events, e.g., workshops, conferences, and Webinars, etc., as well as recent developments at the FCC, and to share contact information of governmental, law enforcement, industry, advocacy groups, employment centers, faith-based organizations, libraries, policy organizations, media outlets, schools, seniors centers, veterans groups, national governmental associations or tribal intergovernmental organizations.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed to authorized entities, as is determined to be relevant and necessary, outside the FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows. In each of these cases, the FCC will determine whether disclosure of the records is compatible with the purpose(s) for which the records were collected.

1. Congressional Inquiries—To provide information to a congressional office from the record of an individual in response to an inquiry from that congressional office made at the request of that individual.

2. Contact Information Sharing—to share contact information for federal, state, local, or tribal governments; law enforcement; industry; advocacy groups; non-profit organizations; employment centers; faith-based organizations; libraries; policy organizations; media outlets; schools; seniors centers; veterans groups; national governmental associations; or tribal intergovernmental organizations with these entities, or members of the public, as part of CGB's outreach activities, but in no case will individual members of the public's contact information be provided to these entities without consent.

3. Government-wide Program Management and Oversight—To the National Archives and Records Administration for use in its records management inspections; to the Government Accountability Office (GAO) for oversight purposes; to the Department of Justice (DOJ) to obtain that department's advice regarding disclosure obligations under the Freedom of Information Act (FOIA); or to the Office of Management and Budget to obtain that office's advice regarding obligations under the Privacy Act.

4. Adjudication and Litigation—To the Department of Justice (DOJ), or other administrative body before which the FCC is authorized to appear, when: (a) The FCC or any component thereof; (b) any employee of the FCC in his or her official capacity; (c) any employee of the FCC in his or her individual capacity where DOJ or the FCC has agreed to represent the employee; or (d) the United States is a party to litigation or has an interest in such litigation, and the use of such records by DOJ or the FCC is deemed by the FCC to be relevant and necessary to the litigation.

5. Law Enforcement and Investigation—To disclose pertinent information to the appropriate Federal, State, or local agency responsible for investigating, prosecuting, enforcing, or implementing a statute, rule, regulation, or order, where the FCC becomes aware of an indication of a violation or potential violation of civil or criminal law or regulation; and

6. Breach Notification—To appropriate agencies, entities, and persons when (1) the Commission suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Commission has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Commission or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Commission's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:

None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

The information in this system includes electronic data entered into the CGB Stakeholder Database that is maintained in the FCC's computer network.

RETRIEVABILITY:

Information in the CGB Stakeholder Database can be retrieved from the database by any element of an individual's contact information.

SAFEGUARDS:

The electronic records are maintained in a database housed in the FCC computer network databases. The FCC's computer network is protected by the FCC's IT privacy safeguards, a comprehensive and dynamic set of IT safety and security protocols and features that are designed to meet all Federal IT privacy standards, including those required by the National Institute of Standard and Technology (NIST) and the Federal Information Security Management Act (FISMA). In addition, access to the information in the database is restricted to authorized CGB supervisors and staff and to authorized FCC Information Technology (IT) staff who maintain these computer databases. Other FCC employees and contractors may be granted access only on a “need-to-know” basis.

Physical documents containing information to be added into the CGB Stakeholders Database, such as business cards and sign-in sheets, are disposed of once the information is incorporated into the CGB Stakeholder Database and the physical records are no longer need for another business purpose. Before destruction of physical records, they are stored in CGB staff offices which are locked at the end of the business day.

RETENTION AND DISPOSAL:

The CGB Stakeholder Database will be retained by the FCC until a records schedule has been approved by NARA. Upon approval of a records schedule by NARA, the CGB Stakeholder Database will be retained and disposed of pursuant to that records schedule.

SYSTEMS MANAGER(S) AND ADDRESS: Consumer and Governmental Affairs Bureau (CGB), Federal Communications Commission (FCC), 445 12th Street SW Washington, DC 20554.

NOTIFICATION PROCEDURE:

Individuals wishing to determine whether this system of records contains information about them may do so by writing to Leslie F. Smith, Privacy Manager, Information Technology (IT), Federal Communications Commission (FCC), 445 12th Street SW., Washington, DC 20554, or email Leslie.Smith@fcc.gov. Individuals must furnish reasonable identification by showing any two of the following: Social security card; driver's license; employee identification card; Medicare card; birth certificate; bank credit card; or other positive means of identification, or by signing an identity statement stipulating that knowingly or willfully seeking or obtaining access to records about another person under false pretenses is punishable by a fine of up to $5,000.

Individuals requesting access must also comply with the FCC's Privacy Act regulations regarding verification of identity and access to records (5 CFR part 0, subpart E).

RECORD ACCESS PROCEDURES: Individuals wishing to request an amendment of records about them should follow the Notification Procedure above.

CONTESTING RECORD PROCEDURES: Individuals wishing to contest information pertaining to him or her in the system of records should follow the Notification Procedure above.

RECORD SOURCE CATEGORIES:

The sources for information in the CGB Stakeholder Database include but are not limited to information provided by members of the general public, representatives of federal, state, local and tribal governments, representatives of public and private interest groups who:

1. Contact the Bureau through phone, letter, email, or social media communications;

2. Attend Bureau-hosted events and leave their information on a paper or electronic sign-in sheet;

3. Register for Bureau-hosted events through temporary “@fcc.gov” email addresses;

4. Voluntarily subscribe to AccessInfo@fcc.gov to receive update on the Bureau's work on accessibility issues;

5. Are organizations whose publicly available information is used by the Bureau to initiate contact;

6. Attend non-FCC events and provide information to Bureau staff in attendance;

7. Electronically confirm attendance at Webinars or in-person meetings; and/or

8. Provide paper business cards to CGB staff.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None.