Privacy and Security Policy

1. Authorized Uses of Pay.gov

We authorize you to access and use Pay.gov services for the primary purpose of conducting financial transactions with Federal agencies. Accessing or using Pay.gov services without consenting to the terms of these Pay.gov notices and agreement is unauthorized and prohibited. Any access or use of the Pay.gov Web site for unlawful purposes, purposes other than those allowed under these notices and agreement or in a manner contrary to the terms of these notices or agreement is unauthorized and prohibited. Among other things, attempts to “crack,” disrupt, bring down, infect with a computer virus or worm, block access to by others, or spoof Pay.gov are unauthorized. Also unauthorized are attempts to impersonate others or to intercept data intended for others. Unauthorized use may be a violation of law, including a violation of the Computer Fraud and Abuse Act of 1986 and National Information Infrastructure Protection Act (18 U.S.C. § 1030) and mail fraud statutes if it leads to an item being delivered by mail and may result in criminal penalties.

Also, 31 U.S.C. § 333 prohibits (among other things) the misuse of certain names, terms, symbols, and emblems of the Department of the Treasury, as well as any colorable imitations of these items. This conduct is illegal if done in connection with business activities in a manner that reasonably could be construed as falsely implying that such activities are in any manner approved, endorsed, sponsored, authorized by, or associated with the Department of the Treasury. For instance, “framing” the Pay.gov site in a manner designed to falsely imply a relationship with Treasury could be forbidden under the statute. Section 333 also provides that the use of disclaimers is irrelevant to a determination of whether the statute has been violated.

Top

2. Importance of Privacy

We are committed to protecting the privacy rights of the public. These rights are ensured through the Privacy Act of 1974 (5 U.S.C. §552A), Office of Management and Budget guidance, and other Federal regulations and FMS policy.

Top

3. Information Automatically Gathered

For Web site security purposes as well as to improve our site, Pay.gov uses software that can monitor network traffic and identify unauthorized attempts to cause damage or upload or change information. Like all Web sites, when a page is requested Pay.gov can obtain some information about the request, such as: name of the domain from which the visitor accesses the Internet (e.g. “a company.com”; ” a school.edu”; or “an agency.gov”), Internet protocol address, date and time the Web site is visited and type of browser and operating system used to access the site. Aggregate information about individual Web pages visited also is collected.

We generally do not use this automatically gathered information to attempt to identify individual users. We may use this information for authorized law enforcement investigations related to Pay.gov. This includes attempting to trace the source of an attack designed to disrupt or bring down the site or to prove whether a financial transaction has taken place. Otherwise, we only use this information to improve the content and structure of the Pay.gov Web site.

Pay.gov does not use persistent “cookies”, which are permanent files placed on a visitor’s hard drive that allow a Web site to monitor a visitor’s use of the site. To the extent Pay.gov uses any cookies at all, such cookies are session cookies, which expire and automatically are removed no later than upon the closing of a Web browser.

Top

4. Personal Information We May Ask for and Its Uses

We do not require you to provide any personal information just to access the Pay.gov site. If you choose to use certain services provided by Pay.gov, such as submitting a form or paying a bill electronically, we may need to confirm whom you claim to be to provide access, a process known as authentication.

Authentication may entail that you provide a username and password previously issued to you after a registration process. Another way that Pay.gov may perform authentication is by asking you to provide certain sensitive personal identifying information, in particular your name, address, phone number, driver’s license number, date of birth, taxpayer identification number, financial institution account information, and amount of recent payment from the Treasury Department, that Pay.gov will verify by querying commercial or Government databases. The information you provide to Pay.gov will not be added to the databases of any commercial database provider, other than that needed for the purposes of fraud screening and billing us for the service, and cannot be re-disclosed by the commercial database provider. This authentication process is exclusively geared to verify a user’s identity; it in no way performs a credit check. The only criterion is that the information you provide is consistent with the records in the databases we access for authentication.

Although this does not constitute a Fair Credit Reporting Act action (which mandates the database providers to offer certain aspects of Customer Service), we will disclose the names of the databases if you so request.

All information you provide will be encrypted during any transmission or delivered using secure, dedicated networks.

Top

5. Personal Information Not Sought from Children

We do not attempt to collect personally identifiable information on-line from children age 16 or younger. Furthermore, we do not attempt to authenticate any person claiming to be age 16 or younger.

Top

6. Our Legal Authority to Ask for Personal Information

We ask for personal information during authentication so that you can access certain information and conduct transactions that may typically result in the collection or payment of public money. Unless stated otherwise, the providing of this information is voluntary, not mandatory; however, if you choose not to provide this information we may not be able to process your requests.

Among the voluntary information we may seek, Social Security numbers are a special case. Unlike other voluntary information, the Privacy Act states that an agency cannot deny you access or otherwise refrain from processing your transactions if you refuse to provide this particular piece of information, unless there is a statutory provision or other exception that allows or requires the agency to ask for this information. In this regard, there is a statutory provision at 31 U.S.C. § 7701 that can require us to ask for Social Security numbers in many instances. This statute mandates that we ask for this information in transactions that may result in a receivable and in certain other financial dealings. When dealing with a particular agency application, that agency may have additional cause to ask us to request your Social Security number.

Top

7. To Whom We May Release Personal Information

The parties to whom we disclose information may include:

Appropriate Federal, state, local or foreign agencies responsible for investigating or prosecuting the violation of, or for enforcing or implementing, a statute, rule, regulation, order, or license, but only if the investigation, prosecution, enforcement or implementation concerns a transaction(s) or other event(s) that involved (or contemplates involvement of), in whole or part, an electronic method of collecting revenues for the Federal government. The records and information may also be disclosed to commercial database vendors to the extent necessary to obtain information pertinent to such an investigation, prosecution, enforcement or implementation.
Commercial database vendors for the purposes of authenticating the identity of individuals who electronically authorize payments to the Federal Government, to obtain information on such individuals’ payment or check writing history, and for administrative purposes, such as resolving a question about a transaction.
A court, magistrate, or administrative tribunal, in the course of presenting evidence, including disclosures to opposing counsel or witnesses, for the purpose of civil discovery, litigation, or settlement negotiations or in response to a subpoena, where relevant or potentially relevant to a proceeding,or in connection with criminal law proceedings.
A congressional office in response to an inquiry made at the request of the individual to whom the record pertains.
Fiscal agents, financial agents, financial institutions, and contractors for the purpose of performing financial management services, including, but not limited to, processing payments, investigating and rectifying possible erroneous reporting information, creating and reviewing statistics to improve the quality of services provided, or conducting debt collection services.
Federal agencies, their agents and contractors for the purposes of facilitating the collection of revenues, the accounting of such revenues, and the implementation of programs related to the revenues being collected.
Federal agencies, their agents and contractors, to credit bureaus, and to employers of individuals who owe delinquent debt only when the debt arises from the unauthorized use of electronic payment methods. The information will be used for the purpose of collecting such debt through offset, administrative wage garnishment, referral to private collection agencies, litigation, reporting the debt to credit bureaus, or for any other authorized debt collection purpose.
Financial institutions, including banks and credit unions, and credit card companies for the purpose of revenue collections and/or investigating the accuracy of information required to complete transactions using electronic methods and for administrative purposes, such as resolving questions about a transaction.

As was previously mentioned, the information you voluntarily provide may be communicated during authentication to third parties to validate your information and to ultimately confirm your identity. They are legally bound to not further disclose information we share with them.

In addition, if authentication is successful, we may make the information you provide, and the details of how we concluded authentication was successful, available to the agency that owns the application with which you are attempting to complete a transaction.

We will not license or sell your personal information for commercial purposes.

Top

8. No Unsolicited Information

We may send notices to your e-mail address with regard to transactions you conduct on the Pay.gov site, such as confirmation notices, but otherwise we will not use your personal information to send you unsolicited information unless you opt-in to do so, such as by asking to be placed on an e-mail list.

Top

9. Caution About Sending Unencrypted Personal Information Over the Internet

If you choose to send Pay.gov personal information electronically or request that we send you personal information electronically (such as by e-mail), we cannot guarantee its confidentiality as it travels across the Internet. While not likely, others could eavesdrop. To make this less likely, we may use encryption to protect information that you send or view via Web pages (this does not apply to e-mail). Pay.gov utilizes a secure transmission protocol (Transport Layer Security (TLS)) to provide protection of the Web page communications across the Internet between Pay.gov and your computer. TLS is a commonly used protocol for managing the security of an interactive Web session on the Internet. If the Web page has an address that begins with “https://”; rather than “http://” then the page is protected by TLS.

Information transmitted to and from agencies and third party vendors other than through Web pages will be transmitted through a secure virtual private network connection or dedicated connection.

Top

10. Cookies and Analytics

Pay.Gov uses single-session cookies to serve technical purposes, like providing seamless navigation through the platform. Cookies are messages that web servers pass to your web browser when you visit Internet sites. Your browser stores each message in a small file, called cookie.txt . When you request another page from the server, your browser sends the cookie back to the server. These cookies do not permanently record data, and they are not stored on your computer’s hard drive. Pay.Gov’s session cookies are only available during an active browser session. When you close your browser, the session cookie disappears.

Pay.Gov also uses persistent cookies and Google Analytics to help us understand how people use the platform, and how we can make it better. We do not collect any personally identifiable information. Traffic statistics are collected anonymously and aggregated, and no information is traceable to any specific individual.

Most Internet browsers automatically accept persistent cookies. Although using persistent cookies creates a much better experience for you, Pay.gov will also work without them. If you don’t want to accept cookies, you can edit your browser’s options by following these instructions to stop accepting persistent cookies or to prompt you before accepting a cookie from the websites you visit.

§552a TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES Page 44

(i) The head of each agency shall submit a report, no later than 6 months from the date of this order, to the Attorney General and the OMB Director that summa- rizes the results of the review under section 3(a) of this order and encloses a copy of the agency’s plan under section 3(b) of this order. The agency shall publish a copy of the agency’s report on the agency’s website or, in the case of an agency without a website, on the Firstgov.gov website, or, in the case of any agency with neither a website nor the capability to publish on the Firstgov.gov website, in the Federal Register.

(ii) The head of each agency shall include in the agen- cy’s annual FOIA reports for fiscal years 2006 and 2007 a report on the agency’s development and implementa- tion of its plan under section 3(b) of this order and on the agency’s performance in meeting the milestones set forth in that plan, consistent with any related guide- lines the Attorney General may issue under section 552(e) of title 5, United States Code.

(iii) If the agency does not meet a milestone in its plan, the head of the agency shall:

(A) identify this deficiency in the annual FOIA re- port to the Attorney General;

(B) explain in the annual report the reasons for the agency’s failure to meet the milestone;

(C) outline in the annual report the steps that the agency has already taken, and will be taking, to ad- dress the deficiency; and

(D) report this deficiency to the President’s Man- agement Council.
SEC. 4. Attorney General.
(a) Report. The Attorney General, using the reports

submitted by the agencies under subsection 3(c)(i) of this order and the information submitted by agencies in their annual FOIA reports for fiscal year 2005, shall submit to the President, no later than 10 months from the date of this order, a report on agency FOIA imple- mentation. The Attorney General shall consult the OMB Director in the preparation of the report and shall include in the report appropriate recommendations on administrative or other agency actions for continued agency dissemination and release of public informa- tion. The Attorney General shall thereafter submit two further annual reports, by June 1, 2007, and June 1, 2008, that provide the President with an update on the agen- cies’ implementation of the FOIA and of their plans under section 3(b) of this order.

(b) Guidance. The Attorney General shall issue such instructions and guidance to the heads of departments and agencies as may be appropriate to implement sec- tions 3(b) and 3(c) of this order.

SEC. 5. OMB Director. The OMB Director may issue such instructions to the heads of agencies as are nec- essary to implement this order, other than sections 3(b) and 3(c) of this order.

SEC. 6. Definitions. As used in this order:

(a) the term ‘‘agency’’ has the same meaning as the term ‘‘agency’’ under section 552(f)(1) of title 5, United States Code; and

(b) the term ‘‘record’’ has the same meaning as the term ‘‘record’’ under section 552(f)(2) of title 5, United States Code.

SEC. 7. General Provisions.

(a) The agency reviews under section 3(a) of this order and agency plans under section 3(b) of this order shall be conducted and developed in accordance with applicable law and applicable guidance issued by the President, the Attorney General, and the OMB Direc- tor, including the laws and guidance regarding informa- tion technology and the dissemination of information.

(b) This order:

(i) shall be implemented in a manner consistent with applicable law and subject to the availability of appro- priations;

(ii) shall not be construed to impair or otherwise af- fect the functions of the OMB Director relating to budget, legislative, or administrative proposals; and

(iii) is intended only to improve the internal manage- ment of the executive branch and is not intended to,

and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by a party against the United States, its departments, agen- cies, instrumentalities, or entities, its officers or em- ployees, or any other person.

GEORGE W. BUSH. FREEDOM OF INFORMATION ACT

Memorandum of President of the United States, Jan. 21, 2009, 74 F.R. 4683, provided:

Memorandum for the Heads of Executive Depart- ments and Agencies

A democracy requires accountability, and account- ability requires transparency. As Justice Louis Bran- deis wrote, ‘‘sunlight is said to be the best of disinfect- ants.’’ In our democracy, the Freedom of Information Act (FOIA), which encourages accountability through transparency, is the most prominent expression of a profound national commitment to ensuring an open Government. At the heart of that commitment is the idea that accountability is in the interest of the Gov- ernment and the citizenry alike.

The Freedom of Information Act should be adminis- tered with a clear presumption: In the face of doubt, openness prevails. The Government should not keep in- formation confidential merely because public officials might be embarrassed by disclosure, because errors and failures might be revealed, or because of speculative or abstract fears. Nondisclosure should never be based on an effort to protect the personal interests of Govern- ment officials at the expense of those they are supposed to serve. In responding to requests under the FOIA, ex- ecutive branch agencies (agencies) should act promptly and in a spirit of cooperation, recognizing that such agencies are servants of the public.

All agencies should adopt a presumption in favor of disclosure, in order to renew their commitment to the principles embodied in FOIA, and to usher in a new era of open Government. The presumption of disclosure should be applied to all decisions involving FOIA.

The presumption of disclosure also means that agen- cies should take affirmative steps to make information public. They should not wait for specific requests from the public. All agencies should use modern technology to inform citizens about what is known and done by their Government. Disclosure should be timely.

I direct the Attorney General to issue new guidelines governing the FOIA to the heads of executive depart- ments and agencies, reaffirming the commitment to ac- countability and transparency, and to publish such guidelines in the Federal Register. In doing so, the At- torney General should review FOIA reports produced by the agencies under Executive Order 13392 of December 14, 2005. I also direct the Director of the Office of Man- agement and Budget to update guidance to the agencies to increase and improve information dissemination to the public, including through the use of new tech- nologies, and to publish such guidance in the Federal Register.

This memorandum does not create any right or bene- fit, substantive or procedural, enforceable at law or in equity by any party against the United States, its de- partments, agencies, or entities, its officers, employ- ees, or agents, or any other person.

The Director of the Office of Management and Budget is hereby authorized and directed to publish this memo- randum in the Federal Register.

BARACK OBAMA.

§ 552a. Records maintained on individuals

(a) DEFINITIONS.—For purposes of this sec- tion—

(1) the term ‘‘agency’’ means agency as de- fined in section 552(e) 1 of this title;

(2) the term ‘‘individual’’ means a citizen of the United States or an alien lawfully admit- ted for permanent residence;

1 See References in Text note below.

page1image3651331680

Page 45 TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES §552a

(3) the term ‘‘maintain’’ includes maintain, collect, use, or disseminate;

(4) the term ‘‘record’’ means any item, col- lection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, fi- nancial transactions, medical history, and criminal or employment history and that con- tains his name, or the identifying number, symbol, or other identifying particular as- signed to the individual, such as a finger or voice print or a photograph;

(5) the term ‘‘system of records’’ means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identi- fying number, symbol, or other identifying particular assigned to the individual;

(6) the term ‘‘statistical record’’ means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable indi- vidual, except as provided by section 8 of title 13;

(7) the term ‘‘routine use’’ means, with re- spect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected;

(8) the term ‘‘matching program’’—
(A) means any computerized comparison

of—
(i) two or more automated systems of

records or a system of records with non- Federal records for the purpose of—

(I) establishing or verifying the eligi- bility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or bene- ficiaries of, participants in, or providers of services with respect to, cash or in- kind assistance or payments under Fed- eral benefit programs, or

(II) recouping payments or delinquent debts under such Federal benefit pro- grams, or

(ii) two or more automated Federal per- sonnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records,

(B) but does not include—
(i) matches performed to produce aggre-

gate statistical data without any personal identifiers;

(ii) matches performed to support any research or statistical project, the specific data of which may not be used to make de- cisions concerning the rights, benefits, or privileges of specific individuals;

(iii) matches performed, by an agency (or component thereof) which performs as its principal function any activity pertaining to the enforcement of criminal laws, sub- sequent to the initiation of a specific criminal or civil law enforcement inves- tigation of a named person or persons for the purpose of gathering evidence against such person or persons;

(iv) matches of tax information (I) pur- suant to section 6103(d) of the Internal

Revenue Code of 1986, (II) for purposes of tax administration as defined in section 6103(b)(4) of such Code, (III) for the purpose of intercepting a tax refund due an individ- ual under authority granted by section 404(e), 464, or 1137 of the Social Security Act; or (IV) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program au- thorized by statute which has been deter- mined by the Director of the Office of Management and Budget to contain ver- ification, notice, and hearing requirements that are substantially similar to the pro- cedures in section 1137 of the Social Secu- rity Act;

(v) matches—
(I) using records predominantly relat-

ing to Federal personnel, that are per- formed for routine administrative pur- poses (subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection (v)); or

(II) conducted by an agency using only records from systems of records main- tained by that agency;

if the purpose of the match is not to take any adverse financial, personnel, discipli- nary, or other adverse action against Fed- eral personnel;

(vi) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel;

(vii) matches performed incident to a levy described in section 6103(k)(8) of the Internal Revenue Code of 1986;

(viii) matches performed pursuant to section 202(x)(3) or 1611(e)(1) of the Social Security Act (42 U.S.C. 402(x)(3), 1382(e)(1)); or

(ix) matches performed by the Secretary of Health and Human Services or the In- spector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, in- cluding matches of a system of records with non-Federal records;

(9) the term ‘‘recipient agency’’ means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching pro- gram;

(10) the term ‘‘non-Federal agency’’ means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program;

(11) the term ‘‘source agency’’ means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program;

(12) the term ‘‘Federal benefit program’’ means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government,

§552a TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES Page 46

providing cash or in-kind assistance in the form of payments, grants, loans, or loan guar- antees to individuals; and

(13) the term ‘‘Federal personnel’’ means of- ficers and employees of the Government of the United States, members of the uniformed serv- ices (including members of the Reserve Com- ponents), individuals entitled to receive imme- diate or deferred retirement benefits under any retirement program of the Government of the United States (including survivor bene- fits).

(b) CONDITIONS OF DISCLOSURE.—No agency shall disclose any record which is contained in a system of records by any means of communica- tion to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be—

(1) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties;

(2) required under section 552 of this title;

(3) for a routine use as defined in subsection (a)(7) of this section and described under sub- section (e)(4)(D) of this section;

(4) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13;

(5) to a recipient who has provided the agen- cy with advance adequate written assurance that the record will be used solely as a statis- tical research or reporting record, and the record is to be transferred in a form that is not individually identifiable;

(6) to the National Archives and Records Ad- ministration as a record which has sufficient historical or other value to warrant its con- tinued preservation by the United States Gov- ernment, or for evaluation by the Archivist of the United States or the designee of the Archi- vist to determine whether the record has such value;

(7) to another agency or to an instrumental- ity of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activ- ity for which the record is sought;

(8) to a person pursuant to a showing of com- pelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual;

(9) to either House of Congress, or, to the ex- tent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee;

(10) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Govern- ment Accountability Office;

(11) pursuant to the order of a court of com- petent jurisdiction; or

(12) to a consumer reporting agency in ac- cordance with section 3711(e) of title 31.

(1) except for disclosures made under sub- sections (b)(1) or (b)(2) of this section, keep an accurate accounting of—

(A) the date, nature, and purpose of each disclosure of a record to any person or to an- other agency made under subsection (b) of this section; and

(B) the name and address of the person or agency to whom the disclosure is made;

(2) retain the accounting made under para- graph (1) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the ac- counting is made;

(3) except for disclosures made under sub- section (b)(7) of this section, make the ac- counting made under paragraph (1) of this sub- section available to the individual named in the record at his request; and

(4) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection (d) of this section of any record that has been dis- closed to the person or agency if an account- ing of the disclosure was made.

(d) ACCESS TO RECORDS.—Each agency that maintains a system of records shall—

(1) upon request by any individual to gain access to his record or to any information per- taining to him which is contained in the sys- tem, permit him and upon his request, a per- son of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehen- sible to him, except that the agency may re- quire the individual to furnish a written state- ment authorizing discussion of that individ- ual’s record in the accompanying person’s presence;

(2) permit the individual to request amend- ment of a record pertaining to him and—

(A) not later than 10 days (excluding Sat- urdays, Sundays, and legal public holidays) after the date of receipt of such request, ac- knowledge in writing such receipt; and

(B) promptly, either—
(i) make any correction of any portion

thereof which the individual believes is not accurate, relevant, timely, or com- plete; or

(ii) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the pro- cedures established by the agency for the individual to request a review of that re- fusal by the head of the agency or an offi- cer designated by the head of the agency, and the name and business address of that official;

(3) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days (excluding Saturdays, Sun- days, and legal public holidays) from the date

Page 47 TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES §552a

on which the individual requests such review, complete such review and make a final deter- mination unless, for good cause shown, the head of the agency extends such 30-day period; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the indi- vidual of the provisions for judicial review of the reviewing official’s determination under subsection (g)(1)(A) of this section;

(4) in any disclosure, containing information about which the individual has filed a state- ment of disagreement, occurring after the fil- ing of the statement under paragraph (3) of this subsection, clearly note any portion of the record which is disputed and provide cop- ies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed; and

(5) nothing in this section shall allow an in- dividual access to any information compiled in reasonable anticipation of a civil action or proceeding.

(e) AGENCY REQUIREMENTS.—Each agency that maintains a system of records shall—

(1) maintain in its records only such infor- mation about an individual as is relevant and necessary to accomplish a purpose of the agen- cy required to be accomplished by statute or by executive order of the President;

(2) collect information to the greatest extent practicable directly from the subject individ- ual when the information may result in ad- verse determinations about an individual’s rights, benefits, and privileges under Federal programs;

(3) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual—

(A) the authority (whether granted by statute, or by executive order of the Presi- dent) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary;

(B) the principal purpose or purposes for which the information is intended to be used;

(C) the routine uses which may be made of the information, as published pursuant to paragraph (4)(D) of this subsection; and

(D) the effects on him, if any, of not pro- viding all or any part of the requested infor- mation;

(4) subject to the provisions of paragraph (11) of this subsection, publish in the Federal Reg- ister upon establishment or revision a notice of the existence and character of the system of records, which notice shall include—

(A) the name and location of the system;

(B) the categories of individuals on whom records are maintained in the system;

(D) each routine use of the records con- tained in the system, including the cat- egories of users and the purpose of such use;

(E) the policies and practices of the agency regarding storage, retrievability, access con- trols, retention, and disposal of the records;

(F) the title and business address of the agency official who is responsible for the system of records;

(G) the agency procedures whereby an in- dividual can be notified at his request if the system of records contains a record pertain- ing to him;

(H) the agency procedures whereby an in- dividual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content; and

(I) the categories of sources of records in the system;

(5) maintain all records which are used by the agency in making any determination about any individual with such accuracy, rel- evance, timeliness, and completeness as is rea- sonably necessary to assure fairness to the in- dividual in the determination;

(6) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pur- suant to subsection (b)(2) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes;

(7) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law en- forcement activity;

(8) make reasonable efforts to serve notice on an individual when any record on such indi- vidual is made available to any person under compulsory legal process when such process becomes a matter of public record;

(9) establish rules of conduct for persons in- volved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for non- compliance;

(10) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrass- ment, inconvenience, or unfairness to any in- dividual on whom information is maintained;

(11) at least 30 days prior to publication of information under paragraph (4)(D) of this subsection, publish in the Federal Register no- tice of any new use or intended use of the in- formation in the system, and provide an op- portunity for interested persons to submit written data, views, or arguments to the agen- cy; and

(12) if such agency is a recipient agency or a source agency in a matching program with a

§552a TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES Page 48

non-Federal agency, with respect to any estab- lishment or revision of a matching program, at least 30 days prior to conducting such pro- gram, publish in the Federal Register notice of such establishment or revision.

(f) AGENCY RULES.—In order to carry out the provisions of this section, each agency that maintains a system of records shall promulgate rules, in accordance with the requirements (in- cluding general notice) of section 553 of this title, which shall—

(1) establish procedures whereby an individ- ual can be notified in response to his request if any system of records named by the individ- ual contains a record pertaining to him;

(2) define reasonable times, places, and re- quirements for identifying an individual who requests his record or information pertaining to him before the agency shall make the record or information available to the individ- ual;

(3) establish procedures for the disclosure to an individual upon his request of his record or information pertaining to him, including spe- cial procedure, if deemed necessary, for the disclosure to an individual of medical records, including psychological records, pertaining to him;

(4) establish procedures for reviewing a re- quest from an individual concerning the amendment of any record or information per- taining to the individual, for making a deter- mination on the request, for an appeal within the agency of an initial adverse agency deter- mination, and for whatever additional means may be necessary for each individual to be able to exercise fully his rights under this sec- tion; and

(5) establish fees to be charged, if any, to any individual for making copies of his record, excluding the cost of any search for and re- view of the record.

The Office of the Federal Register shall bienni- ally compile and publish the rules promulgated under this subsection and agency notices pub- lished under subsection (e)(4) of this section in a form available to the public at low cost.

(g)(1) CIVIL REMEDIES.—Whenever any agency (A) makes a determination under subsection (d)(3) of this section not to amend an individ- ual’s record in accordance with his request, or fails to make such review in conformity with

that subsection;
(B) refuses to comply with an individual re-

quest under subsection (d)(1) of this section; (C) fails to maintain any record concerning any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relat- ing to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such record, and consequently a determination is made

which is adverse to the individual; or
(D) fails to comply with any other provision of this section, or any rule promulgated there- under, in such a way as to have an adverse ef-

fect on an individual,

the individual may bring a civil action against the agency, and the district courts of the United

States shall have jurisdiction in the matters under the provisions of this subsection.

(2)(A) In any suit brought under the provisions of subsection (g)(1)(A) of this section, the court may order the agency to amend the individual’s record in accordance with his request or in such other way as the court may direct. In such a case the court shall determine the matter de novo.

(B) The court may assess against the United States reasonable attorney fees and other litiga- tion costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.

(3)(A) In any suit brought under the provisions of subsection (g)(1)(B) of this section, the court may enjoin the agency from withholding the records and order the production to the com- plainant of any agency records improperly with- held from him. In such a case the court shall de- termine the matter de novo, and may examine the contents of any agency records in camera to determine whether the records or any portion thereof may be withheld under any of the ex- emptions set forth in subsection (k) of this sec- tion, and the burden is on the agency to sustain its action.

(4) In any suit brought under the provisions of subsection (g)(1)(C) or (D) of this section in which the court determines that the agency acted in a manner which was intentional or will- ful, the United States shall be liable to the indi- vidual in an amount equal to the sum of—

(A) actual damages sustained by the individ- ual as a result of the refusal or failure, but in no case shall a person entitled to recovery re- ceive less than the sum of $1,000; and

(B) the costs of the action together with rea- sonable attorney fees as determined by the court.

(5) An action to enforce any liability created under this section may be brought in the dis- trict court of the United States in the district in which the complainant resides, or has his prin- cipal place of business, or in which the agency records are situated, or in the District of Colum- bia, without regard to the amount in con- troversy, within two years from the date on which the cause of action arises, except that where an agency has materially and willfully misrepresented any information required under this section to be disclosed to an individual and the information so misrepresented is material to establishment of the liability of the agency to the individual under this section, the action may be brought at any time within two years after discovery by the individual of the mis- representation. Nothing in this section shall be construed to authorize any civil action by rea- son of any injury sustained as the result of a dis- closure of a record prior to September 27, 1975.

(h) RIGHTS OF LEGAL GUARDIANS.—For the pur- poses of this section, the parent of any minor, or the legal guardian of any individual who has been declared to be incompetent due to physical or mental incapacity or age by a court of com-

Page 49 TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES §552a

petent jurisdiction, may act on behalf of the in- dividual.

(i)(1) CRIMINAL PENALTIES.—Any officer or em- ployee of an agency, who by virtue of his em- ployment or official position, has possession of, or access to, agency records which contain indi- vidually identifiable information the disclosure of which is prohibited by this section or by rules or regulations established thereunder, and who knowing that disclosure of the specific material is so prohibited, willfully discloses the material in any manner to any person or agency not enti- tled to receive it, shall be guilty of a mis- demeanor and fined not more than $5,000.

(2) Any officer or employee of any agency who willfully maintains a system of records without meeting the notice requirements of subsection (e)(4) of this section shall be guilty of a mis- demeanor and fined not more than $5,000.

(3) Any person who knowingly and willfully re- quests or obtains any record concerning an indi- vidual from an agency under false pretenses shall be guilty of a misdemeanor and fined not more than $5,000.

(j) GENERAL EXEMPTIONS.—The head of any agency may promulgate rules, in accordance with the requirements (including general notice) of sections 553(b)(1), (2), and (3), (c), and (e) of this title, to exempt any system of records with- in the agency from any part of this section ex- cept subsections (b), (c)(1) and (2), (e)(4)(A) through (F), (e)(6), (7), (9), (10), and (11), and (i) if the system of records is—

(1) maintained by the Central Intelligence Agency; or

(2) maintained by an agency or component thereof which performs as its principal func- tion any activity pertaining to the enforce- ment of criminal laws, including police efforts to prevent, control, or reduce crime or to ap- prehend criminals, and the activities of pros- ecutors, courts, correctional, probation, par- don, or parole authorities, and which consists of (A) information compiled for the purpose of identifying individual criminal offenders and alleged offenders and consisting only of identi- fying data and notations of arrests, the nature and disposition of criminal charges, sentenc- ing, confinement, release, and parole and pro- bation status; (B) information compiled for the purpose of a criminal investigation, in- cluding reports of informants and investiga- tors, and associated with an identifiable indi- vidual; or (C) reports identifiable to an indi- vidual compiled at any stage of the process of enforcement of the criminal laws from arrest or indictment through release from super- vision.

At the time rules are adopted under this sub- section, the agency shall include in the state- ment required under section 553(c) of this title, the reasons why the system of records is to be exempted from a provision of this section.

(k) SPECIFIC EXEMPTIONS.—The head of any agency may promulgate rules, in accordance with the requirements (including general notice) of sections 553(b)(1), (2), and (3), (c), and (e) of this title, to exempt any system of records with- in the agency from subsections (c)(3), (d), (e)(1), (e)(4)(G), (H), and (I) and (f) of this section if the system of records is—

(1) subject to the provisions of section 552(b)(1) of this title;

(2) investigatory material compiled for law enforcement purposes, other than material within the scope of subsection (j)(2) of this sec- tion: Provided, however, That if any individual is denied any right, privilege, or benefit that he would otherwise be entitled by Federal law, or for which he would otherwise be eligible, as a result of the maintenance of such material, such material shall be provided to such indi- vidual, except to the extent that the disclo- sure of such material would reveal the iden- tity of a source who furnished information to the Government under an express promise that the identity of the source would be held in confidence, or, prior to the effective date of this section, under an implied promise that the identity of the source would be held in confidence;

(3) maintained in connection with providing protective services to the President of the United States or other individuals pursuant to section 3056 of title 18;

(4) required by statute to be maintained and used solely as statistical records;

(5) investigatory material compiled solely for the purpose of determining suitability, eli- gibility, or qualifications for Federal civilian employment, military service, Federal con- tracts, or access to classified information, but only to the extent that the disclosure of such material would reveal the identity of a source who furnished information to the Government under an express promise that the identity of the source would be held in confidence, or, prior to the effective date of this section, under an implied promise that the identity of the source would be held in confidence;

(6) testing or examination material used solely to determine individual qualifications for appointment or promotion in the Federal service the disclosure of which would com- promise the objectivity or fairness of the test- ing or examination process; or

(7) evaluation material used to determine potential for promotion in the armed services, but only to the extent that the disclosure of such material would reveal the identity of a source who furnished information to the Gov- ernment under an express promise that the identity of the source would be held in con- fidence, or, prior to the effective date of this section, under an implied promise that the identity of the source would be held in con- fidence.

(l)(1) ARCHIVAL RECORDS.—Each agency record which is accepted by the Archivist of the United States for storage, processing, and servicing in accordance with section 3103 of title 44 shall, for the purposes of this section, be considered to be maintained by the agency which deposited the record and shall be subject to the provisions of this section. The Archivist of the United States shall not disclose the record except to the agen- cy which maintains the record, or under rules

§552a TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES Page 50

established by that agency which are not incon- sistent with the provisions of this section.

(2) Each agency record pertaining to an identi- fiable individual which was transferred to the National Archives of the United States as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, prior to the ef- fective date of this section, shall, for the pur- poses of this section, be considered to be main- tained by the National Archives and shall not be subject to the provisions of this section, except that a statement generally describing such records (modeled after the requirements relating to records subject to subsections (e)(4)(A) through (G) of this section) shall be published in the Federal Register.

(3) Each agency record pertaining to an identi- fiable individual which is transferred to the Na- tional Archives of the United States as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, on or after the effec- tive date of this section, shall, for the purposes of this section, be considered to be maintained by the National Archives and shall be exempt from the requirements of this section except subsections (e)(4)(A) through (G) and (e)(9) of this section.

(m)(1) GOVERNMENT CONTRACTORS.—When an agency provides by a contract for the operation by or on behalf of the agency of a system of records to accomplish an agency function, the agency shall, consistent with its authority, cause the requirements of this section to be ap- plied to such system. For purposes of subsection (i) of this section any such contractor and any employee of such contractor, if such contract is agreed to on or after the effective date of this section, shall be considered to be an employee of an agency.

(2) A consumer reporting agency to which a record is disclosed under section 3711(e) of title 31 shall not be considered a contractor for the purposes of this section.

(n) MAILING LISTS.—An individual’s name and address may not be sold or rented by an agency unless such action is specifically authorized by law. This provision shall not be construed to re- quire the withholding of names and addresses otherwise permitted to be made public.

(o) MATCHING AGREEMENTS.—(1) No record which is contained in a system of records may be disclosed to a recipient agency or non-Fed- eral agency for use in a computer matching pro- gram except pursuant to a written agreement between the source agency and the recipient agency or non-Federal agency specifying—

(A) the purpose and legal authority for con- ducting the program;

(B) the justification for the program and the anticipated results, including a specific esti- mate of any savings;

(C) a description of the records that will be matched, including each data element that will be used, the approximate number of records that will be matched, and the pro- jected starting and completion dates of the matching program;

(D) procedures for providing individualized notice at the time of application, and notice

periodically thereafter as directed by the Data Integrity Board of such agency (subject to guidance provided by the Director of the Office of Management and Budget pursuant to sub- section (v)), to—

(i) applicants for and recipients of finan- cial assistance or payments under Federal benefit programs, and

(ii) applicants for and holders of positions as Federal personnel,

that any information provided by such appli- cants, recipients, holders, and individuals may be subject to verification through matching programs;

(E) procedures for verifying information pro- duced in such matching program as required by subsection (p);

(F) procedures for the retention and timely destruction of identifiable records created by a recipient agency or non-Federal agency in such matching program;

(G) procedures for ensuring the administra- tive, technical, and physical security of the records matched and the results of such pro- grams;

(H) prohibitions on duplication and redis- closure of records provided by the source agen- cy within or outside the recipient agency or the non-Federal agency, except where required by law or essential to the conduct of the matching program;

(I) procedures governing the use by a recipi- ent agency or non-Federal agency of records provided in a matching program by a source agency, including procedures governing return of the records to the source agency or destruc- tion of records used in such program;

(J) information on assessments that have been made on the accuracy of the records that will be used in such matching program; and

(K) that the Comptroller General may have access to all records of a recipient agency or a non-Federal agency that the Comptroller Gen- eral deems necessary in order to monitor or verify compliance with the agreement.

(2)(A) A copy of each agreement entered into pursuant to paragraph (1) shall—

(i) be transmitted to the Committee on Gov- ernmental Affairs of the Senate and the Com- mittee on Government Operations of the House of Representatives; and

(ii) be available upon request to the public.

(B) No such agreement shall be effective until 30 days after the date on which such a copy is transmitted pursuant to subparagraph (A)(i).

(C) Such an agreement shall remain in effect only for such period, not to exceed 18 months, as the Data Integrity Board of the agency deter- mines is appropriate in light of the purposes, and length of time necessary for the conduct, of the matching program.

(D) Within 3 months prior to the expiration of such an agreement pursuant to subparagraph (C), the Data Integrity Board of the agency may, without additional review, renew the matching agreement for a current, ongoing matching pro- gram for not more than one additional year if—

(i) such program will be conducted without any change; and

(ii) each party to the agreement certifies to the Board in writing that the program has

Page 51 TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES §552a

been conducted in compliance with the agree- ment.

(p) VERIFICATION AND OPPORTUNITY TO CONTEST FINDINGS.—(1) In order to protect any individual whose records are used in a matching program, no recipient agency, non-Federal agency, or source agency may suspend, terminate, reduce, or make a final denial of any financial assist- ance or payment under a Federal benefit pro- gram to such individual, or take other adverse action against such individual, as a result of in- formation produced by such matching program, until—

(A)(i) the agency has independently verified the information; or

(ii) the Data Integrity Board of the agency, or in the case of a non-Federal agency the Data Integrity Board of the source agency, de- termines in accordance with guidance issued by the Director of the Office of Management and Budget that—

(I) the information is limited to identifica- tion and amount of benefits paid by the source agency under a Federal benefit pro- gram; and

(II) there is a high degree of confidence that the information provided to the recipi- ent agency is accurate;

(B) the individual receives a notice from the agency containing a statement of its findings and informing the individual of the oppor- tunity to contest such findings; and

(C)(i) the expiration of any time period es- tablished for the program by statute or regula- tion for the individual to respond to that no- tice; or

(ii) in the case of a program for which no such period is established, the end of the 30- day period beginning on the date on which no- tice under subparagraph (B) is mailed or otherwise provided to the individual.

(2) Independent verification referred to in paragraph (1) requires investigation and con- firmation of specific information relating to an individual that is used as a basis for an adverse action against the individual, including where applicable investigation and confirmation of—

(A) the amount of any asset or income in- volved;

(B) whether such individual actually has or had access to such asset or income for such in- dividual’s own use; and

(3) Notwithstanding paragraph (1), an agency may take any appropriate action otherwise pro- hibited by such paragraph if the agency deter- mines that the public health or public safety may be adversely affected or significantly threatened during any notice period required by such paragraph.

(q) SANCTIONS.—(1) Notwithstanding any other provision of law, no source agency may disclose any record which is contained in a system of records to a recipient agency or non-Federal agency for a matching program if such source agency has reason to believe that the require- ments of subsection (p), or any matching agree- ment entered into pursuant to subsection (o), or

both, are not being met by such recipient agen- cy.

(2) No source agency may renew a matching agreement unless—

(A) the recipient agency or non-Federal agency has certified that it has complied with the provisions of that agreement; and

(B) the source agency has no reason to be- lieve that the certification is inaccurate.

(r) REPORT ON NEW SYSTEMS AND MATCHING PROGRAMS.—Each agency that proposes to estab- lish or make a significant change in a system of records or a matching program shall provide adequate advance notice of any such proposal (in duplicate) to the Committee on Government Operations of the House of Representatives, the Committee on Governmental Affairs of the Sen- ate, and the Office of Management and Budget in order to permit an evaluation of the probable or potential effect of such proposal on the pri- vacy or other rights of individuals.

(s) BIENNIAL REPORT.—The President shall bi- ennially submit to the Speaker of the House of Representatives and the President pro tempore of the Senate a report—

(1) describing the actions of the Director of the Office of Management and Budget pursu- ant to section 6 of the Privacy Act of 1974 dur- ing the preceding 2 years;

(2) describing the exercise of individual rights of access and amendment under this section during such years;

(3) identifying changes in or additions to systems of records;

(4) containing such other information con- cerning administration of this section as may be necessary or useful to the Congress in re- viewing the effectiveness of this section in carrying out the purposes of the Privacy Act of 1974.

(t)(1) EFFECT OF OTHER LAWS.—No agency shall rely on any exemption contained in section 552 of this title to withhold from an individual any record which is otherwise accessible to such individual under the provisions of this section.

(2) No agency shall rely on any exemption in this section to withhold from an individual any record which is otherwise accessible to such in- dividual under the provisions of section 552 of this title.

(u) DATA INTEGRITY BOARDS.—(1) Every agency conducting or participating in a matching pro- gram shall establish a Data Integrity Board to oversee and coordinate among the various com- ponents of such agency the agency’s implemen- tation of this section.

(2) Each Data Integrity Board shall consist of senior officials designated by the head of the agency, and shall include any senior official des- ignated by the head of the agency as responsible for implementation of this section, and the in- spector general of the agency, if any. The in- spector general shall not serve as chairman of the Data Integrity Board.

(3) Each Data Integrity Board—
(A) shall review, approve, and maintain all

written agreements for receipt or disclosure of agency records for matching programs to en- sure compliance with subsection (o), and all relevant statutes, regulations, and guidelines;

§552a TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES Page 52

(B) shall review all matching programs in which the agency has participated during the year, either as a source agency or recipient agency, determine compliance with applicable laws, regulations, guidelines, and agency agreements, and assess the costs and benefits of such programs;

(C) shall review all recurring matching pro- grams in which the agency has participated during the year, either as a source agency or recipient agency, for continued justification for such disclosures;

(D) shall compile an annual report, which shall be submitted to the head of the agency and the Office of Management and Budget and made available to the public on request, de- scribing the matching activities of the agency, including—

(i) matching programs in which the agency has participated as a source agency or recip- ient agency;

(ii) matching agreements proposed under subsection (o) that were disapproved by the Board;

(iii) any changes in membership or struc- ture of the Board in the preceding year;

(iv) the reasons for any waiver of the re- quirement in paragraph (4) of this section for completion and submission of a cost-ben- efit analysis prior to the approval of a matching program;

(v) any violations of matching agreements that have been alleged or identified and any corrective action taken; and

(vi) any other information required by the Director of the Office of Management and Budget to be included in such report;

(E) shall serve as a clearinghouse for receiv- ing and providing information on the accu- racy, completeness, and reliability of records used in matching programs;

(F) shall provide interpretation and guid- ance to agency components and personnel on the requirements of this section for matching programs;

(G) shall review agency recordkeeping and disposal policies and practices for matching programs to assure compliance with this sec- tion; and

(H) may review and report on any agency matching activities that are not matching programs.

(4)(A) Except as provided in subparagraphs (B) and (C), a Data Integrity Board shall not ap- prove any written agreement for a matching program unless the agency has completed and submitted to such Board a cost-benefit analysis of the proposed program and such analysis dem- onstrates that the program is likely to be cost effective.2

(B) The Board may waive the requirements of subparagraph (A) of this paragraph if it deter- mines in writing, in accordance with guidelines prescribed by the Director of the Office of Man- agement and Budget, that a cost-benefit analy- sis is not required.

2 So in original. Probably should be ‘‘cost-effective.’’

tial approval of a written agreement for a matching program that is specifically required by statute. Any subsequent written agreement for such a program shall not be approved by the Data Integrity Board unless the agency has sub- mitted a cost-benefit analysis of the program as conducted under the preceding approval of such agreement.

(5)(A) If a matching agreement is disapproved by a Data Integrity Board, any party to such agreement may appeal the disapproval to the Director of the Office of Management and Budg- et. Timely notice of the filing of such an appeal shall be provided by the Director of the Office of Management and Budget to the Committee on Governmental Affairs of the Senate and the Committee on Government Operations of the House of Representatives.

(B) The Director of the Office of Management and Budget may approve a matching agreement notwithstanding the disapproval of a Data In- tegrity Board if the Director determines that—

(i) the matching program will be consistent with all applicable legal, regulatory, and pol- icy requirements;

(ii) there is adequate evidence that the matching agreement will be cost-effective; and (iii) the matching program is in the public

interest.

(C) The decision of the Director to approve a matching agreement shall not take effect until 30 days after it is reported to committees de- scribed in subparagraph (A).

(D) If the Data Integrity Board and the Direc- tor of the Office of Management and Budget dis- approve a matching program proposed by the in- spector general of an agency, the inspector gen- eral may report the disapproval to the head of the agency and to the Congress.

(6) In the reports required by paragraph (3)(D), agency matching activities that are not match- ing programs may be reported on an aggregate basis, if and to the extent necessary to protect ongoing law enforcement or counterintelligence investigations.

(v) OFFICE OF MANAGEMENT AND BUDGET RE- SPONSIBILITIES.—The Director of the Office of Management and Budget shall—

(1) develop and, after notice and opportunity for public comment, prescribe guidelines and regulations for the use of agencies in imple- menting the provisions of this section; and

(2) provide continuing assistance to and oversight of the implementation of this sec- tion by agencies.
(w) APPLICABILITY TO BUREAU OF CONSUMER FI-

NANCIAL PROTECTION.—Except as provided in the Consumer Financial Protection Act of 2010, this section shall apply with respect to the Bureau of Consumer Financial Protection.

(Added Pub. L. 93–579, §3, Dec. 31, 1974, 88 Stat. 1897; amended Pub. L. 94–183, §2(2), Dec. 31, 1975, 89 Stat. 1057; Pub. L. 97–365, §2, Oct. 25, 1982, 96 Stat. 1749; Pub. L. 97–375, title II, §201(a), (b), Dec. 21, 1982, 96 Stat. 1821; Pub. L. 97–452, §2(a)(1), Jan. 12, 1983, 96 Stat. 2478; Pub. L. 98–477, §2(c), Oct. 15, 1984, 98 Stat. 2211; Pub. L. 98–497, title I, §107(g), Oct. 19, 1984, 98 Stat. 2292; Pub. L. 100–503, §§2–6(a), 7, 8, Oct. 18, 1988, 102 Stat. 2507–2514; Pub. L. 101–508, title VII,

page9image3653589840

Page 53 TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES §552a

§ 7201(b)(1), Nov. 5, 1990, 104 Stat. 1388–334; Pub. L. 103–66, title XIII, §13581(c), Aug. 10, 1993, 107 Stat. 611; Pub. L. 104–193, title I, § 110(w), Aug. 22, 1996, 110 Stat. 2175; Pub. L. 104–226, §1(b)(3), Oct. 2, 1996, 110 Stat. 3033; Pub. L. 104–316, title I, §115(g)(2)(B), Oct. 19, 1996, 110 Stat. 3835; Pub. L. 105–34, title X, §1026(b)(2), Aug. 5, 1997, 111 Stat. 925; Pub. L. 105–362, title XIII, §1301(d), Nov. 10, 1998, 112 Stat. 3293; Pub. L. 106–170, title IV, §402(a)(2), Dec. 17, 1999, 113 Stat. 1908; Pub. L. 108–271, §8(b), July 7, 2004, 118 Stat. 814; Pub. L. 111–148, title VI, §6402(b)(2), Mar. 23, 2010, 124 Stat. 756; Pub. L. 111–203, title X, §1082, July 21, 2010, 124 Stat. 2080.)

REFERENCES IN TEXT

Section 552(e) of this title, referred to in subsec. (a)(1), was redesignated section 552(f) of this title by section 1802(b) of Pub. L. 99–570.

Section 6103 of the Internal Revenue Code of 1986, re- ferred to in subsec. (a)(8)(B)(iv), (vii), is classified to section 6103 of Title 26, Internal Revenue Code.

Sections 404, 464, and 1137 of the Social Security Act, referred to in subsec. (a)(8)(B)(iv), are classified to sec- tions 604, 664, and 1320b–7, respectively, of Title 42, The Public Health and Welfare.

For effective date of this section, referred to in sub- secs. (k)(2), (5), (7), (l)(2), (3), and (m), see Effective Date note below.

Section 6 of the Privacy Act of 1974, referred to in subsec. (s)(1), is section 6 of Pub. L. 93–579, which was set out below and was repealed by section 6(c) of Pub. L. 100–503.

For classification of the Privacy Act of 1974, referred to in subsec. (s)(4), see Short Title note below.

The Consumer Financial Protection Act of 2010, re- ferred to in subsec. (w), is title X of Pub. L. 111–203, July 21, 2010, 124 Stat. 1955, which enacted subchapter V (§ 5481 et seq.) of chapter 53 of Title 12, Banks and Bank- ing, and enacted and amended numerous other sections and notes in the Code. For complete classification of this Act to the Code, see Short Title note set out under section 5301 of Title 12 and Tables.

CODIFICATION

Section 552a of former Title 5, Executive Depart- ments and Government Officers and Employees, was transferred to section 2244 of Title 7, Agriculture.

AMENDMENTS

2010—Subsec. (a)(8)(B)(ix). Pub. L. 111–148 added cl. (ix).

Subsec. (w). Pub. L. 111–203 added subsec. (w).

2004—Subsec. (b)(10). Pub. L. 108–271 substituted ‘‘Government Accountability Office’’ for ‘‘General Ac- counting Office’’.

1999—Subsec. (a)(8)(B)(viii). Pub. L. 106–170 added cl. (viii).

1998—Subsec. (u)(6), (7). Pub. L. 105–362 redesignated par. (7) as (6), substituted ‘‘paragraph (3)(D)’’ for ‘‘para- graphs (3)(D) and (6)’’, and struck out former par. (6) which read as follows: ‘‘The Director of the Office of Management and Budget shall, annually during the first 3 years after the date of enactment of this sub- section and biennially thereafter, consolidate in a re- port to the Congress the information contained in the reports from the various Data Integrity Boards under paragraph (3)(D). Such report shall include detailed in- formation about costs and benefits of matching pro- grams that are conducted during the period covered by such consolidated report, and shall identify each waiver granted by a Data Integrity Board of the requirement for completion and submission of a cost-benefit analy- sis and the reasons for granting the waiver.’’

1997—Subsec. (a)(8)(B)(vii). Pub. L. 105–34 added cl. (vii).

1996—Subsec. (a)(8)(B)(iv)(III). Pub. L. 104–193 sub- stituted ‘‘section 404(e), 464,’’ for ‘‘section 464’’.

Subsec. (a)(8)(B)(v) to (vii). Pub. L. 104–226 inserted ‘‘or’’ at end of cl. (v), struck out ‘‘or’’ at end of cl. (vi), and struck out cl. (vii) which read as follows: ‘‘matches performed pursuant to section 6103(l)(12) of the Internal Revenue Code of 1986 and section 1144 of the Social Se- curity Act;’’.

Subsecs. (b)(12), (m)(2). Pub. L. 104–316 substituted ‘‘3711(e)’’ for ‘‘3711(f)’’.

1993—Subsec. (a)(8)(B)(vii). Pub. L. 103–66 added cl. (vii).

1990—Subsec. (p). Pub. L. 101–508 amended subsec. (p) generally, restating former pars. (1) and (3) as par. (1), adding provisions relating to Data Integrity Boards, and restating former pars. (2) and (4) as (2) and (3), re- spectively.

1988—Subsec. (a)(8) to (13). Pub. L. 100–503, §5, added pars. (8) to (13).

Subsec. (e)(12). Pub. L. 100–503, §3(a), added par. (12).

Subsec. (f). Pub. L. 100–503, §7, substituted ‘‘bienni- ally’’ for ‘‘annually’’ in last sentence.

Subsecs. (o) to (q). Pub. L. 100–503, §2(2), added sub- secs. (o) to (q). Former subsecs. (o) to (q) redesignated (r) to (t), respectively.

Subsec. (r). Pub. L. 100–503, §3(b), inserted ‘‘and matching programs’’ in heading and amended text gen- erally. Prior to amendment, text read as follows: ‘‘Each agency shall provide adequate advance notice to Con- gress and the Office of Management and Budget of any proposal to establish or alter any system of records in order to permit an evaluation of the probable or poten- tial effect of such proposal on the privacy and other personal or property rights of individuals or the disclo- sure of information relating to such individuals, and its effect on the preservation of the constitutional prin- ciples of federalism and separation of powers.’’

Pub. L. 100–503, §2(1), redesignated former subsec. (o) as (r).

Subsec. (s). Pub. L. 100–503, § 8, substituted ‘‘Biennial’’ for ‘‘Annual’’ in heading, ‘‘biennially submit’’ for ‘‘an- nually submit’’ in introductory provisions, ‘‘preceding 2 years’’ for ‘‘preceding year’’ in par. (1), and ‘‘such years’’ for ‘‘such year’’ in par. (2).

Pub. L. 100–503, §2(1), redesignated former subsec. (p) as (s).

Subsec. (t). Pub. L. 100–503, § 2(1), redesignated former subsec. (q) as (t).

Subsec. (u). Pub. L. 100–503, § 4, added subsec. (u). Subsec. (v). Pub. L. 100–503, § 6(a), added subsec. (v). 1984—Subsec. (b)(6). Pub. L. 98–497, §107(g)(1), sub-

stituted ‘‘National Archives and Records Administra- tion’’ for ‘‘National Archives of the United States’’, and ‘‘Archivist of the United States or the designee of the Archivist’’ for ‘‘Administrator of General Services or his designee’’.

Subsec. (l)(1). Pub. L. 98–497, §107(g)(2), substituted ‘‘Archivist of the United States’’ for ‘‘Administrator of General Services’’ in two places.

Subsec. (q). Pub. L. 98–477 designated existing provi- sions as par. (1) and added par. (2).

1983—Subsec. (b)(12). Pub. L. 97–452 substituted ‘‘sec- tion 3711(f) of title 31’’ for ‘‘section 3(d) of the Federal Claims Collection Act of 1966 (31 U.S.C. 952(d))’’.

Subsec. (m)(2). Pub. L. 97–452 substituted ‘‘section 3711(f) of title 31’’ for ‘‘section 3(d) of the Federal Claims Collection Act of 1966 (31 U.S.C. 952(d))’’.

1982—Subsec. (b)(12). Pub. L. 97–365, §2(a), added par. (12).

Subsec. (e)(4). Pub. L. 97–375, §201(a), substituted ‘‘upon establishment or revision’’ for ‘‘at least annu- ally’’ after ‘‘Federal Register’’.

Subsec. (m). Pub. L. 97–365, §2(b), designated existing provisions as par. (1) and added par. (2).

Subsec. (p). Pub. L. 97–375, §201(b), substituted provi- sions requiring annual submission of a report by the President to the Speaker of the House and President pro tempore of the Senate relating to the Director of the Office of Management and Budget, individual rights of access, changes or additions to systems of records, and other necessary or useful information, for provi- sions which had directed the President to submit to the

§552a TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES Page 54

Speaker of the House and the President of the Senate, by June 30 of each calendar year, a consolidated report, separately listing for each Federal agency the number of records contained in any system of records which were exempted from the application of this section under the provisions of subsections (j) and (k) of this section during the preceding calendar year, and the reasons for the exemptions, and such other information as indicate efforts to administer fully this section.

1975—Subsec. (g)(5). Pub. L. 94–183 substituted ‘‘to September 27, 1975’’ for ‘‘to the effective date of this section’’.

CHANGE OF NAME

Committee on Governmental Affairs of Senate changed to Committee on Homeland Security and Gov- ernmental Affairs of Senate, effective Jan. 4, 2005, by Senate Resolution No. 445, One Hundred Eighth Con- gress, Oct. 9, 2004.

Committee on Government Operations of House of Representatives treated as referring to Committee on Government Reform and Oversight of House of Rep- resentatives by section 1(a) of Pub. L. 104–14, set out as a note under section 21 of Title 2, The Congress. Com- mittee on Government Reform and Oversight of House of Representatives changed to Committee on Govern- ment Reform of House of Representatives by House Resolution No. 5, One Hundred Sixth Congress, Jan. 6, 1999. Committee on Government Reform of House of Representatives changed to Committee on Oversight and Government Reform of House of Representatives by House Resolution No. 6, One Hundred Tenth Con- gress, Jan. 5, 2007.

EFFECTIVE DATE OF 2010 AMENDMENT

Pub. L. 111–203, title X, §1082, July 21, 2010, 124 Stat. 2080, provided that the amendment made by section 1082 is effective on July 21, 2010.

Pub. L. 111–203, title X, § 1100H, July 21, 2010, 124 Stat. 2113, provided that: ‘‘Except as otherwise provided in this subtitle [subtitle H (§§ 1081–1100H) of title X of Pub. L. 111–203, see Tables for classification] and the amend- ments made by this subtitle, this subtitle and the amendments made by this subtitle, other than sections 1081 [amending section 8G of Pub. L. 95–452, set out in the Appendix to this title, and enacting provisions set out as a note under section 8G of Pub. L. 95–452] and 1082 [amending this section and enacting provisions set out as a note under this section], shall become effective on the designated transfer date.’’

[The term ‘‘designated transfer date’’ is defined in section 5481(9) of Title 12, Banks and Banking, as the date established under section 5582 of Title 12, which is July 21, 2011.]

EFFECTIVE DATE OF 1999 AMENDMENT

Amendment by Pub. L. 106–170 applicable to individ- uals whose period of confinement in an institution commences on or after the first day of the fourth month beginning after December 1999, see section 402(a)(4) of Pub. L. 106–170, set out as a note under sec- tion 402 of Title 42, The Public Health and Welfare.

EFFECTIVE DATE OF 1997 AMENDMENT

Amendment by Pub. L. 105–34 applicable to levies is- sued after Aug. 5, 1997, see section 1026(c) of Pub. L. 105–34, set out as a note under section 6103 of Title 26, Internal Revenue Code.

EFFECTIVE DATE OF 1996 AMENDMENT

Amendment by Pub. L. 104–193 effective July 1, 1997, with transition rules relating to State options to accel- erate such date, rules relating to claims, actions, and proceedings commenced before such date, rules relating to closing out of accounts for terminated or substan- tially modified programs and continuance in office of Assistant Secretary for Family Support, and provisions relating to termination of entitlement under AFDC program, see section 116 of Pub. L. 104–193, as amended,

set out as an Effective Date note under section 601 of Title 42, The Public Health and Welfare.

EFFECTIVE DATE OF 1993 AMENDMENT

Amendment by Pub. L. 103–66 effective Jan. 1, 1994, see section 13581(d) of Pub. L. 103–66, set out as a note under section 1395y of Title 42, The Public Health and Welfare.

EFFECTIVE DATE OF 1988 AMENDMENT

Pub. L. 100–503, §10, Oct. 18, 1988, 102 Stat. 2514, as amended by Pub. L. 101–56, §2, July 19, 1989, 103 Stat. 149, provided that:

‘‘(a) IN GENERAL.—Except as provided in subsections (b) and (c), the amendments made by this Act [amend- ing this section and repealing provisions set out as a note below] shall take effect 9 months after the date of enactment of this Act [Oct. 18, 1988].

‘‘(b) EXCEPTIONS.—The amendment made by sections 3(b), 6, 7, and 8 of this Act [amending this section and repealing provisions set out as a note below] shall take effect upon enactment.

‘‘(c) EFFECTIVE DATE DELAYED FOR EXISTING PRO- GRAMS.—In the case of any matching program (as de- fined in section 552a(a)(8) of title 5, United States Code, as added by section 5 of this Act) in operation before June 1, 1989, the amendments made by this Act (other than the amendments described in subsection (b)) shall take effect January 1, 1990, if—

‘‘(1) such matching program is identified by an agency as being in operation before June 1, 1989; and

‘‘(2) such identification is—
‘‘(A) submitted by the agency to the Committee

on Governmental Affairs of the Senate, the Com- mittee on Government Operations of the House of Representatives, and the Office of Management and Budget before August 1, 1989, in a report which con- tains a schedule showing the dates on which the agency expects to have such matching program in compliance with the amendments made by this Act, and

‘‘(B) published by the Office of Management and Budget in the Federal Register, before September 15, 1989.’’

EFFECTIVE DATE OF 1984 AMENDMENT

Amendment by Pub. L. 98–497 effective Apr. 1, 1985, see section 301 of Pub. L. 98–497, set out as a note under section 2102 of Title 44, Public Printing and Documents.

EFFECTIVE DATE

Pub. L. 93–579, § 8, Dec. 31, 1974, 88 Stat. 1910, provided that: ‘‘The provisions of this Act [enacting this section and provisions set out as notes under this section] shall be effective on and after the date of enactment [Dec. 31, 1974], except that the amendments made by sections 3 and 4 [enacting this section and amending analysis pre- ceding section 500 of this title] shall become effective 270 days following the day on which this Act is en- acted.’’

SHORT TITLE OF 1990 AMENDMENT

Pub. L. 101–508, title VII, §7201(a), Nov. 5, 1990, 104 Stat. 1388–334, provided that: ‘‘This section [amending this section and enacting provisions set out as notes below] may be cited as the ‘Computer Matching and Privacy Protection Amendments of 1990’.’’

SHORT TITLE OF 1989 AMENDMENT

Pub. L. 101–56, § 1, July 19, 1989, 103 Stat. 149, provided that: ‘‘This Act [amending section 10 of Pub. L. 100–503, set out as a note above] may be cited as the ‘Computer Matching and Privacy Protection Act Amendments of 1989’.’’

SHORT TITLE OF 1988 AMENDMENT

Pub. L. 100–503, §1, Oct. 18, 1988, 102 Stat. 2507, pro- vided that: ‘‘This Act [amending this section, enacting

Page 55 TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES §552a

provisions set out as notes above and below, and repeal- ing provisions set out as a note below] may be cited as the ‘Computer Matching and Privacy Protection Act of 1988’.’’

SHORT TITLE OF 1974 AMENDMENT

Pub. L. 93–579, § 1, Dec. 31, 1974, 88 Stat. 1896, provided: ‘‘That this Act [enacting this section and provisions set out as notes under this section] may be cited as the ‘Privacy Act of 1974’.’’

SHORT TITLE

This section is popularly known as the ‘‘Privacy Act’’.

TERMINATION OF REPORTING REQUIREMENTS

For termination, effective May 15, 2000, of reporting provisions in subsec. (s) of this section, see section 3003 of Pub. L. 104–66, as amended, set out as a note under section 1113 of Title 31, Money and Finance, and page 31 of House Document No. 103–7.

DELEGATION OF FUNCTIONS

Functions of Director of Office of Management and Budget under this section delegated to Administrator for Office of Information and Regulatory Affairs by sec- tion 3 of Pub. L. 96–511, Dec. 11, 1980, 94 Stat. 2825, set out as a note under section 3503 of Title 44, Public Printing and Documents.

PUBLICATION OF GUIDANCE UNDER SUBSECTION (p)(1)(A)(ii)

Pub. L. 101–508, title VII, §7201(b)(2), Nov. 5, 1990, 104 Stat. 1388–334, provided that: ‘‘Not later than 90 days after the date of the enactment of this Act [Nov. 5, 1990], the Director of the Office of Management and Budget shall publish guidance under subsection (p)(1)(A)(ii) of section 552a of title 5, United States Code, as amended by this Act.’’

LIMITATION ON APPLICATION OF VERIFICATION REQUIREMENT

Pub. L. 101–508, title VII, §7201(c), Nov. 5, 1990, 104 Stat. 1388–335, provided that: ‘‘Section 552a(p)(1)(A)(ii)(II) of title 5, United States Code, as amended by section 2 [probably means section 7201(b)(1) of Pub. L. 101–508], shall not apply to a program re- ferred to in paragraph (1), (2), or (4) of section 1137(b) of the Social Security Act (42 U.S.C. 1320b–7), until the earlier of—

‘‘(1) the date on which the Data Integrity Board of the Federal agency which administers that program determines that there is not a high degree of con- fidence that information provided by that agency under Federal matching programs is accurate; or

‘‘(2) 30 days after the date of publication of guid- ance under section 2(b) [probably means section 7201(b)(2) of Pub. L. 101–508, set out as a note above].’’

EFFECTIVE DATE DELAYED FOR CERTAIN EDUCATION BENEFITS COMPUTER MATCHING PROGRAMS

Pub. L. 101–366, title II, § 206(d), Aug. 15, 1990, 104 Stat. 442, provided that:

‘‘(1) In the case of computer matching programs be- tween the Department of Veterans Affairs and the De- partment of Defense in the administration of education benefits programs under chapters 30 and 32 of title 38 and chapter 106 of title 10, United States Code, the amendments made to section 552a of title 5, United States Code, by the Computer Matching and Privacy Protection Act of 1988 [Pub. L. 100–503] (other than the amendments made by section 10(b) of that Act) [see Ef- fective Date of 1988 Amendment note above] shall take effect on October 1, 1990.

‘‘(2) For purposes of this subsection, the term ‘match- ing program’ has the same meaning provided in section 552a(a)(8) of title 5, United States Code.’’

IMPLEMENTATION GUIDANCE FOR 1988 AMENDMENTS

Pub. L. 100–503, § 6(b), Oct. 18, 1988, 102 Stat. 2513, pro- vided that: ‘‘The Director shall, pursuant to section

552a(v) of title 5, United States Code, develop guidelines and regulations for the use of agencies in implementing the amendments made by this Act [amending this sec- tion and repealing provisions set out as a note below] not later than 8 months after the date of enactment of this Act [Oct. 18, 1988].’’

CONSTRUCTION OF 1988 AMENDMENTS

Pub. L. 100–503, §9, Oct. 18, 1988, 102 Stat. 2514, pro- vided that: ‘‘Nothing in the amendments made by this Act [amending this section and repealing provisions set out as a note below] shall be construed to authorize—

‘‘(1) the establishment or maintenance by any agen- cy of a national data bank that combines, merges, or links information on individuals maintained in sys- tems of records by other Federal agencies;

‘‘(2) the direct linking of computerized systems of records maintained by Federal agencies;

‘‘(3) the computer matching of records not other- wise authorized by law; or

‘‘(4) the disclosure of records for computer match- ing except to a Federal, State, or local agency.’’

CONGRESSIONAL FINDINGS AND STATEMENT OF PURPOSE

Pub. L. 93–579, § 2, Dec. 31, 1974, 88 Stat. 1896, provided that:

‘‘(a) The Congress finds that—
‘‘(1) the privacy of an individual is directly affected

by the collection, maintenance, use, and dissemina- tion of personal information by Federal agencies;

‘‘(2) the increasing use of computers and sophisti- cated information technology, while essential to the efficient operations of the Government, has greatly magnified the harm to individual privacy that can occur from any collection, maintenance, use, or dis- semination of personal information;

‘‘(3) the opportunities for an individual to secure employment, insurance, and credit, and his right to due process, and other legal protections are endan- gered by the misuse of certain information systems;

‘‘(4) the right to privacy is a personal and fun- damental right protected by the Constitution of the United States; and

‘‘(5) in order to protect the privacy of individuals identified in information systems maintained by Fed- eral agencies, it is necessary and proper for the Con- gress to regulate the collection, maintenance, use, and dissemination of information by such agencies. ‘‘(b) The purpose of this Act [enacting this section

and provisions set out as notes under this section] is to provide certain safeguards for an individual against an invasion of personal privacy by requiring Federal agen- cies, except as otherwise provided by law, to—

‘‘(1) permit an individual to determine what records pertaining to him are collected, maintained, used, or disseminated by such agencies;

‘‘(2) permit an individual to prevent records per- taining to him obtained by such agencies for a par- ticular purpose from being used or made available for another purpose without his consent;

‘‘(3) permit an individual to gain access to informa- tion pertaining to him in Federal agency records, to have a copy made of all or any portion thereof, and to correct or amend such records;

‘‘(4) collect, maintain, use, or disseminate any record of identifiable personal information in a man- ner that assures that such action is for a necessary and lawful purpose, that the information is current and accurate for its intended use, and that adequate safeguards are provided to prevent misuse of such in- formation;

‘‘(5) permit exemptions from the requirements with respect to records provided in this Act only in those cases where there is an important public policy need for such exemption as has been determined by spe- cific statutory authority; and

‘‘(6) be subject to civil suit for any damages which occur as a result of willful or intentional action which violates any individual’s rights under this Act.’’

§552b TITLE 5—GOVERNMENT ORGANIZATION AND EMPLOYEES Page 56

PRIVACY PROTECTION STUDY COMMISSION

Pub. L. 93–579, §5, Dec. 31, 1974, 88 Stat. 1905, as amended by Pub. L. 95–38, June 1, 1977, 91 Stat. 179, which established the Privacy Protection Study Com- mission and provided that the Commission study data banks, automated data processing programs and infor- mation systems of governmental, regional and private organizations to determine standards and procedures in force for protection of personal information, that the Commission report to the President and Congress the extent to which requirements and principles of section 552a of title 5 should be applied to the information practices of those organizations, and that it make other legislative recommendations to protect the pri- vacy of individuals while meeting the legitimate infor- mational needs of government and society, ceased to exist on September 30, 1977, pursuant to section 5(g) of Pub. L. 93–579.

GUIDELINES AND REGULATIONS FOR MAINTENANCE OF PRIVACY AND PROTECTION OF RECORDS OF INDIVIDUALS

Pub. L. 93–579, §6, Dec. 31, 1974, 88 Stat. 1909, which provided that the Office of Management and Budget shall develop guidelines and regulations for use of agencies in implementing provisions of this section and provide continuing assistance to and oversight of the implementation of the provisions of such section by agencies, was repealed by Pub. L. 100–503, § 6(c), Oct. 18, 1988, 102 Stat. 2513.

DISCLOSURE OF SOCIAL SECURITY NUMBER

Pub. L. 93–579, § 7, Dec. 31, 1974, 88 Stat. 1909, provided that:

‘‘(a)(1) It shall be unlawful for any Federal, State or local government agency to deny to any individual any right, benefit, or privilege provided by law because of such individual’s refusal to disclose his social security account number.

‘‘(2) the [The] provisions of paragraph (1) of this sub- section shall not apply with respect to—

‘‘(A) any disclosure which is required by Federal statute, or

‘‘(B) the disclosure of a social security number to any Federal, State, or local agency maintaining a system of records in existence and operating before January 1, 1975, if such disclosure was required under statute or regulation adopted prior to such date to verify the identity of an individual.

‘‘(b) Any Federal, State, or local government agency which requests an individual to disclose his social secu- rity account number shall inform that individual whether that disclosure is mandatory or voluntary, by what statutory or other authority such number is solic- ited, and what uses will be made of it.’’

AUTHORIZATION OF APPROPRIATIONS TO PRIVACY PROTECTION STUDY COMMISSION

Pub. L. 93–579, §9, Dec. 31, 1974, 88 Stat. 1910, as amended by Pub. L. 94–394, Sept. 3, 1976, 90 Stat. 1198, authorized appropriations for the period beginning July 1, 1975, and ending on September 30, 1977.

EX. ORD. NO. 9397. NUMBERING SYSTEM FOR FEDERAL ACCOUNTS RELATING TO INDIVIDUAL PERSONS

Ex. Ord. No. 9397, Nov. 22, 1943, 8 F.R. 16095, as amend- ed by Ex. Ord. No. 13478, §2, Nov. 18, 2008, 73 F.R. 70239, provided:

WHEREAS certain Federal agencies from time to time require in the administration of their activities a system of numerical identification of accounts of indi- vidual persons; and

WHEREAS some seventy million persons have here- tofore been assigned account numbers pursuant to the Social Security Act; and

WHEREAS a large percentage of Federal employees have already been assigned account numbers pursuant to the Social Security Act; and

WHEREAS it is desirable in the interest of economy and orderly administration that the Federal Govern-

ment move towards the use of a single, unduplicated numerical identification system of accounts and avoid the unnecessary establishment of additional systems:

NOW, THEREFORE, by virtue of the authority vested in me as President of the United States, it is hereby or- dered as follows:

1. Hereafter any Federal department, establishment, or agency may, whenever the head thereof finds it ad- visable to establish a new system of permanent account numbers pertaining to individual persons, utilize the Social Security Act account numbers assigned pursu- ant to title 20, section 422.103 of the Code of Federal Regulations and pursuant to paragraph 2 of this order.

2. The Social Security Administration shall provide for the assignment of an account number to each per- son who is required by any Federal agency to have such a number but who has not previously been assigned such number by the Administration. The Administra- tion may accomplish this purpose by (a) assigning such numbers to individual persons, (b) assigning blocks of numbers to Federal agencies for reassignment to indi- vidual persons, or (c) making such other arrangements for the assignment of numbers as it may deem appro- priate.

3. The Social Security Administration shall furnish, upon request of any Federal agency utilizing the nu- merical identification system of accounts provided for in this order, the account number pertaining to any person with whom such agency has an account or the name and other identifying data pertaining to any ac- count number of any such person.

4. The Social Security Administration and each Fed- eral agency shall maintain the confidential character of information relating to individual persons obtained pursuant to the provisions of this order.

5. There shall be transferred to the Social Security Administration, from time to time, such amounts as the Director of the Office of Management and Budget shall determine to be required for reimbursement by any Federal agency for the services rendered by the Ad- ministration pursuant to the provisions of this order.

6. This order shall be implemented in accordance with applicable law and subject to the availability of appro- priations.

7. This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforce- able at law or in equity, by any party against the United States, its departments, agencies, instrumental- ities, or entities, its officers, employees, or agents, or any other person.

8. This order shall be published in the Federal Reg- ister.

CLASSIFIED NATIONAL SECURITY INFORMATION

For provisions relating to a response to a request for information under this section when the fact of its ex- istence or nonexistence is itself classified or when it was originally classified by another agency, see Ex. Ord. No. 13526, §3.6, Dec. 29, 2009, 75 F.R. 718, set out as a note under section 435 of Title 50, War and National Defense.

§ 552b. Open meetings

(a) For purposes of this section—
(1) the term ‘‘agency’’ means any agency, as

defined in section 552(e)1 of this title, headed by a collegial body composed of two or more individual members, a majority of whom are appointed to such position by the President with the advice and consent of the Senate, and any subdivision thereof authorized to act on behalf of the agency;

(2) the term ‘‘meeting’’ means the delibera- tions of at least the number of individual agency members required to take action on

1 See References in Text note below.

page13image3668216144

https://legal.trustpilot.com/for-reviewers/end-user-privacy-terms

https://www.beveg.com/manufacturing-facilities-private-label-certification/

Who we are

https://dashboard.stripe.com/payment-links

Suggested text: Our website address is: https://staging-1184-madcitymultimedia.wpcomstaging.com.

Comments

https://ffm.bio/eem2dm0

https://www.uspto.gov/privacy-policy

Suggested text: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

Suggested text: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

https://id.me/washingt on-privacy

Embedded content from other websites

Suggested text: Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

Suggested text: If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

Suggested text: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

Suggested text: If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Suggested text: Visitor comments may be checked through an automated spam detection service.

https://www.copyright.gov/legislation/dmca.pdf

https://www.pay.gov/public/a/myaccount/myforms/attachment/view/277VUAF8

https://www.id.me/ter ms

Privacy Policy

Thank you for visiting the United States Patent and Trademark Office (USPTO) website and reviewing our privacy policy. Our privacy policy is simple: we collect no personal information about you when you visit our website unless you choose to provide that information to us.

Submitting personal information is voluntary. When you voluntarily submit information, it constitutes your consent to the use of the information for the purposes stated at the time of collection. See the Privacy Act of 19 74 for more information on your rights under the Privacy Act. Except for the purposes described below, no other attempts are made to identify individual users while on the USPTO website. Here is how we handle information about your visit to our website:

www.madcitymultimedia.com

Information collected and stored automatically

USPTO web servers automatically collect and save the default information customarily logged by web server software. Specifically, the date and time, the originating IP address, the object requested, and the completion status of the request is collected and saved for each http request received by the server. We also use an authorized Google Analytics agent to collect comparable information on our behalf.

On a monthly or more-frequent basis, we review this information to determine the traffic through the servers in hits, the number of pages served, and the level of demand for pages of interest. We may also analyze accesses to particular pages to determine U.S. versus non-U.S. use, government agency versus private use, and other statistics that may be of value to us in establishing priorities and allocating resources in order to better accomplish our mission. Analysis of this information may also help identify problem areas of the website or to improve overall service. Information is retained as long as necessary to perform useful analysis.

For site security purposes and to ensure that USPTO web services remain available to all users, USPTO monitors network traffic to identify unauthorized attempts to upload or change information or otherwise cause damage. Unauthorized attempts to upload information or change information on this service are strictly prohibited and subject to prosecution under the Computer Fraud and Abuse Act of 1986 and Title 18 U.S.C. Sec.1001 and 1030. Information also may be used for authorized law enforcement investigations.

Use of cookies and tracking technology

The Office of Management and Budget Memorandum M-10-22, Guidance for Online Use of Web Measurement and Customization Technologiesdefines conditions under which federal agencies may use session and persistent cookies, and categorizes them in “tiers” to identify their characteristics. You may control permissions for cookies on this or any other website by adjusting your individual browser settings for customized privacy protection – see http://www.usa.gov/optout_instructions.shtm l for helpful guidance.

Session cookies

Session cookies are also known as memory-resident cookies. These cookies are not stored on your computer’s hard drive, and are removed when you complete your session or exit the site. We use session cookies for some applications to improve their usability and ensure session integrity. No personal information is gathered.

USPTO sites and applications that use “Tier 1” session cookies include the subscription center and the customer satisfaction survey. Our site-wide search is conducted through Search.gov, an external site, which also uses a session cookie.

Persistent cookies

Persistent cookies remain on your computer’s hard drive after you complete an activity. On www.uspto.g ov, we use “Tier 2” persistent cookies to help us recognize new and returning visitors, but no personally identifiable information is gathered. If you block a persistent cookie, you are not prevented from using the USPTO website in any way.

We use persistent cookies in association with an authorized customer satisfaction survey conducted by a third party, Q ualtrics. If you are randomly selected to participate in this survey, a persistent cookie is stored on your computer’s hard drive for 30 days to preclude a new invitation during that time.

We also use persistent cookies to enable the Goog le Analytics program to measure how new and returning visitors use the USPTO website over time.

Email

Email submitted to USPTO is saved in accordance to Department of Commerce policy and NARA guidelines. If you choose to provide us with personal information in email, we use that information to respond to your message and to help us get you the information you have requested. We do not collect personal information for any purpose other than to respond to you. We only share the information you give us with another government agency if your inquiry relates to that agency, or as otherwise required by law. Moreover, we do not store any personal information independent of the email message, create individual profiles with the information you provide, or give it to any private organizations. We do not collect information for commercial marketing.

The USPTO may offer the use of third-party email services as a convenience. If you choose to use such a service, information about you may be independently collected by the third party. We will clearly note this distinction wherever the service is offered on its website and remind you that your participation is voluntary.

Blog comments

If you choose to submit a blog comment, only personal information that you voluntarily provide as part of the comment will be revealed. All comments are moderated, and only those that comply with USPTO Terms of Use policy will be publicly posted. The USPTO will not edit or alter individual comments. If you simply visit a blog page, your visit will be recorded for statistical purposes, as with other areas of our website.

Surveys

While visiting www.uspto .gov, you may be asked to participate in a survey conducted by an authorized third party, Qualtrics. This randomized survey is voluntary. No personal information is collected unless you choose to provide it as part of a comment or to complete the survey. Survey data is retained as long as needed to permit accurate analysis, produce summary reports, and monitor overall trends. If you choose not to participate in the survey, you are not prevented from using the USPTO website in any other way. If you wish to provide feedback without taking the survey, you may send an email directly to feedback@uspto.gov. If you have an immediate concern, please refer to the Contact u s page. See additional notes under “Use of cookies and tracking technologies” above.

Kids pages

We are especially concerned about protecting the privacy of children. We hope parents and teachers are involved in children’s internet explorations. We respect the need to protect the identity of any children who participate in an internet exhibition of their work. We do not request any information from children on the Kids pages. We do, however, sometimes encourage them to participate in contests, but such participation is often carried out through post mail.

Links to other sites

Our webpages may contain links to websites outside the USPTO, including those of other federal agencies, international sites, and private organizations. In some cases, the USPTO may have an official presence on an external site that we’ve engaged to serve a specific function. Be aware that whenever you follow a link to another site, you are subject to the privacy policy of that site.https://www2.census.gov/about/partners/cac/2030-cac-charter.pdf

Privacy Act systems of records

Where a USPTO website requests information that will be stored in a Privacy Act system of records, an individual Privacy Act statement is provided. Should there ever be a need to use information for a purpose other than one already provided for under the Privacy Act, we will give you specific instructions on how you may consent to such use. You are never required to give such consent.

Information stored in any Privacy Act system of records is handled as set forth in the applicable systems of records notice in order to preserve its security and confidentiality. Privacy Act systems of records notices are available on the G overnment Publishing Office website.

Access the USPTO Systems of Records Notices

To seek access to records about you maintained in USPTO systems of records under the Privacy Act,please use the instructions provided on the Freedom of Information Act (FOIA) webpage. The USPTO allows users to request records, provide proof of identity, and receive records electronically (unless a user prefers otherwise).

Privacy Impact Assessments

OMB Circular A-11, Exhibit 300 Privacy Impact Asses sments

Chief privacy officer

The chief inf ormation officer serves as the chief privacy officer for the USPTO and may be contacted for concerns and issues related to this privacy policy.

Department of Commerce Privacy Program

The USPTO participates in the Department of Commerce Privacy Program.

To our customers

Protect yourself against identity theft

When filing documentation in support of applications or petitions, please take steps to protect your personal information. “Personal information” includes social security, credit card, and bank account numbers. To support a petition or application, the USPTO never requires this type of personal data within the body of the petition or application. To protect your privacy, you should delete such information from any documentation that you send to the USPTO except when submitting the Credit Card Payment Form (PTO-2038). If using a USPTO electronic form where a fee is required, take care to enter the payment information (such as a credit card number) only in the specific secure payment portion of the form.

Patent and trademark public data is available directly through the USPTO website, including in bulk format. As public data, it may be disseminated from other websites as well.

All patent application files are published and made available to the public 18 months from the filing date, unless the application includes a nonpublication request. (See MPEP Sections 7 24. 02-724.06 for details on making a nonpublication request.) Also, all patent application files will become available to the public upon the grant of the patent. For patents, if you have questions about what information may be published and how to remove the material from documents you plan to submit to the USPTO, please call the Inventors Assistance Centerat 1 -800-786-9199 or 571-272-1000.

Trademark applications are available to the public within a week of their submission. For questions about public information on Trademark applications, please refer to the filing instructions or contact the Trademark Assistance Center at 1-8 00-786-9199 or via email at Trad e mark

AssistanceCenter@uspto.gov.

[Change History]

4/5/2018 – changed Privacy Act link to Commerce.gov from Justice.gov
12/7/2010 – updated information concerning persistent cookies, external sites, and surveys.
2/9/2011 – added information related to the use of Google Analytics and external sites.
10/30/2017 – added Department of Commerce Privacy Program section
11/1/2018 – added chief privacy officer information

Privacy Act of 1974

USPTO Systems of Records Notices (SORNs)

A list of formal notices to the public regarding records from which information is retrieved by personal identifiers.

Terms of Use for USPT O websites

Policy and guidance on the use of USPTO websites and associated materials and services.

Privacy Policy

Submitting personal information is voluntary. When you voluntarily submit information, it constitutes your consent to the use of the information for the purposes stated at the time of collection. See the Privacy Act of 1 974 for more information on your rights under the Privacy Act. Except for the purposes described below, no other attempts are made to identify individual users while on the USPTO website. Here is how we handle information about your visit to our website:

Information collected and stored automatically

USPTO web servers automatically collect and save the default information customarily logged by web server software. Specifically, the date and time, the originating IP address, the object requested, and the completion status of the request is collected and saved for each http request received by the server. We also use an authorized Google Analyti cs agent to collect comparable information on our behalf.

Use of cookies and tracking technology

Session cookies

Persistent cookies

Persistent cookies remain on your computer’s hard drive after you complete an activity. On ww w.uspto.gov, we use “Tier 2” persistent cookies to help us recognize new and returning visitors, but no personally identifiable information is gathered. If you block a persistent cookie, you are not prevented from using the USPTO website in any way.

We use persistent cookies in association with an authorized customer satisfaction survey conducted by a third party, Qualt rics. If you are randomly selected to participate in this survey, a persistent cookie is stored on your computer’s hard drive for 30 days to preclude a new invitation during that time.

We also use persistent cookies to enable the Go ogle Analytics program to measure how new and returning visitors use the USPTO website over time.

Email

Blog comments

Surveys

While visiting www.uspto.gov, you may be asked to participate in a survey conducted by an authorized third party, Qualtrics. This randomized survey is voluntary. No personal information is collected unless you choose to provide it as part of a comment or to complete the survey. Survey data is retained as long as needed to permit accurate analysis, produce summary reports, and monitor overall trends. If you choose not to participate in the survey, you are not prevented from using the USPTO website in any other way. If you wish to provide feedback without taking the survey, you may send an email directly to feedback@uspto.gov. If you have an immediate concern, please refer to the Contact us page. See additional notes under “Use of cookies and tracking technologies” above.

Kids pages

We are especially concerned about protecting the privacy of children. We hope parents and teachers are involved in children’s internet explorations. We respect the need to protect the identity of any children who participate in an internet exhibition of their work. We do not request any information from children on the Kid s pages. We do, however, sometimes encourage them to participate in contests, but such participation is often carried out through post mail.

Links to other sites

Privacy Act systems of records

Access the USPTO Syste ms of Records Notices

Privacy Impact Assessments

OMB Circular A-11, Exhibit 300 Privacy Impact Assessment s

Chief privacy officer

The chief inf ormation officer serves as the chief privacy officer for the USPTO and may be contacted for concerns and issues related to this privacy policy.

Department of Commerce Privacy Program

The USPTO participates in the Department of Commerce Privacy Program.

To our customers

Protect yourself against identity theft

Patent and trademark public data is available directly through the USPTO website, including in bulk format. As public data, it may be disseminated from other websites as well.

All patent application files are published and made available to the public 18 months from the filing date, unless the application includes a nonpublication request. (See MP EP Sections 724. 02-724.06 for details on making a nonpublication request.) Also, all patent application files will become available to the public upon the grant of the patent. For patents, if you have questions about what information may be published and how to remove the material from documents you plan to submit to the USPTO, please call the Inventors Assistance Centerat 1-800-786-9199 or 571-272-1000.