Quiero saber acerca de...

7962

Federal Register / Vol. 86, No. 21 / Wednesday, February 3, 2021 / Rules and Regulations
jbell on DSKJLSW7X2PROD with RULES

over the authority to use EDGAR access codes;
Prevent acceptance or dissemination of an attempted submission that it has reason to believe may be misleading or manipulative while evaluating the circumstances surrounding the submission, and allow acceptance or dissemination if its concerns are satisfactorily addressed;
Prevent an unauthorized submission or otherwise remove a filers access; and Remedy similar administrative issues relating to submissions.
Moreover, the proposed rule sets forth a process for the Commission to notify filers and other relevant persons as defined below of its actions under the rule as soon as reasonably practicable.
We received several comment letters in response to the proposal.4 A few commenters were generally supportive of the proposed rule, but expressed concern that the Commission may redact information from a submission without first contacting the filer.5 These commenters requested that filers be notified prior to any Commission action under the proposed rule, if possible.
These commenters also requested that the Commission always consider an issuers vendor or supplier to be a relevant person when the Commission provides notice of its actions to a filer and any relevant person.
Another commenter was generally supportive of the proposed Commission action when a submission contains Sensitive PII.6 The commenter suggested that the Commission interpret the definition of Sensitive PII
broadly. The commenter also suggested that the Commission provide that filers may initiate a request for redaction or removal of information from a submission containing Sensitive PII and that the Commission redact or remove such information if the filer demonstrates that the submission contains Sensitive PII.
After consideration of the comments received, we are adopting Rule 15
substantially as proposed.7 The rule 4 The comment letters on the Proposing Release File No. S71120 are available at https
www.sec.gov/comments/s7-11-20/s71120.htm.
5 See Comment Letters of XBRL US Oct. 5, 2020
XBRL US Comment Letter I; JT Foxx Oct.12, 2020 JT Foxx Comment Letter; Auto Connection Manassas VA Oct. 13, 2020 Auto Connection Comment Letter.
6 See Comment Letter of Ropes & Gray LLP Oct.
19, 2020 Ropes & Gray Comment Letter.
7 As discussed in more detail in Section II.A.6, we have modified 17 CFR 232.15a6 Rule 15a6
as proposed to clarify that the Commission may continue to prevent acceptance or dissemination of the submission if the Commission has reason to believe that an attempted submission may be
VerDate Sep<11>2014

15:49 Feb 02, 2021

Jkt 253001

codifies and clarifies the existing approach the Commission may take to address administrative issues that arise in connection with EDGAR
submissions. By adopting Rule 15, we believe there will be increased transparency for filers, investors, and other users of EDGAR about the actions the Commission may take to promote the reliability and integrity of EDGAR
submissions and improved efficiency in the Commissions administration of EDGAR.
Rule 15 will not change filers obligations under the Federal securities laws to ensure the accuracy and completeness of information in their EDGAR submissions. Moreover, in the vast majority of administrative and substantive EDGAR submission issues, filers will continue to address an error by submitting a filer corrective disclosure and nothing in Rule 15 will prevent a filer from continuing to do so.8 We intend to continue to rely upon filer corrective disclosure to remedy most submission errors.
Additionally, the Commission is adopting new Rule 3019 to delegate authority to the Director of the Commissions EDGAR Business Office to take actions pursuant to the following rules under Regulation ST: Rule 15, 17
CFR 232.13b Rule 13b relating to adjustment of filing dates, and 17 CFR
232.202 Rule 202 relating to the continuing hardship exemption.
II. Discussion of the Final Rules A. Adoption of Rule 15
Rule 15 specifies that, in its administration of EDGAR, the Commission may take actions to promote the reliability and integrity of EDGAR submissions. Below we discuss the types of actions the Commission may take pursuant to Rule 15 to achieve those objectives.
1. Sensitive Personally Identifiable Information We are adopting as proposed 17 CFR
232.15a1 Rule 15a1, which specifies that the Commission may, with regard to submissions on its public website: i Redact submissions containing Sensitive PII; ii remove submissions containing Sensitive PII;
misleading or manipulative and the Commissions concerns have not been satisfactorily addressed after evaluating the circumstances surrounding the attempted submission.
8 See 17 CFR 232.15c, which is being adopted as proposed nothing in this rule prevents a filer from addressing an error or mistake in the filers submission by making a filer corrective disclosure. We received no comments on this aspect of the proposal. See also, e.g., 17 CFR
232.103, 232.105, and 232.501a3.

PO 00000

Frm 00036

Fmt 4700

Sfmt 4700

and/or iii prevent dissemination of submissions containing this information.9 Pursuant to the rule, the Commission may take further steps to ensure that Sensitive PII does not reside in EDGAR and communicate as necessary with filers to facilitate submissions in which Sensitive PII is redacted.10 Whether the Commission removes, redacts, or prevents dissemination of the Sensitive PII in the submission will be based on when the Commission first becomes aware of the Sensitive PII.
One commenter suggested that the Commission interpret the definition of Sensitive PII broadly to include additional categories of information that reflect modern expectations of privacy and physical and financial security risks.11 The commenter discussed the personal and financial harm that would result from the disclosure of such information. The commenter also noted the regulatory trends in favor of expanding the categories of information that are considered sensitive or personal and facilitating safeguards for personally identifiable information generally.12
9 Sensitive PII may comprise a single item of information for example, a Social Security number or a combination of two or more items for example, a full name and financial, medical, criminal, or employment history. See Rule 15a1.
10 Although the Commission may take steps to ensure that Sensitive PII does not reside in EDGAR, the burden of the responsibility to redact such information from submissions continues to lie with the filer and not the Commission.
11 See Ropes & Gray Comment Letter noting that the Commission release, Amendments to Forms and Schedules to Remove Provision of Certain Personally Identifiable Information, Release No. 33
10846 Apr. 25, 2018 83 FR 22190 May 14, 2018
2018 PII Form Amendments Release, contemplated the removal of Social Security numbers, foreign identity numbers, dates of birth, and places of birth from certain Commission forms and schedules, and that, in the commenters view, the information referred to in the 2018 PII
Amendments Release was the minimum of what should constitute Sensitive PII for purposes of Rule 15. See also Proposing Release, supra footnote 1, at 58019 discussing the 2018 PII Form Amendments Release. The commenter requested that the Commission interpret Sensitive PII to include information such as bank account numbers and balance information, wire transfer instructions and related information e.g., the sender or recipients name, phone number, address, and bank name and credit card numbers. The commenter also requested that Sensitive PII include, among other things, email addresses and mobile phone numbers, physical addresses, login information for any bank, trading or similar account, and information associated with an individuals digital asset account.
12 See Ropes & Gray Comment Letter discussing emerging privacy regimes such as the California Consumer Privacy Act and the General Data Protection Regulation in Europe. The commenter indicated that these regimes expressly consider email addresses to be a type of personally identifiable information and are often interpreted to cover other types of information such as mobile phone numbers.

E:FRFM03FER1.SGM

03FER1