In the Matter of Certain Panoramic and Underwater Irradiators Authorized to Possess Greater than 370 Terabecquerels (10,000 Curies) of Byproduct Material in the Form of Sealed Sources, and All Other Persons Who Obtain Safeguards Information Described Herein; Order Imposing Compensatory Measures and Requirements for the Protection of Certain Safeguards Information (Effective Immediately), 56509-56513 [E5-5188]

Download as PDF Federal Register / Vol. 70, No. 186 / Tuesday, September 27, 2005 / Notices made a final determination that the amendment involves no significant hazards consideration, if a hearing is requested, it will not stay the effectiveness of the amendment. Any hearing held would take place while the amendment is in effect. A request for a hearing or a petition for leave to intervene must be filed by: (1) First class mail addressed to the Office of the Secretary of the Commission, U.S. Nuclear Regulatory Commission, Washington, DC 20555– 0001, Attention: Rulemaking and Adjudications Staff; (2) courier, express mail, and expedited delivery services: Office of the Secretary, Sixteenth Floor, One White Flint North, 11555 Rockville Pike, Rockville, Maryland 20852, Attention: Rulemaking and Adjudications Staff; (3) E-mail addressed to the Office of the Secretary, U.S. Nuclear Regulatory Commission, HearingDocket@nrc.gov; or (4) facsimile transmission addressed to the Office of the Secretary, U.S. Nuclear Regulatory Commission, Washington, DC, Attention: Rulemakings and Adjudications Staff at (301) 415–1101, verification number is (301) 415–1966. A copy of the request for hearing and petition for leave to intervene should also be sent to the Office of the General Counsel, U.S. Nuclear Regulatory Commission, Washington, DC 20555– 0001, and it is requested that copies be transmitted either by means of facsimile transmission to (301) 415–3725 or by email to OGCMailCenter@nrc.gov. A copy of the request for hearing and petition for leave to intervene should also be sent to the attorney for the licensee. Nontimely requests and/or petitions and contentions will not be entertained absent a determination by the Commission or the presiding officer or the Atomic Safety and Licensing Board that the petition, request and/or the contentions should be granted based on a balancing of the factors specified in 10 CFR 2.309(a)(1)(i)–(viii). Energy Operations, Inc., Docket No. 50– 368, Arkansas Nuclear One, Unit No. 2, Pope County, Arkansas Date of amendment request: July 21, 2005, as supplemented by letters dated August 4 and August 26, 2005. The supplemental letters provided additional information that clarified the application, did not expand the scope of the application as originally noticed, and did not change the staff’s original proposed no significant hazards consideration determination as published in the Federal Register. Description of amendment request: To incorporate new Arkansas Nuclear One, Unit 2, Technical Specifications in VerDate Aug<31>2005 14:52 Sep 26, 2005 Jkt 205001 support of dry cask loading operations in the spent fuel pool. The amendment ensures subcritical conditions are maintained in the spent fuel pool during dry cask loading operations by relying on realistically conservative fuel burnup credit. Date of issuance: September 6, 2005. Effective date: As of the date of issuance to be implemented within 30 days from the date of issuance. Amendment No.: 261. Facility Operating License No. NPF–6: Amendment revised the Technical Specifications. Public comments requested as to proposed no significant hazards consideration (NSHC): Yes (70 FR 48196, published August 16, 2005). The notice provided an opportunity to submit comments on the Commission’s proposed NSHC determination. No comments have been received. The notice also provided an opportunity to request a hearing by November 4, 2005, but indicated that if the Commission makes a final NSHC determination, any such hearing would take place after issuance of the amendment. The Commission’s related evaluation of the amendment, finding of exigent circumstances, state consultation, and final NSHC determination are contained in a safety evaluation dated September 6, 2005. Attorney for licensee: Winston & Strawn, 1700 K Street, NW., Washington, DC 20006–3817. NRC Section Chief: David Terao. Dated at Rockville, Maryland, this 16th day of September 2005. For the Nuclear Regulatory Commission. Ledyard B. Marsh, Director, Division of Licensing Project Management, Office of Nuclear Reactor Regulation. [FR Doc. 05–19028 Filed 9–26–05; 8:45 am] BILLING CODE 7590–01–P NUCLEAR REGULATORY COMMISSION In the Matter of Certain Panoramic and Underwater Irradiators Authorized to Possess Greater than 370 Terabecquerels (10,000 Curies) of Byproduct Material in the Form of Sealed Sources, and All Other Persons Who Obtain Safeguards Information Described Herein; Order Imposing Compensatory Measures and Requirements for the Protection of Certain Safeguards Information (Effective Immediately) I The Licensees identified in Attachment 1 to this Order hold licenses PO 00000 Frm 00070 Fmt 4703 Sfmt 4703 56509 issued in accordance with the Atomic Energy Act of 1954 and 10 CFR Part 36 or comparable Agreement State regulations by the U.S. Nuclear Regulatory Commission (NRC or Commission) or an Agreement State authorizing possession of greater than 370 terabecquerels (10,000 curies) of byproduct material in the form of sealed sources either in panoramic irradiators that have dry or wet storage of the sealed sources or in underwater irradiators in which both the source and the product being irradiated are under water. Commission regulations at 10 CFR 20.1801 or equivalent Agreement State regulations, require Licensees to secure, from unauthorized removal or access, licensed materials that are stored in controlled or unrestricted areas. Commission regulations at 10 CFR 20.1802 or equivalent Agreement States regulations, require Licensees to control and maintain constant surveillance of licensed material that is in a controlled or unrestricted area and that is not in storage. II On September 11, 2001, terrorists simultaneously attacked targets in New York, N.Y., and Washington, DC, utilizing large commercial aircraft as weapons. In response to the attacks and intelligence information subsequently obtained, the Commission issued a number of Safeguards and Threat Advisories to its Licensees in order to strengthen Licensees’ capabilities and readiness to respond to a potential attack on a nuclear facility. The Commission has also communicated with other Federal, State and local government agencies and industry representatives to discuss and evaluate the current threat environment in order to assess the adequacy of security measures at licensed facilities. In addition, the Commission has been conducting a review of its safeguards and security programs and requirements. As a result of its consideration of current safeguards and license requirements, as well as a review of information provided by the intelligence community, the Commission has determined that certain compensatory measures are required to be implemented by Licensees as prudent measures to address the current threat environment. Therefore, the Commission is imposing the requirements, as set forth in Attachment 2, on all Licensees identified in E:\FR\FM\27SEN1.SGM 27SEN1 56510 Federal Register / Vol. 70, No. 186 / Tuesday, September 27, 2005 / Notices Attachment 1 of this Order 1 who currently possess, or have near term plans to possess, greater than 370 terabecquerels (10,000 curies) of byproduct material in the form of sealed sources. These requirements, which supplement existing regulatory requirements, will provide the Commission with reasonable assurance that the public health and safety and common defense and security continue to be adequately protected in the current threat environment. These requirements will remain in effect until the Commission determines otherwise. The Commission recognizes that Licensees may have already initiated many measures set forth in Attachment 2 to this Order in response to previously issued advisories or on their own. It is also recognized that some measures may not be possible or necessary at some sites, or may need to be tailored to accommodate the Licensees’ specific circumstances to achieve the intended objectives and avoid any unforeseen effect on the safe use and storage of the sealed sources. Although the additional security measures implemented by the Licensees in response to the Safeguards and Threat Advisories have been adequate to provide reasonable assurance of adequate protection of public health and safety, the Commission concludes that the security measures must be embodied in an Order consistent with the established regulatory framework. The security measures contained in Attachment 2 of this Order contain safeguards information and will not be released to the public. The Commission has broad statutory authority to protect and prohibit the unauthorized disclosure of safeguards information. Section 147 of the Atomic Energy Act of 1954, as amended, grants the Commission explicit authority to ‘‘issue such orders, as necessary to prohibit the unauthorized disclosure of safeguards information * * *’’ This authority extends to information concerning special nuclear material, source material, and byproduct material, as well as production and utilization facilities. This Order imposes requirements for the protection of Safeguards Information in the hands of any person 2 whether or 1 Attachment 1 contains sensitive information and Attachment 2 contains SAFEGUARDS INFORMATION and will not be released to the public. 2 Person means (1) any individual, corporation, partnership, firm, association, trust, estate, public or private institution, group, government agency other than the Commission or the Department, except that the Department shall be considered a person with respect to those facilities of the VerDate Aug<31>2005 14:52 Sep 26, 2005 Jkt 205001 not a licensee or applicant of the Commission, who produces, receives, or acquires Safeguards Information. Licensees, and all persons who produce, receive, or acquire Safeguards Information, must ensure proper handling and protection of safeguards information to avoid unauthorized disclosure in accordance with the specific requirements for the protection of safeguards information contained in Attachment 3. The Commission hereby provides notice that it intends to treat all violations of the requirements contained in Attachment 3, applicable to the handling and unauthorized disclosure of safeguards information as serious breaches of adequate protection of the public health and safety and the common defense and security of the United States. Access to safeguards information is limited to those persons who have established the need to know the information, and are considered to be trustworthy and reliable. A need to know means a determination by a person having responsibility for protecting Safeguards Information that a proposed recipient’s access to Safeguards Information is necessary in the performance of official, contractual, or licensee duties of employment. Licensees and all other persons who obtain Safeguards Information must ensure that they develop, maintain and implement strict policies and procedures for the proper handling and unauthorized disclosure of safeguards information in accordance with the requirements in Attachment 3. All licensees must ensure that all contractors whose employees may have access to safeguards information either adhere to the licensee’s policies and procedures on safeguards information or develop, maintain and implement their own acceptable policies and procedures, but the licensees remain responsible for the conduct of their contractors. The policies and procedures necessary to ensure compliance with applicable requirements contained in Attachment 3 must address, at a minimum, the following: the general performance requirement that each person who produces, receives, or acquires Safeguards Information shall ensure that Safeguards Information is protected against unauthorized disclosure; protection of safeguards information at fixed sites, in use and in storage, and Department specified in section 202 of the Energy Reorganization Act of 1974 (88 Stat. 1244), any State or any political subdivision of, or any political entity within a State, any foreign government or nation or any political subdivision of any such government or nation, or other entity; and (2) any legal successor, representative, agent, or agency of the foregoing. PO 00000 Frm 00071 Fmt 4703 Sfmt 4703 while in transit; inspections, audits and evaluations; correspondence containing safeguards information; access to safeguards information; preparation, marking, reproduction and destruction of documents; external transmission of documents; use of automatic data processing systems; and removal of the Safeguards Information category. In order to provide assurance that the Licensees are implementing prudent measures to achieve a consistent level of protection to address the current threat environment, all Licensees identified in Attachment 1 to this Order shall implement the requirements identified in Attachment 2 to this Order. In addition, pursuant to 10 CFR 2.202, I find that in light of the common defense and security matters identified above, which warrant the issuance of this Order, the public health, safety and interest require that this Order be effective immediately. III Accordingly, pursuant to Sections 81, 161b, 161i, 161o, 182 and 186 of the Atomic Energy Act of 1954, as amended, and the Commission’s regulations in 10 CFR 2.202, 10 CFR Part 30, and 10 CFR Part 36, it is hereby ordered, effective immediately, that all licensees identified in Attachment 1 to this Order, and all other persons who produce, receive, or acquire the compensatory measures identified in Attachment 2 or any related safeguards information, shall comply with the requirements in Attachment 3. In addition, all licensees identified in Attachment 1 to this Order shall comply with the requirements of this Order as follows: A. The licensees shall, notwithstanding the provisions of any Commission or Agreement State regulation or license to the contrary, comply with the requirements described in Attachment 2 to this Order. The licensee shall immediately start implementation of the requirements in Attachment 2 to the Order and shall complete implementation by March 16, 2006, or the first day that greater than 370 terabecquerels (10,000 curies) of byproduct material in the form of sealed sources is possessed, which ever is later. B. 1.The Licensee shall, within twenty-five (25) days of the date of this Order, notify the Commission, (1) if it is unable to comply with any of the requirements described in Attachment 2, (2) if compliance with any of the requirements is unnecessary in its specific circumstances, or (3) if implementation of any of the requirements would cause the Licensee to be in violation of the provisions of any Commission or Agreement State E:\FR\FM\27SEN1.SGM 27SEN1 Federal Register / Vol. 70, No. 186 / Tuesday, September 27, 2005 / Notices regulation or its license. The notification shall provide the Licensee’s justification for seeking relief from or variation of any specific requirement. B.1. If the Licensee considers that implementation of any of the requirements described in Attachment 2 to this Order would adversely impact safe operation of the facility, the Licensee must notify the Commission, within twenty-five (25) days of this Order, of the adverse safety impact, the basis for its determination that the requirement has an adverse safety impact, and either a proposal for achieving the same objectives specified in the Attachment 2 requirement in question, or a schedule for modifying the facility to address the adverse safety condition. If neither approach is appropriate, the Licensee must supplement its response to Condition B.1 of this Order to identify the condition as a requirement with which it cannot comply, with attendant justifications as required in Condition B.1. C. 1. The Licensee shall, within twenty-five (25) days of the date of this Order, submit to the Commission a schedule for completion of each requirement described in Attachment 2. 2. The Licensee shall report to the Commission when it has achieved full compliance with the requirements described in Attachment 2. D. Notwithstanding any provisions of the Commission’s or Agreement State’s regulations to the contrary, all measures implemented or actions taken in response to this order shall be maintained until the Commission determines otherwise. Licensee response to Conditions B.1, B.2, C.1, and C.2 above shall be submitted to the Director, Office of Nuclear Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 20555. In addition, Licensee submittals that contain specific physical protection or security information considered to be safeguards information shall be put in a separate enclosure or attachment and, marked as ‘‘SAFEGUARDS INFORMATION— MODIFIED HANDLING’’ and mailed (no electronic transmittals; i.e., no e-mail or FAX) to the NRC in accordance with Attachment 3. The Director, Office of Nuclear Material Safety and Safeguards, may, in writing, relax or rescind any of the above conditions upon demonstration by the Licensee of good cause. IV In accordance with 10 CFR 2.202, the Licensee must, and any other person adversely affected by this Order may, VerDate Aug<31>2005 14:52 Sep 26, 2005 Jkt 205001 submit an answer to this Order, and may request a hearing on this Order, within twenty-five (25) days of the date of this Order. Where good cause is shown, consideration will be given to extending the time to request a hearing. A request for extension of time in which to submit an answer or request a hearing must be made in writing to the Director, Office of Nuclear Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 20555, and include a statement of good cause for the extension. The answer may consent to this Order. Unless the answer consents to this Order, the answer shall, in writing and under oath or affirmation, specifically set forth the matters of fact and law on which the Licensee or other person adversely affected relies and the reasons as to why the Order should not have been issued. Any answer or request for a hearing shall be submitted to the Secretary, Office of the Secretary of the Commission, U.S. Nuclear Regulatory Commission, ATTN: Rulemakings and Adjudications Staff, Washington, DC 20555. Copies also shall be sent to the Director, Office of Nuclear Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 20555, to the Assistant General Counsel for Materials Litigation and Enforcement at the same address, and to the Licensee if the answer or hearing request is by a person other than the Licensee. Because of possible disruptions in delivery of mail to United States Government offices, it is requested that answers and requests for hearing be transmitted to the Secretary of the Commission either by means of facsimile transmission to 301–415–1101 or by e-mail to hearingdocket@nrc.gov and also to the Office of the General Counsel either by means of facsimile transmission to 301–415–3725 or by email to OGCMailCenter@nrc.gov. If a person other than the Licensee requests a hearing, that person shall set forth with particularity the manner in which his interest is adversely affected by this Order and shall address the criteria set forth in 10 CFR 2.309(d). If a hearing is requested by the Licensee or a person whose interest is adversely affected, the Commission will issue an Order designating the time and place of any hearing. If a hearing is held, the issue to be considered at such hearing shall be whether this Order should be sustained. Pursuant to 10 CFR 2.202(c)(2)(I), the Licensee may, in addition to demanding a hearing, at the time the answer is filed or sooner, move the presiding officer to set aside the immediate effectiveness of the Order on the ground that the Order, PO 00000 Frm 00072 Fmt 4703 Sfmt 4703 56511 including the need for immediate effectiveness, is not based on adequate evidence but on mere suspicion, unfounded allegations, or error. In the absence of any request for hearing, or written approval of an extension of time in which to request a hearing, the provisions specified in Section III above shall be final twentyfive (25) days from the date of this Order without further order or proceedings. If an extension of time for requesting a hearing has been approved, the provisions specified in Section III shall be final when the extension expires if a hearing request has not been received. An answer or a request for hearing shall not stay the immediate effectiveness of this Order. Dated this 16th day of September, 2005. For the Nuclear Regulatory Commission Margaret V. Federline, Acting Director, Office of Nuclear Material Safety and Safeguards. Attachment 3—Modified Handling Requirements for the Protection of Certain Safeguards Information (SGI– M) General Requirement Information and material that the U.S. Nuclear Regulatory Commission (NRC) determines are safeguards information must be protected from unauthorized disclosure. In order to distinguish information needing modified protection requirements from the safeguards information for reactors and fuel cycle facilities that require a higher level of protection, the term ‘‘Safeguards InformationModified Handling’’ (SGI–M) is being used as the distinguishing marking for certain materials licensees. Each person who produces, receives, or acquires SGI–M shall ensure that it is protected against unauthorized disclosure. To meet this requirement, licensees and persons shall establish and maintain an information protection system that includes the measures specified below. Information protection procedures employed by State and local police forces are deemed to meet these requirements. Persons Subject to These Requirements Any person, whether or not a licensee of the NRC, who produces, receives, or acquires SGI–M is subject to the requirements (and sanctions) of this document. Firms and their employees that supply services or equipment to materials licensees would fall under this requirement if they possess facility SGI–M. A licensee must inform contractors and suppliers of the existence of these requirements and the need for proper protection. (See more under Conditions for Access.) State or local police units who have access to SGI–M are also subject to these requirements. However, these organizations are deemed to have adequate information protection systems. The conditions for transfer of information to a third party, i.e., E:\FR\FM\27SEN1.SGM 27SEN1 56512 Federal Register / Vol. 70, No. 186 / Tuesday, September 27, 2005 / Notices need-to-know, would still apply to the police organization as would sanctions for unlawful disclosure. Again, it would be prudent for licensees who have arrangements with local police to advise them of the existence of these requirements. Criminal and Civil Sanctions The Atomic Energy Act of 1954, as amended, explicitly provides that any person, ‘‘whether or not a licensee of the Commission, who violates any regulations adopted under this section shall be subject to the civil monetary penalties of section 234 of this Act.’’ Section 147a. of the Act. Furthermore, willful violation of any regulation or order governing safeguards information is a felony subject to criminal penalties in the form of fines or imprisonment, or both. See sections 147b. and 223 of the Act. Conditions for Access Access to SGI–M beyond the initial recipients of the order will be governed by the background check requirements imposed by the order. Access to SGI–M by licensee employees, agents, or contractors must include both an appropriate need-to-know determination by the licensee, as well as a determination concerning the trustworthiness of individuals having access to the information. Employees of an organization affiliated with the licensee’s company, e.g., a parent company, may be considered as employees of the licensee for access purposes. Need-to-Know Need-to-know is defined as a determination by a person having responsibility for protecting SGI–M that a proposed recipient’s access to SGI–M is necessary in the performance of official, contractual, or licensee duties of employment. The recipient should be made aware that the information is SGI–M and those having access to it are subject to these requirements as well as criminal and civil sanctions for mishandling the information. Occupational Groups Dissemination of SGI–M is limited to individuals who have an established need-toknow and who are members of certain occupational groups. These occupational groups are: 1. An employee, agent, or contractor of an applicant, a licensee, the Commission, or the United States Government; 2. A member of a duly authorized committee of the Congress; 3. The Governor of a State or his designated representative; 4. A representative of the International Atomic Energy Agency (IAEA) engaged in activities associated with the U.S./IAEA Safeguards Agreement who has been certified by the NRC; 5. A member of a state or local law enforcement authority that is responsible for responding to requests for assistance during safeguards emergencies; or 6. A person to whom disclosure is ordered pursuant to Section 2.744(e) of Part 2 of part 10 of the Code of Federal Regulations. VerDate Aug<31>2005 14:52 Sep 26, 2005 Jkt 205001 7. State Radiation Control Program Directors (and State Homeland Security Directors) or their designees. In a generic sense, the individuals described above in (II) through (VII) are considered to be trustworthy by virtue of their employment status. For nongovernmental individuals in group (I) above, a determination of reliability and trustworthiness is required. Discretion must be exercised in granting access to these individuals. If there is any indication that the recipient would be unwilling or unable to provide proper protection for the SGI–M, they are not authorized to receive SGI–M. Information Considered for Safeguards Information Designation Information deemed SGI–M is information the disclosure of which could reasonably be expected to have a significant adverse effect on the health and safety of the public or the common defense and security by significantly increasing the likelihood of theft, diversion, or sabotage of materials or facilities subject to NRC jurisdiction. SGI–M identifies safeguards information which is subject to these requirements. These requirements are necessary in order to protect quantities of nuclear material significant to the health and safety of the public or common defense and security. The overall measure for consideration of SGI–M is the usefulness of the information (security or otherwise) to an adversary in planning or attempting a malevolent act. The specificity of the information increases the likelihood that it will be useful to an adversary. Protection While in Use While in use, SGI–M shall be under the control of an authorized individual. This requirement is satisfied if the SGI–M is attended by an authorized individual even though the information is in fact not constantly being used. SGI–M, therefore, within alarm stations, continuously manned guard posts or ready rooms need not be locked in file drawers or storage containers. Under certain conditions the general control exercised over security zones or areas would be considered to meet this requirement. The primary consideration is limiting access to those who have a need-toknow. Some examples would be: Alarm stations, guard posts and guard ready rooms; Engineering or drafting areas if visitors are escorted and information is not clearly visible; Plant maintenance areas if access is restricted and information is not clearly visible; Administrative offices (e.g., central records or purchasing) if visitors are escorted and information is not clearly visible; Protection While in Storage While unattended, SGI–M shall be stored in a locked file drawer or container. Knowledge of lock combinations or access to keys protecting SGI–M shall be limited to a minimum number of personnel for operating purposes who have a ‘‘need-to-know’’ and are otherwise authorized access to SGI–M in accordance with these requirements. Access PO 00000 Frm 00073 Fmt 4703 Sfmt 4703 to lock combinations or keys shall be strictly controlled so as to prevent disclosure to an unauthorized individual. Transportation of Documents and Other Matter Documents containing SGI–M when transmitted outside an authorized place of use or storage shall be enclosed in two sealed envelopes or wrappers. The inner envelope or wrapper shall contain the name and address of the intended recipient, and be marked both sides, top and bottom with the words ‘‘Safeguards Information-Modified Handling.’’ The outer envelope or wrapper must be addressed to the intended recipient, must contain the address of the sender, and must not bear any markings or indication that the document contains SGI–M. SGI–M may be transported by any commercial delivery company that provides nationwide overnight service with computer tracking features, U.S. first class, registered, express, or certified mail, or by any individual authorized access pursuant to these requirements. Within a facility, SGI–M may be transmitted using a single opaque envelope. It may also be transmitted within a facility without single or double wrapping, provided adequate measures are taken to protect the material against unauthorized disclosure. Individuals transporting SGI–M should retain the documents in their personal possession at all times or ensure that the information is appropriately wrapped and also secured to preclude compromise by an unauthorized individual. Preparation and Marking of Documents While the NRC is the sole authority for determining what specific information may be designated as ‘‘SGI–M,’’ originators of documents are responsible for determining whether those documents contain such information. Each document or other matter that contains SGI–M shall be marked ‘‘Safeguards Information-Modified Handling’’ in a conspicuous manner on the top and bottom of the first page to indicate the presence of protected information. The first page of the document must also contain (i) the name, title, and organization of the individual authorized to make an SGI–M determination, and who has determined that the document contains SGI–M, (ii) the date the document was originated or the determination made, (iii) an indication that the document contains SGI–M, and (iv) an indication that unauthorized disclosure would be subject to civil and criminal sanctions. Each additional page shall be marked in a conspicuous fashion at the top and bottom with letters denoting ‘‘Safeguards Information-Modified Handling.’’ In addition to the ‘‘Safeguards Information—Modified Handling’’ markings at the top and bottom of page, transmittal letters or memoranda which do not in themselves contain SGI–M shall be marked to indicate that attachments or enclosures contain SGI–M but that the transmittal does not (e.g., ‘‘When separated from SGI–M enclosure(s), this document is decontrolled’’). In addition to the information required on the face of the document, each item of E:\FR\FM\27SEN1.SGM 27SEN1 Federal Register / Vol. 70, No. 186 / Tuesday, September 27, 2005 / Notices correspondence that contains SGI–M shall, by marking or other means, clearly indicate which portions (e.g., paragraphs, pages, or appendices) contain SGI–M and which do not. Portion marking is not required for physical security and safeguards contingency plans. All documents or other matter containing SGI–M in use or storage shall be marked in accordance with these requirements. A specific exception is provided for documents in the possession of contractors and agents of licensees that were produced more than one year prior to the effective date of the order. Such documents need not be marked unless they are removed from file drawers or containers. The same exception applies to old documents stored away from the facility in central files or corporation headquarters. Since information protection procedures employed by state and local police forces are deemed to meet NRC requirements, documents in the possession of these agencies need not be marked as set forth in this document. Removal From SGI–M Category Documents containing SGI–M shall be removed from the SGI–M category (decontrolled) only after the NRC determines that the information no longer meets the criteria of SGI–M. Licensees have the authority to make determinations that specific documents which they created no longer contain SGI–M information and may be decontrolled. Consideration must be exercised to ensure that any document decontrolled shall not disclose SGI–M in some other form or be combined with other unprotected information to disclose SGI–M. The authority to determine that a document may be decontrolled may be exercised only by, or with the permission of, the individual (or office) who made the original determination. The document should indicate the name and organization of the individual removing the document from the SGI–M category and the date of the removal. Other persons who have the document in their possession should be notified of the decontrolling of the document. Licensees are encouraged to process this information in a computing environment that has adequate computer security controls in place to prevent unauthorized access to the information. An ADP system is defined here as a data processing system having the capability of long term storage of SGI–M. Word processors such as typewriters are not subject to the requirements as long as they do not transmit information off-site. (Note: if SGI–M is produced on a typewriter, the ribbon must be removed and stored in the same manner as other SGI–M information or media.) The basic objective of these restrictions is to prevent access and retrieval of stored SGI–M by unauthorized individuals, particularly from remote terminals. Specific files containing SGI–M will be password protected to preclude access by an unauthorized individual. The National Institute of Standards and Technology (NIST) maintains a listing of all validated encryption systems at http:// csrc.nist.gov/cryptval/140–1/1401val.htm. SGI–M files may be transmitted over a network if the file is encrypted. In such cases, the licensee will select a commercially available encryption system that NIST has validated as conforming to Federal Information Processing Standards (FIPS). SGI–M files shall be properly labeled as ‘‘Safeguards Information-Modified Handling’’ and saved to removable media and stored in a locked file drawer or cabinet. Reproduction of Matter Containing SGI–M SGI–M may be reproduced to the minimum extent necessary consistent with need without permission of the originator. Newer digital copiers which scan and retain images of documents represent a potential security concern. If the copier is retaining SGI–M information in memory, the copier cannot be connected to a network. It should also be placed in a location that is cleared and controlled for the authorized processing of SGI–M information. Different copiers have different capabilities, including some which come with features that allow the memory to be erased. Each copier would have to be examined from a physical security perspective. Telecommunications SGI–M may not be transmitted by unprotected telecommunications circuits except under emergency or extraordinary conditions. For the purpose of this requirement, emergency or extraordinary conditions are defined as any circumstances that require immediate communications in order to report, summon assistance for, or respond to a security event (or an event that has potential security significance). This restriction applies to telephone, telegraph, teletype, facsimile circuits, and radio. Routine telephone or radio transmission between site security personnel, or between the site and local police, should be limited to message formats or codes that do not disclose facility security features or response procedures. Similarly, call-ins during transport should not disclose information useful to a potential adversary. Infrequent or non-repetitive telephone conversations regarding a physical security plan or program are permitted provided that the discussion is general in nature. Individuals should use care when discussing SGI–M at meetings or in the presence of others to insure that the conversation is not overheard by persons not authorized access. Transcripts, tapes or minutes of meetings or hearings that contain SGI–M should be marked and protected in accordance with these requirements. Use of Automatic Data Processing (ADP) Systems SGI–M may be processed or produced on an ADP system provided that the system is assigned to the licensee’s or contractor’s facility and requires the use of an entry code/ password for access to stored information. Destruction Documents containing SGI–M should be destroyed when no longer needed. They may be destroyed by tearing into small pieces, burning, shredding or any other method that precludes reconstruction by means available to the public at large. Piece sizes one half VerDate Aug<31>2005 14:52 Sep 26, 2005 Jkt 205001 PO 00000 Frm 00074 Fmt 4703 Sfmt 4703 56513 inch or smaller composed of several pages or documents and thoroughly mixed would be considered completely destroyed. [FR Doc. E5–5188 Filed 9–26–05; 8:45 am] BILLING CODE 7590–01–P POSTAL RATE COMMISSION Sunshine Act Meetings Postal Rate Commission (PRC). Convening on Wednesday, October 5, 2005 at 2:30 p.m. and continuing daily thereafter as needed, after 9:30 a.m., until completed. PLACE: Commission conference room, 901 New York Avenue, NW., Suite 200, Washington, DC 20268–0001. STATUS: Closed. MATTERS TO BE CONSIDERED: Recommendations in Docket No. R2005–1. FOR FURTHER INFORMATION CONTACT: Stephen L. Sharfman, General Counsel, Postal Rate Commission, 202–789–6820. AGENCY: TIME AND DATE: Dated: September 22, 2005. Steven W. Williams, Secretary. [FR Doc. 05–19310 Filed 9–22–05; 4:41 pm] BILLING CODE 7710–FW–M POSTAL RATE COMMISSION Sunshine Act; Briefing on Commission Functions and Procedures Postal Rate Commission. Notice of briefing. AGENCY: ACTION: SUMMARY: The Commission will serve as a general host for a visiting delegation from PostEurop on October 11 through 14, 2005. The agenda includes briefings on Commission operations, functions and activities, as well as related issues, such as postal reform, efficient component pricing, negotiated service agreements, worksharing, and distinctions between domestic and European postal models. It also includes Postal Service briefings, a postal facility tour, meetings with members of Congress and their staff, and discussions with mailers. DATES: October 11 through 14, 2005. ADDRESSES: Postal Rate Commission, 901 New York Avenue, NW., Suite 200, Washington, DC 20268–001. FOR FURTHER INFORMATION CONTACT: Stephen L. Sharfman, General Counsel, 202–789–6818. Dated: September 22, 2005. Steven W. Williams, Secretary. [FR Doc. 05–19311 Filed 9–22–05; 4:41 pm] BILLING CODE 7710–FW–M E:\FR\FM\27SEN1.SGM 27SEN1

Agencies

[Federal Register Volume 70, Number 186 (Tuesday, September 27, 2005)]
[Notices]
[Pages 56509-56513]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E5-5188]


-----------------------------------------------------------------------

NUCLEAR REGULATORY COMMISSION


In the Matter of Certain Panoramic and Underwater Irradiators 
Authorized to Possess Greater than 370 Terabecquerels (10,000 Curies) 
of Byproduct Material in the Form of Sealed Sources, and All Other 
Persons Who Obtain Safeguards Information Described Herein; Order 
Imposing Compensatory Measures and Requirements for the Protection of 
Certain Safeguards Information (Effective Immediately)

I

    The Licensees identified in Attachment 1 to this Order hold 
licenses issued in accordance with the Atomic Energy Act of 1954 and 10 
CFR Part 36 or comparable Agreement State regulations by the U.S. 
Nuclear Regulatory Commission (NRC or Commission) or an Agreement State 
authorizing possession of greater than 370 terabecquerels (10,000 
curies) of byproduct material in the form of sealed sources either in 
panoramic irradiators that have dry or wet storage of the sealed 
sources or in underwater irradiators in which both the source and the 
product being irradiated are under water. Commission regulations at 10 
CFR 20.1801 or equivalent Agreement State regulations, require 
Licensees to secure, from unauthorized removal or access, licensed 
materials that are stored in controlled or unrestricted areas. 
Commission regulations at 10 CFR 20.1802 or equivalent Agreement States 
regulations, require Licensees to control and maintain constant 
surveillance of licensed material that is in a controlled or 
unrestricted area and that is not in storage.

II

    On September 11, 2001, terrorists simultaneously attacked targets 
in New York, N.Y., and Washington, DC, utilizing large commercial 
aircraft as weapons. In response to the attacks and intelligence 
information subsequently obtained, the Commission issued a number of 
Safeguards and Threat Advisories to its Licensees in order to 
strengthen Licensees' capabilities and readiness to respond to a 
potential attack on a nuclear facility. The Commission has also 
communicated with other Federal, State and local government agencies 
and industry representatives to discuss and evaluate the current threat 
environment in order to assess the adequacy of security measures at 
licensed facilities. In addition, the Commission has been conducting a 
review of its safeguards and security programs and requirements.
    As a result of its consideration of current safeguards and license 
requirements, as well as a review of information provided by the 
intelligence community, the Commission has determined that certain 
compensatory measures are required to be implemented by Licensees as 
prudent measures to address the current threat environment. Therefore, 
the Commission is imposing the requirements, as set forth in Attachment 
2, on all Licensees identified in

[[Page 56510]]

Attachment 1 of this Order \1\ who currently possess, or have near term 
plans to possess, greater than 370 terabecquerels (10,000 curies) of 
byproduct material in the form of sealed sources. These requirements, 
which supplement existing regulatory requirements, will provide the 
Commission with reasonable assurance that the public health and safety 
and common defense and security continue to be adequately protected in 
the current threat environment. These requirements will remain in 
effect until the Commission determines otherwise.
---------------------------------------------------------------------------

    \1\ Attachment 1 contains sensitive information and Attachment 2 
contains SAFEGUARDS INFORMATION and will not be released to the 
public.
---------------------------------------------------------------------------

    The Commission recognizes that Licensees may have already initiated 
many measures set forth in Attachment 2 to this Order in response to 
previously issued advisories or on their own. It is also recognized 
that some measures may not be possible or necessary at some sites, or 
may need to be tailored to accommodate the Licensees' specific 
circumstances to achieve the intended objectives and avoid any 
unforeseen effect on the safe use and storage of the sealed sources.
    Although the additional security measures implemented by the 
Licensees in response to the Safeguards and Threat Advisories have been 
adequate to provide reasonable assurance of adequate protection of 
public health and safety, the Commission concludes that the security 
measures must be embodied in an Order consistent with the established 
regulatory framework. The security measures contained in Attachment 2 
of this Order contain safeguards information and will not be released 
to the public. The Commission has broad statutory authority to protect 
and prohibit the unauthorized disclosure of safeguards information. 
Section 147 of the Atomic Energy Act of 1954, as amended, grants the 
Commission explicit authority to ``issue such orders, as necessary to 
prohibit the unauthorized disclosure of safeguards information * * *'' 
This authority extends to information concerning special nuclear 
material, source material, and byproduct material, as well as 
production and utilization facilities.
    This Order imposes requirements for the protection of Safeguards 
Information in the hands of any person \2\ whether or not a licensee or 
applicant of the Commission, who produces, receives, or acquires 
Safeguards Information. Licensees, and all persons who produce, 
receive, or acquire Safeguards Information, must ensure proper handling 
and protection of safeguards information to avoid unauthorized 
disclosure in accordance with the specific requirements for the 
protection of safeguards information contained in Attachment 3. The 
Commission hereby provides notice that it intends to treat all 
violations of the requirements contained in Attachment 3, applicable to 
the handling and unauthorized disclosure of safeguards information as 
serious breaches of adequate protection of the public health and safety 
and the common defense and security of the United States. Access to 
safeguards information is limited to those persons who have established 
the need to know the information, and are considered to be trustworthy 
and reliable. A need to know means a determination by a person having 
responsibility for protecting Safeguards Information that a proposed 
recipient's access to Safeguards Information is necessary in the 
performance of official, contractual, or licensee duties of employment. 
Licensees and all other persons who obtain Safeguards Information must 
ensure that they develop, maintain and implement strict policies and 
procedures for the proper handling and unauthorized disclosure of 
safeguards information in accordance with the requirements in 
Attachment 3. All licensees must ensure that all contractors whose 
employees may have access to safeguards information either adhere to 
the licensee's policies and procedures on safeguards information or 
develop, maintain and implement their own acceptable policies and 
procedures, but the licensees remain responsible for the conduct of 
their contractors. The policies and procedures necessary to ensure 
compliance with applicable requirements contained in Attachment 3 must 
address, at a minimum, the following: the general performance 
requirement that each person who produces, receives, or acquires 
Safeguards Information shall ensure that Safeguards Information is 
protected against unauthorized disclosure; protection of safeguards 
information at fixed sites, in use and in storage, and while in 
transit; inspections, audits and evaluations; correspondence containing 
safeguards information; access to safeguards information; preparation, 
marking, reproduction and destruction of documents; external 
transmission of documents; use of automatic data processing systems; 
and removal of the Safeguards Information category.
---------------------------------------------------------------------------

    \2\ Person means (1) any individual, corporation, partnership, 
firm, association, trust, estate, public or private institution, 
group, government agency other than the Commission or the 
Department, except that the Department shall be considered a person 
with respect to those facilities of the Department specified in 
section 202 of the Energy Reorganization Act of 1974 (88 Stat. 
1244), any State or any political subdivision of, or any political 
entity within a State, any foreign government or nation or any 
political subdivision of any such government or nation, or other 
entity; and (2) any legal successor, representative, agent, or 
agency of the foregoing.
---------------------------------------------------------------------------

    In order to provide assurance that the Licensees are implementing 
prudent measures to achieve a consistent level of protection to address 
the current threat environment, all Licensees identified in Attachment 
1 to this Order shall implement the requirements identified in 
Attachment 2 to this Order. In addition, pursuant to 10 CFR 2.202, I 
find that in light of the common defense and security matters 
identified above, which warrant the issuance of this Order, the public 
health, safety and interest require that this Order be effective 
immediately.

III

    Accordingly, pursuant to Sections 81, 161b, 161i, 161o, 182 and 186 
of the Atomic Energy Act of 1954, as amended, and the Commission's 
regulations in 10 CFR 2.202, 10 CFR Part 30, and 10 CFR Part 36, it is 
hereby ordered, effective immediately, that all licensees identified in 
Attachment 1 to this Order, and all other persons who produce, receive, 
or acquire the compensatory measures identified in Attachment 2 or any 
related safeguards information, shall comply with the requirements in 
Attachment 3. In addition, all licensees identified in Attachment 1 to 
this Order shall comply with the requirements of this Order as follows:
    A. The licensees shall, notwithstanding the provisions of any 
Commission or Agreement State regulation or license to the contrary, 
comply with the requirements described in Attachment 2 to this Order. 
The licensee shall immediately start implementation of the requirements 
in Attachment 2 to the Order and shall complete implementation by March 
16, 2006, or the first day that greater than 370 terabecquerels (10,000 
curies) of byproduct material in the form of sealed sources is 
possessed, which ever is later.
    B. 1.The Licensee shall, within twenty-five (25) days of the date 
of this Order, notify the Commission, (1) if it is unable to comply 
with any of the requirements described in Attachment 2, (2) if 
compliance with any of the requirements is unnecessary in its specific 
circumstances, or (3) if implementation of any of the requirements 
would cause the Licensee to be in violation of the provisions of any 
Commission or Agreement State

[[Page 56511]]

regulation or its license. The notification shall provide the 
Licensee's justification for seeking relief from or variation of any 
specific requirement.
    B.1. If the Licensee considers that implementation of any of the 
requirements described in Attachment 2 to this Order would adversely 
impact safe operation of the facility, the Licensee must notify the 
Commission, within twenty-five (25) days of this Order, of the adverse 
safety impact, the basis for its determination that the requirement has 
an adverse safety impact, and either a proposal for achieving the same 
objectives specified in the Attachment 2 requirement in question, or a 
schedule for modifying the facility to address the adverse safety 
condition. If neither approach is appropriate, the Licensee must 
supplement its response to Condition B.1 of this Order to identify the 
condition as a requirement with which it cannot comply, with attendant 
justifications as required in Condition B.1.
    C. 1. The Licensee shall, within twenty-five (25) days of the date 
of this Order, submit to the Commission a schedule for completion of 
each requirement described in Attachment 2.
    2. The Licensee shall report to the Commission when it has achieved 
full compliance with the requirements described in Attachment 2.
    D. Notwithstanding any provisions of the Commission's or Agreement 
State's regulations to the contrary, all measures implemented or 
actions taken in response to this order shall be maintained until the 
Commission determines otherwise.
    Licensee response to Conditions B.1, B.2, C.1, and C.2 above shall 
be submitted to the Director, Office of Nuclear Material Safety and 
Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 20555. 
In addition, Licensee submittals that contain specific physical 
protection or security information considered to be safeguards 
information shall be put in a separate enclosure or attachment and, 
marked as ``SAFEGUARDS INFORMATION--MODIFIED HANDLING'' and mailed (no 
electronic transmittals; i.e., no e-mail or FAX) to the NRC in 
accordance with Attachment 3.
    The Director, Office of Nuclear Material Safety and Safeguards, 
may, in writing, relax or rescind any of the above conditions upon 
demonstration by the Licensee of good cause.

IV

    In accordance with 10 CFR 2.202, the Licensee must, and any other 
person adversely affected by this Order may, submit an answer to this 
Order, and may request a hearing on this Order, within twenty-five (25) 
days of the date of this Order. Where good cause is shown, 
consideration will be given to extending the time to request a hearing. 
A request for extension of time in which to submit an answer or request 
a hearing must be made in writing to the Director, Office of Nuclear 
Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, 
Washington, DC 20555, and include a statement of good cause for the 
extension. The answer may consent to this Order. Unless the answer 
consents to this Order, the answer shall, in writing and under oath or 
affirmation, specifically set forth the matters of fact and law on 
which the Licensee or other person adversely affected relies and the 
reasons as to why the Order should not have been issued. Any answer or 
request for a hearing shall be submitted to the Secretary, Office of 
the Secretary of the Commission, U.S. Nuclear Regulatory Commission, 
ATTN: Rulemakings and Adjudications Staff, Washington, DC 20555. Copies 
also shall be sent to the Director, Office of Nuclear Material Safety 
and Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 
20555, to the Assistant General Counsel for Materials Litigation and 
Enforcement at the same address, and to the Licensee if the answer or 
hearing request is by a person other than the Licensee. Because of 
possible disruptions in delivery of mail to United States Government 
offices, it is requested that answers and requests for hearing be 
transmitted to the Secretary of the Commission either by means of 
facsimile transmission to 301-415-1101 or by e-mail to 
hearingdocket@nrc.gov and also to the Office of the General Counsel 
either by means of facsimile transmission to 301-415-3725 or by e-mail 
to OGCMailCenter@nrc.gov. If a person other than the Licensee requests 
a hearing, that person shall set forth with particularity the manner in 
which his interest is adversely affected by this Order and shall 
address the criteria set forth in 10 CFR 2.309(d).
    If a hearing is requested by the Licensee or a person whose 
interest is adversely affected, the Commission will issue an Order 
designating the time and place of any hearing. If a hearing is held, 
the issue to be considered at such hearing shall be whether this Order 
should be sustained.
    Pursuant to 10 CFR 2.202(c)(2)(I), the Licensee may, in addition to 
demanding a hearing, at the time the answer is filed or sooner, move 
the presiding officer to set aside the immediate effectiveness of the 
Order on the ground that the Order, including the need for immediate 
effectiveness, is not based on adequate evidence but on mere suspicion, 
unfounded allegations, or error.
    In the absence of any request for hearing, or written approval of 
an extension of time in which to request a hearing, the provisions 
specified in Section III above shall be final twenty-five (25) days 
from the date of this Order without further order or proceedings. If an 
extension of time for requesting a hearing has been approved, the 
provisions specified in Section III shall be final when the extension 
expires if a hearing request has not been received. An answer or a 
request for hearing shall not stay the immediate effectiveness of this 
Order.

    Dated this 16th day of September, 2005.

    For the Nuclear Regulatory Commission
Margaret V. Federline,
Acting Director, Office of Nuclear Material Safety and Safeguards.

Attachment 3--Modified Handling Requirements for the Protection of 
Certain Safeguards Information (SGI-M)

General Requirement

    Information and material that the U.S. Nuclear Regulatory 
Commission (NRC) determines are safeguards information must be 
protected from unauthorized disclosure. In order to distinguish 
information needing modified protection requirements from the 
safeguards information for reactors and fuel cycle facilities that 
require a higher level of protection, the term ``Safeguards 
Information-Modified Handling'' (SGI-M) is being used as the 
distinguishing marking for certain materials licensees. Each person 
who produces, receives, or acquires SGI-M shall ensure that it is 
protected against unauthorized disclosure. To meet this requirement, 
licensees and persons shall establish and maintain an information 
protection system that includes the measures specified below. 
Information protection procedures employed by State and local police 
forces are deemed to meet these requirements.

Persons Subject to These Requirements

    Any person, whether or not a licensee of the NRC, who produces, 
receives, or acquires SGI-M is subject to the requirements (and 
sanctions) of this document. Firms and their employees that supply 
services or equipment to materials licensees would fall under this 
requirement if they possess facility SGI-M. A licensee must inform 
contractors and suppliers of the existence of these requirements and 
the need for proper protection. (See more under Conditions for 
Access.)
    State or local police units who have access to SGI-M are also 
subject to these requirements. However, these organizations are 
deemed to have adequate information protection systems. The 
conditions for transfer of information to a third party, i.e.,

[[Page 56512]]

need-to-know, would still apply to the police organization as would 
sanctions for unlawful disclosure. Again, it would be prudent for 
licensees who have arrangements with local police to advise them of 
the existence of these requirements.

Criminal and Civil Sanctions

    The Atomic Energy Act of 1954, as amended, explicitly provides 
that any person, ``whether or not a licensee of the Commission, who 
violates any regulations adopted under this section shall be subject 
to the civil monetary penalties of section 234 of this Act.'' 
Section 147a. of the Act. Furthermore, willful violation of any 
regulation or order governing safeguards information is a felony 
subject to criminal penalties in the form of fines or imprisonment, 
or both. See sections 147b. and 223 of the Act.

Conditions for Access

    Access to SGI-M beyond the initial recipients of the order will 
be governed by the background check requirements imposed by the 
order. Access to SGI-M by licensee employees, agents, or contractors 
must include both an appropriate need-to-know determination by the 
licensee, as well as a determination concerning the trustworthiness 
of individuals having access to the information. Employees of an 
organization affiliated with the licensee's company, e.g., a parent 
company, may be considered as employees of the licensee for access 
purposes.

Need-to-Know

    Need-to-know is defined as a determination by a person having 
responsibility for protecting SGI-M that a proposed recipient's 
access to SGI-M is necessary in the performance of official, 
contractual, or licensee duties of employment. The recipient should 
be made aware that the information is SGI-M and those having access 
to it are subject to these requirements as well as criminal and 
civil sanctions for mishandling the information.

Occupational Groups

    Dissemination of SGI-M is limited to individuals who have an 
established need-to-know and who are members of certain occupational 
groups. These occupational groups are:
    1. An employee, agent, or contractor of an applicant, a 
licensee, the Commission, or the United States Government;
    2. A member of a duly authorized committee of the Congress;
    3. The Governor of a State or his designated representative;
    4. A representative of the International Atomic Energy Agency 
(IAEA) engaged in activities associated with the U.S./IAEA 
Safeguards Agreement who has been certified by the NRC;
    5. A member of a state or local law enforcement authority that 
is responsible for responding to requests for assistance during 
safeguards emergencies; or
    6. A person to whom disclosure is ordered pursuant to Section 
2.744(e) of Part 2 of part 10 of the Code of Federal Regulations.
    7. State Radiation Control Program Directors (and State Homeland 
Security Directors) or their designees.
    In a generic sense, the individuals described above in (II) 
through (VII) are considered to be trustworthy by virtue of their 
employment status. For non-governmental individuals in group (I) 
above, a determination of reliability and trustworthiness is 
required. Discretion must be exercised in granting access to these 
individuals. If there is any indication that the recipient would be 
unwilling or unable to provide proper protection for the SGI-M, they 
are not authorized to receive SGI-M.

Information Considered for Safeguards Information Designation

    Information deemed SGI-M is information the disclosure of which 
could reasonably be expected to have a significant adverse effect on 
the health and safety of the public or the common defense and 
security by significantly increasing the likelihood of theft, 
diversion, or sabotage of materials or facilities subject to NRC 
jurisdiction.
    SGI-M identifies safeguards information which is subject to 
these requirements. These requirements are necessary in order to 
protect quantities of nuclear material significant to the health and 
safety of the public or common defense and security.
    The overall measure for consideration of SGI-M is the usefulness 
of the information (security or otherwise) to an adversary in 
planning or attempting a malevolent act. The specificity of the 
information increases the likelihood that it will be useful to an 
adversary.

Protection While in Use

    While in use, SGI-M shall be under the control of an authorized 
individual. This requirement is satisfied if the SGI-M is attended 
by an authorized individual even though the information is in fact 
not constantly being used. SGI-M, therefore, within alarm stations, 
continuously manned guard posts or ready rooms need not be locked in 
file drawers or storage containers.
    Under certain conditions the general control exercised over 
security zones or areas would be considered to meet this 
requirement. The primary consideration is limiting access to those 
who have a need-to-know. Some examples would be:
    Alarm stations, guard posts and guard ready rooms;
    Engineering or drafting areas if visitors are escorted and 
information is not clearly visible;
    Plant maintenance areas if access is restricted and information 
is not clearly visible;
    Administrative offices (e.g., central records or purchasing) if 
visitors are escorted and information is not clearly visible;

Protection While in Storage

    While unattended, SGI-M shall be stored in a locked file drawer 
or container. Knowledge of lock combinations or access to keys 
protecting SGI-M shall be limited to a minimum number of personnel 
for operating purposes who have a ``need-to-know'' and are otherwise 
authorized access to SGI-M in accordance with these requirements. 
Access to lock combinations or keys shall be strictly controlled so 
as to prevent disclosure to an unauthorized individual.

Transportation of Documents and Other Matter

    Documents containing SGI-M when transmitted outside an 
authorized place of use or storage shall be enclosed in two sealed 
envelopes or wrappers. The inner envelope or wrapper shall contain 
the name and address of the intended recipient, and be marked both 
sides, top and bottom with the words ``Safeguards Information-
Modified Handling.'' The outer envelope or wrapper must be addressed 
to the intended recipient, must contain the address of the sender, 
and must not bear any markings or indication that the document 
contains SGI-M.
    SGI-M may be transported by any commercial delivery company that 
provides nationwide overnight service with computer tracking 
features, U.S. first class, registered, express, or certified mail, 
or by any individual authorized access pursuant to these 
requirements.
    Within a facility, SGI-M may be transmitted using a single 
opaque envelope. It may also be transmitted within a facility 
without single or double wrapping, provided adequate measures are 
taken to protect the material against unauthorized disclosure. 
Individuals transporting SGI-M should retain the documents in their 
personal possession at all times or ensure that the information is 
appropriately wrapped and also secured to preclude compromise by an 
unauthorized individual.

Preparation and Marking of Documents

    While the NRC is the sole authority for determining what 
specific information may be designated as ``SGI-M,'' originators of 
documents are responsible for determining whether those documents 
contain such information. Each document or other matter that 
contains SGI-M shall be marked ``Safeguards Information-Modified 
Handling'' in a conspicuous manner on the top and bottom of the 
first page to indicate the presence of protected information. The 
first page of the document must also contain (i) the name, title, 
and organization of the individual authorized to make an SGI-M 
determination, and who has determined that the document contains 
SGI-M, (ii) the date the document was originated or the 
determination made, (iii) an indication that the document contains 
SGI-M, and (iv) an indication that unauthorized disclosure would be 
subject to civil and criminal sanctions. Each additional page shall 
be marked in a conspicuous fashion at the top and bottom with 
letters denoting ``Safeguards Information-Modified Handling.''
    In addition to the ``Safeguards Information--Modified Handling'' 
markings at the top and bottom of page, transmittal letters or 
memoranda which do not in themselves contain SGI-M shall be marked 
to indicate that attachments or enclosures contain SGI-M but that 
the transmittal does not (e.g., ``When separated from SGI-M 
enclosure(s), this document is decontrolled'').
    In addition to the information required on the face of the 
document, each item of

[[Page 56513]]

correspondence that contains SGI-M shall, by marking or other means, 
clearly indicate which portions (e.g., paragraphs, pages, or 
appendices) contain SGI-M and which do not. Portion marking is not 
required for physical security and safeguards contingency plans.
    All documents or other matter containing SGI-M in use or storage 
shall be marked in accordance with these requirements. A specific 
exception is provided for documents in the possession of contractors 
and agents of licensees that were produced more than one year prior 
to the effective date of the order. Such documents need not be 
marked unless they are removed from file drawers or containers. The 
same exception applies to old documents stored away from the 
facility in central files or corporation headquarters.
    Since information protection procedures employed by state and 
local police forces are deemed to meet NRC requirements, documents 
in the possession of these agencies need not be marked as set forth 
in this document.

Removal From SGI-M Category

    Documents containing SGI-M shall be removed from the SGI-M 
category (decontrolled) only after the NRC determines that the 
information no longer meets the criteria of SGI-M. Licensees have 
the authority to make determinations that specific documents which 
they created no longer contain SGI-M information and may be 
decontrolled. Consideration must be exercised to ensure that any 
document decontrolled shall not disclose SGI-M in some other form or 
be combined with other unprotected information to disclose SGI-M. 
The authority to determine that a document may be decontrolled may 
be exercised only by, or with the permission of, the individual (or 
office) who made the original determination. The document should 
indicate the name and organization of the individual removing the 
document from the SGI-M category and the date of the removal. Other 
persons who have the document in their possession should be notified 
of the decontrolling of the document.

Reproduction of Matter Containing SGI-M

    SGI-M may be reproduced to the minimum extent necessary 
consistent with need without permission of the originator. Newer 
digital copiers which scan and retain images of documents represent 
a potential security concern. If the copier is retaining SGI-M 
information in memory, the copier cannot be connected to a network. 
It should also be placed in a location that is cleared and 
controlled for the authorized processing of SGI-M information. 
Different copiers have different capabilities, including some which 
come with features that allow the memory to be erased. Each copier 
would have to be examined from a physical security perspective.

Use of Automatic Data Processing (ADP) Systems

    SGI-M may be processed or produced on an ADP system provided 
that the system is assigned to the licensee's or contractor's 
facility and requires the use of an entry code/password for access 
to stored information. Licensees are encouraged to process this 
information in a computing environment that has adequate computer 
security controls in place to prevent unauthorized access to the 
information. An ADP system is defined here as a data processing 
system having the capability of long term storage of SGI-M. Word 
processors such as typewriters are not subject to the requirements 
as long as they do not transmit information off-site. (Note: if SGI-
M is produced on a typewriter, the ribbon must be removed and stored 
in the same manner as other SGI-M information or media.) The basic 
objective of these restrictions is to prevent access and retrieval 
of stored SGI-M by unauthorized individuals, particularly from 
remote terminals. Specific files containing SGI-M will be password 
protected to preclude access by an unauthorized individual. The 
National Institute of Standards and Technology (NIST) maintains a 
listing of all validated encryption systems at http://csrc.nist.gov/
cryptval/140-1/1401val.htm. SGI-M files may be transmitted over a 
network if the file is encrypted. In such cases, the licensee will 
select a commercially available encryption system that NIST has 
validated as conforming to Federal Information Processing Standards 
(FIPS). SGI-M files shall be properly labeled as ``Safeguards 
Information-Modified Handling'' and saved to removable media and 
stored in a locked file drawer or cabinet.

Telecommunications

    SGI-M may not be transmitted by unprotected telecommunications 
circuits except under emergency or extraordinary conditions. For the 
purpose of this requirement, emergency or extraordinary conditions 
are defined as any circumstances that require immediate 
communications in order to report, summon assistance for, or respond 
to a security event (or an event that has potential security 
significance).
    This restriction applies to telephone, telegraph, teletype, 
facsimile circuits, and radio. Routine telephone or radio 
transmission between site security personnel, or between the site 
and local police, should be limited to message formats or codes that 
do not disclose facility security features or response procedures. 
Similarly, call-ins during transport should not disclose information 
useful to a potential adversary. Infrequent or non-repetitive 
telephone conversations regarding a physical security plan or 
program are permitted provided that the discussion is general in 
nature.
    Individuals should use care when discussing SGI-M at meetings or 
in the presence of others to insure that the conversation is not 
overheard by persons not authorized access. Transcripts, tapes or 
minutes of meetings or hearings that contain SGI-M should be marked 
and protected in accordance with these requirements.

Destruction

    Documents containing SGI-M should be destroyed when no longer 
needed. They may be destroyed by tearing into small pieces, burning, 
shredding or any other method that precludes reconstruction by means 
available to the public at large. Piece sizes one half inch or 
smaller composed of several pages or documents and thoroughly mixed 
would be considered completely destroyed.
[FR Doc. E5-5188 Filed 9-26-05; 8:45 am]
BILLING CODE 7590-01-P