Quiero saber acerca de...

Federal Register / Vol. 86, No. 167 / Wednesday, September 1, 2021 / Rules and Regulations Bureau has since reorganized its Operations Division and located its Privacy Program under the oversight of its Chief Data Officer. The Chief Data Officer has been designated the Bureaus Senior Agency Official for Privacy in accordance with Office of Management and Budget, M1624, Role and Designation of Senior Agency Officials for Privacy Sept. 15, 2016.
The Bureau revises the definition to reflect its reorganization and align the privacy-related authorities and responsibilities assigned to the Chief Privacy Officer in subpart E with the authorities and responsibilities of its Senior Agency Official for Privacy. The Bureau defines the term to mean Senior Agency Official for Privacy instead of Chief Data Officer currently the same Bureau official to ensure that subpart E remains aligned with the Bureau Privacy Programs structure in the event of any future reorganizations or re-designations of the Senior Agency Official for Privacy.
Section 1070.53
Records
Request for Access to
khammond on DSKJM1Z7X2PROD with RULES

Section 1070.53c Identity
Verification of
16:01 Aug 31, 2021

Jkt 253001

Privacy of the CFPB or any CFPB
employee to whom the Senior Agency Official for Privacy has delegated authority to act under this part;

3. Revise 1070.53c to read as follows:

1070.53

Request for access to records.

V. Procedural Requirements

No notice of proposed rulemaking is required under the Administrative Procedure Act APA because this rule relates solely to agency procedure and practice. 5 U.S.C. 553b. Because no notice of proposed rulemaking is required, the Regulatory Flexibility Act does not require an initial or final regulatory flexibility analysis. 5 U.S.C.
603, 604.
Finally, the Bureau has determined that this rule does not impose any new recordkeeping, reporting, or third-party disclosure requirements on members of the public that would be collections of information requiring approval under the Paperwork Reduction Act, 44 U.S.C.
3501 et seq.

c Verification of identity. To obtain access to the CFPBs records pertaining to a requester, the requester shall provide proof to the CFPB of the requesters identity as provided in paragraphs c1 and 2 of this section.

VI. Signing Authority
Section 1070.53c requires that members of the public provide proof of their identity in order to obtain access to Bureau records pursuant to the Privacy Act. Paragraph 1070.53c1, in turn, provides three methods that will be considered adequate proof of a requesters identity. The Bureau adds an additional method of identity verification, permitting verification via successful completion of a third-partys identity verification process, designated by the Bureau, where that process meets the requirements of Identity Assurance Level 2 IAL2 as described by the National Institute of Standards and Technology.
The Bureau makes this revision in order to facilitate electronic or remote identity proofing and authentication in accordance with the CASES Act of 2019, Public Law 11650, 133 Stat. 1073
2019, and the Office of Management and Budgets implementing guidance, M2104, Modernizing Access to and Consent for Disclosure of Records Subject to the Privacy Act Nov. 12, 2020. The Bureau intends to use a third-party identify verification process, available via login.gov, to facilitate electronic identity verification;
successful completion of that process will be sufficient for verifying a requesters identity pursuant to paragraph 1070.53c1. The Bureau proposes to use generic language in the
VerDate Sep<11>2014

regulations description of this process in order to retain flexibility to use other identity-verification products in the future as needed. Only a third-party identity verification process that is designated by the Bureau will be deemed a sufficient method of identity verification for purposes of paragraph 1070.53c1.

48901

The Acting Director of the Bureau, David Uejio, having reviewed and approved this document, is delegating the authority to electronically sign this document to Laura Galban, a Bureau Federal Register Liaison, for purposes of publication in the Federal Register.
List of Subjects in 12 CFR Part 1070
Confidential business information;
Consumer protection; Freedom of information; Privacy.
Authority and Issuance For the reasons set forth in the preamble, the Bureau amends 12 CFR
part 1070 to read as follows:
PART 1070DISCLOSURE OF
RECORDS AND INFORMATION
1. The authority citation continues to read as follows:

Authority: 12 U.S.C. 5481 et seq.; 5 U.S.C.
552; 5 U.S.C. 552a; 18 U.S.C. 1905; 18 U.S.C.
641; 44 U.S.C. ch. 31; 44 U.S.C. ch. 35; 12
U.S.C. 3401 et seq.

Subpart EPrivacy Act 2. Revise 1070.50b1 to read as follows:

1070.50

Purpose and scope; definitions.

b
1 The term Chief Privacy Officer means the Senior Agency Official for
PO 00000

Frm 00015

Fmt 4700

Sfmt 4700

1 In general, the following will be considered adequate proof of a requesters identity:
i A photocopy of two forms of identification, including one form of identification that bears the requesters photograph, and one form of identification that bears the requesters signature;
ii A photocopy of a single form of identification that bears both the requesters photograph and signature;
iii A statement swearing or affirming the requesters identity and to the fact that the requester understands the penalties provided in 5 U.S.C.
552ai3; or iv Successful completion of a thirdpartys identity verification process, designated by the Bureau, where that process meets the requirements of Identity Assurance Level 2 IAL2 as described by the National Institute of Standards and Technology.
2 Notwithstanding paragraph c1
of this section, a designated official may require additional proof of the requesters identity before action will be taken on any request, if such official determines that it is necessary to protect against unauthorized disclosure of information in a particular case. In addition, if a requester seeks records pertaining to an individual in the requesters capacity as that individuals guardian, the requester shall be required to provide adequate proof of the requesters legal relationship before action will be taken on any request.

Dated: August 25, 2021.
Laura Galban, Federal Register Liaison, Bureau of Consumer Financial Protection.
FR Doc. 202118589 Filed 83121; 8:45 am BILLING CODE 4810AMP

E:FRFM01SER1.SGM

01SER1