82 FR 13348 - Privacy Act of 1974; System of Records

FEDERAL COMMUNICATIONS COMMISSION

Federal Register Volume 82, Issue 46 (March 10, 2017)

The Federal Communications Commission (FCC or Commission or Agency) has modified an existing system of records, FCC/OMD-18, Telephone Call Details, subject to the Privacy Act of 1974, as amended. This action is necessary to meet the requirements of the Privacy Act to publish in the Federal Register notice of the existence and character of records maintained by the agency. The FCC's Office of the Managing Director (OMD) uses the Telephone Call Details system to cover the personally identifiable information (PII) that is associated with the administration of the policies and activities concerning telecommunications equipment, functions, and services that pertain to the communications that originate at the Commission (using FCC telecommunications equipment), terminate at the Commission (using FCC telecommunications equipment), and/or are accepted on behalf of the FCC, and the associated costs and charges for these telecommunications equipment, functions, and services.

[Federal Register Volume 82, Number 46 (Friday, March 10, 2017)]
[Notices]
[Pages 13348-13350]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2017-04714]


-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION


Privacy Act of 1974; System of Records

AGENCY: Federal Communications Commission.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The Federal Communications Commission (FCC or Commission or 
Agency) has modified an existing system of records, FCC/OMD-18, 
Telephone Call Details, subject to the Privacy Act of 1974, as amended. 
This action is necessary to meet the requirements of the Privacy Act to 
publish in the Federal Register notice of the existence and character 
of records maintained by the agency. The FCC's Office of the Managing 
Director (OMD) uses the Telephone Call Details system to cover the 
personally identifiable information (PII) that is associated with the 
administration of the policies and activities concerning 
telecommunications equipment, functions, and services that pertain to 
the communications that originate at the Commission (using FCC 
telecommunications equipment), terminate at the Commission (using FCC 
telecommunications equipment), and/or are accepted on behalf of the 
FCC, and the associated costs and charges for these telecommunications 
equipment, functions, and services.

DATES: Written comments are due on or before April 10, 2017. This 
action (including the routine uses) will become effective on April 10, 
2017 unless comments are received that require a contrary 
determination.

ADDRESSES: Send comments to Leslie F. Smith, Privacy Manager, 
Information Technology (IT), Room 1-C216, Federal Communications 
Commission (FCC), 445 12th Street SW., Washington, DC 20554, or to 
[email protected].

FOR FURTHER INFORMATION CONTACT: Leslie F. Smith, (202) 418-0217, or 
[email protected] (and to obtain a copy of the Narrative Statement 
and the Supplementary Document, which includes details of the proposed 
changes and updates to this system of records).

SUPPLEMENTARY INFORMATION: This notice serves to update and modify FCC/
OMD-18, Telephone Call Details, as a result of the various new and 
expanded types and uses of telecommunications equipment, functions, and 
services that are used to send, receive, and/or charge communications 
to the Commission and other miscellaneous but necessary updates and 
changes since its previous publication.
SYSTEM NAME AND NUMBER:
FCC/OMD-18, Telephone Call Details.

SECURITY CLASSIFICATION:
    No information in the system is classified.

SYSTEM LOCATION:
    Information Technology (IT), Office of the Managing Director (OMD), 
FCC, 445 12th Street SW., Washington, DC 20554.

SYSTEM MANAGER(S) AND ADDRESS:
    Information Technology (IT), Office of the Managing Director (OMD), 
Federal Communications Commission (FCC), 445 12th Street SW., Room 1-
C361, Washington, DC 20554.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301, 44 U.S.C. 3101, and 47 U.S.C. 154(i).

PURPOSE(S):
    The FCC uses the personally identifiable information (PII) in this 
system as part of its duties and responsibilities associated with the 
administration of the FCC's policies, programs, and activities 
concerning communications equipment, functions, and services and the 
related communications that originate at the Commission (using FCC 
telecommunications equipment), terminate at the Commission (using FCC 
telecommunications equipment), and/or are accepted on behalf of the FCC 
(e,g., collect call charges), and the associated costs and charges for 
these telecommunications services and equipment. The PII in this system 
includes but is not limited to the uses associated with:
    1. Accounting for the information contained in the communications 
bills for these communications that originate from FCC equipment; and
    2. Ensuring that the FCC operates efficiently and effectively, and 
guards against any improper uses of FCC telecommunications equipment.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Information in the categories of individuals includes, but is not 
limited to:
    FCC staff (including, but not limited to current and former 
employees, interns, co-op students, and volunteers), FCC contractors, 
visitors, building and maintenance staff, and/or other individuals who 
may send, receive, or charge communications, which include but are not 
limited to voice, text,\1\ facsimiles, Voice over Internet Protocol 
(VoIP), teleconferencing (audio or video), and Federal Relay Service 
(FRS) from FCC telecommunications equipment (including, but not limited 
to, wireline telephones, cellular telephones and other mobile devices, 
video relay phones, VoIP devices, satellite telephones, and 
teleconferencing equipment).
---------------------------------------------------------------------------

    \1\ The FCC does not log or store the real-time text messages 
from our wireless devices. Only the billing invoice data, which 
include the calling/from number, date, time, destination/to number 
and cost, if any, for each text or picture message but not the 
actual message, are stored.
---------------------------------------------------------------------------

CATEGORIES OF RECORDS IN THE SYSTEM:
    The categories of records in the system include, but are not 
limited to:

[[Page 13349]]

    1. Records of communications that originate at the Commission using 
FCC telecommunications equipment (originating number); that terminate 
at the Commission received by FCC telecommunications equipment 
(terminating number), and/or are accepted on behalf of the FCC (e,g., 
collect call charges), and the associated costs and charges for these 
telecommunications services and equipment, which include, but are not 
limited to:
    a. Identifying communications numbers (including but not limited to 
telephone number, fax number, IP address, audio conference bridge 
number, or other unique communications identifier(s));
    b. Time (calls start and calls end) and data usage from the 
communication;
    c. Duration of the communication (lapsed time);
    d. Disposition and cost of communications, including FRS and 
collect call charges;
    e. FCC bureau/office to which the relevant identifying 
communications numbers are assigned; and
    f. Email address of the FCC staff to which the relevant identifying 
communications numbers are assigned;
    2. Type and number of FCC telecommunications equipment assigned to 
FCC staff (employees and contractors);
    3. The physical location of FCC telecommunications equipment;
    4. Copies of related communications and service records, including 
any periodic summaries which may have been compiled to reflect the 
total number and type of communications and related user charges, 
usages, and fees from FCC headquarters and facilities in Gettysburg, PA 
and Columbia, MD; and
    5. Names of FCC staff and contractors.

RECORD SOURCE CATEGORIES:
    The sources for information in this system include, but are not 
limited to the records for the usage and charges for the 
telecommunications that originate at the Commission (using FCC 
telecommunications equipment), terminate at the Commission (using FCC 
telecommunications equipment), and/or are accepted on behalf of the FCC 
(e.g., collect call charges), including but is not limited to voice, 
text, facsimiles, VoIP, FRS (Video Relay Services), satellite 
telephones, and other teleconferencing services and functions (audio or 
video), using various telecommunications equipment and devices 
(including, but not limited to wireline telephones, cellular 
telephones, other mobile or broadband devices, VoIP devices, satellite 
telephones, and teleconferencing equipment and services (audio or 
video)).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed to authorized 
entities, as is determined to be relevant and necessary, outside the 
FCC as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows. In 
each of these cases, the FCC will determine whether disclosure of the 
records is compatible with the purpose(s) for which the records were 
collected:
    1. Adjudication and Litigation--To the Department of Justice (DOJ), 
or other administrative body before which the FCC is authorized to 
appear, when: (a) The FCC or any component thereof; or (b) any employee 
of the FCC in his or her official capacity; (c) any employee of the FCC 
in his or her individual capacity where DOJ or the FCC has agreed to 
represent the employee; or (d) the United States is a party to 
litigation or has an interest in such litigation, and the use of such 
records by DOJ or the FCC is deemed by the FCC to be relevant and 
necessary to the ligation.
    2. Law Enforcement and Investigation--To disclose pertinent 
information to the appropriate Federal, State, and/or local agency 
responsible for investigating, prosecuting, enforcing, or implementing 
a statute, rule, regulation, or order, where the FCC becomes aware of 
an indication of a violation or potential violation of civil or 
criminal law or regulation.
    3. Congressional Inquiries--To provide information to a 
congressional office from the record of an individual in response to an 
inquiry from that congressional office made at the request of that 
individual.
    4. Government-wide Program Management and Oversight--To the 
National Archives and Records Administration (NARA) for use in its 
records management inspections; to the Government Accountability Office 
(GAO) for oversight purposes; to the Department of Justice (DOJ) to 
obtain that department's advice regarding disclosure obligations under 
the Freedom of Information Act (FOIA); or to the Office of Management 
and Budget (OMB) to obtain that office's advice regarding obligations 
under the Privacy Act.
    5. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by the Agency--To a Federal, State, local, foreign, 
tribal, or other public agency or authority maintaining civil, 
criminal, or other relevant enforcement records, or other pertinent 
records, or to another public authority or professional organization, 
if necessary to obtain information relevant to an investigation 
concerning the hiring or retention of an employee or other personnel 
action, the issuance or retention of a security clearance, the 
classifying of jobs, the letting of a contract, or the issuance or 
retention of a license, grant, or other benefit by the requesting 
agency, to the extent that the information is relevant and necessary to 
the requesting agency's decisions on the matter.
    6. Employment, Clearances, Licensing, Contract, Grant, or other 
Benefits Decisions by Other than the Agency--To a Federal, State, 
local, foreign, tribal, or other public agency or authority of the fact 
that this system of records contains information relevant to the hiring 
or retention of an employee, the issuance or retention of a security 
clearance, the conducting of a suitability or security investigation of 
an individual, the classifying of jobs, the letting of a contract, or 
the issuance or retention of a license, grant, or other benefit by the 
requesting agency, to the extent that the information is relevant and 
necessary to the agency's decision on the matter. The other agency or 
licensing organization may then make a request supported by the written 
consent of the individual for the entire records if it so chooses. No 
disclosure will be made unless the information has been determined to 
be sufficiently reliable to support a referral to another office within 
the agency or to another Federal agency for criminal, civil, 
administrative, personnel, or regulatory action.
    7. Labor Relations--To officials of labor organizations recognized 
under 5 U.S.C. Chapter 71 upon receipt of a formal request and in 
accord with the conditions of 5 U.S.C. 7114 when relevant and necessary 
to their duties of exclusive representation concerning personnel 
policies, practices, and matters affecting working conditions.
    8. Breach Notification--To appropriate agencies, entities, and 
persons when: (a) The Commission suspects or has confirmed that there 
has been a breach of the system of records; (b) the Commission has 
determined that as a result of the suspected or confirmed breach there 
is a risk of harm to individuals, the Commission (including its 
information systems, programs, and operations), the Federal Government, 
or national security; and (c) the disclosure

[[Page 13350]]

made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the Commission's efforts to respond to the 
suspected or confirmed breach or to prevent, minimize, or remedy such 
harm.
    9. Assistance to Federal Agencies and Entities--To another Federal 
agency or Federal entity, when the Commission determines that 
information from this system is reasonably necessary to assist the 
recipient agency or entity in: (a) Responding to a suspected or 
confirmed breach or (b) preventing, minimizing, or remedying the risk 
of harm to individuals, the receipient agency or entity (including its 
information systems, program, and operations), the Federal Government, 
or national security, resulting from a suspected or confirmed breach.
    10. Telecommunications Companies--To a telecommunications company 
providing support to permit account servicing, billing verification, 
and related requirements.
    11. For Non-Federal Personnel--To disclose information to 
contractors performing or working on a contract for the Federal 
Government.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The paper documents, records, files, and faxes, including but not 
limited to monthly telephone bills and related documents, are stored in 
file cabinets in ``non-public'' rooms in the Information Technology 
(IT) office suite for one year.
    The electronic files, records, and data (i.e., electronic copies of 
these telecommunications documents), including but not limited to 
monthly telephone bills and related documents, are housed in the FCC's 
computer network databases.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    The records, including telephone calls, texts, faxes, and related 
transmissions and services, are retrieved by searching electronically 
by the individual's name, name of the telephone call recipient, and/or 
identifying communications number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The FCC maintains and disposes of these various telephone, fax, 
text, and related electronic transmission service records in this in 
accordance with General Records Schedule 12 (GRS-12) issued by the 
National Archives and Records Administration (NARA). Most of the 
records in this system are maintained for six months to three years, 
although some records are kept for six years, depending upon the GRS-12 
schedule requirements. The paper copy of the invoice records are 
destroyed after one year. All monthly telephone records (electronic 
copies) are sent to NARA--none are destroyed.
    The disposition of the paper records is done by shredding. The 
electronic records are destroyed physically (electronic storage media) 
or by electronic erasure.
    Individuals may obtain a copy of the GRS-12 Schedule at: http://www.archives.gov/records-mgmt/grs/grs12.html.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The electronic records, data, and files are maintained in the FCC 
computer network databases, which are protected by the FCC's IT privacy 
safeguards, a comprehensive and dynamic set of IT safety and security 
protocols and features that are designed to meet all Federal IT privacy 
standards, including those required by the National Institute of 
Standard and Technology (NIST) and the Federal Information Security 
Management System (FISMA). In addition, access to the information in 
the telephone call details electronic files databases is restricted to 
authorized IT supervisors and staff and to the IT contractors who 
maintain these computer databases. Other FCC employees and contractors 
may be granted access only on a ``need-to-know'' basis.
    The paper documents and files are maintained in file cabinets in 
``non-public'' rooms in the IT office suite. The file cabinets are 
locked at the end of the business day. Access to the IT offices is via 
a key and card-coded door.

NOTIFICATION PROCEDURE:
    Individuals wishing to determine whether this system of records 
contains information about them may do so by writing to Leslie F. 
Smith, Privacy Manager, Information Technology (IT), Federal 
Communications Commission (FCC), 445 12th Street SW., Washington, DC 
20554, or email [email protected].
    Individuals must furnish reasonable identification by showing any 
two of the following: Social security card; driver's license; employee 
identification card; Medicare card; birth certificate; bank credit 
card; or other positive means of identification, or by signing an 
identity statement stipulating that knowingly or willfully seeking or 
obtaining access to records about another person under false pretenses 
is punishable by a fine of up to $5,000.
    Individuals requesting access must also comply with the FCC's 
Privacy Act regulations regarding verification of identity and access 
to records (5 CFR part 0, subpart E).

RECORD ACCESS PROCEDURES:
    Individuals wishing to request an amendment of records about them 
should follow the Notification Procedure above.

CONTESTING RECORD PROCEDURES:
    Individuals wishing to request an amendment of records about them 
should follow the Notification Procedure above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    The FCC last gave full notice of this system of records, FCC/OMD-
18, Telephone Call Details, by publication in the Federal Register on 
April 5, 2006 (71 FR 17234, 17262).

Federal Communications Commission.
Marlene H. Dortch,
Secretary.
[FR Doc. 2017-04714 Filed 3-9-17; 8:45 am]
BILLING CODE 6712-01-P