Skip to Content

We invite you to try out our new beta eCFR site at We’ve made big changes to make the eCFR easier to use. Be sure to leave feedback using the 'Feedback' button on the bottom right of each page!


Privacy Act of 1974, as Amended

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


Bureau of Consumer Financial Protection.


Notice of a Revised Privacy Act System of Records.


In accordance with the Privacy Act of 1974, as amended, the Bureau of Consumer Financial Start Printed Page 59387Protection, hereinto referred to as the Consumer Financial Protection Bureau (“CFPB” or the “Bureau”), gives notice of the establishment of a revised Privacy Act System of Records.


Comments must be received no later than October 29, 2012. The new system of records will be effective November 6, 2012, unless the comments received result in a contrary determination.


You may submit comments by any of the following methods:

  • Electronic:
  • Mail or Hand Delivery/Courier: Claire Stapleton, Chief Privacy Officer, Consumer Financial Protection Bureau, 1700 G Street NW., Washington, DC 20552.

Comments will be available for public inspection and copying at 1700 G Street NW., Washington, DC 20552, on official business days between the hours of 10 a.m. and 5 p.m. Eastern Time. You can make an appointment to inspect comments by telephoning (202) 435-7220. All comments, including attachments and other supporting materials, will become part of the public record and subject to public disclosure. You should submit only information that you wish to make available publicly.

Start Further Info


Claire Stapleton, Chief Privacy Officer, Consumer Financial Protection Bureau 1700 G Street NW., Washington, DC 20552, (202) 435-7220.

End Further Info End Preamble Start Supplemental Information


The CFPB revises its Privacy Act System of Records Notice (“SORN”) “CFPB.0013—CFPB External Contact Database.” In revising this SORN, the CFPB is expanding its system of records to include photographs of CFPB employees and members of the public who attend a CFPB sponsored event or an event where the CFPB is participating. In addition, a new routine use is being added to authorize the CFPB to disclose PII from the system in the form of photographs to the general public through photographs on the CFPB's Web site, blog postings and other social media, in reports, and in other publications used to promote the CFPB and to support internal communications. Additionally, this notice includes non-substantive changes to the text of the Categories of Individuals, Categories of Records, and Routine Uses of Records Maintained in the System.

The Dodd-Frank Wall Street Reform and Consumer Protection Act (“Act”), Public Law 111-203, Title X, established the CFPB to administer and enforce federal consumer financial protection law. The CFPB will maintain the records covered by this notice.

The report of the revised system of records has been submitted to the Committee on Oversight and Government Reform of the House of Representatives, the Committee on Homeland Security and Governmental Affairs of the Senate, and the Office of Management and Budget, pursuant to Appendix I to OMB Circular A-130, “Federal Agency Responsibilities for Maintaining Records About Individuals,” dated November 30, 2000,[1] and the Privacy Act, 5 U.S.C. 552a(r).

The revised system of records entitled “CFPB.013—CFPB External Contact Database” is published in its entirety below.

Start Signature

Dated: September 21, 2012.

Claire Stapleton,

Chief Privacy Officer, Bureau of Consumer Financial Protection.

End Signature


System Name:

CFPB External Contact Database.

System Location:

Consumer Financial Protection Bureau, 1700 G Street NW., Washington DC, 20552.

Categories of individuals covered by the system:

Individuals covered by this system include all individuals involved in CFPB communications with external affairs related activities including: (1) Media representatives (including, without limitations, newspaper, magazine, radio or television station, wire service, internet or any other form of media) who request interviews or meetings with the CFPB staff; (2) individuals who accompany the CFPB staff on official travel; (3) CFPB employees or members of the public attending a CFPB sponsored event, work activity, or an event in which the CFPB participated; (4) individuals who request building passes for access to the CFPB facility (including, without limitations, media representatives, correspondents, technicians, and/or producers); (5) individuals who request information from the CFPB Communications Office concerning specific issues and/or topics; (6) individuals who have been contacted for media events, interviews or meetings, occasions, invitations, travel opportunities or the placement of articles; (7) individuals on the mailing list for the CFPB speeches or updates; (8) individuals who request the CFPB accept a speaking engagement, accept an honor, attend a function, or request information about the CFPB, and its mission and/or policies, etc.; (9) individuals who have participated in a survey or focus group sponsored by the CFPB; (10) CFPB contacts of nongovernmental organizations throughout the United States (media, external affairs, educational, etc.); (11) officials of federal, state, and local governments; (12) assignment information of current and former CFPB staff; (13) CFPB staff authorized to perform domestic speaking/media engagements; and (14) CFPB staff involved in external affairs related communications.

Categories of records in the system:

Records in the system will include information related to communications with external affairs contacts. Such records include without limitation: (1) Contact information (name, business phone number, email address) for individuals who are involved in the operation of the CFPB's external affairs activities; (2) domestic travel records, including dates, places visited and purpose of trip, biographies, speaking engagements, and interviews; (3) communications between CFPB staff and individuals representing the media, non-profits, academia, and the private sector; (4) photographs of CFPB employees and members of the public attending a CFPB sponsored event or an event in which the CFPB participated; (5) information necessary to obtain entry into CFPB facility, such as name, address, telephone number, date of birth, Social Security numbers, state of citizenship; (6) press releases; (7) names of local media organizations, non-profit, academia, and private sector organizations; (8) information on CFPB staff who ask the CFPB for permission to publish information about themselves or articles they have authored; (9) information on individuals who have participated in either a survey or focus group sponsored by the CFPB; (10) invitations sent to the CFPB to participate in or attend a speaking engagement, including the names of requesters and/or the organizations they represent, phone numbers, email addresses, assigned action officials and status; (11) automated and hard copy travel records, usually containing names, titles, addresses, organizations, Start Printed Page 59388telephone/fax/internet numbers, when necessary for travel documents.

Authority for maintenance of the system:

Public Law 111-203, Title X, sections 1011, 1012, 1021, codified at 12 U.S.C. 5491, 5492, 5511.


The purpose of the system is to enable the CFPB to communicate with the American public about its mission and activities. The information will be used to facilitate the CFPB's activities, including external contacts with the media, non-profits, academia, and the private sector. The information collected will also facilitate CFPB events and press conferences.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

These records may be disclosed, consistent with the CFPB Disclosure of Records and Information Rules promulgated at 12 CFR part 1070 et seq. to:

(1) Appropriate agencies, entities, and persons when: (a) The CFPB suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (b) the CFPB has determined that, as a result of the suspected or confirmed compromise, there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the CFPB or another agency or entity) that rely upon the compromised information; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the CFPB's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm;

(2) Another federal or state agency to (a) permit a decision as to access, amendment or correction of records to be made in consultation with or by that agency, or (b) verify the identity of an individual or the accuracy of information submitted by an individual who has requested access to or amendment or correction of records;

(3) To the Office of the President in response to an inquiry from that office made at the request of the subject of a record or a third party on that person's behalf;

(4) Congressional offices in response to an inquiry made at the request of the individual to whom the record pertains;

(5) Contractors, agents, or other authorized individuals performing work on a contract, service, cooperative agreement, job, or other activity on behalf of the CFPB or Federal Government and who have a need to access the information in the performance of their duties or activities;

(6) The U.S. Department of Justice (“DOJ”) for its use in providing legal advice to the CFPB or in representing the CFPB in a proceeding before a court, adjudicative body, or other administrative body before which the CFPB is authorized to appear, where the use of such information by the DOJ is deemed by the CFPB to be relevant and necessary to the litigation, and such proceeding names as a party or interests:

(a) The CFPB;

(b) Any employee of the CFPB in his or her official capacity;

(c) Any employee of the CFPB in his or her individual capacity where DOJ has agreed to represent the employee; or

(d) The United States, where the CFPB determines that litigation is likely to affect the CFPB or any of its components;

(7) A court, magistrate, or administrative tribunal in the course of an administrative proceeding or judicial proceeding, including disclosures to opposing counsel or witnesses (including expert witnesses) in the course of discovery or other pre-hearing exchanges of information, litigation, or settlement negotiations, where relevant or potentially relevant to a proceeding, or in connection with criminal law proceedings;

(8) A grand jury pursuant either to a federal or state grand jury subpoena, or to a prosecution request that such record be released for the purpose of its introduction to a grand jury, where the subpoena or request has been specifically approved by a court. In those cases where the Federal Government is not a party to the proceeding, records may be disclosed if a subpoena has been signed by a judge;

(9) Appropriate agencies, entities, and persons, to the extent necessary to secure information relevant to the CFPB's external affairs activities, including external contacts with the media, non-profits, academia, and the private sector;

(10) Members of the media, federal, state, and local government officials or other recipients of the CFPB's external affairs communications to inform them about attendees and invited guests of the CFPB media events and press briefings; and

(11) To the public, members of the media, federal, state, and local government officials, or other recipients of CFPB reports, viewers of the CFPB's Web site, blog postings, and other social media, and recipients of other public relations materials issued by the CFPB about the activities of the CFPB.

Policies and practices for storing, retrieving, accessing, retaining, and dispensing of records in the system:


Paper and electronic records.


Records are retrievable by the name of the individual or organization, date of event or date of received inquiry or request, or assigned file number, email address or by some combination thereof.


Access to electronic records is restricted to authorized personnel who have been issued non-transferrable access codes and passwords. Other records are maintained in locked file cabinets or rooms with access limited to those personnel whose official duties require access.

Retention and disposal:

The CFPB will maintain electronic and paper records indefinitely until the National Archives and Records Administration (NARA) approves the CFPB's records disposition schedule.

System manager(s) and address:

Consumer Financial Protection Bureau, Media Relations Officer, 1700 G Street NW., Washington, DC 20552.

Notification procedure:

Individuals seeking notification and access to any record contained in this system of records, or seeking to contest its content, may inquire in writing in accordance with instructions appearing in Title 12, Chapter 10 of the CFR, “Disclosure of Records and Information.” Address such requests to: Chief Privacy Officer, Bureau of Consumer Financial Protection, 1700 G Street NW., Washington, DC 20552.

Record access procedures:

See “Notification Procedures” above.

Contesting record procedures:

See “Notification Procedures” above.

Record source categories:

Information in this system is obtained directly from the individual who is the subject of these records, and/or the agency or organization that the individual represents; and the CFPB staff involved in the external affairs operations.

Exemptions claimed for the system:


End Supplemental Information


1.  Although pursuant to Section 1017(a)(4)E, of the Consumer Financial Protection Act, Public Law 111-203, the CFPB is not required to comply with OMB-issued guidance, it voluntarily follows OMB privacy-related guidance as a best practice and to facilitate cooperation and collaboration with other agencies.

Back to Citation

[FR Doc. 2012-23756 Filed 9-26-12; 8:45 am]