FR 2020-28791

The Department of Defense (DoD) has put forward a proposed rule seeking to update its system of records, known as the DoD 0004 "Defense Repository for Common Enterprise Data" (DRCED), under the Privacy Act of 1974. The intention behind this update is to exempt certain portions of records from the Privacy Act's provisions, primarily due to national security concerns. The proposal has been made available for public comment until March 8, 2021. The DoD claims that the new rule will neither significantly affect small businesses nor require additional public information collections.

General Summary

The proposed rule aims to bolster the security framework for the DRCED, which supports various information systems within the DoD that handle sensitive data used for critical national security operations. By claiming exemptions under the Privacy Act, the DoD seeks to withhold classified national security information from individuals who might request access or amendments to their records. This measure is designed to protect sensitive information that, if disclosed, could potentially harm national security.

Significant Issues and Concerns

A notable issue with the proposal is its lack of transparency regarding the specifics of the records or data being exempted. While the overarching goal is to protect national security, the absence of detailed examples or scenarios makes it challenging to assess the necessity or appropriateness of these exemptions. The broad justifications provided tend to obscure the specific scenarios under which exemptions would apply.

Moreover, the document's technical language may be difficult for the general public to understand. The emphasis on legal references and executive orders without detailed explanations could lead to confusion, particularly concerning how these legal frameworks interact with the proposed rule.

The limitations placed on written comments due to COVID-19 could potentially restrict public participation, particularly for individuals without internet access. This situation might prevent some stakeholders from fully engaging in the rulemaking process.

Impact on the Public and Specific Stakeholders

For the general public, the most immediate effect of this proposal will be the restriction of access to certain records related to the DRCED due to national security considerations. Individuals' ability to amend their records could also be limited, impacting personal privacy rights.

Specific stakeholders, such as federal contractors and other agencies interacting with the DoD, might experience indirect consequences. The proposed rule doesn't address these interactions directly, but it could affect how these entities manage and share sensitive information with the DoD.

On the positive side, this proposed rule aims to protect national security by safeguarding sensitive information, potentially preventing security breaches. Therefore, while there may be privacy implications, the proposed exemptions serve to bolster the integrity and confidentiality of critical national data.

Conclusion

While the DoD's intentions to protect national security are clear, the proposed rule's lack of detailed justifications, reliance on technical language, and restricted public participation process might hinder stakeholder understanding and engagement. It emphasizes the need for balancing privacy rights with security concerns, ensuring that protective measures do not overly compromise individual rights. Stakeholders such as the general public, contractors, and other federal agencies are encouraged to navigate these changes while contemplating the broader implications on privacy and security.

The document contains one specific monetary reference related to the Unfunded Mandates Reform Act, which states that the proposed rule does not involve a federal mandate that may result in expenditures of $100 million or more by state, local, and tribal governments or the private sector. This financial reference is crucial in assessing the economic impact of the proposed rule on various governmental levels and the private sector.

In terms of financial implications, the statement indicates that the proposed rule by the Department of Defense (DoD) is not expected to impose significant financial burdens on external entities, like state or local governments and businesses, by requiring them to spend funds to comply with this rule. This lack of financial burden may reflect that the rule primarily affects internal administrative processes within the DoD.

The reference is particularly relevant in the context of concerns raised about the potential impact on individuals and entities beyond the DoD. While this financial assurance suggests that direct costs to external parties are not anticipated, it does not address other non-financial concerns, such as those related to privacy and access to records.

Additionally, the absence of substantial financial impact on non-federal entities underscores a broader issue of transparency. Without significant financial implications, affected parties might not have monetary motivations to challenge or engage deeply with the proposed rule. This could limit engagement and feedback from sectors that typically might be more vocal if substantial financial resources were at stake.

Overall, the financial reference within the rulemaking document serves to reassure that, from a budgetary standpoint, the proposed exemption of certain records does not translate into direct costs for non-federal entities. However, it highlights a potential gap when it comes to understanding the broader, non-financial impacts of the proposed rule.