• Has the agency identified user rights to privacy and the Government’s obligations to the public under law and Government policy?
• Does the project contain sufficient mechanisms to ensure that the identified rights to privacy are protected?
• To the extent that the project does not protect all of the identified rights to privacy, what provisions or mechanisms does the agency propose to redress this deficiency?