72 FR 3410
72 FR 3410 / 01-25-07
Pursuant to the provisions of the Privacy Act of 1974, 5 U.S.C. 552a, notice is given that the Department of Justice proposes to modify all of its systems of records, as identified in the list below.
On October 30, 2006, the Department modified all of its systems of records to include a new routine use that allows disclosure to appropriate persons and entities for purposes of response and remedial efforts in the event that there has been a breach of the data contained in the systems. 71 FR 63,354 (October 30, 2006).
In accordance with 5 U.S.C. 552a(e)(4) and (11), the public was given a 30-day period in which to comment; and the Office of Management and Budget (OMB), which has oversight responsibility under the Privacy Act, required a 40-day period in which to conclude its review of the systems.
As a result of comments received, the Department is making a minor modification to the language of the routine use in order to provide greater clarity. A concern was raised that the condition set forth in clause (1) of the routine use ("when (1) it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised") does not clearly identify precisely who has to suspect or confirm the compromise. While it was the intent of the drafters that it be the Department of Justice that must suspect or confirm the compromise, because that intent is expressed only implicitly in the routine use, the Department is modifying the language of the first condition to provide additional clarity.
A description of the modification to the Department's systems of records is provided below. In accordance with 5 U.S.C. 552a(r), the Department has provided a report to OMB and the Congress. The new routine use will be effective January 25, 2007.
Department of Justice Privacy Act notices and citations follow. An asterisk (*) designates the last publication of the complete document in the Federal Register.
| FBI-001 | National Crime Information Center (NCIC) | 64 FR 52343 |
| FBI-002 | The FBI Central Records System | 63 FR 8671* 66 FR 17200 |
| FBI-003 | Bureau Mailing Lists | 70 FR 7513 |
| FBI-006 | Electronic Surveillance (ELSUR) Indices | 70 FR 7513, 14 |
| FBI-007 | FBI Automated Payroll System | 58 FR 51874 |
| FBI-008 | Bureau Personnel Management System (BPMS) | 58 FR 51875 |
| FBI-009 | Fingerprint Identification Records System (FIRS) | 64 FR 52347 |
| FBI-010 | Employee Travel Vouchers and Individual Earning Records | 52 FR 47248 |
| FBI-011 | Employee Health Records | 58 FR 51875 |
| FBI-012 | Time Utilization Record-Keeping (TURK) System | 58 FR 51876 |
| FBI-013 | Security Access Control System (SACS) | 70 FR 7513, 16 |
| FBI-014 | FBI Alchoholism Program | 52 FR 47251 |
| FBI-015 | National Center for the Analysis of Violent Crimer (NCAVC) | 58 FR 51879 |
| FBI-016 | FBI Counterdrug Information Indices System (CIIS) | 59 FR 29824 |
| FBI-017 | National DNA Index System (NDIS) | 61 FR 37495 |
| FBI-018 | National Instant Criminal Background Check System (NICS) | 63 FR 65223* 65 FR 78190 66 FR 6676 66 FR 12959 |
| FBI-019 | Terrorist Screening Records System | 70 FR 43715* 70 FR 72315 |
| FBI Blanket Routine Uses | FBI established ten "blanket" routine uses (BRUs) to be applicable to more than one FBI system of records | 66 FR 33558* 70 FR 7513 |
Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses:
To appropriate agencies, entities, and persons when (1) The Department suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
Dated January 22, 2007
