[Federal Register: November 12, 2008 (Volume 73, Number 219)]
[Notices]               
[Page 66852-66854]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr12no08-49]                         

-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

[Docket ID: DoD-2008-OS-0131]

 
Privacy Act of 1974; System of Records

AGENCY: Office of the Secretary, DoD.

ACTION: Notice to alter a system of records.

-----------------------------------------------------------------------

SUMMARY: The Office of the Secretary of Defense is proposing to alter a 
system of records notice in its existing inventory of record systems 
subject to the Privacy Act of 1974, (5 U.S.C. 552a), as amended.

DATES: This proposed action will be effective without further notice on 
December 12, 2008, unless comments are received which result in a 
contrary determination.

ADDRESSES: Send comments to the Privacy Act Officer, Office of Freedom 
of Information, Washington Headquarters Services, 1155 Defense 
Pentagon, Washington, DC 20301-1155.

FOR FURTHER INFORMATION CONTACT: Mrs. Cindy Allard at (703) 588-2386.

SUPPLEMENTARY INFORMATION: The Office of the Secretary of Defense 
systems of records notices subject to the Privacy Act of 1974, (5 
U.S.C. 552a), as amended, have been published in the Federal Register 
and are available from the address above.
    The proposed systems reports, as required by 5 U.S.C. 552a(r) of 
the Privacy Act of 1974, as amended, were submitted on October 21, 
2008, to the House Committee on Government Oversight and Reform, the 
Senate Committee on Homeland Security and Governmental Affairs, and the 
Office of Management and Budget (OMB) pursuant to paragraph 4c of 
Appendix I to OMB Circular No. A-130, ``Federal Agency Responsibilities 
for Maintaining Records About Individuals,'' dated February 8, 1996 
(February 20, 1996, 61 FR 6427).


[[Page 66853]]


    Dated: November 3, 2008.
Morgan E. Frazier,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
DTIC 01

System name:
    Defense User Registration System (April 25, 2005, 70 FR 21181).

Changes:
* * * * *

System name:
    Delete entry and replace with ``Defense User Registration System 
(DURS) Records.''
* * * * *

Categories of individuals covered by the system:
    Delete entry and replace with ``DoD and other U.S. Federal 
Government agency military and civilian personnel and their 
contractors; researchers of colleges or universities funded by DoD or 
other U.S. Federal Government agencies; students and employees of 
specifically qualifying educational institutions, Groups, and Programs, 
e.g., Historically Black Colleges, Universities, and Minority 
Institutions (HBCU/MI), Hispanic Serving Institutions (HSIs), and 
University Research Support (URS); awardees under the Multidisciplinary 
University Research Initiative (MURI); awardees and researchers 
eligible for awards under the Defense Experimental Program to Stimulate 
Competitive Research (DEPSCOR); designated officials and employees of 
foreign embassies; and members of Small Business Innovative Research 
(SBIR) Organizations/Groups.''

Categories of records in the system:
    Delete entry and replace with ``Information relating to 
registration requests by individuals seeking access to DTIC-owned or 
controlled computers, databases, products, and/or services. The records 
contain the individual's name; organization/company mailing address/
physical location; registrants' USERID; password/reset questions; 
organization/company telephone number(s); access eligibility; 
dissemination/distribution group codes; and personal and facility 
security clearance level(s). The records also contain the government 
approving official's name, office phone number, and e-mail address; 
dates of registration's activation, and the projected date of 
expiration. Where applicable, the records contain contract number(s), 
contract expiration date(s), and the Military Critical Technical Data 
Agreement (MCTDA) Certification Number. Only DoD employees requesting 
registration are required to submit their SSNs via encryption to DMDC 
(Defense Manpower Data Center) to confirm their status as DoD 
employees. The SSN is not viewed, stored, nor accessible by DTIC.''
* * * * *

Authority:
    Delete entry and replace with ``5 U.S.C. 301, Departmental 
Regulation; E.O. 12958, Classified National Security Information; DOD 
5200.1-R, Information Security Program; Defense Information Systems 
Agency Instruction 240-110-8, Information Security Program; and E.O. 
9397 (SSN).''

Purpose(s):
    Delete entry and replace with ``The purpose of this system of 
records is to collect, validate eligibility, and maintain an official 
registry file that identifies individuals and organizations who apply 
for, and are granted, access privileges to DTIC products, services and 
electronic information systems.''
* * * * *

Retrievability:
    Delete entry and replace with ``Individual name, e-mail address, 
and security clearance level.''

Safeguards:
    Delete entry and replace with ``Records are maintained in secure, 
limited access, or monitored areas. Database is monitored and access is 
password protected. Physical entry by unauthorized persons is 
restricted through the use of locks, guards, passwords, or other 
administrative procedures. Archived data is stored on discs, or 
magnetic tapes, which are kept in a locked or controlled access area. 
Access to personal information is limited to those individuals who 
require the records to perform their official assigned duties.''

Retention and disposal:
    Delete entry and replace with ``Electronic records are to be 
deleted when/if DTIC determines they are no longer needed for 
administrative, audit, legal or operational purposes. Approved disposal 
methods for electronic records and media include overwriting, 
degaussing, erasing, disintegration, pulverization, burning, melting, 
incineration, shredding or sanding.''
* * * * *
DTIC 01

System name:
    Defense User Registration System (DURS) Records.

System location:
    Defense Technical Information Center (DTIC), Directorate of User 
Services, Marketing and Registration Division, ATTN: DTIC-BC 
(Registration), 8725 John J. Kingman Road, Suite 0944, Fort Belvoir, VA 
22060-6218.

Categories of individuals covered by the system:
    DoD and other U.S. Federal Government agency military and civilian 
personnel and their contractors; researchers of colleges or 
universities funded by DoD or other U.S. Federal Government agencies; 
students and employees of specifically qualifying educational 
institutions, Groups, and Programs, e.g., Historically Black Colleges, 
Universities, and Minority Institutions (HBCU/MI), Hispanic Serving 
Institutions (HSIs), and University Research Support (URS); awardees 
under the Multidisciplinary University Research Initiative (MURI); 
awardees and researchers eligible for awards under the Defense 
Experimental Program to Stimulate Competitive Research (DEPSCOR); 
designated officials and employees of foreign embassies; and members of 
Small Business Innovative Research (SBIR) Organizations/Groups.

Categories of records in the system:
    Information relating to registration requests by individuals 
seeking access to DTIC-owned or controlled computers, databases, 
products, and/or services. The records contain the individual's name; 
organization/company mailing address/physical location; registrants' 
USERID; password/reset questions; organization/company telephone 
number(s); access eligibility; dissemination/distribution group codes; 
and personal and facility security clearance level(s). The records also 
contain the government approving official's name, office phone number, 
and e-mail address; dates of registration's activation, and the 
projected date of expiration. Where applicable, the records contain 
contract number(s), contract expiration date(s), and the Military 
Critical Technical Data Agreement (MCTDA) Certification Number. Only 
DoD employees requesting registration are required to submit their SSNs 
via encryption to DMDC (Defense Manpower Data Center) to confirm their 
status as DoD employees. The SSN is not viewed, stored, nor accessible 
by DTIC.

[[Page 66854]]

Authority for maintenance of the system:
    5 U.S.C. 301, Departmental Regulation; E.O. 12958, Classified 
National Security Information; DOD 5200.1-R, Information Security 
Program; Defense Information Systems Agency Instruction 240-110-8, 
Information Security Program; and E.O. 9397 (SSN).

Purpose(s):
    To collect, validate eligibility, and maintain an official registry 
file that identifies individuals and organizations who apply for, and 
are granted, access privileges to DTIC products, services and 
electronic information systems.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the DoD as a routine use 
pursuant to 552a(b)(3) as follows:
    The DoD ``Blanket Routine Uses'' set forth at the beginning of 
OSD's compilation of systems of records notices apply to this system.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Electronic storage media.

Retrievability:
    Individual name, e-mail address, and security clearance level.

Safeguards:
    Records are maintained in secure, limited access, or monitored 
areas. Database is monitored and access is password protected. Physical 
entry by unauthorized persons is restricted through the use of locks, 
guards, passwords, or other administrative procedures. Archived data is 
stored on discs, or magnetic tapes, which are kept in a locked or 
controlled access area. Access to personal information is limited to 
those individuals who require the records to perform their official 
assigned duties.

Retention and disposal:
    Electronic records are to be deleted when/if DTIC determines they 
are no longer needed for administrative, audit, legal or operational 
purposes. Approved disposal methods for electronic records and media 
include overwriting, degaussing, erasing, disintegration, 
pulverization, burning, melting, incineration, shredding or sanding.

System manager(s) and address:
    The Chief, Marketing and Registration Division, DTIC-BC, 8725 John 
J. Kingman Road, Suite 0944, Fort Belvoir, VA 22060-6218.

Notification procedure:
    Individuals seeking to determine whether this system of records 
contains information about themselves may address their inquiries to 
Defense Technical Information Center; ATTN: DTIC-BC (Registration 
Team), 8725 John J. Kingman Road, Suite 0944, Fort Belvoir, VA 22060-
6218.
    Requests should contain the individual's full name, Social Security 
Number, telephone number, street address, and e-mail address.

Record access procedures:
    Individuals seeking to access records about themselves contained in 
this system of records should address written inquires to the Privacy 
Act Officer, Defense Technical Information Center, 8725 John J. Kingman 
Road, Suite 0944, Fort Belvoir, VA 22060-6218.
    Requests should contain the individual's full name, Social Security 
Number, telephone number, street address, and e-mail address.

Contesting record procedures:
    The OSD rules for accessing records, for contesting contents and 
appealing initial agency determinations are published in OSD 
Administrative Instruction 81; 32 CFR part 311; or may be obtained from 
the system manager.

Record source categories:
    Information is obtained from security personnel and individuals 
applying for access to DTIC controlled access documents, information 
systems, and/or services.

Exemptions claimed for the system:
    None.

[FR Doc. E8-26749 Filed 11-10-08; 8:45 am]

BILLING CODE 5001-06-P