INTERIOR/NPS-24, Commercial Use Authorization (CUA) System

78 FR 20944 (April 8, 2013); Modification published 86 FR 50156 (September 7, 2021)
============================================================================================================
 
DEPARTMENT OF THE INTERIOR
 
National Park Service
 
[NPS–WASO–CONC–11968 PPWOBSADC0, PPMVSCS1Y.Y00000]
 
Privacy Act of 1974, as Amended; Notice of a New System of Records
 
AGENCY:  National Park Service, Interior.
 
ACTION:  Notice of creation of a new system of records.
-------------------------------------------------------------------------------------------------------------------------------------------------------------
SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as amended, the Department of the Interior (DOI) is issuing a public notice of its intent to create the National Park Service (NPS) ‘‘Commercial Use Authorization (CUA) System—NPS-24’’ system of records. The system allows NPS employees to manage the NPS Commercial Services Program allowing commercial uses and to monitor resources within a unit of the National Park System. The system of records will also allow the NPS to provide to the public the description and contact information for businesses that provide services in national parks.
 
DATES: Comments must be received by May 20, 2013.
 
ADDRESSES: Any person interested in commenting on this notice may do so by: submitting comments in writing to Felix Uribe, National Park Service Privacy Act Officer, 1849 C Street NW., Mail Stop 2550, Washington, DC 20240; hand-delivering comments to Felix Uribe, National Park Service Privacy Act Officer, 1201 Eye Street NW., Washington, DC 20005; or emailing comments to Felix_Uribe@nps.gov
 
FOR FURTHER INFORMATION CONTACT: Chief, Commercial Services Program,  NPS, 1849 C Street NW., Mail Stop 2410, Washington, DC 20240; or by telephone at (202) 513-7156.
 
SUPPLEMENTARY INFORMATION: 
 
I. Background 
The Department of the Interior (DOI), National Park Service (NPS) maintains the ‘‘Commercial Use Authorization (CUA) System—NPS-24’’ system of records. The purpose of this system is to manage the NPS Commercial Services Program allowing commercial uses within a unit of the National Park System, and to monitor resources that are or may be affected by the authorized commercial uses. The system will also be used to protect the natural and cultural resources of the national parks and will provide the public the description and contact information for businesses that provide services in national parks.
 
The system will be effective as proposed at the end of the comment period (the comment period will end 40 days after the publication of this notice in the Federal Register), unless comments are received which would require a contrary determination. DOI will publish a revised notice if changes are made based upon a review of the comments received.
 
II. Privacy Act 
The Privacy Act of 1974, as amended, embodies fair information principles in a statutory framework governing the means by which Federal Agencies collect, maintain, use, and disseminate individuals’ personal information. The Privacy Act applies to information that is maintained in a ‘‘system of records.’’ A ‘‘system of records’’ is a group of any records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. The Privacy Act defines an individual as a U.S. citizen or lawful permanent resident. As a matter of policy, DOI extends administrative Privacy Act protections to all individuals. Individuals may request access to their own records that are maintained in a system of records in the possession or under the control of DOI by complying with DOI Privacy Act regulations, 43 CFR part 2. 
 
The Privacy Act requires each agency to publish in the Federal Register a description denoting the type and character of each system of records that the agency maintains, the routine uses that are contained in each system in order to make agency record keeping practices transparent, to notify individuals regarding the uses of their records, and to assist individuals to more easily find such records within the agency. Below is the description of the NPS ‘‘Commercial Use Authorization (CUA) System—NPS-24’’ system of records.
 
In accordance with 5 U.S.C. 552a(r), DOI has provided a report of this system of records to the Office of Management and Budget and to Congress.
 
III. Public Disclosure 
Before including your address, phone number, email address, or other personal identifying information in your comment, you should be aware that your entire comment including your personal identifying information may be made publicly available at any time. While you can ask us in your comment to withhold your personal identifying information from public review, we cannot guarantee that we will be able to do so.
 
Dated: March 19, 2013.
Felix Uribe,
Privacy Act Officer, National Park Service.
 
SYSTEM NAME:
Commercial Use Authorization (CUA) System—NPS-24. 
 
SYSTEM LOCATION:
This system is located at the Commercial Services Program, NPS, 1201 Eye Street NW., 11th Floor, Washington, DC 20005. Records may also be located at the NPS regional and field offices responsible for issuing the commercial use authorization. 
 
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by the system include applicants of commercial use authorizations, and holders of commercial use authorizations for the purpose of conducting business within units of the National Park System. This system contains records concerning corporations and other business entities, which are not subject to the Privacy Act. However, records pertaining to individuals acting on behalf of corporations and other business entities may reflect personal information.
 
CATEGORIES OF RECORDS IN THE SYSTEM:
The system contains:
  • (1) Applications for commercial use authorization and may include name, address, telephone number, email address, social security number, business name, service offered by business, CUA number, employer’s identification number, state business license number, person’s position title; information on a business operated vehicle including make of vehicle, make of aircraft, make of watercraft, model, year, tail number, length; and data describing an event involving any conviction or fines for violations of Federal, state, or local law including date of violation, name of business or person charged, law or regulation violated and Federal, state, or municipality agency that initiated the charges, and reportable injuries; and
  • (2) Financial and operating reports on operations within units of the National Park System containing name, address, telephone number, internet address, and email address.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
16 U.S.C. 5966, Commercial Use Authorizations.
 
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
The system contains:
  • (1) To assist NPS employees in managing the NPS Commercial Services program allowing commercial uses within a unit of the National Park System to ensure that business activities are conducted in a manner that complies with Federal laws and regulations; 
  • (2) To monitor resources that are or may be affected by the authorized commercial uses within a unit of the National Park System; 
    (3) To track applicants and holders of commercial use authorizations who are planning to conduct or are conducting business within units of the National Park System; and 
    (4) To provide to the public the description and contact information for businesses that provide services in national parks.

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, disclosures outside DOI may be made as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows: 

  • (1)(a) To any of the following entities or individuals, when the circumstances set forth in paragraph (b) are met:
    • (i)  The U.S. Department of Justice (DOJ);
    • (ii)  A court or an adjudicative or other administrative body;
    • (iii) A party in litigation before a court or an adjudicative or other administrative body; or
    • (iv) Any Department employee acting in his or her individual capacity if DOI or DOJ has agreed to represent that employee or pay for private representation of the employee;
  • (b) When:
    • (i)  One of the following is a party to the proceeding or has an interest in the proceeding:
      • (A)  DOI or any component of DOI;
      • (B)  Any other federal agency appearing before the Office of Hearings and Appeals;
      • (C)  Any DOI employee acting in his or her official capacity;
      • (D)  Any DOI employee acting in his or her individual capacity if DOI or DOJ has agreed to represent that employee or pay for private representation of the employee;
      • (E)  The United States, when DOJ determines that DOI is likely to be affected by the proceeding; and
    • (ii)  DOI deems the disclosure to be:
      • (A)  Relevant and necessary to the proceeding; and
      • (B)  Compatible with the purpose for which the records were compiled.
  • (2) To a congressional office in response to a written inquiry that an individual covered by the system, or the heir of such individual if the covered individual is deceased, has made to the office.
  • (3) To any criminal, civil, or regulatory law enforcement authority (whether Federal, state, territorial, local, tribal or foreign) when a record, either alone or in conjunction with other information, indicates a violation or potential violation of law—criminal, civil, or regulatory in nature, and the disclosure is compatible with the purpose for which the records were compiled.
  • (4) To an official of another Federal agency to provide information needed in the performance of official duties related to reconciling or reconstructing data files or to enable that agency to respond to an inquiry by the individual to whom the record pertains.
  • (5) To Federal, state, territorial, local, tribal, or foreign agencies that have requested information relevant or necessary to the hiring, firing or retention of an employee or contractor, or the issuance of a security clearance, license, contract, grant or other benefit, when the disclosure is compatible with the purpose for which the records were compiled.
  • (6) To representatives of the National Archives and Records Administration to conduct records management inspections under the authority of 44 U.S.C. 2904 and 2906.
  • (7) To state and local governments and tribal organizations to provide information needed in response to court order and/or discovery purposes related to litigation, when the disclosure is compatible with the purpose for which the records were compiled.
  • (8) To an expert, consultant, or contractor (including employees of the contractor) of DOI that performs services requiring access to these records on DOI’s behalf to carry out the purposes of the system.
  • (9) To appropriate agencies, entities, and persons when:
    • (a)  It is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; and
    • (b)  DOI has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interest, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the 
      DOI or another agency or entity) that rely upon the compromised information;
    • (c)  The disclosure is made to such agencies, entities and persons who are reasonably necessary to assist in connection with the DOI's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
  • (10) To the Office of Management and Budget (OMB) during the coordination and clearance process in connection with legislative affairs as mandated by OMB Circular A-19.
    (11) To the Department of the Treasury to recover debts owed to the United States.
    (12) To the news media when the disclosure is compatible with the purpose for which the records were compiled.
    (13) To a consumer reporting agency if the disclosure requirements of the Debt Collection Act, as outlined at 31 U.S.C. 3711(e)(1), have been met. 
  • (14) To Federal, state and local governments, tribal organizations, and members of the general public upon request for names, addresses and phone numbers of CUA holders conducting business within units of the National Park System for the purpose of informing the public of the availability of the services offered by the CUA holder.
  • (15) To another Federal agency or Federal entity, when DOI determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in:
    • (a) Responding to a suspected or confirmed breach; or
    • (b) Preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND DISPOSING OF RECORDS IN THE SYSTEM:
 
STORAGE:
Paper records are contained in file folders stored within filing cabinets. Electronic records are maintained in computers, computer databases, email, and electronic media such as removable drives, magnetic disk, diskette, and computer tapes. 
 
RETRIEVABILITY: 
Records in this system are retrieved by various fields including the name of CUA holder, by the service offered, CUA number or keyword search. 
 
SAFEGUARDS:
The records contained in this system are safeguarded in accordance with 43 CFR 2.226 and other applicable security rules and policies. Paper records are maintained in locked file cabinets located in secured rooms or DOI facilities. 
 
Access to DOI networks and records in the CUA system requires a valid username and password, and is limited to DOI personnel who have a need to know the information for the  performance of their official duties. Computers and storage media are encrypted in accordance with DOI security policy. Computers containing files are password protected to restrict unauthorized access. The computer servers in which electronic records are stored are located in secured DOI facilities. Personnel authorized to access systems must complete all Security, Privacy, and Records Management  training and sign the DOI Rules of Behavior. 
 
RETENTION AND DISPOSAL:
Records in this system are retained in accordance with the National Park Service Records Schedule for Commercial Visitor Services, which has been approved by the National Archives and Records Administration (Job No. N1-79-08-4). The disposition is temporary. Retention of records that document substantive decisions, actions, and activities relating to closure, concessions, fees, licensing, labor, performance, and other commercial activities are destroyed or deleted 15 years after closure. 
 
Paper records are disposed of by shredding or pulping, and records contained on electronic media are degaussed or erased in accordance with 384 Departmental Manual 1. 
 
SYSTEM MANAGER AND ADDRESS:
Chief, Commercial Services Program, NPS, Department of the Interior, 1849 C Street NW., Mail Stop 2410, Washington, DC 20240.
 
NOTIFICATION PROCEDURES:
An individual requesting notification of the existence of records on himself or herself should send a signed, written inquiry to the System Manager identified above. The request envelope and letter should both be clearly marked ‘‘PRIVACY ACT INQUIRY.’’ A request for notification must meet the requirements of 43 CFR 2.235.  
 
RECORDS ACCESS PROCEDURES:
An individual requesting records on himself or herself should send a signed, written inquiry to the System Manager identified above. The request should describe the records sought as specifically as possible. The request envelope and letter should both be clearly marked ‘‘PRIVACY ACT REQUEST FOR ACCESS.’’ A request for  access must meet the requirements of 43 CFR 2.238. 
 
CONTESTING RECORD PROCEDURES:
An individual requesting corrections or the removal of material from his or her records should send a signed, written request to the System Manager identified above. A request for corrections or removal must meet the requirements of 43 CFR 2.246. 
 
RECORD SOURCE CATEGORIES:
Records in the CUA system are obtained from: 
  • (1) Applicants of CUAs; and
  • (2) holders of CUAs. 
EXEMPTIONS CLAIMED FOR THE SYSTEM:
None.

Was this page helpful?

Please provide a comment