[Federal Register Volume 81, Number 221 (Wednesday, November 16, 2016)]
[Proposed Rules]
[Pages 80612-80618]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2016-27414]
�========================================================================
�Proposed Rules
� Federal Register
�________________________________________________________________________
�
�This section of the FEDERAL REGISTER contains notices to the public of
�the proposed issuance of rules and regulations. The purpose of these
�notices is to give interested persons an opportunity to participate in
�the rule making prior to the adoption of the final rules.
�
�========================================================================
�
��Federal Register / Vol. 81, No. 221 / Wednesday, November 16, 2016 /
Proposed Rules��
[[Page 80612]]
DEPARTMENT OF ENERGY
10 CFR Part 1016
[Docket No. DOE-HQ-2015-0029-0001]
RIN 1992-AA46
Safeguarding of Restricted Data by Access Permittees
AGENCY: Department of Energy.
ACTION: Notice of proposed rulemaking and public hearings.
-----------------------------------------------------------------------
SUMMARY: The Department of Energy (DOE or Department) proposes to
revise its regulations governing the standards for safeguarding
Restricted Data by access permittees. The existing version of this
regulation was promulgated in 1983, which transferred the regulation
(originally promulgated in 1976). Since 1983, changes in organizations,
terminology, and DOE and national policies render portions of the
existing regulation outdated. The proposed revisions would update
existing requirements.
DATES: Written comments must be received by DOE on or before December
16, 2016.
A public meeting will be held if one is requested by November 23,
2016.
ADDRESSES: Written comments should be addressed to: Mr. Matthew B.
Moury, Associate Under Secretary for Environment, Health, Safety and
Security, Office of Environment, Health, Safety and Security, AU-1/
Forrestal Building, Department of Energy, Docket No. DOE-HQ-2015-0029-
0001, 1000 Independence Avenue SW., Washington, DC 20585 or via email
at [email protected]. Questions concerning submitting written
comments should be addressed to: Ms. Linda Ruhnow, Office of Security
Policy, Office of Environment, Health, Safety and Security, Department
of Energy, AU-51/Germantown Building, 1000 Independence Avenue SW.,
Washington, DC 20585-1290, (301) 903-4053 or via email at [email protected]. Requests to hold a public meeting should be submitted
by phone or email to Ms. Ruhnow at the number or email address
provided. You may submit comments, identified by [DOE-HQ-2015-0029-0001
and/or 1992-AA46], by any of the following methods:
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Email: [email protected]. Include [DOE-HQ-2015-0029-
0001 and/or 1992-AA46] in the subject line of the message.
Mail: Mailing Address for paper, disk, or CD-ROM
submissions: Department of Energy, Office of Security Policy, (AU-51,
Attn: Linda Ruhnow), 1000 Independence Ave. SW., Washington, DC 20585-
1290.
Hand Delivery/Courier: Street Address: Department of
Energy, Office of Security Policy, (AU-51, Attn: Linda Ruhnow), 1000
Independence Ave. SW., Washington, DC 20585-1290.
As a result of potential delays in the receipt and processing of
mail sent through the U.S. Postal Service, DOE encourages respondents
to submit comments electronically to ensure timely receipt.
Instructions: All submissions received must include the agency name
and docket number or Regulatory Information Number (RIN) for this
rulemaking. All comments received will be posted without change to
http://www.regulations.gov, including any personal information
provided.
Docket: For access to the docket to read background documents or
comments received, go to http://www.regulations.gov/#!docketDetail;D=DOE-HQ-2015-0008 or contact Linda Ruhnow at (301) 903-
4053 prior to visiting Department of Energy, Office of Security Policy,
(AU-51), 19901 Germantown Rd., Germantown, MD 20874.
FOR FURTHER INFORMATION CONTACT: Ms. Linda Ruhnow, Office of Security
Policy at (301) 903-4053; [email protected].
SUPPLEMENTARY INFORMATION:
I. Background
II. Section by Section Analysis
III. Regulatory Review and Procedural Requirements
A. Review Under Executive Order 12866
B. Review Under the Regulatory Flexibility Act
C. Review Under Paperwork Reduction Act
D. Review Under the National Environmental Policy Act
E. Review Under Executive Order 13132
F. Review Under Executive Order 12988
G. Review Under the Unfunded Mandates Reform Act of 1995
H. Review Under Executive Order 13211
I. Review Under the Treasury and General Government
Appropriations Act of 1999
IV. Opportunity for Public Comment
I. Background
The U.S. Department of Energy may issue an access permit to any
person, as set forth in 10 CFR part 725, who requires access to
Restricted Data applicable to civil uses of atomic energy for use in
his/her business, trade or profession. 10 CFR part 725 specifies the
terms and conditions under which the Department will issue an access
permit and provides for the amendment, renewal, suspension, termination
and revocation of an access permit.
The regulations in 10 CFR part 1016 establish requirements for the
safeguarding of Secret and Confidential Restricted Data received or
developed under an access permit. This part does not apply to Top
Secret information because no such information may be provided to an
access permittee within the scope of this regulation. The regulations
in this part apply to all persons who may require access to Restricted
Data used, processed, stored, reproduced, transmitted, or handled in
connection with an access permit.
The original regulations for the safeguarding of Restricted Data
were Atomic Energy Commission regulations that were transferred to the
Energy Research and Development Administration (ERDA) upon its
formation in 1974 (Energy Reorganization Act of 1974; Pub. L. 93-438).
The regulations were subsequently revised to conform to ERDA's
organization (41 FR 56775, 56785-56788, Dec. 30, 1976). The regulations
were updated and transferred from 10 CFR part 795 to 10 CFR part 1016
in 1983. (48 FR 36432 (Aug. 10, 1983). DOE has developed the proposed
modifications to 10 CFR part 1016 to reflect organizational,
terminology and policy changes that have occurred since the regulations
were last revised.
The proposed modifications to the sections of 10 CFR part 1016 that
DOE proposes to amend are described in the Section by Section Analysis
in section II.
[[Page 80613]]
II. Section by Section Analysis
The heading for this part would be revised to Safeguarding of
Restricted Data by Access Permittees. The revision is intended to more
accurately reflect the contents of the regulation.
Subpart A--General
In Sec. 1016.3, Definitions, DOE proposes to delete the term
``Authorized classifier''. Instead, 10 CFR part 1045 would be
referenced as the source of classification requirements.
The terms ``Document'', ``Material'' and ``Matter'' would be
deleted because they are not used in any unique way in this regulation.
The access authorization terms Q, Q(X), L and L(X) would be updated
to specify the type of background investigation required. For example,
single scope background investigations are required for Q access
authorizations.
The term ``classified mail address'' would be revised for better
grammar.
The term ``classified matter'' would be revised to include all
documents, material, electronic media and other physical forms that
reveal or contain classified information.
The term ``infraction'' would be revised to include non-compliance
with DOE approvals.
The term ``intrusion alarm'' would be revised to ``intrusion
detection system'' and updated for more accurate usage consistent with
current DOE policy.
The term ``National Security Information'' would be revised for
consistency with Executive Order 13526, Classified National Security
Information.
The term ``Security Plan'' would be revised to clarify that matter
refers to classified matter.
Proposed changes for Sec. 1016.4 would revise the addressee from
the ``Chief Health, Safety and Security Officer'', to the ``Associate
Under Secretary of Environment, Health, Safety and Security'' to
address a recent reorganization.
Proposed changes for Sec. 1016.5 would require that procedures
submitted pursuant to this section ensure that access permit holder
employees are informed about classification and declassification
requirements in 10 CFR part 1045.
DOE proposes to change the title of Sec. 1016.8 to clarify the
section topic.
The proposed changes for Sec. 1016.9 and Sec. 1016.10 revise
grammar.
The proposed changes for Sec. 1016.11 would revise ``DOE
Operations Office'' to ``the cognizant DOE office'' to direct
notification to the relevant DOE Element.
The proposed changes for Sec. 1016.12 would update reference to
reflect the proposed renumbering of current Sec. 1016.39.
DOE proposes to renumber Sec. Sec. 1016.21--1016.44 to eliminate
the gaps in section numbering that exist in the current version of this
regulation.
The renumbered Sec. 1016.13, currently Sec. 1016.21, would be
revised to maintain consistency with current national and U.S.
Department of Energy policies that no longer allows storage of
classified matter in a locked steel file cabinet.
Proposed changes to the renumbered Sec. 1016.14, currently Sec.
1016.22, would clarify that a person must have need-to-know in addition
to the appropriate access authorization. This revision does not change
the intent of the requirement for protecting Restricted Data that is in
use.
Proposed changes to the renumbered Sec. 1016.15, currently Sec.
1016.23, would update intrusion detection system terminology consistent
with DOE policy and delete the word ``may''.
Proposed changes to the renumbered Sec. 1016.17, currently Sec.
1016.25, would update the weapon specification to match current DOE
policy. DOE Order 473.3, Protection Program Operations lists DOE-
authorized firearms.
Proposed changes to the renumbered Sec. 1016.18, currently Sec.
1016.31, would apply the need-to-know criterion for Confidential as
well as Secret Restricted Data.
Proposed changes to the renumbered Sec. 1016.19, currently Sec.
1016.32, would align requirements and terminology with 10 CFR part
1045, Nuclear Classification and Declassification. Also, the title
would be changed to more accurately reflect the section and the
``Office of Health, Safety and Security'' would be replaced with
``Office of Environment, Health, Safety and Security''.
Proposed changes to the renumbered Sec. 1016.20, currently Sec.
1016.33, would specify need-to-know as a basic criteria for determining
access; indicate required approvals and remove the telephone statement
because it is a subset of the telecommunication statement.
Proposed changes to the renumbered Sec. 1016.21, currently Sec.
1016.34, would reflect that classified matter (including matter in
electronic format) containing Secret Restricted Data requires
accountability.
Proposed changes to the renumbered Sec. 1016.23, currently Sec.
1016.36, would make changes in classification subject to the
requirements in 10 CFR part 1045, Nuclear Classification and
Declassification.
Proposed changes to the renumbered Sec. 1016.24, currently Sec.
1016.37, would amend the title to replace ``documents or material''
with ``classified matter'' and would delete provisions that are
duplicative with the renumbered Sec. 1016.21 regarding accountability
of classified matter that contains Restricted Data.
Proposed new Sec. 1016.25, Storage, use, processing, transmission
and destruction of classified information on computers, computer
networks, electronic devices/media, and mobile devices, would be added
to include additional direction regarding newer forms of media
(electronic) that may contain Restricted Data.
Proposed changes to the renumbered Sec. 1016.27, currently Sec.
1016.39 would clarify that termination of the security facility
approval will be in accordance with the requirements in this part.
Proposed changes to the renumbered Sec. 1016.31, currently Sec.
1016.43, would update the reference to Executive Order 13526.
Throughout the proposed changes, the term ``classified matter'' is
used so as to include documents and material.
III. Rulemaking Requirements
A. Review Under Executive Order 12866
This action does not constitute a ``significant regulatory action''
as defined in section 3(f) of Executive Order 12866, ``Regulatory
Planning and Review'' (58 FR 51735).
B. Review Under the Regulatory Flexibility Act
The Regulatory Flexibility Act (5 U.S.C. 601 et seq.) requires
preparation of a regulatory flexibility analysis for any rule that by
law must be proposed for public comment, unless the agency certifies
that the rule, if promulgated, will not have a significant economic
impact on a substantial number of small entities. As required by
Executive Order 13272, ``Proper Consideration of Small Entities in
Agency Rulemaking'' (67 FR 53461, Aug. 16, 2002), DOE published
procedures and policies on February 19, 2003, to ensure that the
potential impacts of its rules on small entities are properly
considered during the rulemaking process. DOE has made its procedures
and policies available on the Office of the General Counsel's Web site
(www.gc.doe.gov).
DOE has reviewed this proposed rule under the Regulatory
Flexibility Act and certifies that, if adopted, the rule would not have
a significant impact on a substantial number of small entities. This
proposed action would amend an existing rule which establishes
[[Page 80614]]
safeguarding of Restricted Data by persons granted an Access Permit
according to 10 CFR part 725. The rule would only apply to Access
Permittees, of which there are historically very few (e.g., between
zero and five), and the proposed changes are administrative changes
(such as renumbering of several parts and changing office names to
reflect a recent reorganization), updates to enable consistency with
current policies and practices, and clarification of requirements.
Because these standards and requirements consist of clarifications
and updates to existing standards and requirements, DOE does not expect
that the impact on any Access Permittees would be significant. DOE
seeks comment on its estimate of the number of small entities and the
expected effects of this proposed rule.
For the above reasons, DOE certifies that the proposed rule, if
adopted, will not have a significant economic impact on a substantial
number of small entities.
C. Review Under Paperwork Reduction Act
This proposed rule does not contain a collection of information
subject to OMB approval under the Paperwork Reduction Act.
D. Review Under the National Environmental Policy Act
This proposed rule amends existing policies and procedures
establishing safeguarding of Restricted Data standards and requirements
for Access Permittees and has no significant environmental impact.
Consequently, the Department has determined that this rule is covered
under Categorical Exclusion A-5, of Appendix A to Subpart D, 10 CFR
part 1021, which applies to a rulemaking that addresses amending an
existing rule or regulation that does not change the environmental
effect of the rule or regulation being amended. Accordingly, neither an
environmental assessment nor an environmental impact statement is
required.
E. Review Under Executive Order 13132
Executive Order 13132, ``Federalism,'' (64 FR 43255, August 4,
1999), imposes certain requirements on agencies formulating and
implementing policies or regulations that preempt State law or that
have federalism implications. Agencies are required to develop a formal
process to ensure meaningful and timely input by State and local
officials in the development of regulatory policies that have
``federalism implications.'' Policies that have federalism implications
are defined in the Executive Order to include regulations that have
``substantial direct effects on the States, on the relationship between
the national government and the States, or on the distribution of power
and responsibilities among the various levels of government.'' On March
7, 2011, DOE published a statement of policy describing the
intergovernmental consultation process it will follow in the
development of such regulations (65 FR 13735, March 14, 2000).
DOE has examined the proposed and revised rule and has determined
that it does not have a substantial direct effect on the States, on the
relationship between the national government and the States, or on the
distribution of power and responsibilities among the various levels of
government. No further action is required by Executive Order 13132.
F. Review Under Executive Order 12988
Section 3 of Executive Order 12988, (61 FR 4729, February 7, 1996),
instructs each agency to adhere to certain requirements in promulgating
new regulations. These requirements, set forth in section 3(a) and (b),
include eliminating drafting errors and needless ambiguity, drafting
the regulations to minimize litigation, providing clear and certain
legal standards for affected legal conduct, and promoting
simplification and burden reduction. Agencies are also instructed to
make every reasonable effort to ensure that the regulation describes
any administrative proceeding to be available prior to judicial review
and any provisions for the exhaustion of administrative remedies. The
Department has determined that this regulatory action meets the
requirements of section 3(a) and (b) of Executive Order 12988.
G. Review Under the Unfunded Mandates Reform Act of 1995
Title II of the Unfunded Mandates Reform Act of 1995 (UMRA)
requires each Federal agency to assess the effects of Federal
regulatory action on state, local and tribal governments and the
private sector. For proposed regulatory actions likely to result in a
rule that may cause expenditures by State, local, and Tribal
governments, in the aggregate, or by the private sector of $100 million
or more in any one year (adjusted annually for inflation), section 202
of UMRA requires a Federal agency to publish estimates of the resulting
costs, benefits, and other effects on the national economy. UMRA also
requires Federal agencies to develop an effective process to permit
timely input by elected officers of State, local, and Tribal
governments on a proposed ``significant intergovernmental mandate.'' In
addition, UMRA requires an agency plan for giving notice and
opportunity for timely input to small governments that may be affected
before establishing a requirement that might significantly or uniquely
affect them. On March 18, 1997, DOE published a statement of policy on
its process for intergovernmental consultation under UMRA (62 FR 12820,
March 18, 1997). (This policy is also available at http://www.gc.doe.gov). This proposed rule contains neither an
intergovernmental mandate, nor a mandate that may result in the
expenditure of $100 million or more in any year, so these requirements
do not apply.
H. Review Under Executive Order 13211
Executive Order 13211, ``Actions Concerning Regulations That
Significantly Affect Energy Supply, Distribution, or Use,'' (66 FR
28355, May 22, 2001) requires Federal agencies to prepare and submit to
the Office of Information and Regulatory Affairs (OIRA), Office of
Management and Budget, a Statement of Energy Effects for any proposed
significant energy action. A ``significant energy action'' is defined
as any action by an agency that promulgates or is expected to lead to
the promulgation of a final rule, and that: (1) Is a significant
regulatory action under Executive Order 12866, or any successor order;
and (2) is likely to have a significant adverse effect on the supply,
distribution, or use of energy; or (3) is designated by the
Administrator of OIRA as a significant energy action. For any proposed
significant energy action, the agency must give a detailed statement of
any adverse effects on energy supply, distribution, or use should the
proposal be implemented, and of reasonable alternates to the action and
their expected benefits on energy supply, distribution, and use.
This proposed rule is not a significant energy action, nor has it
been designated as such by the Administrator of OIRA. Accordingly, DOE
has not prepared a Statement of Energy Effects.
I. Review Under the Treasury and General Government Appropriations Act,
1999
Section 654 of the Treasury and General Government Appropriations
Act, 1999 (Pub. L. 105-277) requires Federal agencies to issue a Family
Policymaking Assessment for any proposed rule or policy that may affect
family well-being. This proposed rule would not have any impact on the
autonomy or integrity of the family as
[[Page 80615]]
an institution. Accordingly, DOE has concluded that it is not necessary
to prepare a Family Policymaking Assessment.
IV. Opportunity for Public Comment
A. Participation in Rulemaking
DOE encourages the maximum level of public participation in this
rulemaking. Interested persons are encouraged to participate in the
public hearings at the times and places indicated at the beginning of
this proposed rulemaking.
DOE has established a period of thirty days following publication
of this proposed rulemaking for persons and organizations to comment.
All public comments, hearing transcripts, and other docket material
will be available for review and copying at the DOE offices at each of
the hearing sites. The docket material will be filed under ``DOE-HQ-
2015-0029-0001.''
B. Written Comment Procedures
Interested persons are invited to participate in this proceeding by
submitting written data, views or arguments with respect to the
subjects set forth in this proposed rulemaking. Instructions for
submitting written comments are set forth at the beginning of this
notice and below. Where possible, comments should identify the specific
section they address.
Comments should be labeled both on the envelope and on the
documents, ``Docket No. DOE-HQ-2015-0029-0001'' and must be received by
the date specified at the beginning of this proposed rulemaking. All
comments and other relevant information received by the date specified
at the beginning of this proposed rulemaking will be considered by DOE
in the subsequent stages of the rulemaking process.
Pursuant to the provisions of 10 CFR part 1004, any person
submitting information or data that is believed to be confidential and
exempt by law from public disclosure should submit one complete copy of
the document and three copies, if possible, from which the information
believed to be confidential has been deleted. DOE will make its own
determination with regard to the confidential status of the information
or data and treat it according to its determination.
C. Public Hearings
The dates, times and places of the public hearings are indicated at
the beginning of this proposed rulemaking. DOE invites any person or
organization who has an interest in these proceedings to make a request
to make an oral presentation at one of the public hearings. Requests
can be phoned in advance to the telephone number indicated at the
beginning of this proposed rulemaking. The person making the request
should provide a telephone number where he or she may be contacted.
DOE reserves the right to schedule the presentations, and to
establish the procedures governing the conduct of the hearings.
A DOE official will be designated to preside at the hearings and
ask questions. Any necessary procedural rules regarding proper conduct
of the hearings will be determined by the presiding official.
Transcripts of the hearings will be made and the entire record of
this rulemaking, including the transcripts, will be retained by DOE and
made available for inspection and copying as provided at the beginning
of this proposed rulemaking as well as being posted on
www.regulations.gov under Docket Number DOE-HQ-2015-0029-0001. Any
person may also purchase a copy of a transcript from the transcribing
reporter.
List of Subjects in 10 CFR Part 1016
Classified information, Nuclear energy, Reporting and recordkeeping
requirements, Security measures.
Issued in Washington, DC, on November 1, 2016.
Matthew B. Moury,
Associate Under Secretary for Environment, Health, Safety and Security.
For the reasons set out in the preamble, DOE proposes to amend part
1016 of title 10 of the Code of Federal Regulations as set forth below:
PART 1016--SAFEGUARDING OF RESTRICTED DATA BY ACCESS PERMITTEES
0
1. The authority citation for part 1016 continues to read as follows:
Authority: Sec. 161i of the Atomic Energy Act of 1954, 68 Stat.
948 (42 U.S.C. 2201).
0
2. The part heading for part 1016 is revised as set forth above.
0
3. Section 1016.3 is amended by:
0
a. Revising paragraph (a).
0
b. Removing paragraphs (c).
0
c. Redesignating paragraphs (d) and (e) as paragraphs (c) and (d),
respectively.
0
d. Revising newly designated paragraphs (c) and (d).
0
e. Redesignating paragraphs (f) and (g) as paragraphs (e) and (f),
respectively.
0
f. Removing paragraph (h).
0
g. Redesignating paragraphs (i) through (k) as paragraphs (g) through
(i), respectively.
0
h. Revising newly designated paragraphs (h) and (i).
0
i. Removing paragraphs (l) and (m).
0
j. Redesignating paragraphs (n) through (z) as paragraphs (j) through
(v), respectively.
0
k. Revising newly designated paragraphs (k) and (u).
The revisions read as follows:
Sec. 1016.3 Definitions.
(a) Access authorization. An administrative determination by DOE
that an individual who is either a DOE employee, applicant for
employment, consultant, assignee, other Federal department or agency
employee (or other persons who may be designated by the Secretary of
Energy), or a DOE contractor or subcontractor employee, or an access
permittee is eligible for access to Restricted Data. Access
authorizations granted by DOE are designated as ``Q,'' ``Q(X),'' ``L,''
or ``L(X).''
(1) ``Q'' access authorizations are based upon single scope
background investigations as set forth in applicable DOE and national-
level directives. They permit an individual who has ``need to know''
access to Top Secret, Secret and Confidential Restricted Data, Formerly
Restricted Data, National Security Information, or special nuclear
material in Category I or II quantities as required in the performance
of duties, subject to additional determination that permitting this
access will not endanger the common defense or national security of the
United States. There may be additional requirements for access to
specific types of RD information.
(2) ``Q(X)'' access authorizations are based upon the same level of
investigation required for a Q access authorization when ``Q'' access
authorizations are granted to access permittees they are identified as
``Q(X)'' access authorizations and, as need-to-know applies, authorize
access only to the type of Secret Restricted Data as specified in the
permit and consistent with appendix A, 10 CFR part 725, ``Categories of
Restricted Data Available.''
(3) ``L'' access authorizations are based upon National Agency
Check with Local Agency Checks and Credit Check background
investigation as set forth in applicable DOE and national-level
directives. They permit an individual who has ``need to know'' access
to Confidential Restricted Data, Secret and Confidential Formerly
Restricted Data, or Secret and Confidential National Security
Information, required in the performance of duties, provided such
information is not designated
[[Page 80616]]
``CRYPTO'' (classified cryptographic information), other classified
communications security (``COMSEC'') information, or intelligence
information and subject to additional determination that permitting
this access will not endanger the common defense or national security
of the United States. There may be additional requirements for access
to specific types of RD information.
(4) ``L(X)'' access authorizations are based upon the same level of
investigation required for an L access authorization When ``L'' access
authorizations are granted to access permittees, they are identified as
``L(X)'' access authorizations and, as need to know applies, authorize
access only to the type of Confidential Restricted Data as specified in
the permit and consistent with appendix A, 10 CFR part 725,
``Categories of Restricted Data Available.''
* * * * *
(c) Classified mail address. A mail address established for each
access permittee and approved by the DOE to be used when sending
Restricted Data to the permittee.
(d) Classified matter. Anything in physical form (including, but
not limited to documents and material) that contains or reveals
classified information.
* * * * *
(h) Infraction. An act or omission involving failure to comply with
DOE safeguards and security orders, directives, or approvals and may
include a violation of law.
(i) Intrusion detection system. A security system consisting of
sensors capable of detecting one or more types of phenomena, signal
media, annunciators, energy sources, alarm assessment systems, and
alarm reporting elements including alarm communications and information
display equipment.
* * * * *
(k) National Security Information. Information that has been
determined pursuant to Executive Order 13526, as amended ``Classified
National Security Information'' or any predecessor or successor order
to require protection against unauthorized disclosure and is marked to
indicate its classified status when in documentary form.
(u) Security Plan. A written plan by the access permittee, and
submitted to the DOE for approval, which outlines the permittee's
proposed security procedures and controls for the protection of
Restricted Data and which includes a floor plan of the area in which
the classified matter is to be used, processed, stored, reproduced,
transmitted, or handled.
* * * * *
0
4. Section 1016.4 is revised to read as follows:
Sec. 1016.4 Communications.
Communications concerning rulemaking, i.e., petition to change part
1016, should be addressed to the Associate Under Secretary, Office of
Environment, Health, Safety and Security, AU-1/Forrestal Building,
Office of Environment, Health, Safety and Security, U.S. Department of
Energy, 1000 Independence Avenue SW., Washington, DC 20585. All other
communications concerning the regulations in this part should be
addressed to the cognizant DOE or National Nuclear Security
Administration (NNSA) office.
0
5. Section 1016.5 is revised to read as follows:
Sec. 1016.5 Submission of procedures by access permit holder.
No access permit holder shall have access to Restricted Data until
he has submitted to the DOE a written statement of his procedures for
the safeguarding of Restricted Data and for the security education of
his employees, and DOE shall have determined and informed the permittee
that his procedures for the safeguarding of Restricted Data are in
compliance with the regulations in this part and that his procedures
for the security education of his employees, who will have access to
Restricted Data, are informed about and understand the regulations in
this part. These procedures must ensure that employees with access to
Restricted Data are informed about and understand who is authorized or
required to classify and declassify RD and FRD information and
classified matter as well as how documents containing RD or FRD are
marked (see 10 CFR part 1045) and safeguarded.
0
6. The section heading for Sec. 1016.8 is revised to read as follows:
Sec. 1016.8 Request for security facility approval.
0
7. Section 1016.9 is revised to read as follows:
Sec. 1016.9 Processing security facility approval.
Following receipt of an acceptable request for security facility
approval, the DOE will perform an initial security survey of the
permittee's facility to determine that granting a security facility
approval would be consistent with the national security. If DOE makes
such a determination, security facility approval will be granted. If
not, security facility approval will be withheld pending compliance
with the security survey recommendations or until a waiver is granted
pursuant to Sec. 1016.6 of this part.
0
8. Section 1016.10 is revised to read as follows:
Sec. 1016.10 Granting, denial, or suspension of security facility
approval.
Notification of the DOE's granting, denial, or suspension of
security facility approval will be furnished the permittee in writing,
or orally with written confirmation. This information may also be
furnished to representatives of the DOE, DOE contractors, or other
Federal agencies having a need to transmit Restricted Data to the
permittee.
0
9. Section 1016.11 is revised to read as follows:
Sec. 1016.11 Cancellation of requests for security facility
approval.
When a request for security facility approval is to be withdrawn or
cancelled, the cognizant DOE Office will be notified by the requester
immediately by telephone and confirmed in writing so that processing of
this approval may be terminated.
0
10. Section 1016.12 is revised to read as follows:
Sec. 1016.12 Termination of security facility approval.
Security facility approval will be terminated when:
(a) There is no longer a need to use, process, store, reproduce,
transmit, or handle Restricted Data at the facility; or
(b) The DOE makes a determination that continued security facility
approval is not in the interest of common defense and security.
The permittee will be notified in writing of a determination to
terminate facility approval, and the procedures outlined in Sec.
1016.27 of this part will apply.
Sec. Sec. 1016.21 through 1016.23 [Redesignated as Sec. Sec. 1016.13
through 1016.15]
0
11. Sections 1016.21 through 1016.23 are redesignated as Sec. Sec.
1016.13 through 1016.15 and revised to read as follows:
Sec. 1016.13 Protection of Restricted Data in storage.
(a) Persons who possess Restricted Data pursuant to an Access
Permit shall store the Restricted Data classified matter when not in
use in a locked storage container or DOE-approved vault to which only
persons with appropriate access authorization and a need to know the
information contained have access. Storage containers used for storing
classified matter must conform to U.S. General Services Administration
(GSA) standards and specifications.
[[Page 80617]]
(b) Changes of combination: Each permittee shall change the
combination on locks of his safekeeping equipment whenever such
equipment is placed in use, whenever an individual knowing the
combination no longer requires access to the repository as a result of
change in duties or position in the permittee's organization, or
termination of employment with the permittee or whenever the
combination has been subjected to compromise, and in any event at least
once a year. Permittees shall classify records of combinations no lower
than the highest classification of the classified matter authorized for
storage in the safekeeping equipment concerned.
Sec. 1016.14 Protection of Restricted Data while in use.
While in use, classified matter containing Restricted Data shall be
under the direct control of a person with the appropriate access
authorization and need to know. Unauthorized access to the Restricted
Data shall be precluded.
Sec. 1016.15 Establishment of security areas.
(a) When, because of their nature or size, it is impracticable to
safeguard classified matter containing Restricted Data in accordance
with the provisions of Sec. Sec. 1016.13 and 1016.14, a security area
to protect such classified matter shall be established.
(b) The following controls shall apply to security areas:
(1) Security areas shall be separated from adjacent areas by a
physical barrier designed to prevent entrance into such areas, and
access to the Restricted Data within the areas, by unauthorized
individuals.
(2) During working hours, admittance shall be controlled by an
appropriately cleared individual posted at each unlocked entrance.
(3) During nonworking hours, admittance shall be controlled by
protective personnel on patrol, with protective personnel posted at
unlocked entrances, or by such intrusion detection system as DOE
approves.
(4) Each individual authorized to enter a security area shall be
issued a distinctive badge or pass when the number of employees
assigned to the area exceeds thirty.
Sec. 1016.24 [Redesignated as Sec. 1016.16]
0
12. Section 1016.24 is redesignated as Sec. 1016.16.
Sec. 1016.25 [Redesignated as Sec. 1016.17]
0
13. Section 1016.25 is redesignated as Sec. 1016.17 and revised to
read as follows:
Sec. 1016.17 Protective personnel.
Whenever armed protective personnel are required in accordance with
Sec. 1016.15, such protective personnel shall:
(a) Possess a ``Q'' or ``L'' access authorization or ``Q(X)'' or
``L(X)'' access authorization if the Restricted Data being protected is
classified Confidential, or a ``Q'' access authorization or ``Q(X)''
access authorization if the Restricted Data being protected is
classified Secret.
(b) Be armed with sidearms of 9mm or greater.
Sec. Sec. 1016.31 through 1016.34 [Redesignated as Sec. Sec. 1016.18
through 1016.21]
0
14. Sections 1016.31 through 1016.34 are redesignated as Sec. Sec.
1016.18 through 1016.21 and revised to read as follows:
Sec. 1016.18 Access to Restricted Data.
(a) Except as DOE may authorize, no person subject to the
regulations in this part shall permit any individual to have access to
Restricted Data in his possession unless the individual has an
appropriate access authorization granted by DOE, or has been certified
by DOD or NASA through DOE, and;
(1) The individual is authorized by an Access Permit to receive
Restricted Data in the categories involved and the permittee determines
that such access is required in the course of his duties, or
(2) The individual needs such access in connection with such duties
as a DOE employee or DOE contractor employee, or as certified by DOD or
NASA.
(b) Inquiries concerning the access authorization status of
individuals, the scope of Access Permits, or the nature of contracts
should be addressed to the cognizant DOE or NNSA office.
Sec. 1016.19 Review, classification and marking of classified
information.
(a) Classification. Restricted Data generated or possessed by an
Access Permit holder must be appropriately classified and marked in
accordance with 10 CFR part 1045 or its successor. CG-DAR-2, ``Guide to
the Declassified Areas of Nuclear Energy Research U 08/98,'' will be
furnished each permittee. In the event a permittee originates
classified information which falls within the definition of Restricted
Data or information for which the permittee is not positive that the
information is outside of that definition and CG-DAR-2 does not provide
positive classification guidance for such information, the permittee
shall designate the information as Confidential, Restricted Data and
request classification guidance from the DOE through the Classification
Officer at the cognizant DOE or NNSA office. If the DOE Classification
Officer does not have authority to provide the guidance, he will refer
the request to the Director, Office of Classification, AU-60/Germantown
Building, Office of Environment, Health, Safety and Security, U.S.
Department of Energy, 1000 Independence Avenue SW., Washington, DC
20585-1290.
(b) Challenges. If a person receives a document or other classified
matter which, in his opinion, is not properly classified, or omits the
appropriate classification markings, he is encouraged to challenge the
classification and there shall be no retribution for submitting a
challenge. Challenges shall be submitted in accordance with 10 CFR part
1045.
(c) Classification markings. Restricted Data generated or possessed
by an individual approved for access must be appropriately identified
and marked in accordance with 10 CFR part 1045, Nuclear Classification
and Declassification. Questions and requests for additional direction
or guidance regarding the marking of classified matter may be submitted
to the Director, Office of Classification, AU-60/Germantown Building,
Office of Environment, Health, Safety and Security, U.S. Department of
Energy, 1000 Independence Avenue SW., Washington, DC 20585-1290
Sec. 1016.20 External transmission of Restricted Data.
(a) Restrictions. (1) Restricted Data shall be transmitted only to
persons who possess appropriate access authorization, need to know, and
are otherwise eligible for access under the requirements of Sec.
1016.18.
(2) In addition, such classified matter containing Restricted Data
shall be transmitted only to persons who possess approved facilities
for their physical security consistent with this part. Any person
subject to the regulations in this part who transmits such Restricted
Data containing Restricted Data shall be deemed to have fulfilled his
obligations under this subparagraph by securing a written certification
from the prospective recipient that such recipient possesses facilities
for its physical security consistent with this part.
(3) Restricted Data shall not be exported from the United States
without prior authorization from DOE.
(b) Preparation of documents. Documents containing Restricted Data
shall be prepared for transmission outside an individual installation
in accordance with the following:
(1) They shall be enclosed in two sealed, opaque envelopes or
wrappers.
[[Page 80618]]
(2) The inner envelope or wrapper shall be addressed in the
ordinary manner and sealed with tape, the appropriate classification
shall be marked on both sides of the envelope, and any additional
marking required by 10 CFR part 1045 shall be applied.
(3) The outer envelope or wrapper shall be addressed in the
ordinary manner. No classification, additional marking, or other
notation shall be affixed which indicates that the document enclosed
therein contains classified information or Restricted Data.
(4) A receipt which identifies the document, the date of transfer,
the recipient, and the person transferring the document shall accompany
the document and shall be signed by the recipient and returned to the
sender whenever the custody of a document containing Secret Restricted
Data is transferred.
(c) Preparation of other classified matter. Classified matter,
other than documents, containing Restricted Data shall be prepared for
shipment outside an individual installation in accordance with the
following:
(1) The classified matter shall be so packaged that the classified
characteristics will not be revealed.
(2) A receipt which identifies the classified matter, the date of
shipment, the recipient, and the person transferring the classified
matter shall accompany the classified matter, and the recipient shall
sign such receipt whenever the custody of classified matter containing
Secret Restricted Data is transferred.
(d) Methods of transportation. (1) Secret classified matter shall
be transported only by one of the following methods:
(i) By messenger-courier system specifically created for that
purpose and approved for use by DOE.
(ii) Registered mail.
(iii) By protective services provided by United States air or
surface commercial carriers under such conditions as may be preserved
by the DOE.
(iv) Individuals possessing appropriate DOE access authorization
who have been given written authority by their employers.
(2) Confidential classified matter may be transported by one of the
methods set forth in paragraph (d)(1) of this section or by U.S. first
class, express, or certified mail.
(e) Telecommunication of classified information. There shall be no
telecommunication of Restricted Data unless the secure
telecommunication system has been approved by the DOE.
Sec. 1016.21 Accountability for Secret Restricted Data.
Each permittee possessing classified matter (including classified
matter in electronic format) containing Secret Restricted Data shall
establish accountability procedures and shall maintain logs to document
access to and record comprehensive disposition information for all such
classified matter that has been in his custody at any time.
Sec. 1016.35 [Redesignated as Sec. 1016.22]
0
15. Section 1016.35 is redesignated as Sec. 1016.22.
Sec. Sec. 1016.36 and 1016.37 [Redesignated as Sec. Sec. 1016.23 and
1016.24]
0
16. Sections 1016.36 and 1016.37 are redesignated as Sec. Sec. 1016.23
and 1016.24 and revised to read as follows:
Sec. 1016.23 Changes in classification.
Classified matter containing Restricted Data shall not be
downgraded or declassified except as authorized by DOE and in
accordance with 10 CFR part 1045.
Sec. 1016.24 Destruction of classified matter containing Restricted
Data.
Documents containing Restricted Data may be destroyed by burning,
pulping, or another method that assures complete destruction of the
information which they contain. Restricted Data contained in classified
matter, other than documents, may be destroyed only by a method that
assures complete obliteration, removal, or destruction of the
Restricted Data.
0
17. Add Sec. 1016.25 to read as follows:
Sec. 1016.25 Storage, use, processing, transmission and destruction
of classified information on computers, computer networks, electronic
devices/media and mobile devices.
Storage, use, processing, and transmission of Restricted Data on
computers, computer networks, electronic devices/media and mobile
devices must be approved by DOE. DOE-approved methods must be used when
destroying classified information that is in electronic format.
Sec. 1016.38 [Redesignated as Sec. 1016.26]
0
18. Section 1016.38 is redesignated as Sec. 1016.26.
Sec. 1016.39 [Redesignated as Sec. 1016.27]
0
19. Section 1016.39 is redesignated as Sec. 1016.27 and revised to
read as follows:
Sec. 1016.27 Termination, suspension, or revocation of security
facility approval.
(a) In accordance with Sec. 1016.12, if the need to use, process,
store, reproduce, transmit, or handle classified matter no longer
exists, the security facility approval will be terminated. The
permittee may deliver all Restricted Data to the DOE or to a person
authorized to receive them; or the permittee may destroy all such
Restricted Data. In either case, the facility must submit a
certification of non-possession of Restricted Data to the DOE.
(b) In any instance where security facility approval has been
suspended or revoked based on a determination of the DOE that further
possession of classified matter by the permittee would endanger the
common defense and national security, the permittee shall, upon notice
from the DOE, immediately deliver all Restricted Data to the DOE along
with a certificate of non-possession of Restricted Data.
Sec. Sec. 1016.40 through 1016.42 [Redesignated as Sec. Sec. 1016.28
through 1016.30]
0
20. Sec. Sec. 1016.40 through 1016.42 are redesignated as Sec. Sec.
1016.28 through 1016.30.
Sec. 1016.43 [Redesignated as Sec. 1016.31]
0
21. Section 1016.43 is redesignated as Sec. 1016.31 and revised to
read as follows:
Sec. 1016.31 Inspections.
The DOE shall make such inspections and surveys of the premises,
activities, records, and procedures of any person subject to the
regulations in this part as DOE deems necessary to effectuate the
purposes of the Act, Executive Order 13526, and DOE orders and
procedures.
Sec. 1016.44 [Redesignated as Sec. 1016.32]
0
22. Section 1016.44 is redesignated as Sec. 1016.32.
[FR Doc. 2016-27414 Filed 11-15-16; 8:45 am]
BILLING CODE 6450-01-P