[Federal Register Volume 64, Number 62 (Thursday, April 1, 1999)]
[Rules and Regulations]
[Pages 15636-15653]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 99-7842]
=======================================================================
-----------------------------------------------------------------------
NUCLEAR REGULATORY COMMISSION
10 CFR Parts 2, 10, 11, 25, and 95
RIN 3150-AF97
Conformance to National Policies For Access to and Protection of
Classified Information
AGENCY: Nuclear Regulatory Commission.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Nuclear Regulatory Commission (NRC) is amending its
regulations to conform the requirements for the protection of and
access to classified information to new national security policy
documents. This final rule is necessary to ensure that classified
information in the possession of NRC licensees, certificate holders,
and others under the NRC's regulatory requirements is protected in
accordance with current national policies.
EFFECTIVE DATE: May 3, 1999.
FOR FURTHER INFORMATION CONTACT: James J. Dunleavy, Division of
Facilities and Security, Office of Administration, U.S. Nuclear
Regulatory Commission, Washington, DC 20555-0001 telephone (301) 415-
7404, E-mail [email protected]
SUPPLEMENTARY INFORMATION:
I. Background
On August 3, 1998 (63 FR 41206), the NRC published a proposed rule
in the Federal Register to amend 10 CFR parts 10, 11, 25, and 95 to
conform its requirements for the protection of classified Information
at licensee, certificate holder and other facilities to new national
security policy documents. The national requirements for the protection
of and access to classified National Security Information were revised
by the issuance of the
[[Page 15637]]
National Industrial Security Program Operating Manual (NISPOM),
Executive Order 12958, ``Classified National Security Information,''
dated April 17, 1995, and Executive Order 12968, ``Access to Classified
Information,'' dated August 2, 1995. The final rule amends the
provisions of 10 CFR parts 2, 10, 11, 25, and 95 that deal with
requirements for access to and protection of classified information
that have been changed or added by the NISPOM, the executive orders, or
new national guidelines on the scope and adjudication of personnel
security investigations. Specifically, changes include a new definition
in 10 CFR part 10 for the ``Personnel Security Review Panel'' and
revisions to a number of definitions in parts 10, 11, 25, and 95 to
reflect a change in the name of the Division of Security to the
Division of Facilities and Security. Additionally, several changes to
definitions were made to reflect: A change in responsibility for
certain decisions from the Executive Director for Operations to the
Deputy Executive Director for Management Services; revised due process
procedures; a new requirement for a facility clearance for those
licensees or others who require access to classified information at a
facility other than their own; additional information on the scope and
reporting requirements for the Foreign Ownership, Control, or Influence
(FOCI) program; a requirement to resubmit an update to the Security
Practice Procedures Plan every five years; a requirement for a visitor
control program; and greater specificity as to when particular reports
are required.
The rule also adopts new requirements in areas where the executive
orders, the NISPOM, or the adjudicative guidelines require specific
procedures not included in the previous versions of the rules. These
new requirements include: The change to a three member Personnel
Security Review Panel from three Review Examiners, acting individually,
reviewing the record of a case where an individual's eligibility for
access authorization or employment clearance is in question; an
explicit notification that individuals whose eligibility for access
authorization or employment clearance is in question have the right to
be represented by counsel or other representative at their own expense
and that they have a right to the documents, records, and reports which
form the basis for the question of their eligibility to the extent they
are unclassified and do not reveal a confidential source, and to the
entire investigative file, as permitted by national security and other
applicable law; a change to the period between reinvestigations for
``L'' and ``R'' access authorizations from five years to ten years; a
change to the fee schedules of 10 CFR parts 11 and 25 due to a change
in the investigative requirements for ``Q,'' ``L,'' ``U,'' and ``R''
access authorizations; and changing the security classification
markings to conform to Executive Order 12958.
The rule also eliminates the proposed changes to Secs. 25.15 and
95.35 that would have permitted access to most Secret Restricted Data
based on an ``L'' clearance rather than a ``Q'' clearance.
The rule also incorporates a change to Secs. 25.11 and 95.11,
``Specific exemptions,'' to clarify requirements for requesting and
approving exemptions. This change was based on experience with
exemption requests following publication of the proposed rule and is
intended to follow more closely the language of Sec. 50.12, ``Specific
exemptions.''
Finally, the rule amends paragraph 11.15(e)(1) and appendix A to 10
CFR part 25 to reflect recent Office of Personnel Management
investigative cost changes. Most of the changes have resulted in
significant cost decreases for affected parties. For example, the cost
of a single scope background investigation for a ``U'' or ``Q'' access
authorization is reduced from $3275 to $2856. Where costs have
increased, it has been on the order of two to three dollars.
II. Comments on the Proposed Rule
The Commission received three letters commenting on the proposed
rule, one from the U.S. Enrichment Corporation, one from the Department
of Defense (DoD), and one from the Department of Energy (DOE). Copies
of the letters are available for public inspection and copying for a
fee at the Commission's Public Document Room, located at 2120 L Street,
NW. (Lower Level), Washington, DC.
Comments from the USEC
Comment: The commenter provided a comment on 10 CFR 2.790(d),
``Public inspections, exemptions, requests for withholding.'' They
stated that ``10 CFR 2.790(d) now provides for protection of a
licensee's physical security plan and material control and accounting
program documents. It seems appropriate to protect classified matter
protection plans from public disclosure in the same way as physical
security plans and fundamental nuclear material controls plans are
protected.''
Response: Classified matter protection plans have always been
considered as a part of the physical protection plan and have been
protected from public disclosure. NRC, however, has no objection to
clarifying this issue in the rulemaking and has adopted the
recommendation by adding ``classified matter protection'' to
Sec. 2.790(d).
Comment: The commenter recommended that Sec. 11.3 be clarified to
indicate more prominently that the scope of the rule is only applicable
to those licensees who possess formula quantities of strategic special
nuclear material.
Response: Section 11.3 has been modified for clarity.
Comment: The commenter noted that ``As currently described in 10
CFR 95.5, a container must have both a ``Test Certification Label'' and
a ``General Services Administration Approved Security Container''
marking to qualify as a ``Security Container.'' Since either reflects
acceptable qualification, one or the other should be adequate and both
should not be required.''
Response: Section 95.5 has been modified for clarity.
Comment: The commenter stated that ``It is unclear (to USEC) what
constitutes a significant event or change affecting foreign ownership,
control, or influence (FOCI). It is our understanding that the NRC is
responsible for making FOCI determinations. Therefore, the NRC should
establish criteria that licensees and certificate holders can use to
make the determination of what events/changes should be reported to the
NRC. For example, in 10 CFR 95.19(b) the NRC has described what `minor,
non-substantive changes' include.''
Response: The rule language in 10 CFR 95.17 has been modified to
describe the types of significant changes that will require NRC
notification.
Comment: The commenter stated that ``The language of 10 CFR
95.19(a) indicates that any change to the security procedures and
controls would require the certificate holder to obtain prior Cognizant
Security Agency (CSA) approval. The rule, however, only requires prior
approval of substantive changes. Further, the language is inconsistent
with other parts of the regulations with regard to the definition of
``substantive.'' Section 50.54(p)(1), the process followed by the
agency concerning the preparation and maintenance of safeguards
contingency plan procedures for part 50 licensees, describe substantive
changes as those that decrease the effectiveness of the security plan.
Therefore, to (i) clarify that prior approval is only needed for
substantive changes, and (ii) be consistent with other parts of the
regulations, USEC requests that the rule
[[Page 15638]]
language in 10 CFR 95.19(a) be modified. * * *''
Response: It has always been NRC policy that only substantive
changes require prior CSA approval. Section 95.19(a) clearly states,
``Except as specified in paragraph (b) of this section each licensee *
* * shall obtain prior approval * * *.'' Section 95.19(b) states ``A
licensee or other person may effect a minor, non-substantive change to
an approved Standard Practice Procedures Plan for the safeguarding of
classified matter without receiving prior CSA approval * * *.'' The
current language is clear. The examples cited as substantive changes in
Sec. 95.19(a) fully qualify as changes affecting the security of NRC
classified matter. If a licensee were to change a classified mailing
address without notification to the CSA, it is likely that other
facilities would continue to send classified information to the old
classified mailing address which was no longer qualified to receive it.
That would create a serious threat of compromise to the information.
The change to a new location for the approved facility would have
potential major impacts on the security of the classified matter.
Facility approval is granted based on the physical and procedural
safeguards at a given location. If a licensee could move the facility
without prior approval, it would be very similar to granting the right
to initially approve themselves. Therefore these comments have not been
adopted.
Comment: The commenter indicated that ``10 CFR 95.25(i) requires
the inventory of a container found open. Because the NRC does not
require an initial inventory of container contents, it is not clear
what purpose the latter inventory serves. Regulations (10 CFR 95.41)
were revised in 1996 to remove inventory requirements for classified
documents, with the exception of external receipt and dispatch records.
Further, inventories may no longer have much meaning since documents,
computer disks, and other ADP media are easily copied with today's
technology. Finally, 10 CFR 95.25(i) has reporting language that is
unnecessary and should be eliminated. Finding an open security
container would constitute an infraction and would, therefore, be
reportable under 10 CFR 95.57.''
Response: For the reasons cited by the commenter, the rule language
in Section 95.25(i) has been modified to eliminate the requirements for
an inventory and report.
Comment: The commenter stated that ``10 CFR 95.25(j)(7) requires
that keys and spare locks be changed or rotated every 12 months. It is
not clear why locks and keys are treated differently than combinations.
Combinations only require change out if evidence of compromise exists.
Changing locks every 12 months can be an expensive procedure at a large
facility employing several thousand people.'' Because both devices
serve the same purpose (i.e., physical controls which deny access to
classified matter), the commenter believes they should be treated
consistently.
Response: Although the comment is not unreasonable, the national
requirement, as reflected in section 5-310, ``Supervision of Keys and
Padlocks,'' of the NISPOM, is explicit. It states, ``Use of key-
operated padlocks are subject to the following requirements: (i) A key
and lock custodian shall be appointed to ensure proper custody and
handling of keys and locks used for protection of classified material;
* * *; (vii) locks shall be changed or rotated at least annually, and
shall be replaced after loss or compromise of their operable keys; * *
*'' The NRC requirement is a direct implementation of the national
policy.
Comment: The commenter noted that ``10 CFR 95.33(f) provides an
example of the type of refresher briefing that would be appropriate to
meet the requirements of this section, namely, the use of ``audio/video
materials and by issuing written materials.'' The example appears to
preclude written or audio/video by themselves, both of which are
adequate training tools. The commenter requests that the rule language
in 10 CFR 95.33(f) be modified to permit either audio-visual or written
materials.
Response: It has never been NRC's intent to require both audio-
visual and written materials. We agree with the commenter that either
alone, or both together, is an acceptable approach. The paragraph has
been modified to clarify this point.
Comment: The commenter noted that ``10 CFR 95.34(b)(1) requires
that certain information concerning foreign visitors be provided to the
NRC 60 days in advance of the visit. USEC operates a commercial uranium
enrichment facility and already implements a security program which
precludes the dissemination/exposure of classified information to
Foreign Nationals. * * * As a commercial operation with extensive
foreign customers, USEC cannot operate under such conditions. Our
security program has already been reviewed and determined to be
effective in precluding foreign nationals from gaining access to
classified information. Security plans for all visits by foreign
nationals are prepared, maintained, and available for review by the
NRC. In this way, the NRC can still track the movement of foreign
nationals and analyze potential threats. * * * Finally, the retention
period for maintenance of records described in 10 CFR 95.34(b)(2) calls
for five years. It does not appear that this change is related to the
National Industrial Security Program.''
Response: Although the NISPOM requires security controls for
foreign nationals, it does not contain a requirement for a 60-day
advance notification of visits by foreign nationals. NRC agrees that
the proposed 60-day requirement is not needed and that the existing
controls dealing with foreign nationals are adequate. However, the
requirement to maintain the records of these visits for five years is
consistent with the NRC requirements under Sec. 95.36 for the
International Atomic Energy Agency (IAEA) inspectors. NRC has modified
Sec. 95.34 to remove the 60-day notification requirement but is
maintaining the five-year recordkeeping requirement.
Comment: The commenter noted that the proposed changes to
Sec. 95.35 ``. * * * could save hundreds of thousands of dollars by
essentially eliminating the need for ``Q'' clearances at our
facilities. However, USEC clearances are maintained by the DOE and we
are required to follow DOE personnel security regulations per NRC/DOE
agreement. And although the Secretary of Energy signed the National
Industrial Security Program required by Presidential Executive Order,
it should be noted that, DOE's Office of Safeguards and Security does
not endorse this concept. This discrepancy between the two agencies may
result in complications for USEC.''
Response: As noted below, DOE strongly objects to a reduction in
the investigative requirements for access to Secret Restricted Data
until such time as DOE and DoD reconcile their significant differences
in the protection requirements of Secret Restricted Data. Because DOE
rather than NRC maintains security clearances for the commenter, USEC
apparently desires to avoid complications that may result from
differing standards between NRC and DOE. The commenter is the
organization that would be most affected by this change. No other
licensee or certificate holder commented on this change. NRC has
decided to withdraw the proposed change and allow the current
requirements to remain in effect until DOE and DoD reconcile their
significant differences in the protection requirements of Secret
Restricted Data.
Comment: The commenter stated that ``while the proposed regulations
[[Page 15639]]
(Sec. 95.57) should reduce the number of telephonic reports, it will
not decrease the greater administrative burden on the certificate
holder created by the required written reports. NRC should adopt a
reporting system similar to that used by the power reactor industry and
required by 10 CFR 73.71. Specifically, 10 CFR 95.57(a) should explain
what type of event would require a one hour report (similar to 10 CFR
73.71(a)(1)). * * * Similarly, 10 CFR 95.57(b) should be revised to
include those events not rising to the level of events described in 10
CFR 95.57(a). Events involving infractions, losses, or compromises
should be logged for review. All loggable events should be sent to the
NRC on a quarterly basis. * * * The requirement for 30 day written
reports (follow up) should be eliminated for all except one hour
reports. Experience has shown that these follow up reports involve
extensive review by management and are time intensive. By using the
logging process identified in 10 CFR 73.71, the NRC would still receive
written indication of an event for inspection review or follow up. Such
loggable events could show corrective actions or problem report numbers
for further review if desired. Also, the NRC should consider a single
point of contact for reportable events. The proposed reporting
requirements require multiple reports within NRC. * * * Experience has
shown that time delays may occur before the proper NRC individual can
be located. This places severe time constraints on a licensee/
certificate holder who must make a determination for reporting and
notify two separate offices within the NRC of an event. USEC believes
that the criteria for submission of NRC Form 790 more appropriately
belongs in Sec. 95.37, ``Classification and Preparation of Documents.''
Additionally, NRC has changed the requirement for submission of Form
790 from monthly to ``* * * as completed basis or every 30 days.''
Typically, the NRC has used the 30 day time period for submission of
reports or events, not standard document submission. Because USEC files
this form on a regular basis, we prefer to keep the current wording, *
* * on a monthly basis. * * *''
Response: NRC agrees that examples of events requiring one-hour
reporting should be included and Sec. 95.57(a) has been revised to
include these examples. NRC is also amenable to reducing the formal
reporting requirements for security infractions to accommodate the
logging procedure recommended by the commenter. We do not agree that
quarterly reporting is adequate and have changed the rule to provide
for submission of logs on a monthly basis. NRC does not agree that a
single point of contact is practical for events of a high level of
significance (note that we have agreed above to significantly reduce
the number of events that will qualify for one-hour reporting). Because
only truly serious events will now qualify, it is important that both
the CSA and the NRC regional office be notified promptly. This change
has not been adopted. NRC agrees that restoring the reporting
requirement for the NRC Form 790 to ``monthly'' is acceptable and has
so revised Sec. 95.57(c). However, NRC will not remove the ``as
completed'' option for those entities that prefer to submit information
electronically as documents are classified. NRC does not see any
particular advantage to moving the reporting requirement to a different
paragraph and has not adopted that recommendation. The commenter also
provided comments on the NRC document, ``Standard Practice Procedures
Plan Standard Format and Content for the Protection of Classified
Matter for NRC Licensees, Certificate Holder, and Related
Organizations,'' which is not a part of this rulemaking.
Comments From the DoD
Comment: The commenter noted that ``During the development of the
NISPOM, it became necessary to resolve dissimilar requirements for the
handling of RD between the Department of Energy, the Commission, and
this Department. For the past 40+ years, the Defense Department has
successfully handled and stored RD according to its classification
level, protecting SECRET/RD as SECRET national security information. *
* * We have been working to resolve these differing requirements since
1995 * * * and that * * * in the interim, in (their) view * * *
unnecessarily costly background investigations are continuing to be run
in Energy and the Commission for access to the same information that is
accessed based on a lesser investigation in the Defense Department. * *
* Therefore, the Defense Department fully supports Secs. 25.15 and
95.35 of the referenced proposed rule.''
Response: NRC does not have significant numbers of licensee or
certificate holder personnel with ``Q'' clearances. Most of those with
``Q'' clearances are at USEC. USEC commented that a discrepancy between
DOE and NRC personnel security requirements for access to Secret
Restricted Data may result in complications for USEC. As noted above,
NRC has elected not to make these revisions to its rules until DOE and
DoD reconcile their significant differences in the protection
requirements of Secret Restricted Data.
Comments from the Department of Energy (DOE)
Comment: The commenter stated that they ``. * * * have significant
concerns that this rule, if amended as stated in your proposal, will
compromise some of the nations most sensitive nuclear weapons
information. Our position remains unchanged from our comment to the
previous revision to this regulation. During the process of developing
a single security standard for. * * * the protection of classified
information, it was discovered that significant differences existed
between the Department of Energy and the Department of Defense in the
protection of Secret Restricted Data. * * * The two agencies agreed to
work toward a solution. We are still in the process of reconciling
those differences. * * * Neither the NISPOM nor the NISPOM Supplement
allow for access to Secret Restricted Data based on an ``L'' access
authorization. * * * When information is created, there is no
distinction within Secret Restricted Data of ``critical'' or ``nuclear
weapons design, manufacturing, or vulnerability.'' Without the
identification and marking of this type of information, the
implementation of the requirement within NRC would be impossible. If
this requirement were implemented, it poses a potential threat to
Secret Restricted Data, that is, this country's most sensitive weapons
design information being accessed by ``L'' cleared individuals.''
Response: As stated above, because DOE strongly objects to changing
the rule until DOE and DoD reconcile their significant differences in
the protection requirements of Secret Restricted Data, and USEC, the
organization most affected by this aspect of the rule, advised that a
discrepancy between DOE and NRC on this issue may result in
complications for them, NRC has decided not to modify Secs. 25.15 and
95.35 at this time.
III. The Final Rule
With the exception of the items addressed under ``Comments on the
Proposed Rule,'' clarifying changes to Secs. 25.11 and 95.11,
``Specific exemptions,'' a slight change to fees charged for
investigations in Sec. 11.15 and Appendix A to 10 CFR part 25, and
minor editorial and clarifying changes, the final rule is the same as
the proposed rule. The specific changes from the proposed rule are--
[[Page 15640]]
A slight modification to Sec. 2.790(d) to clarify that it
applies to plans for the protection of classified matter;
A modification to Sec. 10.22(d) to clarify what
information may be provided to an individual whose eligibility for
access authorization is in question;
A slight modification to Sec. 11.3 to clarify that it only
applies to facilities posessing formula quantities of strategic special
nuclear material;
A change to the fees charged for personnel security
investigations in Sec. 11.15 and Appendix A to 10 CFR part 25;
Modifications to Secs. 25.11 and 95.11, ``Specific
exemptions,'' to clarify requirements for requesting and approving
exemptions. This change is based on experience with exemption requests
following publication of the proposed rule and more closely follows the
language of Sec. 50.12, ``Specific exemptions.''
The proposed changes to Secs. 25.15 and 95.35 have been
withdrawn;
A clarification of the definition of ``Security
Container'' in Sec. 95.5;
The provision of several examples of what constitutes
``significant events or changes'' affecting the Foreign Ownership,
Control or Influence status of a facility in Sec. 95.17;
Section 95.25(i) has been changed to eliminate the
requirement to inventory the contents of a security container found
open;
Section 95.33 has been changed to permit either audio-
visual or written materials for security education;
Section 95.34 has been changed to eliminate the
requirement for a 60-day advance notice to NRC visits by foreign
nationals; and
Section 95.57 has been changed to provide examples of the
types of events that would require one-hour reporting, to reduce the
number of events requiring one-hour reporting, and to replace some of
the existing reports with a log maintained by a licensee/certificate
holder.
Small Business Regulatory Enforcement Fairness Act
In accordance with the Small Business Regulatory Enforcement
Fairness Act of 1996, the NRC has determined that this action is not a
major rule and has verified this determination with the Office of
Information and Regulatory Affairs of OMB.
Environmental Impact: Categorical Exclusion
The NRC has determined that this final rule is the type of action
described as a categorical exclusion in 10 CFR 51.22(c)(1). Therefore,
neither an environmental impact statement nor an environmental
assessment has been prepared for this final rule.
Paperwork Reduction Act Statement
This final rule amends information collection requirements that are
subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501, et
seq.). These requirements were approved by the Office of Management and
Budget, approval numbers 3150-0046, 3150-0047, 3150-0050, and 3150-
0062. The public reporting burden for this information collection is
estimated to average 12.5 hours per response, including the time for
reviewing instructions, searching existing data sources, gathering and
maintaining the data needed, and completing and reviewing the
information collection. The average burden hours per response for the
proposed rule was estimated at 8.3 hours instead of 7.5 hours because
the recordkeeping hours were not included in the burden estimate. The
final rule burden increase includes the reduction of 8 responses and 4
burden hours because of the deletion of the requirement at 10 CFR
95.34(b)(1) for advance notification of foreign visitors. Send comments
on any aspect of this information collection, including suggestions for
reducing the burden, to the Records Management Branch (T-6 F33), U.S.
Nuclear Regulatory Commission, Washington, DC 20555-0001, or by
Internet electronic mail at [email protected]; and to the Desk Officer,
Office of Information and Regulatory Affairs, NEOB-10202, (3150
-0046, -0047, -0050, and -0062), Office of Management and Budget,
Washington, DC 20503.
Public Protection Notification
If a means used to impose an information collection does not
display a currently valid OMB control number, the NRC may not conduct
or sponsor, and a person is not required to respond to, the information
collection.
Regulatory Analysis
The Commission has prepared a regulatory analysis for this final
regulation. The analysis examines the costs and benefits of the
alternatives considered by the Commission. The analysis is available
for inspection in the NRC Public Document Room, 2120 L Street, NW
(Lower Level), Washington, DC. Single copies of the analysis may be
obtained from James J. Dunleavy, Division of Facilities and Security,
Office of Administration, U. S. Nuclear Regulatory Commission,
Washington, DC 20555, telephone: (301) 415-7404, e-mail: JJD1@nrc.gov.
Regulatory Flexibility Certification
As required by the Regulatory Flexibility Act of 1980, 5 U.S.C.
605(b), the Commission certifies that this rule will not have a
significant economic impact upon a substantial number of small
entities. The NRC carefully considered the effect on small entities in
developing this final rule on the protection of classified information
and has determined that none of the facilities affected by this rule
would qualify as a small entity under the NRC's size standards (10 CFR
2.810).
Backfit Analysis
The NRC has determined that the backfit rules in 10 CFR 50.109 and
76.76 apply to this rulemaking initiative because it falls within the
criteria in 10 CFR 50.109(a)(1) and 76.76(a)(1). However, a backfit
analysis is not required because this rulemaking falls under the 10 CFR
50.109(a)(4)(iii) and 76.76(a)(4)(iii) exceptions for a regulatory
action that involves ``redefining what level of protection to the . . .
common defense and security should be regarded as adequate.''
Furthermore, the NRC has determined that this rulemaking does not
constitute a backfit under the backfit rule in 10 CFR 72.62(a).
List of Subjects
10 CFR Part 2
Administrative practice and procedure, Antitrust, Byproduct
material, Classified information, Environmental protection, Nuclear
material, Nuclear power plants and reactors, Penalties, Sex
discrimination, Source material, Special nuclear material, Waste
treatment and disposal.
10 CFR Part 10
Administrative practice and procedure, Classified information,
Criminal penalties, Investigations, Security measures.
10 CFR Part 11
Hazardous materials--transportation, Investigations, Nuclear
Materials, Reporting and recordkeeping requirements, Security measures,
Special nuclear material.
10 CFR Part 25
Classified information, Criminal penalties, Investigations,
Reporting and recordkeeping requirements, Security measures.
[[Page 15641]]
10 CFR Part 95
Classified information, Criminal penalties, Reporting and
recordkeeping requirements, Security measures.
For the reasons set out in the preamble and under the authority of
the Atomic Energy Act of 1954, as amended; the Energy Reorganization
Act of 1974, as amended; and 5 U.S.C. 553; the NRC is adopting the
following amendments to 10 CFR parts 2, 10, 11, 25, and 95.
PART 2--RULES OF PRACTICE FOR DOMESTIC LICENSING PROCEEDINGS AND
ISSUANCE OF ORDERS
1. The authority citation for part 2 continues to read as follows:
Authority: Secs.161, 181, 68 Stat. 948, 953, as amended (42
U.S.C. 2201, 2231); sec. 191, as amended, Pub. L. 87-615, 76 Stat.
409 (42 U.S.C. 2241); sec. 201, 88 Stat.1242, as amended (42 U.S.C.
5841); 5 U.S.C. 552.
Section 2.101 also issued under secs. 53, 62, 63, 81, 103, 104,
105, 68 Stat. 930, 932, 933, 935, 936, 937, 938, as amended (42
U.S.C. 2073, 2092, 2093, 2111, 2133, 2134, 2135); sec. 114(f), Pub.
L. 97-425, 96 Stat. 2213, as amended (42 U.S.C. 10134(f)); sec. 102,
Pub. L. 91-190, 83 Stat. 853, as amended (42 U.S.C. 4332); sec. 301,
88 Stat. 1248 (42 U.S.C. 5871). Sections 2.102, 2.103, 2.104, 2.105,
2.721 also issued under secs. 102, 103, 104, 105, 183, 189, 68 Stat.
936, 937, 938, 954, 955, as amended (42 U.S.C. 2132, 2133, 2134,
2135, 2233, 2239). Section 2.105 also issued under Pub. L. 97-415,
96 Stat. 2073 (42 U.S.C. 2239). Sections 2.200-2.206 also issued
under secs. 161 b, i, o, 182, 186, 234, 68 Stat. 948-951, 955, 83
Stat. 444, as amended (42 U.S.C. 2201 (b), (i), (o), 2236, 2282);
sec. 206, 88 Stat 1246 (42 U.S.C. 5846). Sections 2.205(j) also
issued under Pub. L. 101-410, 104 Stat. 890, as amended by section
31001(s), Pub. L. 104-134, 110 Stat. 1321-373 (28 U.S.C. 2461 note).
Sections 2.600-2.606 also issued under sec. 102, Pub. L. 91-190, 83
Stat. 853, as amended (42 U.S.C. 4332). Sections 2.700a, 2.719 also
issued under 5 U.S.C. 554. Sections 2.754, 2.760, 2.770, 2.780 also
issued under 5 U.S.C. 557. Section 2.764 also issued under secs.
135, 141, Pub. L. 97-425, 96 Stat. 2232, 2241 (42 U.S.C. 10155,
10161). Section 2.790 also issued under sec. 103, 68 Stat. 936, as
amended (42 U.S.C. 2133) and 5 U.S.C. 552. Sections 2.800 and 2.808
also issued under 5 U.S.C. 553. Section 2.809 also issued under 5
U.S.C. 553 and sec. 29, Pub. L. 85-256, 71 Stat. 579, as amended (42
U.S.C. 2039). Subpart K also issued under sec. 189, 68 Stat. 955 (42
U.S.C. 2239); sec. 134, Pub. L. 97-425, 96 Stat. 2230 (42 U.S.C.
10154). Subpart L also issued under sec. 189, 68 Stat. 955 (42
U.S.C. 2239). Appendix A also issued under sec. 6, Pub. L. 91-560,
84 Stat. 1473 (42 U.S.C. 2135).
2. In Sec. 2.790 paragraph (d)(1) is revised to read as follows:
Sec. 2.790 Public Inspections, exemptions, requests for withholding.
* * * * *
(d) * * *
(1) Correspondence and reports to or from the NRC which contain
information or records concerning a licensee's or applicant's physical
protection, classified matter protection, or material control and
accounting program for special nuclear material not otherwise
designated as Safeguards Information or classified as National Security
Information or Restricted Data.
* * * * *
PART 10--CRITERIA AND PROCEDURES FOR DETERMINING ELIGIBILITY FOR
ACCESS TO RESTRICTED DATA OR NATIONAL SECURITY INFORMATION OR AN
EMPLOYMENT CLEARANCE
3. The authority citation for part 10 is revised to read as
follows:
Authority: Secs. 145, 161, 68 Stat. 942, 948, as amended (42
U.S.C. 2165, 2201); sec. 201, 88 Stat. 1242, as amended (42 U.S.C.
5841); E.O. 10450, 3 CFR parts 1949--1953 COMP., p. 936, as amended;
E.O. 10865, 3 CFR 1959-1963 COMP., p. 398, as amended; 3 CFR Table
4.; E.O. 12968, 3 CFR 1995 COMP., p.396.
4. Section 10.1 is revised to read as follows:
Sec. 10.1 Purpose.
(a) This part establishes the criteria, procedures, and methods for
resolving questions concerning:
(1) The eligibility of individuals who are employed by or
applicants for employment with NRC contractors, agents, and licensees
of the NRC, individuals who are NRC employees or applicants for NRC
employment, and other persons designated by the Deputy Executive
Director for Management Services of the NRC, for access to Restricted
Data pursuant to the Atomic Energy Act of 1954, as amended, and the
Energy Reorganization Act of 1974, or for access to national security
information; and
(2) The eligibility of NRC employees, or the eligibility of
applicants for employment with the NRC, for employment clearance.
(b) This part is published to implement the Atomic Energy Act of
1954, as amended, the Energy Reorganization Act of 1974, as amended,
Executive Order 10865, 25 FR 1583 (February 24, 1960) Executive Order
10450, 18 FR 2489 (April 27, 1954), and Executive Order 12968, 60 FR
40245 (August 2, 1995).
5. In Sec. 10.2, paragraph (d) is revised to read as follows:
Sec. 10.2 Scope.
* * * * *
(d) Any other person designated by the Deputy Executive Director
for Management Services of the Nuclear Regulatory Commission.
6. In Sec. 10.5, the introductory text is removed, the paragraph
designations preceding each of the defined terms are removed, the
definitions are rearranged in alphabetical order, and the definitions
of Access Authorization, Employment Clearance, National Security
Information, are revised and the definition of NRC Personnel Security
Review Panel is added to read as follows:
Sec. 10.5 Definitions.
Access authorization means an administrative determination that an
individual (including a consultant) who is employed by or an applicant
for employment with the NRC, NRC contractors, agents, and licensees of
the NRC, or other person designated by the Deputy Executive Director
for Management Services, is eligible for a security clearance for
access to Restricted Data or National Security Information.
* * * * *
Employment Clearance means an administrative determination that an
individual (including a consultant) who is an NRC employee or applicant
for NRC employment and other persons designated by the Deputy Executive
Director for Management Services of the NRC is eligible for employment
or continued employment pursuant to subsection 145(b) of the Atomic
Energy Act of 1954, as amended.
* * * * *
National Security Information means information that has been
determined pursuant to Executive Order 12958 or any predecessor order
to require protection against unauthorized disclosure and that is so
designated.
* * * * *
NRC Personnel Security Review Panel means an appeal panel appointed
by the Deputy Executive Director for Management Services and consisting
of three members, two of whom shall be selected from outside the
security field. One member of the Panel shall be designated as
Chairman.
* * * * *
7. In Sec. 10.10 the introductory text of paragraph (d) is revised
to read as follows:
Sec. 10.10 Application of the criteria.
* * * * *
(d) In resolving a question concerning the eligibility or continued
eligibility of an individual for access authorization and/or employment
clearance, the
[[Page 15642]]
following principles shall be applied by the Director, Division of
Facilities and Security, Hearing Examiners, and the NRC Personnel
Security Review Panel:
* * * * *
8. In Sec. 10.12, paragraphs (a) and (c) are revised to read as
follows:
Sec. 10.12 Interview and other investigation.
(a) The Director, Division of Facilities and Security, Office of
Administration, may authorize the granting of access authorization and/
or employment clearance on the basis of the information in the
possession of the NRC or may authorize an interview with the
individual, if the individual consents to be interviewed, or other
investigation as the Director deems appropriate. On the basis of this
interview and/or an investigation, the Director may authorize the
granting of access authorization and/or employment clearance.
* * * * *
(c) If the Director, Division of Facilities and Security, cannot
make a favorable finding regarding the eligibility of an individual for
access authorization and/or employment clearance, the question of the
individual's eligibility must be resolved in accordance with the
procedures set forth in Sec. 10.20 et seq.
9. Section 10.20 is revised to read as follows:
Sec. 10.20 Purpose of the procedures.
These procedures establish methods for the conduct of hearings and
administrative review of questions concerning an individual's
eligibility for an access authorization and/or an employment clearance
pursuant to the Atomic Energy Act of 1954, as amended, and Executive
Orders 10450, 10865, and 12968 when a resolution favorable to the
individual cannot be made on the basis of the interview or other
investigation.
10. Section 10.21 is revised to read as follows:
Sec. 10.21 Suspension of access authorization and/or employment
clearance.
In those cases where information is received which raises a
question concerning the continued eligibility of an individual for an
access authorization and/or an employment clearance, the Director,
Division of Facilities and Security, through the Director, Office of
Administration, shall forward to the Deputy Executive Director for
Management Services or other Deputy Executive Director, his or her
recommendation as to whether the individual's access authorization and/
or employment clearance should be suspended pending the final
determination resulting from the operation of the procedures provided
in this part. In making this recommendation the Director, Division of
Facilities and Security, shall consider factors such as the seriousness
of the derogatory information developed, the degree of access of the
individual to classified information, and the individual's opportunity
by reason of his or her position to commit acts adversely affecting the
national security. An individual's access authorization and/or
employment clearance may not be suspended except by the direction of
the Executive Director for Operations, Deputy Executive Director for
Management Services or other Deputy Executive Director.
11. Section 10.22 is revised to read as follows:
Sec. 10.22 Notice to individual.
A notification letter, prepared by the Division of Facilities and
Security, approved by the Office of the General Counsel, and signed by
the Director, Office of Administration, must be presented to each
individual whose eligibility for an access authorization and/or an
employment clearance is in question. Where practicable, the letter will
be presented to the individual in person. The letter will be
accompanied by a copy of this part and must state:
(a) That reliable information in the possession of the NRC has
created a substantial doubt concerning the individual's eligibility for
an access authorization and/or an employment clearance;
(b) The information that creates a substantial doubt regarding the
individual's eligibility for an access authorization and/or an
employment clearance, that must be as comprehensive and detailed as the
national security interests and other applicable law permit;
(c) That the individual has the right to be represented by counsel
or other representative at their own expense;
(d) That the individual may request within 20 days of the date of
the notification letter, any documents, records and reports which form
the basis for the question of their eligibility for an access
authorization and/or an employment clearance. The individual will be
provided within 30 days all such documents, records and reports to the
extent they are unclassified and do not reveal a confidential source.
The individual may also request the entire investigative file, which
will be promptly provided, as permitted by the national security
interests and other applicable law;
(e) That unless the individual files with the Director, Office of
Administration, a written request for a hearing within 20 days of the
individual's receipt of the notification letter or 20 days after
receipt of the information provided in response to a request made under
paragraph (d) of this section, whichever is later, the Director,
Division of Facilities and Security, through the Director, Office of
Administration, will submit a recommendation as to the final action to
the Deputy Executive Director for Management Services on the basis of
the information in the possession of the NRC;
(f) That if the individual files a written request for a hearing
with the Director, Office of Administration, the individual shall file
with that request a written answer under oath or affirmation that
admits or denies specifically each allegation and each supporting fact
contained in the notification letter. A general denial is not
sufficient to controvert a specific allegation. If the individual is
without knowledge, he or she shall so state and that statement will
operate as a denial. The answer must also state any additional facts
and information that the individual desires to have considered in
explanation or mitigation of allegations in the notification letter.
Failure to specifically deny or explain or deny knowledge of any
allegation or supporting fact will be deemed an admission that the
allegation or fact is true.
(g) That if the individual does not want to exercise his or her
right to a hearing, but does want to submit an answer to the
allegations in the notification letter, the individual may do so by
filing with the Director, Office of Administration, within 20 days of
receipt of the notification letter or 20 days after receipt of the
information provided in response to a request made under paragraph (d)
of this section, whichever is later, a written answer in accordance
with the requirements of paragraph (f) of this section;
(h) That the procedures in Sec. 10.24 et seq. will apply to any
hearing and review.
12. In Sec. 10.23, paragraph (a) is revised to read as follows:
Sec. 10.23 Failure of individual to request a hearing.
(a) In the event the individual fails to file a timely written
request for a hearing pursuant to Sec. 10.22, a recommendation as to
the final action to be taken will be made by the Director,
[[Page 15643]]
Division of Facilities and Security, through the Director, Office of
Administration, to the Deputy Executive Director for Management
Services on the basis of the information in the possession of the NRC,
including any answer filed by the individual.
* * * * *
13. In Sec. 10.25, paragraphs (a) and (c) are revised to read as
follows:
Sec. 10.25 NRC Hearing Counsel.
(a) Hearing Counsel assigned pursuant to Sec. 10.24 will, before
the scheduling of the hearing, review the information in the case and
will request the presence of witnesses and the production of documents
and other physical evidence relied upon by the Director, Division of
Facilities and Security, in making a finding that a question exists
regarding the eligibility of the individual for an NRC access
authorization and/or an employment clearance in accordance with the
provisions of this part. When the presence of a witness and the
production of documents and other physical evidence is deemed by the
Hearing Counsel to be necessary or desirable for a determination of the
issues, the Director, Division of Facilities and Security, will make
arrangements for the production of evidence and for witnesses to appear
at the hearing by subpoena or otherwise.
* * * * *
(c) The individual is responsible for producing witnesses in his or
her own behalf and/or presenting other evidence before the Hearing
Examiner to support the individual's answer and defense to the
allegations contained in the notification letter. When requested by the
individual, however, the Hearing Counsel may assist the individual to
the extent practicable and necessary. The Hearing Counsel may at his or
her discretion request the Director, Division of Facilities and
Security, to arrange for the issuance of subpoenas for witnesses to
attend the hearing in the individual's behalf, or for the production of
specific documents or other physical evidence, provided a showing of
the necessity for assistance has been made.
14. In Sec. 10.27 paragraph (c) is revised to read as follows:
Sec. 10.27 Prehearing proceedings.
* * * * *
(c) The parties will be notified by the Hearing Examiner at least
ten days in advance of the hearing of the time and place of the
hearing. For good cause shown, the Hearing Examiner may order
postponements or continuances from time to time. If, after due notice,
the individual fails to appear at the hearing, or appears but is not
prepared to proceed, the Hearing Examiner shall, unless good cause is
shown, return the case to the Director, Division of Facilities and
Security, who shall make a recommendation on final action to be taken,
through the Director, Office of Administration, to the Deputy Executive
Director for Management Services on the basis of the information in the
possession of the NRC.
15. In Sec. 10.28, paragraph (n) is revised to read as follows:
Sec. 10.28 Conduct of hearing.
* * * * *
(n) A written transcript of the entire proceeding must be made by a
person possessing appropriate NRC access authorization and/or
employment clearance and, except for portions containing Restricted
Data or National Security Information, or other lawfully withholdable
information, a copy of the transcript will be furnished the individual
without cost. The transcript or recording will be made part of the
applicant's or employee's personnel security file.
16. Section 10.31 is revised to read as follows:
Sec. 10.31 Actions on the recommendations.
(a) Upon receipt of the findings and recommendation from the
Hearing Examiner, and the record, the Director, Office of
Administration, shall forthwith transmit it to the Deputy Executive
Director for Management Services who has the discretion to return the
record to the Director, Office of Administration, for further
proceedings by the Hearing Examiner with respect to specific matters
designated by the Deputy Executive Director for Management Services.
(b)(1) In the event of a recommendation by the Hearing Examiner
that an individual's access authorization and/or employment clearance
be denied or revoked, the Deputy Executive Director for Management
Services shall immediately notify the individual in writing of the
Hearing Examiner's findings with respect to each allegation contained
in the notification letter, and that the individual has a right to
request a review of his or her case by the NRC Personnel Security
Review Panel and of the right to submit a brief in support of his or
her contentions. The request for a review must be submitted to the
Deputy Executive Director for Management Services within five days
after the receipt of the notice. The brief will be forwarded to the
Deputy Executive Director for Management Services, for transmission to
the NRC Personnel Security Review Panel not later than 10 days after
receipt of the notice.
(2) In the event the individual fails to request a review by the
NRC Personnel Security Review Panel of an adverse recommendation within
the prescribed time, the Deputy Executive Director for Management
Services may at his or her discretion request a review of the record of
the case by the NRC Personnel Security Review Panel. The request will
set forth those matters at issue in the hearing on which the Deputy
Executive Director for Management Services desires a review by the NRC
Personnel Security Review Panel.
(c) Where the Hearing Examiner has made a recommendation favorable
to the individual, the Deputy Executive Director for Management
Services may at his or her discretion request a review of the record of
the case by the NRC Personnel Security Review Panel. If this request is
made, the Deputy Executive Director for Management Services shall
immediately cause the individual to be notified of that fact and of
those matters at issue in the hearing on which the Deputy Executive
Director for Management Services desires a review by the NRC Personnel
Security Review Panel. The Deputy Executive Director for Management
Services will further inform the individual that within 10 days of
receipt of this notice, the individual may submit a brief concerning
those matters at issue for the consideration of the NRC Personnel
Security Review Panel. The brief must be forwarded to the Deputy
Executive Director for Management Services for transmission to the NRC
Personnel Security Review Panel.
(d) In the event of a request for a review pursuant to paragraphs
(b) and (c) of this section, the Hearing Counsel may file a brief
within 10 days of being notified by the Deputy Executive Director for
Management Services that a review has been requested. The brief will be
forwarded to the Deputy Executive Director for Management Services for
transmission to the NRC Personnel Security Review Panel.
(e) The Hearing Counsel may also request a review of the case by
the NRC Personnel Security Review Panel. The request for review, which
will set forth those matters at issue in the hearing on which the
Hearing Counsel desires a review, will be submitted to the Deputy
Director Executive for Management Services within five days after
receipt of the Hearing Examiner's findings and recommendation. Within
10 days of the request for review, the Hearing Counsel may file a brief
which will be forwarded to the Deputy Executive Director for Management
Services for transmission
[[Page 15644]]
to the NRC Personnel Security Review Panel. A copy of the request for
review, and a copy of any brief filed, will be immediately sent to the
individual. If the Hearing Counsel's request is for a review of a
recommendation favorable to the individual, the individual may, within
10 days of receipt of a copy of the request for review, submit a brief
concerning those matters at issue for consideration of the NRC
Personnel Security Review Panel. The brief will be forwarded to the
Deputy Executive Director for Management Services for transmission to
the NRC Personnel Security Review Panel and Hearing Counsel. A copy of
the brief will be made a part of the applicant's personnel security
file.
(f) The time limits imposed by this section for requesting reviews
and the filing of briefs may be extended by the Deputy Executive
Director for Management Services for good cause shown.
(g) In the event a request is made for a review of the record by
the NRC Personnel Security Review Panel, the Deputy Executive Director
for Management Services shall send the record, with all findings and
recommendations and any briefs filed by the individual and the Hearing
Counsel, to the NRC Personnel Security Review Panel. If neither the
individual, the Deputy Executive Director for Management Services, nor
the Hearing Counsel requests a review, the final determination will be
made by the Deputy Executive Director for Management Services on the
basis of the record with all findings and recommendations.
17. Section 10.32 is revised to read as follows:
Sec. 10.32 Recommendation of the NRC Personnel Security Review Panel.
(a) The Deputy Executive Director for Management Services shall
designate an NRC Personnel Security Review Panel to conduct a review of
the record of the case. The NRC Personnel Security Review Panel shall
be comprised of three members, two of whom shall be selected from
outside the security field. To qualify as an NRC Personnel Security
Review Panel member, the person designated shall have an NRC ``Q''
access authorization and may be an employee of the NRC, its
contractors, agents, or licensees. However, no employee or consultant
of the NRC shall serve as an NRC Personnel Security Review Panel member
reviewing the case of an employee (including a consultant) or applicant
for employment with the NRC; nor shall any employee or consultant of an
NRC contractor, agent or licensee serve as an NRC Personnel Security
Review Panel member reviewing the case of an employee (including a
consultant) or an applicant for employment of that contractor, agent,
or licensee. No NRC Personnel Security Review Panel member shall be
selected who has knowledge of the case or of any information relevant
to the disposition of it, or who for any reason would be unable to
issue a fair and unbiased recommendation.
(b) The NRC Personnel Security Review Panel shall consider the
matter under review based upon the record supplemented by any brief
submitted by the individual or the Hearing Counsel. The NRC Personnel
Security Review Panel may request additional briefs as the Panel deems
appropriate. When the NRC Personnel Security Review Panel determines
that additional evidence or further proceedings are necessary, the
record may be returned to the Deputy Executive Director for Management
Services with a recommendation that the case be returned to the
Director, Office of Administration, for appropriate action, which may
include returning the case to the Hearing Examiner and reconvening the
hearing to obtain additional testimony. When additional testimony is
taken by the Hearing Examiner, a written transcript of the testimony
will be made a part of the record and will be taken by a person
possessing an appropriate NRC access authorization and/or employment
clearance and, except for portions containing Restricted Data or
National Security Information, or other lawfully withholdable
information, a copy of the transcript will be furnished the individual
without cost.
(c) In conducting the review, the NRC Personnel Security Review
Panel shall make its findings and recommendations as to the eligibility
or continued eligibility of an individual for an access authorization
and/or an employment clearance on the record supplemented by additional
testimony or briefs, as has been previously determined by the NRC
Personnel Security Review Panel as appropriate.
(d) The NRC Personnel Security Review Panel shall not consider the
possible impact of the loss of the individual's services upon the NRC
program.
(e) If, after considering all the factors in light of the criteria
set forth in this part, the NRC Personnel Security Review Panel is of
the opinion that granting or continuing an access authorization and/or
an employment clearance to the individual will not endanger the common
defense and security and will be clearly consistent with the national
interest, the NRC Personnel Security Review Panel shall make a
favorable recommendation; otherwise, the NRC Personnel Security Review
Panel shall make an adverse recommendation. The NRC Personnel Security
Review Panel shall prepare a report of its findings and recommendations
and submit the report in writing to the Deputy Executive Director for
Management Services, who shall furnish a copy to the individual. The
findings and recommendations must be fully supported by stated reasons.
18. Section 10.33 is revised to read as follows:
Sec. 10.33 Action by the Deputy Executive Director for Management
Services.
(a) The Deputy Executive Director for Management Services, on the
basis of the record accompanied by all findings and recommendations,
shall make a final determination whether access authorization and/or
employment clearance shall be granted, denied, or revoked, except when
the provisions of Sec. 10.28 (i), (j), or (l) have been used and the
Deputy Executive Director for Management Services determination is
adverse, the Commission shall make the final agency determination.
(b) In making the determination as to whether an access
authorization and/or an employment clearance shall be granted, denied,
or revoked, the Deputy Executive Director for Management Services or
the Commission shall give due recognition to the favorable as well as
the unfavorable information concerning the individual and shall take
into account the value of the individual's services to the NRC's
program and the consequences of denying or revoking access
authorization and/or employment clearance.
(c) In the event of an adverse determination, the Deputy Executive
Director for Management Services shall promptly notify the individual
through the Director, Office of Administration, of his or her decision
that an access authorization and/or an employment clearance is being
denied or revoked and of his or her findings with respect to each
allegation contained in the notification letter for transmittal to the
individual.
(d) In the event of a favorable determination, the Deputy Executive
Director for Management Services shall promptly notify the individual
through the Director, Office of Administration.
19. In Sec. 10.34, paragraph (a) is revised to read as follows:
[[Page 15645]]
Sec. 10.34 Action by the Commission.
(a) Whenever, under the provisions of Sec. 10.28(i), (j), or (l) an
individual has not been afforded an opportunity to confront and cross-
examine witnesses who have furnished information adverse to the
individual and an adverse recommendation has been made by the Deputy
Executive Director for Management Services, the Commission shall review
the record and determine whether an access authorization and/or an
employment clearance should be granted, denied, or revoked, based upon
the record.
* * * * *
20. Section 10.35 is revised to read as follows:
Sec. 10.35 Reconsideration of cases.
(a) Where, pursuant to the procedures set forth in Secs. 10.20
through 10.34, the Deputy Executive Director for Management Services or
the Commission has made a determination granting an access
authorization and/or an employment clearance to an individual, the
individual's eligibility for an access authorization and/or an
employment clearance will be reconsidered only when subsequent to the
time of that determination, new derogatory information has been
received or the scope or sensitivity of the Restricted Data or National
Security Information to which the individual has or will have access
has significantly increased. All new derogatory information, whether
resulting from the NRC's reinvestigation program or other sources, will
be evaluated relative to an individual's continued eligibility in
accordance with the procedures of this part.
(b) Where, pursuant to these procedures, the Commission or Deputy
Executive Director for Management Services has made a determination
denying or revoking an access authorization and/or an employment
clearance to an individual, the individual's eligibility for an access
authorization and/or an employment clearance may be reconsidered when
there is a bona fide offer of employment and/or a bona fide need for
access to Restricted Data or National Security Information and either
material and relevant new evidence is presented, which the individual
and his or her representatives are without fault in failing to present
before, or there is convincing evidence of reformation or
rehabilitation. Requests for reconsideration must be submitted in
writing to the Deputy Executive Director for Management Services
through the Director, Office of Administration. Requests must be
accompanied by an affidavit setting forth in detail the information
referred to above. The Deputy Executive Director for Management
Services shall cause the individual to be notified as to whether his or
her eligibility for an access authorization and/or an employment
clearance will be reconsidered and if so, the method by which a
reconsideration will be accomplished.
(c) Where an access authorization and/or an employment clearance
has been granted to an individual by the Director, Division of
Facilities and Security, without recourse to the procedures set forth
in Secs. 10.20 through 10.34, the individual's eligibility for an
access authorization and/or an employment clearance will be
reconsidered only in a case where, subsequent to the granting of the
access authorization and/or employment clearance, new derogatory
information has been received or the scope or sensitivity of the
Restricted Data or National Security Information to which the
individual has or will have access has significantly increased. All new
derogatory information, whether resulting from the NRC's
reinvestigation program or other sources, will be evaluated relative to
an individual's continued eligibility in accordance with the procedures
of this part.
PART 11--CRITERIA AND PROCEDURES FOR DETERMINING ELIGIBILITY FOR
ACCESS TO OR CONTROL OVER SPECIAL NUCLEAR MATERIAL
21. The authority citation for part 11 continues to read as
follows:
Authority: Sec. 161, 68 Stat. 948, as amended (42 U.S.C. 2201);
sec. 201, 88 Stat. 1242, as amended (42 U.S.C. 5841).
Section 11.15(e) also issued under sec. 501, 85 Stat. 290 (31
U.S.C. 483a).
22. Section 11.3(a) is revised to read as follows:
Sec. 11.3 Scope.
(a) The requirements, criteria, and procedures of this part apply
to the establishment of and eligibility for special nuclear material
access authorization for employees, contractors, consultants of, and
applicants for employment with licensees or contractors of the Nuclear
Regulatory Commission. This employment, contract, service, or
consultation may involve any duties or assignments within the criteria
of Sec. 11.11 or Sec. 11.13 requiring access to, or control over,
formula quantities of special nuclear material (as defined in part 73
of this chapter).
* * * * *
23. In Sec. 11.7 the paragraph designations are removed, the
definitions are rearranged in alphabetical order, and the definitions
of NRC-``U'' special nuclear material access authorization and NRC-
``R'' special nuclear material access authorization are revised to read
as follows:
Sec. 11.7 Definitions.
* * * * *
NRC-``U'' special nuclear material access authorization means an
administrative determination based upon a single scope background
investigation, normally conducted by the Office of Personnel
Management, that an individual in the course of employment is eligible
to work at a job falling within the criterion of 11.11(a)(1) or 11.13.
NRC-``R'' special nuclear material access authorization means an
administrative determination based upon a national agency check with
law and credit investigation that an individual in the course of
employment is eligible to work at a job falling within the criterion of
Sec. 11.11(a)(2).
* * * * *
24. Section 11.15 is revised to read as follows:
Sec. 11.15 Application for special nuclear material access
authorization.
(a)(1) Application for special nuclear material access
authorization, renewal, or change in level must be filed by the
licensee on behalf of the applicant with the Director, Division of
Facilities and Security, U.S. Nuclear Regulatory Commission,
Washington, DC 20555. Applications for affected individuals employed on
October 28, 1985, shall be submitted within 60 days of notification of
Commission approval of the amended security plan.
(2) Licensees who wish to secure NRC-U or NRC-R special nuclear
material access authorizations for individuals in possession of an
active NRC Q or L access authorization or other security clearance
granted by another Federal agency based on an equivalent investigation
shall submit a ``Security Acknowledgment'' (NRC Form 176) and a
``Request for Access Authorization'' (NRC Form 237). NRC will process
these requests by verifying the data on an NRC-cleared individual, or
by contacting the Federal agency that granted the clearance, requesting
certification of the security clearance, and determining the
investigative basis and level of the clearance. Licensees may directly
request the Federal agency that administered the security clearance, if
other than NRC, to certify to the NRC
[[Page 15646]]
that it has on file an active security clearance for an individual and
to specify the investigative basis and level of the clearance.
(b) Applications for special nuclear material access authorization
for individuals, other than those qualifying under the provisions of
Sec. 11.15(a)(2), must be made on forms supplied by the Commission,
including:
(1) Questionnaire for National Security Positions (SF-86, Parts 1
and 2);
(2) Two completed standard fingerprint cards (FD-258);
(3) Security Acknowledgment (NRC Form 176);
(4) Other related forms where specified in accompanying instruction
(NRC-254); and
(5) A statement by the employer, prospective employer, or
contractor identifying the job to be assigned to or assumed by the
individual and the level of authorization needed, justified by
appropriate reference to the licensee's security plan.
(c)(1) Except as provided in paragraph (c)(2) of this section, NRC-
U special nuclear material access authorizations must be renewed every
five years from the date of issuance. Except as provided in paragraph
(c)(3) of this section, NRC-R special nuclear material access
authorizations must be renewed every ten years from the date of
issuance. An application for renewal must be submitted at least 120
days before the expiration of the five-year period for NRC-U and ten-
year period for NRC-R, respectively, and must include:
(i) A statement by the licensee that at the time of application for
renewal the individual's assigned or assumed job requires an NRC-U or
an NRC-R special nuclear material access authorization, justified by
appropriate reference to the licensee's security plan;
(ii) The Questionnaire for National Security Positions (SF-86,
Parts 1 and 2);
(iii) Two completed standard fingerprint cards (FD-258); and
(iv) Other related forms specified in accompanying NRC instructions
(NRC Form 254).
(2) An exception to the time for submission of NRC-U special
nuclear material access authorization renewal applications and the
paperwork required is provided for individuals who have a current and
active DOE-Q access authorization and are subject to DOE
Reinvestigation Program requirements. For these individuals, the
submission to DOE of the SF-86 pursuant to DOE Reinvestigation Program
requirements (generally every five years) will satisfy the NRC renewal
submission and paperwork requirements even if less than five years has
passed since the date of issuance or renewal of the NRC-U access
authorization. Any NRC-U special nuclear material access authorization
renewed in response to provisions of this paragraph will not be due for
renewal until the date set by DOE for the next reinvestigation of the
individual pursuant to DOE's Reinvestigation Program.
(3) An exception to the time for submission of NRC-R special
nuclear material access authorization renewal applications and the
paperwork required is provided for individuals who have a current and
active DOE-L or DOE-Q access authorization and are subject to DOE
Reinvestigation Program requirements. For these individuals, the
submission to DOE of the SF-86 pursuant to DOE Reinvestigation Program
requirements will satisfy the NRC renewal submission and paperwork
requirements even if less than ten years have passed since the date of
issuance or renewal of the NRC-R access authorization. Any NRC-R
special nuclear material access authorization renewed pursuant to this
paragraph will not be due for renewal until the date set by DOE for the
next reinvestigation of the individual pursuant to DOE's
Reinvestigation Program.
(4) Notwithstanding the provisions of paragraph (c)(2) of this
section, the period of time for the initial and each subsequent NRC-U
renewal application to NRC may not exceed seven years.
(5) Notwithstanding the provisions of paragraph (c)(3) of this
section, the period of time for the initial and each subsequent NRC-R
renewal application to NRC may not exceed twelve years. Any individual
who is subject to the DOE Reinvestigation Program requirements but, for
administrative or other reasons, does not submit reinvestigation forms
to DOE within seven years of the previous submission, for a NRC-U
renewal or twelve years of the previous submission for a NRC-R renewal,
shall submit a renewal application to NRC using the forms prescribed in
paragraph (c)(1) of this section before the expiration of the seven
year period for NRC-U or twelve year period for NRC-R renewal.
(d) If at any time, due to new assignment or assumption of duties,
a change in a special nuclear material access authorization level from
NRC ``R'' to ``U'' is required, the individual shall apply for a change
of level of special nuclear material access authorization. The
application must include a description of the new duties to be assigned
or assumed, justified by appropriate reference to the licensee's
security plan.
(e)(1) Each application for a special nuclear material access
authorization, renewal, or change in level must be accompanied by the
licensee's remittance, payable to the U.S. Nuclear Regulatory
Commission, according to the following schedule:
i. NRC-R................................................ 1$130
ii. NRC-R (expedited processing)........................ 1203
iii. NRC-R based on certification of comparable 20
investigation..........................................
iv. NRC-R renewal....................................... 1130
v. NRC-U requiring single scope investigation........... 2856
vi. NRC-U requiring single scope investigation 3295
(expedited processing).................................
vii. NRC-U based on certification of comparable 20
investigation..........................................
viii. NRC-U renewal..................................... 21705
\1\ If the NRC determines, based on its review of available data, that a
National Agency Check with law and credit investigation is necessary,
a fee of $130 will be assessed prior to the conduct of the
investigation; however, if a single scope investigation is deemed
necessary by the NRC, based on its review of available data, a fee of
$2,856 will be assessed prior to the conduct of the investigation.
\2\ If the NRC determines, based on its review of available data, that a
single scope investigation is necessary, a fee of $2,856 will be
assessed prior to the conduct of the investigation.
(2) Material access authorization fees will be published each time
the Office of Personnel Management notifies NRC of a change in the
background investigation rate it charges NRC for conducting the
investigation. Any changed access authorization fees will be applicable
to each access authorization request received upon or after the date of
publication. Applications from individuals having current Federal
access authorizations
[[Page 15647]]
may be processed expeditiously at no cost because the Commission may
accept the certification of access authorizations and investigative
data from other Federal government agencies that grant personnel access
authorizations.
(f)(1) Any Federal employee, employee of a contractor of a Federal
agency, licensee, or other person visiting an affected facility for the
purpose of conducting official business, who possesses an active NRC or
DOE-Q access authorization or an equivalent Federal security clearance
granted by another Federal agency (``Top Secret'') based on a
comparable single scope background investigation may be permitted, in
accordance with Sec. 11.11, the same level of unescorted access that an
NRC-U special nuclear material access authorization would afford.
(2) Any Federal employee, employee of a contractor of a Federal
agency, licensee, or other person visiting an affected facility for the
purpose of conducting official business, who possesses an active NRC or
DOE-L access authorization or an equivalent security clearance granted
by another Federal agency (``Secret'') based on a comparable or greater
background investigation consisting of a national agency check with law
and credit may be permitted, in accordance with Sec. 11.11, the same
level of unescorted access that an NRC-R special nuclear material
access authorization would afford. An NRC or DOE-L access authorization
or an equivalent security clearance (``Secret''), based on a background
investigation or national agency check with credit granted or being
processed by another Federal agency before January 1, 1998, is
acceptable to meet this requirement.
25. Section 11.16 is revised to read as follows:
Sec. 11.16 Cancellation of request for special nuclear material access
authorization.
When a request for an individual's access authorization is
withdrawn or canceled, the licensee shall notify the Chief, Personnel
Security Branch, NRC Division of Facilities and Security immediately,
by telephone, so that the investigation may be discontinued. The caller
shall provide the full name and date of birth of the individual, the
date of request, and the type of access authorization originally
requested (``U'' or ``R''). The licensee shall promptly submit written
confirmation of the telephone notification to the Personnel Security
Branch, NRC Division of Facilities and Security. A portion of the fee
for the ``U'' special nuclear material access authorization may be
refunded depending upon the status of the single scope investigation at
the time of withdrawal or cancellation.
26. In Sec. 11.21, paragraphs (c) and (d) are revised to read as
follows:
Sec. 11.21 Application of the criteria.
* * * * *
(c) When the reports of an investigation of an individual contain
information reasonably falling within one or more of the classes of
derogatory information listed in Sec. 10.11, it creates a question as
to the individual's eligibility for special nuclear material access
authorization. In these cases, the application of the criteria must be
made in light of and with specific regard to whether the existence of
the information supports a reasonable belief that the granting of a
special nuclear material access authorization would be inimical to the
common defense and security. The Director, Division of Facilities and
Security, may authorize the granting of a special nuclear material
access authorization on the basis of the information in the case or may
authorize the conduct of an interview with the individual and, on the
basis of the interview and other investigation as the Director deems
appropriate, may authorize the granting of a special nuclear material
access authorization. Otherwise, a question concerning the eligibility
of an individual for a special nuclear material access authorization
must be resolved in accordance with the procedures set forth in
Secs. 10.20 through 10.38 of this chapter.
(d) In resolving a question concerning the eligibility or continued
eligibility of an individual for a special nuclear material access
authorization by action of the Hearing Examiner or a Personnel Security
Review Panel, 3 the following principle shall be applied by
the Examiner and the Personnel Security Review Panel: Where there are
sufficient grounds to establish a reasonable belief as to the truth of
the information regarded as substantially derogatory and when the
existence of this information supports a reasonable belief that
granting access would be inimical to the common defense and security,
this will be the basis for a recommendation for denying or revoking
special nuclear material access authorization if not satisfactorily
rebutted by the individual or shown to be mitigated by circumstance.
---------------------------------------------------------------------------
\3\ The functions of the Hearing Examiner and the Personnel
Security Review Panel are described in part 10 of this chapter.
---------------------------------------------------------------------------
PART 25--ACCESS AUTHORIZATION FOR LICENSEE PERSONNEL
27. The authority citation for Part 25 continues to read as
follows:
Authority: Secs. 145, 161, 68 Stat. 942, 948, as amended (42
U.S.C. 2165, 2201); sec. 201, 88 Stat. 1242, as amended (42 U.S.C.
5841); E.O. 10865, as amended, 3 CFR 1959-1963 Comp., p. 398 (50
U.S.C. 401, note); E.O. 12829, 3 CFR, 1993 Comp. p. 570; E.O. 12958,
3 CFR, 1995 Comp., p .333; E.O. 12968, 3 CFR, 1995 Comp., p .396.
Appendix A also issued under 96 Stat. 1051 (31 U.S.C. 9701).
28. In Sec. 25.5 the definitions of ``L'' access authorization,
National Security Information, and ``Q'' access authorization are
revised to read as follows:
Sec. 25.5 Definitions.
* * * * *
``L'' access authorization means an access authorization granted by
the Commission that is normally based on a national agency check with a
law and credit investigation (NACLC) or an access national agency check
and inquiries investigation (ANACI) conducted by the Office of
Personnel Management.
* * * * *
National Security Information means information that has been
determined pursuant to Executive Order 12958 or any predecessor order
to require protection against unauthorized disclosure and that is so
designated.
* * * * *
``Q'' access authorization means an access authorization granted by
the Commission normally based on a single scope background
investigation conducted by the Office of Personnel Management, the
Federal Bureau of Investigation, or other U.S. Government agency which
conducts personnel security investigations.
* * * * *
29. Section 25.9 is revised to read as follows:
Sec. 25.9 Communications.
Except where otherwise specified, all communications and reports
concerning the regulations in this part should be addressed to the
Director, Division of Facilities and Security, U.S. Nuclear Regulatory
Commission, Washington, DC 20555.
30. Section 25.11 is revised to read as follows:
Sec. 25.11 Specific exemptions.
The NRC may, upon application by any interested person or upon its
own initiative, grant exemptions from the requirements of the
regulations of this part, that are--
[[Page 15648]]
(a) Authorized by law, will not present an undue risk to the public
health and safety, and are consistent with the common defense and
security; or
(b) Coincidental with one or more of the following:
(1) An application of the regulation in the particular
circumstances conflicts with other NRC rules or requirements;
(2) An application of the regulation in the particular
circumstances would not serve the underlying purpose of the rule or is
not necessary to achieve the underlying purpose of the rule;
(3) When compliance would result in undue hardship or other costs
that significantly exceed those contemplated when the regulation was
adopted, or that significantly exceed those incurred by others
similarly situated;
(4) When the exemption would result in benefit to the common
defense and security that compensates for any decrease in the security
that may result from the grant of the exemption;
(5) When the exemption would provide only temporary relief from the
applicable regulation and the licensee or applicant has made good faith
efforts to comply with the regulation;
(6) When there is any other material circumstance present that was
not considered when the regulation was adopted that would be in the
public interest to grant an exemption. If this condition is relied on
exclusively for satisfying paragraph (b) of this section, the exemption
may not be granted until the Executive Director for Operations has
consulted with the Commission.
31. Section 25.19 is revised to read as follows:
Sec. 25.19 Processing applications.
Each application for an access authorization or access
authorization renewal must be submitted to the CSA. If the NRC is the
CSA, the application and its accompanying fee must be submitted to the
NRC Division of Facilities and Security. If necessary, the NRC Division
of Facilities and Security may obtain approval from the appropriate
Commission office exercising licensing or regulatory authority before
processing the access authorization or access authorization renewal
request. If the applicant is disapproved for processing, the NRC
Division of Facilities and Security shall notify the submitter in
writing and return the original application (security packet) and its
accompanying fee.
32. In Sec. 25.21, paragraph (c) is revised to read as follows:
Sec. 25.21 Determination of initial and continued eligibility for
access authorization.
* * * * *
(c)(1) Except as provided in paragraph (c)(2) of this section, an
NRC ``Q'' access authorization must be renewed every five years from
the date of issuance. Except as provided in paragraph (c)(2) of this
section, an NRC ``L'' access authorization must be renewed every ten
years from the date of issuance. An application for renewal must be
submitted at least 120 days before the expiration of the five-year
period for a ``Q'' access authorization and the ten-year period for an
``L'' access authorization, and must include:
(i) A statement by the licensee or other person that the individual
continues to require access to classified National Security Information
or Restricted Data; and
(ii) A personnel security packet as described in Sec. 25.17(d).
(2) Renewal applications and the required paperwork are not
required for individuals who have a current and active access
authorization from another Federal agency and who are subject to a
reinvestigation program by that agency that is determined by the NRC to
meet the NRC's requirements. (The DOE Reinvestigation Program has been
determined to meet the NRC's requirements.) For these individuals, the
submission of the SF-86 by the licensee or other person to the other
Government agency pursuant to their reinvestigation requirements will
satisfy the NRC's renewal submission and paperwork requirements, even
if less than five years have passed since the date of issuance or
renewal of the NRC ``Q'' access authorization, or if less than 10 years
have passed since the date of issuance or renewal of the NRC ``L''
access authorization. Any NRC access authorization continued in
response to the provisions of this paragraph will, thereafter, not be
due for renewal until the date set by the other Government agency for
the next reinvestigation of the individual pursuant to the other
agency's reinvestigation program. However, the period of time for the
initial and each subsequent NRC ``Q'' renewal application to the NRC
may not exceed seven years or, in the case of an NRC ``L'' renewal
application, twelve years. Any individual who is subject to the
reinvestigation program requirements of another Federal agency but, for
administrative or other reasons, does not submit reinvestigation forms
to that agency within seven years for a ``Q'' renewal or twelve years
for an ``L'' renewal of the previous submission, shall submit a renewal
application to the NRC using the forms prescribed in Sec. 25.17(d)
before the expiration of the seven-year period for a ``Q'' renewal or
twelve-year period for an ``L'' renewal.
(3) If the NRC is not the CSA, reinvestigation program procedures
and requirements will be set by the CSA.
33. In Sec. 25.23, paragraph (a) is revised to read as follows:
Sec. 25.23 Notification of grant of access authorization.
* * * * *
(a) In those cases when the determination was made as a result of a
Personnel Security Hearing or by a Personnel Security Review Panel ; or
* * * * *
34. Section 25.25 is revised to read as follows:
Sec. 25.25 Cancellation of requests for access authorization.
When a request for an individual's access authorization or renewal
of an access authorization is withdrawn or canceled, the requestor
shall notify the CSA immediately by telephone so that the single scope
background investigation, national agency check with law and credit
investigation, or other personnel security action may be discontinued.
The requestor shall identify the full name and date of birth of the
individual, the date of request, and the type of access authorization
or access authorization renewal requested. The requestor shall confirm
each telephone notification promptly in writing.
35. In Sec. 25.27, paragraph (b) is revised to read as follows:
Sec. 25.27 Reopening of cases in which requests for access
authorizations are canceled.
* * * * *
(b) Additionally, if 90 days or more have elapsed since the date of
the last Questionnaire for National Security Positions (SF-86), or CSA
equivalent, the individual must complete a personnel security packet
(see Sec. 25.17(d)). The CSA, based on investigative or other needs,
may require a complete personnel security packet in other cases as
well. A fee, equal to the amount paid for an initial request, will be
charged only if a new or updating investigation by the NRC is required.
36. In Sec. 25.31, paragraphs (a), (b), and (c) are revised to read
as follows:
Sec. 25.31 Extensions and transfers of access authorizations.
(a) The NRC Division of Facilities and Security may, on request,
extend the authorization of an individual who possesses an access
authorization in
[[Page 15649]]
connection with a particular employer or activity to permit access to
classified information in connection with an assignment with another
employer or activity.
(b) The NRC Division of Facilities and Security may, on request,
transfer an access authorization when an individual's access
authorization under one employer or activity is terminated,
simultaneously with the individual being granted an access
authorization for another employer or activity.
(c) Requests for an extension or transfer of an access
authorization must state the full name of the person, date of birth,
and level of access authorization. The Director, Division of Facilities
and Security, may require a new personnel security packet (see
Sec. 25.17(c)) to be completed by the applicant. A fee, equal to the
amount paid for an initial request, will be charged only if a new or
updating investigation by the NRC is required.
* * * * *
37. In Sec. 25.33, paragraphs (a) and (b) are revised to read as
follows:
Sec. 25.33 Termination of access authorizations.
(a) Access authorizations will be terminated when:
(1) An access authorization is no longer required;
(2) An individual is separated from the employment or the activity
for which he or she obtained an access authorization for a period of 90
days or more; or
(3) An individual, pursuant to 10 CFR part 10 or other CSA-approved
adjudicatory standards, is no longer eligible for an access
authorization.
(b) A representative of the licensee or other organization that
employs the individual whose access authorization will be terminated
shall immediately notify the CSA when the circumstances noted in
paragraph (a)(1) or (a)(2) of this section exist; inform the individual
that his or her access authorization is being terminated, and the
reason; and that he or she will be considered for reinstatement of an
access authorization if he or she resumes work requiring the
authorization.
* * * * *
38. In Sec. 25.35, paragraph (b) is revised to read as follows:
Sec. 25.35 Classified visits.
* * * * *
(b) Representatives of the Federal Government, when acting in their
official capacities as inspectors, investigators, or auditors, may
visit a licensee, certificate holder, or other facility without
furnishing advanced notification, provided these representatives
present appropriate Government credentials upon arrival. Normally,
however, Federal representatives will provide advance notification in
the form of an NRC Form 277, ``Request for Visit or Access Approval,''
with the ``need-to-know'' certified by the appropriate NRC office
exercising licensing or regulatory authority and verification of an NRC
access authorization by the Division of Facilities and Security.
* * * * *
39. In Sec. 25.37, paragraph (b) is revised to read as follows:
Sec. 25.37 Violations.
* * * * *
(b) National Security Information is protected under the
requirements and sanctions of Executive Order 12958.
40. Appendix A to Part 25 is revised to read as follows:
Appendix A to Part 25--Fees for NRC Access Authorization
------------------------------------------------------------------------
Category Fee
------------------------------------------------------------------------
Initial ``L'' access authorization...................... 1 $130
Initial ``L'' access authorization (expedited 1 203
processing)............................................
Reinstatement of ``L'' access authorization............. 2 130
Extension or Transfer of ``L'' access authorization..... 2 130
Renewal of ``L'' access authorization................... 1 130
Initial ``Q'' access authorization...................... 2856
Initial ``Q'' access authorization (expedited 3295
processing)............................................
Reinstatement of ``Q'' access authorization............. 2 2856
Reinstatement of ``Q'' access authorization (expedited 2 3295
processing)............................................
Extension or Transfer of ``Q''.......................... 2 2856
Extension or Transfer of ``Q'' (expedited processing)... 2 3295
Renewal of ``Q'' access authorization................... 2 1705
------------------------------------------------------------------------
1 If the NRC determines, based on its review of available data, that a
single scope investigation is necessary, a fee of $2856 will be
assessed before the conduct of the investigation.
2 Full fee will only be charged if an investigation is required.
41. The heading of Part 95 is revised to read as follows:
PART 95--FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL
SECURITY INFORMATION AND RESTRICTED DATA
42. The authority citation for part 95 continues to read as
follows:
Authority: Secs. 145, 161, 193, 68 Stat. 942, 948, as amended
(42 U.S.C. 2165, 2201); sec. 201, 88 Stat. 1242, as amended (42
U.S.C. 5841); E.O. 10865, as amended, 3 CFR 1959-1963 Comp., p. 398
(50 U.S.C. 401, note); E.O. 12829, 3 CFR 1993 Comp., p. 570; E.O.
12958, as amended, 3 CFR 1995 Comp., p. 333; E.O. 12968, 3 CFR 1995
Comp., p. 391.
43. In Sec. 95.5 the definitions of NRC ``L'' access authorization,
NRC ``Q'' access authorization, and Security container are revised to
read as follows:
Sec. 95.5 Definitions.
* * * * *
NRC ``L'' access authorization means an access authorization
granted by the Commission normally based on a national agency check
with law and credit investigation (NACLC) or an access national agency
check and inquiries investigation (ANACI)) conducted by the Office of
Personnel Management.
NRC ``Q'' access authorization means an access authorization
granted by the Commission normally based on a single scope background
investigation conducted by the Office of Personnel Management, the
Federal Bureau of Investigation, or other U.S. Government agency that
conducts personnel security investigations.
* * * * *
Security container includes any of the following repositories:
(1) A security filing cabinet--one that bears a Test Certification
Label on the side of the locking drawer, inside wall adjacent to the
locking drawer, or interior door plate, or is marked,
[[Page 15650]]
``General Services Administration Approved Security Container'' on the
exterior of the top drawer or door.
(2) A safe--burglar-resistive cabinet or chest which bears a label
of the Underwriters' Laboratories, Inc. certifying the unit to be a TL-
15, TL-30, or TRTL-30, and has a body fabricated of not less than 1
inch of steel and a door fabricated of not less than 1\1/2\ inches of
steel exclusive of the combination lock and bolt work; or bears a Test
Certification Label on the inside of the door, or is marked ``General
Services Administration Approved Security Container'' and has a body of
steel at least \1/2\'' thick, and a combination locked steel door at
least 1'' thick, exclusive of bolt work and locking devices; and an
automatic unit locking mechanism.
(3) A vault--a windowless enclosure constructed with walls, floor,
roof, and door(s) that will delay penetration sufficient to enable the
arrival of emergency response forces capable of preventing theft,
diversion, damage, or compromise of classified information or matter,
when delay time is assessed in conjunction with detection and
communication subsystems of the physical protection system.
(4) A vault-type room--a room that has a combination lock door and
is protected by an intrusion alarm system that alarms upon the
unauthorized penetration of a person anywhere into the room.
(5) Other repositories that would provide comparable physical
protection in the judgment of the Division of Facilities and Security.
* * * * *
44. In Sec. 95.8, paragraph (b) is revised to read as follows:
Sec. 95.8 Information collection requirements: OMB approval.
* * * * *
(b) The approved information collection requirements contained in
this part appear in Secs. 95.11, 95.15, 95.17, 95.18, 95.21, 95.25,
95.33, 95.34, 95.36, 95.37, 95.39, 95.41, 95.43, 95.45, 95.47, 95.53,
and 95.57.
45. Section 95.9 is revised to read as follows:
Sec. 95.9 Communications.
Except where otherwise specified, all communications and reports
concerning the regulations in this part should be addressed to the
Director, Division of Facilities and Security, Nuclear Regulatory
Commission, Washington, DC 20555.
46. Section 95.11 is revised to read as follows:
Sec. 95.11 Specific exemptions.
The NRC may, upon application by any interested person or upon its
own initiative, grant exemptions from the requirements of the
regulations of this part, that are--
(a) Authorized by law, will not present an undue risk to the public
health and safety, and are consistent with the common defense and
security; or
(b) Coincidental with one or more of the following:
(1) An application of the regulation in the particular
circumstances conflicts with other rules or requirements of the NRC;
(2) An application of the regulation in the particular
circumstances would not serve the underlying purpose of the rule or is
not necessary to achieve the underlying purpose of the rule;
(3) When compliance would result in undue hardship or other costs
that are significantly in excess of those contemplated when the
regulation was adopted, or that are significantly in excess of those
incurred by others similarly situated;
(4) When the exemption would result in benefit to the common
defense and security that compensates for any decrease in security that
may result from the grant of the exemption;
(5) When the exemption would provide only temporary relief from the
applicable regulation and the licensee or applicant has made good faith
efforts to comply with the regulation;
(6) When there is any other material circumstance not considered
when the regulation was adopted for which it would be in the public
interest to grant an exemption. If such a condition is relied on
exclusively for satisfying paragraph (b) of this section, the exemption
may not be granted until the Executive Director for Operations has
consulted with the Commission.
47. In Sec. 95.15, paragraph (a) is revised to read as follows:
Sec. 95.15 Approval for processing licensees and others for facility
clearance.
(a) A licensee, certificate holder, or other person who has a need
to use, process, store, reproduce, transmit, transport, or handle NRC
classified information at any location in connection with Commission-
related activities shall promptly request an NRC facility clearance.
This specifically includes situations where a licensee, certificate
holder, or other person needs a contractor or consultant to have access
to NRC classified information. Also included are others who require
access to classified information in connection with NRC regulated
activities but do not require use, storage, or possession of classified
information outside of NRC facilities. However, it is not necessary for
a licensee, certificate holder, or other person to request an NRC
facility clearance for access to another agency's classified
information at that agency's facilities or to store that agency's
classified information at their facility, provided no NRC classified
information is involved and they meet the security requirements of the
other agency. If NRC classified information is involved, the
requirements of Sec. 95.17 apply.
* * * * *
48. In Sec. 95.17, the introductory text of paragraph (a) and
paragraph (a)(1) are revised to read as follows:
Sec. 95.17 Processing facility clearance.
(a) Following the receipt of an acceptable request for facility
clearance, the NRC will either accept an existing facility clearance
granted by a current CSA and authorize possession of license or
certificate related classified information, or process the facility for
a facility clearance. Processing will include--
(1) A determination based on review and approval of a Standard
Practice Procedures Plan that granting of the Facility Clearance would
not be inconsistent with the national interest, including a finding
that the facility is not under foreign ownership, control, or influence
to such a degree that a determination could not be made. An NRC finding
of foreign ownership, control, or influence is based on factors
concerning the foreign intelligence threat, risk of unauthorized
technology transfer, type and sensitivity of the information that
requires protection, the extent of foreign influence, record of
compliance with pertinent laws, and the nature of international
security and information exchange agreements. The licensee, certificate
holder, or other person must advise the NRC within 30 days of any
significant events or changes that may affect its status concerning
foreign ownership, control, or influence (e.g., changes in ownership;
changes that affect the company's answers to original FOCI questions;
indebtedness; and changes in the required form that identifies owners,
officers, directors, and executive personnel).
* * * * *
49. Section 95.19 is revised to read as follows:
Sec. 95.19 Changes to security practices and procedures.
(a) Except as specified in paragraph (b) of this section, each
licensee, certificate holder, or other person shall
[[Page 15651]]
obtain prior CSA approval for any proposed change to the name,
location, security procedures and controls, or floor plan of the
approved facility. A written description of the proposed change must be
furnished to the CSA with copies to the Director, Division of
Facilities and Security, Office of Administration, NRC, Washington, DC
20555-0001 (if NRC is not the CSA), and the NRC Regional Administrator
of the cognizant Regional Office listed in appendix A of part 73 of
this chapter. These substantive changes to the Standard Practice
Procedures Plan that affect the security of the facility must be
submitted to the NRC Division of Facilities and Security, or CSA, at
least 30 days prior to the change so that they may be evaluated. The
CSA shall promptly respond in writing to all such proposals. Some
examples of substantive changes requiring prior CSA approval include--
(1) A change in the approved facility's classified mail address; or
(2) A temporary or permanent change in the location of the approved
facility (e.g., moving or relocating NRC's classified interest from one
room or building to another). Approved changes will be reflected in a
revised Standard Practice Procedures Plan submission within 30 days of
approval. Page changes rather than a complete rewrite of the plan may
be submitted.
(b) A licensee or other person may effect a minor, non-substantive
change to an approved Standard Practice Procedures Plan for the
safeguarding of classified information without receiving prior CSA
approval. These minor changes that do not affect the security of the
facility may be submitted to the addressees noted in paragraph (a) of
this section within 30 days of the change. Page changes rather than a
complete rewrite of the plan may be submitted. Some examples of minor,
non-substantive changes to the Standard Practice Procedures Plan
include--
(1) The designation/appointment of a new facility security officer;
or
(2) A revision to a protective personnel patrol routine, provided
the new routine continues to meet the minimum requirements of this
part.
(c) A licensee, certificate holder, or other person must update its
NRC facility clearance every five years either by submitting a complete
Standard Practice Procedures Plan or a certification that the existing
plan is fully current to the Division of Facilities and Security.
50. Section 95.20 is revised to read as follows:
Sec. 95.20 Grant, denial or termination of facility clearance.
The Division of Facilities and Security shall provide notification
in writing (or orally with written confirmation) to the licensee or
other organization of the Commission's grant, acceptance of another
agency's facility clearance, denial, or termination of facility
clearance. This information must also be furnished to representatives
of the NRC, NRC licensees, NRC certificate holders, NRC contractors, or
other Federal agencies having a need to transmit classified information
to the licensee or other person.
51. Section 95.21 is revised to read as follows:
Sec. 95.21 Withdrawal of requests for facility security clearance.
When a request for facility clearance is to be withdrawn or
canceled, the requester shall notify the NRC Division of Facilities and
Security in the most expeditious manner so that processing for this
approval may be terminated. The notification must identify the full
name of the individual requesting discontinuance, his or her position
with the facility, and the full identification of the facility. The
requestor shall confirm the telephone notification promptly in writing.
52. In Sec. 95.25, the heading, the introductory text of paragraph
(a), paragraphs (a)(2), (b), (c)(2), (f), (g), (h), (i), (j)(1),
(j)(6), and (j)(7) are revised to read as follows:
Sec. 95.25 Protection of National Security Information and Restricted
Data in storage.
(a) Secret matter, while unattended or not in actual use, must be
stored in--
* * * * *
(2) Any steel file cabinet that has four sides and a top and bottom
(all permanently attached by welding, rivets, or peened bolts so the
contents cannot be removed without leaving visible evidence of entry)
and is secured by a rigid metal lock bar and an approved key operated
or combination padlock. The keepers of the rigid metal lock bar must be
secured to the cabinet by welding, rivets, or bolts, so they cannot be
removed and replaced without leaving evidence of the entry. The drawers
of the container must be held securely so their contents cannot be
removed without forcing open the drawer. This type of cabinet will be
accorded supplemental protection during non-working hours.
(b) Confidential matter while unattended or not in use must be
stored in the same manner as SECRET matter except that no supplemental
protection is required.
(c) * * *
(2) Combinations must be changed by a person authorized access to
the contents of the container, by the Facility Security Officer, or his
or her designee.
* * * * *
(f) Combinations will be changed only by persons authorized access
to Secret or Confidential National Security Information and/or
Restricted Data depending upon the matter authorized to be stored in
the security container.
(g) Posted information. Containers may not bear external markings
indicating the level of classified matter authorized for storage. A
record of the names of persons having knowledge of the combination must
be posted inside the container.
(h) End of day security checks.
(1) Facilities that store classified matter shall establish a
system of security checks at the close of each working day to ensure
that all classified matter and security repositories have been
appropriately secured.
(2) Facilities operating with multiple work shifts shall perform
the security checks at the end of the last working shift in which
classified matter had been removed from storage for use. The checks are
not required during continuous 24-hour operations.
(i) Unattended security container found opened. If an unattended
security container housing classified matter is found unlocked, the
custodian or an alternate must be notified immediately. Also, the
container must be secured by protective personnel. An effort must be
made to determine if the contents were compromised not later than the
next day.
(j) * * *
(1) A key and lock custodian shall be appointed to ensure proper
custody and handling of keys and locks used for protection of
classified matter;
* * * * *
(6) Keys and spare locks must be protected equivalent to the level
of classified matter involved;
(7) Locks must be changed or rotated at least every 12 months, and
must be replaced after loss or compromise of their operable keys; and
* * * * *
53. Section 95.27 is revised to read as follows:
Sec. 95.27 Protection while in use.
While in use, classified matter must be under the direct control of
an authorized individual to preclude physical, audio, and visual access
by persons who do not have the prescribed
[[Page 15652]]
access authorization or other written CSA disclosure authorization (see
Sec. 95.36 for additional information concerning disclosure
authorizations).
54. In Sec. 95.29, paragraphs (a), (c)(2), and (c)(4) are revised
to read as follows:
Sec. 95.29 Establishment of restricted or closed areas.
(a) If, because of its nature, sensitivity or importance,
classified matter cannot otherwise be effectively controlled in
accordance with the provisions of Secs. 95.25 and 95.27, a Restricted
or Closed area must be established to protect this matter.
* * * * *
(c) * * *
(2) Access must be limited to authorized persons who have an
appropriate security clearance and a need-to-know for the classified
matter within the area. Persons without the appropriate level of
clearance and/or need-to-know must be escorted at all times by an
authorized person where inadvertent or unauthorized exposure to
classified information cannot otherwise be effectively prevented.
* * * * *
(4) Open shelf or bin storage of classified matter in Closed Areas
requires CSA approval. Only areas protected by an approved intrusion
detection system will qualify for approval.
55. In Sec. 95.33, paragraph (f) is revised to read as follows:
Sec. 95.33 Security education.
* * * * *
(f) Refresher Briefings. The licensee or other facility shall
conduct refresher briefings for all cleared employees every 3 years. As
a minimum, the refresher briefing must reinforce the information
provided during the initial briefing and inform employees of
appropriate changes in security regulations. This requirement may be
satisfied by use of audio/video materials and/or by issuing written
materials.
* * * * *
56. A new Sec. 95.34 is added to read as follows:
Sec. 95.34 Control of visitors.
(a) Uncleared visitors. Licensees, certificate holders, or others
subject to this part shall take measures to preclude access to
classified information by uncleared visitors.
(b) Foreign visitors. Licensees, certificate holders, or others
subject to this part shall take measures as may be necessary to
preclude access to classified information by foreign visitors. The
licensee, certificate holder, or others shall retain records of visits
for 5 years beyond the date of the visit.
57. In Sec. 95.36, paragraphs (a), (c), and (d) are revised to read
as follows:
Sec. 95.36 Access by representatives of the International Atomic
Energy Agency or by participants in other international agreements.
(a) Based upon written disclosure authorization from the NRC
Division of Facilities and Security that an individual is an authorized
representative of the International Atomic Energy Agency (IAEA) or
other international organization and that the individual is authorized
to make visits or inspections in accordance with an established
agreement with the United States Government, a licensee, certificate
holder, or other person subject to this part shall permit the
individual (upon presentation of the credentials specified in Sec. 75.7
of this chapter and any other credentials identified in the disclosure
authorization) to have access to matter classified as National Security
Information that is relevant to the conduct of a visit or inspection. A
disclosure authorization under this section does not authorize a
licensee, certificate holder, or other person subject to this part to
provide access to Restricted Data.
* * * * *
(c) In accordance with the specific disclosure authorization
provided by the Division of Facilities and Security, licensees or other
persons subject to this part are authorized to release (i.e., transfer
possession of) copies of documents that contain classified National
Security Information directly to IAEA inspectors and other
representatives officially designated to request and receive classified
National Security Information documents. These documents must be marked
specifically for release to IAEA or other international organizations
in accordance with instructions contained in the NRC's disclosure
authorization letter. Licensees and other persons subject to this part
may also forward these documents through the NRC to the international
organization's headquarters in accordance with the NRC disclosure
authorization. Licensees and other persons may not reproduce documents
containing classified National Security Information except as provided
in Sec. 95.43.
(d) Records regarding these visits and inspections must be
maintained for 5 years beyond the date of the visit or inspection.
These records must specifically identify each document released to an
authorized representative and indicate the date of the release. These
records must also identify (in such detail as the Division of
Facilities and Security, by letter, may require) the categories of
documents that the authorized representative has had access and the
date of this access. A licensee or other person subject to this part
shall also retain Division of Facilities and Security disclosure
authorizations for 5 years beyond the date of any visit or inspection
when access to classified information was permitted.
* * * * *
58. In Sec. 95.37, paragraph (c)(1)(iv) is removed and paragraphs
(c)(1)(i) and (h)(2) are revised to read as follows:
Sec. 95.37 Classification and preparation of documents.
* * * * *
(c) * * *
(1) * * *
(i) Derivative classifications of classified National Security
Information must contain the identity of the source document or the
classification guide, including the agency and office of origin, on the
``Derived From'' line and its classification date. If more than one
source is cited, the ``Derived From'' line should indicate ``Multiple
Sources.'' The derivative classifier shall maintain the identification
of each source with the file or record copy of the derivatively
classified document.
* * * * *
(h) * * *
(2) In the event of a question regarding classification review, the
holder of the information or the authorized classifier shall consult
the NRC Division of Facilities and Security, Information Security
Branch, for assistance.
* * * * *
59. In Sec. 95.39, paragraphs (b)(3) and (c)(2) are revised to read
as follows:
Sec. 95.39 External transmission of classified matter.
* * * * *
(b) * * *
(3) The outer envelope or wrapper must contain the addressee's
classified mailing address. The outer envelope or wrapper may not
contain any classification, additional marking or other notation that
indicate that the enclosed document contains classified information.
The Classified Mailing Address shall be uniquely designated for the
receipt of classified information. The classified shipping address for
the receipt of material (e.g., equipment) should be different from the
classified
[[Page 15653]]
mailing address for the receipt of classified documents.
* * * * *
(c) * * *
(2) Confidential matter may be transported by one of the methods
set forth in paragraph (c)(1) of this section, by U.S. express or
certified mail. Express or certified mail may be used in transmission
of Confidential documents to Puerto Rico or any United States territory
or possession.
* * * * *
60. In Sec. 95.45, paragraph (a) is revised to read as follows:
Sec. 95.45 Changes in classification.
(a) Documents containing classified National Security Information
must be downgraded or declassified as authorized by the NRC
classification guides or as determined by the NRC. Requests for
downgrading or declassifying any NRC classified information should be
forwarded to the NRC Division of Facilities and Security, Office of
Administration, Washington, DC 20555-0001. Requests for downgrading or
declassifying of Restricted Data will be forwarded to the NRC Division
of Facilities and Security for coordination with the Department of
Energy.
* * * * *
61. Section 95.47 is revised to read as follows:
Sec. 95.47 Destruction of matter containing classified information.
Documents containing classified information may be destroyed by
burning, pulping, or another method that ensures complete destruction
of the information that they contain. The method of destruction must
preclude recognition or reconstruction of the classified information.
Any doubts on methods should be referred to the CSA.
62. Section 95.53 is revised to read as follows:
Sec. 95.53 Termination of facility clearance.
(a) If the need to use, process, store, reproduce, transmit,
transport, or handle classified matter no longer exists, the facility
clearance will be terminated. The facility may deliver all documents
and matter containing classified information to the Commission, or to a
person authorized to receive them, or must destroy all classified
documents and matter. In either case, the facility shall submit a
certification of nonpossession of classified information to the NRC
Division of Facilities and Security within 30 days of the termination
of the facility clearance.
(b) In any instance where a facility clearance has been terminated
based on a determination of the CSA that further possession of
classified matter by the facility would not be in the interest of the
national security, the facility shall, upon notice from the CSA,
dispose of classified documents in a manner specified by the CSA.
63. Section 95.57 is revised to read as follows:
Sec. 95.57 Reports.
Each licensee or other person having a facility clearance shall
report to the CSA and the Regional Administrator of the appropriate NRC
Regional Office listed in 10 CFR part 73, appendix A:
(a) Any alleged or suspected violation of the Atomic Energy Act,
Espionage Act, or other Federal statutes related to classified
information (e.g., deliberate disclosure of classified information to
persons not authorized to receive it, theft of classified information).
Incidents such as this must be reported within 1 hour of the event
followed by written confirmation within 30 days of the incident; and
(b) Any infractions, losses, compromises, or possible compromise of
classified information or classified documents not falling within
paragraph (a) of this section. Incidents such as these must be entered
into a written log. A copy of the log must be provided to the NRC on a
monthly basis. Details of security infractions including corrective
action taken must be available to the CSA upon request.
(c) In addition, NRC requires records for all classification
actions (documents classified, declassified, or downgraded) to be
submitted to the NRC Division of Facilities and Security. These may be
submitted either on an ``as completed'' basis or monthly. The
information may be submitted either electronically by an on-line system
(NRC prefers the use of a dial-in automated system connected to the
Division of Facilities and Security) or by paper copy using NRC Form
790.
Dated at Rockville, MD, this 22nd day of March, 1999.
For the Nuclear Regulatory Commission.
William D. Travers,
Executive Director for Operations.
[FR Doc. 99-7842 Filed 3-31-99; 8:45 am]
BILLING CODE 7590-01-P
