Privacy Act of 1974; Systems of Records

Issuing agencies

Abstract

Pursuant to the Privacy Act of 1974, the Pension Benefit Guaranty Corporation (PBGC) is proposing to establish a new system of records, "PBGC-29: Freedom of Information Act and Privacy Act Request Records--PBGC" to reflect PBGC's current practice of processing requests for records made under the provisions of the Freedom of Information Act (FOIA)/Privacy Act (PA), and to assist PBGC in carrying out other responsibilities relating to FOIA and PA including operational, management, and reporting purposes.

Full Text

<html>
<head>
<title>Federal Register, Volume 88 Issue 122 (Tuesday, June 27, 2023)</title>
</head>
<body><pre>
[Federal Register Volume 88, Number 122 (Tuesday, June 27, 2023)]
[Notices]
[Pages 41663-41666]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2023-13531]


=======================================================================
-----------------------------------------------------------------------

PENSION BENEFIT GUARANTY CORPORATION


Privacy Act of 1974; Systems of Records

AGENCY: Pension Benefit Guaranty Corporation.

ACTION: Notice of new system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the Privacy Act of 1974, the Pension Benefit 
Guaranty Corporation (PBGC) is proposing to establish a new system of 
records, ``PBGC-29: Freedom of Information Act and Privacy Act Request 
Records--PBGC'' to reflect PBGC's current practice of processing 
requests for records made under the provisions of the Freedom of 
Information Act (FOIA)/Privacy Act (PA), and to assist PBGC in carrying 
out other responsibilities relating to FOIA and PA including 
operational, management, and reporting purposes.

DATES: The new systems of records described herein will become 
effective July 27, 2023, without further notice, unless comments result 
in a contrary determination and a notice is published to that effect. 
Comments must be received on or before July 27, 2023 to be assured of 
consideration.

ADDRESSES: You may submit written comments to PBGC by any of the 
following methods:
    <bullet> Federal eRulemaking Portal: Follow the website 
instructions for submitting

[[Page 41664]]

comments at <a href="https://www.regulations.gov">https://www.regulations.gov</a>.
    <bullet> Email: <a href="/cdn-cgi/l/email-protection#82f0e7e5ace1edefefe7ecf6f1c2f2e0e5e1ace5edf4"><span class="__cf_email__" data-cfemail="d3a1b6b4fdb0bcbebeb6bda7a093a3b1b4b0fdb4bca5">[email&#160;protected]</span></a>. Refer to SORN in the subject 
line.
    <bullet> Mail or Hand Delivery: Regulatory Affairs Division, Office 
of the General Counsel, Pension Benefit Guaranty Corporation, 445 12th 
Street SW, Washington, DC 20024-2101.
    Commenters are strongly encouraged to submit public comments 
electronically. PBGC expects to have limited personnel available to 
process public comments that are submitted on paper through U.S. mail. 
Until further notice, any comments submitted on paper will be 
considered to the extent practicable.
    All submissions must include the agency's name (Pension Benefit 
Guaranty Corporation, or PBGC) and reference this notice. Comments 
received will be posted without change to PBGC's website, <a href="https://www.pbgc.gov">https://www.pbgc.gov</a>, including any personal information provided. Do not 
submit comments that include any personally identifiable information or 
confidential business information. Copies of comments may also be 
obtained by writing to Disclosure Division, Office of the General 
Counsel, Pension Benefit Guaranty Corporation, 445 12th Street SW, 
Washington, DC 20024-2101, or calling 202-326-4040 during normal 
business hours. (If you are deaf or hard of hearing, or have a speech 
disability, please dial 7 1 1 to access telecommunications relay 
services.)

FOR FURTHER INFORMATION CONTACT: Shawn Hartley, Chief Privacy Officer, 
Pension Benefit Guaranty Corporation, Office of the General Counsel, 
445 12th Street SW, Washington, DC 20024-2101, 202-229-6321. For access 
to any of PBGC's systems of records, contact D. Camilla Perry, 
Disclosure Officer, Office of the General Counsel, Disclosure Division, 
445 12th Street SW, Washington, DC 20024-2101, or by calling 202-229-
4040, or go to <a href="https://www.pbgc.gov/about/policies/pg/privacy-at-pbgc/system-of-records-notices">https://www.pbgc.gov/about/policies/pg/privacy-at-pbgc/system-of-records-notices</a>.

SUPPLEMENTARY INFORMATION: 

PBGC Is Establishing a New SORN PBGC-29: Freedom of Information Act and 
Privacy Act Request Records

    PBGC is establishing a new SORN ``PBGC-29: Freedom of Information 
Act and Privacy Act Request Records--PBGC'' to reflect PBGC's current 
practice of processing requests for records made under the provisions 
of the Freedom of Information Act (FOIA) and Privacy Act (PA) of 1974, 
and to assist PBGC in carrying out other responsibilities relating to 
FOIA and PA including operational, management, and reporting purposes.
    Pursuant to 5 U.S.C. 552a(e)(11), interested persons are invited to 
submit written comments on the proposed changes described in this 
notice. A report has been sent to Congress and the Office of Management 
and Budget for their evaluation.
    For the convenience of the public, PBGC's new system of records is 
published in full below.

    Issued in Washington, DC, by
Gordon Hartogensis,
Director, Pension Benefit Guaranty Corporation.

SYSTEM NAME AND NUMBER:
    PBGC--29: Freedom of Information Act and Privacy Act Request 
Records--PBGC

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Pension Benefit Guaranty Corporation (PBGC), 445 12th Street SW, 
Washington, DC 20024-2101. (Records may be kept at an additional 
location as backup for continuity of operations at AINS LLC, DBA 
OPEXUS, 1101 17th St. NW #1200, Washington, DC 20036.)

SYSTEM MANAGER(S):
    Deputy General Counsel, Office of the General Counsel (OGC), PBGC, 
445 12th Street SW, Washington, DC 20024-2101.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 552, The Freedom of Information Act (FOIA), and 5 U.S.C. 
552a, The Privacy Act of 1974 (PA).

PURPOSE(S) OF THE SYSTEM:
    The purpose of this system is to process requests for records made 
under the provisions of the FOIA and PA, and to assist PBGC in carrying 
out other responsibilities relating to FOIA and PA including 
operational, management, and reporting purposes.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals or their representatives who have submitted FOIA 
requests, PA requests, or combined FOIA and PA requests for records or 
information and administrative appeals or have litigation pending with 
a federal agency; individuals whose requests, appeals or records have 
been referred to PBGC by other agencies and/or the PBGC personnel 
assigned to handle such requests, appeals and litigation.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records in the system may contain names, mailing addresses, email 
addresses and telephone numbers of individuals making requests for 
records or information pursuant to the FOIA/PA; online identity 
verification information (User name and password), and any other 
information voluntarily submitted, such as an individual's social 
security number; tracking numbers, correspondence with the requester or 
the requester's representatives, internal PBGC correspondence and 
memoranda to or from other agencies or entities having a substantial 
interest in the determination of the request; responses to the request 
and appeals, and copies of responsive records. These records may 
contain personal information retrieved in response to a request. FOIA 
and PA case records may contain inquiries and requests regarding any of 
PBGC's other systems of records subject to the FOIA and PA, and 
information about individuals from any of these other systems may 
become part of this system of records.

RECORD SOURCE CATEGORIES:
    Requesters and persons acting on behalf of requesters, PBGC and 
other Federal agencies having a substantial interest in the 
determination of the request, and employees processing the requests.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Information about covered individuals may be disclosed without 
consent as permitted by the Privacy Act of 1974, 5 U.S.C. 552a(b), and:
    1. To law enforcement in the event the record is connected to a 
violation or potential violation of law, whether civil, criminal or 
regulatory in nature, and whether arising by general statute, 
regulation, rule, or order issued pursuant thereto. Such disclosure may 
be made to the appropriate agency, whether Federal, state, local, or 
tribal, or other public authority responsible for enforcing, 
investigating or prosecuting such violation or charged with enforcing 
or implementing the statute, or rule, regulation, or order issued 
pursuant thereto, if PBGC determines that the records are both relevant 
and necessary to any enforcement, regulatory, investigative or 
prospective responsibility of the receiving entity.
    2. To a Federal, state, tribal or local agency or to another public 
or private source maintaining civil, criminal, or other relevant 
enforcement information or other pertinent information if, and to the 
extent necessary, to obtain information relevant to a PBGC decision 
concerning the hiring or retention of an

[[Page 41665]]

employee, the retention of a security clearance, or the letting of a 
contract.
    3. With the approval of the Director, Human Resources Department 
(or his or her designee), the fact that this system of records includes 
information relevant to a Federal agency's decision in connection with 
the hiring or retention of an employee, the retention of a security 
clearance, the letting of a contract, or the issuance of a license, 
grant, or other benefit may be disclosed to that Federal agency.
    4. A record from this system of records may be disclosed in a 
proceeding before a court or other adjudicative body in which PBGC, an 
employee of PBGC in his or her official capacity, an employee of PBGC 
in his or her individual capacity whom PBGC (or the Department of 
Justice (DOJ)) has agreed to represent is a party, or the United States 
or any other Federal agency is a party and PBGC determines that it has 
an interest in the proceeding, and if PBGC determines that the record 
is relevant and necessary to the litigation and that the disclosure of 
the records to use is compatible with the purpose for which PBGC 
collected the information.
    5. When PBGC, an employee of PBGC in his or her official capacity, 
or an employee of PBGC in his or her individual capacity whom PBGC (or 
DOJ) has agreed to represent is a party to a proceeding before a court 
or other adjudicative body, or the United States or any other Federal 
agency is a party and PBGC determines that it has an interest in the 
proceeding, a record from this system of records may be disclosed to 
DOJ if PBGC is consulting with DOJ regarding the proceeding or has 
decided that DOJ will represent PBGC, or its interest, in the 
proceeding and PBGC determines that the record is relevant and 
necessary to the litigation and that the use is compatible with the 
purpose for which PBGC collected the information.
    6. A record from this system of records may be disclosed to a 
congressional office in response to an inquiry from the congressional 
office made at the request of the individual.
    7. A record from this system of records may be disclosed to 
appropriate agencies, entities, and persons when (1) PBGC suspects or 
has confirmed that there has been a breach of the system of records; 
(2) PBGC has determined that as a result of the suspected or confirmed 
breach there is a risk of harm to individuals, PBGC (including its 
information systems, programs and operations), the Federal Government, 
or national security; and (3) the disclosure made to such agencies, 
entities, and persons is reasonably necessary to assist in connection 
with PBGC's efforts to respond to the suspected or confirmed breach or 
to prevent, minimize, or remedy such harm.
    8. To the National Archives and Records Administration or to the 
General Services Administration for records management inspections 
conducted under 44 U.S.C. 2904 and 2906.
    9. To another Federal agency or Federal entity, when PBGC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    10. To the extent needed to perform duties under the contract, to 
third party contractors who are performing or working on a contract in 
connection with the performance of an IT service or in support of 
PBGC's Disclosure Division related to this system of records. 
Recipients of these records shall be required to comply with the 
requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
    11. To respond to FOIA requests and appeals made through the 
agencies electronic FOIA and PA request system, including the names of 
FOIA requesters, dates related to the processing of the request, and a 
description of the records sought by the requester (excluding any 
personally identifiable information in the description of the records, 
such as telephone or cell phone numbers, home or email addresses, 
social security numbers), unless the requester asks for the redaction 
of any personally identifiable information (PII). This information may 
also be used to create a publicly available log of requests;
    12. To assist PBGC in making an access determination, a record from 
this system may be shared with (a) the person or entity that originally 
submitted the record to the agency or is the subject of the record or 
information; or (b) another Federal entity;
    13. To the National Archives and Record Administration's (NARA), 
Office of Government Information Services (OGIS), to the extent 
necessary to fulfill its responsibilities in 5 U.S.C. 552(h), to review 
administrative agency policies, procedures and compliance with the 
FOIA, and to facilitate OGIS's offering of mediation services to 
resolve disputes between persons making FOIA requests and 
administrative agencies;
    14. To the Department of Justice (DOJ), to the Department of the 
Treasury, or to a consumer reporting agency for collection action for 
unpaid FOIA fees when circumstances warrant; and,
    15. To the Office of Management and Budget (OMB) or the DOJ to 
obtain advice regarding statutory and other requirements under the FOIA 
or Privacy Act.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic databases. Records may also be 
maintained on back-up tapes, or on a PBGC or a contractor-hosted 
network.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by any one or more of the following: Name, 
subject, request file/tracking number, or other data element as may be 
permitted by an automated system.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are maintained and destroyed in accordance with the 
National Archives and Record Administration's (NARA) Basic Laws and 
Authorities (44 U.S.C. 3301, et seq.) or a PBGC records disposition 
schedule approved by NARA. Records existing on paper are destroyed 
beyond recognition. Records existing on computer storage media are 
destroyed according to the applicable PBGC media practice for 
participant systems and will be maintained in accordance with PBGC 
Records Schedule. See General Records Schedule (GRS) Items 4.2 Items 
001, 010, 020, 040, 050, 090. See also PBGC Records Schedule Item 1.2: 
Administrative Records--Privacy Act.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    PBGC has established security and privacy protocols that meet the 
required security and privacy standards issued by the National 
Institute of Standards and Technology (NIST). Records are maintained in 
a secure, password protected electronic system that utilizes security 
hardware and software to include multiple firewalls, active intruder 
detection, and role-based access controls. PBGC has adopted appropriate 
administrative, technical, and physical controls in accordance with 
PBGC's security program to protect the confidentiality, integrity, and 
availability of the information, and to ensure that records are not 
disclosed to or accessed by unauthorized

[[Page 41666]]

individuals. Paper records are kept in file folders in areas of 
restricted access that are locked after office hours.
    Electronic records are stored on computer networks, which may 
include cloud-based systems, and protected by controlled access with 
Personal Identity Verification (PIV) cards, assigning user accounts to 
individuals needing access to the records and by passwords set by 
authorized users that must be changed periodically. Further, for 
certain systems covered by this notice, heightened security access is 
required. Such access is granted by the specific permissions group 
assigned to monitor that particular system and only authorized 
employees of the agency may retrieve, review or modify those records. 
All employees are annually required to agree to and comply with PBGC's 
Rules of Behavior with respect to PBGC's IT systems and PII.

RECORD ACCESS PROCEDURES:
    Individuals, or third parties with written authorization from the 
individual, wishing to request access to their records in accordance 
with 29 CFR 4902.4, should submit a written request to the Disclosure 
Officer, PBGC, 445 12th Street SW, Washington, DC 20024-2101, providing 
their name, address, date of birth, and verification of their identity 
in accordance with 29 CFR 4902.3(c), or via PBGC's online FOIA/PA 
system the link to which is located at <a href="https://www.pbgc.gov/about/pg/footer/foia">https://www.pbgc.gov/about/pg/footer/foia</a>. Individuals or third parties will be required to provide 
information to verify their identity when making a request.

CONTESTING RECORD PROCEDURES:
    Individuals, or third parties with written authorization from the 
individual, wishing to amend their records must submit a written 
request, in accordance with 29 CFR 4902.5, identifying the information 
they wish to correct in their file, in addition to following the 
requirements of the Record Access Procedure above.

NOTIFICATION PROCEDURES:
    Individuals, or third parties with written authorization from the 
individual, wishing to learn whether this system of records contains 
information about them should submit a written request to the 
Disclosure Officer, PBGC, 445 12th Street SW, Washington, DC 20024-
2101, providing their name, address, date of birth, and verification of 
their identity in accordance with 29 CFR 4902.3(c), or via PBGC's 
online FOIA/PA system the link to which is located at <a href="https://www.pbgc.gov/about/pg/footer/foia">https://www.pbgc.gov/about/pg/footer/foia</a>. Individuals or third parties will be 
required to provide information to verify their identity when making a 
request.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    To the extent that copies of exempt records from other systems of 
records are entered into this system, PBGC claims the same exemptions 
for those records that are claimed for the original primary systems of 
records from which they originated.

HISTORY:
    None.

[FR Doc. 2023-13531 Filed 6-26-23; 8:45 am]
BILLING CODE 7709-02-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>