29 CFR § 4902.12 - Specific exemptions: Insider Threat and Data Loss Prevention.
(a) Exemption. Under the authority granted by 5 U.S.C. 552a(k)(2), PBGC hereby exempts the system of records entitled “PBGC–26, PBGC Insider Threat and Data Loss Prevention—PBGC” from the provisions of 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I) and (f).
(b) Reasons for exemption. The reasons for asserting the exemption in this section are because the disclosure and other requirements of the Privacy Act could substantially compromise the efficacy and integrity of PBGC's ability to investigate insider threat activities and the improper exfiltration of personally identifiable information. Disclosure could invade the privacy of other individuals and disclose their identity when they were expressly promised confidentiality. Disclosure could interfere with the integrity of information which would otherwise be subject to privileges, see, e.g., 5 U.S.C. 552(b)(5), and which could interfere with other important law enforcement concerns, see, e.g., 5 U.S.C. 552(b)(7).