Collapse to view only § 1.32 - Collection, use, disclosure, and protection of Social Security numbers.

§ 1.20 - Purpose and scope of this subpart.

(a) The regulations in this subpart are issued to implement the provisions of the Privacy Act of 1974 (5 U.S.C. 552a). This subpart applies to all records which are contained in systems of records maintained by the Department of the Treasury (Department or Treasury). They do not relate to those personnel records of Federal Government employees, which are under the Office of Personnel Management's (OPM) jurisdiction to the extent such records are subject to OPM regulations. This subpart applies to all Treasury components. Any reference in this subpart to the Department or its officials, employees, or records must be deemed to refer also to the components or their officials, employees, or records. This subpart sets forth the requirements applicable to Treasury employees (including, to the extent required by the contract or 5 U.S.C. 552a(m), Government contractors and employees of such contractors) maintaining, collecting, using, or disseminating records pertaining to individuals. They also set forth the procedures by which individuals may request notification of whether the Treasury maintains or has disclosed a record pertaining to them or may seek access to such records maintained in any nonexempt system of records, request correction of such records, appeal any initial adverse determination of any request for amendment, or seek an accounting of disclosures of such records. For the convenience of interested persons, Treasury components may reproduce the regulations in this subpart in their entirety (less any appendices not applicable to the component in question) in those titles of the Code of Federal Regulations (CFR) which normally contain regulations applicable to such components. In connection with such reproduction, and at other appropriate times, components may issue supplementary regulations applicable only to the component in question, which are consistent with the regulations in this subpart. In the event of any actual or apparent inconsistency, the Departmentwide regulations in this subpart must govern. Individuals interested in the records of a particular component should, therefore, also consult the Code of Federal Regulations for any rules or regulations promulgated specifically with respect to that component (see the appendices to this subpart for cross references). The head of each component is hereby also authorized to substitute other appropriate officials for those designated and correct addresses specified in the appendix to this subpart applicable to the component. For purposes of this subpart, Treasury components consist of the following offices and bureaus:

(1) The Departmental Offices, which include the offices of:

(i) The Secretary of the Treasury, including immediate staff;

(ii) The Deputy Secretary of the Treasury, including immediate staff;

(iii) The Chief of Staff, including immediate staff;

(iv) The Executive Secretary of the Treasury, and all offices reporting to such official, including immediate staff;

(v) Under Secretary for the Office of International Affairs, and all offices reporting to such official, including immediate staff;

(vi) Assistant Secretary for the Office of International Trade and Development, and all offices reporting to such official, including immediate staff;

(vii) Assistant Secretary for the Office of International Finance, and all offices reporting to such official, including immediate staff;

(viii) Assistant Secretary for the Office of Investment Security, and all offices reporting to such official, including immediate staff;

(ix) Under Secretary for the Office of Domestic Finance, and all offices reporting to such official, including immediate staff;

(x) Assistant Secretary for the Office of Financial Institutions, and all offices reporting to such official, including immediate staff;

(xi) Assistant Secretary for the Office of Financial Markets, and all offices reporting to such official, including immediate staff;

(xii) Assistant Secretary for the Office of the Fiscal Service, and all offices reporting to such official, including immediate staff;

(xiii) Under Secretary for the Office of Terrorism & Financial Intelligence, and all offices reporting to such official, including immediate staff;

(xiv) Assistant Secretary for the Office of Terrorist Financing and Financial Crimes, and all offices reporting to such official, including immediate staff;

(xv) Assistant Secretary for the Office of Intelligence and Analysis, and all offices reporting to such official, including immediate staff;

(xvi) Office of General Counsel and all offices reporting to such official, including immediate staff; except legal counsel to the components listed in paragraphs (a)(23) through (26) and (b) through (h) of this section;

(xvii) Treasurer of the United States including immediate staff;

(xviii) Assistant Secretary for the Office for Legislative Affairs, and all offices reporting to such official, including immediate staff;

(xix) Assistant Secretary for the Office of Management, and all offices reporting to such official(s), including immediate staff;

(xx) Assistant Secretary for the Office of Public Affairs, and all offices reporting to such official, including immediate staff;

(xxi) Assistant Secretary for the Office of Economic Policy, and all offices reporting to such official, including immediate staff;

(xxii) Assistant Secretary for the Office of Tax Policy, and all offices reporting to such official, including immediate staff;

(xxiii) The Inspector General and all offices reporting to such official, including immediate staff;

(xxiv) The Treasury Inspector General for Tax Administration, and all offices reporting to such official, including immediate staff;

(xxv) The Special Inspector General, Troubled Asset Relief Program, and all offices reporting to such official, including immediate staff;

(xxvi) The Special Inspector General for Pandemic Recovery, and all offices reporting to such official, including immediate staff;

(2) Alcohol and Tobacco Tax and Trade Bureau.

(3) Internal Revenue Service.

(4) Office of the Comptroller of the Currency.

(5) Bureau of Engraving and Printing.

(6) United States Mint.

(7) Financial Crimes Enforcement Network.

(8) Bureau of the Fiscal Service.

(b) For purposes of this subpart, the office of the legal counsel for the components listed in paragraphs (a)(1)(xxiii) through (xxvi) and (a)(2) through (8) of this section are to be considered a part of such components. Any office, which is now in existence or may after October 20, 2022 be established, which is not specifically listed or known to be a component of any of those listed in paragraphs (a)(1) through (8) of this section, must be deemed a part of the Departmental Offices for the purpose of this subpart.

§ 1.21 - Definitions.

(a) The term agency means agency as defined in 5 U.S.C. 552(e).

(b) The term individual means a citizen of the United States or an alien lawfully admitted for permanent residence.

(c) The term maintain includes maintain, collect, use, or disseminate.

(d) The term record means any item, collection, or grouping of information about an individual that is maintained by the Treasury or its components. This includes, but is not limited to, the individual's education, financial transactions, medical history, and criminal or employment history and that contains the name, or an identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph.

(e) The term system of records means a group of any records under the control of the Treasury or any component from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual.

(f) The term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or part in making any determination about an identifiable individual, except as provided by 13 U.S.C. 8.

(g) The term routine use means the disclosure of a record that is compatible with the purpose for which the record was collected.

(h) The term component means a Treasury bureau or office as set forth in § 1.20 and in the appendices to this subpart. (See 5 U.S.C. 552a(a).)

(i) The term request for access means a request made pursuant to 5 U.S.C. 552a(d)(1).

(j) The term request for amendment means a request made pursuant to 5 U.S.C. 552a(d)(2).

(k) The term request for accounting means a request made pursuant to 5 U.S.C. 552a(c)(3).

(l) The term Privacy Act means the Privacy Act of 1974 (5 U.S.C. 552a).

§ 1.22 - Requirements relating to systems of records.

(a) In general. Subject to 5 U.S.C. 552a(j) and (k) and § 1.23(c), each component shall, in conformance with the Privacy Act:

(1) Maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by the statute or by Executive order of the President. (See 5 U.S.C. 552a(e)(1).)

(2) Collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individual's rights, benefits, and privileges under Federal programs. (See 5 U.S.C. 552a(e)(2).)

(b) Requests for information from individuals. Subject to 5 U.S.C. 552a(j) and § 1.23(c)(1), each component of the Treasury shall inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual:

(1) The authority (whether granted by statute, or by Executive order of the President) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary;

(2) The principal purpose or purposes for which the information is intended to be used;

(3) The routine uses which may be made of the information, as published pursuant to 5 U.S.C. 552a(e)(4)(D); and

(4) The effects on such individual, if any, of not providing all or any part of the requested information. (See 5 U.S.C. 552a(e)(3).)

(c) Report on new systems. Each component of the Treasury shall provide adequate advance notice to Congress and the Office of Management and Budget's (OMB) Office of Information and Regulatory Affairs (OIRA) any proposal to establish or alter any system of records in order to permit an evaluation of the probable or potential effect of such proposal on the privacy and other personal or property rights of individuals or the disclosure of information relating to such individuals, and its effect on the preservation of the constitutional principles of federalism and separation of powers. (See 5 U.S.C. 552a(o).)

(d) Accurate and secure maintenance of records. Each component shall:

(1) Subject to 5 U.S.C. 552a(j) and § 1.23(c)(1), maintain all records which are used in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination (see 5 U.S.C. 552a(e)(5));

(2) Prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to the Privacy Act (see subpart A of this part), make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for Department of the Treasury purposes (see 5 U.S.C. 552a(e)(6)); and

(3) Establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained. (See 5 U.S.C. 552a(e)(10).)

(i) System managers, with the approval of the head of their offices within a component, shall establish administrative and physical controls, consistent with Department regulations in this part, to insure the protection of records systems from unauthorized access or disclosure and from physical damage or destruction. The controls instituted shall be proportional to the degree of sensitivity of the records but at a minimum must insure that records other than those available to the general public under the Freedom of Information Act (5 U.S.C. 552), are protected from public view, that the area in which the records are stored is supervised during all business hours and physically secure during nonbusiness hours to prevent unauthorized personnel from obtaining access to the records. Automated systems shall comply with the security standards promulgated by the National Institute of Standards and Technology (NIST).

(ii) System managers, with the approval of the head of their offices within a component, shall adopt access restrictions to insure that access to the records is limited to those individuals within the agency who have a need to access the records in order to perform their duties. Procedures shall also be adopted to prevent accidental access to, or dissemination of, records.

(e) Prohibition against maintenance of records concerning First Amendment rights. No component shall maintain a record describing how any individual exercises rights guaranteed by the First Amendment (e.g., speech), unless the maintenance of such record is:

(1) Expressly authorized by statute; or

(2) Expressly authorized by the individual about whom the record is maintained; or

(3) Pertinent to and within the scope of an authorized law enforcement activity. (See 5 U.S.C. 552a(e)(7).)

(f) Notification of disclosure under compulsory legal process. Subject to 5 U.S.C. 552a(j) and § 1.23(c)(1), when records concerning an individual are subpoenaed by a Grand Jury, Court, or quasi-judicial agency, or disclosed in accordance with an ex parte court order pursuant to 26 U.S.C. 6103(i), the official served with the subpoena or court order shall make reasonable efforts to assure that notice of any disclosure is provided to the individual. Notice shall be provided within five working days of making the records available under compulsory legal process or, in the case of a Grand Jury subpoena or an ex parte order, within five days of its becoming a matter of public record. Notice shall be mailed to the last known address of the individual and shall contain the following information: the date and authority to which the subpoena is, or was returnable, or the date of and court issuing the ex parte order, the name and number of the case or proceeding, and the nature of the information sought and provided. Notice of the issuance of a subpoena or an ex parte order is not required if the system of records has been exempted from the notice requirement of 5 U.S.C. 552a(e)(8) and this section, pursuant to 5 U.S.C. 552a(j) and § 1.23(c)(1), by a Notice of Exemption published in the Federal Register. (See 5 U.S.C. 552a(e)(8).)

(g) Emergency disclosure. If information concerning an individual has been disclosed to any person under compelling circumstances affecting health or safety, the individual shall be notified at the last known address within 5 days of the disclosure (excluding Saturdays, Sundays, and legal public holidays). Notification shall include the following information: The nature of the information disclosed, the person or agency to whom it was disclosed, the date of disclosure, and the compelling circumstances justifying the disclosure. Notification shall be given by the officer who made or authorized the disclosure. (See 5 U.S.C. 552a (b)(8).)

§ 1.23 - Publication in the Federal Register—Notices of systems of records, general exemptions, specific exemptions, review of all systems.

(a) Notices of systems of records to be published in the Federal Register. (1) The Office of the Federal Register publishes a biennial compilation of all system notices (“Privacy Act Issuances”), as specified in 5 U.S.C. 552a(f). In the interim (between biennial compilations), the Department must list and provide links on its website to complete, up-to-date versions of all Treasury system of records notices (SORNs), including citations and links to all Federal Register notices that reflect substantial modifications to each SORN.

(2) In addition, the Department must publish in the Federal Register upon establishment or significant revision a notice of the existence and character of any new or significantly revised systems of records. Unless otherwise instructed, each notice must include:

(i) The system name and number, and location of the system;

(ii) The title and business address of the Treasury official who is responsible for the system of records;

(iii) Security classification, and indication of whether any information in the system is classified;

(iv) Authority for maintenance of the system, the specific authority that authorizes the maintenance of the records in the system;

(v) Purpose(s) of the system, a description of the purpose(s) for maintaining the system;

(vi) The categories of individuals on whom records are maintained in the system;

(vii) The categories of records maintained in the system;

(viii) The categories of sources of records in the system (see 5 U.S.C. 552a(e)(4));

(ix) Each routine uses of the records contained in the system, including the categories of users and the purpose of such use;

(x)–(xix) [Reserved]

(xx) The policies and practices of the component regarding storage, retrievability, access controls, retention, and disposal of the records;

(xxi) The procedures of the component whereby an individual can be notified if the system of records contains a record pertaining to the individual, including reasonable times, places, and identification requirements;

(xxii) The procedures of the component whereby an individual can be notified on how to gain access to any record pertaining to such individual that may be contained in the system of records, and how to contest its content;

(xxiii) Exemptions promulgated for the system; and

(xxiv) History (any previously published notices).

(b) Notice of new or modified routine uses to be published in the Federal Register. At least 30 days prior to a new use or modification of a routine use, as published under paragraph (a)(3)(iv) of this section, Treasury must publish in the Federal Register notice of such new or modified use of the information in the system and allow for interested persons to submit written data, views, or arguments to the components. (See 5 U.S.C. 552a(e)(11).)

(c) Promulgation of rules exempting systems from certain requirements—(1) General exemptions. In accordance with existing procedures applicable to a Treasury component's issuance of regulations, the head of each such component may adopt rules, in accordance with the requirements (including general notice) of 5 U.S.C. 553(b)(1), (2), and (3), (c) and (e), to exempt any system of records within the component from any part of the Privacy Act and the regulations in this subpart except subsections (b) (§ 1.24, conditions of disclosure), (c)(1) (§ 1.25, keep accurate accounting of disclosures), (c)(2) (§ 1.25, retain accounting for five years or life of record), (e)(4)(A) through (F) (paragraph (a) of this section, publication of annual notice of systems of records), (e)(6) (§ 1.22(d), accuracy of records prior to dissemination), (e)(7) (§ 1.22(e), maintenance of records on First Amendment rights), (e)(9) (§ 1.28, establish rules of conduct), (e)(10) (§ 1.22(d)(3), establish safeguards for records), (e)(11) (paragraph (c) of this section, publish new intended use), and (i) (§ 1.28(c), criminal penalties) if the systems of records maintained by the component which performs as its principal function any activity pertaining to the enforcement of criminal laws, including police efforts to prevent, control, or reduce crime or to apprehend criminals, and the activities of prosecutors, courts, correctional, probation, pardon, or parole authorities, and which consists of:

(i) Information compiled for the purpose of identifying individual criminal offenders and alleged offenders and consisting only of identifying data and notations of arrests, the nature and disposition of criminal charges, sentencing, confinement, release, and parole, and probation status;

(ii) Information compiled for the purpose of a criminal investigation, including reports of informants and investigators, and associated with an identifiable individual; or

(iii) Reports identifiable to an individual compiled at any stage of the process of enforcement of the criminal laws from arrest or indictment through release from supervision. (See 5 U.S.C. 552a(j).)

(2) Specific exemptions. In accordance with existing procedures applicable to a Treasury component's issuance of regulations, the head of each such component may adopt rules, in accordance with the requirements (including general notice) of 5 U.S.C. 553(b)(1), (2), and (3), (c), and (e), to exempt any system of records within the component from 5 U.S.C. 552a(c)(3) (§ 1.25(c)(2), accounting of certain disclosures available to the individual), (d) (§ 1.26(a), access to records), (e)(1) (§ 1.22(a)(1), maintenance of information to accomplish purposes authorized by statute or executive order only), (e)(4)(G) (paragraph (a)(7) of this section, publication of procedures for notification), (e)(4)(H) (paragraph (a)(8) of this section, publication of procedures for access and contest), (e)(4)(I) (paragraph (a)(9) of this section, publication of sources of records), and (f) (§ 1.26, promulgate rules for notification, access and contest), if the system of records is:

(i) Subject to the provisions of 5 U.S.C. 552(b)(1);

(ii) Investigatory material compiled for law enforcement purposes, other than material within the scope of subsection (j)(2) of the Privacy Act and paragraph (a)(1) of this section. If any individual is denied any right, privilege, or benefit that such individual would otherwise be entitled to by Federal law, or for which such individual would otherwise be eligible, as a result of the maintenance of this material, provide such material to the individual, except to the extent that the disclosure of the material would reveal the identity of a source who furnished information to the Government under an express promise that the identity of the source would be held in confidence, or prior to September 27, 1975, under an implied promise that the identity of the source would be held in confidence;

(iii) Maintained in connection with providing protective services to the President of the United States or other individuals pursuant to 18 U.S.C. 3056;

(iv) Required by statute to be maintained and used solely as statistical records;

(v) Investigatory material compiled solely for the purpose of determining suitability, eligibility, or qualifications for Federal civilian employment, military service, Federal contracts, or access to classified information, but only to the extent that the disclosure of such material would reveal the identity of a source who furnished information to the Government under an express promise that the identity of the source would be held in confidence, or, prior to September 27, 1975, under an implied promise that the identity of the source would be held in confidence;

(vi) Testing or examination material used solely to determine individual qualifications for appointment or promotion in the Federal service the disclosure of which would compromise the objectivity or fairness of the testing or examination process; or

(vii) Evaluation material used to determine potential for promotion in the armed services, but only to the extent that the disclosure of such material would reveal the identity of a source who furnished information to the Government under an express promise that the identity of the source would be held in confidence, or, prior to September 27, 1975, under an implied promise that the identity of the source would be held in confidence.

(3) Reasons for exemptions. As of November 21, 2022, the head of the component must include in the statement required under 5 U.S.C. 553(c) the reasons why the system of records is to be exempted from a provision of the Privacy Act and this part. (See 5 U.S.C. 552a(j) and (k).)

(d) Review and report to the Office of Management and Budget (OMB). The Department must ensure that the following reviews are conducted:

(1) The Data Integrity Board must conduct a review of all matching programs in which the Department has participated during the calendar year and report to OMB of the following year.

(2) Each component must perform the following reviews with a frequency sufficient to ensure compliance and manage risks:

(i) Review the language of each contract that involves the creation, collection, use, processing, storage, maintenance, dissemination, disclosure, or disposal of information and ensure that the applicable requirements in the Privacy Act and OMB policies are enforceable on the contractor and its employees consistent with the agency's authority;

(ii) Ensure that all routine uses remain appropriate and that the recipient's use of the records continues to be compatible with the purpose for which the information was collected;

(iii) Ensure that each exemption claimed for a system of records pursuant to 5 U.S.C. 552a(j) and (k) remains appropriate and necessary;

(iv) Ensure Departmental and component training practices are sufficient and that personnel understand the requirements of the Privacy Act, OMB guidance, the agency's implementing regulations and policies, and any job-specific requirements;

(v) Review all component SORNs as needed to ensure they remain accurate, up-to-date, and appropriately scoped; that all SORNs are published in the Federal Register; that all SORNs include the information required by OMB Circular A–108; and that all significant changes to SORNs have been reported to OMB and Congress; and

(vi) Be prepared to report to the Office of Privacy, Transparency, & Records, as part of the annual Federal Information Security Management Act (FISMA), as amended by the Federal Information Security Modernization Act of 2014, Public Law 113–283, reporting process, the results of the reviews conducted as required by this section, including any corrective action taken to resolve problems uncovered.

§ 1.24 - Disclosure of records to person other than the individual to whom they pertain.

(a) Conditions of disclosure. No component of Treasury is required to disclose any record which is contained in a system of records maintained by it by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, or the parent, if a minor, or legal guardian, if incompetent, of such individual, unless disclosure of the record would be:

(1) To those offices and employees of the Treasury who have a need for the record in the performance of their duties;

(2) Required under 5 U.S.C. 552 (subpart A of this part);

(3) For a routine use as defined in 5 U.S.C. 552a(a)(7) and § 1.21(g) and as described under 5 U.S.C. 552a(e)(4)(D) and § 1.23(a)(4);

(4) To the Bureau of the Census for the purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 of the U.S. Code;

(5) To a recipient who has provided the component with advance adequate written assurance that the record will be used solely as statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable;

(6) To the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Administrator of the General Services Administration or the designee of such official to determine whether the record has such value;

(7) To another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity, if:

(i) The activity is authorized by law; and

(ii) The head of the agency or instrumentality has made a written request to the Treasury specifying the particular portion desired and the law enforcement activities for which the record is sought;

(8) To a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual, if upon such disclosure, notification is transmitted to the last known address of such individual;

(9) To either House of Congress, or, to the extent a matter is within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee;

(10) To the Comptroller General, or the authorized representatives of such official, in the course of the performance of the duties of the Government Accountability Office;

(11) Pursuant to the order of a court of competent jurisdiction (see 5 U.S.C. 552a(b)); or

(12) To a consumer reporting agency in accordance with 13 U.S.C. 3711(e).

(b) [Reserved]

§ 1.25 - Accounting of disclosures.

(a) Accounting of certain disclosures. Each component, with respect to each system of records under its control, must:

(1) Keep an accurate accounting of:

(i) The date, nature, and purpose of each disclosure of a record to any person or to an agency made under 5 U.S.C. 552a(b) and § 1.24; and

(ii) The name and address of the person to whom or agency to which the disclosure is made;

(2) Retain the accounting made under paragraph (a)(1) of this section for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made; and

(3) Inform any person or other agency about any correction or notation of dispute made by the component in accordance with 5 U.S.C. 552a(d) and § 1.28 of any record that has been disclosed to the person or agency if an accounting of the disclosure was made. (See 5 U.S.C. 552(c).)

(b) Accounting systems. To permit the accounting required by paragraph (a) of this section, system managers, with the approval of the head of their offices within a component, must establish or implement a system of accounting for all disclosures of records, either orally or in writing, made outside the Department of the Treasury. Accounting records must:

(1) Be established in the least expensive and most convenient form that will permit the system manager to advise individuals, promptly upon request, what records concerning them have been disclosed and to whom;

(2) Provide, as a minimum, the identification of the particular record disclosed, the name and address of the person to whom or agency to which the record was disclosed, and the date, nature, and purpose of the disclosure; and

(3) Be maintained for 5 years or until the record is destroyed or transferred to the National Archives and Records Administration or Federal Records Center for storage, in which event, the accounting pertaining to those records, unless maintained separately, must be transferred with the records themselves.

(c) Exemptions from accounting requirements. No accounting is required for disclosure of records:

(1) To those officers and employees of the Department of the Treasury who have a need for the record in the performance of their duties; or

(2) If disclosure would be required under 5 U.S.C. 552 and subpart A of this part.

(d) Access to accounting by individual. (1) Subject to paragraphs (c) and (d)(2) of this section, each component must establish {i} procedures for making the accounting required under paragraph (a) of this section available to the individual to whom the record pertains and {ii} thereafter make such accounting available in accordance therewith at the request of the individual. The procedures may require the requester to provide reasonable identification. (See appendices A through H to this subpart.)

(2) Access to accounting of disclosures may be withheld from the individual named in the record only if the disclosures were:

(i) Made under 5 U.S.C. 552a (b)(7) and § 1.24(a)(7); or

(ii) Under a system of records exempted from the requirements of 5 U.S.C. 552a(c)(3) in accordance with 5 U.S.C. 552(j) or (k) and § 1.23(c). (See 5 U.S.C. 552a(c).)

§ 1.26 - Procedures for notification and access to records pertaining to individuals—Format and fees for request for access.

(a) Procedures for notification and access. Each component must, in accordance with the requirements of 5 U.S.C. 552a(d)(1), set forth in the appendix to this subpart applicable to such component procedures whereby an individual can be notified, in response to a request, if any system of records named by the individual contains a record pertaining to that individual. In addition, such procedures must set forth the requirements for access to such records. At a minimum, such procedures must specify the times during, and the places at which access will be afforded, together with such identification as may be required of the individual before access. (See 5 U.S.C. 552a(f)(1), (2) and (3).)

(b) Access. Each component, in accordance with the procedures prescribed under paragraph (a) of this section, must allow an individual, upon request, to gain access to records or to any information pertaining to such individual which is contained in a system of records. Permit the individual to review the record and have a copy made of all or any portion of the record in a comprehensible form. Also permit the individual to be accompanied by any person of the individual's choosing to review the record, except that the agency may require the individual to furnish a written statement authorizing discussion of that individual's record in the accompanying person's presence. (See 5 U.S.C. 552a(d)(1).)

(c) Exceptions. Neither the procedures prescribed under paragraph (a) of this section nor the requirements for access under paragraph (b) of this section apply to:

(1) Systems of records exempted pursuant to 5 U.S.C. 552a(j) and (k) and § 1.23(c);

(2) Information compiled in reasonable anticipation of a civil action or proceeding (see 5 U.S.C. 552(d)(5)); or

(3) Information pertaining to an individual which is contained in, and inseparable from, another individual's record.

(d) Format of request. (1) A request for notification of whether a record exists must:

(i) Be made in writing and signed by the person making the request, who must be the individual about whom the record is maintained or such individual's duly authorized representative (see § 1.34);

(ii) State that it is made pursuant to the Privacy Act or the regulations in this subpart, or have “Privacy Act Request” written on both the request and on the envelope, if not submitted via a component-provided electronic method;

(iii) Give the name of the system or subsystem or categories of records to which access is sought, as specified in “Privacy Act Issuances” published by the Office of the Federal Register and referenced in the appendices to this subpart;

(iv) Describe the nature of the record sought, the date of the record or the period in which the record was compiled or otherwise describe the record in sufficient detail to enable Department personnel to locate the system of records containing the record with a reasonable amount of effort;

(v) Provide such identification of the requester as may be specified in the appropriate appendix to this subpart; and

(vi) Be addressed or delivered in person or by a component-provided electronic method to the office or officer of the component indicated for the particular system or subsystem or categories of records to which the individual seeks access, as specified in “Privacy Act Issuances” published by the Office of the Federal Register and referenced in the appendices to this subpart. As explained in appendix A to this subpart, requesters may send a written request to the Departmental Offices seeking assistance in identifying the appropriate component or in preparing a request for notification. Requesters seeking such assistance should submit a written request addressed to the Departmental Offices at the address specified in appendix A to this part.

(2) A request for access to records must, in addition to complying with paragraphs (d)(1)(i) through (vi) of this section:

(i) State whether the requester wishes to inspect the records or desires to have a copy made and furnished without first inspecting them;

(ii) If a requester wants a copy of their records, they must clearly state in the request that they agree to pay the fees for duplication as ultimately determined in accordance with subpart A to this subpart (§ 1.7), unless such fees are waived under that section by the system manager or other appropriate official as indicated in the appropriate appendix to this subpart; and

(iii) Comply with any other requirement set forth in the applicable appendix to this subpart or the “System of Records Notice” applicable to the system in question. Any request for access which does not comply with the requirements in the preceding sentence and those set forth elsewhere in this subpart, will not be deemed subject to the time constraints of this section, unless and until amended to comply with all requirements in this subpart. Components must advise the requester of any specific deficiencies so the requester can amend the request so it can be processed. This section applies only to records maintained in a system of records that are also in the possession or control of the component. (See 5 U.S.C. 552a(d) and (f).)

(e) Requests for records not in control of component. (1) Treasury employees must make reasonable efforts to assist an oral requester to learn to which office or officer a written request should be sent. When the request is for a record which is not in the possession or control of any Treasury component, the requester must be advised of this fact.

(2) Where the record requested originated with a Federal agency other than Treasury or its components and was classified (e.g., National Defense or Intelligence Information) or otherwise restrictively endorsed (e.g., Office of Personnel Management records of Federal Bureau of Investigation reports) by the originating agency, and a copy is in the possession of a Treasury component, the component will refer that portion of the request to the originating agency for determination of all Privacy Act issues. In the case of a referral to another agency under this paragraph (e)(2), the component will notify the requester that such portion of the request has been so referred and that the requester may expect to hear from that agency.

(3) When information sought from a system manager or other appropriate Treasury official includes information originating with other Federal agencies that is not classified or otherwise restrictively endorsed, the system manager or other appropriate Treasury official receiving the request must consult with the originating agency prior to making a decision to disclose or withhold the record. The system manager or other appropriate Treasury official maintaining the record must decide if disclosure is required. (See 5 U.S.C. 552a(d) and (f).)

(f) Date of receipt of request. For purposes of this subpart, the date of receipt of a request for notification or access to records shall be the date on which the requester satisfied all the requirements of paragraph (d) of this section. Requests for notification or access to records and any separate agreement to pay for copies must be stamped or endorsed with the date the receiving office/component received all information needed to satisfy the requirements in this section. The date of receipt of the last required document will be the date of receipt of the request for the purposes of this subpart. (See 5 U.S.C. 552a(d) and (f).)

(g) Notification of determination—(1) In general. The component officers designated in the appendices to this subpart must send the requester any required notifications, including notices stating the component has responsive records and whether it will provide access to the records requested. The component will mail notification of the determination within 30 days (excluding Saturdays, Sundays, and legal public holidays) after the date of receipt of the request, as determined in accordance with paragraph (f) of this section. If it is not possible to respond within 30 days, the relevant component officer must inform the requester (prior to the expiration of the 30-day timeframe), stating the reason for the delay (e.g., volume of records requested, scattered location of the records, need to consult other agencies, or the difficulty of the legal issues involved) and when a response will be dispatched. (See 5 U.S.C. 552a(d) and (f).)

(2) Granting of access. When the component determines that the request for access will be granted and the requester seeks a copy of the responsive records, the component must furnish such copy in a form comprehensible to the requester, together with a statement of the applicable duplication fees. If the requester indicates they want to exercise their right to inspect the responsive records, the component officer designated in the relevant appendix to this subpart must promptly notify the requester in writing of the determination, including when and where the requested records may be inspected. A requester seeking to inspect such records may be accompanied by another person of their choosing. The requester seeking access must sign a form indicating that Treasury is authorized to discuss the contents of the subject record in the accompanying person's presence. If, after making the inspection, the requester requests a copy of all or a portion of the requested records and pays the applicable fees for duplication, the component must provide a copy of the records in a form comprehensible to the requester. Fees to be charged are as prescribed by subpart A to this subpart (§ 1.7). Components may charge for processing requests under the Freedom of Information Act, under the provisions of this section, or may issue their own fee schedules, which must be consistent with the OMB Guidelines. (See 5 U.S.C. 552a(d) and (f).)

(3) Requirements for access to medical records. When access is requested to medical records, including psychological records, the responsible official may determine that such release could have an adverse effect on the individual and that release will be made only to a health professional authorized in writing to have access to such records by the individual making the request. Upon receipt of the authorization, the health professional will be permitted to review the records or to receive copies of the records by mail, upon proper verification of identity. (See 5 U.S.C. 552a(f) (3).)

(4) Denial of request. When a component makes a determination to deny a request for notification of whether a record exists or deny access to existing responsive records (whether in whole or part or subject to conditions or exceptions), the component must notify the requester of the denial by mail in accordance with paragraph (g)(1) of this section. The letter of notification must specify the city or other location where the requested records are situated (if known), contain a statement of the reasons for not granting the request as made, set forth the name and title or position of the responsible official and advise the requester of the right to file suit in accordance with 5 U.S.C. 552a (g)(1)(B).

(5) Prohibition against the use of 5 U.S.C. 552(b) exemptions. A component may not invoke exemptions from disclosure under 5 U.S.C. 552(b) (subpart A to this part (§ 1.2 (c))), for the purpose of withholding from a requester any record which would otherwise be accessible to the requester under the Privacy Act and this subpart. (See 5 U.S.C. 552a(t).)

(6) Records exempt in whole or in part. (i) If Treasury deems it necessary to assert an exemption in response to a request for notification of the existence of or access to records, it will neither confirm nor deny the existence of the records if the records were exempted from individual access pursuant to 5 U.S.C. 552a(j) or were compiled in reasonable anticipation of a civil action or proceeding in either a court or before an administrative tribunal. If Treasury asserts such an exemption, it must advise the requester only that it has identified no records available pursuant to the Privacy Act.

(ii) Process requests from individuals for access to records which Treasury exempted from access pursuant to 5 U.S.C. 552a(k) as follows:

(A) Requests for information classified pursuant to Executive Order 12958, 13526, or successor or prior Executive orders require the responsible Treasury component to review the information to determine whether it continues to warrant classification pursuant to an Executive order. Information which no longer warrants classification under these criteria must be declassified and made available to the individual. If the information continues to warrant classification, the component must notify the requester that the information sought is classified, that it has been reviewed and continues to warrant classification, and that Treasury exempted it from access pursuant to 5 U.S.C. 552(b)(1) and 5 U.S.C. 552a(k)(1). Classified information maintained in records Treasury exempted pursuant to 5 U.S.C. 552a(j) must be reviewed as required by this paragraph (g)(6)(ii)(A), but the response to the individual must be in the form prescribed by paragraph (g)(6)(i) of this section.

(B) Components must respond to requests for information maintained in records that Treasury exempted from disclosure pursuant to 5 U.S.C. 552a(k)(2) in the manner provided in paragraph (g)(6)(i) of this section unless the requester shows that the component has used or is using the information to deny them any right, privilege, or benefit for which they are eligible or to which they would otherwise be entitled under Federal law. If the requester makes such a showing, the component must advise the requester of the existence of the records, extract any information from the records that would identify a confidential source, or provide a summary extract of the records to the requester in a manner which protects the source to the maximum degree possible.

(C) Information a component compiled in its records as part of an employee background investigation that Treasury exempted from disclosure pursuant to 5 U.S.C. 552a(k)(5) must be made available to a requester unless the record identifies a confidential source(s). Information in the record that identifies confidential source(s) must be extracted or summarized in a manner which protects the source(s) to the maximum degree possible and the summary or extract must be provided to the requester.

(D) Testing or examination material that Treasury exempted pursuant to 5 U.S.C. 552a(k)(6) must not be made available to a requester if disclosure would compromise the objectivity or fairness of the testing or examination process but may be made available if no such compromise possibility exists. (See 5 U.S.C. 552a(d)(5), (j), and (k).)

§ 1.27 - Procedures for amendment of records pertaining to individuals—Format, agency review, and appeal from initial adverse agency determination.

(a) In general. Subject to the application of exemptions Treasury promulgated in accordance with § 1.23(c), and subject to paragraph (f) of this section, each component of the Department of the Treasury must, in conformance with 5 U.S.C. 552a(d)(2), permit an individual to request amendment of a record pertaining to such individual. Any request for amendment of records or any appeal that does not fully comply with the requirements of this section and any additional specific requirements imposed by the component in the applicable appendix to this subpart will not be deemed subject to the time constraints of paragraph (e) of this section, unless and until the request is amended to meet all requirements. However, components will advise the requester in what respect the request or appeal is non-compliant so that it may be resubmitted or amended. (See 5 U.S.C. 552a(d) and (f).)

(b) Form of request to amend records. In order to be subject to the provisions of this section, a request to amend records must:

(1) Be made in writing and signed by the individual making the request, who must be the individual about whom the record is maintained, or the duly authorized representative of such individual;

(2) State that it is made under the Privacy Act or the regulations in this subpart, with “Privacy Act Amendment Request” written on both the request and on the envelope;

(3) Be addressed to the office or officer of the component specified for such purposes in “Privacy Act Issuances” published by the Office of the Federal Register and referenced in the appendices to this subpart for that purpose; and

(4) Reasonably describe the records which the individual believes require amendment, including, to the best of the requester's knowledge, dates of previous letters the requester sent to the component seeking access to their records and dates of letters in which the component provided notification to the requester concerning access, if any, and the individual's documentation justifying the proposed correction. (See 5 U.S.C. 552a(d) and (f).)

(c) Date of receipt of request. For purposes of this subpart, the date of receipt of a request for amendment of records must be the date on which the requester satisfies all the requirements of paragraph (b) of this section. The receiving office or officer must stamp or otherwise endorse the date of receipt of the request. (See 5 U.S.C. 552a(d) and (f).)

(d) Review of requests to amend records. Officials responsible for review of requests to amend records pertaining to an individual, as specified in the appropriate appendix to this subpart, must:

(1) Not later than 10 days (excluding Saturdays, Sundays, and legal public holidays) after the date of receipt of such request, acknowledge in writing such receipt; and

(2) Promptly, either—

(i) Make any correction to any portion which the individual believes, and the official agrees is not accurate, relevant, timely, or complete; or

(ii) Inform the individual of the refusal to amend the record in accordance with the individual's request, the reason for the refusal, and the name and business address of the officer designated in the applicable appendix to this subpart, as the person who is to review such refusal. (See 5 U.S.C. 552a(d) and (f).).

(e) Administrative appeal—(1) In general. Each component must permit individuals to request a review of initial decisions made under paragraph (d) of this section when an individual disagrees with a refusal to amend the record. (See 5 U.S.C. 552a(d), (f), and (g)(1).)

(2) Form of request for administrative review of refusal to amend record. At any time within 35 days after the date of the notification of the initial decision described in paragraph (d)(2)(ii) of this section, the requester may submit an administrative appeal from such refusal to the official specified in the notification of the initial decision and the appropriate appendix to this subpart. The appeal must:

(i) Be made in writing, stating any arguments in support thereof and be signed by the requester to whom the record pertains, or the duly authorized representative of such individual;

(ii) Be addressed and mailed or hand delivered within 35 days of the date of the initial decision to the office or officer specified in the appropriate appendix to this subpart and in the notification. (See the appendices to this subpart for the address to which appeals made by mail should be addressed.);

(iii) Be clearly marked “Privacy Act Amendment Appeal” on the appeal and on the envelope;

(iv) Reasonably describe the records the individual seeks to amend; and

(v) Specify the date of the initial request to amend records, and the date of the component's letter providing notification that the request was denied. (See 5 U.S.C. 552a(d) and (f).)

(3) Date of receipt. Promptly stamp or endorse appeals with the date of their receipt by the office to which the appeal is addressed. Such stamped or endorsed date will be deemed to be the date of receipt for all purposes of this subpart. The responsible official in the office to which the appeal was addressed must acknowledge receipt of the appeal within 10 days (excluding Saturdays, Sundays, and legal public holidays) from the date of the receipt (unless the determination on appeal is dispatched in 10 days, in which case, no acknowledgement is required). The letter acknowledging receipt of the appeal must advise the requester of the date of receipt established by the foregoing and the number of days the responsible official has to decide the administrative appeal (including days included/not included in determining the deadline). (See 5 U.S.C. 552a(d) and (f).)

(4) Review of administrative appeals from denial of requests to amend records. Officials responsible for deciding administrative appeals from denials of requests to amend records pertaining to an individual, as specified in the appendices to this subpart must: Complete the review and notify the requester of the final agency decision within 30 days (exclusive of Saturdays, Sundays, and legal public holidays) after the date of receipt of such appeal, unless the time is extended by the head of the agency or the delegate of such official, for good cause shown. If the final agency decision is to refuse to amend the record, in whole or in part, the requester must also be advised of the reasons the appeal was denied and their right—

(i) To file a concise “Statement of Disagreement” (including the procedures for filing this statement) setting forth the reasons they disagree with the final agency decision; and/or

(ii) To judicial review of the final agency decision refusing to amend the record(s) (under 5 U.S.C. 552a(g)(1)(A)). (See 5 U.S.C. 552a(d), (f), and (g)(1).)

(5) Notation on record and distribution of statements of disagreement. The system manager is responsible, in any disclosure containing information about which an individual has filed a “Statement of Disagreement”, occurring after the filing of the statement under paragraph (e)(4) of this section, for clearly noting any portion of the record which is disputed and providing copies of the statement and, if deemed appropriate, a concise statement of the component's reasons for not making the amendments requested to persons or other agencies to whom the disputed record has been disclosed. (See 5 U.S.C. 552a(d)(4).)

(f) Records not subject to correction under the Privacy Act. The following records are not subject to correction or amendment by individuals:

(1) Transcripts or written statements made under oath;

(2) Transcripts of Grand Jury proceedings, judicial or quasi-judicial proceedings which form the official record of those proceedings;

(3) Pre-sentence reports comprising the property of the courts but maintained in agency files;

(4) Records pertaining to the determination, the collection, and the payment of the Federal taxes;

(5) Records duly exempted from correction by notice published in the Federal Register; and

(6) Records compiled in reasonable anticipation of a civil action or proceeding.

§ 1.28 - Training, rules of conduct, penalties for non-compliance.

(a) Training. The Deputy Assistant Secretary for Privacy, Transparency, & Records must institute a Departmental training program to instruct Treasury employees and employees of Government contractors covered by 5 U.S.C. 552a(m), who are involved in the design, development, operation, or maintenance of any system of records, on a continuing basis with respect to the duties and responsibilities imposed on them and the rights conferred on individuals by the Privacy Act, the regulations in this subpart, including the appendices thereto, and any other related regulations. Such training must provide suitable emphasis on the civil and criminal penalties imposed on the Department and the individual employees by the Privacy Act for non-compliance with specified requirements of the Act as implemented by the regulations in this subpart. Components may supplement or supplant the departmental annual privacy awareness training to address Privacy Act issues unique to their missions. (See 5 U.S.C. 552a(e)(9).)

(b) Rules of conduct. In addition to the Standards of Conduct published in part O of this title, particularly 31 CFR 0.735–44, the following applies to Treasury employees (including, to the extent required by the contract or 5 U.S.C. 552a(m), Government contractors and employees of such contractors), who are involved in the design, development, operation, or maintenance of any system of records, or in maintaining any records, for or on behalf of the Department, including any component thereof.

(1) The head of each office of a component of the Department is responsible for assuring that employees subject to such official's supervision are advised of the provisions of the Privacy Act, including the criminal penalties and civil liabilities provided therein, and the regulations in this subpart, and that such employees are made aware of their individual and collective responsibilities to protect the security of personal information, to assure its accuracy, relevance, timeliness and completeness, to avoid unauthorized disclosure either orally or in writing, and to insure that no system of records is maintained without public notice.

(2) Treasury must:

(i) Collect no information about individuals for maintenance in a system of records unless authorized to collect it to achieve a function or carry out a responsibility of the Department;

(ii) Collect from individuals only that information which is relevant and necessary to perform Department functions or responsibilities, unless related to a system exempted under 5 U.S.C. 552a(j) or (k);

(iii) Collect information, to the greatest extent practicable, directly from the individual to whom it relates, unless related to a system exempted under 5 U.S.C. 552a(j);

(iv) Inform individuals (and third parties, if feasible) from whom information is collected of the authority and purposes for collection, the use that will be made of the information, and the effects, both legal and practical, of not furnishing the information;

(v) Neither collect, maintain, use nor disseminate information concerning an individual's mere exercise of their First Amendment rights, including: an individual's religious or political beliefs or activities; membership in associations or organizations; freedom of speech and of the press, and freedom of assembly and petition, unless:

(A) The individual expressly authorizes it (for example, volunteering relevant and necessary information to obtain a benefit or enforce a right);

(B) A statute expressly/explicitly authorizes the collection, maintenance, use or dissemination of the information (whether or not the statute specifically refers to the First Amendment); or

(C) The activities involved are pertinent to and within the scope of an authorized investigation, adjudication or correctional activity;

(vi) Advise their supervisors of the existence or contemplated development of any record system which is capable of retrieving information about individuals by individual identifier (to determine if actual retrieval is or will necessarily occur with some degree of regularity when the system of records becomes operational);

(vii) Disseminate outside the Department no information from a system of records without the written consent of the individual who is the subject of the records unless disclosure is authorized by one of the 12 exemptions in 5 U.S.C. 552a(b), which includes disclosure pursuant to a routine use published in a system of records notice in the Federal Register;

(viii) Assure that an accounting is kept in the prescribed form of information about individuals that is maintained in a system of records and disseminated outside the Department, whether made orally or in writing, unless disclosed under 5 U.S.C. 552 and subpart A of this part;

(ix) Collect, maintain, use, and disseminate information about individuals in a manner that ensures that no inadvertent disclosure of the information is made either within or outside the Department; and

(x) Assure that the proper Department authorities (e.g., component privacy officer, legal counsel) are aware of any information in a system maintained by the Department which is not/might not be authorized under the provisions of the Privacy Act, including information on how an individual exercises their First Amendment rights, information that is/may be inaccurate, irrelevant, or so incomplete as to risk unfairness to the individual concerned if used to make adverse determinations.

(c) Criminal penalties. (1) The Privacy Act imposes criminal penalties on the conduct of Government officers or employees as follows: Any officer or employee of an agency (which term includes Treasury):

(i) Who by virtue of their employment or official position, has possession of, or access to, agency records which contain individually identifiable information the disclosure of which is prohibited by this section (see 5 U.S.C. 552a) or regulations in this subpart established under the Privacy Act, and who knowing that disclosure of the specific material is so prohibited, willfully discloses the material in any manner to any person or agency not entitled to receive it; or

(ii) Who willfully maintains a system of records without meeting the notice requirements of paragraph (e)(4) of this section (see 5 U.S.C. 552a)—shall be guilty of a misdemeanor and fined not more than $5,000.

(2) The Privacy Act also imposes a collateral criminal penalty (misdemeanor and a fine of not more than $5,000) on the conduct of any person who knowingly and willfully requests or obtains records covered by the Privacy Act from an agency under false pretenses.

(3) For the purposes of 5 U.S.C. 552a(i), the provisions of paragraph (c)(1) of this section are applicable to Government contractors and employees of such contractors who by contract, operate by or on behalf of the Treasury a system of records to accomplish a Departmental function. Such contractor and employees are considered employees of the Treasury for the purposes of 5 U.S.C. 552a(i). (See 5 U.S.C. 552a(i) and (m).)

§ 1.29 - Records transferred to Federal Records Center or National Archives of the United States.

(a) Records transferred for storage in the Federal Records Center. Records pertaining to an identifiable individual which are transferred to the Federal Records Center in accordance with 44 U.S.C. 3103 must, for the purposes of the Privacy Act, be considered to be maintained by the component which deposited the record and must be subject to the provisions of the Privacy Act and this subpart. The Federal Records Center must not disclose such records except to Treasury or to others under rules consistent with the Privacy Act. These rules may be established by Treasury or a component. If such records are retrieved for the purpose of making a determination about an individual, Treasury or the relevant component must review them for accuracy, relevance, timeliness, and completeness.

(b) Records transferred to the National Archives of the United States—(1) Records transferred to National Archives prior to September 27, 1975. Records pertaining to an identifiable individual transferred to the National Archives prior to September 27, 1975, as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, are deemed records maintained by the National Archives, and:

(i) Must not be subject to the Privacy Act.

(ii) Except, that a statement describing such records (modeled after 5 U.S.C. 552a(e)(4)(A) through (G)) must be published in the Federal Register.

(2) Records transferred to National Archives on or after September 27, 1975. Records pertaining to an identifiable individual transferred to the National Archives as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, on or after September 27, 1975, must be deemed records maintained by the National Archives, and:

(i) Must not be subject to the Privacy Act.

(ii) Except, that a statement describing such records in accordance with 5 U.S.C. 552a(e)(4)(A) through (G) must be published in the Federal Register and rules of conduct and training in accordance with 5 U.S.C. 552(e)(9) are to be established by the National Archives. (See 5 U.S.C. 552a(e).)

§ 1.30 - Application to system of records maintained by Government contractors.

When a component contracts for the operation of a system of records, to accomplish a Treasury function, the provisions of the Privacy Act and this subpart must be applied to such system. The relevant component is responsible for ensuring that the contractor complies with the contract requirements relating to privacy.

§ 1.31 - Sale or rental of mailing lists.

(a) In general. An individual's name and address must not be sold or rented by a component unless such action is specifically authorized by law.

(b) Withholding of names and addresses. This section must not be construed to require the withholding of names and addresses otherwise permitted to be made public. (See 5 U.S.C. 552a(n).)

§ 1.32 - Collection, use, disclosure, and protection of Social Security numbers.

(a) Treasury must only collect full Social Security numbers (SSNs) when relevant and necessary to accomplish a legally authorized purpose related to a Treasury mission. In the absence of another compelling justification for the use of the full SSN (approved by the relevant component Head and the Departmental Senior Agency Official for Privacy), Treasury must only collect and maintain full SSNs:

(1) As a unique identifier for identity verification purposes related to cyber security, law enforcement, intelligence, and/or security background investigations;

(2) When required by external entities to perform a function for or on behalf of Treasury;

(3) When collection is expressly required by statute or regulation;

(4) For statistical and other research purposes;

(5) To ensure the delivery of government benefits, privileges, and services; and

(6) When there are no reasonable, alternative means for meeting business requirements.

(b) Treasury must not display the Social Security number on the outside of any package sent by mail.

(c) Treasury must not display the Social Security number on any document sent by mail unless there are no reasonable, alternative means for meeting business requirements and masking or truncating/partially redacting the SSN are not feasible.

(d) Whenever feasible, Treasury must mask, or truncate/partially redact Social Security numbers visible to authorized Treasury/component information technology users so they only see the portion (if any) of the Social Security number required to perform their official Treasury duties.

(e) An individual must not be denied any right, benefit, or privilege provided by law by a component because of such individual's refusal to disclose their Social Security number.

(f) The provisions of paragraph (e) of this section do not apply with respect to:

(1) Any disclosure which is required by Federal statute; or

(2) The disclosure of a Social Security number to any Federal, State, or local agency maintaining a system of records in existence and operating before January 1, 1975, if such disclosure was required under statute or regulation adopted prior to such date to verify the identity of an individual.

(g) When Treasury requests that an individual discloses their Social Security number, it must inform the individual:

(1) Whether that disclosure is mandatory or voluntary;

(2) By what statutory or other authority such number is solicited; and

(3) What uses are made of the number.

(h) Treasury must provide the information in this section in the notice discussed in § 1.28(b)(2)(iv). (See section 7 of the Privacy Act of 1974 set forth at 5 U.S.C. 552a, note.)

§ 1.34 - Guardianship.

The parent or guardian of a minor or a person judicially determined to be incompetent must, in addition to establishing the identity of the minor or other person represented, establish parentage or guardianship by furnishing a copy of a birth certificate showing parentage or a court order establishing the guardianship and may thereafter, act on behalf of such individual. (See 5 U.S.C. 552a(h).)

§ 1.35 - Information forms.

(a) Review of forms. Except for forms developed and used by components, the Deputy Assistant Secretary for Privacy, Transparency, & Records must review all forms Treasury develops and uses to collect information from and about individuals. Component heads are responsible for reviewing forms used by their component to collect information from and about individuals.

(b) Scope of review. The responsible officers must review each form for the purpose of eliminating any requirement for information that is not relevant and necessary to carry out an agency function and to accomplish the following objectives:

(1) To ensure that Treasury does not collect information concerning religion, political beliefs or activities, association memberships, or the exercise of other First Amendment rights except as authorized in § 1.28(b)(2)(v);

(2) To ensure that the form on which information is collected (or a separate form that can be retained by the individual) makes clear what information the individual is required to disclose by law (and the statutory of other authority for that requirement), and what information requested is voluntary;

(3) To ensure that the form on which information is collected (or a separate form that can be retained by the individual) states clearly the principal purpose or purposes for which Treasury is collecting the information, and summarizes concisely the routine uses that will be made of the information;

(4) To ensure that the form on which information is collected (or a separate form that can be retained by the individual) clearly indicates to the individual the effect that not providing all, or part of the requested information will have on their rights, benefits, or privileges of; and

(5) To ensure that any form on which Treasury requests a Social Security number (SSN) (or a separate form that can be retained by the individual) clearly advises the individual of the statute or regulation requiring disclosure of the SSN or clearly advises the individual that disclosure is voluntary and that they will not be denied any right, benefit, or privilege if they refuse to voluntarily disclose it, and the uses that will be made of the SSN whether disclosed mandatorily or voluntarily.

(c) Revision of forms. The responsible officers must revise any form which does not meet the objectives specified in the Privacy Act as discussed in this section. A separate statement may be used in instances when a form does not conform. This statement will accompany a form and must include all the information necessary to accomplish the objectives specified in the Privacy Act and this section.

§ 1.36 - Systems exempt in whole or in part from provisions of the Privacy Act and this part.

(a) In general. In accordance with 5 U.S.C. 552a(j) and (k) and § 1.23(c), Treasury hereby exempts the systems of records identified in paragraphs (c) through (o) of this section from the following provisions of the Privacy Act for the reasons indicated.

(b) Authority. The rules in this section are promulgated pursuant to the authority vested in the Secretary of the Treasury by 5 U.S.C. 552a(j) and (k) and pursuant to the authority of § 1.23(c).

(c) General exemptions under 5 U.S.C. 552a(j)(2). (1) Under 5 U.S.C. 552a(j)(2), the head of any agency may promulgate rules to exempt any system of records within the agency from certain provisions of the Privacy Act if the agency or component thereof that maintains the system performs as its principal function any activities pertaining to the enforcement of criminal laws. Certain Treasury components have as their principal function activities pertaining to the enforcement of criminal laws. This paragraph (c) applies to the following systems of records maintained by Treasury:

(i) Treasury-wide.

Table 1 to Paragraph (c)(1)(i)

No. Name of system Treasury .013Department of the Treasury Civil Rights Complaints and Compliance Review Files.

(ii) Departmental Offices.

Table 2 to Paragraph (c)(1)(ii)

No. Name of system DO .190Office of Inspector General Investigations Management Information System (formerly: Investigation Data Management System). DO .220SIGTARP Hotline Database. DO .221SIGTARP Correspondence Database. DO .222SIGTARP Investigative MIS Database. DO .223SIGTARP Investigative Files Database. DO .224SIGTARP Audit Files Database. DO .303TIGTA General Correspondence. DO .307TIGTA Employee Relations Matters, Appeals, Grievances, and Complaint Files. DO .308TIGTA Data Extracts. DO .309TIGTA Chief Counsel Case Files. DO .310TIGTA Chief Counsel Disclosure Section Records. DO .311TIGTA Office of Investigations Files.

(iii) Special Investigator for Pandemic Recovery (SIGPR).

Table 3 to Paragraph (c)(1)(iii)

SIGPR .420Audit and Evaluations Records. SIGPR .421Case Management System and Investigative Records. SIGPR .423Legal Records.

(iv) Alcohol and Tobacco and Trade Bureau (TTB).

Table 4 to Paragraph (c)(1)(iv)

No. Name of system TTB .003Criminal Investigation Report System.

(v) Office of the Comptroller of the Currency (OCC).

Table 5 to Paragraph (c)(1)(v)

No. Name of system CC .110Reports of Suspicious Activities. CC .120Bank Fraud Information System. CC .220Notices of Proposed Changes in Employees, Officers and Directors Tracking System. CC .500Chief Counsel's Management Information System. CC .510Litigation Information System.

(vi) Internal Revenue Service.

Table 6 to Paragraph (c)(1)(vi)

No. Name of system IRS 34.022National Background Investigations Center Management Information System (NBICMIS). IRS 46.002Criminal Investigation Management Information System and Case Files. IRS 46.003Confidential Informants, Criminal Investigation Division. IRS 46.005Electronic Surveillance and Monitoring Records, Criminal Investigation Division. IRS 46.009Centralized Evaluation and Processing of Information Items (CEPIIs), Criminal Investigation Division. IRS 46.015Relocated Witnesses, Criminal Investigation Division. IRS 46.016Secret Service Details, Criminal Investigation Division. IRS 46.022Treasury Enforcement Communications System (TECS). IRS 46.050Automated Information Analysis System. IRS 90.001Chief Counsel Management Information System Records. IRS 90.004Chief Counsel Legal Processing Division Records. IRS 90.005Chief Counsel Library Records.

(vii) Financial Crimes Enforcement Network.

Table 7 to Paragraph (c)(1)(vii)

No. Name of system FinCEN .001FinCEN Investigations and Examinations System. FinCEN .002Suspicious Activity Reporting System. FinCEN .003Bank Secrecy Act Reports System.

(2) The Department hereby exempts the systems of records listed in paragraphs (c)(1)(i) through (vii) of this section from the following provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(j)(2): 5 U.S.C. 552a(c)(3) and (4), 5 U.S.C. 552a(d)(1), (2), (3), (4), 5 U.S.C. 552a(e)(1), (2) and (3), 5 U.S.C. 552a(e)(4)(G), (H), and (I), 5 U.S.C. 552a(e)(5) and (8), 5 U.S.C. 552a(f), and 5 U.S.C. 552a(g).

(d) Reasons for exemptions under 5 U.S.C. 552a(j)(2). (1) 5 U.S.C. 552a(e)(4)(G) and (f)(l) enable individuals to inquire whether a system of records contains records pertaining to them. Application of these provisions to the systems of records would give individuals an opportunity to learn whether they have been identified as suspects or subjects of investigation. As further described in the paragraphs (d)(2) through (12) of this section, access to such knowledge would impair the Department's ability to carry out its mission, since individuals could:

(i) Take steps to avoid detection;

(ii) Inform associates that an investigation is in progress;

(iii) Learn the nature of the investigation;

(iv) Learn whether they are only suspects or identified as law violators;

(v) Begin, continue, or resume illegal conduct upon learning that they are not identified in the system of records; or

(vi) Destroy evidence needed to prove the violation.

(2) 5 U.S.C. 552a(d)(1), (e)(4)(H), and (f)(2), (3), and (5) grant individuals access to records pertaining to them. The application of these provisions to the systems of records would compromise the Department's ability to provide useful tactical and strategic information to law enforcement agencies.

(i) Permitting access to records contained in the systems of records would provide individuals with information concerning the nature of any current investigations and would enable them to avoid detection or apprehension by:

(A) Discovering the facts that would form the basis for their arrest;

(B) Enabling them to destroy or alter evidence of criminal conduct that would form the basis for their arrest; and

(C) Using knowledge that criminal investigators had reason to believe that a crime was about to be committed, to delay the commission of the crime or commit it at a location that might not be under surveillance.

(ii) Permitting access to either on-going or closed investigative files would also reveal investigative techniques and procedures, the knowledge of which could enable individuals planning crimes to structure their operations to avoid detection or apprehension.

(iii) Permitting access to investigative files and records could, moreover, disclose the identity of confidential sources and informants and the nature of the information supplied and thereby endanger the physical safety of those sources by exposing them to possible reprisals for having provided the information. Confidential sources and informants might refuse to provide criminal investigators with valuable information unless they believe that their identities will not be revealed through disclosure of their names or the nature of the information they supplied. Loss of access to such sources would seriously impair the Department's ability to carry out its mandate.

(iv) Furthermore, providing access to records contained in the systems of records could reveal the identities of undercover law enforcement officers who compiled information regarding the individual's criminal activities and thereby endanger the physical safety of those undercover officers or their families by exposing them to possible reprisals.

(v) By compromising the law enforcement value of the systems of records for the reasons outlined in paragraphs (d)(2)(i) through (iv) of this section, permitting access in keeping with these provisions would discourage other law enforcement and regulatory agencies, foreign and domestic, from freely sharing information with the Department and thus would restrict the Department's access to information necessary to accomplish its mission most effectively.

(vi) Finally, the dissemination of certain information that the Department maintains in the systems of records is restricted by law.

(3) 5 U.S.C. 552a(d)(2), (3), and (4), (e)(4)(H), and (f)(4) permit an individual to request amendment of a record pertaining to him or her and require the agency either to amend the record, or to note the disputed portion of the record and to provide a copy of the individual's statement of disagreement with the agency's refusal to amend a record to persons or other agencies to whom the record is thereafter disclosed. Since these provisions depend on the individual having access to his or her records, and since these rules exempt the systems of records from the provisions of the Privacy Act relating to access to records, for the reasons set out in paragraph (d)(2) of this section, these provisions should not apply to the systems of records.

(4) 5 U.S.C. 552a(c)(3) requires an agency to make accountings of disclosures of a record available to the individual named in the record upon his or her request. The accountings must state the date, nature, and purpose of each disclosure of the record and the name and address of the recipient.

(i) The application of this provision would impair the ability of law enforcement agencies outside the Department of the Treasury to make effective use of information provided by the Department. Making accountings of disclosures available to the subjects of an investigation would alert them to the fact that another agency is conducting an investigation into their criminal activities and could reveal the geographic location of the other agency's investigation, the nature and purpose of that investigation, and the dates on which that investigation was active. Individuals possessing such knowledge would be able to take measures to avoid detection or apprehension by altering their operations, by transferring their criminal activities to other geographical areas, or by destroying or concealing evidence that would form the basis for arrest. In the case of a delinquent account, such release might enable the subject of the investigation to dissipate assets before levy.

(ii) Moreover, providing accountings to the subjects of investigations would alert them to the fact that the Department has information regarding their criminal activities and could inform them of the general nature of that information. Access to such information could reveal the operation of the Department's information-gathering and analysis systems and permit individuals to take steps to avoid detection or apprehension.

(5) 5 U.S.C. 552(c)(4) requires an agency to inform any person or other agency about any correction or notation of dispute that the agency made in accordance with 5 U.S.C. 552a(d) to any record that the agency disclosed to the person or agency if an accounting of the disclosure was made. Since this provision depends on an individual's having access to and an opportunity to request amendment of records pertaining to him or her, and since these rules exempt the systems of records from the provisions of the Privacy Act relating to access to and amendment of records, for the reasons set out in paragraph (f)(3) of this section, this provision should not apply to the systems of records.

(6) 5 U.S.C. 552a(e)(4)(I) requires an agency to publish a general notice listing the categories of sources for information contained in a system of records. The application of this provision to the systems of records could compromise the Department's ability to provide useful information to law enforcement agencies, since revealing sources for the information could:

(i) Disclose investigative techniques and procedures;

(ii) Result in threats or reprisals against informants by the subjects of investigations; and

(iii) Cause informants to refuse to give full information to criminal investigators for fear of having their identities as sources disclosed.

(7) 5 U.S.C. 552a(e)(1) requires an agency to maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or Executive order. The term maintain, as defined in 5 U.S.C. 552a(a)(3), includes collect and disseminate. The application of this provision to the systems of records could impair the Department's ability to collect and disseminate valuable law enforcement information.

(i) In many cases, especially in the early stages of investigation, it may be impossible to immediately determine whether information collected is relevant and necessary, and information that initially appears irrelevant and unnecessary often may, upon further evaluation or upon collation with information developed subsequently, prove particularly relevant to a law enforcement program.

(ii) Not all violations of law discovered by the Department fall within the investigative jurisdiction of the Department of the Treasury. To promote effective law enforcement, the Department will have to disclose such violations to other law enforcement agencies, including State, local, and foreign agencies, that have jurisdiction over the offenses to which the information relates. Otherwise, the Department might be placed in the position of having to ignore information relating to violations of law not within the jurisdiction of the Department of the Treasury when that information comes to the Department's attention during the collation and analysis of information in its records.

(8) 5 U.S.C. 552a(e)(2) requires an agency to collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individual's rights, benefits, and privileges under Federal programs. The application of this provision to the systems of records would impair the Department's ability to collate, analyze, and disseminate investigative, intelligence, and enforcement information.

(i) Most information collected about an individual under criminal investigation is obtained from third parties, such as witnesses and informants. It is usually not feasible to rely upon the subject of the investigation as a source for information regarding his criminal activities.

(ii) An attempt to obtain information from the subject of a criminal investigation will often alert that individual to the existence of an investigation, thereby affording the individual an opportunity to attempt to conceal his criminal activities so as to avoid apprehension.

(iii) In certain instances, the subject of a criminal investigation may assert his/her constitutional right to remain silent and refuse to supply information to criminal investigators upon request.

(iv) During criminal investigations it is often a matter of sound investigative procedure to obtain information from a variety of sources to verify information already obtained from the subject of a criminal investigation or other sources.

(9) 5 U.S.C. 552a(e)(3) requires an agency to inform each individual whom it asks to supply information, on the form that it uses to collect the information or on a separate form that the individual can retain, of the agency's authority for soliciting the information; whether disclosure of information is voluntary or mandatory; the principal purposes for which the agency will use the information; the routine uses that may be made of the information; and the effects on the individual of not providing all or part of the information. The systems of records should be exempted from this provision to avoid impairing the Department's ability to collect and collate investigative, intelligence, and enforcement data.

(i) Confidential sources or undercover law enforcement officers often obtain information under circumstances in which it is necessary to keep the true purpose of their actions secret so as not to let the subject of the investigation or his or her associates know that a criminal investigation is in progress.

(ii) If it became known that the undercover officer was assisting in a criminal investigation, that officer's physical safety could be endangered through reprisal, and that officer may not be able to continue working on the investigation.

(iii) Individuals often feel inhibited in talking to a person representing a criminal law enforcement agency but are willing to talk to a confidential source or undercover officer whom they believe are not involved in law enforcement activities.

(iv) Providing a confidential source of information with written evidence that he or she was a source, as required by this provision, could increase the likelihood that the source of information would be subject to retaliation by the subject of the investigation.

(v) Individuals may be contacted during preliminary information gathering, surveys, or compliance projects concerning the administration of the internal revenue laws before any individual is identified as the subject of an investigation. Informing the individual of the matters required by this provision would impede or compromise subsequent investigations.

(10) 5 U.S.C. 552a(e)(5) requires an agency to maintain all records it uses in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination.

(i) Since 5 U.S.C. 552a(a)(3) defines maintain to include collect and disseminate, application of this provision to the systems of records would hinder the initial collection of any information that could not, at the moment of collection, be determined to be accurate, relevant, timely, and complete. Similarly, application of this provision would seriously restrict the Department's ability to disseminate information pertaining to a possible violation of law-to-law enforcement and regulatory agencies. In collecting information during a criminal investigation, it is often impossible or unfeasible to determine accuracy, relevance, timeliness, or completeness prior to collection of the information. In disseminating information to law enforcement and regulatory agencies, it is often impossible to determine accuracy, relevance, timeliness, or completeness prior to dissemination because the Department may not have the expertise with which to make such determinations.

(ii) Information that may initially appear inaccurate, irrelevant, untimely, or incomplete may, when collated and analyzed with other available information, become more pertinent as an investigation progresses. In addition, application of this provision could seriously impede criminal investigators and intelligence analysts in the exercise of their judgment in reporting results obtained during criminal investigations.

(11) 5 U.S.C. 552a(e)(8) requires an agency to make reasonable efforts to serve notice on an individual when the agency makes any record on the individual available to any person under compulsory legal process, when such process becomes a matter of public record. The systems of records should be exempted from this provision to avoid revealing investigative techniques and procedures outlined in those records and to prevent revelation of the existence of an ongoing investigation where there is need to keep the existence of the investigation secret.

(12) 5 U.S.C. 552a(g) provides for civil remedies to an individual when an agency wrongfully refuses to amend a record or to review a request for amendment, when an agency wrongfully refuses to grant access to a record, when an agency fails to maintain accurate, relevant, timely, and complete records which are used to make a determination adverse to the individual, and when an agency fails to comply with any other provision of the Privacy Act so as to adversely affect the individual. The systems of records should be exempted from this provision to the extent that the civil remedies may relate to provisions of the Privacy Act from which these rules exempt the systems of records, since there should be no civil remedies for failure to comply with provisions from which the Department is exempted. Exemption from this provision will also protect the Department from baseless civil court actions that might hamper its ability to collate, analyze, and disseminate investigative, intelligence, and law enforcement data.

(e) Specific exemptions under 5 U.S.C. 552a(k)(1). (1) Under 5 U.S.C. 552a(k)(1), the head of any agency may promulgate rules to exempt any system of records within the agency from certain provisions of the Privacy Act to the extent that the system contains information subject to the provisions of 5 U.S.C. 552(b)(1). This paragraph (e) applies to the following systems of records maintained by the Department of the Treasury:

(i) Departmental Offices.

Table 8 to Paragraph (e)(1)(i)

No. Name of system DO .120Records Related to Office of Foreign Assets Control Economic Sanctions. DO .227Committee on Foreign Investment in the United States (CFIUS) Case Management System. DO .411Intelligence Enterprise Files.

(ii) [Reserved]

(2) The Department of the Treasury hereby exempts the systems of records listed in paragraph (e)(1) of this section from the following provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(1): 5 U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).

(f) Reasons for exemptions under 5 U.S.C. 552a(k)(1). The reason for invoking the exemption is to protect material authorized to be kept secret in the interest of national defense or foreign policy pursuant to Executive Orders 12958, 13526, or successor or prior Executive orders.

(g) Specific exemptions under 5 U.S.C. 552a(k)(2). (1) Under 5 U.S.C. 552a(k)(2), the head of any agency may promulgate rules to exempt any system of records within the agency from certain provisions of the Privacy Act if the system is investigatory material compiled for law enforcement purposes and for the purposes of assuring the safety of individuals protected by the Department pursuant to the provisions of 18 U.S.C. 3056. This paragraph (g) applies to the following systems of records maintained by the Department of the Treasury:

(i) Departmental Offices.

Table 9 to Paragraph (g)(1)(i)

No. Name of system DO .120Records Related to Office of Foreign Assets Control Economic Sanctions. DO .144General Counsel Litigation Referral and Reporting System. DO .190Office of Inspector General Investigations Management Information System (formerly: Investigation Data Management System). DO .220SIGTARP Hotline Database. DO .221SIGTARP Correspondence Database. DO .222SIGTARP Investigative MIS Database. DO .223SIGTARP Investigative Files Database. DO .224SIGTARP Audit Files Database. DO .225TARP Fraud Investigation Information System. DO .227Committee on Foreign Investment in the United States (CFIUS) Case Management System. DO .303TIGTA General Correspondence. DO .307TIGTA Employee Relations Matters, Appeals, Grievances, and Complaint Files. DO .308TIGTA Data Extracts. DO .309TIGTA Chief Counsel Case Files. DO .310TIGTA Chief Counsel Disclosure Section Records. DO .311TIGTA Office of Investigations Files.

(ii) Special Investigator for Pandemic Recovery (SIGPR).

Table 10 to Paragraph (g)(1)(ii)

SIGPR .420Audit and Evaluations Records. SIGPR .421Case Management System and Investigative Records. SIGPR .423Legal Records.

(iii) The Alcohol and Tobacco Tax and Trade Bureau (TTB).

Table 11 to Paragraph (g)(1)(iii)

No. Name of system TTB .001Regulatory Enforcement Record System.

(iv) Comptroller of the Currency.

Table 12 to Paragraph (g)(1)(iv)

No. Name of system CC .100Enforcement Action Report System. CC .110Reports of Suspicious Activities. CC .120Bank Fraud Information System. CC .220Notices of Proposed Changes in Employees, Officers and Directors Tracking System. CC .500Chief Counsel's Management Information System. CC .510Litigation Information System.

(v) Bureau of Engraving and Printing.

Table 13 to Paragraph (g)(1)(v)

No. Name of system BEP .021Investigative files.

(vi) Internal Revenue Service.

Table 14 to Paragraph (g)(1)(vi)

No. Name of system IRS 00.002Correspondence File-Inquiries about Enforcement Activities. IRS 00.007Employee Complaint and Allegation Referral Records. IRS 00.334Third Party Contact Reprisal Records. IRS 22.061Wage and Information Returns Processing (IRP). IRS 26.001Acquired Property Records. IRS 26.006Form 2209, Courtesy Investigations. IRS 26.008IRS and Treasury Employee Delinquency. IRS 26.011Litigation Case Files. IRS 26.012Offer in Compromise (OIC) Files. IRS 26.013One-hundred Per Cent Penalty Cases. IRS 26.016Returns Compliance Programs (RCP). IRS 26.019TDA (Taxpayer Delinquent Accounts). IRS 26.020TDI (Taxpayer Delinquency Investigations) Files. IRS 26.021Transferee Files. IRS 26.022Delinquency Prevention Programs. IRS 34.020IRS Audit Trail Lead Analysis System. IRS 34.037IRS Audit Trail and Security Records System. IRS 37.002Applicant Appeal Files. IRS 37.003Closed Files Containing Derogatory Information about individuals' Practice before the IRS and Files of Attorneys and Certified Public Accountants Formerly Enrolled to Practice. IRS 37.004Derogatory Information (No Action). IRS 37.005Present Suspensions and Disbarments Resulting from Administrative Proceeding. IRS 37.007Inventory. IRS 37.009Resigned Enrolled Agents (action pursuant to 31 CFR Section 10.55(b)). IRS 37.011Present Suspensions from Practice Before the Internal Revenue Service. IRS 42.001Examination Administrative File. IRS 42.008Audit Information Management System (AIMS). IRS 42.012Combined Case Control Files. IRS 42.016Classification and Examination Selection Files. IRS 42.017International Enforcement Program Files. IRS 42.021Compliance Programs and Projects Files. IRS 42.029Audit Underreporter Case Files. IRS 42.030Discriminant Function File (DIF) Appeals Case Files. IRS 44.001Appeals Case Files. IRS 46.050Automated Information Analysis System. IRS 48.001Disclosure Records. IRS 49.001Collateral and Information Requests System. IRS 49.002Component Authority and Index Card Microfilm Retrieval System. IRS 49.007Overseas Compliance Projects System. IRS 60.000Employee Protection System Records. IRS 90.002Chief Counsel Disclosure Litigation Division Case Files. IRS 90.004Chief Counsel General Legal Services Case Files. IRS 90.005Chief Counsel General Litigation Case Files. IRS 90.009Chief Counsel Field Case Service Files. IRS 90.010Digest Room Files Containing Briefs, Legal Opinions, Digests of Documents Generated Internally or by the Department of Justice Relating to the Administration of the Revenue Laws. IRS 90.013Legal case files of the Chief Counsel, Deputy Chief Counsel, Associate Chief Counsels (Enforcement Litigation) and (technical). IRS 90.016Counsel Automated Tracking System (CATS).

(vii) U.S. Mint.

Table 15 to Paragraph (g)(1)(vii)

No. Name of system Mint .008Employee Background Investigations Files.

(viii) Bureau of the Fiscal Service.

Table 16 to Paragraph (g)(1)(viii)

No. Name of system FS .009Delegations and Designations of Authority for Disbursing Functions.

(ix) Financial Crimes Enforcement Network.

Table 17 to Paragraph (g)(1)(ix)

No. Name of system FinCEN .001FinCEN Database. FinCEN .002Suspicious Activity Reporting System. FinCEN .003Bank Secrecy Act Reports System.

(2) The Department hereby exempts the systems of records listed in paragraphs (g)(1)(i) through (ix) of this section from the following provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(2): 5 U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), (4), 5 U.S.C. 552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).

(h) Reasons for exemptions under 5 U.S.C. 552a(k)(2). (1) 5 U.S.C. 552a(c)(3) requires an agency to make accountings of disclosures of a record available to the individual named in the record upon his or her request. The accountings must state the date, nature, and purpose of each disclosure of the record and the name and address of the recipient.

(i) The application of this provision would impair the ability of the Department of the Treasury and of law enforcement agencies outside the Department to make effective use of information maintained by the Department. Making accountings of disclosures available to the subjects of an investigation would alert them to the fact that an agency is conducting an investigation into their illegal activities and could reveal the geographic location of the investigation, the nature and purpose of that investigation, and the dates on which that investigation was active. Individuals possessing such knowledge would be able to take measures to avoid detection or apprehension by altering their operations, by transferring their illegal activities to other geographical areas, or by destroying or concealing evidence that would form the basis for detection or apprehension. In the case of a delinquent account, such release might enable the subject of the investigation to dissipate assets before levy.

(ii) Providing accountings to the subjects of investigations would alert them to the fact that the Department has information regarding their illegal activities and could inform them of the general nature of that information.

(2) 5 U.S.C. 552a(d)(1), (e)(4)(H) and (f)(2), (3), and (5) grant individuals access to records pertaining to them. The application of these provisions to the systems of records would compromise the Department's ability to utilize and provide useful tactical and strategic information to law enforcement agencies.

(i) Permitting access to records contained in the systems of records would provide individuals with information concerning the nature of any current investigations and would enable them to avoid detection or apprehension by:

(A) Discovering the facts that would form the basis for their detection or apprehension;

(B) Enabling them to destroy or alter evidence of illegal conduct that would form the basis for their detection or apprehension; and

(C) Using knowledge that investigators had reason to believe that a violation of law was about to be committed, to delay the commission of the violation or commit it at a location that might not be under surveillance.

(ii) Permitting access to either on-going or closed investigative files would also reveal investigative techniques and procedures, the knowledge of which could enable individuals planning non-criminal acts to structure their operations so as to avoid detection or apprehension.

(iii) Permitting access to investigative files and records could, moreover, disclose the identity of confidential sources and informants and the nature of the information supplied and thereby endanger the physical safety of those sources by exposing them to possible reprisals for having provided the information. Confidential sources and informants might refuse to provide investigators with valuable information unless they believed that their identities would not be revealed through disclosure of their names or the nature of the information they supplied. Loss of access to such sources would seriously impair the Department's ability to carry out its mandate.

(iv) Furthermore, providing access to records contained in the systems of records could reveal the identities of undercover law enforcement officers or other persons who compiled information regarding the individual's illegal activities and thereby endanger the physical safety of those undercover officers, persons, or their families by exposing them to possible reprisals.

(v) By compromising the law enforcement value of the systems of records for the reasons outlined in paragraphs (h)(2)(i) through (iv) of this section, permitting access in keeping with these provisions would discourage other law enforcement and regulatory agencies, foreign and domestic, from freely sharing information with the Department and thus would restrict the Department's access to information necessary to accomplish its mission most effectively.

(vi) Finally, the dissemination of certain information that the Department may maintain in the systems of records is restricted by law.

(3) 5 U.S.C. 552a(d)(2), (3), and (4), (e)(4)(H), and (f)(4) permit an individual to request amendment of a record pertaining to him or her and require the agency either to amend the record, or to note the disputed portion of the record and to provide a copy of the individual's statement of disagreement with the agency's refusal to amend a record to persons or other agencies to whom the record is thereafter disclosed. Since these provisions depend on the individual having access to his or her records, and since these rules exempt the systems of records from the provisions of the Privacy Act relating to access to records, these provisions should not apply to the systems of records for the reasons set out in paragraph (h)(2) of this section.

(4) 5 U.S.C. 552a(e)(1) requires an agency to maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required by statute or Executive order. The term maintain, as defined in 5 U.S.C. 552a(a)(3), includes collect and disseminate. The application of this provision to the system of records could impair the Department's ability to collect, utilize and disseminate valuable law enforcement information.

(i) In many cases, especially in the early stages of investigation, it may be impossible immediately to determine whether information collected is relevant and necessary, and information that initially appears irrelevant and unnecessary often may, upon further evaluation or upon collation with information developed subsequently, prove particularly relevant to a law enforcement program.

(ii) Not all violations of law discovered by the Department analysts fall within the investigative jurisdiction of the Department of the Treasury. To promote effective law enforcement, the Department will have to disclose such violations to other law enforcement agencies, including State, local, and foreign agencies that have jurisdiction over the offenses to which the information relates. Otherwise, the Department might be placed in the position of having to ignore information relating to violations of law not within the jurisdiction of the Department of the Treasury when that information comes to the Department's attention during the collation and analysis of information in its records.

(5) 5 U.S.C. 552a(e)(4)(G) and (f)(1) enable individuals to inquire whether a system of records contains records pertaining to them. Application of these provisions to the systems of records would allow individuals to learn whether they have been identified as suspects or subjects of investigation. As further described in paragraphs (h)(5)(i) through (vi) of this section, access to such knowledge would impair the Department's ability to carry out its mission, since individuals could:

(i) Take steps to avoid detection;

(ii) Inform associates that an investigation is in progress;

(iii) Learn the nature of the investigation;

(iv) Learn whether they are only suspects or identified as law violators;

(v) Begin, continue, or resume illegal conduct upon learning that they are not identified in the system of records; or

(vi) Destroy evidence needed to prove the violation.

(6) 5 U.S.C. 552a(e)(4)(I) requires an agency to publish a general notice listing the categories of sources for information contained in a system of records. The application of this provision to the systems of records could compromise the Department's ability to complete or continue investigations or to provide useful information to law enforcement agencies, since revealing sources for the information could:

(i) Disclose investigative techniques and procedures;

(ii) Result in threats or reprisals against informants by the subjects of investigations; and

(iii) Cause informants to refuse to give full information to investigators for fear of having their identities as sources disclosed.

(i) Specific exemptions under 5 U.S.C. 552a(k)(4). (1) Under 5 U.S.C. 552a(k)(4), the head of any agency may promulgate rules to exempt any system of records within the agency from certain provisions of the Privacy Act if the system is required by statute to be maintained and used solely as statistical records. This paragraph (i) applies to the following system of records maintained by the Department, for which exemption is claimed under 5 U.S.C. 552a(k)(4).

(i) Internal Revenue Service.

Table 18 to Paragraph (i)(1)(i)

No. Name of system IRS 70.001Individual Income Tax Returns, Statistics of Income.

(ii) [Reserved]

(2) The Department hereby exempts the system of records listed in paragraph (i)(1) of this section from the following provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(4): 5 U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).

(3) The system of records is maintained under 26 U.S.C. 6108, which requires that the Secretary or his delegate prepare and publish annually statistics reasonably available with respect to the operation of the income tax laws, including classifications of taxpayers and of income, the amounts allowed as deductions, exemptions, and credits, and any other facts deemed pertinent and valuable.

(j) Reasons for exemptions under 5 U.S.C. 552a(k)(4). The reason for exempting the system of records is that disclosure of statistical records (including release of accounting for disclosures) would in most instances be of no benefit to a particular individual since the records do not have a direct effect on a given individual.

(k) Specific exemptions under 5 U.S.C. 552a(k)(5). (1) Under 5 U.S.C. 552a(k)(5), the head of any agency may promulgate rules to exempt any system of records within the agency from certain provisions of the Privacy Act if the system is investigatory material compiled solely for the purpose of determining suitability, eligibility, and qualifications for Federal civilian employment or access to classified information, but only to the extent that the disclosure of such material would reveal the identity of a source who furnished information to the Government under an express promise that the identity of the source would be held in confidence, or, prior to September 27, 1975, under an implied promise that the identity of the source would be held in confidence. Thus, to the extent that the records in this system can be disclosed without revealing the identity of a confidential source, they are not within the scope of this exemption and are subject to all the requirements of the Privacy Act. This paragraph (j) applies to the following systems of records maintained by the Department or one of its bureaus:

(i) Departmental Offices.

Table 19 to Paragraph (k)(1)(i)

No. Name of system DO .004Personnel Security System. DO .306TIGTA Recruiting and Placement Records.

(ii) Internal Revenue Service.

Table 20 to Paragraph (k)(1)(ii)

No. Name of system IRS 34.021Personnel Security Investigations. IRS 34.022Automated Background Investigations System (ABIS). IRS 90.006Chief Counsel Human Resources and Administrative Records.

(2) The Department hereby exempts the systems of records listed in paragraphs (k)(1)(i) and (ii) of this section from the following provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(5): 5 U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).

(l) Reasons for exemptions under 5 U.S.C. 552a(k)(5). (1) The sections of 5 U.S.C. 552a from which the systems of records are exempt include in general those providing for individuals' access to or amendment of records. When such access or amendment would cause the identity of a confidential source to be revealed, it would impair the future ability of the Department to compile investigatory material for the purpose of determining suitability, eligibility, or qualifications for Federal civilian employment, Federal contracts, or access to classified information. In addition, the systems shall be exempt from 5 U.S.C. 552a(e)(1) which requires that an agency maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or executive order. The Department believes that to fulfill the requirements of 5 U.S.C. 552a(e)(1) would unduly restrict the agency in its information gathering inasmuch as it is often not until well after the investigation that it is possible to determine the relevance and necessity of particular information.

(2) If any investigatory material contained in the above-named systems becomes involved in criminal or civil matters, exemptions of such material under 5 U.S.C. 552a(j)(2) or (k)(2) is hereby claimed.

(m) Exemption under 5 U.S.C. 552a(k)(6). (1) Under 5 U.S.C. 552a(k)(6), the head of any agency may promulgate rules to exempt any system of records that is testing, or examination material used solely to determine individual qualifications for appointment or promotion in the Federal service the disclosure of which would compromise the objectivity or fairness of the testing or examination process. This paragraph (m) applies to the following system of records maintained by the Department, for which exemption is claimed under 5 U.S.C. 552a(k)(6).

(i) Departmental Offices.

Table 21 to Paragraph (m)(1)(i)

No. Name of system DO .306TIGTA Recruiting and Placement Records.

(ii) [Reserved]

(2) The Department hereby exempts the system of records listed in paragraph (m)(1) of this section from the following provisions of the Privacy Act, pursuant to 5 U.S.C. 552a(k)(6): 5 U.S.C. 552a(c)(3), 5 U.S.C. 552a(d)(1), (2), (3), and (4), 5 U.S.C. 552a(e)(1), 5 U.S.C. 552a(e)(4)(G), (H), and (I), and 5 U.S.C. 552a(f).

(n) Reasons for exemptions under 5 U.S.C. 552a(k)(6). The reason for exempting the system of records is that disclosure of the material in the system would compromise the objectivity or fairness of the examination process.

(o) Exempt information included in another system. Any information from a system of records for which an exemption is claimed under 5 U.S.C. 552a(j) or (k) which is also included in another system of records retains the same exempt status such information has in the system for which such exemption is claimed.

Appendix A - Appendix A to Subpart C of Part 1—Departmental Offices

1. In general. This appendix applies to the Departmental Offices as defined in this subpart, § 1.20. It sets forth specific notification and access procedures with respect to particular systems of records, identifies the officers designated to make the initial determinations with respect to notification and access to records, the officers designated to make the initial and appellate determinations with respect to requests for amendment of records, the officers designated to grant extensions of time on appeal, the officers with whom “Statement of Disagreement” may be filed, the officer designated to receive service of process and the addresses for delivery of requests, appeals, and service of process. In addition, it references the notice of systems of records and notices of the routine uses of the information in the system required by 5 U.S.C. 552a(e)(4) and (11) and published annually by the Office of the Federal Register in “Privacy Act Issuances.”

2. Requests for notification and access to records and accountings of disclosures. Initial determinations under § 1.26, whether to grant requests for notification and access to records and accountings of disclosures for the Departmental Offices, will be made by the head of the organizational unit having immediate custody of the records requested, or the delegate of such official. This information is contained in the appropriate system notice in the “Privacy Act Issuances”, published annually by the Office of the Federal Register. Requests for information and specific guidance on where to send requests for records should be addressed to:

Privacy Act Request, DO, Director, FOIA and Transparency, Department of the Treasury, 1500 Pennsylvania Avenue NW., Washington, DC 20220. Requests may also be submitted: on the Treasury/FOIA portal, which can be found at: https://home.treasury.gov/footer/freedom-of-information-act/submit-a-request; or by email at [email protected].

3. Requests for amendments of records. Initial determinations under § 1.27(a) through (d) with respect to requests to amend records for records maintained by the Departmental Offices will be made by the head of the organization or unit having immediate custody of the records or the delegate of such official. Requests for amendment of records should be addressed as indicated in the appropriate system notice in “Privacy Act Issuances” published by the Office of the Federal Register. Requests for information and specific guidance on where to send these requests should be addressed to: Privacy Act Amendment Request, DO, Director, FOIA and Transparency, Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220.

4. Administrative appeal of initial determination refusing to amend record. Appellate determinations under § 1.27(e) with respect to records of the Departmental Offices, including extensions of time on appeal, will be made by the Secretary, Deputy Secretary, Under Secretary, General Counsel, Special Inspector General for Troubled Assets Relief Program, or Assistant Secretary having jurisdiction over the organizational unit which has immediate custody of the records, or the delegate of such official, as limited by 5 U.S.C. 552a(d)(2) and (3). Appeals made by mail should be addressed as indicated in the letter of initial decision or to: Privacy Act Amendment Request, DO, Director, FOIA and Transparency, Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220.

5. Statements of disagreement. “Statements of Disagreement” as described in § 1.27(e)(4) shall be filed with the official signing the notification of refusal to amend at the address indicated in the letter of notification within 35 days of the date of notification and should be limited to one page.

6. Service of process. Service of process will be received by the General Counsel of the Department of the Treasury or the delegate of such official and shall be delivered to the following location: General Counsel, Department of the Treasury, Room 3000, Main Treasury Building, 1500 Pennsylvania Avenue NW, Washington, DC 20220.

7. Annual notice of systems of records. The annual notice of systems of records required to be published by the Office of the Federal Register in the publication entitled “Privacy Act Issuances”, as specified in 5 U.S.C. 552a(f). Any specific requirements for access, including identification requirements, in addition to the requirements set forth in §§ 1.26 and 1.27 and section 8 of this appendix, and locations for access are indicated in the notice for the pertinent system.

8. Verification of identity. An individual seeking notification or access to records, or seeking to amend a record, must satisfy one of the following identification requirements before action will be taken by the Departmental Offices on any such request:

(i) An individual seeking notification or access to records in person, or seeking to amend a record in person, may establish identity by the presentation of a single official document bearing a photograph (such as a passport or identification badge) or by the presentation of two items of identification which do not bear a photograph but do bear both a name and signature (such as a driver's license or credit card).

(ii) An individual seeking notification or access to records by mail, or seeking to amend a record by mail, may establish identity by a signature, address, and one other identifier such as a photocopy of a driver's license or other official document bearing the individual's signature.

(iii) Notwithstanding paragraphs 8(i) and (ii) of this appendix, an individual seeking notification or access to records by mail or in person, or seeking to amend a record by mail or in person, who so desires, may establish identity by providing a notarized statement, swearing or affirming to such individual's identity and to the fact that the individual understands the penalties provided in 5 U.S.C. 552a(i)(3) for requesting or obtaining access to records under false pretenses.

(iv) Notwithstanding paragraph 8(i), (ii), or (iii) of this appendix, a designated official may require additional proof of an individual's identity before action will be taken on any request, if such official determines that it is necessary to protect against unauthorized disclosure of information in a particular case. In addition, a parent of any minor or a legal guardian of any individual will be required to provide adequate proof of legal relationship before such person may act on behalf of such minor or such individual.

Appendix B - Appendix B to Subpart C of Part 1—Internal Revenue Service

1. Purpose. The purpose of this section is to set forth the procedures that have been established by the Internal Revenue Service for individuals to exercise their rights under the Privacy Act (Pub. L. 93–579, 88 Stat. 1896) with respect to systems of records maintained by the Internal Revenue Service, including the Office of the Chief Counsel. The procedures contained in this section are to be promulgated under the authority of 5 U.S.C. 552a(f). The procedures contained in this section relate to the following:

(a) The procedures whereby an individual can be notified in response to a request if a system of records named by the individual contains a record pertaining to such individual (5 U.S.C. 552a(f)(1)).

(b) The procedures governing reasonable times, places, and requirements for identifying an individual who requests a record of information pertaining to such individual before the Internal Revenue Service will make the record or information available to the individual (5 U.S.C. 552a(f)(2)).

(c) The procedures for the disclosure to an individual upon a request of a record of information pertaining to such individual, including special procedures for the disclosure to an individual of medical records, including psychological records (5 U.S.C. 552a(f)(3)).

(d) The procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to the individual, for making a determination on the request, for an appeal within the Internal Revenue Service of an initial adverse agency determination, and for whatever additional means may be necessary for individuals to be able to exercise fully their right under the Privacy Act (5 U.S.C. 552a(f)(4)).

Any individual seeking to determine whether a system of records maintained by any office of the Internal Revenue Service contains a record or information pertaining to such individual, or seeking access to, or amendment of, such a record, must comply fully with the applicable procedure contained in section 3 or 4 of this appendix before the Internal Revenue Service will act on the request. Neither the notification and access (or accounting of disclosures) procedures under section 3 of this appendix nor the amendment procedures under section 4 of this appendix are applicable to:

(i) Systems of records exempted pursuant to 5 U.S.C. 552a(j) and (k);

(ii) Information compiled in reasonable anticipation of a civil action or proceeding (see 5 U.S.C. 552a(d)(5)); or

(iii) Information pertaining to an individual which is contained in, and inseparable from, another individual's record.

2. Access to and amendment of tax records. The provisions of the Privacy Act may not be used by an individual to amend or correct any tax record. The determination of liability for taxes imposed by the Internal Revenue Service Code, the collection of such taxes, and the payment (including credits or refunds of overpayments) of such taxes are governed by the provisions of the Internal Revenue Service Code and by the procedural rules of the Internal Revenue Service. These provisions set forth the established procedures governing the determination of liability for tax, the collection of such taxes, and the payment (including credits or refunds of overpayments) of such taxes. In addition, these provisions set forth the procedures (including procedures for judicial review) for resolving disputes between taxpayers and the Internal Revenue Service involving the amount of tax owed, or the payment or collection of such tax. These procedures are the exclusive means available to an individual to contest the amount of any liability for tax or the payment or collection thereof. See, for example, 26 CFR 601.103 for summary of general tax procedures. Individuals are advised that Internal Revenue Service procedures permit the examination of tax records during the course of an investigation, audit, or collection activity. Accordingly, individuals should contact the Internal Revenue Service employee conducting an audit or effecting the collection of tax liabilities to gain access to such records, rather than seeking access under the provisions of the Privacy Act. Where, on the other hand, an individual desires information or records not in connection with an investigation, audit, or collection activity, the individual may follow these procedures.

3. Procedures for access to records—(a) In general. This paragraph sets forth the procedure whereby an individual can be notified in response to a request if a system of records named by the individual which is maintained by the Internal Revenue Service contains a record pertaining to such individual. In addition, this paragraph sets forth the procedure for the disclosure to an individual upon a request of a record or information pertaining to such individual, including the procedures for verifying the identity of the individual before the Internal Revenue Service will make a record available, and the procedure for requesting an accounting of disclosures of such records. An individual seeking to determine whether a particular system of records contains a record or records pertaining to such individual and seeking access to such records (or seeking an accounting of disclosures of such records) shall make a request for notification and access (or a request for an accounting of disclosures) in accordance with the rules provided in paragraph 3(b) of this appendix.

(b) Form of request for notification and access or request for an accounting of disclosures. (i) A request for notification and access (or request for an accounting of disclosures) shall be made in writing and shall be signed by the person making the request.

(ii) Such request shall be clearly marked, “Request for notification and access,” or “Request for accounting of disclosures.”

(iii) Such a request shall contain a statement that it is being made under the provisions of the Privacy Act.

(iv) Such request shall contain the name and address of the individual making the request. In addition, if a particular system employs an individual's social security number as an essential means of accessing the system, the request must include the individual's Social Security number. In the case of a record maintained in the name of two or more individuals (e.g., husband and wife), the request shall contain the names, addresses, and Social Security numbers (if necessary) of both individuals.

(v) Such request shall specify the name and location of the particular system of records (as set forth in the Notice of Systems) for which the individual is seeking notification and access (or an accounting of disclosures), and the title and business address of the official designated in the access section for the particular system (as set forth in the Notice of Systems). In the case of two or more systems of records which are under the control of the same designated official at the same systems location, a single request may be made for such systems. In the case of two or more systems of records which are not in the control of the same designated official at the same systems location, a separate request must be made for each such system.

(vi) If an individual wishes to limit a request for notification and access to a particular record or records, the request should identify the particular record. In the absence of a statement to the contrary, a request for notification and access for a particular system of records shall be considered to be limited to records which are currently maintained by the designated official at the systems location specified in the request.

(vii) If such request is seeking notification and access to material maintained in a system of records which is exempt from disclosure and access under 5 U.S.C. 552a(k)(2), the individual making the request must establish that such individual has been denied a right, privilege, or benefit that such individual would otherwise be entitled to under Federal law as a result of the maintenance of such material.

(viii) Such request shall state whether the individual wishes to inspect the record in person, or desires to have a copy made and furnished without first inspecting it. If the individual desires to have a copy made, the request must include an agreement to pay the fee for duplication ultimately determined to be due. If the individual does not wish to inspect a record, but merely wishes to be notified whether a particular system or records contains a record pertaining to such individual, the request should so state.

(c) Time and place for making a request. A request for notification and access to records under the Privacy Act (or a request for accounting of disclosures) shall be addressed to or delivered in person to the office of the official designated in the access section for the particular system of records for which the individual is seeking notification and access (or an accounting of disclosures). The title and office address of such official is set forth for each system of records in the Notice of Systems of Records. A request delivered to an office in person must be delivered during the regular office hours of that office.

(d) Sample request for notification and access to records. The following are sample requests for notification and access to records which will satisfy the requirements of this paragraph:

Request for Notification and Access to Records by Mail

I, John Doe, of 100 Main Street, Boston, MA 02108 (soc. sec. num. 000–00–0000) request under the Privacy Act of 1974 that the following system of records be examined and that I be furnished with a copy of any record (or a specified record) contained therein pertaining to me. I agree that I will pay the fees ultimately determined to be due for duplication of such record. I have enclosed the necessary information.

System Name: System Location: Designated Official: John Doe Request for Notification and Access to Records in Person

I, John Doe, of 100 Main Street, Boston, MA 02108 (soc. sec. num. 000–00–0000) request under the provisions of the Privacy Act of 1974, that the following system of records be examined and that I be granted access in person to inspect any record (or a specified record) contained therein pertaining to me. I have enclosed the necessary identification.

System Name: System Location: Designated Official: John Doe

(e) Processing a request for notification and access to records or a request for an accounting of disclosures. (i) If a request for notification and access (or request for an accounting of disclosures) omits any information which is essential to processing the request, the request will not be acted upon and the individual making the request will be promptly advised of the additional information which must be submitted before the request can be processed.

(ii) Within 30 days (not including Saturdays, Sundays, and legal public holidays) after the receipt of a request for notification and access (or a request for an accounting of disclosures), to a particular system of records by the designated official for such system, a determination will be made as to whether the particular system of records is exempt from the notification and access provisions of the Privacy Act, and if such system is not exempt, whether it does or does not contain a record pertaining to the individual making the request. If a determination cannot be made within 30 days, the individual will be notified of the delay, the reasons therefor, and the approximate time required to make a determination. If it is determined by the designated official that the particular system of records is exempt from the notification and access provisions of the Privacy Act, the individual making the request will be notified of the provisions of the Privacy Act under which the exemption is claimed. On the other hand, if it is determined by the designated official that the particular system of records is not exempted from the notification and access provisions of the Privacy Act and that such system contains a record pertaining to the individual making the request, the individual will be notified of the time and place where inspection may be made. If an individual has not requested that access be granted to inspect the record in person, but merely requests that a copy of the record be furnished, or if it is determined by the designated official that the granting of access to inspect a record in person is not feasible in a particular case, then the designated official will furnish a copy of the record with the notification, or if a copy cannot be furnished at such time, a statement indicating the approximate time such copy will be furnished. If the request is for an accounting of disclosures from a system of records which is not exempt from the accounting of disclosure provisions of the Privacy Act, the individual will be furnished with an accounting of such disclosures.

(f) Granting of access. Normally, an individual will be granted access to inspect a record in person within 30 days (excluding Saturdays, Sundays, and legal public holidays) after the receipt for a request for notification and access by the designated official. If access cannot be granted within 30 days, the notification will state the reasons for the delay and the approximate time such access will be granted. An individual wishing to inspect a record may be accompanied by another person of his choosing. Both the individual seeking access and the individual accompanying him may be required to sign a form supplied by the Internal Revenue Service (IRS) indicating that the Service is authorized to disclose or discuss the contents of the record in the presence of both individuals. See 26 CFR 601.502 for requirements to be met by taxpayer's representatives in order to discuss the contents of any tax records.

(g) Medical records. When access is requested to medical records (including psychological records), the designated official may determine that release of such records will be made only to a health care professional designated by the individual to have access to such records.

(h) Verification of identity. An individual seeking notification or access to records, or seeking to amend a record, must satisfy one of the following identification requirements before action will be taken by the IRS on any such request:

(i) An individual seeking notification or access to records in person, or seeking to amend a record in person, may establish identity by the presentation of a single document bearing a photograph (such as a passport or identification badge) or by the presentation of two items of identification which do not bear a photograph but do bear both a name and signature (such as a driver's license or credit card).

(ii) An individual seeking notification or access to records by mail, or seeking to amend a record by mail, may establish identity by a signature, address, and one other identifier such as a photocopy of a driver's license or other document bearing the individual's signature.

(iii) Notwithstanding paragraphs 3(h)(i) and (ii) of this appendix, an individual seeking notification or access to records by mail or in person, or seeking to amend a record by mail or in person, who so desires, may establish identity by providing a notarized statement, swearing or affirming to such individual's identity and to the fact that the individual understands the penalties provided in 5 U.S.C. 552a(i)(3) for requesting or obtaining access to records under false pretenses.

(iv) Notwithstanding paragraph 3(h)(i), (ii), or (iii) of this appendix, a designated official may require additional proof of an individual's identity before action will be taken on any request if such official determines that it is necessary to protect unauthorized disclosure of information in a particular case. In addition, a parent of any minor or a legal guardian of any individual will be required to provide adequate proof of legal relationship before such person may act on behalf of such minor or such individual.

(i) Fees. The fee for costs required of the IRS in copying records pursuant to this paragraph is $0.15 per page. However, no fee will be charged if the aggregate costs required of the IRS in copying records is less than $3.00. If an individual who has requested access to inspect a record in person is denied such access by the designated official because it would not be feasible in a particular case, copies of such record will be furnished to the individual without payment of the fees otherwise required under this paragraph. If the IRS estimates that the total fees for costs incurred in complying with a request for copies of records will amount to $50 or more, the individual making the request may be required to enter into a contract for the payment of the actual fees with respect to the request before the Service will furnish the copies requested. Payment of fees for copies of records should be made by check or money order payable to the Internal Revenue Service.

4. Procedures for amendment of records—(a) In general. This paragraph sets forth the procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to such individual, for making a determination on the request, for making an appeal within the IRS of an initial adverse determination, and for judicial review of a final determination.

(b) Amendment of record. Under 5 U.S.C. 552a(d)(2), an individual who has been granted access to a record pertaining to such individual may, after inspecting the record, request that the record be amended to make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete. An individual may seek to amend a record in accordance with the rules provided in paragraph (2) of this appendix.

(c) Form of request for amendment of record. (i) A request for amendment of a record shall be in writing and shall be signed by the individual making the request.

(ii) Such request shall be clearly marked “Request for amendment of record.”

(iii) Such request shall contain a statement that it is being made under the provisions of the Privacy Act.

(iv) Such request shall contain the name and address of the individual making the request. In addition, if a particular system employs an individual's social security number as an essential means of accessing the system, the request must include the individual's Social Security number. In the case of a record maintained in the name of two or more individuals (e.g., husband and wife), the request shall contain the names, addresses, and Social Security numbers (if necessary) of both individuals.

(v) Such request shall specify the name and location of the system of records (as set forth in the Notice of Systems) in which such record is maintained, and the title and business address of the official designated in the access section for such system (as set forth in the Notice of Systems).

(vi) Such request shall specify the particular record in the system which the individual is seeking to amend.

(vii) Such request shall clearly state the specific changes which the individual wishes to make in the record and a concise explanation of the reasons for the changes. If the individual wishes to correct or add any information, the request shall contain specific language making the desired correction or addition.

(d) Time and place for making request. A request to amend a record under the Privacy Act shall be addressed to or delivered in person to the office of the official designated in the access section for the particular system of records. The title and office address of such official is set forth for each system of records in the Notice of Systems of Records. A request delivered to an office in person must be delivered during the regular office hours of that office.

(e) Processing a request for amendment of a record. (i) Within 10 days (not including Saturdays, Sundays, and legal public holidays) after the receipt of a request to amend a record by the designated official, the individual will be sent a written acknowledgement that will state that the request has been received, that action is being taken thereon, and that the individual will be notified within 30 days (not including Saturdays, Sundays, and legal public holidays) after the receipt of the request whether the requested amendments will or will not be made. If a request for amendment of a record omits any information which is essential to processing the request, the request will not be acted upon and the individual making the request will be promptly advised on the additional information which must be submitted before the request can be processed.

(ii) Within 30 days (not including Saturdays, Sundays, and legal public holidays) after the receipt of a request to amend a record by the designated official, a determination will be made as to whether to grant the request in whole or part. The individual will then be notified in writing of the determination. If a determination cannot be made within 30 days, the individual will be notified in writing within such time of the reasons for the delay and the approximate time required to make a determination. If it is determined by the designated official that the request will be granted, the requested changes will be made in the record and the individual will be notified of the changes. In addition, to the extent an accounting was maintained, all prior recipients of such record will be notified of the changes. Upon request, an individual will be furnished with a copy of the record, as amended, subject to the payment of the appropriate fees. On the other hand, if it is determined by the designated official that the request, or any portion thereof, will not be granted, the individual will be notified in writing of the adverse determination. The notification of an adverse determination will set forth the reasons for refusal to amend the record. In addition, the notification will contain a statement informing the individual of such individual's right to request an independent review of the adverse determination by a reviewing officer in the national office of the IRS and the procedures for requesting such a review.

(f) Administrative review of adverse determination. Under 5 U.S.C. 552a(d)(3), an individual who disagrees with the refusal of the agency to amend a record may, within 35 days of being notified of the adverse determination, request an independent review of such refusal by a reviewing officer in the national office of the IRS. The reviewing officer for the IRS is the Commission of Internal Revenue, the Deputy Commissioner, or an Assistant Commissioner. In the case of an adverse determination relating to a system of records maintained by the Office of General Counsel for the IRS, the reviewing officer is the Chief Counsel or his delegate. An individual seeking a review of an adverse determination shall make a request for review in accordance with the rules provided in paragraphs (g) and (h) of this appendix.

(g) Form of request for review. (i) A request for review of an adverse determination shall be in writing and shall be signed by the individual making the request.

(ii) Such request shall be clearly marked “Request for review of adverse determination”.

(iii) Such request shall contain a statement that it is being made under the provisions of the Privacy Act.

(iv) Such request shall contain the name and address of the individual making the request. In addition, if a particular system employs an individual's Social Security number as an essential means of accessing the system, the request must include the individual's Social Security number. In the case of a record maintained in the name of two or more individuals (e.g., husband and wife), the request shall contain the names, addresses, and Social Security numbers (if necessary) of both individuals.

(v) Such request shall specify the particular record which the individual is seeking to amend, the name and location of the system of records (as set forth in the Notice of Systems) in which such record is maintained, and the title and business address of the designated official for such system (as set forth in the Notice of Systems).

(vi) Such request shall include the date of the initial request for amendment of the record, and the date of the letter notifying the individual of the initial adverse determination with respect to such request.

(vii) Such request shall clearly state the specific changes which the individual wishes to make in the record and a concise explanation of the reasons for the changes. If the individual wishes to correct or add any information, the request shall contain specific language making the desired correction or addition.

(h) Time and place for making the request. A request for review of an adverse determination under the Privacy Act shall be addressed to or delivered in person to the Director, Office of Disclosure, Attention: OP:EX:D Internal Revenue Service, 1111 Constitution Avenue NW, Washington, DC 20224. A request for review of an adverse determination will be promptly referred by the Director, Office of Disclosure to the appropriate reviewing officer for his review and final determination.

(i) Processing a request for review of adverse determination. Within 30 days (not including Saturdays, Sundays, and legal public holidays) after the receipt of a request for review of an adverse determination by the appropriate reviewing officer, the reviewing officer will review the initial adverse determination, make a final determination whether to grant the request to amend the record in whole or in part, and notify the individual in writing of the final determination. If a final determination cannot be made within 30 days, the Commissioner of Internal Revenue may extend such 30-day period. The individual will be notified in writing within the 30-day period of the cause for the delay and the approximate time required to make a final determination. If it is determined by the reviewing officer that the request to amend the record will be granted, the reviewing officer will cause the requested changes to be made and the individual will be so notified. Upon request, an individual will be furnished with a copy of the record as amended subject to the payment of appropriate fees. On the other hand, if it is determined by the reviewing officer that the request to amend the record, or any portion thereof, will not be granted, the individual will be notified in writing of the final adverse determination. The notification of a final adverse determination will set forth the reasons for the refusal of the reviewing officer to amend the record. The notification shall include a statement informing the individual of the right to submit a concise statement for insertion in the record setting forth the reasons for the disagreement with the refusal of the reviewing officer to amend the record. In addition, the notification will contain a statement informing the individual of the right to seek judicial review by a United States district court of a final adverse determination.

(j) Statement of disagreement. Under 5 U.S.C. 552a(d)(3), an individual who disagrees with a final adverse determination not to amend a record subject to amendment under the Privacy Act may submit a concise statement for insertion in the record setting forth the reasons for disagreement with the refusal of the reviewing officer to amend the record. A statement of disagreement should be addressed to or delivered in person to the Director, Office of Disclosure, Attention: OP:EX:D, Internal Revenue Service, 1111 Constitution Avenue NW, Washington, DC 20224. The Director, Office of Disclosure will forward the statement of disagreement to the appropriate designated official who will cause the statement to be inserted in the individual's record. Any such statement will be available to anyone to whom the record is subsequently disclosed, and the prior recipients of the record will be provided with a copy of the statement of disagreement, to the extent an accounting of disclosures was maintained.

(k) Judicial review. If, after a review and final determination on a request to amend a record by the appropriate reviewing officer, the individual is notified that the request will not be granted, or if, after the expiration of 30 days (not including Sundays, Saturdays, and legal public holidays) from the receipt of such request by the Director, Disclosure Operations Division, action is not taken thereon in accordance with the requirements of paragraph (i) of this section, an individual may commence an action within the time prescribed by law in a U.S. District Court pursuant to 5 U.S.C. 552a(g)(1). The statute authorizes an action only against the agency. With respect to records maintained by the IRS, the agency is the Internal Revenue Service, not an officer or employee thereof. Service of process in such an action shall be in accordance with the Federal Rules of Civil Procedure (28 U.S.C. App.) applicable to actions against an agency of the United States. Where provided in such Rules, delivery of process upon the IRS must be directed to the Commissioner of Internal Revenue, Attention: CC:GLS, 1111 Constitution Avenue NW, Washington, DC 20224. The district court will determine the matter de novo.

5. Records transferred to Federal Records Centers. Records transferred to the Administrator of General Services for storage in a Federal Records Center are not used by the Internal Revenue Service in making any determination about any individual while stored at such location and therefore are not subject to the provisions of 5 U.S.C. 552a(e)(5) during such time.

Appendix C - Appendix C to Subpart C of Part 1—Alcohol and Tobacco Tax and Trade Bureau

1. In general. This appendix applies to the Alcohol and Tobacco Tax and Trade Bureau. It sets forth specific notification and access procedures with respect to particular systems of records, identifies the officers designated to make the initial determinations with respect to notification and access to records and accountings of disclosures of records. This appendix also sets forth the specific procedures for requesting amendment of records and identifies the officers designated to make the initial and appellate determinations with respect to requests for amendment of records. It identifies the officers designated to grant extensions of time on appeal, the officers with whom “Statements of Disagreement” may be filed, the officer designated to receive service of process and the addresses for delivery of requests, appeals, and service of process. In addition, it references the notice of systems of records and notices of the routine uses of the information in the system required by 5 U.S.C. 552a(e)(3), (4) and (11) and published annually by the Office of the Federal Register in “Privacy Act Issuances”.

2. Requests for notification and access to records and accountings of disclosures. Initial determination under § 1.26, whether to grant requests for notification and access to records and accountings of disclosures for the Alcohol and Tobacco Tax and Trade Bureau, will be made by the Director, Regulations and Rulings Division, or the delegate of such officer. Requests may be mailed or delivered in person to: Privacy Act Request, Director, Regulations and Rulings Division, Alcohol and Tobacco Tax and Trade Bureau, 1310 G Street NW, Box 12, Washington, DC 20005. Requests may also be faxed to 202–453–2331.

3. Requests for amendment of record. Initial determinations under § 1.27(a) through (d) with respect to requests to amend records maintained by the Alcohol and Tobacco Tax and Trade Bureau will be made by the Director, Regulations and Rulings Division. Requests for amendment of records may be mailed or delivered in person to: Privacy Act Request, Director, Regulations and Rulings Division, Alcohol and Tobacco Tax and Trade Bureau, 1310 G Street NW, Box 12, Washington, DC 20005. Requests may also be faxed to 202–453–2331. The Bureau will process a faxed request when the request meets the identity verification requirements outlined in paragraph 4(a) of this appendix.

4. Verification of identity. (a) In addition to the requirements specified in § 1.26(d), each request for notification, access or amendment of records made by mail or fax shall contain the requesting individual's date and place of birth and a statement signed by the requester asserting his or her identity and stipulating that the requester understands that knowingly or willfully seeking or obtaining access to records about another person under false pretenses is a misdemeanor and punishable by a fine of up to $5,000 provided, that the Alcohol and Tobacco Tax and Trade Bureau may require a signed notarized statement verifying the identity of the requester.

(b) Individuals making requests in person will be required to exhibit at least two acceptable identifying documents such as employee identification cards, driver's license, medical cards, or other documents sufficient to verify the identity of the requester.

(c) The parent or guardian of a minor or a person judicially determined to be incompetent, shall in addition to establishing the identity of the minor or other person he represents as required in paragraphs 4(a) and (b) of this appendix, establish his own parentage or guardianship by furnishing a copy of a birth certificate showing parentage (or other satisfactory documentation) or a court order establishing the guardianship.

5. Request for physical inspection of records. Upon determining that a request for the physical inspection of records is to be granted, the requester shall be notified in writing of the determination, and when and where the records may be inspected. The inspection of records will be made at the Alcohol and Tobacco Tax and Trade Bureau Field Office or other facility located nearest to the residence of the individual making the request. Such inspection shall be conducted during the regular business hours of the field office or other facility where the disclosure is made. A person of the requester's own choosing may accompany the requester provided the requester furnishes a written statement authorizing the disclosure of the requester's record in the accompanying person's presence. The record inspection will be made in the presence of a representative of the Bureau. Following the inspection of the record, the individual will acknowledge in writing the fact that he or she had an opportunity to inspect the requested record.

6. Requests for copies of records without prior physical inspection. Upon determining that an individual's request for copies of his or her records without prior physical inspection is to be granted, the requester shall be notified in writing of the determination, and the location and time for his or her receipt of the requested copies. The copies will be made available at the Alcohol and Tobacco Tax and Trade Bureau field office or other facility located nearest to the residence of the individual making the request unless the individual requests that the documents be sent by mail. Copies shall be received by the requester during the regular business hours of the field office or other facility where the disclosure is made. Transfer of the copies to the individual shall be conditioned upon payment of copying costs and his presentation of at least two acceptable identifying documents such as employee identification cards, driver's license, medical cards, or other documents sufficient to verify the identity of the requester. Following the receipt of the copies in person, the individual will acknowledge receipt in writing.

7. Administrative appeal of initial determination refusing to amend record. Appellate determinations under § 1.27(e) with respect to records of the Alcohol and Tobacco Tax and Trade Bureau, including extensions of time on appeal, will be made by the Administrator or the delegate of such officer. Appeals should be addressed to, or delivered in person to: Privacy Act Amendment Appeal, Administrator, Alcohol and Tobacco Tax and Trade Bureau, 1310 G Street NW, Box 12, Washington, DC 20005.

8. Statements of disagreement. “Statements of Disagreement” as described in § 1.27(e)(4) shall be filed with the official signing the notification within 35 days of the date of such notification and should be limited to one page.

9. Service of process. Service of process will be received by the Administrator of the Alcohol and Tobacco Tax and Trade Bureau or the delegate of such official and shall be delivered to the following location: Administrator, Alcohol and Tobacco Tax and Trade Bureau, 1310 G Street NW, Box 12, Washington, DC 20005, Attention: Chief Counsel.

10. Annual notice of systems of records. The annual notice of systems of records is published by the Office of the Federal Register, as specified in 5 U.S.C. 552a(f). The publication is entitled “Privacy Act Issuances”. Any specific requirements for access, including identification requirements, in addition to the requirements set forth in §§ 1.26 and 1.27 are indicated in the notice for each pertinent system.

Appendix D - Appendix D to Subpart C of Part 1—Bureau of Engraving and Printing

1. In general. This appendix applies to the Bureau of Engraving and Printing. It sets forth specific notification and access procedures with respect to particular systems of records including identification requirements, identifies the officers designated to make the initial determinations with respect to notification and access to records and accountings of disclosures of records. This appendix also sets forth the specific procedures for requesting amendment of records and identifies the officers designated to make the initial and appellate determinations with respect to requests for amendment of records. It identifies the officers designated to grant extensions of time on appeal, the officers with whom “Statements of Disagreement may be filed, the officer designated to receive service of process and the addresses for delivery of requests, appeals, and service of process. In addition, it references the notice of systems of records and notices of the routine uses of the information in the system required by 5 U.S.C. 552a(e)(4) and (11) and published annually by the Office of the Federal Register in “Privacy Act Issuances.”

2. Requests for notification and access to records and accountings of disclosures. Initial determinations under § 1.26, whether to grant requests for notification and access to records and accountings of disclosures for the Bureau of Engraving and Printing, will be made by the head of the organizational unit having immediate custody of the records requested, or the delegate of such official. Requests for access to records contained within a particular system of records should be submitted to the address indicated for that system in the access section of the notices published by the Office of the Federal Register in “Privacy Act Issuances.” Requests for information and specific guidance should be addressed to: Privacy Act Request, Disclosure Officer (Executive Assistant to the Director), Room 104–18M, Bureau of Engraving and Printing, Washington, DC 20228.

3. Requests for amendment of records. Initial determination under § 1.27(a) through (d), whether to grant request to amend records will be made by the head of the organizational unit having immediate custody of the records or the delegate of such official. Requests for amendment should be addressed as indicated in the appropriate system notice in “Privacy Act Issuances” published by the Office of the Federal Register. Requests for information and specific guidance on where to send requests for amendment should be addressed to: Privacy Act Amendment Request, Disclosure Officer (Executive Assistant to the Director), Bureau of Engraving and Printing, Room 104–18M, Washington, DC 20228.

4. Administrative appeal of initial determinations refusing amendment of records. Appellate determinations refusing amendment of records under § 1.27(e) including extensions of time on appeal, with respect to records of the Bureau of Engraving and Printing will be made by the Director of the Bureau or the delegate of such officer. Appeals made by mail should be addressed to, or delivered personally to: Privacy Act Amendment Appeal, Disclosure Officer (Executive Assistant to the Director), Room 104–18M, Bureau of Engraving and Printing, Washington, DC 20228.

5. Statements of disagreement. “Statements of Disagreement” under § 1.27(e)(4)(i) shall be filed with the official signing the notification of refusal to amend at the address indicated in the letter of notification within 35 days of the date of such notification and should be limited to one page.

6. Service of process. Service of process will be received by the Chief Counsel of the Bureau of Engraving and Printing and shall be delivered to the following location: Chief Counsel, Bureau of Engraving and Printing, Room 109–M, 14th and C Streets SW, Washington, DC 20228.

7. Verification of identity. An individual seeking notification or access to records, or seeking to amend a record, or seeking an accounting of disclosures, must satisfy one of the following identification requirements before action will be taken by the Bureau of Engraving and Printing on any such request:

(i) An individual appearing in person may establish identity by the presentation of a single document bearing a photograph (such as a passport or identification badge) or by the presentation of two items of identification which do not bear a photograph but do bear both a name and signature (such as a credit card).

(ii) An individual may establish identity through the mail by a signature, address, and one other identifier such as a photocopy of a driver's license or other document bearing the individual's signature.

(iii) Notwithstanding paragraphs 7(i) and (ii) of this appendix, an individual who so desires, may establish identity by providing a notarized statement, swearing or affirming to such individual's identity and to the fact that the individual understands the penalties provided in 5 U.S.C. 552a(i)(3) for requesting or obtaining access to records under false pretenses.

(iv) Notwithstanding paragraph 7(i), (ii), or (iii) of this appendix, the Executive Assistant or other designated official may require additional proof of an individual's identity before action will be taken on any request if such official determines that it is necessary to protect against unauthorized disclosure of information in a particular case. In addition, a parent of any minor or a legal guardian of any individual will be required to provide adequate proof of legal relationship before such person may act on behalf of such minor or such individual.

8. Annual notice of systems of records. The annual notice of systems of records is published by the Office of the Federal Register, as specified in 5 U.S.C. 522a(f). The publication is entitled “Privacy Act Issuances”. Any specific requirements for access, including identification requirements, in addition to the requirements set forth in §§ 1.26 and 1.27 are indicated in the notice for the pertinent system.

Appendix E - Appendix E to Subpart C of Part 1—Bureau of the Fiscal Service

1. In general. This appendix applies to the Bureau of the Fiscal Service. It sets forth specific notification and access procedures with respect to particular systems of records, identifies the officers designated to make the initial determinations with respect to notification and access to records and accountings of disclosures of records. This appendix also sets forth the specific procedures for requesting amendment of records and identifies the officers designated to make the initial and appellate determinations with respect to requests for amendment of records. It identifies the officers designated to grant extensions of time on appeal, the officers with whom “Statements of Disagreement” may be filed, the officer designated to receive service of process and the addresses for delivery of requests, appeals, and service of process. In addition, it references the notice of systems of records and notices of the routine uses of the information in the system required by 5 U.S.C. 552a(e)(4) and (11) and published annually by the Office of the Federal Register in “Privacy Act Issuances”.

2. Requests for notification and access to records and accountings of disclosures. Initial determinations under § 1.26, whether to grant requests for notification and access to records and accountings of disclosures for the Bureau of the Fiscal Service, will be made by the head of the organizational unit having immediate custody of the records requested or an official designated by this official. This is indicated in the appropriate system notice in “Privacy Act Issuances” published annually by the Office of the Federal Register. Requests for information and specific guidance on where to send requests for records may be mailed to the system manager identified in the Bureau of the Fiscal Service system of records notice (SORN) which is published in the Federal Register. See the applicable Bureau of the Fiscal Service system of records notice (SORN) for details.

3. Requests for amendment of records. Initial determination under § 1.27(a) through (d), whether to grant requests to amend records will be made by the head of the organizational unit having immediate custody of the records or the delegate of such official. Requests for amendment should be addressed as indicated in the appropriate system notice in “Privacy Act Issuances” published by the Office of the Federal Register. Requests for information and specific guidance on where to send requests for amendment should be addressed to the system manager identified in the Bureau of the Fiscal Service SORN which is published in the Federal Register.

4. Administrative appeal of initial determinations refusing amendment of records. Appellate determinations refusing amendment of records under § 1.27(e) including extensions of time on appeal, with respect to records of the Bureau of the Fiscal Service will be made by the Commissioner or the delegate of such official. Appeals made by mail should be addressed to the system manager identified in the Bureau of the Fiscal Service SORN which is published in the Federal Register. See the applicable Bureau of the Fiscal Service SORN for details.

5. Statements of disagreement. “Statements of Disagreement” under § 1.27(e)(4)(i) shall be filed with the official signing the notification of refusal to amend at the address indicated in the letter of notification within 35 days of the date of such notification and should be limited to one page.

6. Service of process. Service of process will be received by the Commissioner, Bureau of the Fiscal Service or the delegate of such official and shall be delivered to the following location: Office of the Chief Counsel, Bureau of the Fiscal Service Attn: Chief Counsel, 401 14th St. SW, Washington, DC 20227.

7. Annual notice of systems of records. The annual notice of systems of records is published by the Office of the Federal Register, as specified in 5 U.S.C. 552a(f). The publication is entitled “Privacy Act Issuances”. Any specific requirements for access, including identification requirements, in addition to the requirements set forth in §§ 1.26 and 1.27 are indicated in the notice for the pertinent system.

Appendix F - Appendix F to Subpart C of Part 1—United States Mint

1. In general. This appendix applies to the United States Mint. It sets forth specific notification and access procedures with respect to particular systems of records, identifies the officers designated to make the initial determinations with respect to notification and access to records and accountings of disclosures of records. This appendix also sets forth the specific procedures for requesting amendment of records and identifies the officers designated to make the initial and appellate determinations with respect to requests for amendment of records. It identifies the officers designated to grant extensions of time on appeal, the officers with whom “Statements of Disagreement” may be filed, the officer designated to receive service of process and the addresses for delivery of requests, appeals, and service of process. In addition, it references the notice of systems of records and notices of the routine uses of the information in the system required by 5 U.S.C. 552a(e)(4) and (11) and published annually by the Office of the Federal Register in “Privacy Act Issuances”.

2. Requests for notification and access to records and accountings of disclosures. Initial determinations under § 1.26, whether to grant requests for notification and access to records and accountings of disclosures for the United States Mint will be made by the head of the organizational unit having immediate custody of the records requested or an official designated by this official. This is indicated in the appropriate system notice in “Privacy Act Issuances” published annually by the Office of the Federal Register. Requests should be directed to the Superintendent or Officer in charge of the facility in which the records are located or to the Chief, Administrative Programs Division. Requests for information and specific guidance on where to send requests for records may be mailed or delivered personally to: Privacy Act Request, Chief, Administrative Programs Division, United States Mint, Judiciary Square Building, 633 3rd Street NW, Washington, DC 20220.

3. Requests for amendment of records. Initial determination under § 1.27(a) through (d), whether to grant requests to amend records will be made by the head of the Mint installation having immediate custody of the records or the delegated official. Requests should be mailed or delivered personally to: Privacy Act Amendment Request, Freedom of Information and Privacy Acts Officer, United States Mint, Judiciary Square Building, 633 3rd Street, Washington, DC 20220.

4. Administrative appeal of initial determinations refusing amendment of records. Appellate determinations refusing amendment of records under § 1.27 including extensions of time on appeal, with respect to records of the United States Mint will be made by the Director of the Mint or the delegate of the Director. Appeals made by mail should be addressed to, or delivered personally to: Privacy Act Amendment Appeal, United States Mint, Judiciary Square Building, 633 3rd Street NW, Washington, DC 20220.

5. Statements of disagreement. “Statements of Disagreement” under § 1.27(e)(4)(i) shall be filed with the official signing the notification of refusal to amend at the address indicated in the letter of notification within 35 days of the date of such notification and should be limited to one page.

6. Service of process. Service of process will be received by the Director of the Mint and shall be delivered to the following location: Director of the Mint, Judiciary Square Building, 633 3rd Street NW, Washington, DC 20220.

7. Annual notice of systems of records. The annual notice of systems of records is published by the Office of the Federal Register, as specified in 5 U.S.C. 552a(f). The publication is entitled “Privacy Act Issuances”. Any specific requirements for access, including identification requirements, in addition to the requirements set forth in §§ 1.26 and 1.27 are indicated in the notice for the pertinent system.

Appendix G - Appendix G to Subpart C of Part 1—Office of the Comptroller of the Currency

1. In general. This appendix applies to the Office of the Comptroller of the Currency. It sets forth specific notification and access procedures with respect to particular systems of records, identifies the officers designated to make the initial determinations with respect to notification and access to records and accountings of disclosures of records. This appendix also sets forth the specific procedures for requesting amendment of records and identifies the officers designated to make the initial and appellate determinations with respect to requests for amendment of records. It identifies the officers designated to grant extensions of time on appeal, the officers with whom “Statements of Disagreement” may be filed, the officer designated to receive service of process and the addresses for delivery of requests, appeals, and service of process. In addition, it references the notice of systems of records and notices of the routine uses of the information in the system required by 5 U.S.C. 552a(e)(4) and (11) and published annually by the Office of the Federal Register in “Privacy Act Issuances”.

2. Requests for notification and access to records and accountings of disclosures. Initial determinations under § 1.26 whether to grant requests for notification and access to records and accountings of disclosures for the Office of the Comptroller of the Currency will be made by the head of the organizational unit having immediate custody of the records requested or the delegate of that official. This is indicated in the appropriate system notice in “Privacy Act Issuances” published biennially by the Office of the Federal Register. Requests for information and specific guidance on where to send requests for records shall be mailed or delivered personally to: Disclosure Officer, Communications Division, Office of the Comptroller of the Currency, 250 E Street SW, Washington, DC 20219.

3. Requests for amendment of records. Initial determinations under § 1.27(a) through (d) whether to grant requests to amend records will be made by the Comptroller's delegate or the head of the organizational unit having immediate custody of the records or the delegate of that official. Requests for amendment shall be mailed or delivered personally to: Disclosure Officer, Communications Division, Office of the Comptroller of the Currency, 250 E Street SW, Washington, DC 20219.

4. Administrative appeal of initial determinations refusing amendment of records. Appellate determinations refusing amendment of records under § 1.27(e) including extensions of time on appeal, with respect to records of the Office of the Comptroller of the Currency will be made by the Comptroller of the Currency or the Comptroller's delegate. Appeals shall be mailed or delivered personally to: Disclosure Officer, Communications Division, Office of the Comptroller of the Currency, 250 E Street SW, Washington, DC 20219.

5. Statements of disagreement. “Statements of Disagreement” under § 1.27(e)(4)(i) shall be filed with the OCC's Director of Communications at the address indicated in the letter of notification within 35 days of the date of such notification and should be limited to one page.

6. Service of process. Service of process shall be delivered to the Chief Counsel or the Chief Counsel's delegate at the following location: Office of the Comptroller of the Currency, 250 E Street SW, Washington, DC 20219.

7. Annual notice of systems of records. The annual notice of systems of records is published by the Office of the Federal Register, as specified in 5 U.S.C. 552a(f). The publication is entitled “Privacy Act Issuances”. Any specific requirements for access, including identification requirements, in addition to the requirements set forth in §§ 1.26 and 1.27 are indicated in the notice for the pertinent system.

Appendix H - Appendix H to Subpart C of Part 1—Financial Crimes Enforcement Network

1. In general. This appendix applies to the Financial Crimes Enforcement Network (FinCEN). It sets forth specific notification and access procedures with respect to particular systems of records, and identifies the officers designated to make the initial determinations with respect to notification and access to records and accountings of disclosures of records. This appendix also sets forth the specific procedures for requesting amendment of records and identifies the officers designated to make the initial and appellate determinations with respect to requests for amendment of records. It identifies the officers designated to grant extensions of time on appeal, the officers with whom “Statements of Disagreement” may be filed, the officer designated to receive service of process and the addresses for delivery of requests, appeals, and service of process. In addition, it references the notice of systems of records and notices of the routine uses of the information in the system required by 5 U.S.C. 552a(e)(4) and (11) and published biennially by the Office of the Federal Register in “Privacy Act Issuances.”

2. Requests for notification and access to records and accountings of disclosures. Initial determinations under § 1.26, whether to grant requests for notification and access to records and accountings of disclosures for FinCEN will be made by the Freedom of Information/Privacy Act Officer, FinCEN. Requests may be mailed to: Privacy Act Request, Financial Crimes Enforcement Network, Post Office Box 39, Vienna, VA 22183.

3. Requests for amendments of records. Initial determinations under § 1.27(a) through (d) whether to grant requests to amend records maintained by FinCEN will be made by the Freedom of Information/Privacy Act Officer, FinCEN. Requests may be mailed to: Privacy Act Request, Financial Crimes Enforcement Network, Post Office Box 39, Vienna, VA 22183.

4. Verification of identity. An individual seeking notification or access to records, or seeking to amend a record, or seeking an accounting of disclosures, must satisfy one of the following identification requirements before action will be taken by FinCEN on any such request:

(i) An individual may establish identity through the mail by a signature, address, and one other identifier such as a photocopy of a driver's license or other official document bearing the individual's signature.

(ii) Notwithstanding paragraph 4(i) of this section, an individual may establish identity by providing a notarized statement, swearing or affirming to such individual's identity and to the fact that the individual understands the penalties provided in 5 U.S.C. 552a(i)(3) for requesting or obtaining access to records under false pretenses.

(iii) Notwithstanding paragraphs 4(i) and (ii) of this appendix, the Freedom of Information Act/Privacy Act Officer or other designated official may require additional proof of an individual's identity before action will be taken on any request, if such official determines that it is necessary to protect against unauthorized disclosure of information in a particular case. In addition, a parent of any minor or a legal guardian of any individual will be required to provide adequate proof of legal relationship before such person may act on behalf of such minor or such individual.

5. Administrative appeal of initial determinations refusing amendment of records. Appellate determinations refusing amendment of records under § 1.27(e) including extensions of time on appeal with respect to the records of FinCEN will be made by the Director of FinCEN or the delegate of the Director. Appeals should be addressed to: Privacy Act Amendment Appeal, Financial Crimes Enforcement Network, Post Office Box 39, Vienna, VA 22183.

6. Statements of Disagreement. “Statements of Disagreement” as described in § 1.27(e)(4) shall be filed with the official signing the notification of refusal to amend at the address indicated in the letter of notification within 35 days of the date of such notification and should be limited to one page.

7. Service of Process. Service of process will be received by the Chief Counsel of FinCEN and shall be delivered to the following location: Office of Chief Counsel, Financial Crimes Enforcement Network, Post Office Box 39, Vienna, VA 22183.

8. Biennial notice of systems of records. The biennial notice of systems of records is published by the Office of the Federal Register, as specified in 5 U.S.C. 552a(f). The publication is entitled “Privacy Act Issuances.” Any specific requirements for access, including identification requirements, in addition to the requirements set forth in §§ 1.26 and 1.27 and section 4 of this appendix are indicated in the notice for the pertinent system.