Privacy Act of 1974; System of Records

#  Privacy Act of 1974; System of Records

**AGENCY:**

Federal Energy Regulatory Commission (FERC), DOE.

**ACTION:**

Notice of a modified system of records.

**SUMMARY:**

In accordance with the Privacy Act of 1974, all agencies are required to publish in the *Federal Register* a notice of their systems of records. Notice is hereby given that the Federal Energy Regulatory Commission (FERC) is publishing a notice of modifications to an existing FERC system of records titled “ *Department of Energy (DOE) Inspector General Investigative Records Relating to the Federal Energy Regulatory Commission (FERC-48)* ”.

**DATES:**

Comments on this modified system of records must be received no later than 30 days after date of publication in the *Federal Register* . If no public comment is received during the period allowed for comment or unless otherwise published in the *Federal Register* by FERC, the modified system of records will become effective a minimum of 30 days after date of publication in the *Federal Register* . If FERC receives public comments, FERC shall review the comments to determine whether any changes to the notice are necessary.

**ADDRESSES:**

Comments may be submitted in writing to Federal Energy Regulatory Commission, 888 First Street NE, Washington, DC 20426, or electronically to *[email protected].* Comments should indicate that they are submitted in response to “Department of Energy (DOE) Inspector General Investigative Records Relating to the Federal Energy Regulatory Commission (FERC-48)”.

**FOR FURTHER INFORMATION CONTACT:**

Mittal Desai, Chief Information Officer & Senior Agency Official for Privacy, Office of the Executive Director, Federal Energy Regulatory Commission, 888 First Street NE, Washington, DC 20426, (202) 502-6432.

**SUPPLEMENTARY INFORMATION:**

In accordance with the Privacy Act of 1974, and to comply with the Office of Management and Budget (OMB) Memorandum M-17-12, *Preparing for and Responding to a Breach of Personally Identifiable Information,* January 3, 2017, this notice has nineteen (19) routine uses, including twelve new  routine uses, two of which will permit FERC to disclose information as necessary in response to an actual or suspected breach that pertains to a breach of its own records or to assist another agency in its efforts to respond to a breach that was previously published separately at 87 FR 35543 (June 10, 2022).

The following sections have been updated to reflect changes made since the publication of the last notice in the *Federal Register* : dates; addresses; for further contact information; system location; system manager; authority for maintenance of the system; purpose of the system; categories of individuals covered by the system; categories of records in the system; record source categories; routine uses of records maintained in the system, including categories of users and the purpose of such; policies and practices for storage of records; policies and practices for retrieval of records; policies and practices for retention and disposal of records; administrative, technical, physical safeguards; records access procedures; contesting records procedures; notification procedures; and history.

**SYSTEM NAME AND NUMBER:**

Department of Energy (DOE) Inspector General Investigative Records Relating to the Federal Energy Regulatory Commission (FERC-48).

**SECURITY CLASSIFICATION:**

Unclassified.

**SYSTEM LOCATION:**

Federal Energy Regulatory Commission, Chief Security Officer Directorate, Office of the Executive Director, 888 First Street NE, Washington, DC 20426.

**SYSTEM MANAGER(S):**

Security Specialist, Chief Security Officer Directorate, Office of the Executive Director, Federal Energy Regulatory Commission, 888 First Street NE, Washington, DC 20426.

**AUTHORITY FOR MAINTENANCE OF THE SYSTEM:**

Public Law 95-452, as amended; 5 U.S.C. 401-424.

**PURPOSE(S) OF THE SYSTEM:**

The system is used to collect and maintain records concerning FERC investigations and documentation on investigations conducted by the DOE Inspector General. FERC uses the system to manage referrals to and from DOE Inspector General; and to provide authorized assistance to lawful administrative, civil, counterintelligence, and criminal investigations.

**CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:**

The following categories of individuals are covered by this system: present and former FERC employees, contractors, assignees, interns, visitors, and guests. In addition, persons who report concerns, witnesses, relatives, or parties who have been identified by DOE Inspector General for further investigation, and individuals with other relevant personal associations with FERC insider are covered by the system of records notice.

**CATEGORIES OF RECORDS IN THE SYSTEM:**

Records include: full name, title, office, type of violation, laptop assignment number, IP address, case name, time and attendance records, building access logs, contact information, correspondence relevant to the investigation; internal staff correspondence, subpoenas issued during the investigation, affidavits, statements from witnesses, transcripts of testimony taken in the course of the investigation and accompanying exhibits; documents and records or copies obtained during the investigation; working papers of the staff and other documents and records relating to the investigation; opening reports, progress reports and closing reports; and any other information gathered in the course of or relating to an inquiry, review, inspection, or investigation of a criminal, civil, or administrative nature.

**RECORD SOURCE CATEGORIES:**

Records are obtained from (1) software that monitors FERC's user's activity on U.S. Government computer networks; (2) information supplied by individuals to FERC or by the individual's employer; (3) information provided to FERC to gain access to FERC facilities, information, equipment, networks, or systems; (4) publicly available information obtained from open source platforms, including publicly available social media; (5) any departmental records for which the individual has been granted authorized access to; (6) any federal, state, tribal, local government, or private sector records for which the individual has been given authorized access to; (7) individuals who are the subject of the investigation or inquiry, employer, law enforcement organizations, and detention facilities; (8) individuals including, where practicable, those to whom the information relates; (9) witnesses, corporations and other entities; (10) records of individuals and of the Commission; (11) records of other entities; (12) Federal, foreign, state or local bodies and law enforcement agencies; (13) documents, correspondence relating to litigation, and transcripts of testimony; and (14) miscellaneous other sources. FERC also receives tips and leads by other means, such as email or telephone.

**ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:**

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, information maintained in this system may be disclosed to authorized entities outside FERC for purposes determined to be relevant and necessary as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. To appropriate agencies, entities, and persons when (1) FERC suspects or has confirmed that there has been a breach of the system of records; (2) FERC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Commission (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Commission's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

2. To another Federal agency or Federal entity, when FERC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

3. To a congressional office from the record of an individual in response to an inquiry from that congressional office made at the request of that individual.

4. To the Equal Employment Opportunity Commission (EEOC) when requested in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or other functions of the Commission as authorized by law or regulation.

5. To the Federal Labor Relations Authority or its General Counsel when  requested in connection with investigations of allegations of unfair labor practices or matters before the Federal Service Impasses Panel.

6. To disclose information to another Federal agency, to a court, or a party in litigation before a court or in an administrative proceeding being conducted by a Federal agency, when the Government is a party to the judicial or administrative proceeding. In those cases where the Government is not a party to the proceeding, records may be disclosed if a subpoena has been signed by a judge.

7. To the Department of Justice (DOJ) for its use in providing legal advice to FERC or in representing FERC in a proceeding before a court, adjudicative body, or other administrative body, where the use of such information by the DOJ is deemed by FERC to be relevant and necessary to the advice or proceeding, and such proceeding names as a party in interest: (a) FERC; (b) any employee of FERC in his or her official capacity; (c) any employee of FERC in his or her individual capacity where DOJ has agreed to represent the employee; or (d) the United States, where FERC determines that litigation is likely to affect FERC or any of its components.

8. To non-Federal Personnel, such as contractors, agents, or other authorized individuals performing work on a contract, service, cooperative agreement, job, or other activity on behalf of FERC or Federal Government and who have a need to access the information in the performance of their duties or activities.

9. To the National Archives and Records Administration in records management inspections and its role as Archivist.

10. To the Merit Systems Protection Board or the Board's Office of the Special Counsel, when relevant information is requested in connection with appeals, special studies of the civil service and other merit systems, review of OPM rules and regulations, and investigations of alleged or possible prohibited personnel practices.

11. To appropriate Federal, State, or local agency responsible for investigating, prosecuting, enforcing, or implementing a statute, rule, regulation, or order, if the information may be relevant to a potential violation of civil or criminal law, rule, regulation, order.

12. To appropriate agencies, entities, and person(s) that are a party to a dispute, when FERC determines that information from this system of records is reasonably necessary for the recipient to assist with the resolution of the dispute; the name, address, telephone number, email address, and affiliation; of the agency, entity, and/or person(s) seeking and/or participating in dispute resolution services, where appropriate.

13. Where there is an indication of a violation or a potential violation of law, whether civil, criminal or regulatory in nature, whether arising by general statute or particular program statute, or by regulation, rule or order issued pursuant thereto, the relevant records in the system of records may be referred to the appropriate agency, whether federal, foreign, state, or local, charged with enforcing or implementing the statute, or rule, regulation or order.

14. To Federal, foreign, state, or local authorities in order to obtain information or records relevant to an Inspector General investigation.

15. To Federal, foreign, state, or local governmental authorities maintaining civil, criminal, or other relevant enforcement information or other pertinent information to obtain information relevant to an agency decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant or other benefit.

16. To Federal, foreign, state, or local governmental authorities in response to their request in connection with the hiring or retention of an employee, discriminatory or other administrative action concerning an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision in the matter.

17. To non-governmental parties where those parties may have information the Inspector General seeks to obtain in connection with an investigation.

18. To independent auditors or other private firms with which the Inspector General has contracted to carry out an independent audit, or to collate, aggregate or otherwise refine data collected in the system of records.

19. To respond to subpoenas in any litigation or other proceeding.

**POLICIES AND PRACTICES FOR STORAGE OF RECORDS:**

Records are stored in electronic and paper format. Electronic records are stored on a restricted shared drive, and some records are in the individual's human resources file. Paper records are stored in lockable file room. Access to electronic records is controlled by the organizations Single Sign-On and Multi-Factor Authentication solution. Agency buildings and Data center buildings are guarded and monitored by security personnel, cameras, ID checks, and other physical security measures. Access to electronic and hard copy files is restricted to those individuals whose official duties require access.

**POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:**

Records are retrieved by name and log number.

**POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:**

Records are retained and disposed of in accordance with the schedule approved under the Department of Energy Administration Records Schedule 22: Audit/Investigative Records (October 2021, Rev. 4) available at *https://www.energy.gov/sites/default/files/2023-01/ADM%2022%20Rev%204%20Oct%202021.pdf;* and General Records Schedule 5.6: Security Management Records (March 2022), item 210-240 available at *https://www.archives.gov/files/records-mgmt/grs/grs05-6.pdf.*

**ADMINSTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:**

*See* Policies and Practices for Storage of Records.

**RECORD ACCESS PROCEDURES:**

Individuals requesting access to the contents of records must submit a request through the Freedom of Information Act (FOIA) office. The FOIA website is located at: *https://www.ferc.gov/foia.* Requests may be submitted through the following portal: *https://www.ferc.gov/enforcement-legal/foia/electronic-foia-privacy-act-request-form.* Written requests for access to records should be directed to: Director, Office of External Affair, Federal Energy Regulatory Commission, 888 First Street NE, Washington, DC 20426.

**CONTESTING RECORD PROCEDURES:**

*See* Record Access Procedures.

**NOTIFICATION PROCEDURE:**

Generalized notice is provided by the publication of this notice. For specific notice, see Records Access Procedure, above system.

**EXEMPTIONS PROMULGATED FOR THE SYSTEM:**

None.

**HISTORY:**

65 FR 21759 (April 24, 2000).

Dated: August 1, 2024.

Debbie-Anne A. Reese,

Acting Secretary.