Office of Security Security Education Refresher Briefing

Objectives Annual requirement Satisfactory knowledge of processing, handling and safeguarding of Classified National Security Information Also to prevent security violations as well.

Authorities E.O. 12958, Classified National Security Information, as amended 32 CFR Part 2001, Implementing Directive DOO 20-6, Director of Security; Security Manual, Section III www.osec.doc.gov/osy

Classified National Security Information is Official information that relates to the national defense or foreign relations of the United States, which has been deemed to require protection from unauthorized disclosure

Levels of Classified Information Top Secret unauthorized disclosure is expected to cause exceptionally grave damage to the National Security Secret unauthorized disclosure is expected to cause serious damage to the National Security Confidential unauthorized disclosure is expected to cause recognizable damage to our National Security Note: lead in to the following slide There are eights “classify reasons” under the “Classify Reason Category” in the executive order Example Military Plans, weapons system Scientific, technological or economic matters relating to the national security

National Security Classify Reason Categories E.O. 12958 section 1.4 Classified information must fall under one of the following categories: 1.4 (a) Military plans, weapons systems, or operations; 1.4 (b) Foreign government information; 1.4 (c) Intelligence activities, sources or methods or cryptology; 1.4 (d) Foreign relations or foreign activities of the United States including confidential sources;

National Security Classify Reason Categories E. O. 12958 section 1 National Security Classify Reason Categories E.O. 12958 section 1.4 cont’d 1.4. (e) Scientific, technological or economic matters relating to the national security; 1.4 (f) United States Government programs for safeguarding nuclear materials or facilities; or 1.4 (g) Vulnerabilities or capabilities of systems, installations, projects or plan relating to the national security. 1.4 (h) weapons of mass destruction

Reasons NOT to classify Information Information may not be classified to: Conceal violation of law, inefficiency, or administrative error. Prevent embarrassment to a person, organization, or agency. Restrain competition. Prevent or delay the release of information that does not require protection in the interests of national security.

Sensitive Information Information marked “Sensitive” “For Official Use Only,” “Sensitive But Unclassified,” “Company Proprietary,” etc., is not classified Protection from unauthorized disclosure is required If information is not classified in the Department of Commerce, then it normally is “Sensitive” information Protection of Trade Secrets (18 U.S.C. Chapter 90) The Export Administration Act of 1979 (50 U.S.C. Title 13 Census information (Fined up to $5000 or up to 5 years in prison or both) USTR/ISAC committee member Remember sensitive information should not be marked with classified stamps

x x CONFIDENTIAL Memorandum For: For training purposes only Subject: Classified Stamps vs. Sensitive Stamps Classified stamps should only be used on Classified National Security Information. Sensitive information should be marked with appropriate sensitive stamps. (SBU) (FOUO) This document does not contain any Classified National Security Information x x

How is information classified? Original Classification Derivative Classification

Original Classification An initial determination that information needs protection in the interests of national security Must have written authority to originally classify information

Original Classification Authority (OCA) Secretary of Commerce delegated authority from President, delegates within DOC Secret is highest level of OCA in DOC

Derivative Classification Incorporating, paraphrasing, restating, or generating in new form, information that is already classified Written authority is not needed

Source document received Your Document SECRET Memo: Derivative Document/Training Only Derivatively Classifying From a Source Document (U) This paragraph is unclassified (S) This paragraph contains secret information paraphrased from the source document received Source document received SECRET Memo: Training Only 1.(C)This paragraph is confidential 2. (S)This paragraph is Secret

Declassification Only an Original Classification Authority can authorize declassification Documents are generally marked for declassification within 10 years and can be up to 25 years E.O. 13292 further amended E.O. 12958. No longer will you see the X marking on future classified documents. Classified documents must now contain a “date/year” for declassification. Sometimes and quite often documents/memo may not have a date.

Summary Please do not perform OCA unless you have written authority Remember you do not need written authority to perform derivative classification Please do not use classified stamps on sensitive information

Questions? Making Original and Derivative Classification decisions can be complicated. For additional training and/or questions, please contact the Office of Security’s Information Security Team at 202-482-8115.

Protecting Classified Information "We have an obligation to protect military, operational security, intelligence sources, and methods, and sensitive law enforcement investigations." President George W. Bush, Memo to AG, FBI, CIA, State, Treasury, and Defense, October 5, 2001 The CNN and Washington Post reported President Bush’s outraged that sensitive intelligence information that was shared with Congress was being reported to the news media. In an October 5, 2001 memo to the AG, FBI, CIA, State, Treasury and Department of Defense President Bush now restricts classified briefings to the four major leaders in congress and the chairman and ranking members of the House and Senate intelligence committee members.

Proper Security Practices Accountability Protecting Classified at work Transmission Destruction Reporting Requirements

Accountability of Classified Information Required for all Classified National Security Information Classified Document Control Record, form CD-481, for Top Secret and Secret Record Top Secret and Secret documents in manual or electronic record system with classified control point or classified control officer

Classified Information Use cover sheets!

Classified Information Properly Marked Paragraphs marked Document marked at highest level contained Cover, front and back, top and bottom Classified by line Declassification instructions

(U)This memo is for training purposes only SECRET (U)This memo is for training purposes only (U) This paragraph contains unclassified information (S) This paragraph contains secret economic information relating to U.S. National Security (U) This paragraph contains unclassified information Classified By: T. Hauser,Deputy Under Secretary for International Trade Reason: 1.4 (e) Declassify: December 2003

Marking Classified Information Computer Media Affix labels with highest classification contained within Include as much other information as possible, i.e. authority and declassification instructions SECRET Classified by: DAS for Security

Protecting Classified at Work Classified information must be stored in a GSA-approved security container (safe) when not in use DO NOT STORE CLASSIFIED IN THE FOLLOWING: Filing Cabinets Over head Cabinets Window Sills

Safe Combinations Security container combinations are classified at the level of information in the safe Memorize combinations; never write them down Don’t share with anyone who does not need to know Change combinations when: Security container is found open or unattended Someone who has the the combination leaves Combination has been compromised When the security container is taken out of service

Safe Combinations cont’d Change combinations when: Security container is found open Someone who has the combination leaves Combination has been compromised When the security container is taken out of service

Protecting Classified Information You must limit access to authorized persons by verifying: Identification Need to know Clearance Ability to protect

Protecting Classified NO unauthorized use of computers! Systems must be certified and accredited PRIOR to classified use See your Information Technology Security Officer

Transmitting Classified Always use a STU-III* or STE** telephone for classified calls Use compatible facsimile machines cleared for classified use for quick and secure document transmission *Secure Telephone Unit, Third Generation **Secure Telephone Equipment

Transmission: Double Wrapping Inner wrapping information includes full address return address classification markings top/bottom and front and back return receipt Must be done to prepare for hand carry, or US Postal Affords 2 layers of protection Protects against damage Use opaque envelopes Don’t forget a receipt

Transmission: Double Wrapping cont’d Outer Wrapping full address of receiver full return address NO CLASSIFICATION MARKINGS!

Transmitting Classified Secret and Confidential only Hand-carry Approved courier US Postal Service To transmit Top Secret in any manner, call your security officer

Reproduction of Classified Paper (photocopier) Electronically Use approved equipment only! Remember accountability, account for your copies!

Reproduction of Classified Approved photocopiers: Are in controlled environments Are sanitized after classified copying Serviced by cleared personnel or monitored service personnel Contact your security officer if your copier jams while working with classified

Destruction at HCHB Shredding (approved cross-cut shredder) Classified waste “burn bags” Must be protected until turned-in! Turn-in: Tuesdays & Thursdays, Room B-509, 1-3 p.m. Don’t forget to record destruction! For additional “burn bag” information contact the Security Service Center at 202- 482-8355

Most leaks result from: Negligence Carelessness Casual Conversations Open Sources

Reporting Requirements All cleared employees must report contact with a foreign national who: Requests classified information Wants more information than they need to know Acts suspiciously Report incidents to your security officer immediately 1993 Steven J. Lalas, a former State Department communications officer stationed with the embassy in Athens. He was arrested in Northern VA on May 3, 1993. The charge was passing sensitive military information to Greek officials. He claimed that he had been recruited by the Greek Military official in 1991, he feared for his families life if he did not cooperate. In short Mr. Lalas pleaded guilty to one count of conspiracy to commit espionage was sentenced to 14 years in prison without the possibility of parole. His reported profit $20,000 from 1991-1993

Reporting Requirements All employees with Sensitive Compartmented Access must: Report Planned Travel Obtain travel briefing After-travel report The Office of Security’s Personnel Security Team at 202-482-8115

End of Day Security Checks Check all areas to include safes, windows, desktops for classified Complete the SF 701, Activity Security Checklist Complete SF 702, Security Container Checklist Turn on alarm if appropriate

Unauthorized Disclosure of Security Information SF 312 Non-Disclosure Agreement Security Infractions/Violations Penalties for Compromise

SF 312 Non-Disclosure Agreement Binding contract Lifetime obligation You get access Government gets your word to protect classified

Unauthorized Disclosure of Security Information Security Infraction: occurs when classified information is not safeguarded but does not result in a compromise of material Security Violation: occurs when classified information is not safeguarded and could result in a probable compromise of material Compromise: An actual compromise of classified information, whether intentional or unintentional Security Infraction: 1st Offense Oral admonishment/Refresher briefing 2nd Offense Written notice, copy to immediate supervisor and Agency head/refresher briefing 3rd Treated as a security violation. Assessment conducted by security to determine if individual is a potential security risk Security Violation: 1st Offense Ranges from written notice (copy to supervisor/termination of security clearance 2nd Offense Ranges from 5 days suspension without pay to removal of employment 3rd Offense Rages from 30 day suspension without pay to removal of employment

Penalties for Compromising Classified Information (E.O. 12958) Reprimand Suspension without pay Denial of access Removal Others in accordance with applicable laws and regulations

Title 50, USC, Sec. 783 War & National Defense Unauthorized Disclosure of Classified Information. It is unlawful to give classified information to an agent or representative of any foreign government that would result in harm to the National Security.

Title 18, USC, Sec. 794 Crimes & Criminal Procedures Sec. 794. Gathering or delivering defense information to aid of foreign government Delivery of defense information with intent or reason to believe that it is to be used to the injury of the United States or to the advantage of a foreign nation, shall be punished by death or by imprisonment for any term of years or for life..., Brain P. Regaan former Air Force intelligence analyst. Working at the NRO (National Reconnaissance Office) as a contractor for TRW was arrested in August 2001. Charged with spying. He was trying to sell classified documents to Libya, Iraq and China and was caught. A “Notice of Intent to Seek a Sentence of Death” was filed in April 2002 against Brian Regan. A death sentence was being considered for Robert P. Hanssen, however he received life imprisonment. Brian P. Regan plead he will receive life imprisonment. NO PAROLE!!

Title 18, USC, Sec. 798 (1) Any person convicted of a violation of this section shall forfeit to the United States irrespective of any provision of State law - (A) any property constituting, or derived from, any proceeds the person obtained, directly or indirectly, as the result of such violation; and (B) any of the person's property used, or intended to be used, in any manner or part, to commit, or to facilitate the commission of, such violation. Robert P. Hanssen has not profited from the film and book projects that have been done on him. However his wife is receiving his pension of $39,000 a year.

When You Depart Commerce You must: Turn all classified material over to your classified control point Contact your Security Officer for a debriefing Turn in your ID, keys, and access cards

Your Security Officer Be PROACTIVE Request help Report Security violations Suspected loss or compromise Incidents or problems

Who is responsible for security?

YOU! YOU! YOU!