14 C.F.R. Subpart B—NASA Information Security Program
Title 14 - Aeronautics and Space
(a) In establishing a civilian space program, the Congress required NASA to “provide for the widest practicable and appropriate dissemination of information concerning its activities and the results thereof,” and for the withholding from public inspection of that information that is classified to protect the national security. (b) In recognition of the essential requirement for an informed public concerning the activities of its Government, as well as the need to protect certain national security information from unauthorized disclosure, “the Order” was promulgated. It designates the National Aeronautics and Space Administration certain responsibility for matters pertaining to national security and confers on the Administrator of NASA, or such responsible officers or employees as the Administrator may designate, the authority for original classification of official information or material which requires protection in the interest of national security. It also provides for: (1) Basic classification, downgrading and declassification guidelines; (2) The issuance of directives prescribing the procedures to be followed in safeguarding classified information or material; (3) A monitoring system to ensure the effectiveness of the Order; (4) Appropriate administrative sanctions against officers and employees of the United States Government who are found to be in violation of the Order or implementing directive; and (5) Classification limitations and restrictions as discussed in §§1203.410 and 1203.411. (c) “The Order” requires the timely identification and protection of that NASA information the disclosure of which would be contrary to the best interest of national security. Accordingly, the determination in each case must be based on a judgment as to whether disclosure of information could reasonably be expected to result in damage to the national security. [44 FR 34913, June 18, 1979, as amended at 48 FR 5889, Feb. 9, 1983] The objectives of the NASA Information Security Program are to: (a) Ensure that information is classified only when a sound basis exists for such classification and only for such period as is necessary. (b) Prevent both the unwarranted classification and the overclassification of NASA information. (c) Ensure the greatest practicable uniformity within NASA in the classification of information. (d) Ensure effective coordination and reasonable uniformity with other Government departments and agencies, particularly in areas where there is an interchange of information, techniques or hardware. (e) Provide a timely and effective means for downgrading or declassifying information when the circumstances necessitating the original classification change or no longer exist. (a) The Chairperson, NASA Information Security Program Committee (Subpart I of this part), is responsible for: (1) Directing the NASA Information Security Program in accordance with NASA policies and objectives and applicable laws and regulations. (2) Ensuring effective compliance with and implementation of “the Order” and the Information Security Oversight Office Directive No. 1 relating to security classification matters. (3) Reviewing, in consultation with the NASA Information Security Program Committee, questions, suggestions, appeals and compliance concerning the NASA Information Security Program and making determinations concerning them. (4) Coordinating NASA security classification matters with NASA installations, the Department of Defense, the Department of Energy and other Government agencies. (5) Issuing Security Classification Guides for NASA programs and projects. (6) Developing, maintaining and recommending to the Administrator guidelines for the systematic review covering 30-year-old classified information under NASA's jurisdiction. (7) Reviewing and coordinating with appropriate offices all appeals of denials of requests for records under sections 552 and 552a of Title 5, United States Code (Freedom of Information and Privacy Acts) when the denials are based on the records continued classification. (8) Recommending to the Administrator appropriate administrative action to correct abuse or violations of any provision of the NASA Information Security Program, including notifications by warning letter, formal reprimand and to the extent permitted by law, suspension without pay and removal. (b) All NASA employees are responsible for bringing to the attention of the Chairperson of the NASA Information Security Program Committee any information security problems in need of resolution, any areas of interest wherein information security guidance is lacking, and any other matters likely to impede achievement of the objectives prescribed herein. (c) Each NASA official to whom the authority for original classification is delegated shall be accountable for the propriety of each classification (see subpart H) and is responsible for: (1) Ensuring that classification determinations are consistent with the policy and objectives prescribed above, and other applicable guidelines. (2) Bringing to the attention of the Chairperson, NASA Information Security Program Committee, for resolution, any disagreement with classification determinations made by other NASA officials. (3) Ensuring that information and material which no longer requires its present level of protection is promptly downgraded or declassified in accordance with applicable guidelines. (d) Other Officials-in-Charge of Headquarters Offices are responsible for: (1) Ensuring that classified information or material prepared within their respective offices is appropriately marked. (2) Ensuring that material proposed for public release is reviewed to eliminate classified information. (e) Directors of Field Installations are responsible for: (1) Developing proposed Security Classification Guides. (2) Ensuring that classified information or material prepared in their respective installations is appropriately marked. (3) Ensuring that material proposed for public release is reviewed to eliminate classified information. (4) Designating Security Classification Officers at their respective installations, to whom responsibilities listed in paragraphs (e)(1), (2), and (3) of this section may be reassigned. (f) The Senior Security Specialist, NASA Security Office, NASA Headquarters, who serves as a member and Executive Secretary of the NASA Information Security Program Committee, is responsible for the NASA-wide coordination of security classification matters. (g) The Director, NASA Security Management Office, is responsible for establishing procedures for the safeguarding of classified information or material (e.g., accountability, control, access, storage, transmission, and marking) and for ensuring that such procedures are systematically reviewed; and those which are duplicative or unnecessary are eliminated. [44 FR 34913, June 18, 1979, as amended at 45 FR 3888, Jan. 21, 1980; 48 FR 5890, Feb. 9, 1983; 53 FR 41318, Oct. 21, 1988; 64 FR 72535, Dec. 28, 1999] (a) General. Upon determination that information or material must be classified, the degree of protection commensurate with the sensitivity of the information must be determined. If there is reasonable doubt about the need to classify information, it shall be safeguarded as if it were classified pending a determination by an original classification authority, who shall make this determination within 30 days. If there is reasonable doubt about the appropriate level of classification, it shall be safeguarded at the higher level of classification pending a determination by an original classification authority, who shall make this determination within 30 days. (b) Authorized categories of classification. The three categories of classification, as authorized and defined in “the Order,” are set out below. No other restrictive markings are authorized to be placed on NASA classified documents or materials except as expressly provided by statute or by NASA Directives. (1) Top Secret. Top Secret is the designation applied to information or material the unauthorized disclosure of which could reasonably be expected to cause exceptionally grave damage to the national security. Examples of exceptionally grave damage include armed hostilities against the United States or its allies; disruption of foreign relations vitally affecting the national security; the compromise of vital national defense plans or complex cryptologic and communications intelligence systems; the revelation of sensitive intelligence operations; and the disclosure of scientific or technological developments vital to national security. (2) Secret. Secret is the designation applied to information or material the unauthorized disclosure of which could reasonably be expected to cause serious damage to the national security. Examples of serious damage include disruption of foreign relations significantly affecting the national security; significant impairment of a program or policy directly related to the national security; revelation of significant military plans or intelligence operations; and compromise of significant scientific or technological developments relating to national security. (3) Confidential. Confidential is the designation applied to that information or material for which the unauthorized disclosure could reasonably be expected to cause damage to the national security. [44 FR 34913, June 18, 1979, as amended at 48 FR 5890, Feb. 9, 1983]
Title 14: Aeronautics and Space
PART 1203—INFORMATION SECURITY PROGRAM
Subpart B—NASA Information Security Program
§ 1203.200 Background and discussion.
§ 1203.201 Information security objectives.
§ 1203.202 Responsibilities.
§ 1203.203 Degree of protection.
