83 F.3d 1453 | D.C. Cir. | 1996
317 U.S.App.D.C. 405
Wanda HENKE, Appellee,
v.
UNITED STATES DEPARTMENT OF COMMERCE and National Science
Foundation, Appellants.
No. 95-5195.
United States Court of Appeals,
District of Columbia Circuit.
Argued March 19, 1996.
Decided May 17, 1996.
[317 U.S.App.D.C. 407] Appeal from the United States District Court for the District of Columbia (No. 94cv00189).
Wendy M. Keats, Attorney, United States Department of Justice, argued the cause for appellants, with whom Frank W. Hunger, Assistant Attorney General, Leonard Schaitman, Attorney and Eric H. Holder, Jr., United States Attorney, were on the briefs.
Eric R. Glitzenstein, Washington, DC, argued the cause for appellee, with whom Katherine A. Meyer was on the brief.
Before: WALD, GINSBURG and HENDERSON, Circuit Judges.
Opinion for the Court filed by Circuit Judge WALD.
WALD, Circuit Judge:
The issue in this case is whether the Department of Commerce's Advanced Technology Program ("ATP") maintains a "system of records" containing "records" about appellee Wanda Henke, within the meaning of the Privacy Act, 5 U.S.C. § 552a (1994) ("Act"). Henke is the President and co-owner of Dynamic In Situ Geotechnical Testing, Inc. ("Dynamic")--a company which develops earthquake engineering technology. Between 1990 and 1992 Dynamic submitted three applications for competitive high-technology grants from the ATP, each of which was reviewed by technology and business experts as well as members of the ATP staff, and each of which was denied funding. Although the ATP provided Henke with oral summaries of the reviewers' comments, it declined to release copies of the actual reviews or evaluations. Henke then filed a request under the Privacy Act, seeking disclosure of the reviews. The ATP continued to refuse to disclose the reviews, claiming that it did not maintain a "system of records" within the meaning of the Privacy Act, because it did not systematically file and retrieve information about individuals which was indexed by their names. Henke, however, argued that the ATP's groups of paper files and computer databases fell within the Act's definition.
Under the ATP's computer system, when grant proposals are received, an ATP employee enters administrative information (e.g., name of company, address, telephone number, e-mail address, technology area of [317 U.S.App.D.C. 408] the proposal, name of contact person) into a database for that proposal. In each of Dynamic's three proposals, Henke had listed herself as Dynamic's contact person, and her name was entered in that field. Henke thus argued that a system of records existed because it was possible for an ATP employee to enter "Wanda Henke" into the computer, have the computer search for every proposal in which Henke was listed as a contact person, and then use the proposal numbers to go into the ATP's file room, find those proposals, and obtain information which was arguably "about" Henke (since she happened to be one of two scientists at Dynamic). The ATP acknowledged that while it could theoretically retrieve information this way, it did not in practice use the system that way, but instead used the computer databases for routine administrative purposes, such as organizing the peer reviews by the type of technology involved.
The district court, however, agreed with Henke that the ATP's retrieval capability was sufficient to create a system of records keyed to individuals. It ruled that while the text of the Privacy Act was inconclusive on the retrieval capability point, the Act's legislative history and policies supported an expansive view of "system of records." We find, however, that not only is Henke's position contrary to the plain language of the Privacy Act, but that it is also inconsistent with the policies underlying the Act. We hold therefore that in the case of a program like the ATP which does not have an investigatory function, which obtains the names of individuals only as an administrative adjunct to a grant-making program focusing on businesses, and which has presented evidence that it does not in practice use its system to retrieve information keyed to individuals, a "system of records" does not exist with respect to those individuals. Accordingly, we vacate the judgment of the district court, and remand for the district court to enter summary judgment in favor of the Department of Commerce.
I. BACKGROUND
A. The Privacy Act
The Privacy Act of 1974 "safeguards the public from unwarranted collection, maintenance, use and dissemination of personal information contained in agency records ... by allowing an individual to participate in ensuring that his records are accurate and properly used." Bartel v. F.A.A., 725 F.2d 1403, 1407 (D.C.Cir.1984). To that end, the Act requires any agency which maintains a "system of records" to publish at least annually a statement in the Federal Register describing that system.1 Such notice must include, among other things, "the name and location of the system," the "categories of individuals on whom records are maintained in the system," the "categories of users and purposes of their use," and "the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records." 5 U.S.C. § 552a(e)(4). In addition, any agency which maintains a system of records must
upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him ... to review the record and have a copy made of all or any portion thereof in a form comprehensible to him....
5 U.S.C. § 552a(d)(1).
The Privacy Act--unlike the Freedom of Information Act--does not have disclosure as its primary goal. Rather, the main purpose of the Privacy Act's disclosure requirement is to allow individuals on whom information is being compiled and retrieved [317 U.S.App.D.C. 409] the opportunity to review the information and request that the agency correct any inaccuracies. See 5 U.S.C. § 552a(d)(2) (permitting individual to request amendment of her record due to inaccurate, irrelevant or incomplete information).2 Agencies are, however, authorized to promulgate rules to exempt certain records within a system from disclosure, such as "investigatory material compiled for law enforcement purposes ... [or] investigatory material compiled solely for the purpose of determining suitability, eligibility, or qualifications for Federal civilian employment, military service, Federal contracts, or access to classified information." 5 U.S.C. § 552a(k).
B. Advanced Technology Program
The Department of Commerce's Advanced Technology Program was established in 1990 to "improv[e] the competitive position of the United States and its businesses" by making grants to American businesses to assist in the development of high-risk technologies. 15 U.S.C. § 278n; 15 C.F.R. Part 295.3 The ATP program accepts grant proposals only from businesses (or joint ventures involving a business), and submits those proposals to technical and business experts who review them to determine whether the project has "the potential for eventual substantial widespread commercial application," and whether the applying company has "the requisite ability in research and technology development and management in the project area in which the grant, contract, or cooperative agreement is being sought." 15 U.S.C. § 278n(d)(10); 15 C.F.R. § 295.3.4 Based on these recommendations and the program's budget constraints, the ATP makes a final decision on funding, approving approximately 10% of all proposals. See Stogsdill Decl. p 11, reprinted in App. 29.
The ATP maintains information about these proposals both in paper files and in a collection of computer databases--neither of which the ATP has recognized as a "system of records." Each of the paper files is labeled with a unique proposal number which identifies the year of the competition, the specific competition number within that year, and the order in which the proposal was received (e.g., "93-2-0018"). Each paper file contains the grant proposal itself, any business or technical expert reviews, documentation from the ATP staff, debriefing worksheets, administrative checklists, and copies of correspondence with the business. In short, the paper file contains the comprehensive record of the proposal. The only way these files are indexed and retrieved is by their proposal number. See generally Stogsdill Decl. pp 13-14, reprinted in App. 29-30.
In addition, the ATP maintains for each individual competition a separate computer database, organized around approximately 70 different "fields." When a proposal arrives, an ATP employee enters into those fields administrative information about the proposal such as the name of the organization, its mailing address, its e-mail address, its telephone [317 U.S.App.D.C. 410] number, its fax number, whether it is a for-profit organization, the congressional district of the business, whether the proposal contains proprietary information, the type of technology involved in the proposal, whether it is a new or revised proposal, and--of greatest import here--the name of a "technical contact" at the applying organization. See Stogsdill Decl. p 15, reprinted in App. 30; ATP Database Information, reprinted in App. 72-73.
These databases are designed to allow searching by fields. Thus, for example, if the ATP wished to compile a list of every proposal submitted from Tennessee's Third Congressional District, an ATP employee could go into each database,5 enter the code for that district, and pull up a screen with all of the administrative information for each of those proposals. Similarly, the ATP could use the databases to sort the proposals according to technology area, which would help the program facilitate its technical reviews. See Stogsdill Decl. p 16, reprinted in App. 31. The computer databases contain only administrative information, and do not contain the text of the grant proposals, technical reviews, or any of the other information contained in the ATP's paper files. However, if an authorized ATP employee were to perform a computer search and retrieve a proposal's number, the employee could make note of that number, go to the paper files, and obtain that information.6
C. Dynamic's Proposals
Between 1990 and 1992, Dynamic submitted three proposals for ATP funding. In its 1990 proposal, Henke was listed as Dynamic's "contact person"--one of the fields used in the databases. In Dynamic's 1991 and 1992 proposals, Henke was listed as "technical contact," "business contact" and "organizational representative," also fields in the databases.7
After each of Dynamic's proposals was denied, the ATP staff provided Henke with an extensive oral debriefing discussing the relative strengths and weaknesses of the proposal as seen by the reviewers and the ATP staff. Though the oral debriefings discussed some of the comments of the reviewers and the ATP staff, none of those individuals was identified by name. The ATP did not provide Henke with copies of the actual reviews or evaluations.
D. Henke's Litigation
In December, 1992, Wanda Henke and her husband Robert filed requests under the Freedom of Information Act ("FOIA"), 5 U.S.C. § 552, and the Privacy Act, 5 U.S.C. § 552a, for all information in the possession of the ATP program relating to Dynamic, Wanda Henke, or Robert Henke. The ATP refused to disclose the confidential technical and business reviews in Dynamic's files under FOIA, citing its deliberative process and personal privacy exemptions--an issue which is not the subject of this appeal. In addition, the ATP refused to disclose the information under the Privacy Act, claiming that the computer databases did not constitute a "system of records" for purposes of the Act, because it did not in practice use the computer system to retrieve information about Wanda or Robert Henke which was indexed by either of their names. The Henkes then filed a Privacy Act claim in the district [317 U.S.App.D.C. 411] court.8
After allowing limited discovery, the district court granted summary judgment in favor of Henke, finding that the ATP did in fact maintain a "system of records ... with respect to Wanda Henke" and that the information she was seeking either "pertains to her or, in the alternative, is her 'record.' " Mem. op. at 3-4. As the district court put it, the goals of the Privacy Act would be frustrated if the ATP were maintaining inaccurate information about Henke, yet she could not get access to that information. The district court expressed concern that the ATP's "approach could also result in an anomaly wherein Privacy Act rights wax or wane depending on whether an agency happens to be employing, at any particular moment, its existing computer capability to retrieve records through the names of individuals." Mem. op. at 11-12.
Thus, the court rejected as immaterial the ATP's assertion that it did not in practice retrieve information about individuals by using a contact person's name, finding instead that "an agency's existing capability to retrieve information by reference to an individual's name creates a 'system of records.' " Mem. op. at 7 (emphasis added). Finding the text of the Privacy Act inconclusive on what constitutes a "system of records," the court turned to the legislative history, in which it said it found no support for the ATP's "restrictive approach." Mem. op. at 11.9 Accordingly, the court ordered the ATP to disclose the confidential peer reviews.
II. DISCUSSION
A. The Meaning of a "System of Records"
We start with "the fundamental canon that statutory interpretation begins with the language of the statute itself." Pennsylvania Dep't of Public Welfare v. Davenport, 495 U.S. 552, 557-58, 110 S. Ct. 2126, 2130, 109 L. Ed. 2d 588 (1990). In every case, however, we must recognize that "the meaning of statutory language, plain or not, depends on context," King v. St. Vincent's Hosp., 502 U.S. 215, 221, 112 S. Ct. 570, 574, 116 L. Ed. 2d 578 (1991), a concern which is brought into high relief here by the fact that the determination that a system of records exists triggers virtually all of the other substantive provisions of the Privacy Act, such as an individual's right to receive copies and to request amendment of her records.
In this case, both Henke and the ATP argue that the statute's plain meaning supports their respective constructions. Henke argues that the Act's language clearly supports the district court's conclusion that an agency maintains a system of records where it has the capability to retrieve information about an individual which is indexed under her name.10 The ATP argues the opposite, claiming that the Act's statement that a system exists if information keyed to an individual "is retrieved" by the agency means that unless an agency has an actual practice of retrieving information by an individual's name, there is no system of records.
Henke's textual argument is unconvincing, for it does not take account of Congress' definition of a system of records as a "group of records ... from which information is retrieved by the name of the individual...." 5 U.S.C. § 552a(a)(5) (emphasis added). Henke's argument would be stronger if Congress had used words which more clearly suggested that retrieval capability would be enough to create a system of records [317 U.S.App.D.C. 412] --something individual Members of Congress had in fact attempted to do in other bills introduced before the enactment of the Privacy Act. The Records Disclosure Privacy Act of 1974, for example, would have applied where an agency "maintains records ... which may be retrieved by reference to, or are indexed under such person's name...." H.R. 12206, 93d Cong., 2d Sess. (1974) (emphasis added). And another bill introduced later that year would have applied to information which was "computer-accessible or manual-accessible," words clearly connoting retrieval capability. H.R. 13872, 93d Cong., 2d Sess. (1974) (emphasis added). But in the Privacy Act itself, Congress used the words "is retrieved," which suggest strongly that a group of records should generally not be considered a system of records unless there is actual retrieval of records keyed to individuals.11
Not surprisingly, therefore, this court and others have previously concluded that retrieval capability is not sufficient to create a system of records. See, e.g., Bartel v. F.A.A., 725 F.2d at 1408 n. 10 ("To be in a system of records, a record must ... in practice [be] retrieved by an individual's name or other personal identifier.") (emphasis added); Baker v. Dep't of Navy, 814 F.2d 1381, 1383 (9th Cir.) (deferring to a Navy Regulation stating that a " 'system of records' is ... [a] group of records from which information 'is', as opposed to 'can be', retrieved by the name of the individual"), cert. denied, 484 U.S. 963, 108 S. Ct. 450, 98 L. Ed. 2d 390 (1987). While Bartel did not focus on the definition of a system of records, our statement there tends to deflate Henke's claim that under the plain language of the statute, retrieval capability is enough to transform a group of records into a system of records.
The ATP's construction, on the other hand, is more consistent not only with the language of the statute but with the policies underlying the Act.12 As discussed above, the ATP's interpretation takes account of Congress' use of the words "is retrieved" in the statute. [317 U.S.App.D.C. 413] Moreover, as the ATP points out, under Henke's theory that mere retrieval capability creates a system of records, an agency faces the threat of being found retrospectively to be maintaining a system of records it did not even know existed, simply by dint of a potential use it neither engaged in nor contemplated. This in turn would create serious compliance problems for the agency, because if it had not recognized that it maintained a system of records and had therefore not published notice of its system in the Federal Register, then neither would it have followed the procedures necessary to invoke the exemptions in the Privacy Act which Congress intended to protect disclosure of national security information, confidential law enforcement information, or other information from confidential sources. See 5 U.S.C. §§ 552a(j), (k). Indeed, were we to find that the ATP was maintaining a system of records here, the agency would not be entitled to invoke exemption (k)(5) of the Act, which protects the disclosure of "investigatory material compiled solely for the purpose of determining eligibility for ... Federal contracts," because not knowing that it has a system of records keyed to technical contacts, the ATP has never published the necessary rules to invoke this exemption. Cf. Henke v. Dep't of Commerce, 83 F.3d 1445 (D.C.Cir.1996) (NSF has acknowledged that it has a system of records and has promulgated the necessary rules to invoke the section (k)(5) exemption).
This is not to suggest that an agency may simply refuse to acknowledge that it maintains a system of records and thereby insulate itself from the reach of the Privacy Act. To the contrary, if there is evidence that an agency in practice retrieves information about individuals by reference to their names, the mere fact that the agency has not acknowledged that it operates a system of records will not protect it from the statutory consequences of its actions. On the other hand, there is no magic number of incidental or ad hoc retrievals by reference to an individual's name which will transform a group of records into a system of records keyed to individuals.
One factor in deciding whether such a system exists, obviously, is the purpose for which the information on individuals is being gathered, an approach which is consistent with Congress' distinction between a mere group of records and a system of records.13 Thus, as in the case with the ATP program, where information about individuals is only being gathered as an administrative adjunct to a grant-making program which focuses on businesses and where the agency has presented evidence that it has no practice of retrieving information keyed to individuals, the agency should not be viewed as maintaining a system of records. On the other hand, where an agency--such as the FBI--is compiling information about individuals primarily for investigatory purposes, Privacy Act concerns are at their zenith, and if there is evidence of even a few retrievals of information keyed to individuals' names, it may well be the case that the agency is maintaining a system of records. We hold therefore that in determining whether an agency maintains a system of records keyed to individuals, the court should view the entirety of the situation, including the agency's function, the purpose for which the information was gathered, and the agency's actual retrieval practice and policies.
B. Applying this Test
The final question is whether the ATP was in fact maintaining a system of records with respect to Henke. As we have suggested above, the fact that the ATP's purpose in requesting the name of a technical contact was essentially administrative and was not necessary to the conduct of any of the ATP's core programmatic purposes weighs strongly against allowing a few isolated incidents of retrieval to transform the group of records contained in its paper files and computer databases into a system of [317 U.S.App.D.C. 414] records about Henke.14 The ATP gives grants to businesses, not to individuals, and does not maintain its computer database in order to retrieve information on individuals.
Henke has not seriously disputed the ATP's assertion that an applicant's prospects for receiving a grant will not turn on who it names as a technical contact, nor does she dispute the ATP's claim that the "technical contact" designated by the company applying for an ATP grant need not be responsible for directing any part of the project. As the ATP argues, "[t]he company could choose anyone--any scientist, technician, patent expert, grants expert, an outside consultant who may have assisted in preparing the proposal.... The ATP program takes no notice, one way or the other, of any individual characteristics of the 'contact' person chosen." Appellant's Reply Brief at 8.15 Indeed, in 1990, the first year of the ATP competitions, the ATP did not ask applicants for a "business" or "technical" contact, but instead asked them only to designate "the person to be contacted on matters involving this application." Stogsdill Decl. p 29, reprinted in App. 35.
Henke does argue that in her experience, technical contacts are likely to be scientists, and thus reviews which focus on the quality of a company's "staff" are likely to be "about" the technical contacts. See Henke Aff. at 3, reprinted in App. 123. Even if this assertion is true, the record indicates conclusively that the ATP's purpose in requesting the name of a technical contact is essentially administrative and is not even necessary for the conduct of the ATP's operations. Put another way, the ATP program's substantive interests would not be affected (though it might run a bit less efficiently) if it only requested a phone number or fax number as a contact point rather than the name of a contact person. Consequently, we find that in the absence of any evidence that the names of contact persons are used regularly or even frequently to obtain information about those persons, the ATP does not maintain a system of records keyed to individuals listed in the contact person fields of its databases.16
III. CONCLUSION
We find that the ATP does not currently maintain a "system of records" with respect to Henke for purposes of the Privacy Act. Accordingly, we vacate the judgment of the district court and remand the case for the district court to enter summary judgment in favor of the Department of Commerce.
So ordered.
Under the Act, a "system of records" is defined as "a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual." 5 U.S.C. § 552a(a)(5)
The Act defines a "record" as "any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph." 5 U.S.C. § 552a(a)(4).
As Judge Sirica put it:
Properly understood, the right to access under section 3(d) [of the Privacy Act] is aimed entirely at improving informational quality. This is in sharp contrast to parallel rights guaranteed by the Freedom of Information Act. Unlike the FOIA, access to agency records ... is not a statutory objective for its own sake. In contrast to the FOIA, the right of access afforded by the Privacy Act is not designed to free up public entry to the full range of government files. Rather, access under the Privacy Act is merely a necessary adjunct to the broader objective of assuring information quality by obtaining the views of persons with the interest and ability to contribute to the accuracy of agency records.
Smiertka v. Dep't of Treasury, 447 F. Supp. 221, 226 (D.D.C.1978), remanded on other grounds, 604 F.2d 698 (D.C.Cir.1979).
The ATP program is established within the National Institute of Standards and Technology, which is itself an entity within the Department of Commerce. See 15 U.S.C. § 272(a). We follow here the district court's convention of referring to the defendants/appellants as "ATP."
Proposals are first screened to see if they meet the basic criteria for the competition (e.g., whether they comply with page limits, and whether they are from a business and not an individual). Next, proposals are reviewed by technical experts (typically federal employees) and experts in business fields (typically in the private sector). Reviewers answer a number of written questions (e.g., "How would you rate the quality and innovativeness of the proposed technical program?"), and then rate each proposal on a scale of 1 to 10. See Declaration of Dennis Michael Stogsdill ("Stogsdill Decl.") pp 5-10, reprinted in App. 26-28
As of August 1994, there were ten databases in all--one for each of the 10 ATP competitions which had taken place since 1990. Stogsdill Decl. p 19, reprinted in App. 32
The district court explained:
To find a proposal using the computer database, one would bring the cursor to the "technical contact" or "business contact" field and ask the computer to search for a certain arrangement of characters. If someone is listed as a contact person, the computer can locate that name in the field. ATP personnel could then bring the cursor back over to the proposal number field and find the proposal number associated with that contact person's name. Since Wanda Henke is listed as a "technical contact" for Dynamic, if her name is entered into the technical contact field, her proposal number can be retrieved in a matter of seconds. With her proposal number, the agency can retrieve her paper file.
Henke v. Dep't of Commerce, No. 94-189, Mem. op. at 8 ("Mem. op."), reprinted in App. 282.
We refer to these fields collectively as "contact person" fields
The district court granted summary judgment in favor of the ATP with respect to Robert Henke's claims because he had conceded that he was not listed in any of the databases' fields, and thus the court concluded that ATP did not maintain a "system of records" on him
The court rejected the ATP's claim that the information in the paper files did not constitute a "record" about Henke, finding that "a document need not be a 'record' for an individual to have a right of access to it.... [S]o long as information 'pertains' to the requestor, and it is found in a system of records, the requestor has a right of access to it." Mem. op. at 13. The court found that since Henke "constitutes the full-time technical staff for Dynamic," comments about the quality of Dynamic's staff would necessarily be comments which described her, and thus that she was entitled to receive copies of the confidential peer reviews. Mem. op. at 14
The district court did not, however, rely on the plain meaning of the Act, but instead based its conclusion on the legislative history and policies behind the Act
Henke seeks to bolster her textual claim by pointing us toward section (e)(4) of the Act, which requires agencies, when they promulgate their notice of their system of records to publish "the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records." 5 U.S.C. § 552a(e)(4) (emphasis suggested by Henke). Because the Act requires agencies to explain their retrievability policies, Henke argues, retrievability (as opposed to actual retrieval) should be the standard for determining whether a system of records exists. However, section (e)(4) only requires the agency to describe its "policies and practices" regarding retrievability, not to discuss every potential information retrieval that could be accomplished through use of the system
The ATP's position is also consistent with that of the Office of Management and Budget ("OMB"), whose guidelines, we have found, are "owed the deference usually accorded interpretation of a statute by the agency charged with its administration...." Albright v. United States, 631 F.2d 915, 919-20 n. 5 (D.C.Cir.1980). Addressing the meaning of "system of records," OMB said:
The definition of "system of records" limits the applicability of some of the provisions of the Act to "records" which are maintained by an agency, retrieved by individual identifier (i.e., there is an indexing or retrievel [sic ] capability using identifying particulars, as discussed above, built into the system), and the agency does, in fact, retrieve records about individuals by reference to some personal identifier.
Privacy Act Guidelines, reprinted in LEGISLATIVE HISTORY OF THE PRIVACY ACT OF 1974: SOURCE BOOK ON PRIVACY 1027 (1976) ("SOURCE BOOK") (emphasis in original). Thus, the OMB guidelines make it clear that it is not sufficient that an agency has the capability to retrieve information indexed under a person's name, but the agency must in fact retrieve records in this way in order for a system of records to exist. Moreover, OMB went on to address the applicability of the Act to a hypothetical situation almost identical to the one we are faced with here:
The "are retrieved by" criterion implies that the grouping of records under the control of an agency is accessed by the agency by use of a personal identifier; not merely that a capability or potential for retrieval exists. For example, an agency record-keeping system on firms it regulates may contain "records" (i.e., personal information) about officers of the firm incident to evaluating the firm's performance. Even though these are clearly "records" "under the control of" an agency, they would not be considered part of a system as defined by the Act unless the agency accessed them by reference to a personal identifier (name, etc.). That is, if these hypothetical "records" are never retrieved except by reference to company identifier or some other nonpersonal indexing scheme (e.g. type of firm) they are not a part of a system of records.
Id., reprinted in SOURCE BOOK at 1028.
One definition of "system" is "a complex unity formed of many often diverse parts subject to a common plan or serving a common purpose." WEBSTER'S THIRD NEW INTERNATIONAL DICTIONARY 2322 (1976) (emphasis added)
Henke points to two occasions on which a member of the ATP staff retrieved Dynamic's proposal number given only the name of the company and Henke's name. See Rule 56(f) Affidavit of Wanda Henke ("Henke Aff."), reprinted in App. 121. These retrievals were, however, performed entirely at Henke's request, and while they support the conceded point that the ATP has the ability to retrieve a proposal number given the proposal's administrative information, we do not agree that these two searches seriously weaken the ATP's claim that it does not in practice retrieve information keyed to individuals
This situation stands in contrast to the grant programs administered by the National Science Foundation ("NSF"), which gives grants both to businesses and individuals. NSF grants are frequently structured around a lead scientist or "principal investigator," who is more than just an administrative contact. In this sort of situation, an evaluation of a grant application will often address the qualifications of the "principal investigator," and the NSF will routinely retrieve information about principal investigators by those individuals' names. Not surprisingly, therefore, the NSF has in fact designated its principal investigator files as a Privacy Act system of records. See 45 C.F.R. § 613.6(a); Henke v. Dep't of Commerce, 83 F.3d 1445, 1448 n. 1
In light of our disposition of this case we do not reach the disputed issue of whether the peer reviews constituted Henke's "records" for purposes of the Privacy Act