Privacy Act of 1974: Implementation and Amendment of Exemptions

AGENCY:

Securities and Exchange Commission.

ACTION:

Proposed rule.

SUMMARY:

Pursuant to the Privacy Act of 1974, as amended, the Securities and Exchange Commission (“Commission” or “SEC”) proposes to exempt portions of three new systems of records from provisions of the Privacy Act to the extent that the records contain investigatory materials compiled for law enforcement purposes. Additionally, the Commission proposes to make technical amendments to its Privacy Act regulation exempting specific systems of records from certain provisions of the Privacy Act. In a companion release published elsewhere in this issue, the Commission is giving concurrent notice of three new systems of records pursuant to the Privacy Act of 1974.

DATES:

Comments must be received on or before June 23, 2011.

ADDRESSES:

Comments may be submitted by any of the following methods:

Electronic Comments

• Use the Commission's Internet comment form ( http://www.sec.gov/rules/proposed.shtml ); or
• Send an e-mail to rule-comments@sec.gov. Please include File Number S7-19-11 on the subject line; or
• Use the Federal eRulemaking Portal ( http://www.regulations.gov ). Follow the instructions for submitting comments.

Paper Comments

Send paper comments in triplicate to Elizabeth M. Murphy, Secretary, U.S. Securities and Exchange Commission, 100 F Street, NE., Washington, DC 20549-1090. All submissions should refer to File Number S7-19-11. This file number should be included on the subject line if e-mail is used. To help us process and review your comments more efficiently, please use only one method. The Commission will post all comments on the Commission's Internet Web site ( http://www.sec.gov/rules/proposed.shtml ). Comments are also available for Web site viewing and printing in the Commission's Public Reference Room, 100 F Street, NE., Washington, DC 20549, on official business days between the hours of 10 a.m. and 3 p.m. All comments received will be posted without change; we do not edit personal identifying information from submissions. You should submit only information that you wish to make available publicly.

FOR FURTHER INFORMATION CONTACT:

Cristal Perpignan, Acting Chief Privacy Officer, Office of Information Technology, 202-551-7716.

SUPPLEMENTARY INFORMATION:

Pursuant to, and limited by 5 U.S.C. 552a(k)(2), the Commission proposes to exempt systems of records, “Tips, Complaints, and Referrals (TCR) Records (SEC-63)”; “SEC Security in the Workplace Incident Records (SEC-64)”; and “Investor Response Information System (IRIS) (SEC-65)”, from 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) and 17 CFR 200.303, 200.304, and 200.306, insofar as they contain investigatory materials compiled for law enforcement purposes. The Privacy Act allows Government agencies to exempt certain records from the notification, access and amendment provisions. If an agency claims an exemption, however, it must issue a rule to explain the reasons why a particular exemption is claimed. The proposed exemption would be applicable except under the circumstances set forth in the provisions of section (k)(2) of the Privacy Act.

The TCR Records (SEC-63) system of records contains records related to tips, complaints, referrals of misconduct, or related information about actual or potential violations of the federal securities laws; investor harm; conduct of public companies; securities professionals; regulated entities; and associated persons. This system of records may include investigatory materials that were compiled in connection with the Commission's enforcement responsibilities under the federal securities laws. Such material may consist of unsolicited and often unverified statements concerning individuals, information received from confidential sources, as well as reports from the Commission's investigators and other law enforcement personnel. The disclosure of the existence of investigatory materials could seriously undermine effective enforcement of the federal securities laws by prematurely alerting individuals to the fact that they are under investigation, by giving them access to the evidentiary bases for a Commission enforcement action or seriously hampering the Commission's case in court or before an administrative law judge.

The SEC Security in the Workplace Incident Records (SEC-64) system of records contains records related to reports involving incidents of assault, harassment, intimidation, bullying, weapons possession, or threats at the SEC. This system of records may include investigatory materials that were compiled in connection with inquiries or investigation of potential or actual incidents of violence by and against individuals at an SEC facility. The disclosure of information as it relates to investigatory materials or the identity of sources of information may seriously undermine the safety and security of employees in the workplace. Access to such information could allow the subject of an investigation or inquiry of an actual or potential criminal or civil violation to interfere with and impede the investigation, tamper with witnesses or evidence, and to avoid detection or apprehension.

The IRIS (SEC-65) system of records contains records related to complaints/inquiries/requests from members of the public and others. This system of records may include investigatory materials that were compiled in connection with the Commission's enforcement responsibilities under the federal securities laws. Such material may consist of unsolicited and often unverified statements concerning individuals, information received from confidential sources, as well as reports from the Commission's investigators and other law enforcement personnel. The disclosure of the existence of investigatory materials could seriously undermine effective enforcement of the federal securities laws by prematurely alerting individuals to the fact that they are under investigation, by giving them access to the evidentiary bases for a commission enforcement action or seriously hampering the Commission's case in court or before an administrative law judge.

The Commission also proposes to amend its inventory of exempted systems of records by changing the name of the system of records titled: “Office of Personnel Code of Conduct and Employee Performance Files (SEC-38)” to “Disciplinary and Adverse Actions, Employee Conduct, and Labor Relations Files”. In a companion release the Commission is publishing a Privacy Act system of records notice to make technical amendments to this system of records to incorporate minor corrective and administrative modifications that have occurred since the notice was last published and will update the system name to more accurately reflect the records contained in the system. The Commission is amending its inventory of exempted systems of records reflect the new title of this system of records.

Finally, the Commission is making a technical amendment to its inventory of exempted systems of records by removing a reference to the system of records titled: “Personnel Security Files”. On August 8, 2000 (65 FR 49037), the Commission published notice to delete this system of records as the records were duplicative of records in: “Personnel Investigations Records (OPM/Central-9)”, published by the United States Office of Personnel Management.

General Request for Comment

The Commission requests comment on the proposed amendments in this release.

Paperwork Reduction Act

The proposed amendments do not contain a “collection of information” requirement within the meaning of the Paperwork Reduction Act of 1995.” Accordingly, the Paperwork Reduction Act is not applicable.

Cost-Benefit Analysis

The Commission is sensitive to the costs and benefits that result from its rules. This proposal would exempt portions of three new systems of records from provisions of the Privacy Act in so far as the records contain investigatory materials compiled for law enforcement purposes. As more fully described above, the TCR Records system of records, the SEC Security in the Workplace Incident Reports system of records and the IRIS system of records may include investigatory materials compiled in connection with the Commission's enforcement of the federal securities laws, in connection with potential or actual incidents of workplace violence, or in connection with public complaints/inquiries/request. Access to or disclosure of the investigatory materials in these systems of records could seriously undermine the effective enforcement of the Federal securities laws, and the safety and security of Commission employees in the workplace. We recognize that our proposed amendments may impose costs on individuals who may wish to obtain access to records that contain investigatory materials in these systems of records. Congress seems to have contemplated these costs in promulgating the exemption in 5 U.S.C. 552a(k)(2).

Regulatory Flexibility Act Certification

Section 3(a) of the Regulatory Flexibility Act of 1980 (“RFA”) requires the Commission to undertake an initial regulatory flexibility analysis of the proposed rule amendments on small entities unless the Commission certifies that the proposal, if adopted, would not have a significant economic impact on a substantial number of small entities. Pursuant to 5 U.S.C. 605(b), the Commission hereby certifies that the proposed amendments to 17 CFR 200.312 would not, if adopted, have a significant economic impact on a substantial number of small entities. The proposed amendments would exempt portions of three new systems of records from provisions of the Privacy Act in so far as the records contain investigatory materials compiled for law enforcement purposes. Because the proposed amendments would apply solely to private individuals, the proposed amendments would not, if adopted, have a significant economic impact on a substantial number of “small entities,” as defined by the RFA. We encourage written comments regarding this certification.

Statutory Authority

The Commission is proposing amendments to 17 CFR 200.312 under the authority in 5 U.S.C. 552a(k)(2) and 5 U.S.C. 552a(k)(5).

List of Subjects in 17 CFR Part 200

• Administrative practice and procedure; Privacy

Text of Proposed Amendments

For the reasons set out in the preamble, Title 17, Chapter II, of the Code of Federal Regulations is proposed to be amended as follows:

PART 200—ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS

Subpart H—Regulations Pertaining to the Privacy of Individuals and Systems of Records Maintained by the Commission

1. The authority citation for Part 200 is revised by adding authority for § 200.312 in numerical order to read as follows:

Authority: 15 U.S.C. 77o, 77s, 77sss, 78d, 78d-1, 78d-2, 78w, 78ll(d), 78mm, 80a-37, 80b-11, and 7202, unless otherwise noted.

Section 312 is also issued under 5 U.S.C. 552a(k).

2. Amend § 200.312 by:

a. Removing “and” at the end of paragraph (a)(5);

b. Adding paragraphs (a)(7), (8), and (9); and

c. Revising paragraph (b); and

d. Removing the authority citation at the end of the section.

The revisions read as follows.