Skip to Content

Notice

Office of Privacy, Records, and Disclosure; Privacy Act of 1974, as Amended

Document Details

Information about this document as published in the Federal Register.

Enhanced Content

Relevant information about this document from Regulations.gov provides additional context. This information is not part of the official Federal Register document.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

ACTION:

Notice of Proposed Privacy Act Systems of Records.

SUMMARY:

In accordance with the Privacy Act of 1974, as amended, the Special Inspector General for Afghanistan Reconstruction (SIGAR) gives notice of its intent to create the SIGAR system of records titled, SIGAR-11: Social Media Records, and SIGAR-12: Internal Electronic Collaboration Tools. The Social Media system will assist SIGAR by providing new ways to connect and share information, and solicit and receive feedback freely with the public. The Internal Electronic Collaboration Tools will collect information related to new procedures for the collection of information related to internal electronic collaboration tools which use Microsoft SharePoint, including the SIGAR Intranet and social media tools within the Internet.

DATES:

Comments must be received no later than September 4, 2012. The new system of records will be effective October 2, 2012 unless SIGAR receives comments that would result in a contrary determination.

ADDRESSES:

Comments should be sent to Kate Gastner, Public Information Manager, Special Inspector General for Afghanistan Reconstruction, 2530 Crystal Drive, Arlington, VA 22202-3934. Comments will be made available for inspection upon written request. SIGAR will make such comments available for public inspection in the Office of Privacy, Records, and Disclosure, 9th Floor, 1550 Crystal Drive, Arlington, VA 22202, on official business days between the hours of 9 a.m. and 5 p.m. Eastern time. You can make an appointment to inspect comments by telephoning (703) 545-6000. All comments, including attachments and other supporting materials, received are part of the public record and subject to public disclosure. You should submit only information that you wish to make available publicly.

FOR FURTHER INFORMATION CONTACT:

Kate Gastner, Public Information Manager, Special Inspector General for Afghanistan Reconstruction, 2530 Crystal Drive, Arlington, VA 22202-3934, (703) 545-5993.

SUPPLEMENTARY INFORMATION:

On January 28, 2008, the President signed into law the National Defense Authorization Act for Fiscal Year 2008 (Pub. L. 110-181), which created the Special Inspector General for Afghanistan Reconstruction (SIGAR). SIGAR is responsible for coordinating and conducting audits and investigations to promote efficiency and effectiveness of reconstruction programs, and to detect and prevent waste, fraud, and abuse of taxpayers' dollars. Under 5 U.S.C. 301, heads of Executive or military departments may prescribe regulations governing the conduct of its employees and the custody, use, and preservation of the department's records, papers, and property. To facilitate SIGAR's audits, investigations, and other operations, it plans to create the following systems of records:

SIGAR-11 Social Media Records;

SIGAR-12 Internal Electronic Collaboration Tools.

The Report of the a new system of records, as required by 5 U.S.C. 552a(r) of the Privacy Act, has been submitted to the Committee on Oversight and Government Reform of the House of Representatives, the Committee on Homeland Security and Governmental Affairs of the Senate, and the Office of Management and Budget, pursuant to Appendix I to OMB Circular A-130, “Federal Agency Responsibilities for Maintaining Records About Individuals,” dated November 30, 2000.

Sections 552a(e)(4) and (11) of title 5, United States Code, provide that an agency publish a notice of the establishment or revision of a record system which affords the public a 30-day period in which to submit comments. To meet this requirement, descriptions of the two new systems of records are published in their entirety below.

I. Social Media

SIGAR is creating the SIGAR Social Media system of records to allow SIGAR to interact with the public using third party or commercial social media applications. While SIGAR may use social media applications to connect with the public in an official capacity, information provided by an individual to register with the third party site is rarely shared with SIGAR. Information collected and stored by the social media applications is subject to the third party privacy policies posted on their Web sites. SIGAR may receive contact information from the third party site for individuals who wish to have further contact with SIGAR for addition communications such as dissemination of information for upcoming events, notification of an emergency or breaking news, or felicitation of feedback about a program.

Information provided by SIGAR on social media sites is also available on SIGARs public Web sites. If SIGAR is requesting feedback from the public through the use of social media site, an alternative SIGAR email address will also be provided so that the public may interact with SIGAR without having to use the social media site. When an individual submits an email to SIGAR, SIGAR will maintain that individual's email, and any other personal information provided in their email, in accordance with applicable records retention policies. All interactions by the public are voluntary.

Before including your address, phone number, email address, or other personal identifying information in your comment, you should be aware that your entire comment—including your personal identifying information—may be made publicly available at any time. While you can ask us in your comment to withhold your personal identifying information from public review, we cannot guarantee that we will be able to do so.

II. Internal Electronic Collaboration Tools

SIGAR is implementing internal electronic collaboration tools utilizing the Microsoft SharePoint platform. These tools will upgrade SIGAR's intranet, allow users to set up team collaboration workspaces, facilitate sharing of documents, policies and information, and allow limited social networking through the SharePoint “MySites” feature. The Intranet, built on these tools, will include SIGAR policies, procedures, forms, organization charts, news clips, and links to other sites that are helpful to staff members. The intranet will include content regarding program offices, services and support, and projects and activities. The MySites feature will allow SIGAR users to set up a personal profile, identify subject matter areas about which they are knowledgeable, upload pictures, publics notes, tags, content, and messages that are similar to email. Users will be able to manually select “colleagues” which the colleague may approve or deny, and create and join groups. Overall, the internal collaboration tools will provide invaluable dissemination and exchange of information, allowing users to stay connected within a dashboard that each user can personalize.

All SIGAR users will need to use the internal electronic collaboration tools to perform their official duties, for example, to use the Intranet to obtain business phone numbers of other SIGAR users, to view internal policies, to link to specific SharePoint sites containing SIGAR business information, or use SharePoint sites containing SIGAR business information, or use SharePoint workspaces with other team members. The use of MySites is purely voluntary; those who use MySites will have some control over which other users may see their personal information. However, Intranet sites administrators and other SIGAR staff members with a legitimate need to know the information for official purposes will have full access to view all content, including all personal content posted through MySites. Intranet users will be clearly informed, that if they use MySites, they have no reasonable expectation of privacy in any information they post, as with any other information passing through or stored on SIGAR equipment.

The Internal Electronic Collaboration Tools system of records will contain SIGAR business information, business contact information and photographs, at times personal contact information, and any personal information a user chooses to post within MySites.

Both systems will be effective as proposed at the end of the comment period (the comment period will end 30 days after the publication of this notice in the Federal Register), unless comments are received that would require a contrary determination. SIGAR will publish a revised notice if changes are made based upon a review of the comments received.

Dated: July 31, 2012.

John F. Sopko,

Inspector General.

SIGAR-11 Social Media Records

System location:

Special Inspector General for Afghanistan Reconstruction (SIGAR), 9th Floor, 1550 Crystal Drive, Arlington, VA 22202-4135.

Categories of individuals covered by the system:

Individuals who contact SIGAR through a social media outlet or other electronic means, including submitting feedback to SIGAR, correspondent with SIGAR as a result of the agency's outreach using social networks, or requesting to be contacted by SIGAR.

Categories of records in the system:

This system may contain information pass through a social media site to facilitate interaction with SIGAR such as, but not limited to: First name, last name, username, email address, home or work address, contact information, and phone numbers. It may also include input and feedback from the public, such as comments, emails, videos, and other images, which may include tags, geotags or geographic metadata. Depending on the circumstances of the individual's interaction and the social media site being used, it may include data provided to SIGAR such as date of birth, age, security questions, IP addresses, passwords, financial data, educational, business, or volunteer affiliation.

Authority for maintenance of the system:

Presidential Memorandum to the Heads of Executive Departments and Agencies on Transparency and Open Government, January 21, 2009. OMB M-10-06, Open Government Directive, Dec. 8, 2009. OMB M-10-23, Guidance for Agency Use of Third-Party Web sites and Application, June 25, 2010.

Routine uses of records maintained in the system including categories of users and the purposes of such uses:

The purpose of this system is to allow SIGAR to interact with the public and provide additional transparency to the public through the use of social media. Registration information, username, comments, and suggestions made by the public on third party social networks where SIGAR has an official presence may be collected by third party social networks for registration or use of social media sites. Information and comments provided may be utilized by SIGAR to facilitate interaction with the public, to disseminate information regarding an upcoming event, to notify the public of an emergency or breaking news, or solicit feedback about SIGAR's programs. SIGAR may also respond to information received directly from individuals who provide feedback from social media outreach using alternate methods, such as an email directly to SIGAR.

Disclosures outside SIGAR may be made without the consent of the individual to whom the record pertains under the routine uses listed:

(1) (a) To any of the following entities or individuals, when the circumstances set forth in paragraph (b) are met:

(i) The U.S. Department of Justice (DOJ);

(ii) A court or an adjudicative or other administrative body;

(iii) A party in litigation before a court or an adjudicative or other administrative body; or

(iv) Any SIGAR employee acting in his or her individual capacity if SIGAR or DOJ has agreed to represent that employee or pay for private representation of the employee;

(b) When:

(i) One of the following is a party to the proceeding or has an interest in the proceeding:

(A) SIGAR or any component of SIGAR;

(B) Any other Federal agency appearing before the Office of Hearings and Appeals;

(C) Any SIGAR employee acting in his or her official capacity;

(D) Any SIGAR employee acting in his or her individual capacity if SIGAR or DOJ has agreed to represent that employee or pay for private representation of the employee;

(E) The United States, when DOJ determines that SIGAR is likely to be affected by the proceeding; and

(ii) SIGAR deems the disclosure to be:

(A) Relevant and necessary to the proceeding; and

(B) Compatible with the purpose for which the records were compiled.

(2) To a congressional office in response to a written inquiry that an individual covered by the system, or the heir of such individual if the covered individual is deceased, has made to the office.

(3) To the Executive Office of the President in response to an inquiry from that office made at the request of the subject of a record or a third party on that person's behalf, or for a purpose compatible for which the records are collected or maintained.

(4) To any criminal, civil, or regulatory law enforcement authority (whether Federal, state, territorial, local, Tribal or foreign) when a record, either alone or in conjunction with other information, indicates a violation or potential violation of law—criminal, civil, or regulatory in nature, and the disclosure is compatible with the purpose for which the records were compiled.

(5) To an official of another Federal agency to provide information needed in the performance of official duties related to reconciling or reconstructing data files or to enable that agency to respond to an inquiry by the individual to whom the record pertains.

(6) To Federal, state, territorial, local, Tribal, or foreign agencies that have requested information relevant or necessary to the hiring, firing or retention of an employee or contractor, or the issuance of a security clearance, license, contract, grant or other benefit, when the disclosure is compatible with the purpose for which the records were compiled.

(7) To representatives of the National Archives and Records Administration to conduct records management inspections under the authority of 44 U.S.C. 2904 and 2906.

(8) To state and local governments and Tribal organizations to provide information needed in response to court order and/or discovery purposes related to litigation, when the disclosure is compatible with the purpose for which the records were compiled.

(9) To an expert, consultant, or contractor (including employees of the contractor) of SIGAR that performs services requiring access to these records on SIGAR's behalf to carry out the purposes of the system.

(10) To appropriate agencies, entities, and persons when:

(a) It is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; and

(b) SIGAR has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interest, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by SIGAR or another agency or entity) that rely upon the compromised information; and

(c) The disclosure is made to such agencies, entities and persons who are reasonably necessary to assist in connection with SIGAR's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

(11) To the Office of Management and Budget during the coordination and clearance process in connection with

legislative affairs as mandated by OMB Circular A-19.

(12) To the Department of the Treasury to recover debts owed to the United States.

(13) To a consumer reporting agency if the disclosure requirements of the Debt Collection Act, as outlined at 31

U.S.C. 3711(e)(1), have been met.

(14) To the news media and the public, with the approval of the Public Affairs Officer in consultation with Counsel and the Senior Agency Official for Privacy, where there exists a legitimate public interest in the disclosure of the information, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy.

Policies and practices for storing, retrieving, accessing, and disposing of records in the system:

Storage:

Paper records are contained in file folders in file cabinets; electronic records are contained in removable drives, computers, email, and electronic databases.

Retrievability:

Information may be retrieved by full-text search, names, image, video, email address, user name, or date received.

Safeguards:

Paper records are maintained in locked cabinets and desks. Electronic records are controlled through established SIGAR computer center procedures (personnel screening and physical security), and they are password protected. Access is limited to those whose official duties require access to the records.

Retention and disposal:

Records are retained and disposed of in accordance with SIGAR social media proposed records schedule. The disposition is temporary, and records will be destroyed when no longer needed for agency business.

System manager and address:

Policy official is the Director for Communications and Congressional Relations, 2530 Crystal Drive, Arlington, VA 22202-3934.

Notification procedure:

Individuals seeking to determine whether information about themselves is contained in this system should address written inquiries to the Office of the Special Inspector General for Afghanistan Reconstruction, Headquarters, Privacy Act Officer, 2530 Crystal Drive, Arlington, VA 22202.

The request should include the requestor's complete name, time period for which records are sought, and the office location(s) where the requestor believes the records are located.

Record access procedures:

Individuals seeking access to information about themselves contained in this system should address written inquiries to the Director, Privacy, Records and Disclosure, Office of the Special Inspector General for Afghanistan Reconstruction, Headquarters, 2530 Crystal Drive, Arlington, VA 22202. The request should include the requestor's complete name, time period for which records are sought, and the office location(s) where the requestor believes the records are located.

Contesting record procedures:

Same as Notification Procedures above.

Record source categories:

Individuals who interact with SIGAR through social media networks or who communicate electronically with SIGAR in response to public outreach.

Exemptions claimed for the system:

None.

SIGAR-12

System name:

Internal Electronic Collaboration Tools.

System location:

Office of the Special Inspector General for Afghanistan Reconstruction (SIGAR), 9th Floor, 1550 Crystal Drive, Arlington, VA 22202-4135, and in SIGAR field offices in Afghanistan.

Categories of individuals covered by the system:

SIGAR employees, interns, contractors, consultants and detailees who are given access to the SIGAR network.

Categories of records in the system:

SIGAR user name, title, business and personal contact information, and organizational chart and hierarchy information. Those users who elect to participate in MySites will be able to publish additional personal information, such as personal photographs, information about their family status (such as whether they are married or have children), their hobbies, subject matter areas of SIGAR business about which they are knowledgeable, personal activities, notes, messages and other content. Also, the Internal Electronic Collaboration Tools will contain documents in electronic form covered by other SIGAR Privacy Act System of Record Notices.

Authority for maintenance of the system:

Public Law 110-181, Section 1229, National Defense Authorization Act for Fiscal Year 2008; 5 U.S.C. App. 3, Inspector General Act of 1978, as amended; 40 U.S.C. 524, Section 202(b), Federal Property and Administrative Services Act of 1949; and 5 U.S.C. Section 301, Government Organization and Employees.

Purpose(s):

The purpose of the new system of records is to enhance and improve efficiencies in the dissemination and exchange of information within SIGAR and allow colleagues to connect with each other. The internal electronic collaboration tools, utilizing the Microsoft SharePoint platform, will upgrade SIGAR's intranet, allow users to set up team collaboration workspaces, facilitate sharing of documents, policies and information, and allow limited social networking through the SharePoint “MySites” feature. The new intranet will include SIGAR policies, procedures, forms, organization charts, news clips, links to other sites that are helpful for staff members, and links to other SIGAR SharePoint sites containing shared documents and other information. The intranet will include content regarding program offices, services and support, and projects and activities. By connecting to a SIGAR network administration database, the intranet will display a directory of all SIGAR users, including titles, contact information and the photograph used for SIGAR credentials for all employees, interns, volunteers, consultants and contractors (collectively “users”). The MySites feature will allow SIGAR users to set up a personal profile, upload pictures, and publish content and messages that are similar to email. MySites also allows users to join groups, connect with colleagues and receive a newsfeed when new information is posted.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

The information in this system will be routinely used by SIGAR users to disseminate and share information, collaborate and communicate with each other with the goal of more efficiently conducting SIGAR business. Also, the Internal Electronic Collaboration Tools system will contain documents in electronic form covered by other System of Record Notices, and the routine uses for those System of Record Notices apply. In addition, information in this system may be disclosed in accordance with the blanket routine uses that appear in the SIGAR's Privacy Act Systems of Records Notices, see, e.g., 77 FR 22626 (April 16, 2012) and 77 FR 38363 (June 27, 2012).

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

Electronic records, including emails, spreadsheet, PDF files, other documents and content maintained in or through this system are stored on the SIGAR network and other electronic media as needed, such as encrypted hard drives and back-up media. Print-outs of records in the system are stored in file folders, binders, and similar filing methods.

Retrievability:

Records are retrieved by name of the employee, intern, consultant, or contractor who has access to the SIGAR network.

Safeguards:

Electronic records are controlled through established SIGAR computer center procedures (personnel screening and physical security), and are password protected. Access is limited to those whose official duties require access to the records.

Retention and disposal:

The records will be maintained and dispositioned in accordance with records disposition schedules approved by the National Archives and Records Administration.

System manager(s) and address:

Assistant Inspector General for Management and Support, 2530 Crystal Drive, Arlington, VA 22202-3934.

Notification procedure:

Individuals seeking to determine whether information about themselves is contained in this system should address written inquiries to the Director, Privacy, Records and Disclosure, Office of the Special Inspector General for Afghanistan Reconstruction, Headquarters, 2530 Crystal Drive, Arlington, VA 22202.

The request should include the requester's complete name, time period for which records are sought, and the office location(s) where the requester believes the records are located.

Record access procedures:

Individuals seeking access to information about themselves contained in this system should address written inquiries to Director, Privacy, Records and Disclosure, Office of Special Inspector General for Afghanistan Reconstruction, 2530 Crystal Drive, Arlington, VA 22202.

The request should include the requestor's complete name, time period for which records are sought, and the office location(s) where the requestor believes the records are located.

Contesting record procedures:

Same as Notification Procedures above.

Exemptions claimed for the system:

The Internal Electronic Collaboration Tools system will contain documents in electronic form covered by other System of Record Notices, and the exemptions for those Systems of Record Notices apply.

[FR Doc. 2012-19006 Filed 8-2-12; 8:45 am]

BILLING CODE 3710-L9-P