Federal Register: October 21, 2005 (Volume 70, Number 203)
Rules and Regulations
Page 61211-61217
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
6 CFR Part 7
RIN 1601-AA02
Classified National Security Information
AGENCY: Office of the Secretary, DHS.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: This final rule revises the Department of Homeland Security's
procedures for managing classified national security information. This
rule implements procedures required under Executive Order 12958,
``Classified National Security Information,'' as amended by Executive
Order 13292, and amends the initial procedures established when the
Department was created in January 2003. Further, this rule delegates to
the Chief Security Officer of the Department of Homeland Security the
responsibility of serving as the ``Senior Agency Official'' pursuant to
Executive Order 12958, as amended.
DATES: This final rule is effective October 21, 2005.
FOR FURTHER INFORMATION CONTACT: John J. Young, Chief, Administrative
Security Division, Office of Security, Department of Homeland Security,
(202) 772-9614 (not a toll free call).
SUPPLEMENTARY INFORMATION:
I. Background
On November 25, 2002, the President signed into law the Homeland
Security Act of 2002, Public Law 107-296, 116 Stat. 2135 (6 U.S.C. 101
et seq.) (HSA), creating the Department of Homeland Security (DHS). DHS
is comprised of 22 Federal agencies brought together for the common
goals of preventing terrorist attacks in the United States, reducing
the vulnerability of the United States to terrorist attacks, and
minimizing damage and assisting in recovery from attacks that occur in
the United States.
DHS came into existence on January 24, 2003 under section 4 of the
HSA, 116 Stat. at 2142 (6 U.S.C. 101 note). In order to facilitate
public interaction with DHS's Office of the Secretary and to meet the
mandate set forth in Executive Order 12958, as amended, DHS issued an
interim final rule to establish an initial set of procedures for
[[Page 61212]]
the classification, safeguarding and declassification of classified
national security information. 68 FR 4703 (Jan. 27, 2003). Because the
procedures implemented under the January 27, 2003 interim final rule
were determined by DHS to be agency procedural rules, the interim rule
was exempt from prior notice and public comment under the
Administrative Procedure Act (APA) (5 U.S.C. 553) and became effective
upon publication.
On March 25, 2003, the President issued Executive Order 13292, 68
FR 15315 (March 28, 2003), which further amended Executive Order 12958.
Executive Order 12958, as amended, further directed Federal agencies to
designate a Senior Agency Official to direct and administer the program
for handling classified national security information. Among the
responsibilities of the Senior Agency Official is the promulgation of
implementing regulations that are required to be published in the
Federal Register to the extent such regulations affect the public.
DHS is promulgating this final rule, consistent with the mandates
set forth under Executive Order 12958, as amended, to establish
procedures, and revise existing DHS procedures for the classification,
safeguarding and declassification of classified national security
information. This final rule is consistent with similar rules of other
Executive agencies relating to procedures for the classification,
safeguarding and declassification of classified national security
information.
II. Analysis of This Final Rule
This final rule establishes the procedures necessary for DHS to
fulfill its obligations under Executive Order 12958, as amended,
``Classified National Security Information.'' This final rule is not
intended to address or satisfy obligations mandated to the Department
under Executive Orders 13311, Homeland Security Information Sharing, 68
FR 45149 (July 31, 2003) or Executive Order 13356, Strengthening the
Sharing of Terrorism Information to Protect Americans, 69 FR 53599
(September 1, 2004).
Subpart A--Administration
Subpart A delegates responsibility for administration of the DHS
classification management program to the Chief Security Officer who
shall act in the capacity of ``Senior Agency Official'' as defined in
E.O. 12958, as amended. This delegation had been previously assigned to
the Under Secretary for Information Analysis and Infrastructure
Protection (IAIP) under the predecessor DHS Interim Final Rule dated
January 27, 2003. It also mandates responsibility to the components for
designation of a security officer/security liaison to implement and
oversee the program at each component. Subpart A sets forth potential
sanctions that may be imposed pursuant to E.O. 12958, as amended. These
sanctions are independent of criminal penalties under 18 U.S.C. 371,
792-798, 1001; the Act of September 23, 1950, ch. 1024, tit. I, section
4, 64 Stat. 991, as amended (50 U.S.C. 783); and the National Security
Act of 1947, ch. 343, tit. VI, section 601, as added by the
Intelligence Identities Protection Act of 1982, Public Law 97-200,
section 2, 96 Stat. 122 (June 23, 1982), as amended (50 U.S.C. 421), or
other laws. Each of these provisions of law may impose sanctions
against persons who commit a violation in the handling of classified
information and it outlines policy for the introduction of classified
information into judicial proceedings.
Subpart B--Classified Information
Subpart B provides DHS policy on the classification and
declassification of national security information and provisions for
the release of classified information to uncleared persons in an
emergency. Subpart B also provides the DHS processes for challenging
the classification of information and, as it applies to the public,
submitting a request for a mandatory review of classified information
for declassification and public release. It also establishes the DHS
Classification Appeals Panel (DHS/CAP) for the purpose of reviewing
appeals of denial for declassification.
III. Regulatory History
Administrative Procedure Act
DHS is implementing this rule without notice and the opportunity
for public comment as this rule involves DHS management and
organization, and DHS internal procedures for the classification and
handling of classified national security information. Therefore, this
rule is exempt from the rulemaking requirements under 5 U.S.C. 553
pursuant to the exclusions in section 553(a). Further, this rule
generally parallels the procedures currently used by other agencies to
fulfill their obligations under Executive Order 12958, as amended,
regarding classified national security information. Implementation of
this rule without notice and the opportunity for public comment is
warranted also under the ``good cause'' standard found under 5 U.S.C.
553(b) because it implements only national security interests relating
to classified information and does not affect the rights of the general
public. For the same reasons, the Department has determined that this
final rule should be issued without a delayed effective date pursuant
to 5 U.S.C. 553(d)(3).
Regulatory Flexibility Act
DHS, in accordance with the Regulatory Flexibility Act, 5 U.S.C.
605(b), has reviewed this final rule and, by approving it, certifies
that it will not have a significant economic impact on a substantial
number of small entities because it pertains to personnel and
administrative matters affecting the Department. Further, a Regulatory
Flexibility Analysis is not required for this final rule because the
Department was not required to publish a general notice of proposed
rulemaking for this matter.
Executive Order 12866
This rule has been drafted and reviewed in accordance with
Executive Order 12866, Regulatory Planning and Review, section 1(b),
Principles of Regulation. This rule is not a significant regulatory
action under section 3(f) of Executive Order 12866.
Executive Order 12988
This regulation meets the applicable standards set forth in
sections 3(a) and 3(b)(2) of Executive Order 12988, Civil Justice
Reform.
Executive Order 13132
This rule will not have substantial direct effects on the States,
on the relationship between the national government and the States, or
on the distribution of power and responsibilities among the various
levels of government. Therefore, in accordance with Executive Order
13132, DHS has determined that this rule does not have sufficient
federalism implications to warrant the preparation of a federalism
summary impact statement.
Unfunded Mandates Reform Act of 1995
This rule will not result in the expenditure by State, local, and
tribal governments, in the aggregate, or by the private sector, of $100
million or more in any one year, and it will not significantly or
uniquely affect small governments. Therefore, no actions are necessary
under the provisions of the Unfunded Mandates Reform Act of 1995, 2
U.S.C. 1501 et seq.
Small Business Regulatory Enforcement Fairness Act of 1996
This rule is not a major rule as defined by section 251 of the
Small
[[Page 61213]]
Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), 5 U.S.C.
804. This rule will not result in an annual effect on the economy of
$100 million or more, a major increase in costs or prices, or
significant adverse effects on competition, employment, investment,
productivity, innovation, or the ability of United States-based
enterprises to compete with foreign-based enterprises in domestic and
export markets.
National Environmental Policy Act of 1969
DHS has reviewed this action for purposes of the National
Environmental Policy Act of 1969 (NEPA) (42 U.S.C. 4321-4347) and has
determined that this action will not have a significant effect on the
human environment.
Executive Order 12958, as Amended
This Final Rule has been reviewed by the Information Security
Oversight Office of the National Archives and Records Administration,
pursuant to Executive Order 12958, as amended.
List of Subjects in 6 CFR Part 7
Classified information, Organization, functions, and authority
delegations.
0
Accordingly, for the reasons set forth above, 6 CFR chapter I, part 7,
is revised to read as follows:
PART 7--CLASSIFIED NATIONAL SECURITY INFORMATION
Sec.
7.1 Purpose.
7.2 Scope.
7.3 Definitions.
Subpart A--Administration
7.10 Authority of the Chief Security Officer, Office of Security.
7.11 Components' responsibilities.
7.12 Violations of classified information requirements.
7.13 Judicial proceedings.
Subpart B--Classified Information
7.20 Classification and declassification authority.
7.21 Classification of information, limitations.
7.22 Classification pending review.
7.23 Emergency release of classified information.
7.24 Duration of classification.
7.25 Identification and markings.
7.26 Derivative classification.
7.27 Declassification and downgrading.
7.28 Automatic declassification.
7.29 Documents of permanent historical value.
7.30 Classification challenges.
7.31 Mandatory review for declassification requests.
Authority: 5 U.S.C. 301; Pub. L. 107-296, 116 Stat. 2135 (6
U.S.C. 101); E.O. 12958, 60 FR 19825, 3 CFR, 1995 Comp., p. 333;
E.O. 13142, 64 FR 66089, 3 CFR, 1999 Comp., p. 236; 32 CFR part
2001.
Sec. 7.1 Purpose.
The purpose of this part is to ensure that information within the
Department of Homeland Security (DHS) relating to the national security
is classified, safeguarded, and declassified pursuant to the provisions
of Executive Order 12958, as amended, and implementing directives from
the Information Security Oversight Office (ISOO) of the National
Archives and Records Administration (NARA).
Sec. 7.2 Scope.
(a) This part applies to all employees, detailees and non-
contractor personnel outside the Executive Branch who are granted
access to classified information by the DHS, in accordance with the
standards in Executive Order 12958, as amended, and its implementing
directives.
(b) This part does not apply to contractors, grantees and other
categories of personnel falling under the purview of Executive Order
12829, National Industrial Security Program, and its implementing
directives.
(c) This part is independent of and does not affect any
classification procedures or requirements of the Atomic Energy Act of
1954, as amended (42 U.S.C. 2011 et seq).
(d) This part does not, and is not intended to, create any right to
judicial review, or any other right or benefit or trust responsibility,
substantive or procedural, enforceable by a party against the United
States, its agencies or instrumentalities, its officers or employees,
or any other person. This part creates limited rights to administrative
review of decisions. This part does not, and is not intended to, create
any right to judicial review of administrative action.
Sec. 7.3 Definitions.
The terms defined or used in Executive Order 12958, as amended, and
the implementing directives in 32 CFR parts 2001 and 2004, are
applicable to this part.
Subpart A--Administration
Sec. 7.10 Authority of the Chief Security Officer, Office of
Security.
(a) The DHS Chief Security Officer (hereafter ``Chief Security
Officer'') is designated as the Senior Agency Official as required by
section 5.4(d) of Executive Order 12958, as amended, and, except as
specifically provided elsewhere in this part, is authorized to
administer the DHS Classified National Security Information program
pursuant to Executive Order 12958, as amended.
(b) The Chief Security Officer shall, among other actions:
(1) Oversee and administer the DHS's program established under
Executive Order 12958, as amended;
(2) Promulgate implementing regulations;
(3) Establish and maintain Department-wide security education and
training programs;
(4) Establish and maintain an ongoing self-inspection program
including the periodic review and assessment of the DHS's classified
product;
(5) Establish procedures to prevent unnecessary access to
classified information, including procedures that:
(i) Require that a need for access to classified information is
established before initiating administrative procedures to grant
access; and
(ii) Ensure that the number of persons granted access to classified
information is limited to the minimum necessary for operational and
security requirements and needs;
(6) Develop special contingency plans for the safeguarding of
classified information used in or near hostile or potentially hostile
areas;
(7) Coordinate with the DHS Chief Human Capital Officer, as
appropriate to ensure that the performance contract or other system
used to rate personnel performance includes the management of
classified information as a critical element or item to be evaluated in
the rating of:
(i) Original classification authorities;
(ii) Security managers or security specialists; and
(iii) All other personnel whose duties significantly involve the
creation or handling of classified information;
(8) Account for the costs associated with implementing this part
and report the cost to the Director of ISOO;
(9) Assign in a prompt manner personnel to respond to any request,
appeal, challenge, complaint, or suggestion concerning Executive Order
12958, as amended, that pertains to classified information that
originated in a DHS component that no longer exists and for which there
is no clear successor in function;
(10) Report violations, take corrective measures and assess
appropriate sanctions as warranted, in accordance with Executive Order
12958, as amended;
(11) Overseeing DHS participation in special access programs
authorized under Executive Order 12958, as amended;
(12) Direct and administer DHS's personnel security program in
[[Page 61214]]
accordance with Executive Order 12968 and other applicable law;
(13) Direct and administer DHS implementation and compliance with
the National Industrial Security Program in accordance with Executive
Order 12829 and other applicable guidance; and
(14) Perform any other duties as the Secretary may designate.
(c) The Chief Security Officer shall maintain a current list of all
officials authorized pursuant to this part to originally classify or
declassify documents.
Sec. 7.11 Components' responsibilities.
Each DHS component shall appoint a security officer or security
liaison to implement this part. the security officer/security liaison
shall:
(a) Implement, observe, and enforce security regulations or
procedures within their component with respect to the classification,
declassification, safeguarding, handling, and storage of classified
national security information;
(b) Report violations of the provisions of this regulation to the
Chief Security Officer committed by employees of their component, as
required;
(c) Ensure that employees of their component acquire adequate
security education and training, as required by the DHS classified
information security procedures;
(d) Continuously review the requirements for personnel access to
classified information as a part of the continuous need-to-know
evaluation, and initiate action to administratively withdraw or reduce
the level of access authorized, as appropriate; and
(e) Cooperate fully with any request from the Chief Security
Officer for assistance in the implementation of this part.
Sec. 7.12 Violations of classified information requirements.
(a) Any person who suspects or has knowledge of a violation of this
part, including the known or suspected loss or compromise of classified
information, shall promptly report such violations or possible
violations, pursuant to requirements set forth in DHS directives.
(b) DHS employees and detailees may be reprimanded, suspended
without pay, terminated from classification authority, suspended from
or denied access to classified information, or subject to other
sanctions in accordance with applicable law and DHS regulations or
directives if they:
(1) Knowingly, willfully, or negligently disclose to unauthorized
persons information properly classified under Executive Order 12958, as
amended, or its predecessor orders;
(2) Knowingly, willfully, or negligently classify or continue the
classification of information in violation of Executive Order 12958, as
amended, or its implementing directives; or
(3) Knowingly, willfully, or negligently violate any other
provision of Executive Order 12958, as amended, or DHS implementing
directives, or;
(4) Knowingly, willfully, or negligently grant eligibility for, or
allow access to, classified information in violation of Executive Order
12958, or its implementing directives, this part, or DHS implementing
directives promulgated by the Chief Security Officer.
Sec. 7.13 Judicial proceedings.
(a) Any DHS official or organization receiving an order or subpoena
from a Federal or State court, or an administrative subpoena from a
Federal agency, to produce classified information (see 6 CFR 5.41
through 5.49), required to submit classified information for official
DHS litigative purposes, or receiving classified information from
another organization for production of such in litigation, shall notify
the Office of the General Counsel, unless the demand for production is
made by the Office of the General Counsel, and immediately determine
from the agency originating the classified information whether the
information can be declassified. If declassification is not possible,
DHS representatives will take appropriate action to protect such
information, pursuant to the provisions of this section.
(b) If a determination is made to produce classified information in
a judicial proceeding in any manner, the DHS General Counsel attorney,
in conjunction with the Department of Justice, shall take appropriate
steps to protect classified information in judicial proceedings and
retrieve the information when the information is no longer required in
such judicial proceedings, in accordance with the Department of Justice
procedures, and in Federal criminal cases, pursuant to the requirements
of Classified Information Procedures Act (CIPA), Public Law 96-456, 94
Stat. 2025, (18 U.S.C. App.), and the ``Security Procedures Established
Pursuant to Public Law 96-456, 94 Stat. 2025, by the Chief Justice of
the United States for the Protection of Classified Information,'' and
other applicable authorities.
Subpart B--Classified Information
Sec. 7.20 Classification and declassification authority.
(a) Top Secret original classification authority may only be
exercised by the Secretary of Homeland Security and by officials to
whom such authority is delegated in writing by the Secretary. The Chief
Security Officer, as the Senior Agency Official, is delegated authority
to originally classify information up to and including Top Secret. No
official who is delegated Top Secret original classification authority
by the Secretary may further delegate such authority.
(b) The Chief Security Officer may delegate Secret and Confidential
original classification authority to other officials determined to have
frequent need to exercise such authority. No official who is delegated
original classification authority by the Secretary or the Chief
Security Officer may further delegate such authority.
(c) Officials authorized to classify information at a specified
level are also authorized to classify information at a lower level. In
the absence of an official authorized to exercise classification
authority, the person designated to act in lieu of such official may
exercise the official's classification authority.
Sec. 7.21 Classification of information, limitations.
(a) Information may be originally classified only if all of the
following standards are met:
(1) An original classification authority is classifying the
information;
(2) The information is owned by, produced by or for, or is under
the control of the United States Government;
(3) The information falls within one or more of the categories of
information specified in section 1.4 of Executive Order 12958, as
amended; and
(4) The original classification authority determines that the
unauthorized disclosure of the information reasonably could be expected
to result in damage to the national security and such official is able
to identify or describe the damage.
(b) Information shall be classified as Top Secret, Secret, or
Confidential in accordance with and in compliance with the standards
and criteria in Executive Order 12958, as amended. No other terms shall
be used to identify United States classified information except as
otherwise provided by statute.
(c) Information shall not be classified in order to:
(1) Conceal inefficiency, violations of law, or administrative
error;
(2) Prevent embarrassment to a person, organization, or agency;
[[Page 61215]]
(3) Restrain competition;
(4) Prevent or delay release of information that does not require
protection in the interest of national security.
(d) Information may be reclassified after it has been declassified
and released to the public under proper authority only in accordance
with the following conditions:
(1) The reclassification action is taken under the personal
authority and with the written approval of the Secretary or Deputy
Secretary of Homeland Security, based on the determination that the
reclassification of the information is necessary in the interest of the
national security;
(2) The reclassification of the information meets the standards and
criteria for classification pursuant to Executive Order 12958, as
amended;
(3) The information may be reasonably recovered; and
(4) The reclassification action is reported promptly to the
Director of ISOO.
(e) Information that has not previously been disclosed to the
public under proper authority may be classified or reclassified after
DHS has received a request for it under the Freedom of Information Act
(5 U.S.C. 552), the Privacy Act of 1974 (5 U.S.C. 552a), or the
mandatory review provisions of Executive Order 12958, as amended,
section 3.5. When it is necessary to classify or reclassify such
information, it shall be forwarded to the Chief Security Officer and
classified or reclassified only at the direction of the Secretary or
Deputy Secretary of Homeland Security.
Sec. 7.22 Classification pending review.
(a) Whenever persons who do not have original classification
authority originate or develop information that they believe requires
immediate classification and safeguarding, and no authorized classifier
is available, that person shall:
(1) Safeguard the information in a manner appropriate for the
classification level they believe it to be;
(2) Apply the appropriate overall classification markings; and
(3) Within five working days, securely transmit the information to
the organization that has appropriate subject matter interest and
classification authority.
(b) When it is not clear which component would be the appropriate
original classifier, the information shall be sent to the Chief
Security Officer to determine the appropriate organization.
(c) The organization with classification authority shall decide
within 30 days whether to classify the information.
Sec. 7.23 Emergency release of classified information.
(a) The Secretary of Homeland Security has delegated to certain DHS
employees the authority to disclose classified information to an
individual or individuals not otherwise routinely eligible for access
in emergency situations when there is an imminent threat to life or in
defense of the homeland.
(b) In exercising this authority, the delegees shall adhere to the
following conditions:
(1) Limit the amount of classified information disclosed to a
minimum to achieve the intended purpose;
(2) Limit the number of individuals who receive it to only those
persons with a specific need-to-know;
(3) Transmit the classified information through approved
communication channels by the most secure and expeditious method
possible, or by other means deemed necessary in exigent circumstances;
(4) Provide instructions about what specific information is
classified and how it should be safeguarded. Physical custody of
classified information must remain with an authorized Federal
Government entity, in all but the most extraordinary circumstances as
determined by the delegated official;
(5) Provide appropriate briefings to the recipients on their
responsibilities not to disclose the information and obtain from the
recipients a signed DHS Emergency Release of Classified Information
Non-disclosure Form. In emergency situations requiring immediate verbal
release of information, the signed nondisclosure agreement
memorializing the briefing may be received after the emergency abates;
(6) Within 72 hours of the disclosure of classified information, or
the earliest opportunity that the emergency permits, but no later than
7 days after the release, the disclosing authority must notify the DHS
Chief Security Officer and the originating agency of the information
disclosed. A copy of the signed nondisclosure agreements should be
forwarded with the notification under this paragraph (b)(6), or as soon
thereafter as practical.
(7) Release of information pursuant to this authority does not
constitute declassification of the information.
(8) Authority to disclose classified information may not be further
delegated.
Sec. 7.24 Duration of classification.
(a) At the time of original classification, original classification
authorities shall apply a date or event in which the information will
be automatically declassified.
(b) The original classification authority shall attempt to
establish a specific date or event not more than 10 years after the
date of origination in which the information will be automatically
declassified. If the original classification authority cannot determine
an earlier specific date or event it shall be marked for automatic
declassification 10 years from the date of origination.
(c) If the original classification authority determines that the
sensitivity of the information requires classification beyond 10 years,
it may be marked for automatic declassification for up to 25 years from
the date of original classification decision.
(d) Original classification authorities do not have the authority
to classify or retain the classification of information beyond 25 years
from the date of origination. The only exception to this rule is when
disclosure of the information could be expected to reveal the identity
of a confidential human source or human intelligence source. In this
instance, the information may be marked for declassification as ``25X1-
Human,'' indicating that the information is exempt from the ``25 Year
Rule'' for automatic declassification. This marking is not authorized
for use when the information pertains to non-human intelligence sources
or intelligence methods. In all other instances, classification beyond
25 years shall only be authorized in accordance with Sec. 7.28 of this
part and Executive Order 12958, as amended.
Sec. 7.25 Identification and markings.
(a) Classified information must be marked pursuant to the standards
set forth in section 1.6 of Executive Order 12958, as amended; 32 CFR
part 2001, subpart B; and internal DHS guidance provided by the Chief
Security Officer.
(b) Foreign government information shall retain its original
classification markings or be assigned a U.S. classification that
provides a degree of protection at least equivalent to that required by
the entity that furnished the information.
(c) Information assigned a level of classification under
predecessor Executive Orders shall remain classified at that level of
classification, except as otherwise provided herein, i.e., the
information is reclassified or declassified.
Sec. 7.26 Derivative classification.
(a) Derivative classification is defined as the incorporating,
paraphrasing,
[[Page 61216]]
restating, or generating in a new form information that is already
classified, and marking the newly developed material consistent with
the classification markings that apply to the source information.
Information is also derivatively classified when classification is
based on instructions provided in a security classification guide.
(b) Persons need not possess original classification authority to
derivatively classify information based on source documents or
classification guides.
(c) Persons who apply derivative classification markings shall
observe original classification decisions and carry forward to any
newly created documents the pertinent classification markings.
(d) Information classified derivatively from other classified
information shall be classified and marked in accordance with the
standards set forth in sections 2.1 and 2.2 of Executive Order 12958,
as amended, 32 CFR 2001.22, and internal DHS guidance provided by the
Chief Security Officer.
Sec. 7.27 Declassification and downgrading.
(a) Classified information shall be declassified as soon as it no
longer meets the standards for classification. Declassification and
downgrading is governed by Part 3 of Executive Order 12958, as amended,
implementing ISOO directives at 32 CFR part 2001, subpart C, and
applicable internal DHS direction provided by the Chief Security
Officer.
(b) Information shall be declassified or downgraded by the official
who authorized the original classification if that official is still
serving in the same position, the originator's successor, or a
supervisory official of either, or by officials delegated such
authority in writing by the Secretary of Homeland Security or the Chief
Security Officer.
(c) It is presumed that information that continues to meet the
classification requirements under Executive Order 12958, as amended,
requires continued protection. In some exceptional cases during
declassification reviews, the need to protect classified information
may be outweighed by the public interest in disclosure of the
information, and in these cases the information should be declassified.
If it appears that the public interest in disclosure of the information
may outweigh the need to protect the information, the declassification
reviewing official shall refer the information with a recommendation
for decision to the Chief Security Officer. The Chief Security Officer
shall review the information and make a recommendation to the Secretary
on whether the public interest in disclosure outweighs the damage to
national security that might reasonably be expected from disclosure.
The Secretary shall decide whether to declassify the information. The
decision of the Secretary shall be final. This provision does not
amplify or modify the substantive criteria or procedures for
classification or create any substantive or procedural rights subject
to judicial review.
(d) Each component shall develop schedules for declassification of
records in the National Archives.
Sec. 7.28 Automatic declassification.
(a) Subject to paragraph (b) of this section, all classified
information contained in records that are more than 25 years old that
have been determined to have permanent historical value shall be
declassified automatically on December 31, 2006. Subsequently, all
classified information in such records shall be automatically
declassified not later than 25 years after the date of its original
classification with the exception of specific information exempt from
automatic declassification pursuant to section 3.3 (b) through (d) of
Executive Order 12958, as amended.
(b) At least 180 days before information is declassified
automatically under this section, the Chief Security Officer shall
notify the ISOO of any specific information that DHS proposes to exempt
from automatic declassification. The notification shall include:
(1) A description of the information;
(2) An explanation of why the information is exempt from automatic
declassification and must remain classified for a longer period of
time; and
(3) A specific date or event for declassification of the
information whenever the information exempted does not identify a
confidential human source or human intelligence source.
(c) Proposed exemptions under this section shall be forwarded to
the Chief Security Officer. When the Chief Security Officer determines
the exemption request is consistent with this section, he or she will
submit the exemption request to the Executive Secretary of the
Interagency Security Classification Appeals Panel (ISCAP) for approval.
(d) Declassification guides that narrowly and precisely define
exempted information may be used to exempt information from automatic
declassification. Declassification guides must include the exemption
notification information detailed in paragraph (b) of this section, and
be approved pursuant to paragraph (c) of this section.
Sec. 7.29 Documents of permanent historical value.
The original classification authority, to the greatest extent
possible, shall declassify classified information contained in records
determined to have permanent historical value under 44 U.S.C. 2107
before they are accessioned into the National Archives.
Sec. 7.30 Classification challenges.
(a) Authorized holders of information classified by DHS who, in
good faith, believe that specific information is improperly or
unnecessarily classified are encouraged and expected to challenge the
classification status of that information pursuant to section 1.8 of
Executive Order 12958, as amended. Authorized holders may submit
classification challenges in writing to the original classification
authority with jurisdiction over the information in question. If an
original classification authority cannot be determined, the challenge
shall be submitted to the Chief Security Officer. The challenge need
not be more specific than a question as to why the information is or is
not classified, or is classified at a certain level.
(b) If anonymity of the challenger is requested, the challenger may
submit the challenge to the Office of Security. The Office of Security
will act as an agent for the challenger and the identity of the
challenger will be redacted.
(c) The original classification authority shall promptly, and in no
case later than 60 days, provide a written response to the submitter.
The original classification authority may classify or declassify the
information subject to the challenge and, if applicable, state specific
reasons why the original classification determination was proper. If
the original classification authority is not able to respond within 60
days, he or she shall inform the individual who filed the challenge in
writing of that fact, and the anticipated determination date.
(d) The individual challenging the classification will be notified
of the determination made by the original classification authority and
that the individual may appeal this determination to the Chief Security
Officer. Upon receipt of such appeals, the Chief Security Officer shall
convene a DHS Classification Appeals Panel (DHS/CAP). The DHS/CAP
shall, at a minimum, consist of representatives from the Office of
Security, the Office of General Counsel, and a representative from the
component having jurisdiction
[[Page 61217]]
over the information. Additional members may be added as determined by
the DHS Chief Security Officer. The DHS/CAP shall be chaired by the
Chief Security Officer.
(e) If the requester files an appeal through the DHS/CAP, and the
appeal is denied, the requester shall be notified of the right to
appeal the denial to the Interagency Security Classification Appeals
Panel (ISCAP) pursuant to section 5.3 of Executive Order 12958, as
amended, and the rules issued by the ISCAP pursuant to section 5.3 of
Executive Order 12958, as amended.
(f) Any individual who challenges a classification and believes
that any action has been taken against him or her in retaliation or
retribution because of that challenge shall report the facts to the
Office of the Inspector General or other appropriate office.
(g) Nothing in this section shall prohibit a person from informally
challenging the classified status of information directly to the
original classification authority.
(h) Requests for review of classified material for declassification
by persons other than authorized holders are governed by 6 CFR 7.31.
Sec. 7.31 Mandatory review for declassification requests.
(a) Any person may request that classified information be reviewed
for declassification pursuant to the mandatory declassification review
provisions of section 3.6 of Executive Order 12958, as amended. Such
requests shall be sent to the Departmental Disclosure Officer, Privacy
Office, 245 Murray Lane, SW., Building 410, Washington, DC 20528.
(b) The request must sufficiently describe the document or material
with enough specificity to allow it to be located by the component with
a reasonable amount of effort. When the description of the information
in the request is deficient, the component shall solicit as much
additional identifying information as possible from the requester. If
the information or material requested cannot be obtained with a
reasonable amount of effort, the component shall provide the requester,
through the DHS Disclosure Officer, with written notification of the
reasons why no action will be taken and of the requester's right to
appeal.
(c) Requests for review of information that has been subjected to a
declassification review request within the preceding two years shall
not be processed. The DHS Disclosure Officer will notify the requester
of such denial.
(d) Requests for information exempted from search or review under
sections 701, 702, or 703 of the National Security Act of 1947, as
added and amended (50 U.S.C. 431 through 433), or other provisions of
law, shall not be processed. The DHS Disclosure Officer will notify the
requester of such denial.
(e) If documents or material being reviewed for declassification
under this section contain information that has been originally
classified by another government agency, the reviewing authority shall
notify the DHS Disclosure Officer. Unless the association of that
organization with the requested information is itself classified, the
DHS Disclosure Officer will then notify the requester of the referral.
(f) A DHS component may refuse to confirm or deny the existence, or
non-existence, of requested information when its existence or non-
existence, is properly classified.
(g) DHS components shall make a final determination on the request
as soon as practicable but within one year from receipt. When
information cannot be declassified in its entirety, components shall
make reasonable efforts to redact those portions that still meet the
standards for classification and release those declassified portions of
the requested information that constitute a coherent segment.
(h) DHS components shall notify the DHS Disclosure Officer of the
determination made in the processing of a mandatory review request.
Such notification shall include the number of pages declassified in
full; the number of pages declassified in part; and the number of pages
where declassification was denied.
(i) The DHS Disclosure Officer shall maintain a record of all
mandatory review actions for reporting in accordance with applicable
Federal requirements.
(j) The mandatory declassification review system shall provide for
administrative appeal in cases where the review results in the
information remaining classified. The requester shall be notified of
the results of the review and of the right to appeal the denial of
declassification. To address such appeals, the DHS Disclosure Office
shall convene a DHS Classification Appeals Panel (DHS/CAP). The DHS/CAP
shall, at a minimum, consist of representatives from the Disclosure
Office, the Office of Security, the Office of General Counsel, and a
representative from the component having jurisdiction over the
information. Additional members may be added as determined by the DHS
Disclosure Officer. The DHS/CAP shall be chaired by the DHS Disclosure
Officer.
(k) If the requester files an appeal through the DHS/CAP, and the
appeal is denied, the requester shall be notified of the right to
appeal the denial to the ISCAP pursuant to section 5.3 of Executive
Order 12958, as amended, and the rules issued by the ISCAP pursuant to
section 5.3 of Executive Order 12958, as amended.
Dated: October 8, 2005.
Michael Chertoff,
Secretary.
[FR Doc. 05-21011 Filed 10-20-05; 8:45 am]
BILLING CODE 4410-10-U
