[Federal Register Volume 60, Number 76 (Thursday, April 20, 1995)]
[Presidential Documents]
[Pages 19825-19843]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 95-9941]
[[Page 19823]]
_______________________________________________________________________
Part IV
The President
_______________________________________________________________________
Executive Order 12958--Classified National Security Information
�
�
� Presidential Documents
�
�
��Federal Register / Vol. 60, No. 76 / Thursday, April 20, 1995 /
Presidential Documents��
�____________________________________________________________________
�Title 3--
�The President
[[Page 19825]]
Executive Order 12958 of April 17, 1995
Classified National Security Information
This order prescribes a uniform system for classifying,
safeguarding, and declassifying national security
information. Our democratic principles require that the
American people be informed of the activities of their
Government. Also, our Nation's progress depends on the
free flow of information. Nevertheless, throughout our
history, the national interest has required that
certain information be maintained in confidence in
order to protect our citizens, our democratic
institutions, and our participation within the
community of nations. Protecting information critical
to our Nation's security remains a priority. In recent
years, however, dramatic changes have altered, although
not eliminated, the national security threats that we
confront. These changes provide a greater opportunity
to emphasize our commitment to open Government.
NOW, THEREFORE, by the authority vested in me as
President by the Constitution and the laws of the
United States of America, it is hereby ordered as
follows:
PART 1--ORIGINAL CLASSIFICATION
Section 1.1. Definitions. For purposes of this order:
(a) ``National security''means the national defense
or foreign relations of the United States.
(b) ``Information'' means any knowledge that can be
communicated or documentary material, regardless of its
physical form or characteristics, that is owned by,
produced by or for, or is under the control of the
United States Government. ``Control'' means the
authority of the agency that originates information, or
its successor in function, to regulate access to the
information.
(c) ``Classified national security information''
(hereafter ``classified information'') means
information that has been determined pursuant to this
order or any predecessor order to require protection
against unauthorized disclosure and is marked to
indicate its classified status when in documentary
form.
(d) ``Foreign Government Information'' means:
(1) information provided to the United States
Government by a foreign government or governments, an
international organization of governments, or any
element thereof, with the expectation that the
information, the source of the information, or both,
are to be held in confidence;
(2) information produced by the United States pursuant
to or as a result of a joint arrangement with a foreign
government or governments, or an international
organization of governments, or any element thereof,
requiring that the information, the arrangement, or
both, are to be held in confidence; or
(3) information received and treated as ``Foreign
Government Information'' under the terms of a
predecessor order.
(e) ``Classification'' means the act or process by
which information is determined to be classified
information.
(f) ``Original classification'' means an initial
determination that information requires, in the
interest of national security, protection against
unauthorized disclosure. [[Page 19826]]
(g) ``Original classification authority'' means an
individual authorized in writing, either by the
President, or by agency heads or other officials
designated by the President, to classify information in
the first instance.
(h) ``Unauthorized disclosure'' means a
communication or physical transfer of classified
information to an unauthorized recipient.
(i) ``Agency'' means any ``Executive agency,'' as
defined in 5 U.S.C. 105, and any other entity within
the executive branch that comes into the possession of
classified information.
(j) ``Senior agency official'' means the official
designated by the agency head under section 5.6(c) of
this order to direct and administer the agency's
program under which information is classified,
safeguarded, and declassified.
(k) ``Confidential source'' means any individual or
organization that has provided, or that may reasonably
be expected to provide, information to the United
States on matters pertaining to the national security
with the expectation that the information or
relationship, or both, are to be held in confidence.
(l) ``Damage to the national security'' means harm
to the national defense or foreign relations of the
United States from the unauthorized disclosure of
information, to include the sensitivity, value, and
utility of that information.
Sec. 1.2. Classification Standards. (a) Information
may be originally classified under the terms of this
order only if all of the following conditions are met:
(1) an original classification authority is classifying
the information;
(2) the information is owned by, produced by or for, or
is under the control of the United States Government;
(3) the information falls within one or more of the
categories of information listed in section 1.5 of this
order; and
(4) the original classification authority determines
that the unauthorized disclosure of the information
reasonably could be expected to result in damage to the
national security and the original classification
authority is able to identify or describe the damage.
(b) If there is significant doubt about the need to
classify information, it shall not be classified. This
provision does not:
(1) amplify or modify the substantive criteria or
procedures for classification; or
(2) create any substantive or procedural rights subject
to judicial review.
(c) Classified information shall not be
declassified automatically as a result of any
unauthorized disclosure of identical or similar
information.
Sec. 1.3. Classification Levels. (a) Information may be
classified at one of the following three levels:
(1) ``Top Secret'' shall be applied to information, the
unauthorized disclosure of which reasonably could be
expected to cause exceptionally grave damage to the
national security that the original classification
authority is able to identify or describe.
(2) ``Secret'' shall be applied to information, the
unauthorized disclosure of which reasonably could be
expected to cause serious damage to the national
security that the original classification authority is
able to identify or describe.
(3) ``Confidential'' shall be applied to information,
the unauthorized disclosure of which reasonably could
be expected to cause damage to the national security
that the original classification authority is able to
identify or describe.
(b) Except as otherwise provided by statute, no
other terms shall be used to identify United States
classified information.
(c) If there is significant doubt about the
appropriate level of classification, it shall be
classified at the lower level. [[Page 19827]]
Sec. 1.4. Classification Authority. (a) The authority
to classify information originally may be exercised
only by:
(1) the President;
(2) agency heads and officials designated by the
President in the Federal Register; or
(3) United States Government officials delegated this
authority pursuant to paragraph (c), below.
(b) Officials authorized to classify information at
a specified level are also authorized to classify
information at a lower level.
(c) Delegation of original classification
authority.
(1) Delegations of original classification authority
shall be limited to the minimum required to administer
this order. Agency heads are responsible for ensuring
that designated subordinate officials have a
demonstrable and continuing need to exercise this
authority.
(2) ``Top Secret'' original classification authority
may be delegated only by the President or by an agency
head or official designated pursuant to paragraph
(a)(2), above.
(3) ``Secret'' or ``Confidential'' original
classification authority may be delegated only by the
President; an agency head or official designated
pursuant to paragraph (a)(2), above; or the senior
agency official, provided that official has been
delegated ``Top Secret'' original classification
authority by the agency head.
(4) Each delegation of original classification
authority shall be in writing and the authority shall
not be redelegated except as provided in this order.
Each delegation shall identify the official by name or
position title.
(d) Original classification authorities must
receive training in original classification as provided
in this order and its implementing directives.
(e) Exceptional cases. When an employee,
contractor, licensee, certificate holder, or grantee of
an agency that does not have original classification
authority originates information believed by that
person to require classification, the information shall
be protected in a manner consistent with this order and
its implementing directives. The information shall be
transmitted promptly as provided under this order or
its implementing directives to the agency that has
appropriate subject matter interest and classification
authority with respect to this information. That agency
shall decide within 30 days whether to classify this
information. If it is not clear which agency has
classification responsibility for this information, it
shall be sent to the Director of the Information
Security Oversight Office. The Director shall determine
the agency having primary subject matter interest and
forward the information, with appropriate
recommendations, to that agency for a classification
determination.
Sec. 1.5. Classification Categories.
Information may not be considered for classification
unless it concerns:
(a) military plans, weapons systems, or operations;
(b) foreign government information;
(c) intelligence activities (including special
activities), intelligence sources or methods, or
cryptology;
(d) foreign relations or foreign activities of the
United States, including confidential sources;
(e) scientific, technological, or economic matters
relating to the national security;
(f) United States Government programs for
safeguarding nuclear materials or facilities; or
(g) vulnerabilities or capabilities of systems,
installations, projects or plans relating to the
national security.
Sec. 1.6. Duration of Classification. (a) At the time
of original classification, the original classification
authority shall attempt to establish a specific date
[[Page 19828]] or event for declassification based upon
the duration of the national security sensitivity of
the information. The date or event shall not exceed the
time frame in paragraph (b), below.
(b) If the original classification authority cannot
determine an earlier specific date or event for
declassification, information shall be marked for
declassification 10 years from the date of the original
decision, except as provided in paragraph (d), below.
(c) An original classification authority may extend
the duration of classification or reclassify specific
information for successive periods not to exceed 10
years at a time if such action is consistent with the
standards and procedures established under this order.
This provision does not apply to information contained
in records that are more than 25 years old and have
been determined to have permanent historical value
under title 44, United States Code.
(d) At the time of original classification, the
original classification authority may exempt from
declassification within 10 years specific information,
the unauthorized disclosure of which could reasonably
be expected to cause damage to the national security
for a period greater than that provided in paragraph
(b), above, and the release of which could reasonably
be expected to:
(1) reveal an intelligence source, method, or activity,
or a cryptologic system or activity;
(2) reveal information that would assist in the
development or use of weapons of mass destruction;
(3) reveal information that would impair the
development or use of technology within a United States
weapons system;
(4) reveal United States military plans, or national
security emergency preparedness plans;
(5) reveal foreign government information;
(6) damage relations between the United States and a
foreign government, reveal a confidential source, or
seriously undermine diplomatic activities that are
reasonably expected to be ongoing for a period greater
than that provided in paragraph (b), above;
(7) impair the ability of responsible United States
Government officials to protect the President, the Vice
President, and other individuals for whom protection
services, in the interest of national security, are
authorized; or
(8) violate a statute, treaty, or international
agreement.
(e) Information marked for an indefinite duration
of classification under predecessor orders, for
example, ``Originating Agency's Determination
Required,'' or information classified under predecessor
orders that contains no declassification instructions
shall be declassified in accordance with part 3 of this
order.
Sec. 1.7. Identification and Markings. (a) At the time
of original classification, the following shall appear
on the face of each classified document, or shall be
applied to other classified media in an appropriate
manner:
(1) one of the three classification levels defined in
section 1.3 of this order;
(2) the identity, by name or personal identifier and
position, of the original classification authority;
(3) the agency and office of origin, if not otherwise
evident;
(4) declassification instructions, which shall indicate
one of the following:
(A) the date or event for declassification, as
prescribed in section 1.6(a) or section 1.6(c); or
(B) the date that is 10 years from the date of
original classification, as prescribed in section
1.6(b); or
(C) the exemption category from declassification, as
prescribed in section 1.6(d); and
(5) a concise reason for classification which, at a
minimum, cites the applicable classification categories
in section 1.5 of this order. [[Page 19829]]
(b) Specific information contained in paragraph
(a), above, may be excluded if it would reveal
additional classified information.
(c) Each classified document shall, by marking or
other means, indicate which portions are classified,
with the applicable classification level, which
portions are exempt from declassification under section
1.6(d) of this order, and which portions are
unclassified. In accordance with standards prescribed
in directives issued under this order, the Director of
the Information Security Oversight Office may grant
waivers of this requirement for specified classes of
documents or information. The Director shall revoke any
waiver upon a finding of abuse.
(d) Markings implementing the provisions of this
order, including abbreviations and requirements to
safeguard classified working papers, shall conform to
the standards prescribed in implementing directives
issued pursuant to this order.
(e) Foreign government information shall retain its
original classification markings or shall be assigned a
U.S. classification that provides a degree of
protection at least equivalent to that required by the
entity that furnished the information.
(f) Information assigned a level of classification
under this or predecessor orders shall be considered as
classified at that level of classification despite the
omission of other required markings. Whenever such
information is used in the derivative classification
process or is reviewed for possible declassification,
holders of such information shall coordinate with an
appropriate classification authority for the
application of omitted markings.
(g) The classification authority shall, whenever
practicable, use a classified addendum whenever
classified information constitutes a small portion of
an otherwise unclassified document.
Sec. 1.8. Classification Prohibitions and Limitations.
(a) In no case shall information be classified in order
to:
(1) conceal violations of law, inefficiency, or
administrative error;
(2) prevent embarrassment to a person, organization, or
agency;
(3) restrain competition; or
(4) prevent or delay the release of information that
does not require protection in the interest of national
security.
(b) Basic scientific research information not
clearly related to the national security may not be
classified.
(c) Information may not be reclassified after it
has been declassified and released to the public under
proper authority.
(d) Information that has not previously been
disclosed to the public under proper authority may be
classified or reclassified after an agency has received
a request for it under the Freedom of Information Act
(5 U.S.C. 552) or the Privacy Act of 1974 (5 U.S.C.
552a), or the mandatory review provisions of section
3.6 of this order only if such classification meets the
requirements of this order and is accomplished on a
document-by-document basis with the personal
participation or under the direction of the agency
head, the deputy agency head, or the senior agency
official designated under section 5.6 of this order.
This provision does not apply to classified information
contained in records that are more than 25 years old
and have been determined to have permanent historical
value under title 44, United States Code.
(e) Compilations of items of information which are
individually unclassified may be classified if the
compiled information reveals an additional association
or relationship that:
(1) meets the standards for classification under this
order; and
(2) is not otherwise revealed in the individual items
of information.
As used in this order, ``compilation'' means an
aggregation of pre-existing unclassified items of
information. [[Page 19830]]
Sec. 1.9. Classification Challenges. (a) Authorized
holders of information who, in good faith, believe that
its classification status is improper are encouraged
and expected to challenge the classification status of
the information in accordance with agency procedures
established under paragraph (b), below.
(b) In accordance with implementing directives
issued pursuant to this order, an agency head or senior
agency official shall establish procedures under which
authorized holders of information are encouraged and
expected to challenge the classification of information
that they believe is improperly classified or
unclassified. These procedures shall assure that:
(1) individuals are not subject to retribution for
bringing such actions;
(2) an opportunity is provided for review by an
impartial official or panel; and
(3) individuals are advised of their right to appeal
agency decisions to the Interagency Security
Classification Appeals Panel established by section 5.4
of this order.
PART 2--DERIVATIVE CLASSIFICATION
Sec. 2.1. Definitions. For purposes of this order:
(a) ``Derivative classification'' means the
incorporating, paraphrasing, restating or generating in
new form information that is already classified, and
marking the newly developed material consistent with
the classification markings that apply to the source
information. Derivative classification includes the
classification of information based on classification
guidance. The duplication or reproduction of existing
classified information is not derivative
classification.
(b) ``Classification guidance'' means any
instruction or source that prescribes the
classification of specific information.
(c) ``Classification guide'' means a documentary
form of classification guidance issued by an original
classification authority that identifies the elements
of information regarding a specific subject that must
be classified and establishes the level and duration of
classification for each such element.
(d) ``Source document'' means an existing document
that contains classified information that is
incorporated, paraphrased, restated, or generated in
new form into a new document.
(e) ``Multiple sources'' means two or more source
documents, classification guides, or a combination of
both.
Sec. 2.2. Use of Derivative Classification. (a) Persons
who only reproduce, extract, or summarize classified
information, or who only apply classification markings
derived from source material or as directed by a
classification guide, need not possess original
classification authority.
(b) Persons who apply derivative classification
markings shall:
(1) observe and respect original classification
decisions; and
(2) carry forward to any newly created documents the
pertinent classification markings. For information
derivatively classified based on multiple sources, the
derivative classifier shall carry forward:
(A) the date or event for declassification that
corresponds to the longest period of classification
among the sources; and
(B) a listing of these sources on or attached to the
official file or record copy.
Sec. 2.3. Classification Guides. (a) Agencies with
original classification authority shall prepare
classification guides to facilitate the proper and
uniform derivative classification of information. These
guides shall conform to standards contained in
directives issued under this order.
(b) Each guide shall be approved personally and in
writing by an official who:
(1) has program or supervisory responsibility over the
information or is the senior agency official; and
[[Page 19831]]
(2) is authorized to classify information originally at
the highest level of classification prescribed in the
guide.
(c) Agencies shall establish procedures to assure
that classification guides are reviewed and updated as
provided in directives issued under this order.
PART 3--DECLASSIFICATION AND DOWNGRADING
Sec. 3.1. Definitions. For purposes of this order:
(a) ``Declassification'' means the authorized
change in the status of information from classified
information to unclassified information.
(b) ``Automatic declassification'' means the
declassification of information based solely upon:
(1) the occurrence of a specific date or event as
determined by the original classification authority; or
(2) the expiration of a maximum time frame for duration
of classification established under this order.
(c) ``Declassification authority'' means:
(1) the official who authorized the original
classification, if that official is still serving in
the same position;
(2) the originator's current successor in function;
(3) a supervisory official of either; or
(4) officials delegated declassification authority in
writing by the agency head or the senior agency
official.
(d) ``Mandatory declassification review'' means the
review for declassification of classified information
in response to a request for declassification that
meets the requirements under section 3.6 of this order.
(e) ``Systematic declassification review'' means
the review for declassification of classified
information contained in records that have been
determined by the Archivist of the United States
(``Archivist'') to have permanent historical value in
accordance with chapter 33 of title 44, United States
Code.
(f) ``Declassification guide'' means written
instructions issued by a declassification authority
that describes the elements of information regarding a
specific subject that may be declassified and the
elements that must remain classified.
(g) ``Downgrading'' means a determination by a
declassification authority that information classified
and safeguarded at a specified level shall be
classified and safeguarded at a lower level.
(h) ``File series'' means documentary material,
regardless of its physical form or characteristics,
that is arranged in accordance with a filing system or
maintained as a unit because it pertains to the same
function or activity.
Sec. 3.2. Authority for Declassification. (a)
Information shall be declassified as soon as it no
longer meets the standards for classification under
this order.
(b) It is presumed that information that continues
to meet the classification requirements under this
order requires continued protection. In some
exceptional cases, however, the need to protect such
information may be outweighed by the public interest in
disclosure of the information, and in these cases the
information should be declassified. When such questions
arise, they shall be referred to the agency head or the
senior agency official. That official will determine,
as an exercise of discretion, whether the public
interest in disclosure outweighs the damage to national
security that might reasonably be expected from
disclosure. This provision does not:
(1) amplify or modify the substantive criteria or
procedures for classification; or
(2) create any substantive or procedural rights subject
to judicial review.
(c) If the Director of the Information Security
Oversight Office determines that information is
classified in violation of this order, the Director may
require the information to be declassified by the
agency that originated [[Page 19832]] the
classification. Any such decision by the Director may
be appealed to the President through the Assistant to
the President for National Security Affairs. The
information shall remain classified pending a prompt
decision on the appeal.
(d) The provisions of this section shall also apply
to agencies that, under the terms of this order, do not
have original classification authority, but had such
authority under predecessor orders.
Sec. 3.3. Transferred Information. (a) In the case of
classified information transferred in conjunction with
a transfer of functions, and not merely for storage
purposes, the receiving agency shall be deemed to be
the originating agency for purposes of this order.
(b) In the case of classified information that is
not officially transferred as described in paragraph
(a), above, but that originated in an agency that has
ceased to exist and for which there is no successor
agency, each agency in possession of such information
shall be deemed to be the originating agency for
purposes of this order. Such information may be
declassified or downgraded by the agency in possession
after consultation with any other agency that has an
interest in the subject matter of the information.
(c) Classified information accessioned into the
National Archives and Records Administration
(``National Archives'') as of the effective date of
this order shall be declassified or downgraded by the
Archivist in accordance with this order, the directives
issued pursuant to this order, agency declassification
guides, and any existing procedural agreement between
the Archivist and the relevant agency head.
(d) The originating agency shall take all
reasonable steps to declassify classified information
contained in records determined to have permanent
historical value before they are accessioned into the
National Archives. However, the Archivist may require
that records containing classified information be
accessioned into the National Archives when necessary
to comply with the provisions of the Federal Records
Act. This provision does not apply to information being
transferred to the Archivist pursuant to section 2203
of title 44, United States Code, or information for
which the National Archives and Records Administration
serves as the custodian of the records of an agency or
organization that goes out of existence.
(e) To the extent practicable, agencies shall adopt
a system of records management that will facilitate the
public release of documents at the time such documents
are declassified pursuant to the provisions for
automatic declassification in sections 1.6 and 3.4 of
this order.
Sec. 3.4. Automatic Declassification. (a) Subject to
paragraph (b), below, within 5 years from the date of
this order, all classified information contained in
records that (1) are more than 25 years old, and (2)
have been determined to have permanent historical value
under title 44, United States Code, shall be
automatically declassified whether or not the records
have been reviewed. Subsequently, all classified
information in such records shall be automatically
declassified no longer than 25 years from the date of
its original classification, except as provided in
paragraph (b), below.
(b) An agency head may exempt from automatic
declassification under paragraph (a), above, specific
information, the release of which should be expected
to:
(1) reveal the identity of a confidential human source,
or reveal information about the application of an
intelligence source or method, or reveal the identity
of a human intelligence source when the unauthorized
disclosure of that source would clearly and
demonstrably damage the national security interests of
the United States;
(2) reveal information that would assist in the
development or use of weapons of mass destruction;
(3) reveal information that would impair U.S.
cryptologic systems or activities;
(4) reveal information that would impair the
application of state of the art technology within a
U.S. weapon system; [[Page 19833]]
(5) reveal actual U.S. military war plans that remain
in effect;
(6) reveal information that would seriously and
demonstrably impair relations between the United States
and a foreign government, or seriously and demonstrably
undermine ongoing diplomatic activities of the United
States;
(7) reveal information that would clearly and
demonstrably impair the current ability of United
States Government officials to protect the President,
Vice President, and other officials for whom protection
services, in the interest of national security, are
authorized;
(8) reveal information that would seriously and
demonstrably impair current national security emergency
preparedness plans; or
(9) violate a statute, treaty, or international
agreement.
(c) No later than the effective date of this order,
an agency head shall notify the President through the
Assistant to the President for National Security
Affairs of any specific file series of records for
which a review or assessment has determined that the
information within those file series almost invariably
falls within one or more of the exemption categories
listed in paragraph (b), above, and which the agency
proposes to exempt from automatic declassification. The
notification shall include:
(1) a description of the file series;
(2) an explanation of why the information within the
file series is almost invariably exempt from automatic
declassification and why the information must remain
classified for a longer period of time; and
(3) except for the identity of a confidential human
source or a human intelligence source, as provided in
paragraph (b), above, a specific date or event for
declassification of the information.
The President may direct the agency head not to exempt
the file series or to declassify the information within
that series at an earlier date than recommended.
(d) At least 180 days before information is
automatically declassified under this section, an
agency head or senior agency official shall notify the
Director of the Information Security Oversight Office,
serving as Executive Secretary of the Interagency
Security Classification Appeals Panel, of any specific
information beyond that included in a notification to
the President under paragraph (c), above, that the
agency proposes to exempt from automatic
declassification. The notification shall include:
(1) a description of the information;
(2) an explanation of why the information is exempt
from automatic declassification and must remain
classified for a longer period of time; and
(3) except for the identity of a confidential human
source or a human intelligence source, as provided in
paragraph (b), above, a specific date or event for
declassification of the information. The Panel may
direct the agency not to exempt the information or to
declassify it at an earlier date than recommended. The
agency head may appeal such a decision to the President
through the Assistant to the President for National
Security Affairs. The information will remain
classified while such an appeal is pending.
(e) No later than the effective date of this order,
the agency head or senior agency official shall provide
the Director of the Information Security Oversight
Office with a plan for compliance with the requirements
of this section, including the establishment of interim
target dates. Each such plan shall include the
requirement that the agency declassify at least 15
percent of the records affected by this section no
later than 1 year from the effective date of this
order, and similar commitments for subsequent years
until the effective date for automatic
declassification.
(f) Information exempted from automatic
declassification under this section shall remain
subject to the mandatory and systematic
declassification review provisions of this order.
[[Page 19834]]
(g) The Secretary of State shall determine when the
United States should commence negotiations with the
appropriate officials of a foreign government or
international organization of governments to modify any
treaty or international agreement that requires the
classification of information contained in records
affected by this section for a period longer than 25
years from the date of its creation, unless the treaty
or international agreement pertains to information that
may otherwise remain classified beyond 25 years under
this section.
Sec. 3.5. Systematic Declassification Review. (a) Each
agency that has originated classified information under
this order or its predecessors shall establish and
conduct a program for systematic declassification
review. This program shall apply to historically
valuable records exempted from automatic
declassification under section 3.4 of this order.
Agencies shall prioritize the systematic review of
records based upon:
(1) recommendations of the Information Security Policy
Advisory Council, established in section 5.5 of this
order, on specific subject areas for systematic review
concentration; or
(2) the degree of researcher interest and the
likelihood of declassification upon review.
(b) The Archivist shall conduct a systematic
declassification review program for classified
information: (1) accessioned into the National Archives
as of the effective date of this order; (2) information
transferred to the Archivist pursuant to section 2203
of title 44, United States Code; and (3) information
for which the National Archives and Records
Administration serves as the custodian of the records
of an agency or organization that has gone out of
existence. This program shall apply to pertinent
records no later than 25 years from the date of their
creation. The Archivist shall establish priorities for
the systematic review of these records based upon the
recommendations of the Information Security Policy
Advisory Council; or the degree of researcher interest
and the likelihood of declassification upon review.
These records shall be reviewed in accordance with the
standards of this order, its implementing directives,
and declassification guides provided to the Archivist
by each agency that originated the records. The
Director of the Information Security Oversight Office
shall assure that agencies provide the Archivist with
adequate and current declassification guides.
(c) After consultation with affected agencies, the
Secretary of Defense may establish special procedures
for systematic review for declassification of
classified cryptologic information, and the Director of
Central Intelligence may establish special procedures
for systematic review for declassification of
classified information pertaining to intelligence
activities (including special activities), or
intelligence sources or methods.
Sec. 3.6. Mandatory Declassification Review. (a) Except
as provided in paragraph (b), below, all information
classified under this order or predecessor orders shall
be subject to a review for declassification by the
originating agency if:
(1) the request for a review describes the document or
material containing the information with sufficient
specificity to enable the agency to locate it with a
reasonable amount of effort;
(2) the information is not exempted from search and
review under the Central Intelligence Agency
Information Act; and
(3) the information has not been reviewed for
declassification within the past 2 years. If the agency
has reviewed the information within the past 2 years,
or the information is the subject of pending
litigation, the agency shall inform the requester of
this fact and of the requester's appeal rights.
(b) Information originated by:
(1) the incumbent President;
(2) the incumbent President's White House Staff;
(3) committees, commissions, or boards appointed by the
incumbent President; or [[Page 19835]]
(4) other entities within the Executive Office of the
President that solely advise and assist the incumbent
President is exempted from the provisions of paragraph
(a), above. However, the Archivist shall have the
authority to review, downgrade, and declassify
information of former Presidents under the control of
the Archivist pursuant to sections 2107, 2111, 2111
note, or 2203 of title 44, United States Code. Review
procedures developed by the Archivist shall provide for
consultation with agencies having primary subject
matter interest and shall be consistent with the
provisions of applicable laws or lawful agreements that
pertain to the respective Presidential papers or
records. Agencies with primary subject matter interest
shall be notified promptly of the Archivist's decision.
Any final decision by the Archivist may be appealed by
the requester or an agency to the Interagency Security
Classification Appeals Panel. The information shall
remain classified pending a prompt decision on the
appeal.
(c) Agencies conducting a mandatory review for
declassification shall declassify information that no
longer meets the standards for classification under
this order. They shall release this information unless
withholding is otherwise authorized and warranted under
applicable law.
(d) In accordance with directives issued pursuant
to this order, agency heads shall develop procedures to
process requests for the mandatory review of classified
information. These procedures shall apply to
information classified under this or predecessor
orders. They also shall provide a means for
administratively appealing a denial of a mandatory
review request, and for notifying the requester of the
right to appeal a final agency decision to the
Interagency Security Classification Appeals Panel.
(e) After consultation with affected agencies, the
Secretary of Defense shall develop special procedures
for the review of cryptologic information, the Director
of Central Intelligence shall develop special
procedures for the review of information pertaining to
intelligence activities (including special activities),
or intelligence sources or methods, and the Archivist
shall develop special procedures for the review of
information accessioned into the National Archives.
Sec. 3.7. Processing Requests and Reviews. In response
to a request for information under the Freedom of
Information Act, the Privacy Act of 1974, or the
mandatory review provisions of this order, or pursuant
to the automatic declassification or systematic review
provisions of this order:
(a) An agency may refuse to confirm or deny the
existence or nonexistence of requested information
whenever the fact of its existence or nonexistence is
itself classified under this order.
(b) When an agency receives any request for
documents in its custody that contain information that
was originally classified by another agency, or comes
across such documents inthe process of the automatic
declassification or systematic review provisions of
this order, it shall refer copies of any request and
the pertinent documents to the originating agency for
processing, and may, after consultation with the
originating agency, inform any requester of the
referral unless such association is itself classified
under this order. In cases in which the originating
agency determines in writing that a response under
paragraph (a), above, is required, the referring agency
shall respond to the requester in accordance with that
paragraph.
Sec. 3.8. Declassification Database. (a) The Archivist
in conjunction with the Director of the Information
Security Oversight Office and those agencies that
originate classified information, shall establish a
Governmentwide database of information that has been
declassified. The Archivist shall also explore other
possible uses of technology to facilitate the
declassification process.
(b) Agency heads shall fully cooperate with the
Archivist in these efforts. [[Page 19836]]
(c) Except as otherwise authorized and warranted by
law, all declassified information contained within the
database established under paragraph (a), above, shall
be available to the public.
PART 4--SAFEGUARDING
Sec. 4.1. Definitions. For purposes of this order: (a)
``Safeguarding'' means measures and controls that are
prescribed to protect classified information.
(b) ``Access'' means the ability or opportunity to
gain knowledge of classified information.
(c) ``Need-to-know'' means a determination made by
an authorized holder of classified information that a
prospective recipient requires access to specific
classified information in order to perform or assist in
a lawful and authorized governmental function.
(d) ``Automated information system'' means an
assembly of computer hardware, software, or firmware
configured to collect, create, communicate, compute,
disseminate, process, store, or control data or
information.
(e) ``Integrity'' means the state that exists when
information is unchanged from its source and has not
been accidentally or intentionally modified, altered,
or destroyed.
(f) ``Network'' means a system of two or more
computers that can exchange data or information.
(g) ``Telecommunications'' means the preparation,
transmission, or communication of information by
electronic means.
(h) ``Special access program'' means a program
established for a specific class of classified
information that imposes safeguarding and access
requirements that exceed those normally required for
information at the same classification level.
Sec. 4.2. General Restrictions on Access. (a) A person
may have access to classified information provided
that:
(1) a favorable determination of eligibility for access
has been made by an agency head or the agency head's
designee;
(2) the person has signed an approved nondisclosure
agreement; and
(3) the person has a need-to-know the information.
(b) Classified information shall remain under the
control of the originating agency or its successor in
function. An agency shall not disclose information
originally classified by another agency without its
authorization. An official or employee leaving agency
service may not remove classified information from the
agency's control.
(c) Classified information may not be removed from
official premises without proper authorization.
(d) Persons authorized to disseminate classified
information outside the executive branch shall assure
the protection of the information in a manner
equivalent to that provided within the executive
branch.
(e) Consistent with law, directives, and
regulation, an agency head or senior agency official
shall establish uniform procedures to ensure that
automated information systems, including networks and
telecommunications systems, that collect, create,
communicate, compute, disseminate, process, or store
classified information have controls that:
(1) prevent access by unauthorized persons; and
(2) ensure the integrity of the information.
(f) Consistent with law, directives, and
regulation, each agency head or senior agency official
shall establish controls to ensure that classified
information is used, processed, stored, reproduced,
transmitted, and destroyed under conditions that
provide adequate protection and prevent access by
unauthorized persons. [[Page 19837]]
(g) Consistent with directives issued pursuant to
this order, an agency shall safeguard foreign
government information under standards that provide a
degree of protection at least equivalent to that
required by the government or international
organization of governments that furnished the
information. When adequate to achieve equivalency,
these standards may be less restrictive than the
safeguarding standards that ordinarily apply to United
States ``Confidential'' information, including allowing
access to individuals with a need-to-know who have not
otherwise been cleared for access to classified
information or executed an approved nondisclosure
agreement.
(h) Except as provided by statute or directives
issued pursuant to this order, classified information
originating in one agency may not be disseminated
outside any other agency to which it has been made
available without the consent of the originating
agency. An agency head or senior agency official may
waive this requirement for specific information
originated within that agency. For purposes of this
section, the Department of Defense shall be considered
one agency.
Sec. 4.3. Distribution Controls. (a) Each agency shall
establish controls over the distribution of classified
information to assure that it is distributed only to
organizations or individuals eligible for access who
also have a need-to-know the information.
(b) Each agency shall update, at least annually,
the automatic, routine, or recurring distribution of
classified information that they distribute. Recipients
shall cooperate fully with distributors who are
updating distribution lists and shall notify
distributors whenever a relevant change in status
occurs.
Sec. 4.4. Special Access Programs. (a) Establishment of
special access programs. Unless otherwise authorized by
the President, only the Secretaries of State, Defense
and Energy, and the Director of Central Intelligence,
or the principal deputy of each, may create a special
access program. For special access programs pertaining
to intelligence activities (including special
activities, but not including military operational,
strategic and tactical programs), or intelligence
sources or methods, this function will be exercised by
the Director of Central Intelligence. These officials
shall keep the number of these programs at an absolute
minimum, and shall establish them only upon a specific
finding that:
(1) the vulnerability of, or threat to, specific
information is exceptional; and
(2) the normal criteria for determining eligibility for
access applicable to information classified at the same
level are not deemed sufficient to protect the
information from unauthorized disclosure; or
(3) the program is required by statute.
(b) Requirements and Limitations. (1) Special
access programs shall be limited to programs in which
the number of persons who will have access ordinarily
will be reasonably small and commensurate with the
objective of providing enhanced protection for the
information involved.
(2) Each agency head shall establish and maintain a
system of accounting for special access programs
consistent with directives issued pursuant to this
order.
(3) Special access programs shall be subject to the
oversight program established under section 5.6(c) of
this order. In addition, the Director of the
Information Security Oversight Office shall be afforded
access to these programs, in accordance with the
security requirements of each program, in order to
perform the functions assigned to the Information
Security Oversight Office under this order. An agency
head may limit access to a special access program to
the Director and no more than one other employee of the
Information Security Oversight Office; or, for special
access programs that are extraordinarily sensitive and
vulnerable, to the Director only.
(4) The agency head or principal deputy shall review
annually each special access program to determine
whether it continues to meet the requirements of this
order. [[Page 19838]]
(5) Upon request, an agency shall brief the Assistant
to the President for National Security Affairs, or his
or her designee, on any or all of the agency's special
access programs.
(c) Within 180 days after the effective date of
this order, each agency head or principal deputy shall
review all existing special access programs under the
agency's jurisdiction. These officials shall terminate
any special access programs that do not clearly meet
the provisions of this order. Each existing special
access program that an agency head or principal deputy
validates shall be treated as if it were established on
the effective date of this order.
(d) Nothing in this order shall supersede any
requirement made by or under 10 U.S.C. 119.
Sec. 4.5. Access by Historical Researchers and Former
Presidential Appointees. (a) The requirement in section
4.2(a)(3) of this order that access to classified
information may be granted only to individuals who have
a need-to-know the information may be waived for
persons who:
(1) are engaged in historical research projects; or
(2) previously have occupied policy-making positions to
which they were appointed by the President.
(b) Waivers under this section may be granted only
if the agency head or senior agency official of the
originating agency:
(1) determines in writing that access is consistent
with the interest of national security;
(2) takes appropriate steps to protect classified
information from unauthorized disclosure or compromise,
and ensures that the information is safeguarded in a
manner consistent with this order; and
(3) limits the access granted to former Presidential
appointees to items that the person originated,
reviewed, signed, or received while serving as a
Presidential appointee.
PART 5--IMPLEMENTATION AND REVIEW
Sec. 5.1. Definitions. For purposes of this order: (a)
``Self-inspection'' means the internal review and
evaluation of individual agency activities and the
agency as a whole with respect to the implementation of
the program established under this order and its
implementing directives.
(b) ``Violation'' means:
(1) any knowing, willful, or negligent action that
could reasonably be expected to result in an
unauthorized disclosure of classified information;
(2) any knowing, willful, or negligent action to
classify or continue the classification of information
contrary to the requirements of this order or its
implementing directives; or
(3) any knowing, willful, or negligent action to create
or continue a special access program contrary to the
requirements of this order.
(c) ``Infraction'' means any knowing, willful, or
negligent action contrary to the requirements of this
order or its implementing directives that does not
comprise a ``violation,'' as defined above.
Sec. 5.2. Program Direction. (a) The Director of the
Office of Management and Budget, in consultation with
the Assistant to the President for National Security
Affairs and the co-chairs of the Security Policy Board,
shall issue such directives as are necessary to
implement this order. These directives shall be binding
upon the agencies. Directives issued by the Director of
the Office of Management and Budget shall establish
standards for:
(1) classification and marking principles;
(2) agency security education and training programs;
(3) agency self-inspection programs; and
(4) classification and declassification guides.
(b) The Director of the Office of Management and
Budget shall delegate the implementation and
monitorship functions of this program to the Director
of the Information Security Oversight Office.
[[Page 19839]]
(c) The Security Policy Board, established by a
Presidential Decision Directive, shall make a
recommendation to the President through the Assistant
to the President for National Security Affairs with
respect to the issuance of a Presidential directive on
safeguarding classified information. The Presidential
directive shall pertain to the handling, storage,
distribution, transmittal, and destruction of and
accounting for classified information.
Sec. 5.3. Information Security Oversight Office. (a)
There is established within the Office of Management
and Budget an Information Security Oversight Office.
The Director of the Office of Management and Budget
shall appoint the Director of the Information Security
Oversight Office, subject to the approval of the
President.
(b) Under the direction of the Director of the
Office of Management and Budget acting in consultation
with the Assistant to the President for National
Security Affairs, the Director of the Information
Security Oversight Office shall:
(1) develop directives for the implementation of this
order;
(2) oversee agency actions to ensure compliance with
this order and its implementing directives;
(3) review and approve agency implementing regulations
and agency guides for systematic declassification
review prior to their issuance by the agency;
(4) have the authority to conduct on-site reviews of
each agency's program established under this order, and
to require of each agency those reports, information,
and other cooperation that may be necessary to fulfill
its responsibilities. If granting access to specific
categories of classified information would pose an
exceptional national security risk, the affected agency
head or the senior agency official shall submit a
written justification recommending the denial of access
to the Director of the Office of Management and Budget
within 60 days of the request for access. Access shall
be denied pending a prompt decision by the Director of
the Office of Management and Budget, who shall consult
on this decision with the Assistant to the President
for National Security Affairs;
(5) review requests for original classification
authority from agencies or officials not granted
original classification authority and, if deemed
appropriate, recommend Presidential approval through
the Director of the Office of Management and Budget;
(6) consider and take action on complaints and
suggestions from persons within or outside the
Government with respect to the administration of the
program established under this order;
(7) have the authority to prescribe, after consultation
with affected agencies, standardization of forms or
procedures that will promote the implementation of the
program established under this order;
(8) report at least annually to the President on the
implementation of this order; and
(9) convene and chair interagency meetings to discuss
matters pertaining to the program established by this
order.
Sec. 5.4. Interagency Security Classification Appeals
Panel.
(a) Establishment and Administration.
(1) There is established an Interagency Security
Classification Appeals Panel (``Panel''). The
Secretaries of State and Defense, the Attorney General,
the Director of Central Intelligence, the Archivist of
the United States, and the Assistant to the President
for National Security Affairs shall each appoint a
senior level representative to serve as a member of the
Panel. The President shall select the Chair of the
Panel from among the Panel members.
(2) A vacancy on the Panel shall be filled as quickly
as possible as provided in paragraph (1), above.
(3) The Director of the Information Security Oversight
Office shall serve as the Executive Secretary. The
staff of the Information Security Oversight Office
shall provide program and administrative support for
the Panel. [[Page 19840]]
(4) The members and staff of the Panel shall be
required to meet eligibility for access standards in
order to fulfill the Panel's functions.
(5) The Panel shall meet at the call of the Chair. The
Chair shall schedule meetings as may be necessary for
the Panel to fulfill its functions in a timely manner.
(6) The Information Security Oversight Office shall
include in its reports to the President a summary of
the Panel's activities.
(b) Functions. The Panel shall:
(1) decide on appeals by persons who have filed
classification challenges under section 1.9 of this
order;
(2) approve, deny, or amend agency exemptions from
automatic declassification as provided in section 3.4
of this order; and
(3) decide on appeals by persons or entities who have
filed requests for mandatory declassification review
under section 3.6 of this order.
(c) Rules and Procedures. The Panel shall issue
bylaws, which shall be published in the Federal
Register no later than 120 days from the effective date
of this order. The bylaws shall establish the rules and
procedures that the Panel will follow in accepting,
considering, and issuing decisions on appeals. The
rules and procedures of the Panel shall provide that
the Panel will consider appeals only on actions in
which: (1) the appellant has exhausted his or her
administrative remedies within the responsible agency;
(2) there is no current action pending on the issue
within the federal courts; and (3) the information has
not been the subject of review by the federal courts or
the Panel within the past 2 years.
(d) Agency heads will cooperate fully with the
Panel so that it can fulfill its functions in a timely
and fully informed manner. An agency head may appeal a
decision of the Panel to the President through the
Assistant to the President for National Security
Affairs. The Panel will report to the President through
the Assistant to the President for National Security
Affairs any instance in which it believes that an
agency head is not cooperating fully with the Panel.
(e) The Appeals Panel is established for the sole
purpose of advising and assisting the President in the
discharge of his constitutional and discretionary
authority to protect the national security of the
United States. Panel decisions are committed to the
discretion of the Panel, unless reversed by the
President.
Sec. 5.5. Information Security Policy Advisory Council.
(a) Establishment. There is established an
Information Security Policy Advisory Council
(``Council''). The Council shall be composed of seven
members appointed by the President for staggered terms
not to exceed 4 years, from among persons whohave
demonstrated interest and expertise in an area related
to the subject matter of this order and are not
otherwise employees of the Federal Government. The
President shall appoint the Council Chair from among
the members. The Council shall comply with the Federal
Advisory Committee Act, as amended, 5 U.S.C. App. 2.
(b) Functions. The Council shall:
(1) advise the President, the Assistant to the
President for National Security Affairs, the Director
of the Office of Management and Budget, or such other
executive branch officials as it deems appropriate, on
policies established under this order or its
implementing directives, including recommended changes
to those policies;
(2) provide recommendations to agency heads for
specific subject areas for systematic declassification
review; and
(3) serve as a forum to discuss policy issues in
dispute.
(c) Meetings. The Council shall meet at least twice
each calendar year, and as determined by the Assistant
to the President for National Security Affairs or the
Director of the Office of Management and Budget.
(d) Administration. [[Page 19841]]
(1) Each Council member may be compensated at a rate of
pay not to exceed the daily equivalent of the annual
rate of basic pay in effect for grade GS-18 of the
general schedule under section 5376 of title 5, United
States Code, for each day during which that member is
engaged in the actual performance of the duties of the
Council.
(2) While away from their homes or regular place of
business in the actual performance of the duties of the
Council, members may be allowed travel expenses,
including per diem in lieu of subsistence, as
authorized by law for persons serving intermittently in
the Government service (5 U.S.C. 5703(b)).
(3) To the extent permitted by law and subject to the
availability of funds, the Information Security
Oversight Office shall provide the Council with
administrative services, facilities, staff, and other
support services necessary for the performance of its
functions.
(4) Notwithstanding any other Executive order, the
functions of the President under the Federal Advisory
Committee Act, as amended, that are applicable to the
Council, except that of reporting to the Congress,
shall be performed by the Director of the Information
Security Oversight Office in accordance with the
guidelines and procedures established by the General
Services Administration.
Sec. 5.6. General Responsibilities. Heads of agencies
that originate or handle classified information shall:
(a) demonstrate personal commitment and commit
senior management to the successful implementation of
the program established under this order;
(b) commit necessary resources to the effective
implementation of the program established under this
order; and
(c) designate a senior agency official to direct
and administer the program, whose responsibilities
shall include:
(1) overseeing the agency's program established under
this order, provided, an agency head may designate a
separate official to oversee special access programs
authorized under this order. This official shall
provide a full accounting of the agency's special
access programs at least annually;
(2) promulgating implementing regulations, which shall
be published in the Federal Register to the extent that
they affect members of the public;
(3) establishing and maintaining security education and
training programs;
(4) establishing and maintaining an ongoing self-
inspection program, which shall include the periodic
review and assessment of the agency's classified
product;
(5) establishing procedures to prevent unnecessary
access to classified information, including procedures
that: (i) require that a need for access to classified
information is established before initiating
administrative clearance procedures; and (ii) ensure
that the number of persons granted access to classified
information is limited to the minimum consistent with
operational and security requirements and needs;
(6) developing special contingency plans for the
safeguarding of classified information used in or near
hostile or potentially hostile areas;
(7) assuring that the performance contract or other
system used to rate civilian or military personnel
performance includes the management of classified
information as a critical element or item to be
evaluated in the rating of: (i) original classification
authorities; (ii) security managers or security
specialists; and (iii) all other personnel whose duties
significantly involve the creation or handling of
classified information; [[Page 19842]]
(8) accounting for the costs associated with the
implementation of this order, which shall be reported
to the Director of the Information Security Oversight
Office for publication; and
(9) assigning in a prompt manner agency personnel to
respond to any request, appeal, challenge, complaint,
or suggestion arising out of this order that pertains
to classified information that originated in a
component of the agency that no longer exists and for
which there is no clear successor in function.
Sec. 5.7. Sanctions. (a) If the Director of the
Information Security Oversight Office finds that a
violation of this order or its implementing directives
may have occurred, the Director shall make a report to
the head of the agency or to the senior agency official
so that corrective steps, if appropriate, may be taken.
(b) Officers and employees of the United States
Government, and its contractors, licensees, certificate
holders, and grantees shall be subject to appropriate
sanctions if they knowingly, willfully, or negligently:
(1) disclose to unauthorized persons information
properly classified under this order or predecessor
orders;
(2) classify or continue the classification of
information in violation of this order or any
implementing directive;
(3) create or continue a special access program
contrary to the requirements of this order; or
(4) contravene any other provision of this order or its
implementing directives.
(c) Sanctions may include reprimand, suspension
without pay, removal, termination of classification
authority, loss or denial of access to classified
information, or other sanctions in accordance with
applicable law and agency regulation.
(d) The agency head, senior agency official, or
other supervisory official shall, at a minimum,
promptly remove the classification authority of any
individual who demonstrates reckless disregard or a
pattern of error in applying the classification
standards of this order.
(e) The agency head or senior agency official
shall:
(1) take appropriate and prompt corrective action when
a violation or infraction under paragraph (b), above,
occurs; and
(2) notify the Director of the Information Security
Oversight Office when a violation under paragraph
(b)(1), (2) or (3), above, occurs.
PART 6--GENERAL PROVISIONS
Sec. 6.1. General Provisions. (a) Nothing in this order
shall supersede any requirement made by or under the
Atomic Energy Act of 1954, as amended, or the National
Security Act of 1947, as amended. ``Restricted Data''
and ``Formerly Restricted Data'' shall be handled,
protected, classified, downgraded, and declassified in
conformity with the provisions of the Atomic Energy Act
of 1954, as amended, and regulations issued under that
Act.
(b) The Attorney General, upon request by the head
of an agency or the Director of the Information
Security Oversight Office, shall render an
interpretation of this order with respect to any
question arising in the course of its administration.
(c) Nothing in this order limits the protection
afforded any information by other provisions of law,
including the exemptions to the Freedom of Information
Act, the Privacy Act, and the National Security Act of
1947, as amended. This order is not intended, and
should not be construed, to create any right or
benefit, substantive or procedural, enforceable at law
by a party against the United States, its agencies,
itsofficers, or its employees. The foregoing is in
addition to the specific provisos set forth in sections
1.2(b), 3.2(b) and 5.4(e) of this
order. [[Page 19843]]
(d) Executive Order No. 12356 of April 6, 1982, is
revoked as of the effective date of this order.
Sec. 6.2. Effective Date. This order shall become
effective 180 days from the date of this order.
(Presidential Sig.)>
THE WHITE HOUSE,
April 17, 1995.
[FR Doc. 95-9941
Filed 4-18-95; 2:04 pm]
Billing code 3195-01-P
