Classified National Security Information, 37254-37280 [2010-15443]

Agencies

• Information Security Oversight Office
• National Archives and Records Administration

[Federal Register Volume 75, Number 123 (Monday, June 28, 2010)]
[Rules and Regulations]
[Pages 37254-37280]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2010-15443]



[[Page 37253]]

-----------------------------------------------------------------------

Part V





National Archives and Records Administration





-----------------------------------------------------------------------



Information Security Oversight Office



-----------------------------------------------------------------------



32 CFR Parts 2001 and 2003



Classified National Security Information; Final Rule

Federal Register / Vol. 75, No. 123 / Monday, June 28, 2010 / Rules 
and Regulations

[[Page 37254]]


-----------------------------------------------------------------------

NATIONAL ARCHIVES AND RECORDS ADMINISTRATION

Information Security Oversight Office

32 CFR Parts 2001 and 2003

[FDMS Docket ISOO-10-0001]
RIN 3095-AB63


Classified National Security Information

AGENCY: Information Security Oversight Office (ISOO), National Archives 
and Records Administration (NARA).

ACTION: Implementing directive; final rule.

-----------------------------------------------------------------------

SUMMARY: The Information Security Oversight Office (ISOO), National 
Archives and Records Administration (NARA), is publishing this 
Directive as a final rule and pursuant to Executive Order 13526 
(hereafter the Order), relating to classified national security 
information. The Executive order prescribes a uniform system for 
classifying, safeguarding, and declassifying national security 
information. It also establishes a monitoring system to enhance its 
effectiveness. This Directive sets forth guidance to agencies on 
original and derivative classification, downgrading, declassification, 
and safeguarding of classified national security information.

DATES: Effective Date: June 25, 2010.

FOR FURTHER INFORMATION CONTACT: William J. Bosanko, Director, 
Information Security Oversight Office, at 202-357-5250.

SUPPLEMENTARY INFORMATION: This final rule is issued pursuant to the 
provisions of 5.1(a) and (b) of Executive Order 13526, issued December 
29, 2009, and published January 5, 2010 (75 FR 707), and amends 32 CFR 
part 2001 published on September 22, 2003 (68 FR 55168). The purpose of 
this Directive is to assist in implementing the Order; users of the 
Directive shall refer concurrently to that Order for guidance. As of 
November 17, 1995, ISOO became a part of the National Archives. The 
Archivist of the United States (the Archivist) delegated the 
implementation and monitoring functions of this program to the Director 
of ISOO. The drafting, coordination, and issuance of this Directive 
fulfills one of the responsibilities of the implementation delegated to 
the Director of ISOO.
    This rule is being issued as a final rule without prior notice of 
proposed rulemaking as allowed by the Administrative Procedure Act, 5 
U.S.C. 553(b)(3)(A) for rules of agency procedure and interpretation. 
The interpretive guidance contained in this rule will assist agencies 
in implementing Executive Order 13526, which was issued on December 29, 
2009. NARA has also determined that delaying the effective date for 30 
days is unnecessary as this rule updates the existing Directive 
implementing Executive Order 12958, as amended. Moreover, since 
Executive Order 13526 becomes effective on June 27, 2010, Federal 
agencies will benefit immediately by having up-to-date ISOO guidance, 
and any delay in the effective date would hinder agency procedure and 
be contrary to the public interest.

Regulatory Impact

    This rule is not a significant regulatory action for the purposes 
of Executive Order 12866. This rule is not a major rule as defined in 5 
U.S.C. Chapter 8, Congressional Review of Agency Rulemaking. As 
required by the Regulatory Flexibility Act, we certify that this rule 
will not have a significant impact on a substantial number of small 
entities because it applies only to Federal agencies.

List of Subjects in 32 CFR Parts 2001 and 2003

    Archives and records, Authority delegations (Government agencies), 
Classified information, Executive orders, Freedom of Information, 
Information, Intelligence, National defense, National security 
information, Presidential documents, Security information, Security 
measures, Standard Forms.


0
For the reasons set forth in the preamble, the Information Security 
Oversight Office, NARA, is amending 32 CFR Chapter XX as follows:
0
1. Title 32 of the Code of Federal Regulations, part 2001, is revised 
to read as follows:

PART 2001--CLASSIFIED NATIONAL SECURITY INFORMATION

Subpart A--Scope of Part
Sec.
2001.1 Purpose and scope.
Subpart B--Classification
2001.10 Classification standards.
2001.11 Original classification authority.
2001.12 Duration of classification.
2001.13 Classification prohibitions and limitations.
2001.14 Classification challenges.
2001.15 Classification guides.
2001.16 Fundamental classification guidance review.
Subpart C--Identification and Markings
2001.20 General.
2001.21 Original classification.
2001.22 Derivative classification.
2001.23 Classification marking in the electronic environment.
2001.24 Additional requirements.
2001.25 Declassification markings.
2001.26 Automatic declassification exemption markings.
Subpart D--Declassification
2001.30 Automatic declassification.
2001.31 Systematic declassification review.
2001.32 Declassification guides.
2001.33 Mandatory review for declassification.
2001.34 Referrals.
2001.35 Discretionary declassification.
2001.36 Classified information in the custody of private 
organizations or individuals.
2001.37 Assistance to the Department of State.
Subpart E--Safeguarding
2001.40 General.
2001.41 Responsibilities of holders.
2001.42 Standards for security equipment.
2001.43 Storage.
2001.44 Reciprocity of use and inspection of facilities.
2001.45 Information controls.
2001.46 Transmission.
2001.47 Destruction.
2001.48 Loss, possible compromise, or unauthorized disclosure.
2001.49 Special access programs.
2001.50 Telecommunications, automated information systems, and 
network security.
2001.51 Technical security.
2001.52 Emergency authority.
2001.53 Open storage areas.
2001.54 Foreign government information.
2001.55 Foreign disclosure of classified information.
Subpart F--Self-Inspections
2001.60 General.
Subpart G--Security Education and Training
2001.70 General.
2001.71 Coverage.
Subpart H--Standard Forms
2001.80 Prescribed standard forms.
Subpart I--Reporting and Definitions
2001.90 Agency annual reporting requirements.
2001.91 Other agency reporting requirements.
2001.92 Definitions.

    Authority: Sections 5.1(a) and (b), E.O. 13526, (75 FR 707, 
January 5, 2010).

Subpart A--Scope of Part


Sec.  2001.1  Purpose and scope.

    (a) This part is issued under Executive Order. (E.O.) 13526, 
Classified National Security Information (the Order). Section 5 of the 
Order provides that the Director of the Information Security Oversight 
Office (ISOO) shall develop and issue such directives as are necessary 
to implement the Order.

[[Page 37255]]

    (b) The Order provides that these directives are binding on 
agencies. Section 6.1(a) of the Order defines ``agency'' to mean any 
``Executive agency'' as defined in 5 U.S.C. 105; any ``Military 
department'' as defined in 5 U.S.C. 102; and any other entity within 
the executive branch that comes into the possession of classified 
information.
    (c) For the convenience of the user, the following table provides 
references between the sections contained in this part and the relevant 
sections of the Order.

----------------------------------------------------------------------------------------------------------------
               CFR section                                     Related section of E.O. 13526
----------------------------------------------------------------------------------------------------------------
2001.10 Classification standards.........  1.1, 1.4
2001.11 Original classification authority  1.3
2001.12 Duration of classification.......  1.5
2001.13 Classification prohibitions and    1.7
 limitations.
2001.14 Classification challenges........  1.8
2001.15 Classification guides............  2.2
2001.16 Fundamental classification         1.9
 guidance review.
2001.20 General..........................  1.6
2001.21 Original classification..........  1.6(a)
2001.22 Derivative classification........  2.1
2001.23 Classification marking in the      1.6
 electronic environment.
2001.24 Additional requirements..........  1.6
2001.25 Declassification markings........  1.5, 1.6, 3.3
2001.26 Automatic declassification         3.3
 exemption markings.
2001.30 Automatic declassification.......  3.3, 3.7
2001.31 Systematic declassification        3.4
 review.
2001.32 Declassification guides..........  3.3, 3.7
2001.33 Mandatory review for               3.5, 3.6
 declassification.
2001.34 Referrals........................  3.3, 3.6, 3.7
2001.35 Discretionary declassification...  3.1
2001.36 Classified information in the      none
 custody of private organizations or
 individuals.
2001.37 Assistance to the Department of    none
 State.
2001.40 General..........................  4.1
2001.41 Responsibilities of holders......  4.1
2001.42 Standards for security equipment.  4.1
2001.43 Storage..........................  4.1
2001.44 Reciprocity of use and inspection  4.1
 of facilities.
2001.45 Information controls.............  4.1, 4.2
2001.46 Transmission.....................  4.1, 4.2
2001.47 Destruction......................  4.1, 4.2
2001.48 Loss, possible compromise, or      4.1, 4.2
 unauthorized disclosure.
2001.49 Special access programs..........  4.3
2001.50 Telecommunications, automated      4.1, 4.2
 information systems, and network
 security.
2001.51 Technical security...............  4.1
2001.52 Emergency authority..............  4.2
2001.53 Open storage areas...............  4.1
2001.54 Foreign government information...  4.1
2001.55 Foreign disclosure of classified   4.1(i)(2)
 information.
2001.60 Self-Inspections, General........  5.4
2001.70 Security Education and Training,   5.4
 General.
2001.71 Coverage.........................  1.3(d), 2.1(d), 3.7(b), 4.1(b), 5.4(d)(3)
2001.80 Prescribed standard forms........  5.2(b)(7)
2001.90 Agency annual reporting            1.3(c), 5.2(b)(4), 5.4(d)(4), 5.4(d)(8)
 requirements.
2001.91 Other agency reporting             1.3(d), 1.7(c)(3), 1.9(d), 2.1(d), 5.5
 requirements.
2001.92 Definitions......................  6.1
----------------------------------------------------------------------------------------------------------------

Subpart B--Classification


Sec.  2001.10  Classification standards.

    Identifying or describing damage to the national security. Section 
1.1(a) of the Order specifies the conditions that must be met when 
making classification decisions. Section 1.4 specifies that information 
shall not be considered for classification unless its unauthorized 
disclosure could reasonably be expected to cause identifiable or 
describable damage to the national security. There is no requirement, 
at the time of the decision, for the original classification authority 
to prepare a written description of such damage. However, the original 
classification authority must be able to support the decision in 
writing, including identifying or describing the damage, should the 
classification decision become the subject of a challenge or access 
demand pursuant to the Order or law.


Sec.  2001.11  Original classification authority.

    (a) General. Agencies shall establish a training program for 
original classifiers in accordance with subpart G of this part.
    (b) Requests for original classification authority. Agencies not 
possessing such authority shall forward requests to the Director of 
ISOO. The agency head must make the request and shall provide a 
specific justification of the need for this authority. The Director of 
ISOO shall forward the request, along with the Director's 
recommendation, to the President through the National Security Advisor 
within 30 days. Agencies wishing to increase their assigned level of 
original classification authority shall forward requests in accordance 
with the procedures of this paragraph.
    (c) Reporting delegations of original classification authority. All 
delegations of original classification authority shall be reported to 
the Director of ISOO. This can be accomplished by an initial submission 
followed by updates on a frequency determined by the senior agency 
official, but at least annually.

[[Page 37256]]

Sec.  2001.12  Duration of classification.

    (a) Determining duration of classification for information 
originally classified under the Order--(1) Establishing duration of 
classification. Except for information that should clearly and 
demonstrably be expected to reveal the identity of a confidential human 
source or a human intelligence source or key design concepts of weapons 
of mass destruction, an original classification authority shall follow 
the sequence listed in paragraphs (a)(1)(i), (ii), and (iii) of this 
section when determining the duration of classification for information 
originally classified under this Order.
    (i) The original classification authority shall attempt to 
determine a date or event that is less than 10 years from the date of 
original classification and which coincides with the lapse of the 
information's national security sensitivity, and shall assign such date 
or event as the declassification instruction.
    (ii) If unable to determine a date or event of less than 10 years, 
the original classification authority shall ordinarily assign a 
declassification date that is 10 years from the date of the original 
classification decision.
    (iii) If unable to determine a date or event of 10 years, the 
original classification authority shall assign a declassification date 
not to exceed 25 years from the date of the original classification 
decision.
    (2) Duration of classification of special categories of 
information. The only exceptions to the sequence in paragraph (a)(1) of 
this section are as follows:
    (i) If an original classification authority is classifying 
information that should clearly and demonstrably be expected to reveal 
the identity of a confidential human source or a human intelligence 
source, the duration shall be up to 75 years and shall be designated 
with the following marking, ``50X1-HUM;'' or
    (ii) If an original classification authority is classifying 
information that should clearly and demonstrably be expected to reveal 
key design concepts of weapons of mass destruction, the duration shall 
be up to 75 years and shall be designated with the following marking, 
``50X2-WMD.''
    (b) Extending duration of classification for information classified 
under the Order. Extensions of classification are not automatic. If an 
original classification authority with jurisdiction over the 
information does not extend the classification of information assigned 
a date or event for declassification, the information is automatically 
declassified upon the occurrence of the date or event.
    (1) If the date or event assigned by the original classification 
authority has not passed, an original classification authority with 
jurisdiction over the information may extend the classification 
duration of such information for a period not to exceed 25 years from 
the date of origin of the record.
    (2) If the date or event assigned by the original classification 
authority has passed, an original classification authority with 
jurisdiction over the information may reclassify the information in 
accordance with the Order and this Directive only if it meets the 
standards for classification under sections 1.1 and 1.5 of the Order as 
well as section 3.3 of the Order, if appropriate.
    (3) In all cases, when extending the duration of classification, 
the original classification authority must:
    (i) Be an original classification authority with jurisdiction over 
the information;
    (ii) Ensure that the information continues to meet the standards 
for classification under the Order; and
    (iii) Make reasonable attempts to notify all known holders of the 
information.
    (c) Duration of information classified under prior orders--(1) 
Specific date or event. Unless declassified earlier, information marked 
with a specific date or event for declassification under a prior order 
is automatically declassified upon that date or event. If the specific 
date or event has not passed, an original classification authority with 
jurisdiction over the information may extend the duration in accordance 
with the requirements of paragraph (b) of this section. If the date or 
event assigned by the original classification authority has passed, an 
original classification authority with jurisdiction over the 
information may only reclassify information in accordance with the 
standards and procedures under the Order and this Directive. If the 
information is contained in records determined to be permanently 
valuable, and the prescribed date or event will take place more than 25 
years from the date of origin of the document, the declassification of 
the information will instead be subject to section 3.3 of the Order.
    (2) Indefinite duration of classification. For information marked 
with X1, X2, X3, X4, X5, X6, X7, or X8; ``Originating Agency's 
Determination Required'' or its acronym ``OADR,'' ``Manual Review'' or 
its acronym ``MR;'' ``DCI Only;'' ``DNI Only;'' and any other marking 
indicating an indefinite duration of classification under a prior 
order; or in those cases where a document is missing a required 
declassification instruction or the instruction is not complete:
    (i) A declassification authority, as defined in section 3.1(b) of 
the Order, may declassify it;
    (ii) An original classification authority with jurisdiction over 
the information may re-mark the information to establish a duration of 
classification of no more than 25 years from the date of origin of the 
document, consistent with the requirements for information originally 
classified under the Order, as provided in paragraph (a) of this 
section; or
    (iii) Unless declassified earlier, such information contained in 
records determined to be permanently valuable shall remain classified 
for 25 years from the date of its origin, at which time it will be 
subject to section 3.3 of the Order.
    (3) Release of imagery acquired by space-based intelligence 
reconnaissance systems. The duration of classification of imagery as 
defined in E.O. 12951, Release of Imagery Acquired by Space-Based 
Intelligence Reconnaissance Systems, that is otherwise marked with an 
indefinite duration, such as ``DCI Only'' or ``DNI Only,'' shall be 
established by the Director of National Intelligence in accordance with 
E.O. 12951 and consistent with E.O. 13526. Any such information shall 
be remarked in accordance with instructions prescribed by the Director 
of National Intelligence.


Sec.  2001.13  Classification prohibitions and limitations.

    (a) Declassification without proper authority. Classified 
information that has been declassified without proper authority, as 
determined by an original classification authority with jurisdiction 
over the information, remains classified and administrative action 
shall be taken to restore markings and controls, as appropriate. All 
such determinations shall be reported to the senior agency official who 
shall promptly provide a written report to the Director of ISOO.
    (1) If the information at issue is in records in the physical and 
legal custody of the National Archives and Records Administration 
(NARA) and has been made available to the public, the original 
classification authority with jurisdiction over the information shall, 
as part of determining whether the restoration of markings and controls 
is appropriate, consider whether the removal of the information from 
public purview will significantly mitigate the

[[Page 37257]]

harm to national security or otherwise draw undue attention to the 
information at issue. Written notification, classified when appropriate 
under the Order, shall be made to the Archivist, which shall include a 
description of the record(s) at issue, the elements of information that 
are classified, the duration of classification, and the specific 
authority for continued classification. If the information at issue is 
more than 25 years of age and the Archivist does not agree with the 
decision, the information shall nonetheless be temporarily withdrawn 
from public access and shall be referred to the Director of ISOO for 
resolution in collaboration with affected parties.
    (b) Reclassification after declassification and release to the 
public under proper authority. In making the decision to reclassify 
information that has been declassified and released to the public under 
proper authority, the agency head must approve, in writing, a 
determination on a document-by-document basis that the reclassification 
is required to prevent significant and demonstrable damage to the 
national security. As part of making such a determination, the 
following shall apply:
    (1) The information must be reasonably recoverable without bringing 
undue attention to the information which means that:
    (i) Most individual recipients or holders are known and can be 
contacted and all instances of the information to be reclassified will 
not be more widely disseminated;
    (ii) If the information has been made available to the public via a 
means such as Government archives or reading room, consideration is 
given to length of time the record has been available to the public, 
the extent to which the record has been accessed for research, and the 
extent to which the record and/or classified information at issue has 
been copied, referenced, or publicized; and
    (iii) If the information has been made available to the public via 
electronic means such as the internet, consideration is given as to the 
number of times the information was accessed, the form of access, and 
whether the information at issue has been copied, referenced, or 
publicized.
    (2) If the reclassification concerns a record in the physical 
custody of NARA and has been available for public use, reclassification 
requires notification to the Archivist and approval by the Director of 
ISOO.
    (3) Any recipients or holders of the reclassified information who 
have current security clearances shall be appropriately briefed about 
their continuing legal obligations and responsibilities to protect this 
information from unauthorized disclosure. The recipients or holders who 
do not have security clearances shall, to the extent practicable, be 
appropriately briefed about the reclassification of the information 
that they have had access to, their obligation not to disclose the 
information, and be requested to sign an acknowledgement of this 
briefing.
    (4) The reclassified information must be appropriately marked in 
accordance with section 2001.24(l) and safeguarded. The markings should 
include the authority for and the date of the reclassification action.
    (5) Once the reclassification action has occurred, it must be 
reported to the National Security Advisor and to the Director of ISOO 
by the agency head or senior agency official within 30 days. The 
notification must include details concerning paragraphs (b)(1) and (3) 
of this section.
    (c) Classification by compilation. A determination that information 
is classified through the compilation of unclassified information is a 
derivative classification action based upon existing original 
classification guidance. If the compilation of unclassified information 
reveals a new aspect of information that meets the criteria for 
classification, it shall be referred to an original classification 
authority with jurisdiction over the information to make an original 
classification decision.


Sec.  2001.14  Classification challenges.

    (a) Challenging classification. Authorized holders, including 
authorized holders outside the classifying agency, who want to 
challenge the classification status of information shall present such 
challenges to an original classification authority with jurisdiction 
over the information. An authorized holder is any individual who has 
been granted access to specific classified information in accordance 
with the provisions of the Order to include the special conditions set 
forth in section 4.1(h) of the Order. A formal challenge under this 
provision must be in writing, but need not be any more specific than to 
question why information is or is not classified, or is classified at a 
certain level.
    (b) Agency procedures. (1) Because the Order encourages authorized 
holders to challenge classification as a means for promoting proper and 
thoughtful classification actions, agencies shall ensure that no 
retribution is taken against any authorized holders bringing such a 
challenge in good faith.
    (2) Agencies shall establish a system for processing, tracking and 
recording formal classification challenges made by authorized holders. 
Agencies shall consider classification challenges separately from 
Freedom of Information Act or other access requests, and shall not 
process such challenges in turn with pending access requests.
    (3) The agency shall provide an initial written response to a 
challenge within 60 days. If the agency is unable to respond to the 
challenge within 60 days, the agency must acknowledge the challenge in 
writing, and provide a date by which the agency will respond. The 
acknowledgment must include a statement that if no agency response is 
received within 120 days, the challenger has the right to forward the 
challenge to the Interagency Security Classification Appeals Panel 
(Panel) for a decision. The challenger may also forward the challenge 
to the Panel if an agency has not responded to an internal appeal 
within 90 days of the agency's receipt of the appeal. Agency responses 
to those challenges it denies shall include the challenger's appeal 
rights to the Panel.
    (4) Whenever an agency receives a classification challenge to 
information that has been the subject of a challenge within the past 
two years, or that is the subject of pending litigation, the agency is 
not required to process the challenge beyond informing the challenger 
of this fact and of the challenger's appeal rights, if any.
    (c) Additional considerations. (1) Challengers and agencies shall 
attempt to keep all challenges, appeals and responses unclassified. 
However, classified information contained in a challenge, an agency 
response, or an appeal shall be handled and protected in accordance 
with the Order and this Directive. Information being challenged for 
classification shall remain classified unless and until a final 
decision is made to declassify it.
    (2) The classification challenge provision is not intended to 
prevent an authorized holder from informally questioning the 
classification status of particular information. Such informal 
inquiries should be encouraged as a means of holding down the number of 
formal challenges and to ensure the integrity of the classification 
process.


Sec.  2001.15  Classification guides.

    (a) Preparation of classification guides. Originators of 
classification guides are encouraged to consult users of guides for 
input when developing or updating guides. When possible, originators of 
classification guides are encouraged to communicate within their 
agencies and with other agencies

[[Page 37258]]

that are developing guidelines for similar activities to ensure the 
consistency and uniformity of classification decisions. Each agency 
shall maintain a list of its classification guides in use.
    (b) General content of classification guides. Classification guides 
shall, at a minimum:
    (1) Identify the subject matter of the classification guide;
    (2) Identify the original classification authority by name and 
position, or personal identifier;
    (3) Identify an agency point-of-contact or points-of-contact for 
questions regarding the classification guide;
    (4) Provide the date of issuance or last review;
    (5) State precisely the elements of information to be protected;
    (6) State which classification level applies to each element of 
information, and, when useful, specify the elements of information that 
are unclassified;
    (7) State, when applicable, special handling caveats;
    (8) State a concise reason for classification which, at a minimum, 
cites the applicable classification category or categories in section 
1.4 of the Order; and
    (9) Prescribe a specific date or event for declassification, the 
marking ``50X1-HUM'' or ``50X2-WMD'' as appropriate, or one or more of 
the exemption codes listed in 2001.26(a)(2), provided that:
    (i) The exemption has been approved by the Panel under section 
3.3(j) of the Order;
    (ii) The Panel is notified of the intent to take such actions for 
specific information in advance of approval and the information remains 
in active use; and
    (iii) The exemption code is accompanied with a declassification 
date or event that has been approved by the Panel.
    (c) Dissemination of classification guides. Classification guides 
shall be disseminated as necessary to ensure the proper and uniform 
derivative classification of information.
    (d) Reviewing and updating classification guides. (1) Agencies 
shall incorporate original classification decisions into classification 
guides as soon as practicable.
    (2) Originators of classification guides are encouraged to consult 
the users of guides and other subject matter experts when reviewing or 
updating guides. Also, users of classification guides are encouraged to 
notify the originator of the guide when they acquire information that 
suggests the need for change in the instructions contained in the 
guide.


Sec.  2001.16  Fundamental classification guidance review.

    (a) Performance of fundamental classification guidance reviews. An 
initial fundamental classification guidance review shall be completed 
by every agency with original classification authority and which 
authors security classification guides no later than June 27, 2012. 
Agencies shall conduct fundamental classification guidance reviews on a 
periodic basis thereafter. The frequency of the reviews shall be 
determined by each agency considering factors such as the number of 
classification guides and the volume and type of information they 
cover. However, a review shall be conducted at least once every five 
years.
    (b) Coverage of reviews. At a minimum, the fundamental 
classification guidance review shall focus on:
    (1) Evaluation of content.
    (i) Determining if the guidance conforms to current operational and 
technical circumstances; and
    (ii) Determining if the guidance meets the standards for 
classification under section 1.4 of the Order and an assessment of 
likely damage under section 1.2 of the Order; and
    (2) Evaluation of use:
    (i) Determining if the dissemination and availability of the 
guidance is appropriate, timely, and effective; and
    (ii) An examination of recent classification decisions that focuses 
on ensuring that classification decisions reflect the intent of the 
guidance as to what is classified, the appropriate level, the duration, 
and associated markings.
    (c) Participation in reviews. The agency head or senior agency 
official shall direct the conduct of a fundamental classification 
guidance review and shall ensure the appropriate agency subject matter 
experts participate to obtain the broadest possible range of 
perspectives. To the extent practicable, input should also be obtained 
from external subject matter experts and external users of the 
reviewing agency's classification guidance and decisions.
    (d) Reports on results. Agency heads shall provide a detailed 
report summarizing the results of each classification guidance review 
to ISOO and release an unclassified version to the public except when 
the existence of the guide or program is itself classified.

Subpart C--Identification and Markings


Sec.  2001.20  General.

    A uniform security classification system requires that standard 
markings or other indicia be applied to classified information. Except 
in extraordinary circumstances, or as approved by the Director of ISOO, 
the marking of classified information shall not deviate from the 
following prescribed formats. If markings cannot be affixed to specific 
classified information or materials, the originator shall provide 
holders or recipients of the information with written instructions for 
protecting the information. Markings shall be uniformly and 
conspicuously applied to leave no doubt about the classified status of 
the information, the level of protection required, and the duration of 
classification.


Sec.  2001.21  Original classification.

    (a) Primary markings. At the time of original classification, the 
following shall be indicated in a manner that is immediately apparent:
    (1) Classification authority. The name and position, or personal 
identifier, of the original classification authority shall appear on 
the ``Classified By'' line. An example might appear as:

Classified By: David Smith, Chief, Division 5

    or

Classified By: IDIMNO1

    (2) Agency and office of origin. If not otherwise evident, the 
agency and office of origin shall be identified and follow the name on 
the ``Classified By'' line. An example might appear as:

Classified By: David Smith, Chief, Division 5, Department of Good 
Works, Office of Administration.

    (3) Reason for classification. The original classification 
authority shall identify the reason(s) for the decision to classify. 
The original classification authority shall include on the ``Reason'' 
line the number 1.4 plus the letter(s) that corresponds to that 
classification category in section 1.4 of the Order.
    (i) These categories, as they appear in the Order, are as follows:
    (A) Military plans, weapons systems, or operations;
    (B) Foreign government information;
    (C) Intelligence activities (including covert action), intelligence 
sources or methods, or cryptology;
    (D) Foreign relations or foreign activities of the United States, 
including confidential sources;
    (E) Scientific, technological, or economic matters relating to the 
national security;
    (F) United States Government programs for safeguarding nuclear 
materials or facilities;
    (G) Vulnerabilities or capabilities of systems, installations, 
infrastructures, projects, plans, or protection services relating to 
the national security; or

[[Page 37259]]

    (H) The development, production, or use of weapons of mass 
destruction.
    (ii) An example might appear as:

Classified By: David Smith, Chief, Division 5, Department of Good 
Works, Office of Administration Reason: 1.4(g)

    (4) Declassification instructions. The duration of the original 
classification decision shall be placed on the ``Declassify On'' line. 
When declassification dates are displayed numerically, the following 
format shall be used: YYYYMMDD. Events must be reasonably definite and 
foreseeable. The original classification authority will apply one of 
the following instructions:
    (i) A date or event for declassification that corresponds to the 
lapse of the information's national security sensitivity, which is 
equal to or less than 10 years from the date of the original decision. 
The duration of classification would be marked as:

Classified By: David Smith, Chief, Division 5, Department of Good 
Works, Office of Administration
Reason: 1.4(g)
Declassify On: 20201014 or
Declassify On: Completion of Operation

    (ii) A date not to exceed 25 years from the date of the original 
decision. For example, on a document that contains information 
classified on October 10, 2010, apply a date up to 25 years on the 
``Declassify On'' line:

Classified By: David Smith, Chief, Division 5, Department of Good 
Works, Office of Administration
Reason: 1.4(g)
Declassify On: 20351010

    (iii) If the classified information should clearly and demonstrably 
be expected to reveal the identity of a confidential human source or a 
human intelligence source, no date or event is required and the marking 
``50X1-HUM'' shall be used in the ``Declassify On'' line; or
    (iv) If the classified information should clearly and demonstrably 
be expected to reveal key design concepts of weapons of mass 
destruction, no date or event is required and the marking ``50X2-WMD'' 
shall be used in the ``Declassify On'' line.
    (b) Overall marking. The highest level of classification is 
determined by the highest level of any one portion within the document 
and shall appear in a way that will distinguish it clearly from the 
informational text.
    (1) Conspicuously place the overall classification at the top and 
bottom of the outside of the front cover (if any), on the title page 
(if any), on the first page, and on the outside of the back cover (if 
any).
    (2) For documents containing information classified at more than 
one level, the overall marking shall be the highest level. For example, 
if a document contains some information marked ``Secret'' and other 
information marked ``Confidential,'' the overall marking would be 
``Secret.''
    (3) Each interior page of a classified document shall be marked at 
the top and bottom either with the highest level of classification of 
information contained on that page, including the designation 
``Unclassified'' when it is applicable, or with the highest overall 
classification of the document.
    (c) Portion marking. Each portion of a document, ordinarily a 
paragraph, but including subjects, titles, graphics, tables, charts, 
bullet statements, sub-paragraphs, classified signature blocks, bullets 
and other portions within slide presentations, and the like, shall be 
marked to indicate which portions are classified and which portions are 
unclassified by placing a parenthetical symbol immediately preceding 
the portion to which it applies.
    (1) To indicate the appropriate classification level, the symbols 
``(TS)'' for Top Secret, ``(S)'' for Secret, and ``(C)'' for 
Confidential will be used.
    (2) Portions which do not meet the standards of the Order for 
classification shall be marked with ``(U)'' for Unclassified.
    (3) In cases where portions are segmented such as paragraphs, sub-
paragraphs, bullets, and sub-bullets and the classification level is 
the same throughout, it is sufficient to put only one portion marking 
at the beginning of the main paragraph or main bullet. If there are 
different levels of classification among these segments, then all 
segments shall be portion marked separately in order to avoid over-
classification of any one segment. If the information contained in a 
sub-paragraph or sub-bullet is a higher level of classification than 
its parent paragraph or parent bullet, this does not make the parent 
paragraph or parent bullet classified at that same level. Each portion 
shall reflect the classification level of that individual portion and 
not any other portions. At the same time, any portion, no matter what 
its status, is still capable of determining the overall classification 
of the document.
    (d) Dissemination control and handling markings. Many agencies 
require additional control and handling markings that supplement the 
overall classification markings. See Sec.  2001.24(j) for specific 
guidance.
    (e) Date of origin of document. The date of origin of the document 
shall be indicated in a manner that is immediately apparent.


Sec.  2001.22  Derivative classification.

    (a) General. Information classified derivatively on the basis of 
source documents or classification guides shall bear all markings 
prescribed in Sec.  2001.20 and Sec.  2001.21, except as provided in 
this section. Information for these markings shall be carried forward 
from the source document or taken from instructions in the appropriate 
classification guide.
    (b) Identity of persons who apply derivative classification 
markings. Derivative classifiers shall be identified by name and 
position, or by personal identifier, in a manner that is immediately 
apparent on each derivatively classified document. If not otherwise 
evident, the agency and office of origin shall be identified and follow 
the name on the ``Classified By'' line. An example might appear as:

Classified By: Peggy Jones, Lead Analyst, Research and Analysis 
Division or
Classified By: ID  IMN01

    (c) Source of derivative classification. (1) The derivative 
classifier shall concisely identify the source document or the 
classification guide on the ``Derived From'' line, including the agency 
and, where available, the office of origin, and the date of the source 
or guide. An example might appear as:

Derived From: Memo, ``Funding Problems,'' October 20, 2008, Office 
of Administration, Department of Good Works or
Derived From: CG No. 1, Department of Good Works, dated October 20, 
2008

    (i) When a document is classified derivatively on the basis of more 
than one source document or classification guide, the ``Derived From'' 
line shall appear as:

Derived From: Multiple Sources

    (ii) The derivative classifier shall include a listing of the 
source materials on, or attached to, each derivatively classified 
document.
    (2) A document derivatively classified on the basis of a source 
document that is itself marked ``Multiple Sources'' shall cite the 
source document on its ``Derived From'' line rather than the term 
``Multiple Sources.'' An example might appear as:

Derived From: Report entitled, ``New Weapons,'' dated October 20, 
2009, Department of Good Works, Office of Administration

    (d) Reason for classification. The reason for the original 
classification decision, as reflected in the source document(s) or 
classification guide, is

[[Page 37260]]

not transferred in a derivative classification action.
    (e) Declassification instructions. (1) The derivative classifier 
shall carry forward the instructions on the ``Declassify On'' line from 
the source document to the derivative document, or the duration 
instruction from the classification or declassification guide, unless 
it contains one of the declassification instructions as listed in 
paragraph (e)(3) of this section. If the source document is missing the 
declassification instruction, then a calculated date of 25 years from 
the date of the source document (if available) or the current date (if 
the source document date is not available) shall be carried forward by 
the derivative classifier.
    (2) When a document is classified derivatively on the basis of more 
than one source document or more than one element of a classification 
guide, the ``Declassify On'' line shall reflect the longest duration of 
any of its sources.
    (3) When a document is classified derivatively either from a source 
document(s) or a classification guide that contains one of the 
following declassification instructions, ``Originating Agency's 
Determination Required,'' ``OADR,'' or ``Manual Review,'' ``MR,'' or 
any of the exemption markings X1, X2, X3, X4, X5, X6, X7, and X8, the 
derivative classifier shall calculate a date that is 25 years from the 
date of the source document when determining a derivative document's 
date or event to be placed in the ``Declassify On'' line.
    (i) If a document is marked with the declassification instructions 
``DCI Only'' or ``DNI Only'' and does not contain information described 
in E.O. 12951, ``Release of Imagery Acquired by Space-Based National 
Intelligence Reconnaissance Systems,'' the derivative classifier shall 
calculate a date that is 25 years from the date of the source document 
when determining a derivative document's date or event to be placed in 
the ``Declassify On'' line.
    (ii) If a document is marked with ``DCI Only'' or ``DNI Only'' and 
the information is subject to E.O. 12951, the derivative classifier 
shall use a date or event as prescribed by the Director of National 
Intelligence.
    (4) When determining the most restrictive declassification 
instruction among multiple source documents, adhere to the following 
hierarchy for determining the declassification instructions for the 
``Declassify On'' line:
    (i) 50X1-HUM or 50X2-WMD, or an ISOO-approved designator reflecting 
the Panel approval for classification beyond 50 years in accordance 
with section 3.3(h)(2) of the Order;
    (ii) 25X1 through 25X9, with a date or event;
    (iii) A specific declassification date or event within 25 years;
    (iv) Absent guidance from an original classification authority with 
jurisdiction over the information, a calculated 25-year date from the 
date of the source document.
    (5) When declassification dates are displayed numerically, the 
following format shall be used: YYYYMMDD.
    (f) Overall marking. The derivative classifier shall conspicuously 
mark the classified document with the highest level of classification 
of information included in the document, as provided in Sec.  
2001.21(b).
    (g) Portion marking. Each portion of a derivatively classified 
document shall be marked immediately preceding the portion to which it 
applies, in accordance with its source, and as provided in Sec.  
2001.21(c).
    (h) Dissemination control and handling markings. Many agencies 
require additional control and handling markings that supplement the 
overall classification markings. See Sec.  2001.24(j) for specific 
guidance.
    (i) Date of origin of document. The date of origin of the document 
shall be indicated in a manner that is immediately apparent.


Sec.  2001.23  Classification marking in the electronic environment.

    (a) General. Classified national security information in the 
electronic environment shall be:
    (1) Subject to all requirements of the Order.
    (2) Marked with proper classification markings to the extent that 
such marking is practical, including portion marking, overall 
classification, ``Classified By,'' ``Derived From,'' ``Reason'' for 
classification (originally classified information only), and 
``Declassify On.''
    (3) Marked with proper classification markings when appearing in an 
electronic output (e.g., database query) in which users of the 
information will need to be alerted to the classification status of the 
information.
    (4) Marked in accordance with derivative classification procedures, 
maintaining traceability of classification decisions to the original 
classification authority. In cases where classified information in an 
electronic environment cannot be marked in this manner, a warning shall 
be applied to alert users that the information may not be used as a 
source for derivative classification and providing a point of contact 
and instructions for users to receive further guidance on the use and 
classification of the information.
    (5) Prohibited from use as source of derivative classification if 
it is dynamic in nature (e.g., wikis and blogs) and where information 
is not marked in accordance with the Order.
    (b) Markings on classified e-mail messages. (1) E-mail transmitted 
on or prepared for transmission on classified systems or networks shall 
be configured to display the overall classification at the top and 
bottom of the body of each message. The overall classification marking 
string for the e-mail shall reflect the classification of the header 
and body of the message. This includes the subject line, the text of 
the e-mail, a classified signature block, attachments, included 
messages, and any other information conveyed in the body of the e-mail. 
A single linear text string showing the overall classification and 
markings shall be included in the first line of text and at the end of 
the body of the message after the signature block.
    (2) Classified e-mail shall be portion marked. Each portion shall 
be marked to reflect the highest level of information contained in that 
portion. A text portion containing a uniform resource locator (URL) or 
reference (i.e., link) to another document shall be portion marked 
based on the classification of the content of the URL or link text, 
even if the content to which it points reflects a higher classification 
marking.
    (3) A classified signature block shall be portion marked to reflect 
the highest classification level markings of the information contained 
in the signature block itself.
    (4) Subject lines shall be portion marked to reflect the 
sensitivity of the information in the subject line itself and shall not 
reflect any classification markings for the e-mail content or 
attachments. Subject lines and titles shall be portion marked before 
the subject or title.
    (5) For a classified e-mail, the classification authority block 
shall be placed after the signature block, but before the overall 
classification marking string at the end of the e-mail. These blocks 
may appear as single linear text strings instead of the traditional 
appearance of three lines of text.
    (6) When forwarding or replying to an e-mail, individuals shall 
ensure that, in addition to the markings required for the content of 
the reply or forward e-mail itself, the markings shall reflect the 
overall classification and declassification instructions for the entire 
string of e-mails and attachments. This will include any newly drafted 
material, material received from previous senders, and any attachments.

[[Page 37261]]

    (c) Marking Web pages with classified content. (1) Web pages shall 
be classified and marked on their own content regardless of the 
classification of the pages to which they link. Any presentation of 
information to which the web materials link shall also be marked based 
on its own content.
    (2) The overall classification marking string for every web page 
shall reflect the overall classification markings (and any 
dissemination control or handling markings) for the information on that 
page. Linear text appearing on both the top and bottom of the page is 
acceptable.
    (3) If any graphical representation is utilized, a text equivalent 
of the overall classification marking string shall be included in the 
hypertext statement and page metadata. This will enable users without 
graphic display to be aware of the classification level of the page and 
allows for the use of text translators.
    (4) Classified Web pages shall be portion marked. Each portion 
shall be marked to reflect the highest level of information contained 
in that portion. A portion containing a URL or reference to another 
document shall be portion marked based on the classification of the 
content of the URL itself, even if the content to which it points 
reflects a higher classification marking.
    (5) Classified Web pages shall include the classification authority 
block on either the top or bottom of the page. These blocks may appear 
as single linear text strings instead of the traditional appearance of 
three lines of text.
    (6) Electronic media files such as video, audio, images, or slides 
shall carry the overall classification and classification authority 
block, unless the addition of such information would render them 
inoperable. In such cases, another procedure shall be used to ensure 
recipients are aware of the classification status of the information 
and the declassification instructions.
    (d) Marking classified URLs. URLs provide unique addresses in the 
electronic environment for web content and shall be portion marked 
based on the classification of the content of the URL itself. The URL 
shall not be portion marked to reflect the classification of the 
content to which it points. URLs shall be developed at an unclassified 
level whenever possible. When a URL is classified, a classification 
portion mark shall be used in the text of the URL string in a way that 
does not make the URL inoperable to identify the URL as a classified 
portion in any textual references to that URL. An example may appear 
as:

https://www.center.xyz/SECRET/filename_(S).html
https://www.center.xyz/filename2_(TS).html
https://www.center.xyz/filename_(TS//NF).html

    (e) Marking classified dynamic documents and relational databases. 
(1) A dynamic page contains electronic information derived from a 
changeable source or ad hoc query, such as a relational database. The 
classification levels of information returned may vary depending upon 
the specific request.
    (2) If there is a mechanism for determining the actual 
classification markings for dynamic documents, the appropriate 
classification markings shall be applied to and displayed on the 
document. If such a mechanism does not exist, the default should be the 
highest level of information in the database and a warning shall be 
applied at the top of each page of the document. Such content shall not 
be used as a basis for derivative classification. An example of such an 
applied warning may appear as:

    This content is classified at the [insert system-high 
classification level] level and may contain elements of information 
that are unclassified or classified at a lower level than the 
overall classification displayed. This content may not be used as a 
source of derivative classification; refer instead to the pertinent 
classification guide(s).

    (3) This will alert the users of the information that there may be 
elements of information that may be either unclassified or classified 
at a lower level than the highest possible classification of the 
information returned. Users shall be encouraged to make further 
inquiries concerning the status of individual elements in order to 
avoid unnecessary classification and/or impediments to information 
sharing. Resources such as classification guides and points of contact 
shall be established to assist with these inquiries.
    (4) Users developing a document based on query results from a 
database must properly mark the document in accordance with Sec.  
2001.22. If there is doubt about the correct markings, users should 
contact the database originating agency for guidance.
    (f) Marking classified bulletin board postings and blogs. (1) A 
blog, an abbreviation of the term ``web log,'' is a Web site consisting 
of a series of entries, often commentary, description of events, or 
other material such as graphics or video, created by the same 
individual as in a journal or by many individuals. While the content of 
the overall blog is dynamic, entries are generally static in nature.
    (2) The overall classification marking string for every bulletin 
board or blog shall reflect the overall classification markings for the 
highest level of information allowed in that space. Linear text 
appearing on both the top and bottom of the page is acceptable.
    (3) Subject lines of bulletin board postings, blog entries, or 
comments shall be portion marked to reflect the sensitivity of the 
information in the subject line itself, not the content of the post.
    (4) The overall classification marking string for the bulletin 
board posting, blog entry, or comment shall reflect the classification 
markings for the subject line, the text of the posting, and any other 
information in the posting. These strings shall be entered manually or 
utilizing an electronic classification tool in the first line of text 
and at the end of the body of the posting. These strings may appear as 
single linear text.
    (5) Bulletin board postings, blog entries, or comments shall be 
portion marked. Each portion shall be marked to reflect the highest 
level of information contained in that portion.
    (g) Marking classified wikis. (1) Initial wiki submissions shall 
include the overall classification marking string, portion marking, and 
the classification authority block string in the same manner as 
mentioned above for bulletin boards and blogs. All of these strings may 
appear as single line text.
    (2) When users modify existing entries which alter the 
classification level of the content or add new content, they shall 
change the required markings to reflect the classification markings for 
the resulting information. Systems shall provide a means to log the 
identity of each user, the changes made, and the time and date of each 
change.
    (3) Wiki articles and entries shall be portion marked. Each portion 
shall be marked to reflect the highest level of information contained 
in that portion.
    (h) Instant messaging, chat, and chat rooms. (1) Instant messages 
and chat conversations generally consist of brief textual messages but 
may also include URLs, images, or graphics. Chat discussions captured 
for retention or printing shall be marked at the top and bottom of each 
page with the overall classification reflecting all of the information 
within the discussion and, for classified discussions, portion markings 
and the classification authority block string shall also appear.
    (2) Chat rooms shall display system-high overall classification 
markings and shall contain instructions informing users that the 
information may not be used as a source for derivative classification 
unless it is portion marked, contains an overall

[[Page 37262]]

classification marking, and a classification authority block.
    (i) Attached files. When files are attached to another electronic 
message or document, the overall classification of the message or 
document shall account for the classification level of the attachment 
and the message or document shall be marked in accordance with Sec.  
2001.24(b).
    (ii) Reserved.


Sec.  2001.24  Additional requirements.

    (a) Marking prohibitions. Markings other than ``Top Secret,'' 
``Secret,'' and ``Confidential'' shall not be used to identify 
classified national security information.
    (b) Transmittal documents. A transmittal document shall indicate on 
its face the highest classification level of any classified information 
attached or enclosed. The transmittal shall also include conspicuously 
on its face the following or similar instructions, as appropriate:

Unclassified When Classified Enclosure Removed or
Upon Removal of Attachments, This Document is (Classification Level)

    (c) Foreign government information. Unless otherwise evident, 
documents that contain foreign government information should include 
the marking, ``This Document Contains (indicate country of origin) 
Information.'' Agencies may also require that the portions of the 
documents that contain the foreign government information be marked to 
indicate the government and classification level, using accepted 
country code standards, e.g., ``(Country code--C).'' If the identity of 
the specific government must be concealed, the document shall be 
marked, ``This Document Contains Foreign Government Information,'' and 
pertinent portions shall be marked ``FGI'' together with the 
classification level, e.g., ``(FGI-C).'' In such cases, a separate 
record that identifies the foreign government shall be maintained in 
order to facilitate subsequent declassification actions. If the fact 
that information is foreign government information must be concealed, 
the markings described in this paragraph shall not be used and the 
document shall be marked as if it were wholly of U.S. origin. When 
classified records are transferred to NARA for storage or archival 
purposes, the accompanying documentation shall, at a minimum, identify 
the boxes that contain foreign government information.
    (d) Working papers. A working paper is defined as documents or 
materials, regardless of the media, which are expected to be revised 
prior to the preparation of a finished product for dissemination or 
retention. Working papers containing classified information shall be 
dated when created, marked with the highest classification of any 
information contained in them, protected at that level, and if 
otherwise appropriate, destroyed when no longer needed. When any of the 
following conditions applies, working papers shall be controlled and 
marked in the same manner prescribed for a finished document at the 
same classification level:
    (1) Released by the originator outside the originating activity;
    (2) Retained more than 180 days from the date of origin; or
    (3) Filed permanently.
    (e) Other material. Bulky material, equipment, and facilities, 
etc., shall be clearly identified in a manner that leaves no doubt 
about the classification status of the material, the level of 
protection required, and the duration of classification. Upon a finding 
that identification would itself reveal classified information, such 
identification is not required. Supporting documentation for such a 
finding must be maintained in the appropriate security facility.
    (f) Unmarked materials. Information contained in unmarked records, 
or presidential or related materials, and which pertains to the 
national defense or foreign relations of the United States, created, 
maintained, and protected as classified information under prior orders 
shall continue to be treated as classified information under the Order, 
and is subject to its provisions regarding declassification.
    (g) Classification by compilation/aggregation. Compilation of items 
that are individually unclassified may be classified if the compiled 
information meets the standards established in section 1.2 of the Order 
and reveals an additional association or relationship, as determined by 
the original classification authority. Any unclassified portions will 
be portion marked (U), while the overall markings will reflect the 
classification of the compiled information even if all the portions are 
marked (U). In any such situation, clear instructions must appear with 
the compiled information as to the circumstances under which the 
individual portions constitute a classified compilation, and when they 
do not.
    (h) Commingling of Restricted Data (RD) and Formerly Restricted 
Data (FRD) with information classified under the Order. (1) To the 
extent practicable, the commingling in the same document of RD or FRD 
with information classified under the Order should be avoided. When it 
is not practicable to avoid such commingling, the marking requirements 
in the Order and this Directive, as well as the marking requirements in 
10 CFR part 1045, Nuclear Classification and Declassification, must be 
followed.
    (2) Automatic declassification of documents containing RD or FRD is 
prohibited. Documents marked as containing RD or FRD are excluded from 
the automatic declassification provisions of the Order until the RD or 
FRD designation is properly removed by the Department of Energy. When 
the Department of Energy determines that an RD or FRD designation may 
be removed, any remaining information classified under the Order must 
be referred to the appropriate agency in accordance with the 
declassification provisions of the Order and this Directive.
    (3) For commingled documents, the ``Declassify On'' line required 
by the Order and this Directive shall not include a declassification 
date or event and shall instead be annotated with ``Not Applicable (or 
N/A) to RD/FRD portions'' and ``See source list for NSI portions.'' The 
source list, as described in Sec.  2001.22(c)(1)(ii), shall include the 
declassification instruction for each of the source documents 
classified under the Order and shall not appear on the front page of 
the document.
    (4) If an RD or FRD portion is extracted for use in a new document, 
the requirements of 10 CFR part 1045 must be followed.
    (5) If a portion classified under the Order is extracted for use in 
a new document, the requirements of the Order and this Directive must 
be followed. The declassification date for the extracted portion shall 
be determined by using the source list required by Sec.  
2001.22(c)(1)(ii), the pertinent classification guide, or consultation 
with the original classification authority with jurisdiction for the 
information. However, if a commingled document is not portion marked, 
it shall not be used as a source for a derivatively classified 
document.
    (6) If a commingled document is not portion marked based on 
appropriate authority, annotating the source list with the 
declassification instructions and including the ``Declassify on'' line 
in accordance with paragraph (h)(3) of this section are not required. 
The lack of declassification instructions does not eliminate the 
requirement to process commingled docume