Privacy Act of 1974; System of Records

Issuing agencies

Abstract

In accordance with the Privacy Act of 1974, the U.S. Department of Transportation (DOT), Federal Motor Carrier Safety Administration (FMCSA), proposes a new system of records titled "DOT/ FMCSA 015 FMCSA Registration Records." The purpose of this system of records is to allow FMCSA to consolidate the existing FMCSA registration systems in accordance with 49 U.S.C. 13908. It contains registration information for all entities regulated by the Agency under 49 U.S.C. Subtitle IV, Part B (commercial jurisdiction) and 49 U.S.C. Subtitle VI, Part B (safety jurisdiction), including, but not limited to regulated entities as described in the Background section.

Full Text

<html>
<head>
<title>Federal Register, Volume 91 Issue 90 (Monday, May 11, 2026)</title>
</head>
<body><pre>
[Federal Register Volume 91, Number 90 (Monday, May 11, 2026)]
[Notices]
[Pages 25756-25760]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2026-09310]


-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Office of the Secretary

[Docket No. OST-2024-0071]


Privacy Act of 1974; System of Records

AGENCY: Federal Motor Carrier Safety Administration (FMCSA), U.S. 
Department of Transportation (DOT).

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the U.S. 
Department of Transportation (DOT), Federal Motor Carrier Safety 
Administration (FMCSA), proposes a new system of records titled ``DOT/
FMCSA 015 FMCSA Registration Records.'' The purpose of this system of 
records is to allow FMCSA to consolidate the existing FMCSA 
registration systems in accordance with 49 U.S.C. 13908. It contains 
registration information for all entities regulated by the Agency under 
49 U.S.C. Subtitle IV, Part B (commercial jurisdiction) and 49 U.S.C. 
Subtitle VI, Part B (safety jurisdiction), including, but not limited 
to regulated entities as described in the Background section.

DATES: Submit comments on or before June 10, 2026. The Department may 
publish an amended Systems of Records Notice considering any comments 
received. This new system will be effective immediately upon 
publication. The routine uses will be effective June 10, 2026.

ADDRESSES: You may submit comments, identified by docket number OST-
2024-0071 by any of the following methods:
    <bullet> Federal e-Rulemaking Portal: <a href="https://www.regulations.gov">https://www.regulations.gov</a>. 
Follow the instructions for submitting comments.
    <bullet> Mail: Docket Management Facility, U.S. Department of 
Transportation, 1200 New Jersey Ave. SE, West Building Ground Floor, 
Room W12-140, Washington, DC 20590-0001.
    <bullet> Hand Delivery or Courier: West Building Ground Floor, Room 
W12-140, 1200 New Jersey Ave. SE, between 9 a.m. and 5 p.m. ET, Monday 
through Friday, except Federal holidays.
    Instructions: You must include the agency name and docket number 
OST-2024-0071. All comments received will be posted without change to 
<a href="https://www.regulations.gov">https://www.regulations.gov</a>, including any personal information 
provided.
    Privacy Act: Anyone is able to search the electronic form of all 
comments received in any of our dockets by the name of the individual 
submitting the comment (or signing the comment, if submitted on behalf 
of an association, business, labor union, etc.).
    Docket: For access to the docket to read background documents or 
comments received, go to <a href="https://www.regulations.gov">https://www.regulations.gov</a> or to the street 
address listed above. Follow the online instructions for accessing the 
docket.

FOR FURTHER INFORMATION CONTACT: For general and privacy questions, 
please contact: Karyn Gorman, Departmental Chief Privacy Officer, U.S. 
Department of Transportation, S-97 Washington, DC 20590, Email: 
<a href="/cdn-cgi/l/email-protection#fd8d8f948b9c9e84bd999289d39a928b"><span class="__cf_email__" data-cfemail="e797958e9186849ea7838893c9808891">[email&#160;protected]</span></a>, Tel. (202) 603-8321.

SUPPLEMENTARY INFORMATION:

Background

    In accordance with the Privacy Act of 1974, the DOT/FMCSA is 
proposing a new system of records titled ``DOT/FMCSA 015 FMCSA 
Registration Records.'' The records covered by this notice contain 
registration information for all entities regulated by FMCSA under 49 
U.S.C. Subtitle IV, Part B (commercial jurisdiction) and 49 U.S.C. 
Subtitle VI, Part B (safety jurisdiction) including, but not limited 
to: motor carriers, brokers, freight forwarders, intermodal equipment 
providers, and hazardous materials safety permit applicants/holders 
(``regulated entities''). The FMCSA registration system also contains 
information about cargo tank facilities required to register with 
FMCSA, including cargo tank motor vehicle manufacturers, assemblers, 
repairers, testers, and design certifying engineers. This system also 
maintains registration information on intrastate motor carriers located 
in states requiring them to register with FMCSA. All registration 
information contained in this system of records is entered by 
individuals or third parties acting on their behalf.
    The FMCSA registration system replaces the Unified Registration 
System (URS), the Licensing and Insurance (L&I) System. Registration 
data previously maintained in Motor Carrier Management Information 
System (MCMIS) will be migrated, and the

[[Page 25757]]

MCMIS SORN will be updated accordingly. Implementing the registration 
system allows FMCSA to operate a single, unified registration system 
for regulated entities, as contemplated by 49 U.S.C. 13908.
    Under the current registration process for USDOT Numbers and 
operating authorities, the Agency's responsibilities include monitoring 
and enforcing compliance with regulations governing both safety and 
commerce. Its focus on both concerns--safety and consumer protection--
is reflected in the dual path of its current registration process. 
Companies may find they are subject to both registration requirements--
USDOT Number and interstate operating authority--or either one 
separately. They may also require more than one operating authority or 
additional permits.
    In December 2015, FMCSA deployed the URS, requiring all first-time 
applicants registering with FMCSA for a new USDOT number and operating 
authority registration to use this online system. URS consolidated the 
public facing functionalities of the L&I System and the registration 
capabilities in MCMIS into a single, online interface. The registration 
data submitted using URS was still transmitted to and stored as 
described in the MCMIS SORN. Registered entities would then use the 
interface for the Agency's legacy registration systems to update their 
registration information with FMCSA (on an ad hoc or biennial basis) or 
add any necessary operating authorities or permits. Implementation of 
the updated registration system, which replaces URS and L&I, allows 
FMCSA to truly operate a single, unified registration system for 
regulated entities, as contemplated by 49 U.S.C. 13908.
    The routine uses are compatible with the purposes for which the 
information was collected. Individuals whose personally identifiable 
information (PII) is in this system of records have provided it to DOT 
to enable DOT to provide a central collection point for registration 
records on interstate motor carriers, as well as all regulated entities 
as described above. The information contained within this system of 
records will be collected directly from the individual employees or 
individuals who are the subject of the record, or third parties acting 
on their behalf. This system will be included in DOT's inventory of 
record systems.

Privacy Act

    The Privacy Act (5 U.S.C. 552a) governs the means by which the 
Federal Government collects, maintains, and uses PII in a System of 
Records. A ``System of Records'' is a group of any records under the 
control of a Federal agency from which information about individuals is 
retrieved by name or other personal identifier. The Privacy Act 
requires each agency to publish in the Federal Register a System of 
Records Notice (SORN) identifying and describing each System of Records 
the agency maintains, including the purposes for which the agency uses 
PII in the system, the routine uses for which the agency discloses such 
information outside the agency, and how individuals to whom a Privacy 
Act record pertains can exercise their rights under the Privacy Act 
(e.g., to determine if the system contains information about them and 
to contest inaccurate information). In accordance with 5 U.S.C. 
552a(r), DOT has provided a report of this system of records to the 
Office of Management and Budget (OMB) and to Congress.
SYSTEM NAME AND NUMBER:
    DOT/FMCSA 015--FMCSA Registration Records

SECURITY CLASSIFICATION:
    Unclassified

SYSTEM LOCATION:
    Records are maintained in a FedRAMP-certified third-party cloud 
environment (Virginia). The contracts are maintained by DOT at 1200 New 
Jersey Avenue SE, Washington, DC 20590.

SYSTEM MANAGER(S):
    Chief, Registration Division, Office of Registration, FMCSA, U.S 
Department of Transportation, 1200 New Jersey Avenue SE, Washington, DC 
20590. Email: <a href="/cdn-cgi/l/email-protection#aee8e3edfdef83e3edfcfdeecac1da80c9c1d8"><span class="__cf_email__" data-cfemail="440209071705690907161704202b306a232b32">[email&#160;protected]</span></a>.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    FMCSA's authority to enhance and update its unified registration 
system comes not only from specific authorities in the Moving Ahead for 
Progress in the 21st Century Act (MAP-21) (Pub. L. 112-141, 126 Stat. 
405, July 6, 2012), but also under its general authority to regulate 
commercial motor vehicles (CMVs) in 49 U.S.C. Subtitle III, Chapter 51 
(hazardous materials); Subtitle IV, Part B (commercial jurisdiction); 
and 49 U.S.C. Subtitle VI, Part B (safety jurisdiction). This general 
authority is codified at 49 U.S.C. 13901-13908, and 31134 and in 49 CFR 
parts 360, 365, 366, 368, 385, 387, and 390. Authority to collect 
registration information from cargo tank motor vehicle manufacturers, 
assemblers, repairers, inspectors, testers, and design certifying 
engineers is found at 49 U.S.C. 5121(a), 49 CFR 1.87(d)(1), and 49 CFR 
part 107, subpart F.

PURPOSE(S) OF THE SYSTEM:
    The purpose of this system is to provide a central collection point 
for registration records on interstate motor carriers and other 
entities regulated by the Agency under 49 U.S.C. Subtitle IV, Part B 
and 49 U.S.C. Subtitle VI, Part B, including, but not limited to 
regulated entities as described in the Background section.
    The system supports FMCSA's statutory responsibilities related to 
safety oversight, commercial compliance, consumer protection, fraud 
detection, enforcement of registration and financial responsibility 
requirements, interagency information sharing, and historical analysis 
of regulated entities' compliance with Federal motor carrier safety and 
commercial regulations.
    Information collected will be used only to the extent necessary to 
support these authorized purposes.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    <bullet> Individuals who are sole proprietors, owners, or operators 
of a regulated entity who have provided personally identifiable 
information, including a Social Security Number (SSN) when operating as 
a sole proprietor and electing not to obtain an Employer Identification 
Number (EIN).
    <bullet> Individuals associated with regulated entities, including 
company officials, designated registrant employees, safety managers, 
and authorized account holders.
    <bullet> Individuals associated with cargo tank facilities required 
to register with FMCSA, including manufacturers, assemblers, repairers, 
inspectors, testers, and design certifying engineers.
    <bullet> Individuals employed by or acting on behalf of insurers, 
financial institutions, blanket process agent companies, and third-
party service providers who submit registration-related information on 
behalf of registrants.
    <bullet> Members of the public who submit registration-related 
protests.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Categories of records include structured registration data as well 
as limited unstructured data submitted through registration-related 
protest filings.
    FMCSA does not solicit unnecessary PII in free-text fields and 
provides guidance to users to limit submission of sensitive 
information.
    Categories of records in the system include the following 
information:
    Registration Applicants:
    <bullet> Business Name and operating name.

[[Page 25758]]

    <bullet> Business Address.
    <bullet> Email address.
    <bullet> Payment details (e.g., <a href="http://Pay.gov">Pay.gov</a> ID, transaction number, 
date of transaction, transaction amount, and the business for which 
payment is made) are collected based on the fees required for the 
specific registration transaction.
    While credit cards are used to process payments, FMCSA does not 
store credit card numbers, expiration dates, SSID, or any other 
sensitive payment details.
    All payments are securely processed through <a href="http://Pay.gov">Pay.gov</a>, and no credit 
card information is retained by FMCSA.
    <bullet> Phone numbers.
    <bullet> Designated Registrant Employee(s) (e.g., owner, company 
official, safety manager, etc.)
    <bullet> Tax Identification Number (TIN), to include either an EIN 
or, in the case of an individual operating as a sole proprietor who 
chooses not to obtain an EIN for their business (against the 
recommendation of the Agency), that individual's SSN.
    <bullet> Other Authorized System Users Who Have Been Designated by 
the Registration Applicant to Provide Information on Behalf of the 
Applicant (insurance companies, financial institutions, blanket process 
agents, third-party service providers, etc.)
    <bullet> Authorized Account Holder Designee(s).
    SSNs are collected only when necessary to uniquely identify 
individual registrants (owner operators also known as sole proprietors) 
who do not possess an EIN and are used for identity verification, 
record matching, and administration of registration requirements. SSNs 
are not disclosed publicly.
    The registration system will store the following types of 
information:
    <bullet> Census Files. These files contain the USDOT number, 
carrier legal name and operating name, carrier address, type and size 
of operation, commodities carried, and other characteristics of the 
operation for interstate (and some intrastate) motor carriers, 
intermodal equipment providers, cargo tank facilities, and hazardous 
materials shippers. They include motor carrier PII consisting of Tax 
Identification Numbers, which may be either an SSN or EIN.
    <bullet> Registration-Related Protest Information. FMCSA posts 
notice of registration applications on a public website. Members of the 
public may file a protest against the application, which explains the 
basis of the protest.
    The registration system will share information with MCMIS and the 
following systems or system components:
    <bullet> Carrier Safety Measurement System (CSMS). CSMS will import 
registration data from the system. The CSMS provides an assessment of a 
carrier's regulatory compliance and safety performance. Access is 
restricted to FMCSA enforcement, federal and local law enforcement 
personnel, FMCSA HQ staff, Motor Carrier Safety Assistance Program 
(MCSAP) State lead agencies and law enforcement agencies that are FMCSA 
grantees.
    <bullet> Enforcement Management Information System (EMIS). EMIS 
will import registration data from the system. EMIS is a web-based 
application used to monitor, track, and store information related to 
FMCSA enforcement actions. It manages and tracks enforcement actions 
associated with notifying the carrier, monitoring the carrier's 
response, determining whether further compliance action is required, 
fines assessed and collected, and generating reports for various FMCSA 
Headquarters, FMCSA Service Center, and FMCSA Division staff.
    <bullet> Analysis & Information (A&I) Online. A&I will import 
registration data from the system. The A&I provides quick and efficient 
access to descriptive statistics and analyses regarding commercial 
vehicle, driver, and carrier safety information. It is used by Federal, 
State, and local law enforcement personnel, the motor carrier industry, 
insurance companies, and the public. A&I provides aggregated and non-
PII data to the public. Individual-level registration data containing 
PII is restricted to authorized users.
    <bullet> Compliance Analysis and Performance Review Information 
(CAPRI) System. CAPRI will import registration data from the system. 
The CAPRI is used by Federal and State enforcement personnel when 
conducting safety investigations (formerly known as ``compliance 
reviews''), specialized cargo tank facility reviews, household good 
investigations, and hazardous material (HM) shipper reviews.
    <bullet> Safety Enforcement Tracking and Investigation (SENTRI) 
System. SENTRI will import registration data from the system. Motor 
carrier registration information is used to pre-populate the Sentri 
safety audit data. The SENTRI is used by Federal and State enforcement 
personnel to record motor carrier and driver information during the 
course of a New Entrant Safety Audit.
    <bullet> Performance and Registration Information Systems 
Management (PRISM) System. PRISM will import registration data from the 
system. State vehicle registration offices and law enforcement agencies 
use the data to improve the safety of interstate commercial motor 
carriers.
    <bullet> Query Central (QC). QC will import registration data from 
the system. QC is a secure web application used by Federal and State 
safety enforcement personnel to conduct queries based on entity name or 
USDOT number which is matched to data imported from the registration 
system to QC.
    <bullet> SafeSpect. SafeSpect will import registration data from 
the system. SafeSpect is FMCSA's system for collecting data related to 
the inspection of a commercial motor vehicle, the motor carrier, and 
its driver. Federal and State safety enforcement personnel will enter a 
USDOT number or company name and SafeSpect will populate the company's 
registration information as maintained in the registration system.
    <bullet> New Entrant Web System (NEWS). NEWS will import 
registration data from the system. FMCSA and State Enforcement users 
manage the assignment and processing of onsite and offsite New Entrant 
safety audits using NEWS.
    <bullet> FMCSA Customer Relationship Management (CRM). FMCSA CRM 
will import registration data from the registration system. FMCSA CRM 
system is used for customer service, user management, user verification 
via government issued identification (ID) review, tracking, contact 
recording, data entry, data dissemination, workflow management, contact 
center service level agreement (SLA) monitoring, knowledge management, 
and report building. Federal and contact center personnel will enter a 
USDOT number, or operating authority and FMCSA CRM will populate the 
company's registration information as maintained in the registration 
system.

RECORD SOURCE CATEGORIES:
    Information may be submitted to the registration system by the 
following sources:
    Registration Applicants, Other Authorized System Users Who Have 
Been Designated by the Registration Applicant to Provide Information on 
Behalf of the Applicant (insurance companies, financial institutions, 
blanket process agents, third-party service providers, etc.), FMCSA 
Personnel, and Members of the Public Who File Registration-Related 
Protests.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b), all or a portion of the records or information contained in 
this system

[[Page 25759]]

may be disclosed outside DOT as a routine use pursuant to 5 U.S.C. 
552a(b)(3) as follows:
    System Specific Routine Uses:
    1. To Federal, State, and local government agencies for the 
confirmations of registration related information on registered 
entities, in the course of investigations and enforcement of applicable 
statutes and regulations.
    2. To State lead agencies and other law enforcement grantees under 
the FMCSA Motor Carrier Safety Assistance Grant Program and Border 
Enforcement Grant program, which are federal grant programs that 
provide financial assistance to states for their work in reducing the 
frequency and severity of CMV crashes and hazardous materials 
incidents.
    3. To the National Transportation Safety Board (NTSB) upon request 
by NTSB in connection with its crash investigations involving an 
individual or entity registered in the registration system.
    Department General Routine Uses:
    4. In the event that a system of records maintained by DOT to carry 
out its functions indicates a violation or potential violation of law, 
whether civil, criminal or regulatory in nature, and whether arising by 
general statute or particular program pursuant thereto, the relevant 
records in the system of records may be referred, as a routine use, to 
the appropriate agency, whether Federal, State, local or foreign, 
charged with the responsibility of investigating or prosecuting such 
violation or charged with enforcing or implementing the statute, or 
rule, regulation, or order issued pursuant thereto.
    5a. Routine Use for Disclosure for Use in Litigation. It shall be a 
routine use of the records in this system of records to disclose them 
to the Department of Justice or other federal agency conducting 
litigation when--(a) DOT, or any agency thereof, or (b) Any employee of 
DOT or any agency thereof, in their official capacity, or (c) Any 
employee of DOT or any agency thereof, in their individual capacity 
where the Department of Justice has agreed to represent the employee, 
or (d) The United States or any agency thereof, where DOT determines 
that litigation is likely to affect the United States, is a party to 
litigation or has an interest in such litigation, and the use of such 
records by the Department of Justice or other federal agency conducting 
the litigation is deemed by DOT to be relevant and necessary in the 
litigation, provided, however, that in each case, DOT determines that 
disclosure of the records in the litigation is a use of the information 
contained in the records that is compatible with the purpose for which 
the records were collected.
    5b. Routine Use for Agency Disclosure in Other Proceedings. It 
shall be a routine use of records in this system to disclose them in 
proceedings before any court or adjudicative or administrative body 
before which DOT or any agency thereof, appears, when--(a) DOT, or any 
agency thereof, or (b) Any employee of DOT or any agency thereof in 
their official capacity, or (c) Any employee of DOT or any agency 
thereof in their individual capacity where DOT has agreed to represent 
the employee, or (d) The United States or any agency thereof, where DOT 
determines that the proceeding is likely to affect the United States, 
is a party to the proceeding or has an interest in such proceeding, and 
DOT determines that use of such records is relevant and necessary in 
the proceeding, provided; however, that in each case, DOT determines 
that disclosure of the records in the proceeding is a use of the 
information contained in the records that is compatible with the 
purpose for which the records were collected.
    6. Disclosure may be made to a Congressional office from the record 
of an individual in response to an inquiry from the Congressional 
office made at the request of that individual. In such cases, however, 
the Congressional office does not have greater rights to records than 
the individual. Thus, the disclosure may be withheld from delivery to 
the individual where the file contains investigative or actual 
information or other materials which are being used, or are expected to 
be used, to support prosecution or fines against the individual for 
violations of a statute, or of regulations of the Department based on 
statutory authority. No such limitations apply to records requested for 
Congressional oversight or legislative purposes; release is authorized 
under 49 CFR 10.35(9).
    7. One or more records from a system of records may be disclosed 
routinely to the National Archives and Records Administration (NARA) in 
records management inspections being conducted under the authority of 
44 U.S.C. 2904 and 29069.
    8a. To appropriate agencies, entities, and persons when (1) DOT 
suspects or has confirmed that there has been a breach of the system of 
records; (2) DOT has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, DOT (including 
its information systems, programs, and operations), the Federal (3) the 
disclosure made to such agencies, entities, and persons is reasonably 
necessary to assist in connection with DOT's efforts to respond to the 
suspected or confirmed breach or to prevent, minimize, or remedy such 
harm.
    8b. DOT may disclose records from this system, as a routine use, to 
another Federal agency or Federal entity, when DOT determines that 
information from this system of records is reasonably necessary to 
assist the recipient agency or entity in (1) responding to a suspected 
or confirmed breach or (2) preventing, minimizing, or remedying the 
risk of harm to individuals, the recipient agency or entity (including 
its information systems, programs, and operations), the Federal 
Government, or national security, resulting from a suspected or 
confirmed breach.
    9. DOT may disclose records from this system, as a routine use, to 
the Office of Government Information Services for the purpose of (a) 
resolving disputes between FOIA requesters and federal agencies and (b) 
reviewing agencies' policies, procedures, and compliance in order to 
recommend policy changes to Congress and the President.
    10. DOT may disclose records from the system, as a routine use, to 
contractors and their agents, experts, consultants, and others 
performing or working on a contract, service, cooperative agreement, or 
other assignment for DOT, when necessary to accomplish an agency 
function related to this system of records.
    11. DOT may disclose records from this system, as a routine use, to 
an agency, organization, or individual for the purpose of performing 
audit or oversight operations related to this system of records, but 
only such records as are necessary and relevant to the audit or 
oversight activity. This routine use does not apply to intra-agency 
sharing authorized under Section (b)(1) of the Privacy Act.
    12. DOT may disclose from this system, as a routine use, records 
consisting of, or relating to, terrorism information (6 U.S.C. 
485(a)(5)), homeland security information (6 U.S.C. 482(f)(1)), or Law 
enforcement information (Guideline 2 Report attached to White House 
Memorandum, ``Information Sharing Environment'', November 22, 2006) to 
a Federal, State, local, tribal, territorial, foreign government and/or 
multinational agency, either in response to its request or upon the 
initiative of the Component, for purposes of sharing such information 
as is necessary and relevant for the agencies to detect, prevent, 
disrupt, preempt, and mitigate the effects of terrorist activities 
against the territory, people, and interests of the

[[Page 25760]]

United States of America, as contemplated by the Intelligence Reform 
and Terrorism Prevention Act of 2004 (Pub. L. 108-458) and Executive 
Order 13388 (October 25, 2005).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in this system are stored electronically in a centralized, 
cloud-based database managed by the U.S. Department of Transportation 
(DOT).

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    The registration records may be retrieved by the following data 
elements: Business Name, Business Address, Phone Numbers, Email 
address, USDOT Number, and Tax Identification Number (including either 
an Employer Identification Number or a Social Security Number).

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are maintained and disposed of in accordance with a records 
schedule pending approval from National Archives and Records 
Administration. Until approval is received, records will be retained 
permanently.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records in this system are safeguarded in accordance with 
applicable rules and policies, including all applicable DOT automated 
systems security and access policies. Appropriate controls have been 
imposed to minimize the risk of compromising the information that is 
being stored and ensuring confidentiality of communications using tools 
such as encryption, authentication of sending parties, and 
compartmentalizing databases; and employing auditing software. The 
registration system data is encrypted at rest and in transit. Access to 
records in this system is limited to those individuals who have a need 
to know the information for the performance of their official duties 
and who have appropriate clearances or permissions. All personnel with 
access to data are screened through background investigations 
commensurate with the level of access required to perform their duties.

RECORD ACCESS PROCEDURES:
    Individuals seeking access to and notification of a registration 
record about themselves contained in this system of records may do so 
by logging in to the system using the credentials the individual 
provided when establishing their registration account in the 
registration system. To the extent that applicants, and other 
authorized users designated by the applicant, have direct access to 
information related to their registration, they are not required to 
follow the Privacy Act regulations set forth in 49 CFR part 10 when 
seeking registration records about themselves from this system. If 
there is information that individuals are seeking about themselves in 
this system that they do not already have direct access to, they may 
submit a written request to the System Manager using the address 
provided under ``System Manager'' above or submit online via the 
Department's Public Access Link (PAL) at <a href="https://pal.dot.gov/">https://pal.dot.gov/</a>. Requests 
submitted through these electronic channels must include a digital 
certification of identity.
    When seeking records about yourself from this system of records or 
any other Departmental system of records your request must conform with 
the Privacy Act regulations set forth in 49 CFR part 10. The individual 
must verify their identity by providing their full name, current 
address, and date and place of birth. You must sign your request, and 
your signature must either be notarized or submitted under 28 U.S.C. 
1746, a law that permits statements to be made under penalty of perjury 
as a substitute for notarization.
    While no specific form is required, you may obtain forms for this 
purpose from the Chief Freedom of Information Act Officer, <a href="http://www.dot.gov/foia">http://www.dot.gov/foia</a> or 202.366.4542. If an individual believes more than 
one Departmental component maintains Privacy Act records concerning 
them, the individual may submit the request to the Departmental Freedom 
of Information Act Office, U.S. Department of Transportation, Room W94-
122, 1200 New Jersey Ave. SE, Washington, DC 20590, ATTN: FOIA request.
    In addition, you should provide the following:
    <bullet> An explanation of why you believe the Department would 
have information on you;
    <bullet> Identify which component(s) of the Department you believe 
may have the information about you;
    <bullet> Specify when you believe the records would have been 
created;
    <bullet> Provide any other information that will help the FOIA 
staff determine which DOT component agency may have responsive records; 
and
    If an individual seeks records pertaining to another living 
individual, the requesting individual must include a statement from the 
second individual certifying their agreement to the requested access. 
Without the above information, the Department may not be able to 
conduct an effective search, and the individual's request may be denied 
due to lack of specificity or lack of compliance with applicable 
regulations.

CONTESTING RECORD PROCEDURES:
    Individuals seeking to contest any record pertaining to them in 
this system may contact the System Manager in writing to the address 
provided under ``System Manager.'' Requests for corrections under the 
Privacy Act must be submitted in accordance with the procedures in 49 
CFR part 10, subpart E, Correction of Records. Additionally, requests 
for correction must either be notarized or submitted under 28 U.S.C. 
1746, a law that permits statements to be made under penalty of perjury 
as a substitute for notarization.

NOTIFICATION PROCEDURES:
    Individuals seeking notification of and access to any record in 
this system of records or seeking to contest the content of any record 
pertaining to them in the system may do so by following the procedures 
described in above ``Record Access Procedures'' or ``Contesting 
Records''.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.

    Issued in Washington, DC.
Karyn Gorman,
Departmental Chief Privacy Officer.
[FR Doc. 2026-09310 Filed 5-8-26; 8:45 am]
BILLING CODE 4910-9X-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>