Page:United States Statutes at Large Volume 118.djvu/3298

This page needs to be proofread.

118 STAT. 3268 PUBLIC LAW 108–447—DEC. 8, 2004 an issuer of a security registered pursuant to section 12. Notwith standing the preceding sentence, the Tennessee Valley Authority shall not be required to register any securities under this title, and shall not be deemed to have registered any securities under this title. ‘‘(b) LIMITED TREATMENT AS ISSUER.—Commencing with the issuance by the Tennessee Valley Authority of an annual report on Commission Form 10–K (or any successor thereto) for fiscal year 2006 and thereafter, the Tennessee Valley Authority shall be deemed to be an issuer for purposes of section 10A, other than for subsection (m)(1) or (m)(3) of section 10A. The Tennessee Valley Authority shall not be required by this subsection to comply with the rules issued by any national securities exchange or national securities association in response to rules issued by the Commission pursuant to section 10A(m)(1). ‘‘(c) NO EFFECT ON TVA AUTHORITY.—Nothing in this section shall be construed to diminish, impair, or otherwise affect the authority of the Board of Directors of the Tennessee Valley Authority to carry out its statutory functions under the Tennessee Valley Authority Act of 1933.’’. SEC. 521. Section 307 of the Denali Commission Act of 1998 (42 U.S.C. 3121 note) is amended by adding at the end the following new subsection: ‘‘(e) DOCKS, WATERFRONT TRANSPORTATION DEVELOPMENT, AND RELATED INFRASTRUCTURE PROJECTS.—The Secretary of Transpor tation is authorized to make direct lump sum payments to the Commission to construct docks, waterfront development projects, and related transportation infrastructure, provided the local community provides a ten percent non Federal match in the form of any necessary land or planning and design funds. To carry out this section, there is authorized to be appropriated such sums as may be necessary.’’. SEC. 522. (a) PRIVACY OFFICER.—Each agency shall have a Chief Privacy Officer to assume primary responsibility for privacy and data protection policy, including— (1) assuring that the use of technologies sustain, and do not erode, privacy protections relating to the use, collection, and disclosure of information in an identifiable form; (2) assuring that technologies used to collect, use, store, and disclose information in identifiable form allow for contin uous auditing of compliance with stated privacy policies and practices governing the collection, use and distribution of information in the operation of the program; (3) assuring that personal information contained in Privacy Act systems of records is handled in full compliance with fair information practices as defined in the Privacy Act of 1974; (4) evaluating legislative and regulatory proposals involving collection, use, and disclosure of personal information by the Federal Government; (5) conducting a privacy impact assessment of proposed rules of the Department on the privacy of information in an identifiable form, including the type of personally identifiable information collected and the number of people affected; (6) preparing a report to Congress on an annual basis on activities of the Department that affect privacy, including complaints of privacy violations, implementation of section 552a Reports. Deadline. 5 USC 552a note.