Skip to Content

Proposed Rule

Department of Defense Privacy Program

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

Department of Defense.

ACTION:

Proposed rule.

SUMMARY:

The Department of Defense is proposing to update policies and responsibilities for the Defense Privacy Program which implements the Privacy Act of 1974 by showing organizational changes and realignments and by revising referenced statutory and regulatory authority.

DATES:

Comments must be received on or before November 7, 2005 to be considered by this agency.

ADDRESSES:

Send comments to the Director, Defense Privacy Office, 1901 South Bell Street, Suite 920, Arlington, VA 22202-4512.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Mr. Vahan Moushegian, Jr., at (703) 607-2943.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

Executive Order 12866, “Regulatory Planning and Review”

It has been determined that Privacy Act rules for the Department of Defense are not significant rules. The rules do not (1) have an annual effect on the economy of $100 million or more or adversely affect in a material way the economy; a sector of the economy; productivity; competition; jobs; the environment; public health or safety; or State, local, or tribal governments or communities; (2) Create a serious inconsistency or otherwise interfere with an action taken or planned by another Agency; (3) Materially alter the budgetary impact of entitlements, grants, user fees, or loan programs, or the rights and obligations of recipients thereof; or (4) Raise novel legal or policy issues arising out of legal mandates, the President's priorities, or the principles set forth in this Executive order.

Public Law 96-354, “Regulatory Flexibility Act” (5 U.S.C. Chapter 6)

It has been determined that Privacy Act rules for the Department of Defense do not have significant economic impact on a substantial number of small entities because they are concerned only with the administration of Privacy Act systems of records within the Department of Defense.

Public Law 96-511, “Paperwork Reduction Act” (44 U.S.C. Chapter 35)

It has been determined that Privacy Act rules for the Department of Defense impose no information requirements beyond the Department of Defense and that the information collected within the Department of Defense is necessary and consistent with 5 U.S.C. 552a, known as the Privacy Act of 1974.

Section 202, Public Law 104-4, “Unfunded Mandates Reform Act”

It has been determined that Privacy Act rulemaking for the Department of Defense does not involve a Federal mandate that may result in the expenditure by State, local and tribal governments, in the aggregate, or by the private sector, of $100 million or more and that such rulemaking will not significantly or uniquely affect small governments.

Executive Order 13132, “Federalism”

It has been determined that Privacy Act rules for the Department of Defense do not have federalism implications. The rules do not have substantial direct effects on the States, on the relationship between the National Government and the States, or on the distribution of power and responsibilities among the various levels of government.

Start List of Subjects

List of Subjects in 32 CFR Part 310

End List of Subjects

Accordingly, 32 CFR part 310, Subpart A-DoD Policy, is proposed to be amended as follows:

Start Part

PART 310—DOD PRIVACY PROGRAM

1. The authority citation for 32 CFR part 310 continues to read as follows:

Start Authority

Authority: Pub. L. 93-579, 88 Stat 1896 (5 U.S.C. 552a).

End Authority

2. Revise § 310.1 to read as follows:

Reissuance.

This part is reissued to consolidate into a single document (32 CFR part 310) Department of Defense (DoD) policies and procedures for implementing the Privacy Act of 1974, as amended (5 U.S.C. 552a) by authorizing the development, publication and maintenance of the DoD Privacy Program set forth by DoD Directive 5400.11, November 16, 2004, and 5400.11-R, August 31, 1983, both entitled: “DoD Privacy Program.”

3. Amend § 310.3 by revising paragraph (a) to read as follows:

Applicability and scope.

(a) Applies to the Office of the Secretary of Defense (OSD), the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the Inspector General of the Department of Defense (IG, DoD), the Defense Agencies, the DoD Field Activities, and all other organizational entities in the Department of Defense (hereinafter referred to collectively as “the DoD Components”). This part is mandatory for use by all DoD Components. Heads of DoD Components may issue supplementary instructions only when necessary to provide for unique requirements within their Components. Such instructions will not conflict with the provisions of this part.

* * * * *

4. Amend § 310.4 by revising the definition of Individual to read as follows:

Definitions.
* * * * *

Individual. A living person who is a citizen of the United States or an alien lawfully admitted for permanent residence. The parent of a minor or the legal guardian of any individual also may act on behalf of an individual. Members of the United States Armed Forces are individuals. Corporations, partnerships, sole proprietorships, professional groups, businesses, whether incorporated or unincorporated, and other commercial entities are not individuals.

* * * * *

5. Amend § 310.5 as follows:

a. Remove the introductory text;

b. Revise paragraphs (a) and (g);

c. Add paragraph (j) to read as follows:

Start Printed Page 53136
Policy.

(a) The privacy of an individual is a personal and fundamental right that shall be respected and protected.

* * * * *

(g) Disclosure of records pertaining to personnel of the National Security Agency, the Defense Intelligence Agency, the National Reconnaissance Office, and the National Geospatial-Intelligence Agency shall be prohibited to the extent authorized by Public Law 86-36 (1959) and 10 U.S.C. 424. Disclosure of records pertaining to personnel of overseas, sensitive, or routinely deployable units shall be prohibited to the extent authorized by 10 U.S.C. 130b. Disclosure of medical records is prohibited except as authorized by DoD 6025.18-R.

* * * * *

(j) DoD Field Activities shall receive Privacy Program support from the Director, Washington Headquarters Services.

6. Amend § 310.6 as follows:

a. Revise paragraphs (a)(4), (b), (c) introductory text, (c)(3), (d) introductory text and (d)(5);

b. Add paragraph (a)(5[d3]) to read as follows:

Responsibilities.

(a) * * *

(4) Serve as the Chair to the Defense Privacy Board and Defense Data Integrity Board (§ 310.9).

(5) Supervise and oversee the activities of the Defense Privacy Office (§ 310.9).

(b) The Director, Washington Headquarters Services, under the DA&M, OSD, shall provide Privacy Program support for DoD Field Activities.

(c) The General Counsel of the Department of Defense (GC, DoD) shall:

* * * * *

(3) Serve as a member of the Defense Privacy Board, the Defense Data Integrity Board, the Defense Privacy Board Legal Committee (§ 310.9).

(d) The Secretaries of the Military Departments and the Heads of the Other DoD Components, except as noted in § 310.5(j), shall:

* * * * *

(5) Submit reports, consistent with the requirements of DoD 5400.11-R, as mandated by 5 U.S.C. 552a and OMB Circular A-130, and as otherwise directed by the Defense Privacy Office.

* * * * *

7. Amend § 310.9 as follows:

a. Revise paragraphs (a)(1), (b)(1), (c)(1);

b. Redesignate the second paragraph (c) as a new paragraph (d);

c. Revise newly redesignated (d)(1)(vi) and (d)(1)(x) to read as follows:

Privacy boards and office composition and responsibilities.

(a) * * *

(1) Membership. The Board shall consist of the DA&M, OSD, who shall serve as the Chair; the Director of the Defense Privacy Office, DA&M, who shall serve as the Executive Secretary and as a member; The representatives designated by the Secretaries of the Military Departments; and the following officials or their designees: The Deputy Under Secretary of Defense for Program Integration (DUSD(PI)); the Assistant Secretary of Defense for Health Affairs; the Assistant Secretary of Defense for Networks and Information Integration (ASD(NII)/Chief Information Officer (CIO); the Director, Executive Services and Communications Directorate, Washington Headquarters Services (WHS); the GC, DoD; and the Director for Information Technology Management Directorate (ITMD), WHS. The designees also may be the principal point of contact for the DoD Component for privacy matters.

* * * * *

(b) * * *

(1) Membership. The Board shall consist of the DA&M, OSD, who shall serve as the Chair; the Director of the Defense Privacy Office, DA&M, who shall serve as the Executive Secretary; and the following officials or their designees: The representatives designated by the Secretaries of the Military Departments; the DUSD(PI); the ASD(NII)/CIO; the GC, DoD; the Inspector General, DoD; the ITMD, WHS; and the Director, Defense Manpower Data Center. The designees also may be the principal points of contact for the DoD Component for privacy matters.

* * * * *

(c) * * *

(1) The Committee shall consist of the Director, Defense Privacy Office, DA&M, who shall serve as the Chair and the Executive Secretary; the GC, DoD, or designee; and civilian and/or military counsel from each of the DoD Components. The General Counsels (GCs) and The Judge Advocates General of the Military Departments shall determine who shall provide representation for their respective Department to the Committee. This does not preclude representation from each office. The GCs of the other DoD Components shall provide legal representation to the Committee. Other DoD civilian or military counsel may be appointed by the Executive Secretary, after coordination with the DoD Component concerned, to serve on the Committee on those occasions when specialized knowledge or expertise shall be required.

* * * * *

(d) The Defense Privacy Office.

(1) * * *

(vi) Review proposed DoD Component privacy rulemaking, to include submission of the rule to the Office of the Federal Register for publication and providing OMB and the Congress reports, consistent with 5 U.S.S. 552a, OMB Circular A-130, and DoD 5400.11-R.

* * * * *

(x) Compile and submit the “Biennial Matching Activity Report” to the OMB as required by OMB Circular A-130 and DoD 5400.11-R, and such other reports as required.

* * * * *
Start Signature

Dated: August 31, 2005.

L.M. Bynum,

Alternate OSD Federal Register Liaison Officer, Department of Defense.

End Signature End Part End Supplemental Information

[FR Doc. 05-17646 Filed 9-6-05; 8:45 am]

BILLING CODE 5001-08-P