2017-28279

[Federal Register Volume 83, Number 1 (Tuesday, January 2, 2018)]

[Notices]

[Pages 104-106]

From the Federal Register Online via the Government Publishing Office [www.gpo.gov]

[FR Doc No: 2017-28297]

=======================================================================

-----------------------------------------------------------------------

COMMODITY FUTURES TRADING COMMISSION

Privacy Act of 1974; System of Records

AGENCY: Commodity Futures Trading Commission.

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: The Commodity Futures Trading Commission (CFTC or Commission)

is establishing a new system of records under the Privacy Act of 1974:

CFTC-50, LabCFTC. LabCFTC is the focal point for the CFTC's efforts to

promote responsible Financial Technology (FinTech) innovation and fair

competition for the benefit of the American public. LabCFTC is designed

to make the CFTC more accessible to FinTech innovators and serves as a

platform to inform the Commission's understanding of new technologies.

LabCFTC allows FinTech innovators to engage with the CFTC, learn about

the CFTC's regulatory framework, and obtain feedback and information on

the implementation of innovative technology ideas for the market.

Further, LabCFTC functions as an information source for the Commission

and the CFTC staff on responsible FinTech innovation that may influence

policy development. LabCFTC allows FinTech innovators to engage with

the CFTC, learn about the CFTC's regulatory framework, and obtain

feedback and information on the implementation of innovative technology

ideas for the market. New CFTC-50 addresses information collected from

individuals who submit requests and other information to CFTC through

LabCFTC.

DATES: Comments must be received on or before February 1, 2018. This

action will be effective without further notice on February 1, 2018,

unless revised pursuant to comments received.

ADDRESSES: You may submit comments identified as pertaining to

``LabCFTC'' by any of the following methods:

CFTC website: https://comments.cftc.gov. Follow the

instructions for submitting comments through the Comments Online

process on the website.

Mail: Christopher Kirkpatrick, Secretary of the

Commission, Commodity Futures Trading Commission, Three Lafayette

Centre, 1155 21st Street NW, Washington, DC 20581.

Hand Delivery/Courier: Same as Mail, above.

Federal eRulemaking Portal: http://www.regulations.gov.

Follow the instructions for submitting comments.

Please submit your comments using only one method.

All comments must be submitted in English, or if not, accompanied

by an English translation. Comments will be posted as received to

www.cftc.gov. You should submit only information that you wish to make

available publicly. If you wish the Commission to consider information

that you believe is exempt from disclosure under the Freedom of

Information Act (FOIA), a petition for confidential treatment of the

exempt information may be submitted according to the procedures

established in Sec. 145.9 of the Commission's regulations, 17 CFR

145.9.

The Commission reserves the right, but shall have no obligation, to

review, pre-screen, filter, redact, refuse, or remove any or all of a

submission from www.cftc.gov that it may deem to be inappropriate for

publication, such as obscene language. All submissions that have been

redacted or removed that contain comments on the merits of the notice

will be retained in the comment file and will be considered as required

under all applicable laws, and may be accessible under the FOIA.

FOR FURTHER INFORMATION CONTACT: Chief Privacy Officer,

privacy@cftc.gov, Office of the Executive Director, Commodity Futures

Trading Commission, Three Lafayette Centre, 1155 21st Street NW,

Washington, DC 20581.

SUPPLEMENTARY INFORMATION:

I. LabCFTC

The purpose of LabCFTC is twofold: First, to encourage responsible

FinTech innovation in the markets the CFTC oversees, and second, to

help accelerate Commission engagement with FinTech solutions that may

enable the CFTC to carry out its mission responsibilities more

effectively and efficiently. LabCFTC offers an additional, dedicated

point of contact for FinTech innovators to engage with the CFTC, learn

about the CFTC's regulatory framework, and obtain feedback on the

implementation of innovative ideas for the market. Such feedback may

include information that, particularly at an early stage, could help

innovators/entities save time and money by helping them understand

relevant regulations and the CFTC's oversight approach. LabCFTC also is

designed to

[[Page 105]]

foster and increase the CFTC's familiarity with FinTech and its

understanding of new technology that may have application within the

CFTC's own operations through collaboration with FinTech industry and

CFTC market participants. To accomplish CFTC's goals, LabCFTC will

facilitate: The monitoring of trends and developments to ensure that

CFTC's regulatory framework supports--and does not unduly impede--

responsible technological innovation; the promotion of information-

sharing about applications of FinTech, including potential use cases,

benefits, risks, and solutions; the engagement with academia, students,

and professionals on application of FinTech relevant in the CFTC space;

and the CFTC's participation in studies and research that promote

responsible FinTech innovation. Previously, this information was

generally collected under CFTC-2, Commission Correspondence files.

II. The Privacy Act

Under the Privacy Act of 1974, 5 U.S.C. 552a, a ``system of

records'' is defined as any group of records under the control of a

Federal government agency from which information about individuals is

retrieved by name or by some identifying number, symbol, or other

identifying particular assigned to the individual. The Privacy Act

establishes the means by which government agencies must collect,

maintain, and use information about an individual in a government

system of records.

Each government agency is required to publish a notice in the

Federal Register in which the agency identifies and describes each

system of records it maintains, the reasons why the agency uses the

information therein, the routine uses for which the agency will

disclose such information outside the agency, and how individuals may

exercise their rights under the Privacy Act.

In accordance with 5 U.S.C. 552a(r), CFTC has provided a report of

this system of records to the Office of Management and Budget and to

Congress.

SYSTEM NAME AND NUMBER:

LabCFTC; CFTC-50.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

This system is located at the Commodity Futures Trading Commission,

Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.

SYSTEM MANAGER(S):

General Counsel, Commodity Futures Trading Commission, Three

Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

The collection of this information is authorized under 7 U.S.C.

5(b), and the rules promulgated thereunder.

PURPOSE(S) OF THE SYSTEM:

The information in the system is being collected to assist CFTC in

communicating with interested parties to encourage responsible FinTech

innovation in the markets CFTC oversees and to help accelerate

Commission engagement with FinTech solutions that enable the CFTC to

carry out its mission responsibilities more effectively and

efficiently. The information collected facilitates communications with

FinTech innovators and the CFTC to enable innovators to learn about the

CFTC's regulatory framework and to obtain feedback and information on

the implementation of technology ideas for the market. This information

also may help initiate the adoption of new technology within the CFTC's

own mission activities through collaboration with FinTech industry and

CFTC market participants.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals covered by this system include individuals submitting

requests or inquiries and other information to CFTC through LabCFTC.

CATEGORIES OF RECORDS IN THE SYSTEM:

The system of records includes information that may contain:

Individual's name, physical address, telephone numbers (work, home,

mobile), email addresses, employer, job title, relevant work

experience, CFTC status (registrant, non-registrant), organization type

(S Corporation, Limited Liability Corporation, etc.), and other

business, business partner, or technology information that may be

linked to an individual.

RECORD SOURCE CATEGORIES:

Information in this system is obtained directly from the individual

who is submitting the information.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES

OF USERS AND THE PURPOSES OF SUCH USES:

These records and information in these records may be used:

(a) To disclose information to other financial regulators to

facilitate regulatory discussions around technology innovations;

(b) To disclose information to external committees that advise the

CFTC on the impact and implications of technological innovations on

financial services and the derivatives markets;

(c) For use in conferences or other events consistent within the

purpose of 7 U.S.C. 5(b);

(d) To disclose in any administrative proceeding before the

Commission, in any injunctive action authorized under the Commodity

Exchange Act, or in any other action or proceeding in which the

Commission or its staff participates as a party or the Commission

participates as amicus curiae;

(e) To disclose to Federal, State, local, territorial, Tribal, or

foreign agencies for use in meeting their statutory or regulatory

requirements;

(f) To disclose to any ``registered entity,'' as defined in section

1a of the Commodity Exchange Act, 7 U.S.C. 1, et seq. (``the Act''), to

the extent disclosure is authorized and will assist the registered

entity in carrying out its responsibilities under the Act. Information

may also be disclosed to any registered futures association registered

under section 17 of the Act to assist it in carrying out its self-

regulatory responsibilities under the Act, and to any national

securities exchange or national securities association registered with

the Securities and Exchange Commission to assist those organizations in

carrying out their self-regulatory responsibilities under the

Securities Exchange Act of 1934, 15 U.S.C. 78a, et seq.;

(g) To disclose to anyone during the course of a Commission

investigation if Commission staff has reason to believe that the person

to whom it is disclosed may have further information about matters

relevant to the subject of the investigation;

(h) To disclose in a public report issued by the Commission

following an investigation, to the extent that the disclosure is

authorized under section 8 of the Commodity Exchange Act, 7 U.S.C. 12;

(i) To disclose to contractors, grantees, volunteers, experts,

students, and others performing or working on a contract, service,

grant, cooperative agreement, or job for the Federal government when

necessary to accomplish an agency function;

(j) To disclose to Congress upon its request, acting within the

scope of its jurisdiction, pursuant to the Commodity Exchange Act, 7

U.S.C. 1 et seq., and the rules and regulations promulgated thereunder;

(k) To disclose to appropriate agencies, entities, and persons when

(1) the Commission suspects or has

[[Page 106]]

confirmed that there has been a breach of the system of records; (2)

the Commission has determined that as a result of the suspected or

confirmed breach there is a risk of harm to individuals, the Commission

(including its information systems, programs, and operations), the

Federal Government, or national security; and (3) the disclosure made

to such agencies, entities, and persons is reasonably necessary to

assist in connection with the Commission's efforts to respond to the

suspected or confirmed breach or to prevent, minimize, or remedy such

harm; or

(l) To disclose to another Federal agency or Federal entity, when

the Commission determines that information from this system of records

is reasonably necessary to assist the recipient agency or entity in (1)

responding to a suspected or confirmed breach or (2) preventing,

minimizing, or remedying the risk of harm to individuals, the recipient

agency or entity (including its information systems, programs, and

operations), the Federal Government, or national security, resulting

from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

The LabCFTC system of records stores records in this system

electronically or on paper in secure facilities. Electronic records are

stored on the Commission's secure network and other electronic media as

needed, such as encrypted hard drives and back-up media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Certain information covered by this system of records notice may be

retrieved by name, email address, physical address, or other unique

individual identifiers, and other types of information by keyword

search.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records for this system will be maintained until the National

Archives approves the records disposition schedules for their

disposition. After the schedules are approved, the records will be

maintained in accordance with the retention periods in the schedules.

All approved schedules are available at www.cftc.gov.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

Records are protected from unauthorized access and improper use

through administrative, technical, and physical security measures.

Administrative safeguards include written guidelines on handling

LabCFTC information. All CFTC personnel are subject to CFTC agency-wide

procedures for safeguarding personally identifiable information and

receive annual privacy and security training. Technical security

measures within CFTC include restrictions on computer access to

authorized individuals who have a legitimate need to know the

information; required use of strong passwords that are frequently

changed; multi-factor authentication for remote access and access to

many CFTC network components; use of encryption for certain data types

and transfers; firewalls and intrusion detection applications; and

regular review of security procedures and best practices to enhance

security. The technology also has a time-out function that requires

users to re-access and input information if the time limit expires.

Physical safeguards include restrictions on building access to

authorized individuals, 24-hour security guard service, and maintenance

of records in lockable offices and filing cabinets.

RECORD ACCESS PROCEDURES:

Individuals seeking to determine whether this system of records

contains information about themselves or seeking access to records

about themselves in this system of records should address written

inquiries to the Office of General Counsel, Commodity Futures Trading

Commission, Three Lafayette Centre, 1155 21st Street NW, Washington, DC

20581. See 17 CFR 146.3 for full details on what to include in a

Privacy Act access request.

CONTESTING RECORD PROCEDURES:

Individuals contesting the content of records about themselves

contained in this system of records should address written inquiries to

the Office of General Counsel, Commodity Futures Trading Commission,

Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See

17 CFR 146.8 for full details on what to include in a Privacy Act

amendment request.

NOTIFICATION PROCEDURES:

Individuals seeking notification of any records about themselves

contained in this system of records should address written inquiries to

the Office of General Counsel, Commodity Futures Trading Commission,

Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See

17 CFR 146.3 for full details on what to include in a Privacy Act

notification request.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

None.

Issued in Washington, DC, on December 27, 2017, by the

Commission.

Christopher J. Kirkpatrick,

Secretary of the Commission.

[FR Doc. 2017-28297 Filed 12-29-17; 8:45 am]

BILLING CODE 6351-01-P

 

 

Last Updated: January 2, 2018