Subpart A-Scope. SOURCE: 44 FR 34914, June 18, 1979, unless otherwise noted. § 1203.100 Legal basis. (a) E.O. 12065. The responsibilities and authority of the Administrator of NASA with respect to the original classification of official information or material requiring protection against unauthorized disclosure in the interest of national defense or foreign relations of the United States (hereinafter collectively termed "national security"), and the standards for such classification, are established by Executive Order 12065 (43 FR 28949) and the Information Security Oversight Office Directive No. 1, September 29, 1978. (b) E.O. 10865. Executive Order 10865 (24 FR 1583) requires the Administrator to prescribe by regulation such specific requirements, restrictions and other safeguards as the Administrator may consider necessary to protect: (1) Releases of classified information to or within United States industry that relate to contracts with NASA; and (2) Other releases of classified information to industry that NASA has responsibility for safeguarding. (c) The National Aeronautics and Space Act. (1) Section 304(a) of the National Aeronautics and Space Act of 1958, as amended (42 U.S.C. 2451 et seq.), states in part: "The Administrator shall establish such security requirements, restrictions, and safeguards as he deems necessary in the interest of the national security (2) Section 303 of the Act states: "Information obtained or developed by the Administrator in the performance of his functions under this Act shall be made available for public inspection, except (i) information authorized or required by Federal Statute to be withheld, and (ii) information classified to protect the national security: Provided, That nothing in this Act shall authorize the withholding of information by the Administrator from the duly authorized committees of the Congress." § 1203.101 Other applicable NASA regulations. (a) Subpart H of this part, "Delegation of Authority to Make Determinations in Original Security Classification Matters." (b) Subpart I of this part, "NASA Information Security Program Committee." (c) NASA Handbook 1620.3, "NASA Physical Security Handbook.” Subpart B-NASA Information SOURCE: 44 FR 34914, June 18, 1979, unless otherwise noted. § 1203.200 Background and discussion. (a) In establishing a civilian space program, the Congress required NASA to "provide for the widest practicable and appropriate dissemination of information concerning its activities and the results thereof," and for the withholding from public inspection of that information that is classified to protect the national security. (b) To balance the public's interest in access to Government information with the need to protect certain national security information from unauthorized disclosure, Executive Order 12065 was promulgated. It designates the National Aeronautics and Space Administration as having certain responsibility for matters pertaining to national security, and confers on the Administrator of NASA, or such responsible officers or employees as the Administrator may designate, the authority for original classification of official information or material which requires protection in the interest of national security. It also provides for: (1) Basic classification, downgrading and declassification guidelines; (2) The issuance of directives prescribing the procedures to be followed in safeguarding classified information or material; (3) A monitoring system to ensure the effectiveness of the Order; (4) Appropriate administrative sanctions against officers and employees of the United States Government who are found to be in violation of the Order or implementing directive; and (5) Classification prohibitions as discussed in § 1203.410. (c) Executive Order 12065 requires the timely identification and protection of that NASA information the disclosure of which would be contrary to the best interest of national security. Accordingly, the determination in each case must be based on a judgment as to whether disclosure of information could reasonably be expected to result in identifiable damage to the national security. [44 FR 34914, June 18, 1979; 44 FR 45610, Aug. 3, 1979] § 1203.201 Information security objectives. The objectives of the NASA Information Security Program are to: (a) Ensure that information is classified only when a sound basis exists for such classification and only for such period as is necessary. (b) Prevent both the unwarranted classification and the overclassification of NASA information. (c) Ensure the greatest practicable uniformity within NASA in the classification of information. (d) Ensure effective coordination and reasonable uniformity with other Government departments and agencies, particularly in areas where there is an interchange of information, techniques or hardware. (e) Provide a timely and effective means for downgrading or declassifying information when the circumstances necessitating the original classification change or no longer exist. § 1203.202 Responsibilities. (a) The Chairperson, NASA Information Security Program Committee (Subpart I of this part), is responsible for: (1) Directing the NASA Information Security Program in accordance with NASA policies and objectives and applicable laws and regulations. (2) Ensuring effective compliance with and implementation of Executive Order 12065 and the Information Security Oversight Office Directive No. 1 relating to security classification matters. (3) Reviewing, in consultation with the NASA Information Security Program Committee, questions, suggestions, appeals and compliance concerning the NASA Information Security Program and making determinations concerning them. (4) Coordinating NASA security classification matters with NASA installations, the Department of Defense, the Department of Energy and other Government agencies. (5) Issuing Security Classification Guides for NASA programs and projects. (6) Developing, maintaining and recthe ommending to Administrator guidelines for the systematic review covering 20-year old classified information under NASA's jurisdiction. (7) Reviewing and coordinating with appropriate offices all appeals of denials of requests for records under sections 552 and 552a of Title 5, United States Code (Freedom of Information and Privacy Acts) when the denials are based on the records continued classification. (8) Recommending to the Administrator appropriate administrative action to correct abuse or violations of any provision of the NASA Information Security Program, including notifications by warning letter, formal reprimand and to the extent permitted by law, suspension without pay and removal. (b) All NASA employees are responsible for bringing to the attention of the Chairperson of the NASA Information Security Program Committee any information security problems in need of resolution, any areas of interest wherein information security guidance is lacking, and any other matters likely to impede achievement of the objectives prescribed herein. (c) Each NASA official to whom the authority for original classification is delegated shall be accountable for the propriety of each classification (see Subpart H) and is responsible for: (1) Ensuring that classification determinations are consistent with the policy and objectives prescribed above, and other applicable guidelines. (2) Bringing to the attention of the Chairperson, NASA Information Security Program Committee, for resolution, any disagreement with classification determinations made by other NASA officials. (3) Ensuring that information and material which no longer requires its present level of protection is promptly downgraded or declassified in accordance with applicable guidelines. (d) Other Officials-in-Charge of Headquarters Offices are responsible for: (1) Ensuring that classified information or material prepared within their respective offices is appropriately marked. (2) Ensuring that material proposed for public release is reviewed to eliminate classified information. (e) Directors of Field Installations and, for Headquarters, the Director, Headquarters Administration Division, are responsible for: (1) Developing proposed Security Classification Guides. (2) Ensuring that classified information or material prepared in their respective installations is appropriately marked. (3) Ensuring that material proposed for public release is reviewed to eliminate classified information. (4) Designating Security Classification Officers at their respective installations, to whom the responsibilities listed in paragraphs (e) (1), (2), and (3) of this section may be reassigned. (f) The NASA Security Classification Manager, Security Division, NASA Headquarters, who serves as a member and Executive Secretary of the NASA Information Security Program Committee, is responsible for the NASA-wide coordination of security classification matters. (g) The Director of Security is responsible for establishing procedures for the safeguarding of classified information or material (e.g., accountability, control, access, storage, transmission, marking, etc.) and for ensuring that such procedures are systematically reviewed and those which are duplicative or unnecessary are eliminated. § 1203.203 Degree of protection. (a) General. Upon determination that information or material must be classified, the degree of protection (security classification) commensurate with the sensitivity of the information must be determined. The lowest category of classification necessary to provide the appropriate degree of protec tion should be assigned. If the classifier has a reasonable doubt as to which security classification category is appropriate, or whether the material should be classified at all, the least restrictive designation should be used, or the information should not be classified. (b) Authorized Categories of Classification. The three categories of classification, as authorized and defined in Executive Order 12065 are set out below. No other restrictive markings are authorized to be placed on NASA classified documents or materials except as expressely provided by statute or by NASA Directives. (1) Top Secret. Top Secret is the designation applied to information or material the unathorized disclosure of which could reasonably be expected to cause exceptionally grave damage to the national security. Examples of exceptionally grave damage include armed hostilities against the United States or its allies; disruption of foreign relations vitally affecting the national security; the compromise of vital national defense plans or complex cryptologic and communications intelligence systems; the revelation of sensitive intelligence operations; and the disclosure of scientific or technological developments vital to national security. (2) Secret. Secret is the designation applied to information or material the unathorized disclosure of which could reasonably be expected to cause serious damage to the national security. Examples of serious damage include disruption of foreign relations significantly affecting the national security; significant impairment of a program or policy directly related to the national security; revelation of significant military plans or intelligence operations; and compromise of significant scientific or technological develpments relating to national security. (3) Confidential. Confidential is the designation applied to that information or material the unauthorized disclosure of which could reasonably be expected to cause identifiable damage to the national security. Subpart C-Classification Principles and Considerations SOURCE: 44 FR 34915, June 18, 1979, unless otherwise noted. § 1203.300 General. In general, the types of NASA-generated information and material requiring protection in the interest of national security lie in the areas of applied research, technology or operations. § 1203.301 Identification of information requiring protection. Classifiers shall identify the level of classification of each classified portion of a document (including subject and titles), and those portions that are not classified. § 1203.302 Combination, interrelation or compilation. An interrelationship of individual items, classified or unclassified, may result in a combined item requiring a higher classification than that of any of the individual items. Compilations of unclassified information are considered unclassified unless some additional significant factor is added in the process of compilation. For example: (a) The way unclassified information is compiled may be classified; (b) The fact that the information is complete for its intended purpose may be classified; or (c) The fact the compilation represents an official evaluation may be classified. In these cases, the compilations would be classified. § 1203.303 Dissemination considerations. The degree of intended dissemination, use of the information and whether the end purpose to be served renders effective security control imrractical are considerations during the classification process. These factors do not necessarily preclude classification, but must be considered in order not to impose security controls which are impractical to enforce. § 1203.304 Internal effect. The effect of security protection on program progess and cost and on other functional activities of NASA should be considered. Impeditive effects and added costs inherent in a security clas sification must be assessed in light of the detrimental effects on the national security interests which would result from failure to classify. § 1203.305 Restricted data. Restricted Data or Formerly Restricted Data is so classified when originated, as required by the Atomic Energy Act of 1954, as amended. Specific guidance for the classification of Restricted Data is provided in "Classification Guides" published by the Department of Energy. Subpart D-Guides for Original SOURCE: 44 FR 34916, June 18, 1979, unless otherwise noted. § 1203.400 Specific classifying guidance. Technological and operational information and material, and in some exceptional cases scientific information, falling within any one or more of the following categories must be classified if its unauthorized disclosure could reasonably be expected to cause identifiable damage to the national security. In cases where it is believed that a contrary course of action would better serve the national interests, the matter should be referred to the Chairperson, NASA Information Security Program Committee, for a determination. It is not intended that this list be exclusive; original classifiers are responsible for initially classifying any other type of information which, in their judgment, requires protection within the intent of Executive Order 12065: (a) Information which provides the United States, in comparison with other nations, with a significant scientific, engineering, technical, operational, intelligence, strategic, tactical or economic advantage related to national security. (b) Information which if disclosed would significantly diminish the technological lead of the United States in any military system, subsystem or component thereof, resulting in identifiable damage to such a system, subsystem or component thereof. (c) Scientific or technological information in an area where an advanced military application that would in itself be classified is foreseen during exploratory development. (d) Information which, if known, would: (1) Provide a foreign nation with an insight into the defense application or the war or defense plans or posture of the United States; (2) Allow a foreign nation to develop, improve or refine a similar item of defense application; (3) Provide a foreign nation with a base upon which to develop effective countermeasures; (4) Weaken or nullify the effectiveness of a defense or military plan, operation, project, weapon system or activity which is vital to the national security. (e) Information or material which is important to the national security of the United States in relation to other nations when there is sound reason to believe that those nations are unaware that the United States has or is capable. of obtaining the information or material; i.e., through intelligence activities, sources, or methods. (f) Information which if disclosed could be exploited in a manner prejudicial to the national security posture of the United States by discrediting its technological power, capability or intentions. (g) Information which reveals an unusually significant scientific or technological "breakthrough" which there is sound reason to believe is not known to or within the state-of-the-art capability of other nations. If the "breakthrough" supplies the United States with an important advantage of a technological nature, classification also would be appropriate if the potential application of the information, although not specifically visualized, would afford the United States a significant national security advantage in terms of technological lead time or an economic advantage relating to national security. (h) Information of such nature that an unfriendly government in possession of it would be expected to use it for purposes prejudicial to U.S. national security and which, if classified, could not be obtained by an unfriendly power without a considerable expenditure of resources. (i) Information which if disclosed to a foreign government would enhance its military research and development programs to the detriment of U.S. counterpart or competitive programs. (j) Operational information pertaining to the command and control of space vehicles, the possession of which would facilitate malicious interference with U.S. space mission, that might result in identifiable damage to the national security. (k) Information which if disclosed could jeopardize the foreign relations or activities of the United States; for example, the premature or unauthorized release of information relating to the subject matter of international negotiations, foreign government information or information regarding the placement or withdrawal of NASA tracking stations on foreign territory. (1) United States Government programs for safeguarding nuclear materials or facilities. (m) Other categories of information which are related to national security and which require protection against unauthorized disclosure as may be determined by the Administrator. The Chairperson, NASA Information Security Program Committee, will promptly inform the Director, Information Security Oversight Office, General Services Administration (GSA) of such determinations. § 1203.401 Effect of open publication. of Public disclosure, regardless source or form, of information currently classified or being considered for classification does not preclude initial or continued classification. However, such disclosure requires an immediate reevaluation to determine whether the information has been compromised to the extent that downgrading or declassification is indicated. Similar consideration must be given to related items of information in all programs, projects, or items incorporating or pertaining to the compromised items of information. In these cases, if a release were made or authorized by an official Government source, classification of clearly identified items may no longer be warranted. Questions as to the propriety of continued classification should be referred to the Chair |