[Federal Register: May 29, 1997 (Volume 62, Number 103)] [Notices] [Page 29108-29113] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr29my97-58] ----------------------------------------------------------------------- COMMODITY FUTURES TRADING COMMISSION Privacy Act of 1974: System of Records AGENCY: Commodity Futures Trading Commission. ACTION: Notice of new systems of records. ----------------------------------------------------------------------- SUMMARY: This notice adds five systems to the Commodity Futures Trading Commission's systems of records maintained under the Privacy Act: The Commission's internal and Internet e-mail system, the Internet web and news group browsing system, the Lexis/Westlaw billing system, the Library automated circulation system, and the telephone system. The notice informs the public of the existence and character of these systems and the routine uses which the Commission may make of the information contained in the systems. DATES: Comments on the establishment of the new system of records must be received no later than June 30, 1997. The new system of records will be effective July 8, 1997, unless the Commission receives comments which would result in a contrary determination. ADDRESSES: Comments concerning routine uses should be addressed to Jean A. Webb, Secretary, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street NW., Washington, DC 20581. Comments may also be sent via the Internet via [email protected]. FOR FURTHER INFORMATION CONTACT: Stacy Dean Yochum, Office of the Executive Director, (202) 418-5157, or Glynn Mays, Office of General Counsel, (202) 418-5120, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street NW., Washington, DC 20581. SUPPLEMENTARY INFORMATION: In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, and the Commission's implementing regulations, 17 CFR part 146, the Commission is publishing a description of five new systems of records. Each is described in detail below. 1. Telephone System. The Commission is establishing this system to enhance its ability to assess employee use of the telephone systems provided by the Commission. Since parts of this system may be used to retrieve information about an individual through the telephone number assigned to that individual, the Privacy Act of 1974, as amended, requires a general notice of the existence of this system of records to the public. The information may be used for telecommunication traffic studies, cost projections or other management studies and to enable the Commission to determine responsibility for placement of specific calls in connection with inquiries into possible employee or contractor misconduct, including misuse of government-provided telephones. The new system includes records relating to calls made from Commission telephones or charged to CFTC issued calling cards. The Commission keeps a record of the telephone number or calling card number assigned to each employee or on-site contractor. Local telephone services provide a monthly bill which includes a list of local toll call activity. For local toll calls, the bill shows the number from which the call was made, the date and time of the call, the city or service and the number to which the call was made, the length of the call and the charge for the call. For long distance calls placed through the Federal Telecommunications System, the General Services Administration (GSA) provides the Commission with a monthly report by line number that shows the city and telephone number for each call placed, the date, time and duration of the call and the cost for that call. This system also contains telephone assignment records, records reflecting the location of government telephones and requests for information concerning calls made to or from particular line numbers. OAS also receives reports, listed by calling card number, of employee long-distance calls placed through AT&T, MCI, and Sprint which are charged to an employee's government issued calling card. 2. Interoffice and Internet E-mail. The Commission is establishing a system of records for its electronic mail system. The e-mail system allows each employee to send and receive messages and document attachments at his or her personal computer. Because this system allows information on individuals to be retrieved through the address assigned to each employee or on-site contractor, the Privacy Act of 1974, as amended, requires a general notice of the existence of this system of records to the public. The interoffice system allows messages to be sent and received by CFTC employees or on-site contractors. Through gateway software, employees also may use their e-mail system to send and receive external messages and document attachments via the Internet. Each employee has an interoffice mail address based on his or her name, division or office and location. Each employee also has an Internet address [[Page 29109]] which is based on his or her name (usually the first initial and full last name of the employee) with the appendix ``@cftc.gov'' which is the Commission's registered Internet domain. Employees have a number of options on how to treat information sent or received through the e-mail system. They may send and delete, send and save, send and move to another file, just save or just move, and print. The complete content of both interoffice and Internet e-mail which has been saved by the sender or recipient, including sender, recipient, subject, attachments, date and time, and message, is retained on file servers in each CFTC location. The e-mail information remains on the file server until the employee deletes the message sent or received, or some system failure causes a loss of e-mail information. File servers are backed up nightly on magnetic tapes which are rotated every four weeks. The e-mail information is maintained by the agency's network administrators and may be accessed, if necessary to restore mail service in the event of a hardware or software failure. The network administrator has the capability to access the header information of the message (i.e., sender, recipient, subject, date and time sent or received, and the filename of any data attached) in order to maintain the system. In addition, the network administrator has the capability to change passwords for employees, which employees may request if they have forgotten their password or their password has been compromised. At the time the network administrator assigns a temporary password to an employee, the network administrator has the ability to access the content of the employee's mailbox. The network administrator's authority to change a password without a request from the employee is severely limited. Once an employee enters a new password, which he or she must do to access the e-mail system after the temporary password change, the network administrator no longer has access to the employee's mailbox, except to view the header information. As part of the gateway software used by the Commission to link the Internet to the interoffice mail system, the network administrator will see the full content of an Internet e-mail message in the event of an error. If the person to whom a CFTC employee sent an Internet e-mail message cannot be reached or if a message sent to a CFTC employee cannot be received, usually due to an error in the address or a malfunction of any hardware in the link, a CFTC ``postmaster,'' who is also a network administrator, receives both the header information and the content of the message. The network administrator then alerts the employee trying to send or receive the message of the error and assists in the resolution of the error, if possible. The purpose of this feature is to provide the postmaster with the information necessary to resolve errors. 3. Internet Web Site and News Group Browsing. The Commission is establishing a system of records related to employees' use of the Internet web site and news group browsing capability. The Commission offers the capability to browse Internet web sites and news groups in order to conduct quick and extensive research to enhance productivity and effectiveness. Because information in this system can be retrieved by an Internet protocol address assigned to each computer which is, in turn, assigned (in most cases) to an office and individual, the Privacy Act of 1974 , as amended, requires a general notice of the existence of this system of records to the public. When an individual accesses Internet web sites or news groups from a CFTC computer, a record , expressed in URL (Uniform Resource Locator) terms, which shows the address of each site visited and the document and graphic images viewed are kept on the individual computer. The information is stored in a ``history file,'' which includes the URL as well as additional data, and in a ``cache directory,'' which stores text and graphic images from sites visited so that the computer can retrieve the information from its own files rather than the Internet if the user wishes to revisit the site. The purpose of the record on the individual computer is to allow the individual to recall particular sites visited more quickly. The record in the history file expands until 100 URLs are entered or until the individual deletes the information. The files in the ``cache directory'' will increase until 1% hard disk capacity is reached or until the individual deletes the information. When capacity is reached in the history file or the cache directory, the information will be overwritten, with the oldest information being replaced first. This information on the individual computer is not protected by a password; any individual using that computer could determine what web sites had been previously visited using that computer. No information in that record identifies the individual who conducted the searches. However, if the computer resides in an office assigned to one individual, that individual is presumably the person using the computer to visit the web sites recorded on that computer. Records on web site and news group browsing are also kept for a limited time on the Commission's firewall software located in the headquarters computer room. Because the file size for recording web site and news group browsing is limited, the firewall retains the information until the file is full. Currently, the file becomes full in about 3 days, although that time could shorten with increased web site and news group browsing. The records are kept by Internet protocol address, which is assigned to a particular computer in a particular location. Some computers are ``shared access'' computers, but most are assigned to an individual. In addition to the protocol address, the firewall software tracks the web sites and news groups accessed and the date and time of the access, although not the content of the site or search. The network administrators have access to the firewall information in order to assess the use of the Internet web site and news group browsing capability. The Commission has put a ``URL blocker'' into place to block access to web sites and news groups that are clearly unrelated to the work of the Commission. 4. Lexis/Westlaw Billing System. The Commission is establishing a system of records which tracks, by division, by database used, by employee name and by user identification, the date, elapsed time and charge for the use of the Lexis and Westlaw legal research systems. The billing system also tracks the subject name of the search, which is provided by the individual user. Because this system allows retrieval of information about an individual through his or her name, the Privacy Act of 1974, as amended, requires a general notice of the existence of this system of records to the public. In order to enhance Commission employees' ability to conduct efficient legal research, the Commission has entered into a government contract, through the Library of Congress, for access to the Lexis and Westlaw legal research systems. Each employee who wishes to use the system obtains a user identification number and, if necessary, training on the system through the Administrative Officer, Office of Information Resources Management (OIRM). The cost of the system to the Commission is based on actual usage. Each month, the Commission receives a detailed bill from Lexis/Westlaw providing information by division which includes user name, user identification number, the total charge, [[Page 29110]] date, type of charge, elapsed time of the search and the database accessed. The Administrative Officer, OIRM, reviews the billing information and forwards the information for each office to the office's administrative officer. The administrative officer certifies that the information is accurate, i.e., that the individuals using the system are, in fact, Commission employees who would, in the performance of their duties, have need of the legal research system, and returns the billing information to the Administrative Officer, OIRM. The Administrative Officer then certifies the bill on behalf of the Commission, and forwards the certification to the CFTC's Office of Financial Management for payment. The Administrative Officer retains a hard copy of the billing information for a period of two years in a locked drawer of her desk. Information is retrieved only by manual search, and in order to retrieve information about individual usage, the Administrative Officer must look at each month's bill and know the division or office in which the individual works. The Administrative Officer uses the information to conduct an annual analysis, without reference to individual users, of the cost of Lexis/Westlaw use by month and year, and comparing actual expenditures to budget estimates. Lexis/Westlaw also has access to this information, but uses it only for statistical and billing purposes. In the event that apparently excessive or unusual use of the Lexis/ Westlaw databases was evident from the face of the bill, the administrative officer in each division would be responsible for discussing the matter with division employees or management prior to certifying the information as accurate. 5. Automated Library Circulation System. The Commission is establishing an automated library circulation system to improve inventory control of the Commission's library resources. Because parts of this system may be used to retrieve information about an individual through his or her library bar code number, the Privacy Act of 1974, as amended, requires a general notice of the existence of this system of records to the public. Before the establishment of the automated system, information on checking out library materials was done by hand, on index cards, by various library employees. As a result, the accuracy of the information was questionable. When an employee left the Commission, the library could not always accurately determine what materials the person needed to return to the library. Similarly, if library materials were missing, their location could not always be accurately traced. The new automated circulation system's primary feature is a bar code based check-in, check-out system. The library assigns each book a unique bar code number. The library also assigns each library user a unique bar code number, which is kept on a rolodex card at the circulation desk. At the point of check out, the bar codes are entered into the automated system by waving a bar code reader over the user information and the book information. The computer unites the book and the user bar codes, and a loan record is established. When the book is returned or, in the case of lost materials, when reimbursement is made, the loan record is deleted. Individuals may also request that a hold be placed in the system on individual titles to prevent the title from being checked-out or renewed . When a title has been checked-out, the system places a ``CHECKED OUT'' notice next to the title in the library's automated catalog. The identity of the person who checked-out the material is not available to the catalog user, but is available to library staff. The circulation system can provide each user, on request, a receipt for his or her most current loan transaction. The receipt will include a list of all materials currently checked-out to the individual. The system does not retain any record of check out once the materials are returned. The system can also produce, if necessary, a series of three computer-generated overdue notices. The third notice informs the recipient that he or she will be responsible for reimbursing the Commission the cost of the materials borrowed unless the materials are returned within a specified period. These new systems of records, as required by 5 U.S.C. 552a(r) of the Privacy Act, have been submitted to the Committee on Government Oversight and Reform of the U.S. House of Representatives, the Committee on Governmental Affairs of the U.S. Senate, and the Office of Management and Budget, pursuant to Appendix I to OMB Circular A-130, ``Federal Agency Responsibilities for Maintaining Records About Individuals,'' dated July 15, 1994. Accordingly, the Commission is giving notice of the establishment of the following systems of records: CFTC-34 SYSTEM NAME: Telephone System. SYSTEM LOCATION: Monthly billing records for local toll calls, long distance calls, and calling card calls are located in the Office of Administrative Services, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street, NW, Washington, DC 20581. The most current record of the phone numbers and calling card numbers assigned to individual employees and contractors is kept by the administrative office in each regional location except Los Angeles. Los Angeles telephone assignment records are kept in the Washington, DC, Office of Administrative Services. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: Individuals (generally Commission employees and on-site contractor personnel) who make telephone calls from Commission telephones or use government issued calling cards. CATEGORIES OF RECORDS IN THE SYSTEM: Records relating to the use of Commission telephones or calling cards to place calls; records indicating assignment of telephone or calling card numbers to employees; and records relating to requests for telephone call detail information. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 301 and 41 CFR part 101-35. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: See the Commission's ``General Statement of Routine Uses,'' Nos. 1 and 2, Privacy Act Issuances, 1995. In addition, records and data may be disclosed as necessary (1) to representatives of the General Services Administration or the National Archives and Records Administration who are conducting records management inspections under the authority of 44 U.S.C. 2904 and 2906; (2) to a telecommunications company or consultant providing telecommunications support to permit servicing the account. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: Records are stored on computer printouts. RETRIEVABILITY: Records are retrievable by a Commission telephone or calling card number that is assigned to an individual. SAFEGUARDS: In addition to general building security, records are maintained in limited access areas at all times. [[Page 29111]] RETENTION AND DISPOSAL: In accordance with the general record schedules and the Commission's record management handbook, the records in the system are considered temporary and are destroyed when no longer required, usually every 3 months. SYSTEM MANAGER(s) AND ADDRESS: Director, Office of Administrative Services, Commodity Futures Trading Commission, 1155 21st Street, NW, Washington, DC 20581. NOTIFICATION PROCEDURES: Individuals seeking to determine whether the system of records contains information about themselves, seeking access to records about themselves in the system of records or contesting the content of records about themselves should address written inquiries to the FOI, Privacy and Sunshine Acts Compliance Staff, Commodity Futures Trading Commission, 1155 21st Street, NW, Washington, DC 20581. RECORD ACCESS PROCEDURES: See ``Notification Procedures,'' above. CONTESTING RECORD PROCEDURES: See ``Notification Procedures,'' above. RECORD SOURCE CATEGORIES: Telephone and calling card assignment records; call detail listings received from local and long distance service providers; results of administrative inquiries relating to assignment of responsibility for placement of specific long distance calls. CFTC-35 SYSTEM NAME: Interoffice and Internet E-Mail System. SYSTEM LOCATION: File servers in each system location (Washington, DC, Chicago, New York, Kansas City, Minneapolis, and Los Angeles) retain records. Records are backed up nightly onto magnetic tape in all locations except Minneapolis. Records are backed up weekly onto magnetic tape in the Minneapolis office. The most recent two weeks of tapes are kept in locked boxes in the Washington, DC, and Chicago locations. Tapes with information covering the prior two weeks are kept at an off-site storage facility in Washington, DC, and Chicago. Tapes with information covering the most recent four week period are kept on-site, in a secured area, in the New York, Kansas City, Los Angeles, and Minneapolis locations. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: All CFTC employees and on-site contractors. CATEGORIES OF RECORDS IN THE SYSTEM: Records on the use of the interoffice and Internet e-mail system, including address of sender and receiver(s), subject, date sent or received, name of attachment and certification status. On a restricted basis, records may include the contents of an individual's mailbox. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 301 and section 12(b)(3) of the Commodity Exchange Act, 7 U.S.C. 16(b)(3). ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: The records are used by CFTC network administrators who have a need for the records in the performance of their duties. See also the Commission's ``General Statement of Routine Uses,'' Nos. 1, and 2, Privacy Act Issuances, 1995 Comp. In addition, the records and data, other than the content of individual mailboxes, may also be disclosed as necessary to contractors as necessary for assessment, modification, or maintenance of the e-mail system. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: Records are stored on the file servers in each CFTC location. Servers are backed up nightly and the information is transferred to magnetic tape. In Washington, DC, and Chicago, the most recent two weeks of magnetic tape are kept in a locked box in the Computer Room. The prior two weeks are kept at an off-site storage facility in Washington, DC, and Chicago. The entire four weeks of magnetic tape information is kept in unlocked boxes in a secured area in the New York, Kansas City, Los Angeles and Minneapolis locations. RETRIEVABILITY: The information can be retrieved by assigned interoffice or Internet mail address. SAFEGUARDS: Only network administrators have access to the e-mail information. This access is generally limited to the ``header'' information described under ``Categories of Records.'' The tapes are kept in locked storage boxes in Washington, DC, and Chicago, and only network administrators and OIRM management have keys to the locked boxes. In the New York, Kansas City, Los Angeles and Minneapolis locations, tapes are kept in unlocked boxes, either stored in a fireproof safe or vault. Only designated office personnel have access to the safe or vault. RETENTION AND DISPOSAL: Records on magnetic tape are retained for four weeks, then destroyed as the tape is written over with new information. Records are retained on the file server until the sender and receiver delete the information from the e-mail system. Internet e-mail information that is received by the postmaster due to an error in delivery is considered temporary and is destroyed after the problem is corrected. SYSTEM MANAGER(S) AND ADDRESS: Network Manager, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street NW., Washington, DC 20581. NOTIFICATION PROCEDURES: Individuals seeking to determine whether the system of records contains information about themselves, seeking access to records about themselves in the system of records, or contesting the content of records about themselves should address written inquiries to the FOI, Privacy and Sunshine Acts Compliance Staff, Commodity Futures Trading Commission, 1155 21st Street NW., Washington, DC 20581. RECORDS ACCESS PROCEDURES: See ``Notification Procedures'' above. CONTESTING RECORDS PROCEDURES: See ``Notification Procedures'' above. RECORDS SOURCE CATEGORIES: Internet e-mail, interoffice e-mail. CFTC 36 SYSTEM NAME: Internet Web Site and News Group Browsing System. SYSTEM LOCATION: Firewall software, located on PC in the Washington, DC, office's computer room. Information on use of each personal computer is stored on that computer. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: All CFTC employees and on-site contractors who are users of the Internet Web Site and News Group Browsing capability. CATEGORIES OF RECORDS IN THE SYSTEM: Records on the web sites and news groups visited, as identified by the [[Page 29112]] Internet protocol address assigned to each computer, as well as information on the date and time of the web site or news group access. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 301 and section 12(b)(3) of the Commodity Exchange Act, 7 U.S.C. 16(b)(3). ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: The records are used by CFTC network administrators for maintenance of the firewall system which protects the CFTC from unauthorized access to its data. The network administrators may also use the information to evaluate the level of use of the agency's Internet browsing capability. See also the Commission's ``General Statement of Routine Uses,'' Nos. 1, and 2, Privacy Act Issuances, 1995 Comp. Records may also be disclosed as necessary to the agency's Internet service provider or agency contractor to the extent the information is necessary for maintenance of the agency's Internet access. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: Records are kept on the software maintained on the firewall gateway server in the headquarters computer room. In addition, a record of the Internet browsing done on each computer is maintained on that PC. The length of time of storage on the firewall gateway server is governed by available disk space on the server. At current levels of browsing usage, the information is stored on the server for approximately three days. Information on web sites visited by each PC is also stored in the PC's history file or cache directory. The information is stored on the individual PC until the cache directory consumes 1% of total disk space. Oldest items are then removed until the directory is equal to or less than 1% of the total disk space. History file records are maintained until 100 URLs are entered. (URL stands for ``Uniform Resource Locator'' and is the address of the site visited, for example, http://www.cftc.gov). The oldest URLs are deleted until the total URL count is equal to or less than 100 entries. RETRIEVABILITY: The information can be retrieved by Internet protocol address. The network administrators have access to information about the office location and individuals assigned to each computer, as identified by Internet protocol address. SAFEGUARDS: Network administrators, through use of a password protection, have access to the Internet web browsing system information that is stored on the firewall gateway server in the headquarters computer room. Access to the computer room is limited to OIRM employees. The Director of OIRM may grant the Commission's Internet service provider access to the Internet web browsing system information for maintenance purposes. However, the provider would not have access to the information that links Internet protocol addresses to particular computers, locations and individuals. RETENTION AND DISPOSAL: Records are retained on the Commission's firewall software for approximately three days, then written over. SYSTEM MANAGER(S) AND ADDRESS: Network Manager, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street NW., Washington, DC 20581. NOTIFICATION PROCEDURES: Individuals seeking to determine whether the system of records contains information about themselves, seeking access to records about themselves in the system of records, or contesting the content of records about themselves should address written inquiries to the FOI, Privacy and Sunshine Acts Compliance Staff, Commodity Futures Trading Commission, 1155 21st Street NW., Washington, DC 20581. RECORDS ACCESS PROCEDURES: See ``Notification Procedures'' above. CONTESTING RECORDS PROCEDURES: See ``Notification Procedures'' above. RECORDS SOURCE CATEGORIES: Internet, web site and news group browsing, Web site access. CFTC 37 SYSTEM NAME: Lexis/Westlaw Billing Information System. SYSTEM LOCATION: Office of Information Resources Management, Three Lafayette Centre, 1155 21st Street NW., Washington, DC, 20581. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: All CFTC employees and on-site contractors who are users of the Lexis/Westlaw research system. CATEGORIES OF RECORDS IN THE SYSTEM: Records on the name, search subject, database searched, date, elapsed time, type of charge, and total charge for a search in the Lexis/Westlaw automated research system. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 301 and section 12(b)(3) of the Commodity Exchange Act, 7 U.S.C. 16(b)(3). ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: Records are used primarily by the Administrative Officer, OIRM, to monitor expenditures and to ensure the availability of funds. The records containing usage information are distributed monthly to the administrative officers in each office for their confirmation that Lexis/Westlaw use was authorized. See the Commission's ``General Statement of Routine Uses,'' Nos. 1 and 2, Privacy Act Issuances, 1995 Comp. Lexis/Westlaw can also access the information and uses it for statistical analysis and billing purposes. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: Billing information is maintained by the Administrative Officer, OIRM, in a locked file drawer. RETRIEVABILITY: By division, by month of use, by database accessed, by user name and user identification number. Retrieval is done manually. SAFEGUARDS: Billing information is kept in locked desks at all times. Information is provided only to the Administrative Officer, OIRM, and is circulated to the administrative officer for each office. RETENTION AND DISPOSAL: Hard copies of monthly billing statements are retained for two years, then destroyed. SYSTEM MANAGER(S) AND ADDRESS: Administrative Officer, Office of Information Resources Management, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street NW., Washington, DC 20581. [[Page 29113]] NOTIFICATION PROCEDURES: Individuals seeking to determine whether the system of records contains information about themselves, seeking access to records about themselves in the system of records, or contesting the content of records about themselves should address written inquiries to the FOI, Privacy and Sunshine Acts Compliance Staff, Commodity Futures Trading Commission, 1155 21st Street NW., Washington, DC 20581. RECORDS ACCESS PROCEDURES: See ``Notification Procedures'' above. CONTESTING RECORDS PROCEDURES: See ``Notification Procedures'' above. RECORDS SOURCE CATEGORIES: Lexis/Westlaw billing information. CFTC 38 SYSTEM NAME: Automated Library Circulation System. SYSTEM LOCATION: Library, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street, NW., Washington, DC 20581. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: Individual CFTC employees who check out books and periodicals from the CFTC Library. CATEGORIES OF RECORDS IN THE SYSTEM: Records showing the bar code assigned to employees who use the library, title, due date, and hold information on library materials checked-out by individual CFTC employees; records of overdue materials and of employee notification of overdue materials. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 301 and 41 CFR part 101-27. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM , INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: The Library staff uses the information to track the location of library materials, to provide users on request with a list of materials currently shown as in their possession, and to issue, as necessary, overdue notices for materials. See the Commission's ``General Statement of Routine Uses,'' Nos. 1 and 2, Privacy Act Issuances, 1995 Comp. The records may also be disclosed as necessary to agency contractors in connection with assessment, modification or maintenance of the automated circulation system. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: Records are stored on the CFTC local area network file server. Records on the identifying bar codes assigned to individuals are stored in the file server and on rolodex cards. RETRIEVABILITY: Records are retrievable by employee name or by the employee's bar code number. SAFEGUARDS: Records may be accessed only by authorized CFTC staff members, who are principally staff of the Library or the Office of Information Resources Management. Staff members must use an individual password to gain access to the information stored in the computer. RETENTION AND DISPOSAL: Records in the system are considered temporary. The records of library transactions are destroyed when an item on loan is returned or reimbursement is made for replacement of the item. SYSTEM MANAGER(S) AND ADDRESS: Administrative Librarian, Commodity Futures Trading Commission, 1155 21st Street NW., Washington, DC 20581. NOTIFICATION PROCDURES: Individuals seeking to determine whether the system of records contains information about themselves, seeking access to records about themselves in the system of records, or contesting the content of records about themselves should address written inquiries to the FOI, Privacy and Sunshine Acts Compliance Staff, Commodity Futures Trading Commission, 1155 21st Street NW., Washington, DC 20581. RECORDS ACCESS PROCEDURES: See ``Notification Procedures'' above. CONTESTING RECORDS PROCEDURES: See ``Notification Procedures'' above. RECORDS SOURCE CATEGORIES: Library user bar code identifiers; library materials use; overdue notices. Issued in Washington, DC on May 20, 1997, by the Commission. Jean A. Webb, Secretary of the Commission. [FR Doc. 97-13773 Filed 5-28-97; 8:45 am] BILLING CODE 6351-01-P
======== RETURN TO INDEX ========