Privacy Act of 1974: Implementation of Exemptions

Issuing agencies

Abstract

In accordance with the Privacy Act of 1974, the U.S. Department of Homeland Security is issuing a final rule to amend its regulations to exempt portions of a newly established system of records titled, "U.S. Department of Homeland Security/Federal Emergency Management Agency-015 Fraud Investigations System of Records" from specific provisions of the Privacy Act. This system of records includes records on individuals being investigated for or involved in an investigation relating to the misuse of federal disaster funds and/or benefits. Specifically, the Department exempts portions of the "-DHS/ FEMA-015 Fraud Investigations System of Records" from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements.

Full Text

<html>
<head>
<title>Federal Register, Volume 89 Issue 223 (Tuesday, November 19, 2024)</title>
</head>
<body><pre>
[Federal Register Volume 89, Number 223 (Tuesday, November 19, 2024)]
[Rules and Regulations]
[Pages 91247-91248]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2024-26836]



========================================================================
Rules and Regulations
                                                Federal Register
________________________________________________________________________

This section of the FEDERAL REGISTER contains regulatory documents 
having general applicability and legal effect, most of which are keyed 
to and codified in the Code of Federal Regulations, which is published 
under 50 titles pursuant to 44 U.S.C. 1510.

The Code of Federal Regulations is sold by the Superintendent of Documents. 

========================================================================


Federal Register / Vol. 89, No. 223 / Tuesday, November 19, 2024 / 
Rules and Regulations

[[Page 91247]]



DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

6 CFR Part 5

[Docket No. FEMA-2023-0020]


Privacy Act of 1974: Implementation of Exemptions

AGENCY: Federal Emergency Management Agency, U.S. Department of 
Homeland Security.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the U.S. 
Department of Homeland Security is issuing a final rule to amend its 
regulations to exempt portions of a newly established system of records 
titled, ``U.S. Department of Homeland Security/Federal Emergency 
Management Agency-015 Fraud Investigations System of Records'' from 
specific provisions of the Privacy Act. This system of records includes 
records on individuals being investigated for or involved in an 
investigation relating to the misuse of federal disaster funds and/or 
benefits. Specifically, the Department exempts portions of the ``-DHS/
FEMA-015 Fraud Investigations System of Records'' from one or more 
provisions of the Privacy Act because of criminal, civil, and 
administrative enforcement requirements.

DATES: This final rule is effective November 19, 2024.

FOR FURTHER INFORMATION CONTACT: For general questions, please contact: 
Russell Bard, (202-646-3606), Privacy Officer, Federal Emergency 
Management Agency, and 500 C Street SW, Washington, DC 20478. For 
privacy questions, please contact: Deborah T. Fleischaker, 
<a href="/cdn-cgi/l/email-protection#8dddffe4fbeceef4cde5fca3e9e5fea3eae2fb"><span class="__cf_email__" data-cfemail="84d4f6edf2e5e7fdc4ecf5aae0ecf7aae3ebf2">[email&#160;protected]</span></a>, Chief Privacy Officer (A), Privacy Office, U.S. 
Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION: 

I. Background

    The U.S. Department of Homeland Security (DHS) Federal Emergency 
Management Agency (FEMA) published a Notice of Proposed Rulemaking 
(NPRM) in the Federal Register, 86 FR 15138, March 22, 2021, proposing 
to exempt portions of the system of records from one or more provisions 
of the Privacy Act because of criminal, civil, and administrative 
enforcement requirements. The system of records is the DHS/FEMA-015 
Fraud Investigations System of Records. The DHS/FEMA-015 Fraud 
Investigations System of Records Notice (SORN) was published 
concurrently in the Federal Register, 86 FR 15237, on March 22, 2021, 
and comments were invited on the NPRM and SORN.

II. Public Comments

    DHS/FEMA received a total of one public comment. The one comment 
was received on the NPRM.

NPRM

    DHS/FEMA received one public comment in support of the NPRM. The 
individual noted that they were ``in agreeance with this proposed 
regulation. However, the individual also cited concerns about the 
parameters or stipulations from which a fraud investigation can be 
launched. The publication process for the Fraud Investigations SORN, as 
required by the Privacy Act, promotes the accountability, 
responsibility, legislative oversight, and open government requested by 
the commenter. In addition to the publication of the Fraud 
Investigations SORN in the Federal Register, FEMA also provides 
transparency into its systems by publishing Privacy Impact Assessments 
(PIA). PIAs are conducted in accordance with the E-Government Act of 
2002 (Pub. L. 107-347) by FEMA Privacy personnel, are reviewed by the 
DHS Privacy Office, and signed by the DHS Chief Privacy Officer. PIAs 
describe how FEMA information technology systems work, what information 
they collect, how FEMA uses that information, any external parties with 
whom the information is shared, and the privacy risks and corresponding 
mitigations employed by FEMA. All DHS and FEMA PIAs are published on 
the DHS website, <a href="http://www.dhs.gov/privacy">www.dhs.gov/privacy</a>.

SORN

    DHS received no comments on the SORN. After consideration of the 
one public comment, the Department will implement the rulemaking as 
proposed.

List of Subjects in 6 CFR Part 5

    Freedom of information; Privacy.

    For the reasons stated in the preamble, DHS/FEMA amends Chapter I 
of Title 6, Code of Federal Regulations, as follows:

PART 5--DISCLOSURE OF RECORDS AND INFORMATION

0
1. The authority citation for part 5 continues to read as follows:

    Authority:  6 U.S.C. 101 et seq.; Pub. L. 107-296, 116 Stat. 
2135; 5 U.S.C. 301. 6 U.S.C. 142; DHS Del. No. 13001, Rev. 01 (June 
2, 2020).

    Subpart A also issued under 5 U.S.C. 552.
    Subpart B also issued under 5 U.S.C. secs. 552a and 552 note.


0
2. In appendix C to part 5, add paragraph 90 to read as follows:

Appendix C to Part 5--DHS Systems of Records Exempt From the Privacy 
Act

* * * * *
    90. The DHS/FEMA-015 Fraud Investigations System of Records 
consists of electronic and paper records that DHS and its components 
will use. The DHS/FEMA-015 Fraud Investigations System of Records is 
a repository of information held by DHS in connection with its 
several and varied missions and functions, including, but not 
limited to, the enforcement of civil and criminal laws; 
investigations, inquiries, and proceedings there under; national 
security and intelligence activities; and protection of the 
President of the U.S. or other individuals pursuant to Section 3056 
and 3056A of Title 18. The DHS/FEMA-015 Fraud Investigations System 
of Records contains information that is collected by, on behalf of, 
in support of, or in cooperation with DHS and its components and may 
contain personally identifiable information collected by other 
federal, state, local, tribal, foreign, or international government 
agencies. The Secretary of Homeland Security, pursuant to 5 U.S.C. 
522a (k)(2), has exempted this system from the following provisions 
of the Privacy Act, subject to limitations set forth in 5 U.S.C. 
secs. 552a(c)(3); (d); (e)(1); (e)(4)(G); (e)(4)(H); (e)(4)(I); and 
(f). When a record received from another system has been exempted in 
that source system under 5 U.S.C. 552a(j)(2), DHS will claim the 
same exemptions for those records that are claimed for the original 
primary systems of records from which they originated and claims any 
additional exemptions set forth here.

[[Page 91248]]

    Exemptions from these particular subsections are justified on a 
case-by-case basis to be determined at the time a request is made 
for the following reasons:
    (a) From subsection (c)(3) (Accounting for Disclosures) because 
the release of the accounting of disclosures could alert the subject 
of an investigation of an actual or potential criminal, civil, or 
regulatory violation to the existence of the investigation and 
reveal investigative interest on the part of DHS as well as the 
recipient agency. Disclosure of the accounting would, therefore, 
present a serious impediment to law enforcement efforts and/or 
efforts to preserve national security. Disclosure of the accounting 
would also permit the individual who is the subject of a record to 
impede the investigation, tamper with witnesses or evidence, and 
avoid detection or apprehension, which would undermine the entire 
investigative process.
    (b) From subsection (d) (Access and Amendment to Records) 
because access to the records contained in this system of records 
could apprise the subject of an investigation of an actual or 
potential criminal, civil, or regulatory violation to the existence 
of the investigation and reveal investigative interest on the part 
of DHS or another agency. Access to the records could permit the 
individual who is the subject of a record to impede the 
investigation, tamper with witnesses or evidence, and avoid 
detection or apprehension. Amendment of the records could interfere 
with ongoing investigations and law enforcement activities and 
impose an unreasonable administrative burden by requiring 
investigations to be continually reinvestigated. In addition, 
permitting access and amendment to such information could disclose 
security-sensitive information that could be detrimental to homeland 
security.
    (c) From subsection (e)(1) (Relevancy and Necessity of 
Information) because in the course of investigations into potential 
violations of federal law, the accuracy of information obtained or 
introduced occasionally may be unclear, or the information may not 
be strictly relevant or necessary to a specific investigation. In 
the interests of effective law enforcement, it is appropriate to 
retain all information that may aid in establishing patterns of 
unlawful activity.
    (d) From subsections (e)(4)(G), (e)(4)(H), and (e)(4)(I) (Agency 
Requirements) and (f) (Agency Rules), because portions of this 
system are exempt from the individual access provisions of 
subsection (d) for the reasons noted above, and DHS is therefore not 
required to establish requirements, rules, or procedures with 
respect to such access. Providing notice to individuals concerning 
the existence of records about them in the system of records or 
otherwise setting up procedures pursuant to which individuals may 
access and view records pertaining to themselves in the system would 
undermine investigative efforts and reveal the identities of 
witnesses, potential witnesses, and confidential informants.
* * * * *

Deborah T. Fleischaker,
Chief Privacy Officer (A), U.S. Department of Homeland Security.
[FR Doc. 2024-26836 Filed 11-15-24; 11:15 am]
BILLING CODE 9111-19-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>