Privacy Act; System of Records

Dates

These revisions will become effective without further notice on June 6, 2024, unless comments received on or before that date result in a contrary determination.

Supplementary Information

I. Background

USPS seeks to implement a series of products to improve postal operations related to tool management and equipment support using Radio Frequency Identification (RFID) technology. USPS will utilize a suite of products, including an automated tool control application, industrial vending machines, RFID scanner tunnels, and electronically controlled lockers. These products will use RFID badge scans to track usage and provide access to tools. The system generates reports for restocking and analysis, and live dashboards are available to managers for customization. The aim of these systems is to enhance accountability and tool management, ensuring control of existing tools and adding cost-savings through enhanced tracking of equipment. This system will further promote efficiency, as not only with USPS be able to track its workroom and tool assets but anticipate when perishable resources are running low and take appropriate action.

II. Rationale for Changes to USPS Privacy Act Systems of Records

To further its efforts, this SOR will be revised as follows:

New purposes added: 17-20.

Modified Categories of Records: 1 and 2.

New category of records: 15. Tool Management Analytics and Transactional Records.

New Policy for Retrieval of Records: 8.

New Policy for Retention of Records: 9.

III. Description of the Modified System of Records

Pursuant to 5 U.S.C. 552a (e)(11), interested persons are invited to submit written data, views, or arguments on this proposal. A report of the proposed revisions has been sent to Congress and to the Office of Management and Budget for their evaluations. The Postal Service does not expect these amended systems of records to have any adverse effect on individual privacy rights.

The notice for modifications to USPS SOR 500.000, Property Management Records is provided below in its entirety:

SYSTEM NAME AND NUMBER:

USPS 500.000, Property Management Records

SECURITY CLASSIFICATION:

None

SYSTEM LOCATION:

All USPS facilities and contractor sites.

SYSTEM MANAGER(S):

For records of accountable property, carpool membership, and use of USPS parking facilities:

Vice President, Facilities, United States Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.

For records of building access and Postal Inspector computer access authorizations: Chief Postal Inspector, Inspection Service, United States Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.

For other records of computer access authorizations: Chief Information Officer and Executive Vice President, United States Postal Service, 475 L'Enfant Plaza SW, Washington, DC 20260.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

39 U.S.C. 401.

PURPOSE(S) OF THE SYSTEM:

1. To ensure personal and building safety and security by controlling access to USPS facilities.

2. To ensure accountability for property issued to persons.

3. To assign computer logon IDs; to identify USPS computer users to resolve their computer access problems by telephone; and to monitor and audit the use of USPS information resources as necessary to ensure compliance with USPS regulations.

4. To enable access to the USPS meeting and video web conferencing applications.

5. To enhance your online meeting experience by utilizing enhanced features and functionality, including voluntary polling to gather responses from attendees to generate reports or the interactive chat feature.

6. To facilitate team collaboration and communication through information sharing and cross-functional participation.

7. To allow users to communicate through web-based applications.

8. To facilitate and support cybersecurity investigations of detected or reported information security incidents.

9. To share your personal image via your device camera during meetings and web conferences, if you voluntarily choose to turn the camera on, enabling virtual face-to-face conversations.

10. To authenticate user identity for the purpose of accessing USPS information systems.

11. To provide parking and carpooling services to individuals who use USPS parking facilities.

12. To provide pre-registration for guest access to online meetings and web conferences.

13. To provide visibility on unmeasured workroom floor activities.

14. To enhance visibility into work hours used by product type, standard work management, and overtime status.

15. To improve scheduling efficiency through visibility into the use of workroom floor assets and activities.

16. To generate clock ring data based on employee workroom floor activities, assignments and/or duties.

17. To enhance tool management, security, and efficiency for Mail Processing Equipment mechanics and technicians.

18. To provide analytic, surveillance, and reporting support for tool management services.

19. To enhance tool management accountability through reports and alerts.

20. To provide managers with visibility into employee tool management and use and provide remediation capabilities and enable personnel recourse related to improper tool management.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

1. Individuals who are granted regular access to USPS facilities through the issuance of a building access badge, or who are assigned accountable property.

2. Individuals with authorized access to USPS computers and information resources, including USPS employees, contractors, and other individuals; Individuals participating in web-based meetings, video conferences, collaboration, and communication applications.

3. Individuals who are members of carpools with USPS employees or otherwise regularly use USPS parking facilities.

CATEGORIES OF RECORDS IN THE SYSTEM:

1. Building and property access information: Records related to issuance of building and property access authorization and badges, including name, Social Security Number, Employee Identification Number, date of birth, photograph, postal assignment information, work contact information, finance number(s), duty location, and pay location, Advanced Computing Environment (ACE) ID, email address.

2. Property issuance information: Records related to issuance of accountable USPS property, equipment, and controlled documents, including name, Social Security Number, equipment description, equipment serial numbers, and issuance date, Mail Processing Equipment (MPE) Machine Numbers, Mail Processing Equipment (MPE) Machine Work Order Numbers, and Locker User PIN.

3. Computer access authorization information: Records related to computer users, including logon ID, Social Security Number, Employee Identification Number, or other assigned identifier, employment status information or contractor status information, and extent of access granted.

4. Participant session data from web-based meetings and web conferences: Participant Name, Participant's Webcam-Generated Image (Including Presenters), Recorded Participant Audio, Video, And Shared Meeting Screen Content, Chat Interaction, Polling Questions And Associated Responses, Participant Join Time And Leave Time, Meeting Duration, Participant Location, Participant Media Hardware Information, Participant Job Information, Participant Stated Locale, Participant Connection Type, Participant Data Center, Participant Device Type, Participant Domain, Participant Full Data Center, Participant Hard Disk ID, Participant ID, Participant IP Address, Participant Join Time, Participant Camera Name, Participant MAC Address, Participant Microphone Name, Participant Network Type, Participant PC Name, Participant Role, Participant Share Settings, Participant Speaker Name, Participant Status, Participant User ID, Participant User Name, Participant Zoom, Participant SIP URL, Participant Leave Reason, Participant AS Input, Participant AS Output, Participant Audio Input, Participant Audio Output, Participant CPU Usage, Participant Video Input, Participant Video Output, Participant Quality, Participant Sharing Details, Participant Recording Details.

5. Web-Based Meeting And Web Conference Application Data: In-Meeting Messages, Meeting Transcriptions, Written Feedback Responses, Invitation Tails, Meeting Name, Chat Name, Meeting Agenda, Meeting Host, Meeting Department, Meeting Duration, Meeting Email, Meeting End Time, Meeting Media Settings, Meeting ID, Meeting Participants, Meeting Participants In Room, Meeting Start Time, Meeting Topic, Meeting Tracking Fields, Meeting User Type, Meeting UU ID, Meeting Audio Quality, Meeting Video Quality, Meeting Screen Share Quality, Meeting Duration, Meeting Contacts, Meeting Contact Email, Meeting Settings, Web Conferences Custom Keys, Web Conferences Department, Web Conferences Duration, Web Conferences Email, Web Conferences End Time, Web Conferences Settings, Web Conferences ID, Web Conferences Participants, Web Conference Start Time, Web Conferences Topic, Web Conferences User Type, Web Conferences UU ID, Web Conferences Audio Quality, Web Conferences Video Quality, Web Conferences Screen Share Quality, Web Conferences Host Name, Web Conferences Participant Camera Name, Web Conferences Participant Connection Type, Web Conferences Participant Data Center, Web Conferences Participant Device Type, Web Conferences Participant Domain, Web Conferences Participant From SIP Uri, Web Conferences Participant Full Data Center, Web Conferences Participant Hard Disk ID, Web Conferences Participant ID, Web Conferences Participant IP Address, Web Conferences Participant Join Time, Web Conferences Participant Leave Reason, Web Conferences Participant Leave Time, Web Conferences Participant Location, Web Conferences Participant MAC Address, Web Conferences Participant Microphone Name, Web Conferences Participant Network Type, Web Conferences Participant PC Name, Web Conferences Participant Role, Web Conferences Participant Share Settings, Web Conferences Participant SIP URI, Web Conferences Participant Speaker Name, Web Conferences Participant Status, Web Conferences Participant User ID, Web Conferences Participant User Name, Web Conferences Participant Version, Web Conferences Participant AS Input, Web Conferences Participant AS Output, Web Conferences Participant Audio Input, Web Conferences Participant Audio Output, Web Conferences Participant CPU Usage, Web Conferences Participant Video Input, Web Conferences Participant Video Output, Web Conferences Participant Recording Details, Web Conferences Participant Sharing Details, Web Conferences Participant Customer Key, Web Conferences Poll Title, Web Conferences Poll Status, Web Conferences Poll Start Time, Web Conferences Q&A Question Email, Web Conferences Q&A Question Name, Web Conferences Q&A Question Details, Web Conferences Q&A Question Start Time, Web Conferences Registrant Address, Web Conferences Registrant City, Web Conferences Registrant Comments, Web Conferences Registrant Country, Web Conferences Registrant Create Time, Web Conferences Registrant Custom Questions, Web Conferences Registrant Email, Web Conferences Registrant Name, Web Conferences Registrant ID, Web Conferences Registrant Industry, Web Conferences Registrant Join URL, Web Conferences Registrant Job Title, Web Conferences Registrant Number Of Employees, Web Conferences Registrant Organization, Web Conferences Registrant Phone, Web Conferences Registrant Purchasing Time Frame, Web Conferences Registrant State, Web Conferences Registrant Status, Web Conferences Registrant ZIP Code, Web Conferences Poll Results, Web Conferences Panelist Email, Web Conferences Panelist Name, Meeting Registrant Name, Meeting Registrant Email, Meeting Invitation Text, Meeting Attendee Name, Meeting Attendee Join URL, Meeting Registrant Address, Meeting Registrant City, Meeting Registrant Comments, Meeting Registrant Country, Meeting Registrant Create Time, Meeting Registrant Custom Questions, Meeting Registrant Email, Meeting Registrant Name, Meeting Registrant ID, Meeting Registrant Industry, Meeting Registrant Job Title, Meeting Registrant Number Of Employees, Meeting Registrant Organization, Meeting Registrant Phone Number, Meeting Registrant Purchasing Time Frame, Meeting Registrant Role In Purchase Process, Meeting Registrant State, Meeting Registrant Status, Meeting Registrant ZIP Code, Meeting Registrant Language, Meeting Registrant Join URL, Meeting Attendee Poll Response, Meeting Attendee Department, Cloud Recording Registrant City, Cloud Recording Registrant Comments, Cloud Recording Registrant Country, Cloud Recording Registrant Create Time, Cloud Recording Registrant Custom Questions, Cloud Recording Registrant Email, Cloud Recording Registrant Name, Cloud Recording Registrant ID, Cloud Recording Registrant Industry, Cloud Recording Registrant Job Title, Cloud Recording Registrant Number of Employees, Cloud Recording Registrant Organization, Cloud Recording Registrant Phone, Cloud Recording Registrant Purchasing Time Frame, Cloud Recording Registrant Role in Purchase Process, Cloud Recording Registrant Share URL, Cloud Recording Registrant Status, Cloud Recording Registrant ZIP Code, Cloud Recording Registrant Address, Cloud Recording Registrant State, Cloud Recording Registrant Meeting ID, Cloud Recording Registrant Field Name, Cloud Recording Registrant List of Registrants.

6. Device Data From Web-Based Meetings And Web Conferences: Device type (such as mobile, desktop, or tablet), Device Operating System, Number of users of related Operating Systems, Operating System Version, Operating System Type, MAC address, IP address, hard disk ID, PC Name, Bluetooth Information, Packet Loss, Internet Connection Type, Bluetooth Device Name, Bluetooth Device Type, Device Architecture, Central Processing Unit (CPU) Core Type, CPU core frequency, CPU Brand, Available Memory, Total CPU Capacity, Total Capacity Utilized by Application, Memory Used by Application, API Permissions, API Authentication, Authentication Secret Key, Graphics Processing Unit (GPU) Brand, GPU Type, Custom Attributes Defined by Organization, Archived Meeting Files, Archive Meeting Account Name, Archived Meeting File Download User, Archived Meeting File Extension, Archived Meeting File Size, Archived Meeting File Type, Archived Meeting File ID, Archived Meeting File Participant Email, Archived Meeting Participant Join Time, Archived Meeting Participant Leave Time, Archived Meeting File Recording Type, Archived Meeting File Status, Archived Meeting Complete Time, Archived Meeting Complete Time Duration, Archived Meeting Duration, Archived Meeting Duration In Seconds, Archived Meeting Host ID, Archived Meeting ID, Archived Meeting Settings, Archived Meeting Type, Archived Meeting Recording Count, Archived Meeting Start Time, Archived Meeting Topic, Archived Meeting Total Size, Archived Meeting UU ID, Past Meeting Participant ID, Past Meeting Participant Name, Past Meeting Participant Email, SIP Phone Authorization Name, SIP Phone Domain, SIP Phone ID, SIP Phone Password, SIP Phone Proxy Servers, SIP Phone Register Servers, SIP Phone Registration Expire Time, SIP Phone Transport Protocols, SIP Phone User Email, SIP Phone User Name, SIP Phone Voice Voicemail.

7. User Data From Web-Based Meetings And Web Conferences: User Creation Date, User Department, User Email Address, User Employee ID, User Name, User System ID, User Chat Group Ids, User System Client Version, User Last Login Time, User Picture URL, User PMI, User Status, User Timezone, User Type, User Verified Status, User Password, User JID, User Language, User Manager, User Personal Meeting URL, User Role ID, User Role Name, User Use PMI Status, User Phone Country, User Company, User Custom Attributes, User CMS User ID, User Pronouns, User Vanity Name, User Assistant Email, User Assistant ID, User Permissions, User Presence Status, User Scheduler Email, User Scheduler ID, User Settings, User Token, User Meeting Minutes, User Number Of Meetings, User Participant Number, User's Web Conferences Template, User Scheduled Web Conferences, User Web Conferences Settings, User Web Conferences Recurrence Settings, User Web Conferences Password, User Web Conferences Agenda, User Web Conferences Duration, User Web Conferences Start Time, User Web Conferences Template ID, User Web Conferences Topic. User Web Conferences Tracking Fields, User Web Conferences Time zone User Web Conferences Created Date, User Web Conferences Host ID, User Web Conferences Type, User Web Conferences UU ID, User Web Conferences Start URL, User TSP Account Conference Code, User TSP Account Dial-In Numbers, User TSP Account ID, User TSP Account Leader PIN, User TSP account TSP Bridge, User TSP Audio URL, Chat Messaging Content,

8. Web-Based Meeting And Web Conference Administration Data: Account Administrator Name, Account Contact Information Account ID, Account Billing Information, Account Plan Information, Conference Room Account type, Conference Room calendar name, conference room camera name, conference room device IP address, conference room email address, conference room health, conference room ID, conference room issues, conference room last start time, conference room microphone name, conference room name, conference room speaker name, conference room status, Conference Room live meeting, Conference Room past meetings, conference room activation code, conference room support email, conference room support phone, conference room passcode, conference room settings, conference room location description, conference room location name, User Sign In And Sign Out Times, Group admin name, Group admin email, group admin ID, group member email, group member first name, group member last name, group member ID, group member type, chat group ID, chat group name, chat croup total members, chat group, Files sent through chat, GIPHYs sent through chat, groups sent through chat, p2p sent through chat, text sent through chat, total sent through chat, audio sent through chat, code snippet sent through chat, Operation Log action, operation log category type, operation log operation detail, operation log user, operation log time, Role member department, role member email, role member first name, role member ID, role member type, client feedback detail email, client feedback detail meeting ID, client feedback detail participant name, client feedback detail time,

9. Web-Based Meeting And Web Conference Telemetry Data: Event Time, Client Type, Event Location, Event, Subevent, UUID, Client Version, UserID, Client OS, Meeting ID.

10. Persistent Message Application Telemetry Data: User Email, Group Chat, Message Type, In Meeting Message, Status, Do Not Disturb Time, Notification Setting, Show Group On Contact List, File Type, File Location, Link URL, Keywords, GIF Keywords, Emoji Code, Audio Setting, Video Setting, Is E2E Enabled, Message ID, IP Address.

11. Communication Data: Deleted Persistent Message Sender, Deleted Persistent Message Time, Deleted Persistent Message ID, Deleted Persistent Message Text, Deleted Persistent Message Main Message ID, Deleted Persistent Message Main Message Timestamp, Deleted Persistent Message File Name, Deleted Persistent Message File Size, Edited Persistent Message Sender, Edited Persistent Message Time, Edited Persistent Message ID, Edited Persistent Message Text, Edited Persistent Message Main Message ID, Edited Persistent Message Main Message Timestamp, Edited Persistent Message File Name, Edited Persistent Message File Size, Persistent Message Sender, Persistent Message Time, Persistent Message ID, Persistent Message Main Message ID, Persistent Message Main Message Timestamp, Persistent Message File, Persistent Message File Size, Persistent Message Images Exchanged, Persistent Message Files Exchanged, Persistent Message Videos Exchanged, Persistent Message Channel Title, Persistent Message Whiteboard Annotations, Persistent Message Text, Deleted Message Sender, Deleted Message Time, Deleted Message ID, Deleted Message Text, Deleted Message Main Message ID, Deleted Message Main Message Timestamp, Deleted Message File Name, Deleted Message File Size, Edited Message Sender, Edited Message Time, Edited Message ID, Edited Message Text, Edited Message Main Message ID, Edited Message Main Message Timestamp, Edited Message File Name, Edited Message File Size, Message Sender, Message Time, Message ID, Message Main Message ID, Message Main Message Timestamp, Message File, Message File Size, Message Text.

12. Identity verification information: Question, answer, and email address.

13. Carpool and parking information: Records related to membership in carpools with USPS employees or about individuals who otherwise regularly use USPS parking facilities, including name, space number, principal's and others' license numbers, home address, and contact information.

14. Workroom Floor Access and Activity Information: Records related to issuance of building access badges supporting time keeping functions, including name, Bluetooth Device ID, Employee Identification Number, postal assignment information, workroom floor activities, assignments and/or duties, work contact information, finance number(s), duty location, clock ring data, and pay location.

15. Tool Management Analytics and Transactional Records: Tools Checked Out/In With Time Stamps And Employee Info, Other Database Updates With Time Stamps And Employee Info, Parts Checked Out With Time Stamps, Work Order Info And Employee Info, Parts Restocked With Time Stamps And Employee Info, Locker Open Events With Time Stamps And Badge Info, Locker Open Events Marked As Open Via PIN With Supervisor Assistance (When End User Badge Is Not Available), Locker Assignments And Changes With Time Stamps And Employee Info PIN Reset Events With Time Stamps And Manager's USPS.Gov Email Address.

RECORD SOURCE CATEGORIES:

Employees; contractors; subject individuals; and other systems of records.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

Standard routine uses 1. through 9. apply.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Automated database, computer storage media, and paper.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

1. Records about building access and issuance of accountable property are retrieved by name, Social Security Number, or Employee Identification Number.

2. Records about authorized access to computer and information resources are retrieved by name, logon ID, Employee Identification Number, or other unique identifier of the individual.

3. Report and tracking data created during web-based meetings and video conferences that pertain to individual participants, content shared, conference codes and other relevant session data and historical device usage data are retrieved by meeting ID, host name or host email address.

4. Records pertaining to web-based collaboration and communication applications are retrieved by organizer name and other associated personal identifiers.

5. Media recordings created during web-based meetings and video conferences are retrieved by meeting ID, host name or host email address.

6. Records of carpools and parking facilities are retrieved by name, ZIP Code, space number, or parking license number.

7. Records pertaining to workhour data derived from RFID and Bluetooth technologies are retrieved by name, Employee Identification Number, and Bluetooth Device ID.

8. Records pertaining to transactional data are retrievable by name, EIN, and ACE ID.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

1. Building access and accountable property records are retained until termination of access or accountability.

2. Records of computer access privileges are retained 1 year after all authorizations are cancelled.

3. Report and tracking data created during web-based meeting and video conferences, such as other relevant session data and historical device usage data, are retained for twenty-four months.

4. Records pertaining to web-based collaboration and communication applications are retained for twenty-four months.

5. Web-based meeting or video session recordings are retained for twenty-four months.

6. Records of carpool membership and use of USPS parking facilities are retained 6 years.

7. Records existing on paper are destroyed by burning, pulping, or shredding. Records existing on computer storage media are destroyed according to the applicable USPS media sanitization practice.

8. Records pertaining to workhour data derived from RFID and Bluetooth technologies may be retained up to 90 days.

9. Records pertaining to transactional data are retained for two years.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

Paper records, computers, and computer storage media are located in controlled-access areas under supervision of program personnel. Access to these areas is limited to authorized personnel, who must be identified with a badge.

Access to records is limited to individuals whose official duties require such access. Contractors and licensees are subject to contract controls and unannounced on-site audits and inspections. Computers are protected by mechanical locks, card key systems, or other physical access control methods. The use of computer systems is regulated with installed security software, computer logon identifications, and operating system controls including access controls, terminal and transaction logging, and file management software.

RECORD ACCESS PROCEDURES:

Requests for access must be made in accordance with the Notification Procedure above and USPS Privacy Act regulations regarding access to records and verification of identity under 39 CFR 266.5.

CONTESTING RECORD PROCEDURES

See Notification Procedure and Record Access Procedures above.

NOTIFICATION PROCEDURES:

Inquiries for records about building access, accountable property, carpool membership, and use of USPS parking facilities must be addressed to the facility head. Inquiries about computer access authorization records must be directed to the Manager, Corporate Information Security, 475 L'Enfant Plaza SW, Suite 2141, Washington, DC 20260. For Inspection Service computer access records, inquiries must be submitted to the Inspector in Charge, Information Technology Division, 2111 Wilson Blvd., Suite 500, Arlington, VA 22201. Inquiries must include full name, Social Security Number or Employee Identification Number, and period of employment or residency at the location.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None

HISTORY:

June 21, 2023, 88 FR 40340; December 23, 2022, 87 FR 79006; August 4, 2020, 85 FR 47258; June 1, 2020, 85 FR 33210; April 11, 2014, 79 FR 20249; June 27, 2012, 77 FR 38342; June 17, 2011, 76 FR 35483; April 29, 2005, 70 FR 22516

[FR Doc. 2024-09889 Filed 5-6-24; 8:45 am]

BILLING CODE 7710-12-P