(b) The FBI will maintain an automated NICS Audit Log of all incoming and outgoing transactions that pass through the system.
(1) Contents. The NICS Audit Log will record the following information: Type of transaction (inquiry or response), line number, time, date of inquiry, header, message key, ORI or FFL identifier, and inquiry/response data (including the name and other identifying information about the prospective transferee and the NTN).
(i) NICS denied transaction records obtained or created in the course of the operation of the system will be retained in the Audit Log for 10 years, after which time they will be transferred to an appropriate FBI-maintained electronic database.
(ii) NICS Audit Log records relating to transactions in an open status, except the NTN and date, will be destroyed after not more than 90 days from the date of inquiry; and
(iii) In cases of NICS Audit Log records relating to allowed transactions, all identifying information submitted by or on behalf of the transferee will be destroyed within 24 hours after the FFL receives communication of the determination that the transfer may proceed. All other information, except the NTN and date, will be destroyed after not more than 90 days from the date of inquiry.
(2) Use of information in the NICS Audit Log. The NICS Audit Log will be used to analyze system performance, assist users in resolving operational problems, support the appeals process, or support audits of the use and performance of the system. Searches may be conducted on the Audit Log by time frame, i.e., by day or month, or by a particular state or agency. Information in the NICS Audit Log pertaining to allowed transactions may be accessed directly only by the FBI and only for the purpose of conducting audits of the use and performance of the NICS, except that:
(i) Information in the NICS Audit Log, including information not yet destroyed under §5.9(b)(1)(iii), that indicates, either on its face or in conjunction with other information, a violation or potential violation of law or regulation, may be shared with appropriate authorities responsible for investigating, prosecuting, and/or enforcing such law or regulation; and
(ii) The NTNs and dates for allowed transactions may be shared with ATF in Individual FFL Audit Logs as specified in §25.9(b)(4).
(3) Limitation on use. The NICS, including the NICS Audit Log, may not be used by any Department, agency, officer, or employee of the United States to establish any system for the registration of firearms, firearm owners, or firearm transactions or dispositions, except with respect to persons prohibited from receiving a firearm by 18 U.S.C. 922(g) or (n) or by state law. The NICS Audit Log will be monitored and reviewed on a regular basis to detect any possible misuse of NICS data.