Do not include the duty address if already listed in organizational directories mentioned in paragraph (b) (4) of this section.

(11) Notification; (procedure whereby individuals can be notified at their request if the System contains records pertaining to them). (i) Indicate whether or not requests from individuals should be addressed to the above SYSMANGER, as in paragraph (b) (10) of this section. If requests are to be addressed to any other officials, list them by duty or position titles.

(ii) Specify what information will be required from the requesting individual to determine whether or not the system contains a record about him such as full name, military status, SSN or service number, resident or non resident, etc.

(iii) List by specific name, or categories, those offices which the requester may visit to obtain information on whether or not the system contains records pertaining to him.

(iv) For personal visits, specify what data the requester must present as proof of identity, such as a combination of full name, date and place of birth, parents' names, driver's license, medicare card, etc. Do not require verification of identity for records which are disclosable under the Freedom of Information Act.

(12) Access; (procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to himself contained in the System of Records). Include the title or category of officials who can provide assistance, if those officials are other than the SYSMANGER. If the mailing addresses are listed in the organizational directory, state that official mailing addresses are in the Department of Defense Directory in the appendix to the Component's systems notice. Specific locations and telephone numbers of offices may be indicated for unique or centralized systems.

(13) Contest; (rules for access and contesting contents of records). To comply with this requirement, merely, state: "The agency's rules for access to records and for contesting contents and appealing initial determinations by the individual concerned may be obtained from the SYSMANAGER."

(14) Source; (categories of sources of records in the system). List by type each source of information in the system, e.g., previous employers, financial institu

tions, educational institutions, trade associations, automated system interfaces, etc. Specific individuals or institutions need not be identified by name. Also, do not list as a source individuals who provided information on themselves. Again, be sure to include all types, since collection of information from types of sources other than those listed will require publication of a revised public notice in the FEDERAL REGISTER before any information is collected from those sources.

(c) Systems qualified and proposed for exemption. (1) Generally, the following records may be exempted from the provisions of paragraph (b) (11), (12), (13), and (14) of this section (subsection (e) (4) (G), (H) and (I) of the Privacy Act of 1974); records maintained by the Central Intelligence Agency; records compiled to ensure protection of the President or other officials, classified records, records required by statute to be maintained and used solely as statistical records; investigatory records compiled solely for the purpose of determining suitability, eligibility, or qualifications for Federal civilian employment, military service, Federal contracts, or access to classified information, but only to the extent as outlined in subsection (k) (5) of the Privacy Act of 1974; certain testing and examination material; and certain material used to evaluate potential for promotion in the Armed Services. All items in paragraph (b) of this section will be completed for systems proposed for exemption, except for paragraph (b) (11), (12), (13), and (14) of this section.

(2) Cite the system name and specific provisions of the Privacy Act of 1974 from which the system is to be exempted and the reasons therefor. Consult with the legal staff for detailed guidance for systems which may be eligible for exemption. Proponents of systems dealing with the above types of records should contact the OSD Records Management Branch, DASD (A), Room 5C315, Pentagon, Washington, D.C. 20301, or appropriate comparable Defense component records management staff for additional guidelines, if necessary, for preparing exemption notices for publication in the FEDERAL REGISTER.

NOTE: No system of records is exempted from the public notice requirements of the Privacy Act of 1974. Failure to publish such a notice constitutes a criminal violation.

§ 286b.10 Format of Four Points Required on Forms Requesting Personal Information.

PRIVACY ACT OF 1974

STATEMENT

(a) Authority.

NOTE: If the social security number is requested among other items of personal information, the authority for requesting such number is different from the authority for the other items, should also be shown in this block.

(b) Principal purpose or purposes. (c) Routine uses.

(d) Whether disclosure is mandatory or voluntary and effect on individual of not providing information.

(Refer to § 286b.5(e).)

§ 286b.11

Procedures for exemptions.

(a) General information. (1) The Secretary of Defense proposes to exempt under the specified provisions of the Privacy Act of 1974 (Pub. L. 93-579) those systems of records listed in this part.

(2) Any person interested in the exemptions proposed herein may participate in this proposed rulemaking by submitting either in person or through the mail, written data, views, or arguments on the proposed exemptions to the Deputy Assistant Secretary of Defense (Administration), Room 3E827, The Pentagon, Washington, D. C. 20330, on or before September 25, 1975.

(3) All systems of records maintained by the Office of the Secretary of Defense shall be exempt from the requirements of 5 U.S.C. 552a (d) pursuant to 5 U.S.C. 552a (3) (k) (1) to the extent that the system contains any information properly classified under Executive Order 11652, "Classification and Declassification of National Security Information and Material, "dated March 8, 1972 (37 FR 10053, May 19, 1972), and which is required by the Executive Order to be kept secret in the interest of national defense or foreign policy. This exemption, which may be applicable to parts of all systems of records, is necessary because certain record systems not otherwise specifically designated for exemptions may contain isolated information which has been properly classified.

(b) Specific exemptions. (1) Protective Services File

(i) Exemption. This system of records is exempt from the following provisions of 5 U.S.C. Section 552a: (C) (3) (d), (e) (1), (e) (4) (G), (e) (4) (H), (e) (4) (I), and (f).

(ii) Authority. 5 U.S.C. 552a(k) (2) and (3).

(iii) Reasons. The above exemptions, authorized by 5 U.S.C. 552a (k) (2), are necessary to protect the information contained in this system of records because the information is used to identify individual criminal offenders and alleged offenders; is compiled for the purpose of criminal investigation and includes reports of informants and investigators. The above exemptions, authorized by 5 U.S.C. 552a (k) (3), are necessary to protect the information contained in this system of records because some of the information is maintained in connection with providing protective services to the President of the United States and other individuals pursuant to 18 U.S.C. 3056. (c) Specific exemptions. (1) Industrial Personnel Security Clearance Case

Files:

(i) Exemption. This system of records is exempt from those provisions of title 5, U.S. Code, section 552a, which would require the disclosure of the identity of a source who furnished information to the Government under an expressed promise that the identity of the source would be held in confidence or prior to the effective date of this section, under an implied promise that the identity of the source would be held in confidence. A determination will be made at the time of the request for a record concerning the specific information which would reveal the identity of the source.

(ii) Authority. 5 U.S.C. 552a (k) (5).

(iii) Reasons. This exemption is required in order to protect the confidentiality of the sources of information compiled for the purpose of determining access to classified information. This confidentiality helps maintain the Government's continued access to information from persons who would otherwise refuse to give it.

(d) Specific exemptions. (1) The Office of the Secretary of Defense Clearance File:

(i) Exemption. This system of records is exempt from those provisions of title 5, U.S. Code, section 552a, which would require the disclosure of the identity of a source who furnished information to the Government under an ex

pressed promise that the identity of the source would be held in confidence or prior to the effective date of this section, under an implied promise that the identity of the source would be held in confidence. A determination will be made at the time of the request for a record concerning the specific information which would reveal the identity of the source.

(ii) Authority. 5 U.S.C. 552a(k) (5). (iii) Reasons. This exemption is required in order to protect the confidentiality of the sources of information compiled for the purpose of determining access to classified information. This confidentiality helps maintain Government's continued access to information from persons who would otherwise refuse it.

§ 286b.12 Effective date and implemen

tation.

The effective date and implementation of this part shall be September 27, 1975.

PART 286c-OFFICE OF JOINT CHIEFS OF STAFF, PRIVACY ACT OF 1974 § 286c.1 Source of regulations.

The Office of the Joint Chiefs of Staff is governed by the Privacy Act implementation regulations of the Office of the Secretary of Defense, 32 CFR Part 286b. (Pub. L. 93-579, 88 Stat. 1896 (5 U.S.C. 552a)) [40 FR 55535, Nov. 28, 1975]

PART 286d-DEFENSE ADVANCED RESEARCH PROJECTS AGENCY, PRIVACY ACT OF 1974

§ 286d.1 Source of regulations.

The Defense Advanced Research Projects Agency is governed by the Privacy Act implementation regulations of the Office of the Secretary of Defense, 32 CFR Part 286b.

(Pub. L. 93-579, 88 Stat. 1896 (5 U.S.C. 552a)) [40 FR 55535, Nov. 28, 1975]

PART 286e-UNIFORMED SERVICES UNI-
VERSITY OF HEALTH SCIENCES, PRI-
VACY ACT OF 1974
§ 286e.1

Source of regulations.

The Uniformed Services University of the Health Sciences, is governed by the Privacy Act implementation regulations of the Office of the Secretary of Defense, 32 CFR Part 286b.

(Pub. L. 93-579, 88 Stat. 1896 (5 U.S.C. 552a)) 140 FR 55535, Nov. 28, 1975]

This part is published in accordance with the authority contained in 40 FR 8190, 26 February 1975, and 40 FR 4911, 3 February 1975.

§ 287.4 Responsibilities.

(a) The Assistant to the Director for Administration, Headquarters, DCA will:

(1) Prepare in proper format and arrange for publication in the Federal Register the necessary regulations to implement title 5, United States Code, section 552, as amended by Public Law 93502 (Freedom of Information Act), subject to the provisions contained in 32 CFR 286.8.

(2) Make the material described in 32 CFR 286.5 and 286.6 available for public inspection and copying at Headquarters, DCA, 8th Street South and South Courthouse Road, Arlington, Virginia. A current index of this material will be maintained in accordance with the appropriate provisions of 32 CFR Part 286.

(3) Establish programs of instruction on the provisions and requirements of 32 CFR 286.7 for all officials and employees who contribute to DCA's implementation of the Freedom of Information Act.

(4) Be responsible for arranging for the publication in the FEDERAL REGISTER, after coordinating with the DCA Coun

sel, of appropriate material setting forth where, how, and by what authority DCA performs its functions and for informing all interested persons how to deal effectively with the Agency. These publications will be made in accordance with the guidelines contained in 40 CFR Part 296.

(b) The Deputy Directors, the Comptroller, and the Chief of Staff, DCA will, subject to the exceptions set forth in 32 CFR Part 286:

(1) Furnish the Assistant to the Director for Administration with copies of the material, described in 32 CFR 286.5 and 286.6 that is to be published in the FEDERAL REGISTER.

(2) Furnish the Civilian Assistant to the Chief of Staff, when requested, with DCA documentary material, which qualifies as a record in accordance with 32 CFR 286.5, for the purpose of responding to private persons. All such requests for information will be referred to the Civilian Assistant to the Chief of Staff.

(c) The Director, DCEC and the Commanders and Chiefs of other DCA field activities will:

(1) Provide the Assistant to the Director for Administration and the Civilian Assistant to the Chief of Staff, as appropriate, with material described in 32 CFR 286.5 and 286.6.

(2) Release records upon their own authority and concurrently provide a copy of the records released to Headquarters, DCA, Code 104.

(3) Develop supplemental instructions to DCAI 210-225-1, as required, to cover requests for information from the public which are received on a regular basis and which usually pertain to information that may be released without question. Supplemental instructions will be submitted to DCA, Code 105, for review and approval prior to implementation.

(d) The Civilian Assistant to the Chief of Staff, Headquarters, DCA, is vested with the authority, within DCA, to release records for all requests coming to Headquarters, DCA, and to the field activities in the Metropolitan Washington area, and will:

(1) Respond to all requests for records from private persons in accordance with the provisions of 32 CFR 286.4 whether the requests are received directly by Headquarters, DCA or referred to the Headquarters, DCA by DCA field activities. Coordinate such release with the Counsel in any case in which release is, or may be, controversial.

(2) Be the DCA principal point of contact and coordination with the ASD (PA).

(3) Insure the cooperation of DCA with the ASD(PA) in fulfilling his responsibility for monitoring the implementation of 32 CFR 286.7.

(4) Refer cases of significance to the ASD (PA) for review and evaluation, after coordination with Counsel and with the approval of the Chief of Staff, when the issues raised are unusual or precedent setting or otherwise require special attention or guidance.

(5) Advise the ASD(PA) prior to the denial of a request or prior to an appeal when two or more DoD components are affected by the request for a particular record and when circumstances suggest a potential public controversy.

(6) Be responsible for the annual reporting requirement contained in 32 CFR 286.7.

(e) Within DCA, the sole authority to deny, in whole or in part, a request for records is vested in the DCA Counsel (Code 105) or, in his absence, in the Deputy Counsel. A denial by the DCA Counsel is appealable solely to the Director or to the Vice Director acting in the absence of the Director. The Counsel, DCA, will:

(1) Make the decision, whenever, a request for a record is to be denied in whole or in part, in accordance with the criteria provided in 32 CFR Part 286.

(2) Inform, in writing, the person denied a record as to the basis for the denial of the request, and advise him of his right to appeal the decision to the Director, DCA.

(3) Ensure, that if such an appeal is taken, that the basis for the determination by the Director, DCA to refuse to release the record will be in writing, will state the reasons for the denial, and will inform the requester of his right to a judicial review in the appropriate U.S. district court; or if the denial is based upon security classification, of the requester's optional right to seek declassification of the record by the Interagency Classification Review Committee in lieu of immediate judicial review. No final refusal shall be made without prior consultation with the Office of the General Counsel of the Department of Defense when there is reason to believe that the requester will file a complaint in the U.S. district court to force release of the refused record.

(f) The Chief of Staff, Headquarters, DCA will, on behalf of the Director, DCA,

respond to the corrective action recommended by the Civil Service Commission for arbitrary or capricious withholding of records, requested, pursuant to the Freedom of Information Act, by officers or employees of DCA. This action will be coordinated with the Counsel, DCA. § 287.5 Fees.

Fees which may be charged to the requester are contained in 32 CFR 286.5 and 286.10. Exceptions to charging fees are as follows: if the total fee would be less than $3; if the record is not located; if the record is determined to be exempt from disclosure; if the requester is engaged in a nonprofit activity designed for public health, safety, or welfare; if the requester is a representative of a State or local government or of a nonprofit group considered as primarily benefiting the general public. Fees ordinarily will be collected in advance of rendering the service unless the requester has specifically stated that whatever cost is involved is acceptable to him. Collection of schedule fees will be deposited to Miscellaneous Receipts of the Treasury.

§ 287.6 Reports.

Each major staff element and field activity on the distribution list of this DCA Instruction will furnish an annual report to Headquarters, DCA, Code 104, on or before 15 January of each year (Reports Control Symbol DD-PA(A) 1365) which will contain that information requested in 32 CFR 286.15.

§ 287.7 Questions.

Questions on both the substance and procedures of the Freedom of Information Act and the DCA implementation thereof should be addressed to the DCA Counsel by the most expeditious means possible, including telephone calls. § 287.8 "For Official Use Only" records.

The designation of "For Official Use Only" will be applied to documents and other material only as authorized by 32 CFR 286.1.

PART 287a-PERSONAL PRIVACY AND RIGHTS OF INDIVIDUALS REGARDING THEIR PERSONAL RECORDS

Sec.

287a.1 Purpose.

287a.2 Applicability.

287a.3 Authority.

287a.4 Definitions.

287a.5 Policy.

It is the policy of DCA:

(a) To preserve the personal privacy of individuals, to permit an individual to know what records exist pertaining to him in the DCA, and to have access to and have a copy made of all or any portion of such records and to correct or amend such records.

(b) To collect, maintain, use, or disseminate any record of identifiable personal information in a manner that assures that such action is for a necessary and lawful purpose; that the information is timely and accurate for its intended use; and that adequate safeguards are provided to prevent misuse of such information.

§ 287a.6 Procedures and responsibilities.

(a) The Counsel, DCA, is hereby designated the Privacy Act Officer for DCA and is responsible for insuring that an internal DCA Privacy Program is established and maintained. He will also insure that all echelons of DCA effectively