81 FR 62484 - Privacy Act of 1974; System of Records

DEPARTMENT OF DEFENSE
Office of the Secretary

Federal Register Volume 81, Issue 175 (September 9, 2016)

Pursuant to the Privacy Act of 1974, 5 U.S.C. 552a, and Office of Management and Budget (OMB) Circular No. A-130, notice is hereby given that the Office of the Secretary of Defense proposes to add a new system of records, DSCA 06, entitled ``Defense Security Assistance Management System (DSAMS).'' The system will facilitate case development, implementation, and management of the Foreign Military Sales and International Military Education and Training (IMET) Programs. The DSAMS Training Module (DSAMS-TM) is used to manage training activities of individuals who have been selected by the U.S. government to attend various Department of Defense (DoD) security cooperation training courses. In establishing this system of records, the Defense Security Cooperation Agency reviewed the safeguards established for the system to ensure they are compliant with the DoD's requirements and are appropriate to the sensitivity of the information stored within the system. Any specific routine uses have been reviewed to ensure the minimum amount of personally identifiable information is provided to other federal agencies requesting emergency language support to facilitate U.S. efforts on the war on terrorism or in furtherance of national security objectives.

[Federal Register Volume 81, Number 175 (Friday, September 9, 2016)]
[Notices]
[Pages 62484-62486]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2016-21751]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

[Docket ID: DOD-2016-OS-0090]


Privacy Act of 1974; System of Records

AGENCY: Office of the Secretary of Defense, DoD.

ACTION: Notice to add a System of Records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the Privacy Act of 1974, 5 U.S.C. 552a, and Office 
of Management and Budget (OMB) Circular No. A-130, notice is hereby 
given that the Office of the Secretary of Defense proposes to add a new 
system of records, DSCA 06, entitled ``Defense Security Assistance 
Management System (DSAMS).'' The system will facilitate case 
development, implementation, and management of the Foreign Military 
Sales and International Military Education and Training (IMET) 
Programs. The DSAMS Training Module (DSAMS-TM) is used to manage 
training activities of individuals who have been selected by the U.S. 
government to attend various Department of Defense (DoD) security 
cooperation training courses.

[[Page 62485]]

    In establishing this system of records, the Defense Security 
Cooperation Agency reviewed the safeguards established for the system 
to ensure they are compliant with the DoD's requirements and are 
appropriate to the sensitivity of the information stored within the 
system. Any specific routine uses have been reviewed to ensure the 
minimum amount of personally identifiable information is provided to 
other federal agencies requesting emergency language support to 
facilitate U.S. efforts on the war on terrorism or in furtherance of 
national security objectives.

DATES: Comments will be accepted on or before October 11, 2016. This 
proposed action will be effective the date following the end of the 
comment period unless comments are received which result in a contrary 
determination.

ADDRESSES: You may submit comments, identified by docket number and 
title, by any of the following methods:
    * Federal Rulemaking Portal: http://www.regulations.gov. Follow the 
instructions for submitting comments.
    * Mail: Department of Defense, Office of the Deputy Chief 
Management Officer, Directorate of Oversight and Compliance, 4800 Mark 
Center Drive, Mailbox #24, Alexandria, VA 22350-1700.
    Instructions: All submissions received must include the agency name 
and docket number for this Federal Register document. The general 
policy for comments and other submissions from members of the public is 
to make these submissions available for public viewing on the Internet 
at http://www.regulations.gov as they are received without change, 
including any personal identifiers or contact information.

FOR FURTHER INFORMATION CONTACT: Mrs. Luz D. Ortiz, Chief, Records, 
Privacy and Declassification Division (RPD2), 1155 Defense Pentagon, 
Washington, DC 20301-1155, or by phone at (571) 372-0478.

SUPPLEMENTARY INFORMATION: The Office of the Secretary of Defense 
notices for systems of records subject to the Privacy Act of 1974 (5 
U.S.C. 552a), as amended, have been published in the Federal Register 
and are available from the address in FOR FURTHER INFORMATION CONTACT 
or at the Defense Privacy and Civil Liberties Division Web site at 
http://dpcld.defense.gov/.
    The proposed system report, as required by U.S.C. 552a(r) of the 
Privacy Act of 1974, as amended, was submitted on August 23, 2016, to 
the House Committee on Oversight and Government Reform, the Senate 
Committee on Governmental Affairs, and the Office of Management and 
Budget (OMB) pursuant to paragraph 4 of Appendix I to OMB Circular No. 
A-130, ``Federal Agency Responsibilities for Maintaining Records About 
Individuals,'' revised November 28, 2000 (December 12, 2000 65 FR 
77677).

    Dated: September 6, 2016.
Aaron Siegel,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
DSCA 06

System name:
    Defense Security Assistance Management System (DSAMS)

System location(s):
    Defense Information Systems Agency (DISA), Defense Enterprise 
Computing Center (DECC), Attention: Defense Security Assistance 
Management System (DSAMS-SA7), Building 3900, 8750 Industrial 
Boulevard, Tinker AFB, OK 73145.

Categories of individuals covered by the system:
    DoD civilian, military, contractor personnel (collectively, ``U.S. 
personnel''), and individuals with dual citizenship with the U.S., 
selected to attend DoD security cooperation training (collectively, 
``students'').

Categories of records in the system:
    U.S. Personnel Data: Full name, military rank, organization, office 
telephone number and address.
    Student Data: Full name and alias, gender, citizenship, country of 
service, country service number, nationality, date and place of birth, 
marital status, physical descriptions, biographical data, email 
addresses, work and home addresses, work, fax and personal telephone 
numbers, military rank, military unit, worksheet and student control 
numbers, student code and U.S. grade equivalent, clearance information, 
passport and visa information, flight crew position type, dependency 
data (if accompanied), language capabilities, educational and 
employment history, training activities and personal preferences (e.g. 
dietary needs, religious accommodations, customs and traditions).

Authority for maintenance of the system:
    22 U.S.C. Chapters 32 and Chapter 39; 10 U.S.C. 134, Under 
Secretary of Defense for Policy; DoD Directive (DoDD) 5105.65, Defense 
Security Cooperation Agency (DSCA); DoDD 5132.03, DoD Policy and 
Responsibilities Relating to Security Cooperation; Army Regulation 12-
15, Secretary of the Navy Instruction 4950.4B/Air Force Instruction 16-
105, Joint Security Cooperation Education and Training; and DSCA Manual 
5105.38-M, Security Assistance Management Manual, Chapter 10, 
International Training.

Purpose(s):
    To facilitate case development, implementation, and management of 
the Foreign Military Sales and International Military Education and 
Training (IMET) Programs. The DSAMS Training Module (DSAMS-TM) is used 
to manage training activities of individuals who have been selected by 
the U.S. government to attend various Department of Defense (DoD) 
security cooperation training courses.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act of 1974, as amended, these records may 
specifically be disclosed outside the DoD as follows to:

Law Enforcement Routine Use:
    If a system of records maintained by a DoD Component to carry out 
its functions indicates a violation or potential violation of law, 
whether civil, criminal, or regulatory in nature, and whether arising 
by general statute or by regulation, rule, or order issued pursuant 
thereto, the relevant records in the system of records may be referred, 
as a routine use, to the agency concerned, whether federal, state, 
local, or foreign, charged with the responsibility of investigating or 
prosecuting such violation or charged with enforcing or implementing 
the statute, rule, regulation, or order issued pursuant thereto.

Congressional Inquiries Disclosure Routine Use:
    Disclosure from a system of records maintained by a DoD Component 
may be made to a congressional office from the record of an individual 
in response to an inquiry from the congressional office made at the 
request of that individual.

Disclosures Required by International Agreements Routine Use:
    A record from a system of records maintained by a DoD Component may 
be disclosed to foreign law enforcement, security, investigatory, or 
administrative authorities to comply with requirements imposed by, or 
to claim rights conferred in, international agreements and

[[Page 62486]]

arrangements including those regulating the stationing and status in 
foreign countries of DoD military and civilian personnel.

Disclosure to the Department of Justice for Litigation Routine Use:
    A record from a system of records maintained by a DoD Component may 
be disclosed as a routine use to any component of the Department of 
Justice for the purpose of representing the Department of Defense, or 
any officer, employee or member of the Department in pending or 
potential litigation to which the record is pertinent.

Disclosure of Information to the National Archives and Records 
Administration Routine Use:
    A record from a system of records maintained by a DoD Component may 
be disclosed as a routine use to the National Archives and Records 
Administration for the purpose of records management inspections 
conducted under authority of 44 U.S.C. 2904 and 2906.

Data Breach Remediation Purposes Routine Use:
    A record from a system of records maintained by a Component may be 
disclosed to appropriate agencies, entities, and persons when (1) The 
Component suspects or has confirmed that the security or 
confidentiality of the information in the system of records has been 
compromised; (2) the Component has determined that as a result of the 
suspected or confirmed compromise there is a risk of harm to economic 
or property interests, identity theft or fraud, or harm to the security 
or integrity of this system or other systems or programs (whether 
maintained by the Component or another agency or entity) that rely upon 
the compromised information; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with the Components efforts to respond to the suspected or 
confirmed compromise and prevent, minimize, or remedy such harm.
    The DoD Blanket Routine Uses set forth at the beginning of the 
Office of the Secretary of Defense (OSD) compilation of systems of 
records notices may apply to this system. The complete list of DoD 
Blanket Routine Uses can be found online at: http://dpcld.defense.gov/Privacy/SORNsIndex/BlanketRoutineUses.aspx.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Electronic storage media.

Retrievability:
    Worksheet Control Number (WCN), Student Control Number (SCN) or by 
the individual's name.

Safeguards:
    All DSAMS users with access to the data have valid and current 
background investigations. Access to DSAMS information is role based. 
Users of these systems have access to a limited subset of data based on 
the concept of least privilege/limited access, and write capability, 
which is limited to specific roles and tracked. In addition, the 
individual user will not have access to the data, except through their 
systems security software inherent to the operating system and 
application, and all access is controlled by authentication methods to 
validate the approved users. The information is also maintained in 
secured information systems which are located in controlled access 
facilities guarded 24 hours a day, seven days a week.

Retention and disposal:
    Permanent. Transfer to the National Archives when no longer 
required for reference.

System manager(s) and address:
    Defense Security Assistance Management System Program Manager, 
Defense Security Assistance Development Center (DSADC), ATTN: DSAMS 
PMO, 5450 Carlisle Pike, Building 107 N, Mechanicsburg, PA 17055-2411.

Notification procedure:
    Individuals seeking to determine whether information about 
themselves is contained in this system of records should address 
written inquiries to the Defense Security Assistance Management System 
Program Manager, Defense Security Assistance Development Center 
(DSADC), ATTN: DSAMS PMO, 5450 Carlisle Pike, Building 107 N., 
Mechanicsburg, PA 17055-2411.
    Signed, written requests should include the full name, current 
address and telephone number, and the name and number of this system of 
records notice.
    In addition, the requester must provide a notarized statement or an 
unsworn declaration made in accordance with 28 U.S.C. 1746, in the 
following format:
    If executed outside the United States: ``I declare (or certify, 
verify, or state) under penalty of perjury under the laws of the United 
States of America that the foregoing is true and correct. Executed on 
(date). (Signature).''
    If executed within the United States, its territories, possessions, 
or commonwealths: ``I declare (or certify, verify, or state) under 
penalty of perjury that the foregoing is true and correct. Executed on 
(date). (Signature)''.

Record access procedures:
    Individuals seeking access to records about themselves contained in 
this system should address written inquiries to the Office of the 
Secretary of Defense/Joint Staff, Freedom of Information Act Requester 
Services, 1155 Defense Pentagon, Washington, DC 20301-1155.
    Signed, written requests should include the full name, current 
address and telephone number, and the name and number of this system of 
records notice.
    In addition, the requester must provide a notarized statement or an 
unsworn declaration made in accordance with 28 U.S.C. 1746, in the 
following format:
    If executed outside the United States: ``I declare (or certify, 
verify, or state) under penalty of perjury under the laws of the United 
States of America that the foregoing is true and correct. Executed on 
(date). (Signature).''
    If executed within the United States, its territories, possessions, 
or commonwealths: ``I declare (or certify, verify, or state) under 
penalty of perjury that the foregoing is true and correct. Executed on 
(date). (Signature)''.

Contesting record procedures:
    The OSD rules for accessing records, for contesting contents and 
appealing initial agency determinations are published in OSD 
Administrative Instruction 81; 32 CFR part 311; or may be obtained from 
the system manager.

Record source categories:
    Individual or service organization.

Exemptions claimed for the system:
    None.

[FR Doc. 2016-21751 Filed 9-8-16; 8:45 am]
 BILLING CODE 5001-06-P