Privacy Act of 1974; System of Records

Issuing agencies

Abstract

The Federal Communications Commission (FCC, Commission, or Agency) proposes to modify an existing system of records, FCC-2, Business Contacts and Certifications, subject to the Privacy Act of 1974, as amended. This action is necessary to meet the requirements of the Privacy Act to publish in the Federal Register notice of the existence and character of records maintained by the Agency. The Commission uses the information on individuals and businesses contained in the records in this system to collect and maintain points of contact at regulated entities and in related industries, and ensure compliance with FCC rules through certifications of information provided to the Commission. This modification expands the purpose of the system of records to include collecting and maintaining point of contact information for contractors, vendors, and those performing collateral duties for the FCC, and to ensure compliance with applicable federal laws, in addition to FCC rules.

Full Text

<html>
<head>
<title>Federal Register, Volume 86 Issue 229 (Thursday, December 2, 2021)</title>
</head>
<body><pre>
[Federal Register Volume 86, Number 229 (Thursday, December 2, 2021)]
[Notices]
[Pages 68497-68498]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2021-26163]


-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

[FR ID: 59971]


Privacy Act of 1974; System of Records

AGENCY: Federal Communications Commission.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The Federal Communications Commission (FCC, Commission, or 
Agency) proposes to modify an existing system of records, FCC-2, 
Business Contacts and Certifications, subject to the Privacy Act of 
1974, as amended. This action is necessary to meet the requirements of 
the Privacy Act to publish in the Federal Register notice of the 
existence and character of records maintained by the Agency. The 
Commission uses the information on individuals and businesses contained 
in the records in this system to collect and maintain points of contact 
at regulated entities and in related industries, and ensure compliance 
with FCC rules through certifications of information provided to the 
Commission. This modification expands the purpose of the system of 
records to include collecting and maintaining point of contact 
information for contractors, vendors, and those performing collateral 
duties for the FCC, and to ensure compliance with applicable federal 
laws, in addition to FCC rules.

DATES: This modified system of records will become effective on 
December 2, 2021. Written comments on the routine uses are due by 
January 3, 2022. The routine uses will become effective on January 3, 
2022, unless written comments are received that require a contrary 
determination.

ADDRESSES: Send comments to Margaret Drake, at <a href="/cdn-cgi/l/email-protection#d7a7a5bea1b6b4ae97b1b4b4f9b0b8a1"><span class="__cf_email__" data-cfemail="8bfbf9e2fdeae8f2cbede8e8a5ece4fd">[email&#160;protected]</span></a>, or at 
Federal Communications Commission (FCC), 45 L Street NE, Washington, DC 
20554 at (202) 418-1707.

FOR FURTHER INFORMATION CONTACT: Margaret Drake, (202) 418-1707, or 
<a href="/cdn-cgi/l/email-protection#2555574c5344465c654346460b424a53"><span class="__cf_email__" data-cfemail="7101031807101208311712125f161e07">[email&#160;protected]</span></a> (and to obtain a copy of the Narrative Statement and 
the Supplementary Document, which includes details of the modifications 
to this system of records).

SUPPLEMENTARY INFORMATION: 

SYSTEM NAME AND NUMBER:
    FCC-2, BUSINESS CONTACTS AND CERTIFICATIONS.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Federal Communications Commission (FCC), 45 L Street NE, 
Washington, DC, 20554; Universal Service Administrative Company, 700 
12th Street NW, Suite 900, Washington, DC 20005; or FISMA compliant 
contractor.

SYSTEM MANAGER(S):
    Federal Communications Commission (FCC); Universal Service 
Administrative Company (USAC); or FISMA compliant contractor.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    47 U.S.C. 151, 152, 155, 257, 303; and 5 U.S.C. 602(c) and 
609(a)(3).

PURPOSES OF THE SYSTEM:
    The FCC and organizations administering programs on behalf of the 
FCC use this system to collect and maintain points of contact at 
entities regulated by the FCC and in related industries, as well as 
contractors, vendors, and those performing collateral duties for the 
FCC, to ensure compliance with applicable federal laws and FCC rules 
through certifications of information provided to the Commission.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals and businesses.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Contact information, such as name, username, signature, phone 
numbers, emails, and addresses, as well as work and educational 
history.

RECORD SOURCE CATEGORIES:
    Information in this system is provided by individuals or businesses 
who serve as points of contact at FCC contractors, vendors, those 
providing collateral duties to the FCC, regulated entities, and in 
related industries or certify data on behalf of an entity.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed to authorized 
entities, as is determined to be relevant and necessary, outside the 
FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows.
    1. Public Access--Information regarding points of contact at 
regulated entities and in related industries, as well as certifications 
made by individuals on behalf of an entity, may be made available for 
public inspection to comply with FCC regulations that require public 
disclosure of this information.
    2. Third Parties--To third parties, including individuals and 
businesses in the communications industry, FCC vendors and their 
contractors, and other federal agencies to administer or support 
programs on behalf of the FCC.
    3. Adjudication and Litigation--To disclose to the Department of 
Justice (DOJ), or to other administrative or adjudicative bodies before 
which the FCC is authorized to appear, when: (a) The FCC or any 
component thereof; or (b) any employee of the FCC in his or her 
official capacity; or (c) any employee of the FCC in his or her 
individual capacity where the DOJ or the FCC have agreed to represent 
the employee; or (d) the United States is a party to litigation or has 
an interest in such litigation, and the use of such records by the DOJ 
or the FCC is deemed by the FCC to be relevant and necessary to the 
litigation.
    4. Law Enforcement and Investigation--To disclose pertinent 
information to the appropriate Federal, State, local, tribal agency, or 
component of an agency, such as the FCC's Enforcement Bureau, 
responsible for investigating, prosecuting, enforcing, or implementing 
a statute, rule, regulation, or order, where the FCC becomes aware of 
an indication of a violation or potential violation of civil or 
criminal law or regulation.
    5. Congressional Inquiries--To provide information to a 
Congressional office from the record of an individual in response to an 
inquiry from that Congressional office made at the written request of 
that individual.
    6. Government-wide Program Management and Oversight--To provide 
information to the Department of Justice (DOJ) to obtain that 
department's advice regarding disclosure obligations under the Freedom 
of Information Act; or to the Office of Management and Budget (OMB) to 
obtain that office's advice regarding obligations under the Privacy 
Act.

[[Page 68498]]

    7. Breach Notification--To appropriate agencies, entities, and 
persons when: (a) The Commission suspects or has confirmed that there 
has been a breach of PII maintained in the system of records; (b) the 
Commission has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, the Commission 
(including its information system, programs, and operations), the 
Federal Government, or national security; and; and (c) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the Commission's efforts to respond to the 
suspected or confirmed breach or to prevent, minimize, or remedy such 
harm.
    8. Assistance to Federal Agencies and Entities--To another Federal 
agency or Federal entity, when the Commission determines that 
information from this system is reasonably necessary to assist the 
recipient agency or entity in: (a) Responding to a suspected or 
confirmed breach or (b) preventing, minimizing, or remedying the risk 
of harm to individuals, the recipient agency or entity (including its 
information systems, program, and operations), the Federal Government, 
or national security, resulting from a suspected or confirmed breach.
    9. Non-Federal Personnel--To disclose information to non-federal 
personnel, including contractors, who have been engaged to assist the 
FCC in the performance of a contract service, grant, cooperative 
agreement, or other activity related to this system of records and who 
need to have access to the records in order to perform their activity.
    In each of these cases, the FCC will determine whether disclosure 
of the records is compatible with the purpose for which the records 
were collected.

REPORTING TO CONSUMER REPORTING AGENCIES:
    In addition to the routine uses cited above, the Commission may 
share information from this system of records with a consumer reporting 
agency regarding an individual who has not paid a valid and overdue 
debt owed to the Commission, following the procedures set out in the 
Debt Collection Act, 31 U.S.C. 3711(e).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    This an electronic system of records that resides on the FCC's 
network, USAC's network, or on an FCC vendor's network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records in this system of records can be retrieved by any category 
field, e.g., first name or email address.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The information in this system is maintained and disposed of in 
accordance with the National Archives and Records Administration (NARA) 
General Records Schedule 6.5, Item 020 (DAA-GRS-2017-0002-0002).

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The electronic records, files, and data are stored within FCC, 
USAC, or a vendor's accreditation boundaries and maintained in a 
database housed in the FCC's, USAC's, or vendor's computer network 
databases. Access to the electronic files is restricted to authorized 
employees and contractors; and to IT staff, contractors, and vendors 
who maintain the IT networks and services. Other employees and 
contractors may be granted access on a need-to-know basis. The 
electronic files and records are protected by the FCC, USAC, and third-
party privacy safeguards, a comprehensive and dynamic set of IT safety 
and security protocols and features that are designed to meet all 
Federal privacy standards, including those required by the Federal 
Information Security Modernization Act of 2014 (FISMA), the Office of 
Management and Budget (OMB), and the National Institute of Standards 
and Technology (NIST).

RECORD ACCESS PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about themselves should follow the Notification Procedure 
below.

CONTESTING RECORD PROCEDURES:
    Individuals wishing to request access to and/or amendment of 
records about themselves should follow the Notification Procedure 
below.

NOTIFICATION PROCEDURES:
    Individuals wishing to determine whether this system of records 
contains information about themselves may do so by writing 
<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="79290b100f181a00391f1a1a571e160f">[email&#160;protected]</a>. Individuals requesting access must also comply with 
the FCC's Privacy Act regulations regarding verification of identity to 
gain access to records as required under 47 CFR part 0, subpart E.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    None.

HISTORY:
    86 FR 40838 (July 29, 2021).

Federal Communications Commission.
Marlene Dortch,
Secretary.
[FR Doc. 2021-26163 Filed 12-1-21; 8:45 am]
BILLING CODE 6712-01-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>