32 CFR 505.12 - Privacy Act enforcement actions.

§ 505.12 Privacy Act enforcement actions.

(a)Judicial sanctions. The Act has both civil remedies and criminal penalties for violations of its provisions.

(1)Civil remedies. The DA is subject to civil remedies for violations of the Privacy Act. In addition to specific remedial actions, 5 U.S.C. 552a(g) may provide for the payment of damages, court costs, and attorney's fees.

(2)Criminal penalties. A DA official or employee may be found guilty of a misdemeanor and fined not more than $5,000 for willfully -

(i) Disclosing individually identifiable personal information to one not entitled to the information;

(ii) Requesting or obtaining information from another's record under false pretenses; or

(iii) Maintaining a system of records without first meeting the public notice requirements of the Act.

(b)Litigation Status Sheet.

(1) When a complaint citing the Privacy Act is filed in a U.S. District Court against the Department of the Army, an Army Component, a DA Official, or any Army employee, the responsible system manager will promptly notify the Army Litigation Division, U.S. Army Legal Services Agency (USALSA), 9275 Gunston Road, Fort Belvoir, VA 22060.

(2) The Litigation Status Sheet at appendix E of this part provides a standard format for this notification. At a minimum, the initial notification will have items (a) through (f) provided.

(3) A revised Litigation Status Sheet must be provided at each stage of the litigation.

(4) When a court renders a formal opinion or judgment, copies must be provided to the Defense Privacy Office by the Army Litigation Division.

(c)Administrative remedies - Privacy Act complaints.

(1) The installation level Privacy Act Officer is responsible for processing Privacy Act complaints or allegations of Privacy Act violations. Guidance should be sought from the local Staff Judge Advocate and coordination made with the system manager to assist in the resolution of Privacy Act complaints. The local Privacy Act officer is responsible for -

(i) Reviewing allegations of Privacy Act violations and the evidence provided by the complainants;

(ii) Making an initial assessment as to the validity of the complaint, and taking appropriate corrective action;

(iii) Coordinating with the local Staff Judge Advocate to determine whether a more formal investigation such as a commander's inquiry or an AR 15-6 investigation is appropriate; and

(iv) Ensuring the decision at the local level from either the Privacy Act Officer or other individual who directed a more formal investigation is provided to the complainant in writing.

(2) The decision at the local level may be appealed to the next higher command level Privacy Act Officer.

(3) A legal review from the next higher command level Privacy Act Officer's servicing Staff Judge Advocate is required prior to action on the appeal.

[ 71 FR 46052, Aug. 10, 2006, as amended at 78 FR 18473, Mar. 27, 2013]

This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.

This list is taken from the Parallel Table of Authorities and Rules provided by GPO [Government Printing Office].

It is not guaranteed to be accurate or up-to-date, though we do refresh the database weekly. More limitations on accuracy are described at the GPO site.

United States Code
Statutes at Large
Public Laws

Title 32 published on 16-Jun-2018 03:56

The following are ALL rules, proposed rules, and notices (chronologically) published in the Federal Register relating to 32 CFR Part 505 after this date.

  • 2016-08-10; vol. 81 # 154 - Wednesday, August 10, 2016
    1. 81 FR 52767 - Army Privacy Program
      GPO FDSys XML | Text
      DEPARTMENT OF DEFENSE, Department of the Army
      Direct final rule.
      The rule will be effective October 19, 2016 unless comments are received that would result in a contrary determination. Comments will be accepted on or before October 11, 2016.
      32 CFR Part 505