Privacy Act of 1974; Systems of Records

#  Privacy Act of 1974; Systems of Records

**AGENCY:**

Office of the Departmental Chief Information Officer, Office of the Secretary of Transportation, DOT.

**ACTION:**

Notice of a modified system of records and rescindment of a system of records notice.

**SUMMARY:**

In accordance with the Privacy Act of 1974, the Department of Transportation (DOT) intends to modify and re-issue a DOT Federal Aviation Administration (FAA) system of records notice titled, “DOT/FAA 830—Representatives of the Administrator.” This system of records notice (hereafter referred to as “Notice”) covers FAA records collected and maintained in support of FAA's management and oversight of individuals applying to become or are Representatives of the Administrator “designees.” Modification of DOT/FAA 830 is necessary due to changes and consolidation of the systems and processes used to manage designee programs.

**DATES:**

Written comments should be submitted on or before 30 days from the date of publication of this notice. The Department may publish an amended Notice to address any comments received. This modified system of records will be effective 30 days after publication of this notice and the DOT/FAA 822 rescinded upon publication of this notice.

**ADDRESSES:**

You may submit comments, identified by docket number DOT-OST-2021-0041 by any of the following methods:

• *Federal e-Rulemaking Portal: http://www.regulations.gov.* Follow the instructions for submitting comments.

• *Mail:* Docket Management Facility, U.S. Department of Transportation, 1200 New Jersey Ave. SE. West Building Ground Floor, Room W12-140, Washington, DC 20590-0001.

• *Hand Delivery or Courier:* West Building Ground Floor, Room W12-140, 1200 New Jersey Ave. SE, between 9 a.m. and 5 p.m. ET, Monday through Friday, except Federal holidays.

• *Fax:* (202) 493-2251.

• *Instructions:* You must include the agency name and docket number DOT-OST-2021-0041.

• All comments received will be posted without change to *http://www.regulations.gov,* including any personal information provided.

*Privacy Act:* Anyone is able to search the electronic form of all comments received in any of our dockets by the name of the individual submitting the comment (or signing the comment, if submitted on behalf of an association, business, labor union, etc.). You may review the DOT's complete Privacy Act statement in the *Federal Register* published on January 17, 2008 (73 FR 3316-3317), or you may visit *http://DocketsInfo.dot.gov.*

*Docket:* For access to the docket to read background documents or comments received, go to *http://www.regulations.gov* or to the street address listed above. Follow the online instructions for accessing the docket.

**FOR FURTHER INFORMATION CONTACT:**

For questions, please contact Karyn Gorman, Acting Departmental Chief Privacy Officer, Privacy Office, Department of Transportation, Washington, DC 20590; *[email protected];* or 202-366-3140.

**SUPPLEMENTARY INFORMATION:**

**Designees**

Designees are representatives of the FAA who are authorized to perform certification-related tasks on behalf of the FAA Administrator. In accordance with section 44702 of title 49, United States Code, the FAA may delegate to a qualified private person a matter related to issuing certificates, or related to the examination, testing, and inspection necessary to issue a certificate on behalf of the FAA Administrator as authorized by statute.

**Rescindment of DOT/FAA 822, Aviation Medical Examiner System**

FAA intends to rescind DOT/FAA 822—Aviation Medical Examiner System, (65 FR 19522, April 11, 2000) and incorporate records covered under that notice within the scope of DOT/FAA 830. The rescindment and incorporation is appropriate because the FAA has integrated the management and oversight of the Aviation Medical Examiner (AME) program with that of other designees. These programs are managed using the same FAA policy and information system, and have common processes. Consolidation of the Notices ensures consistency in the Privacy Act management of all designee records.

**Notice Updates**

This Notice updates the system location, system manager, categories of individuals, categories of records, the record source categories, the routine uses of records maintained in the system, policies and practices for storage of records, policies and practices  for retrieval of records, policies and practices for retention and disposal of records, administrative, technical and physical safeguards, record access procedures, contesting record procedures, notification procedures, and the history section.

The updates include substantive changes, non-substantive changes, or information that clarifies content in the previously published Notice. Updates include editorial changes to simplify and clarify the language, formatting, and text of the previously published Notice to align with the requirements of Office of Management and Budget Memoranda (OMB) A-108 and to ensure consistency with other Notices issued by the Department of Transportation.

**I. Background**

In accordance with the Privacy Act of 1974, DOT proposes to modify and re-issue a Department of Transportation system of record notice titled, “Department of Transportation, Federal Aviation Administration, DOT/FAA—830 Representatives of the Administrator.” This Notice covers information required in connection with applications for and issuance of authorizations to be Representatives of the Administrator, authorized by section 49 of title 49, United States Code. Additionally, the Department proposes to rescind “DOT/FAA 822—Aviation Medical Examiner System.” and incorporate these records into DOT/FAA—830, Representatives of the Administrator. The following substantive changes have been made to the Notice:

1. *Purpose:* The purpose section has been updated to explicitly include making designee information available to the public. The FAA authorizes designees to perform functions on behalf of the Department and requires members of the public to use the services of authorized designees to obtain certain certifications such as aircraft inspections, pilot licenses, etc.

2. *System Location:* To support standardized processing of designee certification tasks and to improve efficiencies in system management and operations, the FAA centralized all designee systems at the Mike Monroney Aeronautical Center. The previously published SORN identified multiple offices for the system location. All records covered the Notice are maintained at the Federal Aviation Administration, Mike Monroney Aeronautical Center, P.O. Box 25082, Oklahoma City, Oklahoma 73125.

3. *System Manager:* This Notice updates the system manager to reflect the change in the system owner from the Designees Standardization Branch (AFS-640) to the Delegation Program Branch (AFS-620).

4. *Categories of Individuals:* The categories of individuals were updated to reflect designee applicants, current designees, and former designees. The previously published SORN expressly identified several types of designees, and listed them by name. This Notices uses the single term “designees” to cover all individuals defined as such under 49 U.S.C. 44702. The categories of individuals include designee applicants, current designees and former designees for all designee types. Aviation Medical Examiners (AME), including private civilian physicians, selected United States military flight surgeons, and selected United States Federal medical officers designated as AMEs under FAA regulations and previously covered under DOT/FAA 822, are included within the definition of “designee”.

5. *Categories of Records:* The categories of records have been updated to reflect that the system no longer collects or maintains social security numbers (SSNs). SSNs are no longer needed and were deleted from electronic records and redacted from paper records consistent with strong privacy protection practices and statutory and OMB requirements to reduce the unnecessary collection, use, and maintenance of SSNs.

6. *Records Source:* This Notice updates clarifies that information maintained in the system of records is collected directly from individuals identified as designees during the application, designation, and appointment process. Information on civilian AMEs may be validated against information held by the Federation of State Medical Boards of the United States. The FAA retains only the outcome of the check and not the source information held by the Medical Boards. Inclusion of this record source in this Notice is not a material change for AMEs previously covered by DOT/FAA 822.

7. *Routine Uses:* This Notice modifies the exiting routine use permitting sharing of designee information with members of the public to include the designee's authorization. The routine use now permits the FAA to share with “members of the public, the names, addresses, and authorizations of those designees who provide FAA certification services to solicit and retain designee for such services.” Its inclusion in this notice does not constitute a substantive change for the AME population as the routine use is consistent with the purposes of collection because the purpose of designee certification is to certify individuals authorized to act on behalf of the FAA.

This Notice also includes the Department of Transportation's general routine uses applicable to this Notice as they were previously only incorporated by reference. OMB Circular A-108 recommends that agencies include all routine uses in one notice rather than incorporating general routine uses by reference; therefore, the Department is replacing the statement in DOT/FAA 830 that referenced the “Statement of General Routine Uses” with all of the general routine uses that apply to this system of records. This update does not substantially affect any of the routine uses for records maintained in this system.

8. *Records Storage:* This Notice updates the policies and practices for the storage of records to reflect that records previously stored on microfiche, microfilm, and electronic optical storage have been digitized and are stored along with all new records in an electronic database. Hard copy and electronic records are maintained in a secure facility.

9. *Records Retrieval:* This Notice updates the policies and practices for the retrieval of records to reflect that all current and former designees and designee applicants are searched and located by name, designee number, and/or airman certificate number of the designee. SSN has been removed as a method of retrieval in both hard copy and electronic records. The SSNs are no longer needed and were deleted from electronic records and redacted from paper record.

10. *Retention and Disposal:* This Notice updates the policies and practices for retention and disposal of records section to include a new proposed records retention and disposition schedule for all designee case files (including AMEs). The stated retention period in the previously published stated that designee records are maintained for 5 years after the designation became inactive, or when no longer needed; AME records maintained under DOT/FAA 830 were maintained for 25 years following a designee's inactive status. FAA has submitted a new records retention and disposition schedule to the National Archives and Records Administration (NARA) in which it proposes to retain all designee records for 25 years following the designee's inactive status. The expansion of the retention period for non-AME designees is necessitated by FAA's need to retain records in support of investigations and to limit unnecessary duplication of records  collection activities and ensure comprehensive check of designee history when inactive designees seek reappointment. The inclusion of the 25-year retention period is not a material change for those designees previously covered by DOT/FAA 830.

The following non-substantive changes to the, record access and contesting records, and notifications procedures, have been made to improve the transparency and readability of the Notice:

11. *Records Access:* This Notice updates the record access procedures to reflect that signatures on signed requests for records must either be notarized or accompanied by a statement made under penalty of perjury in compliance with 28 U.S.C. 1746.

12. *Contesting Records:* This Notice updates the procedures for contesting records to refer the reader to the record access procedures section. The purpose of this non-substantive update is to align with the requirements of OMB Memoranda A-108 and for consistency with other DOT/FAA SORNs.

13. *Notifications:* This Notice updates the notification procedures to refer the reader to the record access procedures section. The purpose of this non-substantive update is to align with the requirements of OMB Memoranda A-108 and for consistency with other DOT/FAA SORNs.

**II. Privacy Act**

The Privacy Act (5 U.S.C. 552a) governs the means by which the Federal Government collects, maintains, and uses personally identifiable information (PII) in a System of Records. A “System of Records” is a group of any records under the control of a Federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish in the *Federal Register* a System of Records Notice (SORN) identifying and describing each System of Records the agency maintains, including the purposes for which the agency uses PII in the system, the routine uses for which the agency discloses such information outside the agency, and how individuals to whom a Privacy Act record pertains can exercise their rights under the Privacy Act ( *e.g.,* to determine if the system contains information about them and to contest inaccurate information). In accordance with 5 U.S.C. 552a(r), DOT has provided a report of this system of records to the Office of Management and Budget and to Congress.

**SYSTEM NAME AND NUMBER:**

Department of Transportation (DOT)/Federal Aviation Administration (FAA) 830 Representatives of the Administrator.

**SECURITY CLASSIFICATION:**

Unclassified, sensitive.

**SYSTEM LOCATION:**

Federal Aviation Administration, Mike Monroney Aeronautical Center, P.O. Box 25082, Oklahoma City, Oklahoma 73125.

**SYSTEM MANAGER:**

System Stewart, Delegation Program Branch (AFS-620), *https://av-info.faa.gov/Feedback/,* Federal Aviation Administration, Mike Monroney Aeronautical Center, P.O. Box 25082, Oklahoma City, Oklahoma 73125.

**AUTHORITY FOR MAINTENANCE OF THE SYSTEM:**

49 U.S.C. 40101, 40113, 44701, 44702, and 44703.

**PURPOSE(S) OF THE SYSTEM:**

The purpose of this system of records is to centralize designee information and to facilitate the FAA's standardization of designee qualifications by tracking training, accomplishments and limitations of current designees, and to determine professional qualifications and designation authorization (initial and subsequent) of the same. The system of records collects personal information from applications seeking designation by the FAA Administrator. The information maintained in this system of records is used to identify a list of applicants for future appointment as necessary, to validate records, and to approve new designees. The information is also used to maintain and make available to the public a list of designees who provide services.

**CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:**

Designee applicants, current designees, and former designees.

**CATEGORIES OF RECORDS IN THE SYSTEM:**

Categories of records maintained in this system include but are not limited to names, dates and places of birth, gender, citizenship, and personal contact information (mailing address, telephone number, and email address); business contact information (mailing address, telephone number, and email address); unique identifier numbers (including designation numbers, certificate numbers, and credential numbers); applications for designee status (including records of qualification and certifications); records that include information regarding appointments, training, renewals, terminations, employment history and monitoring of the designee's performance.

**RECORD SOURCE CATEGORIES:**

Information is collected directly from the individuals during the application, designation and appointment process. Additional background information on civilian AMEs may be validated by the Federation of State Medical Boards of the United States.

**ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:**

In addition to other disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DOT as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

*System Specific Routine Uses*

1. To disclose to members of the public the names, official addresses, and authorizations of those designees who provide FAA certification services, in order to solicit and retain designees for such services.

*Departmental Routine Uses*

2. In the event that a system of records maintained by DOT to carry out its functions indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to the appropriate agency, whether Federal, State, local or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto.

3. A record from this system of records may be disclosed, as a routine use, to a Federal, State, or local agency maintaining civil, criminal, or other relevant enforcement information or other pertinent information, such as current licenses, if necessary to obtain information relevant to a DOT decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant, or other benefit.

4. A record from this system of records may be disclosed, as a routine use, to a Federal agency, in response to its request, in connection with the hiring or retention of an employee, the  issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.

5a. Routine Use for Disclosure for Use in Litigation. It shall be a routine use of the records in this system of records to disclose them to the Department of Justice or other Federal agency conducting litigation when (a) DOT, or any agency thereof, or (b) Any employee of DOT or any agency thereof, in his/her official capacity, or (c) Any employee of DOT or any agency thereof, in his/her individual capacity where the Department of Justice has agreed to represent the employee, or (d) The United States or any agency thereof, where DOT determines that litigation is likely to affect the United States, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice or other Federal agency conducting the litigation is deemed by DOT to be relevant and necessary in the litigation, provided, however, that in each case, DOT determines that disclosure of the records in the litigation is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

5b. Routine Use for Agency Disclosure in Other Proceedings. It shall be a routine use of records in this system to disclose them in proceedings before any court or adjudicative or administrative body before which DOT or any agency thereof, appears, when (a) DOT, or any agency thereof, or (b) Any employee of DOT or any agency thereof in his/her official capacity, or (c) Any employee of DOT or any agency thereof in his/her individual capacity where DOT has agreed to represent the employee, or (d) The United States or any agency thereof, where DOT determines that the proceeding is likely to affect the United States, is a party to the proceeding or has an interest in such proceeding, and DOT determines that use of such records is relevant and necessary in the proceeding provided, however that in each case, DOT determines that disclosure of the records in the proceeding is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

6. The information contained in this system of records will be disclosed to the Office of Management and Budget, OMB in connection with the review of private relief legislation as set forth in OMB Circular No. A-19 at any stage of the legislative coordination and clearance process as set forth in that Circular.

7. Disclosure may be made to a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual. In such cases, however, the Congressional office does not have greater rights to records than the individual. Thus, the disclosure may be withheld from delivery to the individual where the file contains investigative or actual information or other materials which are being used, or are expected to be used, to support prosecution or fines against the individual for violations of a statute, or of regulations of the Department based on statutory authority. No such limitations apply to records requested for Congressional oversight or legislative purposes; release is authorized under 49 CFR 10.35(9).

8. One or more records from a system of records may be disclosed routinely to the National Archives and Records Administration in records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906.

9. A record from this system of records may be disclosed as a routine use to the Coast Guard and to the Transportation Security Administration (TSA) if information from this system was shared with either agency when that agency was a component of the Department of Transportation before its transfer to the Department of Homeland Security and such disclosure is necessary to accomplish a DOT, TSA, or Coast Guard function related to this system of records.

10. DOT may make available to another agency or instrumentality of any government jurisdiction, including State and local governments, listings of names from any system of records in DOT for use in law enforcement activities, either civil or criminal, or to expose fraudulent claims, regardless of the stated purpose for the collection of the information in the system of records. These enforcement activities are generally referred to as matching programs because two lists of names are checked for match using automated assistance. This routine use is advisory in nature and does not offer unrestricted access to systems of records for such law enforcement and related antifraud activities. Each request will be considered on the basis of its purpose, merits, cost effectiveness and alternatives using Instructions on reporting computer matching programs to the Office of Management and Budget, OMB, Congress, and the public, published by the Director, OMB, dated September 20, 1989.

11. It shall be a routine use of the information in any DOT system of records to provide to the Attorney General of the United States, or his/her designee, information indicating that a person meets any of the disqualifications for receipt, possession, shipment, or transport of a firearm under the Brady Handgun Violence Prevention Act. In case of a dispute concerning the validity of the information provided by DOT to the Attorney General, or his/her designee, it shall be a routine use of the information in any DOT system of records to make any disclosures of such information to the National Background Information Check System, established by the Brady Handgun Violence Prevention Act, as may be necessary to resolve such dispute

12a. It shall be a routine use to disclose to appropriate agencies, entities, and persons when (1) DOT suspects or has confirmed that there has been a breach of the system of records; (2) DOT has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOT (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOT's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

12b. DOT may disclose records from a system or records to another Federal agency or Federal entity, when DOT determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, their recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

13. DOT may disclose records from this system, as a routine use, to the Office of Government Information Services for the purpose of (a) resolving disputes between FOIA requesters and Federal agencies and (b) reviewing agencies' policies, procedures, and compliance in order to recommend policy changes to Congress and the President.

14. DOT may disclose records from this system, as a routine use, to contractors and their agents, experts,  consultants, and others performing or working on a contract, service, cooperative agreement, or other assignment for DOT, when necessary to accomplish an agency function related to this system of records.

15. DOT may disclose records from this system, as a routine use, to an agency, organization, or individual for the purpose of performing audit or oversight operations related to this system of records, but only such records as are necessary and relevant to the audit or oversight activity. This routine use does not apply to intra-agency sharing authorized under section (b)(1) of the Privacy Act.

16. DOT may disclose from this system, as a routine use, records consisting of, or relating to, terrorism information (6 U.S.C. 485(a)(5)), homeland security information (6 U.S.C. 482(f)(1)), or Law enforcement information (Guideline 2 Report attached to White House Memorandum, “Information Sharing Environment”, November 22, 2006) to a federal, state, local, tribal, territorial, foreign government and/or multinational agency, either in response to its request or upon the initiative of the Component, for purposes of sharing such information as is necessary and relevant for the agencies to detect, prevent, disrupt, preempt, and mitigate the effects of terrorist activities against the territory, people, and interests of the United States of America, as contemplated by the Intelligence Reform and Terrorism Prevention Act of 2004 (Pub. L. 108-458) and Executive Order 13388 (October 25, 2005).

**POLICIES AND PRACTICES FOR STORAGE OF RECORDS:**

Records in this system of records are stored in hard copy format in a secure facility and in an electronic database system.

**POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:**

Records in this system are primarily retrieved by name, designee number, and airman certificate number of the individual on whom the records are maintained.

**POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:**

The FAA will maintain records for 25 years following the designee's inactive status. The FAA will retain records in this system of records as permanent records until it receives an approval of record disposition authority from NARA, pursuant to 36 CFR 1225.16 and 1225.18.

**ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:**

Records in this system are safeguarded in accordance with applicable rules and policies, including all applicable DOT automated systems security and access policies. Strict controls have been imposed to minimize the risk of compromising the information that is being stored. Access to records in this system is limited to those individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances or permissions.

**RECORD ACCESS PROCEDURES:**

Individuals seeking notification of whether this system of records contains information about them may contact the System Manager at the address provided in the section “System Manager”. When seeking records about yourself from this system of records or any other Departmental system of records, your request must conform to the Privacy Act regulations set forth in 49 CFR part 10. You must sign your request and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. If your request is seeking records pertaining to another living individual, you must include a statement from that individual certifying his/her agreement for you to access his/her records.

**CONTESTING RECORD PROCEDURES:**

See “Record Access Procedures” above.

**NOTIFICATION PROCEDURES:**

See “Record Access Procedures” above.

**EXEMPTIONS PROMULGATED FOR THE SYSTEM:**

None.

**HISTORY:**

A full notice of this system of records, DOT/FAA 830—Representatives of the Administrator was published in the *Federal Register* on April 11, 2000 (65 FR 19525). A full notice of DOT/FAA 822 Aviation Medical Examiner System was published on April 11, 2000 (65 FR 19522).

Issued in Washington, DC.

Karyn Gorman,

Acting Departmental Chief Privacy Officer.