INTERIOR/OS-10, Electronic Email Archive System (EEAS)

68 FR 4220, (January 28, 2003); Modification published 73 FR 8342 (February 13, 2008) and 86 FR 50156 (September 7, 2021)
=============================================================================================================
 
DEPARTMENT OF THE INTERIOR 
 
Office of the Secretary Privacy Act of 1974: As Amended; Revision to an Existing System of Records 
 
AGENCY:  Office of the Secretary, Department of the Interior.
 
ACTION:  Proposed revisions to an existing system of records. 
---------------------------------------------------------------------------------------------------------------------------------------------------------------
SUMMARY:  Under the Privacy Act of 1974, as amended (5 U.S.C. 552a), the Department of the Interior is issuing public notice of its intent to modify an existing Privacy Act system of records notice managed by the Office of the Secretary entitled the ‘‘Electronic Email Archive System (EEAS)’’, Interior—OS– 10 (67 FR 46202–46203, dated July 12, 2002). The revisions will update the ‘‘Categories of individuals covered by the system’’ section. 
 
EFFECTIVE DATE:  These actions will be effective January 28, 2003. 
 
FOR FURTHER INFORMATION CONTACT:  For more information on the EEAS system and its requirements, please contact Regina Lawrence, Office of the Chief Information Officer, Department of the Interior at 202–208–5413, or mail at MS–5312–MIB, 1849 C St. NW., Washington, DC 20240. 
 
SUPPLEMENTARY INFORMATION:  In this notice, the Department of the Interior is proposing to add additional Departmental bureaus/offices that will be participating in the EEAS to the ‘‘Categories of individuals covered by the system’’ section. These additional bureaus/offices are the Office of Surface Mining, the Bureau of Reclamation, and the National Business Center. These bureaus/offices are being added because they may also send or receive email with information related to Indian Trust programs. The EEAS was developed as a way to respond to information requests from the Court in the Cobell et al. v. Norton, et al., Federal District Court Case No. 1:96CV01285 litigation. Thus, the Department of the Interior proposes to amend EEAS, Interior—OS– 10 to read as follows: 
 
Dated: January 23, 2003. 
Marilyn A. Legnini, 
Departmental Privacy Act Officer. 
 
INTERIOR/OS–10 
 
SYSTEM NAME:
Electronic Email Archive System (EEAS). 
 
SECURITY CLASSIFICATION: 
Sensitive, but unclassified. 
 
SYSTEM LOCATION: 
The records of this system are located at a digital safe site at a location managed by the contractor for the Department of the Interior. Only information maintained at this site by the contractor is considered a Privacy Act system of records covered by this notice.
 
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: 
The system contains information on individuals who send and receive electronic messages using Internet email and interoffice email from and to those Departmental bureaus/offices involved with Indian Trust programs, and those individuals who are referred to in the electronic messages. These bureaus/ offices are as follows: Office of the Solicitor; Bureau of Indian Affairs; Office of the Special Trustee for American Indians; Office of the Assistant Secretary—Indian Affairs; Bureau of Land Management; Office of the Assistant Secretary—Policy, Management, and Budget; Office of Hearings and Appeals; Office of Historical Trust Accounting; Office of the Secretary; the Minerals Management Service; the United States Geological Survey; the National Park Service; and the U.S. Fish and Wildlife Service. The following bureau/offices are being added to the EEAS because the Court is concerned that they may send or receive email containing individual Indian Trust related information: the Office of Surface Mining; the Bureau of Reclamation; and the National Business Center.
 
CATEGORIES OF RECORDS IN THE SYSTEM: 
Records include information from Internet email and interoffice email, including address of sender and receiver(s), subject, date sent or received, text of the message, name of attachment, attachment text, and certification status. The name and email address of the sender and receiver are captured along with the bcc, cc, subject line, and text of the message.
 
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
 5 U.S.C. 301, 43 CFR part 1455, and 40 CFR part 1441.
 
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: 
The system’s main purpose is to respond to requests from the federal district court in Cobell v. Norton regarding information about individual Indian Trust programs that is embodied in email communication. 
 
Disclosures outside the Department of the Interior can be made to: 
  • (a)  Contractors who service and maintain the system for the Department, ensuring that all provisions of the Privacy Act, and all other applicable laws, regulations, and policies relating to contracting and record security are met. 
  • (b)  Another Federal agency to enable that agency to respond to an inquiry by the individual to whom the record pertains. 
  • (c) (1) To any of the following entities or individuals. 
      • (A) The Department of Justice (DOJ), or 
      • (B) To a court, adjudicative or other administrative body, or 
      • (C) To a party in litigation before a court or adjudicative or administrative body, or 
      • (D) The Department or any component of the Department, or 
      • (E) Any Department employee acting in his or her official capacity, or 
      • (F) Any Departmental employee acting in his or her individual capacity if the Department or the DOJ has agreed to represent that employee or pay for private representation of the employee, 
    • (2) When: 
      • (A) One of the following is a party to the proceeding or has an interest in the proceeding: 
        • (i) The Department or any component of the Department; 
        • (ii) Any Department employee acting in his or her official capacity; 
        • (iii) Any Departmental employee acting in his or her individual capacity if the Department or the DOJ has agreed to represent that employee or pay for private representation of the employee; (iv) The United States, when the DOJ determines that the Department is likely to be affected by the proceeding; and 
      • (B) The Department deems the disclosure to be: 
        • (i) Relevant and necessary to the proceeding; and 
        • (ii) Compatible with the purposes for which the records were compiled. 
  • (d) To appropriate agencies, entities, and persons when:
    • (1) It is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; and
    • (2) The Department has determined that as a result of the suspected or confirmed compromise, there is a risk of harm to economic or property interest, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the compromised information; and
    • (3) The disclosure is made to such agencies, entities and persons who are reasonably necessary to assist in connection with the Department’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
  • (e) To another Federal agency or Federal entity, when DOI determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in:
    • (1) Responding to a suspected or confirmed breach; or
    • (2) Preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM: 

STORAGE: 
Information in this system of records is maintained in electronic format on a system hard drive. 
 
RETRIEVABILITY
This specific system has the capability of performing searches through email archive information identified in the ‘‘Category of records’’ section above using any word or number criteria. This capability makes it unique from other email archive systems that are maintained by Interior bureaus/ offices, and therefore, this system becomes subject to Privacy Act requirements. 
 
SAFEGUARDS: 
The contractor maintaining this system must follow the requirements under 5 U.S.C. 552a(e)(10) and 43 CFR 2.51 for security standards. A security plan was developed to prevent unauthorized access to the system. The plan addresses application security, administration/user security, and application agreements. Access to the system is limited to authorized personnel whose official duties require such access. The EEAS system will be maintained at the Government contractor’s facility at a secured data center. 
 
RETENTION AND DISPOSAL: 
Records in this system will be retained indefinitely pending completion of Cobell et al. v. Norton, et al., U.S.D.C. D.C., No. 1:96CV01285 or until the Court orders the Department to retain/dispose of these records differently. 
 
SYSTEM MANAGER(S) AND ADDRESS: 
The Technology Services Division, Administrative Operations Directorate, National Business Center, Department of the Interior, MS–1540–MIB, 1849 C St. NW., Washington, DC 20240. 
 
NOTIFICATION PROCEDURES: 
To determine whether your records are in this Privacy Act system of records, contact the Privacy Act Officer at the bureau/office from which your email message was sent or where it was received (see list of participating bureau/offices identified in the ‘‘Categories of individuals’’ section above). Interior bureaus/offices are listed on the Department of the Interior home page. The request must meet the requirements of 43 CFR 2.60. Provide the following information with your request: 
  • (a)  Proof of your identity; 
  • (b)  List of all the names by which you have been known, such as maiden name or alias; 
  • (c)  Your Social Security Number; 
  • (d)  Your mailing address; 
  • (e)  Time period(s) that records pertaining to you may have been created or maintained, to the extent known by you (See 43 CFR 2.60(b)(3)); and 
  • (f)  Specific description or identification of the records you are requesting (including whether you are asking for a copy of all of your records or only a specific part of them), and the maximum amount of money that you are willing to pay for their copying (See 43 CFR 2.63(b)(4)). 
RECORD ACCESS PROCEDURES: 
To request access to records, follow procedures in the ‘‘Notification procedure’’ section above. The request must meet the requirements of 43 CFR 2.63. Provide with your request the same information identified in the ‘‘Notification procedures’’ sections.
 
CONTESTING RECORD PROCEDURES: 
To request an amendment of a record, send requests in writing to the contacts identified in the ‘‘Notification procedure’’ section above. The request must meet the requirements of 43 CFR 2.71.
 
RECORDS SOURCE CATEGORIES: 
Some information maintained in the system is collected from mag-tapes provided by Interior bureau/office email backup systems from those installations identified in the ‘‘Categories of individuals’’ section above. This information is downloaded onto a hard drive managed by the contractor and stored digitally. Information from Interior bureau/office e-mail servers wil lbe captured in real time, transmitted electronically through secured networks, and captured and stored electronically into the EEAS. 
 
EXEMPTIONS CLAIMED FOR THE SYSTEM: 
None.  

Was this page helpful?

Please provide a comment