The FCC is proposing a new routine use. As published in the Federal Register, the FCC is proposing a new routine use that they state is needed to allow for "disclosure of records to appropriate persons and entities for purposes of response and remedial efforts in the event of a breach of data contained in the
protected systems". According to the FCC, this "routine use will facilitate an effective response to a confirmed or suspected breach by allowing for disclosure to individuals affected by the breach, in cases, if any, where such disclosure is not otherwise authorized under the Act. This routine use will also authorize disclosures to others who are in a position to assist in response efforts, either by assisting in notification to affected individuals or otherwise playing a role in preventing, minimizing, or remedying harms from the breach." The deadline for public comments on this new routine use is April 30, 2007.
The Army is also making changes to its Privacy Act regulations. It proposes to amend four of its Privacy Act systems of records on April 27, 2007, unless it receives comments "which result in a contrary determination."
While neither of these changes are earth shattering, it is good to see agencies taking notice of their responsibilities under the Privacy Act. By looking at and revising these Privacy Act matters so as to keep them current, these agencies make it easier, at least in theory, for agency personnel to act in a way that doesn't run afoul of the Act.