2017-28279
[Federal Register Volume 83, Number 1 (Tuesday, January 2, 2018)]
[Notices]
[Pages 104-106]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-28297]
=======================================================================
-----------------------------------------------------------------------
COMMODITY FUTURES TRADING COMMISSION
Privacy Act of 1974; System of Records
AGENCY: Commodity Futures Trading Commission.
ACTION: Notice of a new system of records.
-----------------------------------------------------------------------
SUMMARY: The Commodity Futures Trading Commission (CFTC or Commission)
is establishing a new system of records under the Privacy Act of 1974:
CFTC-50, LabCFTC. LabCFTC is the focal point for the CFTC's efforts to
promote responsible Financial Technology (FinTech) innovation and fair
competition for the benefit of the American public. LabCFTC is designed
to make the CFTC more accessible to FinTech innovators and serves as a
platform to inform the Commission's understanding of new technologies.
LabCFTC allows FinTech innovators to engage with the CFTC, learn about
the CFTC's regulatory framework, and obtain feedback and information on
the implementation of innovative technology ideas for the market.
Further, LabCFTC functions as an information source for the Commission
and the CFTC staff on responsible FinTech innovation that may influence
policy development. LabCFTC allows FinTech innovators to engage with
the CFTC, learn about the CFTC's regulatory framework, and obtain
feedback and information on the implementation of innovative technology
ideas for the market. New CFTC-50 addresses information collected from
individuals who submit requests and other information to CFTC through
LabCFTC.
DATES: Comments must be received on or before February 1, 2018. This
action will be effective without further notice on February 1, 2018,
unless revised pursuant to comments received.
ADDRESSES: You may submit comments identified as pertaining to
``LabCFTC'' by any of the following methods:
CFTC website: https://comments.cftc.gov. Follow the
instructions for submitting comments through the Comments Online
process on the website.
Mail: Christopher Kirkpatrick, Secretary of the
Commission, Commodity Futures Trading Commission, Three Lafayette
Centre, 1155 21st Street NW, Washington, DC 20581.
Hand Delivery/Courier: Same as Mail, above.
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Please submit your comments using only one method.
All comments must be submitted in English, or if not, accompanied
by an English translation. Comments will be posted as received to
www.cftc.gov. You should submit only information that you wish to make
available publicly. If you wish the Commission to consider information
that you believe is exempt from disclosure under the Freedom of
Information Act (FOIA), a petition for confidential treatment of the
exempt information may be submitted according to the procedures
established in Sec. 145.9 of the Commission's regulations, 17 CFR
145.9.
The Commission reserves the right, but shall have no obligation, to
review, pre-screen, filter, redact, refuse, or remove any or all of a
submission from www.cftc.gov that it may deem to be inappropriate for
publication, such as obscene language. All submissions that have been
redacted or removed that contain comments on the merits of the notice
will be retained in the comment file and will be considered as required
under all applicable laws, and may be accessible under the FOIA.
FOR FURTHER INFORMATION CONTACT: Chief Privacy Officer,
[email protected], Office of the Executive Director, Commodity Futures
Trading Commission, Three Lafayette Centre, 1155 21st Street NW,
Washington, DC 20581.
SUPPLEMENTARY INFORMATION:
I. LabCFTC
The purpose of LabCFTC is twofold: First, to encourage responsible
FinTech innovation in the markets the CFTC oversees, and second, to
help accelerate Commission engagement with FinTech solutions that may
enable the CFTC to carry out its mission responsibilities more
effectively and efficiently. LabCFTC offers an additional, dedicated
point of contact for FinTech innovators to engage with the CFTC, learn
about the CFTC's regulatory framework, and obtain feedback on the
implementation of innovative ideas for the market. Such feedback may
include information that, particularly at an early stage, could help
innovators/entities save time and money by helping them understand
relevant regulations and the CFTC's oversight approach. LabCFTC also is
designed to
[[Page 105]]
foster and increase the CFTC's familiarity with FinTech and its
understanding of new technology that may have application within the
CFTC's own operations through collaboration with FinTech industry and
CFTC market participants. To accomplish CFTC's goals, LabCFTC will
facilitate: The monitoring of trends and developments to ensure that
CFTC's regulatory framework supports--and does not unduly impede--
responsible technological innovation; the promotion of information-
sharing about applications of FinTech, including potential use cases,
benefits, risks, and solutions; the engagement with academia, students,
and professionals on application of FinTech relevant in the CFTC space;
and the CFTC's participation in studies and research that promote
responsible FinTech innovation. Previously, this information was
generally collected under CFTC-2, Commission Correspondence files.
II. The Privacy Act
Under the Privacy Act of 1974, 5 U.S.C. 552a, a ``system of
records'' is defined as any group of records under the control of a
Federal government agency from which information about individuals is
retrieved by name or by some identifying number, symbol, or other
identifying particular assigned to the individual. The Privacy Act
establishes the means by which government agencies must collect,
maintain, and use information about an individual in a government
system of records.
Each government agency is required to publish a notice in the
Federal Register in which the agency identifies and describes each
system of records it maintains, the reasons why the agency uses the
information therein, the routine uses for which the agency will
disclose such information outside the agency, and how individuals may
exercise their rights under the Privacy Act.
In accordance with 5 U.S.C. 552a(r), CFTC has provided a report of
this system of records to the Office of Management and Budget and to
Congress.
SYSTEM NAME AND NUMBER:
LabCFTC; CFTC-50.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
This system is located at the Commodity Futures Trading Commission,
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.
SYSTEM MANAGER(S):
General Counsel, Commodity Futures Trading Commission, Three
Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The collection of this information is authorized under 7 U.S.C.
5(b), and the rules promulgated thereunder.
PURPOSE(S) OF THE SYSTEM:
The information in the system is being collected to assist CFTC in
communicating with interested parties to encourage responsible FinTech
innovation in the markets CFTC oversees and to help accelerate
Commission engagement with FinTech solutions that enable the CFTC to
carry out its mission responsibilities more effectively and
efficiently. The information collected facilitates communications with
FinTech innovators and the CFTC to enable innovators to learn about the
CFTC's regulatory framework and to obtain feedback and information on
the implementation of technology ideas for the market. This information
also may help initiate the adoption of new technology within the CFTC's
own mission activities through collaboration with FinTech industry and
CFTC market participants.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by this system include individuals submitting
requests or inquiries and other information to CFTC through LabCFTC.
CATEGORIES OF RECORDS IN THE SYSTEM:
The system of records includes information that may contain:
Individual's name, physical address, telephone numbers (work, home,
mobile), email addresses, employer, job title, relevant work
experience, CFTC status (registrant, non-registrant), organization type
(S Corporation, Limited Liability Corporation, etc.), and other
business, business partner, or technology information that may be
linked to an individual.
RECORD SOURCE CATEGORIES:
Information in this system is obtained directly from the individual
who is submitting the information.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
These records and information in these records may be used:
(a) To disclose information to other financial regulators to
facilitate regulatory discussions around technology innovations;
(b) To disclose information to external committees that advise the
CFTC on the impact and implications of technological innovations on
financial services and the derivatives markets;
(c) For use in conferences or other events consistent within the
purpose of 7 U.S.C. 5(b);
(d) To disclose in any administrative proceeding before the
Commission, in any injunctive action authorized under the Commodity
Exchange Act, or in any other action or proceeding in which the
Commission or its staff participates as a party or the Commission
participates as amicus curiae;
(e) To disclose to Federal, State, local, territorial, Tribal, or
foreign agencies for use in meeting their statutory or regulatory
requirements;
(f) To disclose to any ``registered entity,'' as defined in section
1a of the Commodity Exchange Act, 7 U.S.C. 1, et seq. (``the Act''), to
the extent disclosure is authorized and will assist the registered
entity in carrying out its responsibilities under the Act. Information
may also be disclosed to any registered futures association registered
under section 17 of the Act to assist it in carrying out its self-
regulatory responsibilities under the Act, and to any national
securities exchange or national securities association registered with
the Securities and Exchange Commission to assist those organizations in
carrying out their self-regulatory responsibilities under the
Securities Exchange Act of 1934, 15 U.S.C. 78a, et seq.;
(g) To disclose to anyone during the course of a Commission
investigation if Commission staff has reason to believe that the person
to whom it is disclosed may have further information about matters
relevant to the subject of the investigation;
(h) To disclose in a public report issued by the Commission
following an investigation, to the extent that the disclosure is
authorized under section 8 of the Commodity Exchange Act, 7 U.S.C. 12;
(i) To disclose to contractors, grantees, volunteers, experts,
students, and others performing or working on a contract, service,
grant, cooperative agreement, or job for the Federal government when
necessary to accomplish an agency function;
(j) To disclose to Congress upon its request, acting within the
scope of its jurisdiction, pursuant to the Commodity Exchange Act, 7
U.S.C. 1 et seq., and the rules and regulations promulgated thereunder;
(k) To disclose to appropriate agencies, entities, and persons when
(1) the Commission suspects or has
[[Page 106]]
confirmed that there has been a breach of the system of records; (2)
the Commission has determined that as a result of the suspected or
confirmed breach there is a risk of harm to individuals, the Commission
(including its information systems, programs, and operations), the
Federal Government, or national security; and (3) the disclosure made
to such agencies, entities, and persons is reasonably necessary to
assist in connection with the Commission's efforts to respond to the
suspected or confirmed breach or to prevent, minimize, or remedy such
harm; or
(l) To disclose to another Federal agency or Federal entity, when
the Commission determines that information from this system of records
is reasonably necessary to assist the recipient agency or entity in (1)
responding to a suspected or confirmed breach or (2) preventing,
minimizing, or remedying the risk of harm to individuals, the recipient
agency or entity (including its information systems, programs, and
operations), the Federal Government, or national security, resulting
from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
The LabCFTC system of records stores records in this system
electronically or on paper in secure facilities. Electronic records are
stored on the Commission's secure network and other electronic media as
needed, such as encrypted hard drives and back-up media.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Certain information covered by this system of records notice may be
retrieved by name, email address, physical address, or other unique
individual identifiers, and other types of information by keyword
search.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Records for this system will be maintained until the National
Archives approves the records disposition schedules for their
disposition. After the schedules are approved, the records will be
maintained in accordance with the retention periods in the schedules.
All approved schedules are available at www.cftc.gov.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Records are protected from unauthorized access and improper use
through administrative, technical, and physical security measures.
Administrative safeguards include written guidelines on handling
LabCFTC information. All CFTC personnel are subject to CFTC agency-wide
procedures for safeguarding personally identifiable information and
receive annual privacy and security training. Technical security
measures within CFTC include restrictions on computer access to
authorized individuals who have a legitimate need to know the
information; required use of strong passwords that are frequently
changed; multi-factor authentication for remote access and access to
many CFTC network components; use of encryption for certain data types
and transfers; firewalls and intrusion detection applications; and
regular review of security procedures and best practices to enhance
security. The technology also has a time-out function that requires
users to re-access and input information if the time limit expires.
Physical safeguards include restrictions on building access to
authorized individuals, 24-hour security guard service, and maintenance
of records in lockable offices and filing cabinets.
RECORD ACCESS PROCEDURES:
Individuals seeking to determine whether this system of records
contains information about themselves or seeking access to records
about themselves in this system of records should address written
inquiries to the Office of General Counsel, Commodity Futures Trading
Commission, Three Lafayette Centre, 1155 21st Street NW, Washington, DC
20581. See 17 CFR 146.3 for full details on what to include in a
Privacy Act access request.
CONTESTING RECORD PROCEDURES:
Individuals contesting the content of records about themselves
contained in this system of records should address written inquiries to
the Office of General Counsel, Commodity Futures Trading Commission,
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See
17 CFR 146.8 for full details on what to include in a Privacy Act
amendment request.
NOTIFICATION PROCEDURES:
Individuals seeking notification of any records about themselves
contained in this system of records should address written inquiries to
the Office of General Counsel, Commodity Futures Trading Commission,
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See
17 CFR 146.3 for full details on what to include in a Privacy Act
notification request.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
None.
Issued in Washington, DC, on December 27, 2017, by the
Commission.
Christopher J. Kirkpatrick,
Secretary of the Commission.
[FR Doc. 2017-28297 Filed 12-29-17; 8:45 am]
BILLING CODE 6351-01-P
Last Updated: January 2, 2018