Agency Information Collection Activities: Comment Request

AGENCY:

National Agricultural Statistics Service, U.S. Department of Agriculture.

ACTION:

Notice.

SUMMARY:

The National Agricultural Statistics Service (NASS) within US Department of Agriculture (USDA) invites the general public and other Federal agencies to comment on a proposed information collection. NASS plans to collect information from the public to fulfill its data security requirements when providing access to restricted use data for the purpose of evidence building. NASS's data security agreements and other paperwork along with the corresponding security protocols allow NASS to maintain careful controls on confidentiality and privacy, as required by law. The purpose of this notice is to allow for 60 days of public comment on the proposed data security information collection, prior to submission of the information collection request (ICR) to the Office of Management and Budget (OMB).

DATES:

Written comments on this notice must be received by January 9, 2023 to be assured of consideration. Comments received after that date will be considered to the extent practicable. Send comments to the address below.

Comments: Comments are invited on (a) whether the proposed collection of information is necessary for the proper performance of the functions of the National Agricultural Statistics Service (NASS), including whether the information will have practical utility; (b) the accuracy of NASS's estimate of the burden of the proposed collection of information; (c) ways to enhance the quality, use, and clarity of the information on respondents, including through the use of automated collection techniques or other forms of information technology; and (d) ways to minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology.

ADDRESSES:

You may submit comments, identified by docket number 0535-NEW, by any of the following methods:

• Email: ombofficer@nass.usda.gov. Include docket number above in the subject line of the message.

• E-fax: (855) 838-6382.

• Mail: Mail any paper, disk, or CD-ROM submissions to: Richard Hopper, NASS Clearance Officer, U.S. Department of Agriculture, Room 5336 South Building, 1400 Independence Avenue SW, Washington, DC 20250-2024.

• Hand Delivery/Courier: Hand deliver to: Richard Hopper, NASS Clearance Officer, U.S. Department of Agriculture, Room 5336 South Building, 1400 Independence Avenue SW, Washington, DC 20250-2024.

FOR FURTHER INFORMATION CONTACT:

Kevin L. Barnes, Associate Administrator, National Agricultural Statistics Service, U.S. Department of Agriculture, (202) 720-2707. Copies of this information collection and related instructions can be obtained without charge from Richard Hopper, NASS—OMB Clearance Officer, at (202) 720-2206 or at ombofficer@nass.usda.gov.

SUPPLEMENTARY INFORMATION:

The Foundations for Evidence-Based Policymaking Act of 2018 mandates that the Office of Management and Budget (OMB) establish a Standard Application Process (SAP) for requesting access to certain confidential data assets. While the adoption of the SAP is required for statistical agencies and units designated under the Confidential Information Protection and Statistical Efficiency Act (CIPSEA), it is recognized that other agencies and organizational units within the Executive branch may benefit from the adoption of the SAP to accept applications for access to confidential data assets. The SAP is to be a process through which agencies, the Congressional Budget Office, State, local, and Tribal governments, researchers, and other individuals, as appropriate, may apply to access confidential data assets held by a federal statistical agency or unit for the purposes of developing evidence. With the Interagency Council on Statistical Policy (ICSP) as advisors, the entities upon whom this requirement is levied are working with the SAP Project Management Office (PMO) and with OMB to implement the SAP. The SAP Portal is to be a single web-based common application for the public to request access to confidential data assets from federal statistical agencies and units. The National Center for Science and Engineering Statistics (NCSES), within the National Science Foundation (NSF), submitted a Federal Register Notice in September 2022 announcing plans to collect information through the SAP Portal (87 FR 53793).

Once an application for confidential data is approved through the SAP Portal, the National Agricultural Statistics Service will collect information to meet its data security requirements. This collection will occur outside of the SAP Portal.

Title of collection: NASS Data Security Requirements for Accessing Confidential Data.

OMB Control Number: 0535-NEW.

Expiration Date of Current Approval: Not Applicable.

Type of Request: Intent to seek approval to collect information from the public to fulfill the National Agricultural Statistics Service security requirements allowing individuals to access confidential data assets for the purposes of building evidence.

Abstract

Title III of the Foundations for Evidence-Based Policymaking Act of 2018 (hereafter referred to as the Evidence Act) mandates that OMB establish a Standard Application Process (SAP) for requesting access to certain confidential data assets. Specifically, the Evidence Act requires OMB to establish a common application process through which agencies, the Congressional Budget Office, State, local, and Tribal governments, researchers, and other individuals, as appropriate, may apply for access to confidential data assets collected, accessed, or acquired by a statistical agency or unit. This new process will be implemented while maintaining stringent controls to protect confidentiality and privacy, as required by law.

Data collected, accessed, or acquired by statistical agencies and units is vital for developing evidence on conditions, characteristics, and behaviors of the public and on the operations and outcomes of public programs and policies. This evidence can benefit the stakeholders in the programs, the broader public, as well as policymakers and program managers at the local, State, Tribal, and National levels. The many benefits of access to data for evidence building notwithstanding, National Agricultural Statistics Service is required by law to maintain careful controls that allow it to minimize disclosure risk while protecting confidentiality and privacy. The fulfillment of National Agricultural Statistics Service's data security requirements places a degree of burden on the public, which is outlined below.

The SAP Portal is a web-based application for the public to request access to confidential data assets from federal statistical agencies and units. The objective of the SAP Portal is to increase public access to confidential data for the purposes of evidence building and reduce the burden of applying for confidential data. Once an individual's application in the SAP Portal has received a positive determination, the data-owning agency(ies) or unit(s) will begin the process of collecting information to fulfill their data security requirements.

The paragraphs below outline the SAP Policy, the steps to complete an application through the SAP Portal, and the process for agencies to collect information fulfilling their data security requirements.

The SAP Policy

At the recommendation of the ICSP, the SAP Policy establishes the SAP to be implemented by statistical agencies and units and incorporates directives from the Evidence Act. The policy is intended to provide guidance as to the application and review processes using the SAP Portal, setting forth clear standards that enable statistical agencies and units to implement a common application form and a uniform review process. The SAP Policy was submitted to the public for comment in January 2022 (87 FR 2459). The policy is currently under review and has not yet been finalized.

The SAP Portal

The SAP Portal is an application interface connecting applicants seeking data with a catalog of data assets owned by the federal statistical agencies and units. The SAP Portal is not a new data repository or warehouse; confidential data assets will continue to be stored in secure data access facilities owned and hosted by the federal statistical agencies and units. The Portal will provide a streamlined application process across agencies, reducing redundancies in the application process. This single SAP Portal will improve the process for applicants, tracking and communicating the application process throughout its lifecycle. This reduces redundancies and burden on applicants that request access to data from multiple agencies. The SAP Portal will automate key tasks to save resources and time and will bring agencies into compliance with the Evidence Act statutory requirements.

Data Discovery

Individuals begin the process of accessing restricted use data by discovering confidential data assets through the SAP data catalog, maintained by federal statistical agencies at www.researchdatagov.org. Potential applicants can search by agency, topic, or keyword to identify data of interest or relevance. Once they have identified data of interest, applicants can view metadata outlining the title, description or abstract, scope and coverage, and detailed methodology related to a specific data asset to determine its relevance to their research.

While statistical agencies and units shall endeavor to include metadata in the SAP data catalog on all confidential data assets for which they accept applications, it may not be feasible to include metadata for some data assets ( e.g., potential curated versions of administrative data). A statistical agency or unit may still accept an application through the SAP Portal even if the requested data asset is not listed in the SAP data catalog.

SAP Application Process

Individuals who have identified and wish to access confidential data assets will be able to apply for access through the SAP Portal when it is released to the public in late 2022. Applicants must create an account and follow all steps to complete the application. Applicants begin by entering their personal, contact, and institutional information, as well as the personal, contact, and institutional information of all individuals on their research team. Applicants proceed to provide summary information about their proposed project, to include project title, duration, funding, timeline, and other details including the data asset(s) they are requesting and any proposed linkages to data not listed in the SAP data catalog, including non-federal data sources. Applicants then proceed to enter detailed information regarding their proposed project, including a project abstract, research question(s), literature review, project scope, research methodology, project products, and anticipated output. Applicants must demonstrate a need for confidential data, outlining why their research question cannot be answered using publicly available information.

Submission for Review

Upon submission of their application, applicants will receive a notification that their application has been received and is under review by the data owning agency or agencies (in the event where data assets are requested from multiple agencies). At this point, applicants will also be notified that application approval does not alone grant access to confidential data, and that, if approved, applicants must comply with the data-owning agency's security requirements outside of the SAP Portal, which may include a background check.

In accordance with the Evidence Act and the direction of the ICSP, agencies will approve or reject an application within a prompt timeframe. In some cases, agencies may determine that additional clarity, information, or modification is needed and request the applicant to “revise and resubmit” their application.

Data discovery, the SAP application process, and the submission for review are planned to take place within the web-based SAP Portal. As noted above, the notice announcing plans to collect information through the SAP Portal has been published separately (87 FR 53793).

Access to Restricted Use Data

In the event of a positive determination, the applicant will be notified that their proposal has been accepted. The positive or final adverse determination concludes the SAP Portal process. In the instance of a positive determination, the data-owning agency (or agencies) will contact the applicant to provide instructions on the agency's security requirements that must be completed to gain access to the confidential data. The completion and submission of the agency's security requirements will take place outside of the SAP Portal.

Collection of Information for Data Security Requirements

In the instance of a positive determination for an application requesting access to a National Agricultural Statistics Service (NASS) confidential data asset, NASS will contact the applicant(s) to initiate the process of collecting information to fulfill their security requirements. These include additional requirements necessary for the statistical agency or unit to place the applicant(s) in a trusted category that may include the applicant's successful completion of a background investigation, confidentiality training, nondisclosure, inspection of the site the confidential data will be accessed, and data use agreements.

NASS's data security requirements include the collection of the following:

• Security Briefing: NASS personnel provide a Security Briefing to all applicants who were approved access to restricted data. The Briefing is provided prior to the applicant completing the three forms listed below and includes information on the Confidential Information Protection and Statistical Efficiency Act of 2018, Title III of Public Law 115-435, codified in 44 U.S.C. Ch. 35 and other applicable Federal laws that protect the restricted data.

• Completion of form ADM-043, Certification and Restrictions on Use of Unpublished Data. This form is required to be signed by researchers who have been approved to access unpublished NASS data (alternatively, some approved researchers complete on-line training in lieu of completing this form). The form contains excerpts of the various laws that apply to the unpublished data being provided to the researcher. The form explains the restrictions associated with the unpublished data and includes a place for the research to sign the form, thereby acknowledging the restrictions and agreeing to abide by them.

• Completion of User Attestation Form. Researchers approved to access unpublished NASS data are provided with the document Handbook for Special Sworn Data Users of a NASS Data Lab that explains the policies and procedures associated with accessing unpublished NASS data in a NASS Data Lab (including data enclaves). Each researcher approved to access unpublished NASS data is required to sign the User Attestation Form to acknowledge they were provided with the Handbook for Special Sworn Data Users of a NASS Data Lab and agree to abide by its provisions.

• Completion of NASS Site Inspection Checklist. Researchers approved to access unpublished NASS data do so using a secure data enclave environment accessible at their own location. A NASS employee performs a site inspection (either in-person or via a video call) of the researcher's location prior to the researcher being granted access to the unpublished data. During the site inspection, the NASS employee administers the form NASS Site Inspection Checklist, which asks questions pertaining to the suitability of the location for restricted data access and some of the policies associated with accessing the restricted data. The form also collects information about the computer the researcher will use to access the NASS data enclave.

Note: Foreign Nationals who are approved to access NASS confidential data assets must also complete form OF-306, Declaration for Federal Employment (the form may also be used to assess fitness for federal contract employment). Form OF-306 is approved under OMB No. 3206-0182. Consequently, burden for completing OF-306 is not included here.

Estimate of Burden: The amount of time to complete the agreements and other paperwork, Security Briefing, and read the Handbook for Special Sworn Data Users that comprise NASS's security requirements will vary based on the confidential data assets requested and the access modality. To obtain access to NASS confidential data assets, it is estimated that the average time to complete and submit NASS's data security agreements and other paperwork, Security Briefing, and read the Handbook for Special Sworn Data Users is 145 minutes per applicant. This estimate does not include the time needed to complete and submit an application within the SAP Portal. All efforts related to SAP Portal applications occur prior to and separate from NASS's effort to collect information related to data security requirements.

The expected number of applications in the SAP Portal that receive a positive determination from NASS in a given year may vary. Overall, per year, NASS estimates it will collect data security information from 200 applicants that received a positive determination within the SAP Portal (note: a SAP Portal application may include access for more than one applicant) or other restricted use access approval. NASS estimates that the total burden for the collection of information for data security requirements over the course of the three-year OMB clearance will be about 1,452 hours and, as a result, an average annual burden of 484 hours.