Privacy Act of 1974; Amended System of Records

AGENCY:

Bureau of Industry and Security, U.S. Department of Commerce.

ACTION:

Notice of Proposed Amendment to Privacy Act System of Records: “COMMERCE/ITA-1, Individuals Identified in Export Transactions.”

SUMMARY:

In accordance with the Privacy Act of 1974 (Privacy Act), as amended, Title 5, United States Code (U.S.C.) 552a(e)(4) and (11); and Office of Management and Budget (OMB) Circular A-130, Appendix 1, “Federal Agency Responsibility for Maintaining Records About Individuals,” the Department of Commerce (Department) is issuing a notice of intent to amend the system of records entitled “COMMERCE/ITA-1, Individuals Identified in Export Transactions,” by transferring the system from the International Trade Administration (ITA) to the Bureau of Industry and Security (BIS), and by renaming the system to “COMMERCE/BIS-1, Individuals Identified in Export Transactions and Other Matters Subject to BIS Jurisdiction.” The purpose of this amendment is also to update: (a) The security classification, system location, and system manager and address; (b) the categories of individuals covered by the system; (c) the categories of records in the system; (d) the authority for maintenance of the system; (e) the storage, retrievability, safeguards, retention, and disposal of records; (f) the notification, record access, and contesting record procedures; (g) the routine uses by adding the breach notification routine use; (h) records source categories; and (i) exemptions claimed for the system.

The information is collected for identification purposes of individuals involved in export transactions chosen for or participating in export regulation outreach, education and information programs; individuals seeking export licenses or other authorizations from BIS, as well as related end use checks; individuals providing information pursuant to laws or regulations administered or enforced by BIS; or individuals under suspicion or investigation or having been convicted of or otherwise found liable for violations of export control laws or other laws or regulations administered by BIS. We invite public comment on the amended system announced in this publication.

DATES:

To be considered, written comments must be submitted on or before November 20, 2015. Unless comments are received, the new system of records will become effective as proposed on the date of publication of a subsequent notice in the Federal Register.

ADDRESSES:

Comments may be mailed to the Privacy Officer, Bureau of Industry and Security, Department of Commerce, 1401 Constitution Avenue NW., Room 6622, Washington, DC 20230.

FOR FURTHER INFORMATION CONTACT:

Chief Financial Officer and Director of Administration, Bureau of Industry and Security, Department of Commerce, 1401 Constitution Avenue NW., Room 6622, Washington, DC 20230.

SUPPLEMENTARY INFORMATION:

This notice announces the Department's proposal to amend the system of records under the Privacy Act of 1974, for Individuals Identified in Export Transactions records. The changes are needed because the existing notice for this system of records identifies ITA as the owner of the system, which is no longer the case as the system of records has been transferred to BIS. These changes clarify the scope of laws and regulations administered or enforced by BIS. Information collections would be obtained from individuals under the authority of the Export Administration Act of 1979, the Export Administration Regulations, the Security Assistance Act of 2002, the Foreign Trade Regulations, the International Emergency Economic Powers Act, the United States Additional Protocol Implementation Act, the Chemical Weapons Convention Implementation Act of 1998, the Defense Production Act of 1950, and the Fastener Quality Act. Further, these changes clarify the types of records maintained.

COMMERCE/BIS-1

SYSTEM NAME:

COMMERCE/BIS-1, Individuals Identified in Export Transactions and Other Matters Subject to BIS Jurisdiction.

SECURITY CLASSIFICATION:

Unclassified, Sensitive.

SYSTEM LOCATION:

Department of Commerce, Herbert C. Hoover Building.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

a. Individuals involved in export transactions. This information is maintained on domestic and foreign companies and business officials, and includes U.S. citizens involved with or working for firms abroad.

b. Individuals identified in a BIS export enforcement proceeding or investigation. Individuals alleged to have violated the Export Administration Regulations; certain other individuals identified by the Federal Bureau of Investigation (FBI) or other investigating agencies or individuals in the investigative process such as those involved in organized crime; individuals who have received warning letters; and individuals subject to prohibitions, licensing requirements, or other restrictions.

c. Individuals identified in export license applications, licenses, or other authorizations from BIS, including related end use checks.

d. Individuals identified in proceedings or investigations related to other laws and regulations administered, or enforced by BIS.

e. Individuals who have provided information to BIS to participate in export regulation outreach, education and information programs.

f. Individuals who have otherwise provided information to BIS pursuant to laws and regulations administered or enforced by BIS.

CATEGORIES OF RECORDS IN THE SYSTEM:

Reports and cables from U.S. Foreign Service's posts; FBI and other U.S. or foreign law enforcement or investigative agencies, investigators or informants; investigative and intelligence data; documented violations; warning letters; licensing information; export transaction information; and information obtained pursuant to other laws or regulations administered or enforced by BIS. Also includes any information on alleged or proven violators of the Export Administration Act or Regulations, the International Emergency Economic Powers Act or any other law or regulation administered or enforced by BIS and information collected to meet U.S. treaty obligations, for which BIS is responsible to implement. Examples of these categories of records and data items may include, but are not limited to: (1) Identifying Numbers; (2) General Personal Data; (3) Work-Related Data; (4) Distinguishing Features/Biometrics; and (5) System Administration/Audit Data.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Export Administration Act of 1979 (Pub L. 96-72, 50 U.S.C. app. 2401-2420), Export Administration Regulations (EAR) (15 CFR 730-799), the Security Assistance Act of 2002 (13 U.S.C. 305) and the Foreign Trade Regulations (15 CFR 30.60 and 30.73), International Emergency Economic Powers Act (IEEPA), as amended (50 U.S.C. 1701-1706), 5 U.S.C. 301, 22 U.S.C. 401, 22 U.S.C. 8544, 28 U.S.C. 533-535, 44 U.S.C. 3101, United States Additional Protocol Implementation Act (Pub. L. 109-401), Chemical Weapons Convention Implementation Act of 1998 (22 U.S.C. 6701 et seq.), Defense Production Act of 1950, as amended (50 U.S.C. App. 2061 et seq.), Fastener Quality Act, as amended (15 U.S.C. 5401 et seq.).

PURPOSES:

The purpose of this system is to maintain records that are related to the administration, enforcement, and implementation of the laws and regulations under the jurisdiction of BIS. Included in these records is information regarding individuals involved or identified in export transactions, export license applications, licenses, or other authorizations from BIS, and individuals identified in BIS export enforcement proceedings or suspected of violating statutes, regulations, or Executive Orders administered, enforced, or implemented by BIS.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

1. In the event that a system or records maintained by the Department to carry out its functions indicates a violation or potential violation of law or contract, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program statute or contract, or rule, regulation, or order issued pursuant thereto, or the necessity to protect an interest of the Department, the relevant records in the system of records may be referred, as a routine use, to the appropriate agency, whether Federal, state, local or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute or contract, or rule, regulation or order issued pursuant thereto, or protecting the interest of the Department.

2. A record from this system of records may be disclosed, as a routine use, to a Federal, state or local agency maintaining civil, criminal or other relevant enforcement information or other pertinent information, such as current licenses, if necessary to obtain information relevant to a Department decision concerning the assignment, hiring or retention of an individual, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant or other benefit.

3. A record from this system of records may be disclosed, as a routine use, to a Federal, state, local, or international agency, in response to its request, in connection with the assignment, hiring or retention of an individual, the issuance of a security clearance, the reporting of an investigation of an individual, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.

4. A record from this system of records may be disclosed, as a routine use, in the course of presenting evidence to a court, magistrate or administrative tribunal, including disclosures to opposing counsel in the course of settlement negotiations.

5. A record in this system of records may be disclosed, as a routine use, to a Member of Congress submitting a request involving an individual when the individual has requested assistance from the Member with respect to the subject matter of the record.

6. A record in this system of records may be disclosed, as a routine use, to the Office of Management and Budget in connection with the review of private relief legislation as set forth in OMB Circular No. A-19 at any stage of the legislative coordination and clearance process as set forth in that Circular.

7. A record in this system of records may be disclosed, as a routine use, to the Department of Justice in connection with determining whether disclosure thereof is required by the Freedom of Information Act (5 U.S.C. 552).

8. A record in this system of records may be disclosed, as a routine use, to a contractor of the Department having need for the information in the performance of the contract, but not operating a system of records within the meaning of 5 U.S.C. 552a(m).

9. A record in this system may be transferred, as a routine use, to the Office of Personnel Management: for personnel research purposes; as a data source for management information; for the production of summary descriptive statistics and analytical studies in support of the function for which the records are collected and maintained; or for related manpower studies.

10. A record from this system of records may be disclosed, as a routine use, to the Administrator, General Services Administration (GSA), or his designee, during an inspection of records conducted by GSA as part of that agency's responsibility to recommend improvements in records management practices and programs, under authority of 44 U.S.C. 2904 and 2906. Such disclosure shall be made in accordance with the GSA regulations governing inspection of records for this purpose, and any other relevant (i.e. GSA or Department) directive. Such disclosure shall not be used to make determinations about individuals.

11. A record in this system of records may be disclosed to appropriate agencies, entities and persons when: (1) It is suspected or determined that the security or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or whether systems or programs (whether maintained by the Department or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department's efforts to respond to the suspected or confirmed compromise and to prevent, minimize, or remedy such harm.

12. A record in this system of records may be disclosed for law enforcement purposes to the appropriate agency or other authority, whether federal, state, local, foreign, international or tribal, charged with the responsibility of enforcing, investigating, or prosecuting a violation of any law, rule, regulation, or order in any case in which there is an indication of a violation or potential violation of law (civil, criminal, or regulatory in nature).

13. A record in this system of records may be disclosed to an agency, organization, foreign government or individual for the purpose of performing audit or oversight operations or meeting treaty obligations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function or treaty obligations.

14. A record in this system of records may be disclosed to contractors and BIS or contractor agents, grantees, experts, consultants, and others performing or working on a contract, service, grant, governmental or non-governmental cooperative agreement (including under the Economy Act), or other work assignment for BIS, when necessary to accomplish an agency function related to this system of records. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to BIS employees.

15. A record in this system of records may be disclosed to the Departments of State, Justice, Homeland Security, the Treasury, Defense, or Energy, or other federal agencies, in connection with BIS licensing policy, enforcement matters, or other matters of mutual interest or concern, including through interagency databases;

16. A record in this system of records may be disclosed to the general public, in furtherance of BIS's mission, regarding individuals and entities whose export privileges have been denied or limited. This routine use includes disclosure of information to the general public in furtherance of BIS's mission regarding individuals and entities that have been denied export privileges by BIS, or who are subject to additional restrictions and license requirements. This routine use encompasses publishing this information in the Federal Register, in the Code of Federal Regulations, on BIS's Web site, and by other means. Individuals and entities on the Denied Persons List are generally designated based on authorities denying or restricting their export privileges because of identified threats to the national security, foreign policy, and/or economy of the United States. Generally, the personal identifier information provided on the Denied Persons List may include, but is not limited to, names and aliases, addresses, dates of birth, citizenship information, and, at times, identification numbers associated with government-issued documents. It is necessary to provide this identifier information in a publicly available format so that listed individuals and entities can be identified and prevented from engaging in conduct otherwise prohibited by the EAR. At the same time, the release of detailed identifier information of individuals is important in helping to protect other individuals from being improperly identified as the prohibited party. Because the Denied Persons List are posted on BIS's public Web site and published in the Federal Register and Code of Federal Regulations, a designated individual's identifier information can be accessed by any individual or entity with access to the internet, the Federal Register, or the Code of Federal Regulations. Thus, the impact on the individual's privacy will be substantial, but this is necessary in order to make targeted denial orders and restrictions effective. Designated individuals can file an appeal or petition to request their removal from these lists. If such an appeal is granted, the individual's name and all related identifier information will be removed from the Denied Persons List.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:

Not applicable.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Paper records in file folders and electronic records in computer files.

RETRIEVABILITY:

Filed alphabetically by individual's name or by other personal identifiers, by an identifying case number upon initiation of the case or by an identifying transaction number upon successful transmission of the export transaction information.

SAFEGUARDS:

Paper records and discs are maintained in office areas with access limited to screened personnel whose official duties require access. Automated records are maintained on protected servers in data centers with access limited to screened personnel whose official duties require access.

RETENTION AND DISPOSAL:

Retention and disposal practices are in accordance with approved General Services Administration schedules. Generally, records are retained for periods of 5-15 years, unless a longer period is deemed necessary for investigative purposes or for permanent archival retention.

SYSTEM MANAGER(S) ADDRESSES:

Office of the Chief Financial Officer and Director of Administration, Bureau of Industry and Security, Department of Commerce, 1401 Constitution Avenue NW., Washington, DC 20230.

NOTIFICATION PROCEDURE:

Information may be obtained from: Privacy Officer, Office of the Chief Financial Officer and Director of Administration, Bureau of Industry and Security, Department of Commerce, 1401 Constitution Avenue NW., Washington, DC 20230. Requestor should provide name, address and case or subject, if known, pursuant to the inquiry provisions of the Department's rules which appear in 15 CFR part 4.

RECORD ACCESS PROCEDURES:

Requests from individuals should be addressed to: Same address as stated in the notification section above.

CONTESTING RECORD PROCEDURES:

The department's rules for access, for contesting contents and appealing initial determinations by the individual concerned appear in 15 CFR part 4b. Use above address.

RECORD SOURCE CATEGORIES:

Individual exporters, those authorized by the individual exporters to furnish information, trade sources, investigative agencies, intelligence, investigative, legal, and other personnel of BIS or the Department of Commerce, informants, Department of Homeland Security, Federal Bureau of Investigation, Central Intelligence Agency, Department of Justice, Department of Defense, Department of Energy, and Department of State on an official “need to know” basis. Also, individuals authorized to furnish information pursuant to laws or regulations administered by BIS.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

Pursuant to 5 U.S.C. 552a(j)(2), all information about an individual in the record which meets the criteria stated in 5 U.S.C. 552a(j)(2) are exempted from the notice, access and contest requirements of the agency regulations and from all parts of 5 U.S.C. 552a except subsections (b), (c)(1) and (2), (e)(4)(A) through (F), (e)(6), (7), (9), (10), and (11), and (i). Pursuant to 5 U.S.C. 552a(k)(1) and (k)(2) on condition that the 5 U.S.C. 552a(j)(2) exemption is held to be invalid, all investigatory material in the record which meets the criteria stated in 5 U.S.C. 552a(k)(1) and (k)(2) are exempted from the notice, access, and contest requirements (under 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f)) of the agency regulations because of the necessity to exempt this information and material in order to accomplish the law enforcement function of the agency, to prevent subjects of investigation from frustrating the investigatory process, to prevent the disclosure of investigative techniques, to fulfill commitments made to protect the confidentiality of sources, to maintain access to sources of information, and to avoid endangering these sources and law enforcement personnel. Section 12(c) of the Export Administration Act of 1979 also protects certain parts of this information and material related to or concerning export licenses from disclosure, and other certain parts of this information may be protected from disclosure by the Chemical Weapons Convention Implementation Act of 1998, the Additional Protocol Implementation Act of 2006, and the Defense Production Act of 1950.