Classification Guidelines
And Distribution Controls
Original and
Derivative Classification
Executive Order 12958, April 17, 1995,
sets U.S. Government policy for classifying national security information that
must be protected from unauthorized disclosure. Information is classified in
one of two ways -- originally or derivatively.
Original classification is the initial
determination that information requires protection. Only U.S. Government
officials to whom this authority has been delegated in writing and who have
been trained in classification requirements have the authority for original
classification. Original classification authorities issue security
classification guides that others use in making derivative classification
decisions. Most government employees and contractors make derivative
classification decisions.
Derivative classification is the act of
classifying a specific item of information or material on the basis of an
original classification decision already made by an authorized original
classification authority. The source of authority for derivative
classification ordinarily consists of a previously classified document or a
classification guide issued by an original classification authority.
The full text of Executive Order 12958 is
available at DSS website at www.dss.mil/seclib/index.htm.
Classification guidelines for defense contractors are in Chapter 4 of the
National Industrial Security Program Operating Manual. Full text of the
NISPOM is available on the Defense Security Service Internet site at, www.dss.mil/seclib/index.htm.
Classification Levels
Information that must be controlled to
protect the national security is assigned one of three levels of
classification, as follows:
- TOP SECRET information is
information which, if disclosed without authorization, could reasonably
be expected to cause exceptionally grave damage to the national
security.
- SECRET information is information which, if
disclosed without authorization, could reasonably be expected to cause
serious damage to the national security.
- CONFIDENTIAL information is information which,
if disclosed without authorization, could reasonably be expected to
cause damage to the national security.
Atomic energy information is classified
under the Atomic Energy Act of 1954, and the procedures differ from those
prescribed for National Security Information. Atomic energy information is
automatically classified and remains classified until a positive action is
taken to declassify it. It may be declassified only by the Department of
Energy. Consult your security officer for information on marking and handling
atomic energy information. There are two types:
- RESTRICTED DATA covers "all data
concerning (1) design, manufacture, or utilization of atomic weapons;
(2) the production of special nuclear material; or (3) the use of
special nuclear material in the production of energy," except for
data that has been declassified or removed from the Restricted Data
category.
- FORMERLY RESTRICTED DATA is information which
has been removed from the Restricted Data category after Department of
Energy and Department of Defense have jointly determined that the
information relates primarily to the military utilization of atomic
weapons and can be adequately safeguarded as National Security
Information. The word "formerly" only means that such
information is no longer subject to controls under the Atomic Energy
Act. Formerly Restricted Data remains classified and subject to controls
on National Security Information. Such data may not be given to any
other nation except under specially approved agreements. It is
identified and handled as RESTRICTED DATA when sent outside the United
States.
RESTRICTED DATA and FORMERLY RESTRICTED
DATA should also be marked with one of the three classification levels -- TOP
SECRET, SECRET, or CONFIDENTIAL.
Challenging a
Classification
Any approved holder of classified
information who believes the information is classified improperly or unnecessarily,
or that current security considerations justify downgrading to a lower
classification or upgrading to a higher classification, or that security
classification guidance is improper or inadequate, is encouraged and expected
to challenge the classification status.
Government employees should pursue such
actions through established agency procedures that protect individuals from
retribution for bringing such actions, provide an opportunity for review by
an impartial official or panel, and provide a right of appeal to the
Interagency Security Classification Appeals Panel. Contractors should appeal
such issues through their pertinent government contracting authority.
Distribution Controls
In addition to its classification,
intelligence information and certain scientific or technical information may
also be subject to other controls on its distribution and handling. It is
your responsibility to understand and comply with the control markings on
classified information. If you are not sure, contact your security office.
These control markings include:
- Dissemination and Extraction of Information
Controlled by Originator (ORCON) or (OC) means that any additional distribution
or inclusion in another document must be approved by the originator of
the document. It is used on intelligence information that could permit
identification of a sensitive intelligence source or method.
- Not Releasable to Contractors/Consultants
(NOCONTRACT) has been
discontinued but is still seen on older documents. Check with the originator
of the document regarding any ongoing controls on the use of such a
document. This caveat was used on intelligence information that is
provided by a source on the express or implied condition that it not be
made available to contractors; or that, if disclosed to a contractor,
would actually or potentially give him/her a competitive advantage or
cause a conflict of interest with his/her obligation to protect the
information.
- Caution - Proprietary Information Involved
(PROPIN) or (PR)
is used with or without a security classification to identify
information provided by a commercial firm or private source under an
express or implied understanding that the information will be protected
as a trade secret or proprietary data with actual value.
- NOFORN is for intelligence information that may not be passed to
foreign nationals.
- Authorized for Release to ____ (REL TO) signifies intelligence information that is
releasable to or has been released through proper disclosure channels to
the named foreign government or international organization.
- Sensitive Compartmented Information (SCI) applies to certain intelligence sources,
methods, or analytical processes that are subject to a formal access
control system established by the Director of Central Intelligence.
Special approval is required for access to SCI.
- Communications Security (COMSEC) is the protection of all elements of
telecommunications -- encryption, transmission, emissions, and the
physical security of equipment and materials.
- Cryptographic Material (CRYPTO) identifies information or materials that must
be handled through special cryptographic channels.
- Warning Notice - Intelligence Sources or
Methods Involved (WNINTEL)
has been discontinued but is still seen on older documents. It was
used on intelligence information that identifies or would reasonably
permit identification of an intelligence source or method that is
susceptible to countermeasures that could nullify or reduce its
effectiveness.
- Critical Nuclear Weapons Design Information
(CNWDI) or (N)
applies to information that reveals the theory of
operation or design of the components of a thermonuclear or fission
bomb, warhead, demolition munitions, or test device. Special handling
procedures are required.
|