[Federal Register Volume 85, Number 112 (Wednesday, June 10, 2020)]
[Rules and Regulations]
[Pages 35374-35376]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-10248]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

Office of the Secretary

15 CFR Part 4a

[Docket No. 170329327-88116-01]
RIN 0605-AA41


Classification, De-Classification, and Public Availability of 
National Security Information

AGENCY: Office of Security, Department of Commerce.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: This rulemaking updates and clarifies the Secretary of 
Commerce's delegation of authority, consistent with current practice, 
for implementation of the executive order ``Classified National 
Security Information,'' as well as for designations of ``Original 
Classification Authorities,'' prohibitions of further delegation, the 
designation of classification levels and durations of information 
classification, the process for mandatory reviews of information 
subject to declassification, and the process and conditions for 
allowing access to Department of Commerce classified information by 
individuals outside of the Government.

DATES: This rule is effective June 10, 2020.

FOR FURTHER INFORMATION CONTACT: Jason Groves, Information and 
Personnel Security Division, Office of Security, United States 
Department of Commerce, Washington, DC 20230, (202) 482-2685.

SUPPLEMENTARY INFORMATION: Part 4a of title 15 of the Code of Federal 
Regulation establishes responsibility within the Department of Commerce 
for the classification, declassification, and public availability of 
national security information in accordance with applicable executive 
orders. Sections 4a.1, 4a.2, 4a.3 and 4a.5 of part 4a reference 
Executive Order 12958 (E.O. 12958) of April 17, 1995 (60 FR 19825; 
April 20, 1995). However, E.O. 12958 was revoked and replaced by 
Executive Order 13526 (E.O. 13526) on December 29, 2009 (75 FR 707; 
January 5, 2010) (See also, correction of signature date at 75 FR 1013; 
January 8, 2010). This final rule updates and clarifies part 4a by 
deleting all outdated references to E.O. 12958, and, instead, referring 
to the requirements of E.O. 13526. In addition, section 4a.2 lists the 
Deputy Assistant Secretary for Security as the position designated by 
the Secretary of Commerce as being responsible for implementing the 
executive order and

[[Page 35375]]

part 4a. However, the position of Deputy Assistant Secretary no longer 
exists, having been replaced by a Director for Security. The Director 
for Security, a member of the Senior Executive Service, is now 
responsible for these duties. Therefore, this rule also updates part 4a 
by removing all references to ``Deputy Assistant Secretary'' and 
instead, referring to the ``Director for Security'' throughout.
    E.O. 13526. E.O. 12958, which was issued by President Clinton in 
1995, was the first post-Cold War executive order to protect 
information critical to the Nation's security by prescribing a uniform 
system for classifying, safeguarding, and declassifying national 
security information within the Executive Branch. It also provided for 
automatic declassification for information determined to have permanent 
historical value. E.O. 13526, which was issued by President Obama in 
2009, was generally consistent with the previous executive order, but 
it included additional procedural and systemic changes to reinforce the 
concept of openness in government by further promoting the 
declassification and public access to information as soon as national 
security considerations permit. Among other things, E.O. 13526 
established within the National Archives and Records Administration a 
National Declassification Center to streamline the declassification 
process, facilitate quality-assurance measures, and implement 
standardized training regarding the declassification of records 
determined to have permanent historical value. In addition to the 
updates noted above, this final rule makes changes to part 4a to add 
language consistent with requirements set forth in E.O. 13526.

Classification

    This final rule has been determined to be not significant for the 
purposes of review under Executive Order 12866. Prior notice and an 
opportunity for public comment are not necessary, as they are not 
required by the Administrative Procedure Act (APA) for rules concerning 
agency organization, procedure, or practice (5 U.S.C. 553(b)(A)). The 
Department finds good cause to waive the 30-day delay in the date of 
effectiveness because a 30-day delay is unnecessary (5 U.S.C. 
553(d)(3)). This final rule merely updates the regulations to reflect 
the current position title and the requirements of the current, 
applicable executive order. The changes in this final rule are 
consistent with existing policies and procedures. Because notice and 
opportunity for comment are not required pursuant to the APA or any 
other law, the analytical requirements of the Regulatory Flexibility 
Act (5 U.S.C. 601 et seq.) do not apply. Therefore, a regulatory 
flexibility analysis is not required, and none has been prepared.

List of Subjects in 15 CFR Part 4a

    Classified information.

    Dated: April 9, 2020.
Michael Harman,
Assistant Director for Security.

    For the reasons stated in the preamble, 15 CFR part 4a is amended 
as follows:

PART 4a--CLASSIFICATION, DECLASSIFICATION, AND PUBLIC AVAILABILITY 
OF NATIONAL SECURITY INFORMATION

0
1. The authority citation for part 4a is revised to read as follows:

    Authority: E.O. 13526; 75 FR 707, January 5, 2010 (as corrected 
at 75 FR 1013, January 8, 2010).


0
2. Revise Sec.  4a.1 to read as follows:


Sec.  4a.1  General.

    Executive Order 13526 provides the only basis for classifying 
information within the Department of Commerce (Department), except as 
provided in the Atomic Energy Act of 1954, as amended. The Department's 
policy is to make information concerning its activities available to 
the public, consistent with the need to protect the national defense 
and foreign relations of the United States. Accordingly, security 
classification shall be applied only to protect the national security.

0
3. Revise Sec.  4a.2 to read as follows:


Sec.  4a.2  Director for Security.

    The Director for Security is responsible for implementing and 
ensuring compliance with E.O. 13526 and this part.

0
4. Revise Sec.  4a.3 to read as follows:


Sec.  4a.3  Classification levels.

    Information may be classified as national security information by a 
designated original classifier of the Department if it is determined 
the information concerns one or more of the categories described in 
section 1.4 of E.O. 13526. The levels established in section 1.2 of 
E.O. 13526 (Top Secret, Secret, and Confidential) are the only terms 
that may be applied to national security information. Except as 
provided by statute, no other terms shall be used within the Department 
for the three classification levels.

0
5. Revise Sec.  4a.4 to read as follows:


Sec.  4a.4  Classification authority.

    (a) Authority to originally classify information as Secret or 
Confidential may be exercised only by the Secretary of Commerce and by 
officials to whom such authority is specifically delegated. No official 
of the Department is authorized to originally classify information as 
Top Secret.
    (b) In accordance with section 1.3(c)(1) of E.O. 13526, delegations 
of original classification authority shall be limited to the minimum 
required to administer E.O. 13526. The Secretary of Commerce shall 
ensure that designated subordinate officials have a demonstrable and 
continuing need to exercise delegated original classification 
authority.
    (c) In accordance with section 1.3(c)(4) of E.O. 13526, each 
delegation of original classification authority shall be in writing and 
the authority shall not be redelegated except as provided in E.O. 
13526.
    (d) In accordance with section 1.3(c)(4) of E.O. 13526, each 
delegation shall identify the official by name or position.
    (e) In accordance with section 1.3(c)(5) of E.O. 13526, delegations 
of original classification authority shall be reported or made 
available by name or position to the Director of the Information 
Security Oversight Office in the National Archives and Records 
Administration.
    (f) In accordance with section 1.3(d) of E.O. 13526, all original 
classification authorities and their designates shall receive training 
in proper classification (including the avoidance of over-
classification) and declassification as provided in E.O. 13526 and its 
implementing directives at least once a calendar year.

0
6. Revise Sec.  4a.5 to read as follows:


Sec.  4a.5  Duration of classification.

    (a) Information shall remain classified no longer than ten years 
from the date of its original classification, unless, in accordance 
with section 1.5(b) of E.O. 13526, the original classification 
authority otherwise determines that the sensitivity of the information 
requires that it be marked for declassification for up to 25 years from 
the date of the original decision.
    (b) For Department of Commerce originally classified information 
marked for an indefinite duration which contains incomplete 
declassification instructions, or lacks them entirely:
    (1) The information shall be declassified in accordance with E.O. 
13526 as soon as it no longer meets the standards for classification 
under E.O. 13526, or

[[Page 35376]]

    (2) if the standards for classification under E.O. 13526 are met, 
the information shall be declassified after 10 years from the date of 
the original classification, unless the original classification 
authority determines that the sensitivity of the information requires 
that it remain classified for up to 25 years from the date of the 
original classification, as provided in section 1.5.(b) of E.O. 13526.

0
7. Amend Sec.  4a.7 by revising paragraphs (a), (c), (d), and (e) to 
read as follows:


Sec.  4a.7  Mandatory review for declassification.

    (a) Requests. Classified information under the jurisdiction of the 
Department is subject to review for declassification in accordance with 
32 CFR 2001.33, upon receipt of a written request that describes the 
information with sufficient specificity to locate it with a reasonable 
amount of effort. Requests must be submitted to the Director for 
Security, U.S. Department of Commerce, 1401 Constitution Avenue NW, 
Washington, DC 20230.
* * * * *
    (c) Processing requirements. (1) For requests for review of 
classified information not received from the National Archives and 
Records Administration, the Director for Security, or their designate, 
shall acknowledge receipt of the request directly to the requester. If 
a request does not adequately describe the information sought in 
accordance with paragraph (a) of this section, the requester shall be 
notified that unless additional information is provided, no further 
action will be taken. The request shall be forwarded to the component 
that originated the information or that has primary interest in the 
subject matter. The component assigned action shall review the 
information in accordance with Sec.  4a.7(c)(2) through (4) within 
twenty working days.
    (2) The component assigned action shall determine whether, under 
the declassification provisions of the U.S. Department of Commerce's 
Manual of Security, the entire document or portions thereof may be 
declassified. Declassification of the information shall be accomplished 
by a designated declassification authority. Upon declassification, the 
information shall be remarked. If the information is not partially or 
entirely declassified, the reviewing official shall provide the reasons 
for denial by citing the applicable provisions of E.O. 13526. If the 
classification is a derivative decision based on classified source 
material of another Federal agency, the component shall provide the 
information to the originator for review.
    (3) If information is declassified, the component shall also 
determine whether it is releasable under the Freedom of Information Act 
(FOIA) as amended (5 U.S.C. 552). If the information is not releasable, 
the component shall advise the Director for Security that the 
information has been declassified but that it is exempt from 
disclosure, citing the appropriate exemption of the FOIA as amended.
    (4) If the request for declassification is denied in whole or in 
part, the requester shall be notified of the right to appeal the 
determination within sixty calendar days and of the procedures for such 
an appeal. If declassified information remains exempt from disclosure 
under the FOIA as amended, the requester shall be advised of the 
appellate procedures under that law.
    (d) Fees. If the request requires services for which fees are 
chargeable, the component assigned action shall calculate the 
anticipated fees to be charged, and may be required to ascertain the 
requester's willingness to pay the allowable charges as a precondition 
to taking further action on the request, in accordance with Department 
of Commerce rules promulgated under 5 U.S.C. 552(a)(4)(A) of the 
Freedom of Information Act as amended and Department of Commerce rules 
promulgated under 5 U.S.C. 552a(f)(5) of the Privacy Act of 1974 (5 
U.S.C. 552a).
    (e) Right of appeal. (1) A requester may appeal to the Director for 
Security when information requested under this section is not 
completely declassified and released after expiration of the applicable 
time limits. Within thirty working days (i.e., excluding Saturdays, 
Sundays, and legal public holidays) of receipt of a written appeal:
    (i) The Director for Security shall determine whether continued 
classification of the requested information is required in whole or in 
part;
    (ii) If information is declassified, determine whether it is 
releasable under the Freedom of Information Act as amended; and
    (iii) Notify the requester of his or her determination, making 
available any information determined to be releasable. If continued 
classification is required under the provisions of the Department of 
Commerce Manual for Security, the Director for Security shall notify 
the requester of his or her determination, including the reasons for 
denial based on applicable provisions of E.O. 13526, and of the right 
of final appeal to the Interagency Security Classification Appeals 
Panel.
    (2) During the declassification review of information under appeal 
the Director for Security may overrule previous determinations in whole 
or in part if continued protection in the interest of national security 
is no longer required. If the Director for Security determines that the 
information no longer requires classification, it shall be declassified 
and, unless it is otherwise exempt from disclosure under the Freedom of 
Information Act as amended, released to the requester. The Director for 
Security shall advise the original reviewing component of his or her 
decision.

0
8. Amend Sec.  4a.8 by revising paragraph (b)(5) introductory text to 
read as follows:


Sec.  4a.8  Access to classified information by individuals outside the 
Government.

* * * * *
    (b) * * *
    (5) Receives from the Director for Security:
* * * * *
[FR Doc. 2020-10248 Filed 6-9-20; 8:45 am]
BILLING CODE 3510-20-P