Skip to content
LexBuild

Privacy Act of 1974; System of Records 

---
identifier: "/us/fr/2025-21358"
source: "fr"
legal_status: "authoritative_unofficial"
title: "Privacy Act of 1974; System of Records"
title_number: 0
title_name: "Federal Register"
section_number: "2025-21358"
section_name: "Privacy Act of 1974; System of Records"
positive_law: false
currency: "2025-11-28"
last_updated: "2025-11-28"
format_version: "1.1.0"
generator: "[email protected]"
agency: "Transportation Department"
document_number: "2025-21358"
document_type: "notice"
publication_date: "2025-11-28"
agencies:
  - "Transportation Department"
  - null
fr_citation: "90 FR 54877"
fr_volume: 90
docket_ids:
  - "Docket No. DOT-OST-2025-1524"
effective_date: "2025-12-29"
comments_close_date: "2025-12-29"
fr_action: "Notice of a new system of records."
---

#  Privacy Act of 1974; System of Records

**AGENCY:**

Office of the Departmental Chief Information Officer, Office of the Secretary of Transportation, DOT.

**ACTION:**

Notice of a new system of records.

**SUMMARY:**

In accordance with the Privacy Act of 1974, the United States Department of Transportation (DOT) proposes a new system of records titled, “Department of Transportation, Federal Aviation Administration DOT/FAA 859, Passport and Visa Tracking Records.” This system of records allows the FAA to collect, use, and maintain information needed to track progress on passport and visa applications, and expiration dates on official passports for employees and members of the public, such as an employee's dependent(s).

**DATES:**

Submit comments on or before December 29, 2025. The Department may publish an amended Systems of Records Notice (hereafter “Notice”) in light of any comments received. This new system will be effective immediately. The routine uses will be effective December 29, 2025.

**ADDRESSES:**

You may submit comments identified by docket number DOT-OST-2025-1524 by any of the following methods:

*Federal e-Rulemaking Portal: https://www.regulations.gov.* Follow the instructions for submitting comments.

*Mail:* Docket Management Facility, U.S. Department of Transportation, 1200 New Jersey Ave. SE, West Building Ground Floor, Room W12-140, Washington, DC 20590-0001.

*Hand Delivery or Courier:* West Building Ground Floor, Room W12-140, 1200 New Jersey Ave. SE, between 9 a.m. and 5 p.m. ET, Monday through Friday, except Federal Holidays.

*Fax:* (202) 493-2251.

*Instructions:* You must include the agency name and docket number DOT-OST-2025-1524. All comments received will be posted without change to *https://www.regulations.gov,* including any personal information provided.

*Privacy Act:* Anyone is able to search the electronic form of all comments received in any of our dockets by the name of the individual submitting the comment (or signing the comment, if submitted on behalf of an association, business, labor union, etc.).

*Docket:* For access to the docket to read background documents or comments received, go to *https://www.regulations.gov* or to the street address listed above. Follow the online instructions for accessing the docket.

**FOR FURTHER INFORMATION CONTACT:**

For questions, please contact: Karyn Gorman, Departmental Chief Privacy Officer, Privacy Office, Department of Transportation, Washington, DC 20590; *[email protected];* or 202-366-3140.

**SUPPLEMENTARY INFORMATION:**

**Background**

The Office of Policy, International Affairs and Environment, at the FAA receives passport and visa applications from FAA employees who travel or work overseas on official government business. Employees who travel overseas on official government business are typically assigned official or red cover passports, whereas those employees who work overseas and are accompanied by their dependent(s) are assigned diplomatic or black cover passports. Data from the passport and visa applications is entered into the FAA information system to track the progress of these applications and the expiration dates of official and diplomatic passports. The Office of Policy, International Affairs and Environment, submits passport applications to the Department of State and visa applications to the respective embassies in Washington, DC for processing. The FAA does not retain any application related documentation submitted to them by employees and only tracks the progress of these applications.

In order to track passport and visa applications, the FAA collects the names, dates of birth, passport and visa numbers, passport and visa issuance and expiration dates, issuing country for visas, country(ies) visited, email addresses, positions/titles, organizations, lines of business, dates of official travel and various dates throughout the passport and visa application process (for tracking purposes) from FAA employees and members of the public, such as employees' dependent(s). Information on an employee's minor dependents is obtained directly from the employee.

**Privacy Act**

The Privacy Act (5 U.S.C. 552a) governs how the Federal Government collects, maintains, and uses personally identifiable information (PII) in a System of Records. A “System of Records” is a group of any records under the control of a federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish in the *Federal Register* a System of Records Notice (SORN) identifying and describing each System of Records the agency maintains, including the purposes for which the agency uses PII in the system, the routine uses for which the agency discloses such information outside the agency, and how individuals to whom a Privacy Act record pertains can exercise their rights under the Privacy Act ( *e.g.,* to determine if the system contains information about them and to contest inaccurate information). In accordance with 5 U.S.C. 552a(r), DOT has provided a report of this system of records to the Office of Management and Budget and to Congress.

**SYSTEM NAME AND NUMBER:**

Department of Transportation (DOT)/Federal Aviation Administration (FAA) 859 Passport and Visa Tracking Records.

**SECURITY CLASSIFICATION:**

Unclassified, Sensitive

**SYSTEM LOCATION:**

The primary hosting site is the Tier Point Olive Data Center, 1111 Olive Street, St. Louis, MO 63101. The alternate hosting site is the Tier Point Bellevue Data Center, 1001 North Fort Crook Road, Bellevue, NE 68005.

**SYSTEM MANAGER(S):**

Director, National Labor and Employee Relations (LER) Systems and Programs, AHL-400, Office of Labor and Employee Relations, Federal Aviation Administration (FAA), 800 Independence Avenue SW, Washington, DC 20591; Phone: 202-267-0931.

**AUTHORITY FOR MAINTENANCE OF THE SYSTEM:**

22 U.S.C. 211a.

**PURPOSE(S) OF THE SYSTEM:**

To allow the FAA to track the passport and visa applications as well as expiration dates of official and diplomatic passports of employees and members of the public, such as employee's dependent(s).

**CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:**

FAA employees and members of the public, such as employees' dependent(s).

**CATEGORIES OF RECORDS IN THE SYSTEM:**

Records in this system includes names, dates of birth, passport and visa numbers, passport and visa issuance and expiration dates, issuing country for visas, country(ies) visited, email addresses, positions/titles, organizations, lines of business, dates of official travel and various dates for the passport and visa application process (for tracking purposes).

**RECORD SOURCE CATEGORIES:**

Records are obtained from current FAA employees and members of the public, such as employee's adult dependent(s). Information on an employee's minor dependents is obtained directly from the employee.

**ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:**

In addition to other disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DOT as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. In the event that a system of records maintained by DOT to carry out its functions indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to the appropriate agency, whether Federal, State, local, or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto.

2. A record from this system of records may be disclosed, as a routine use, to a Federal, State, or local agency maintaining civil, criminal, or other relevant enforcement information or other pertinent information, such as current licenses, if necessary to obtain information relevant to a DOT decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant or other benefit.

3. A record from this system of records may be disclosed, as a routine use, to a Federal agency, in response to its request, in connection with the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.

4a. Routine Use for Disclosure for Use in Litigation. It shall be a routine use of the records in this system of records to disclose them to the Department of Justice, or other Federal agencies conducting litigation when (a) DOT, or any agency thereof, or (b) Any employee of DOT or any agency thereof in their official capacity, or (c) Any employee of DOT or any agency thereof, in their individual capacity, where the Department of Justice has agreed to represent the employee, or (d) The United States or any agency thereof, where DOT determines that litigation likely to affect the United States, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice or other Federal agency conducting the litigation is deemed by DOT to be relevant and necessary in the litigation, provided, however, that in each case, DOT determines that disclosure of the records in the litigation is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

4b. Routine Use for Agency Disclosure in Other Proceedings. It shall be a routine use of records in this system to disclose them in proceedings before any court or adjudicative or administrative body before which DOT or any agency thereof appears when (a) DOT, or any agency thereof, or (b) Any employee of DOT or any agency thereof in their official capacity, or (c) Any employee of DOT or any agency thereof in their individual capacity where DOT has agreed to represent the employee, or (d) The United States or any agency thereof, where DOT determines that the proceeding is likely to affect the United States, is a party to the proceeding, or has an interest in such proceeding, and DOT determines that use of such records is relevant and necessary in the proceeding, provided, however, that in each case, DOT determines that disclosure of the records in the proceeding is a use of the information contained in the records that is compatible with the purpose for which the records were collected.

5. The information contained in this system of records will be disclosed to the Office of Management and Budget, OMB in connection with the review of  private relief legislation as set forth in OMB Circular No. A-19 at any stage of the legislative coordination and clearance process as set forth in that Circular.

6. Disclosure may be made to a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual. In such cases, however, the congressional office does not have greater rights to records than the individual. Thus, the disclosure may be withheld from delivery to the individual where the file contains investigative or actual information or other materials which are being used, or are expected to be used, to support prosecution or fines against the individual for violations of a statute, or of regulations of the Department based on statutory authority. No such limitations apply to records requested for Congressional oversight or legislative purposes; release is authorized under 49 CFR 10.35(9).

7. One or more records from a system of records may be disclosed routinely to the National Archives and Records Administration (NARA) in records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906.

8. Routine Use for disclosure to the Coast Guard and to the Transportation Security Administration. A record from this system of records may be disclosed as a routine use to the Coast Guard and to the Transportation Security Administration if information from this system was shared with either agency when that agency was a component of the Department of Transportation before its transfer to the Department of Homeland Security and such disclosure is necessary to accomplish a DOT, TSA or Coast Guard function related to this system of records.

9. DOT may make available to another agency or instrumentality of any government jurisdiction, including State and local governments, listings of names from any system of records in DOT for use in law enforcement activities, either civil or criminal, or to expose fraudulent claims, regardless of the stated purpose for the collection of the information in the system of records. These enforcement activities are generally referred to as matching programs because two lists of names are checked for match using automated assistance. This routine use is advisory in nature and does not offer unrestricted access to systems of records for such law enforcement and related antifraud activities. Each request will be considered on the basis of its purpose, merits, cost effectiveness and alternatives using Instructions on reporting computer matching programs to the Office of Management and Budget, OMB, Congress, and the public, published by the Director, OMB, dated September 20, 1989.

10. It shall be a routine use of the information in any DOT system of records to provide to the Attorney General of the United States, or his/her designee, information indicating that a person meets any of the disqualifications for receipt, possession, shipment, or transport of a firearm under the Brady Handgun Violence Prevention Act. In case of a dispute concerning the validity of the information provided by DOT to the Attorney General, or his/her designee, it shall be a routine use of the information in any DOT system of records to make any disclosures of such information to the National Background Information Check System, established by the Brady Handgun Violence Prevention Act, as may be necessary to resolve such dispute.

11a. DOT may disclose records from this system, as a routine use, to appropriate agencies, entities, and persons when: (1) DOT suspects or has confirmed that there has been a breach of the system of records; (2) DOT has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOT (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOT's efforts to respond to the suspected or confirmed breach or to prevent, minimize or remedy such harm.

11b. To another Federal agency or Federal entity, when DOT determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

12. DOT may disclose records from this system, as a routine use, to the Office of Government Information Services for the purpose of (a) resolving disputes between FOIA requesters and Federal agencies and (b) reviewing agencies policies, procedures and compliance in order to recommend policy changes to Congress and the President.

13. DOT may disclose records from this system, as a routine use, to contractors and their agents, experts, consultants, and other performing or working on a contract, service, cooperative agreement, or other assignment for DOT, when necessary to accomplish an agency function related to this system of records.

14. DOT may disclose records from this system, as a routine use, to an agency, organization or individual for the purpose of performing audit or oversight operations related to this system of records, but only such records as are necessary and relevant to the audit or oversight activity. This routine use does not apply to intra-agency sharing authorized under Section (b)(1) of the Privacy Act.

15. DOT may disclose from this system, as a routine use, records consisting of, or relating to, terrorism information (6 U.S.C. 485(a)(5)), homeland security information (6 U.S.C. 482(f)(1)), or Law enforcement information (Guideline 2 Report attached to White House Memorandum, “Information Sharing Environment,” November 22, 2006) to a Federal, State, local, Tribal, Territorial, foreign government and/or multinational agency, either in response to its request or upon the initiative of the component for purposes of sharing such information as is necessary and relevant for the agencies to detect, prevent, disrupt, preempt, and mitigate the effects of terrorist activities against the territory, people and interests of the United States of America, as contemplated by the Intelligence Reform and Terrorism Prevention Act of 2004 (Pub. L. 108-458) and Executive Order 13388 (October 25, 2005).

**POLICIES AND PRACTICES FOR STORAGE OF RECORDS:**

Records are stored in an electronic database.

**POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:**

Records are primarily retrieved by personal identifiers, such as name, passport and visa numbers.

**POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:**

Passport and visa application records will be maintained in accordance with National Archives and Records Administration General Records Schedule (GRS) 2.2, item 90, Official Passports Records. Records are destroyed when 3 years old or upon employee separation or transfer, whichever is sooner, but longer  retention is authorized if required for business use.

**ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:**

Records in this system are safeguarded in accordance with applicable rules and policies, including all applicable DOT and FAA automated systems security and access policies. Strict controls have been imposed to minimize the risk of compromising the information that is being stored. Access to the computer system containing the records in this system is limited to individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances or permissions.

**RECORD ACCESS PROCEDURES:**

Individuals seeking notification of whether this system of records contains information about them may contact the System Manager at the address provided in the section “System Manager”. When seeking records about yourself from this system of records or any other Departmental system of records your request must conform to the Privacy Act regulations set forth in 49 CFR part 10. You must sign your request, and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. If your request is seeking records pertaining to another living individual, you must include a statement from that individual certifying his/her agreement for you to access his/her records.

**CONTESTING RECORD PROCEDURES:**

See “Record Access Procedures” above.

**NOTIFICATION PROCEDURES:**

See “Record Access Procedures” above.

**EXEMPTIONS PROMULGATED FOR THE SYSTEM:**

None.

**HISTORY:**

None.

Issued in Washington, DC.

Karyn Gorman,

Departmental Chief Privacy Officer.