ML18239A329

From kanterella
Jump to navigation Jump to search
Draft Model SUNSI Protective Order for ITAAC Hearings
ML18239A329
Person / Time
Issue date: 08/27/2018
From:
NRC/OGC
To:
Spencer M
Shared Package
ML18239A314 List:
References
Download: ML18239A329 (15)
v  d  e


Text

Draft Template for Protective Orders Governing the Disclosure and Use of Sensitive Unclassified Non-Safeguards Information (SUNSI) in Hearings Related to Conformance with Inspections, Tests, Analyses, and Acceptance Criteria (ITAAC)

Pursuant to the Final Procedures for Conducting Hearings on Conformance with the Acceptance Criteria in Combined Licenses, published July 1, 2016 (81 Fed. Reg. 43,266)

(ITAAC Hearing Procedures), the U.S Nuclear Regulatory Commission (NRC) has developed this draft template for protective orders governing the disclosure and use of SUNSI in ITAAC hearings. The ITAAC Hearing Procedures set forth templates for case-specific orders imposing procedures for ITAAC hearings, but protective order templates were not included. In response to comments on the ITAAC Hearing Procedures suggesting that model templates would facilitate quick development of protective orders, the NRC stated that protective order templates would be developed in a separate process allowing for stakeholder input. See Comment Summary Report, at 61 (Agencywide Documents Access and Management System (ADAMS)

Accession No. ML16167A464). In addition to this draft template for SUNSI, the NRC has developed a draft protective order template for Safeguards Information (SGI). The NRC is making both draft templates available for stakeholder input, as discussed in the Federal Register notice providing the templates for comment. After considering stakeholder input, the NRC will announce the availability of the final templates via a Federal Register notice.

The NRC uses the term SUNSI to refer to a broad spectrum of sensitive information that is neither classified nor SGI. Based on knowledge of the matters typically governed by ITAAC and experience with hearings involving reactors, the NRC has determined that the forms of SUNSI most likely to be provided under a protective order are proprietary information and security-related information. Therefore, as was outlined in SECY-15-0010 that provided final ITAAC hearing procedure recommendations, the provisions in this template are directed at protection of such information. See SECY-15-0010, Final Procedures for Hearings on Conformance with the Acceptance Criteria in Combined Licenses, at 17 (Jan. 20, 2015) (ADAMS Accession No. ML14343A747). Moreover, if an ITAAC hearing involves another type of SUNSI with different protection requirements, that template can be adjusted accordingly.

In developing this SUNSI draft protective order template, the NRC considered previously-issued protective orders for proprietary and security-related information. The NRC also considered guidance in NRC Regulatory Issue Summary (RIS) 2005-26, Control of Sensitive Unclassified Nonsafeguards Information Related to Nuclear Power Reactors (ADAMS Accession No. ML051430228), dated November 7, 2005. RIS 2005-26 is specifically directed at protection of security-related information for reactors and states that such information is protected in much the same way as commercial or financial information. RIS 2005-26, at 4.

Finally, in preparing this SUNSI draft protective order template, the NRC considered the National Archives and Records Administrations final rule, Controlled Unclassified Information, published September 14, 2016 (81 Fed. Reg. 63,324) (CUI Rule). The CUI Rule establishes government-wide requirements for protecting sensitive unclassified information. The CUI Rule applies both to Federal and non-Federal entities receiving CUI from the Federal government.

Although the NRC has not yet implemented the CUI Rule and does not expect to achieve implementation before the ITAAC hearings for Vogtle Units 3 and 4, many CUI requirements are consistent with existing protective provisions for SUNSI that provide the basis for this template.

By aligning the provisions and terminology in this SUNSI template with the corresponding elements of the CUI rule, the NRC hopes to facilitate any future update of the template to comply with the CUI rule.

The following CUI requirements nonetheless are excluded from this SUNSI template because they differ from, or go beyond, existing protective provisions for proprietary and security-related SUNSI for external stakeholders:

  • The provision in 32 C.F.R. § 2002.14(d)(2) stating that authorized holders [s]hould use in-transit automated tracking and accountability tools when they send CUI.
  • The requirement in 32 C.F.R. § 2002.14(e)(2) that equipment such as printers, copiers, scanners, or fax machines that are used to reproduce CUI either do not retain data or are sanitized in accordance with National Institute of Standards and Technology (NIST)

Special Publication (SP) 800-53.

  • The specific destruction methods in 32 C.F.R. § 2002.14(f)(2).
  • The requirement in 32 C.F.R. § 2002.14(h)(2) that information systems for non-Federal entities comply with NIST SP 800-171.
  • The agreement content requirements of 32 C.F.R. § 2002.16(a)(6).
  • The designator marking requirement in 32 C.F.R. § 2002.20(d).
  • The CUI cover sheet requirements of 32 C.F.R. § 2002.32.

This SUNSI template also does not address use of interoffice mail by recipients of the SUNSI and does not fully address CUI marking requirements and guidance, including limited dissemination controls. These CUI requirements and pertinent CUI guidance would be considered in any future update of this template.

Participants in ITAAC hearings may, but are not required to, rely on the final protective order templates in providing input to the presiding officer regarding the terms of a proposed protective order. As stated in the ITAAC Hearing Procedures, the protective order templates should serve as a basis for case-specific protective orders, as appropriate. See, e.g., Final Template A:

Notice of Intended Operation and Associated Orders, at 27 (ADAMS Accession No. ML16167A469) (emphases added).

TEMPLATE KEY:

  • Brackets ([ and ]) designate information that will need to be inserted into the document when it is issued in a specific proceeding.
  • Curly brackets ({ and }) designate cases where a particular procedure or term would only apply under certain conditions.
  • Angle brackets (< and >) designate information about the template that is for information only and will not appear in the document that is issued in a specific proceeding.

UNITED STATES OF AMERICA NUCLEAR REGULATORY COMMISSION ATOMIC SAFETY AND LICENSING BOARD Before Administrative Judge(s):

In the Matter of [Docket No(s).]

[Company] [ASLBP No.]

[Plant] [DATE]

MEMORANDUM AND ORDER (Protective Order Governing the Disclosure of Sensitive Unclassified Non-Safeguards Information)

Upon consideration of the Joint Motion for Entry of a Protective Order of the U.S.

Nuclear Regulatory Commission staff (NRC Staff), [Petitioner] (Petitioner), and [Licensee]

(Licensee), the {Atomic Safety and Licensing Board (Board) OR Presiding Officer}<1> hereby GRANTS the motion and issues this Protective Order, the terms of which are as follows:

1. This Protective Order shall govern the Petitioners access to and use of Sensitive Unclassified Non-Safeguards Information (SUNSI) in this proceeding. The SUNSI that is subject to this order is [Describe already-identified SUNSI] and any other proprietary or security-

<1 Depending on the stage of the proceeding at which access is requested, the presiding officer may be an Atomic Safety and Licensing Board or a single legal judge assisted as appropriate by technical advisors (Special Assistants). Typically, an Atomic Safety and Licensing Board is referred to as a Board, while a single legal judge is referred to as a Presiding Officer.>

related SUNSI provided to the Petitioner by the Licensee or the NRC Staff to allow the Petitioner to participate in this proceeding. This Protective Order shall remain in effect until specifically amended or terminated by the {Board OR Presiding Officer} or the Commission.

2. Persons who may receive SUNSI pursuant to this Protective Order are designated the Authorized Recipients. Such persons may receive SUNSI as follows:
a. [Name 1], [Name 2], . . . are granted access to SUNSI under this Protective Order. These persons shall each execute, and the Petitioner shall file, the attached Non-Disclosure Declaration (Attachment 1) to gain access to SUNSI. An individual shall not receive access to the SUNSI until the individual executes, and the Petitioner files, the Non-Disclosure Declaration.
b. The Petitioner may request that an additional or substitute person(s) necessary for the preparation of the Petitioners case become authorized to receive SUNSI.

Permission may be obtained either by written agreement with the Licensee (for proprietary information) or with the NRC Staff (for security-related information) or upon approval by the

{Board OR Presiding Officer} of a motion requesting such authorization. The Petitioner shall file any written agreement via the E-Filing system, consistent with 10 C.F.R. § 2.305. Any additional or substitute person shall be subject to the terms of this Order and shall not receive access to the SUNSI until the individual executes, and the Petitioner files, the Non-Disclosure Declaration.

{c. Notwithstanding the provisions of paragraphs 2.a and b. above, as legal counsel for the Petitioner, [Name(s) of counsel] may allow legal staff under [his/her/their]

supervision access to the SUNSI as Authorized Recipients as may be necessary in the course of [his/her/their] representation. [Name(s) of counsel] shall be responsible for ensuring that

[his/her/their] staff complies with the terms of this Protective Order and the Non-Disclosure

Declaration and shall be subject to sanctions for any violations by [his/her/their] staff.<2>}

3. Authorized Holders of SUNSI include Authorized Recipients; NRC personnel and contractors; Licensee personnel, contractors, and legal counsel; the {Board OR Presiding Officer}{, Special Assistants,} and Atomic Safety and Licensing Board Panel (ASLBP) staff; and Commission adjudicatory employees as defined by 10 C.F.R. § 2.4.
4. Other than the requirements set forth in this Protective Order for filing documents

{and initially providing SUNSI to the Petitioner}<3>, the terms of this Protective Order do not apply to the NRC Staff, NRC contractors, or NRC legal counsel. The NRCs use of SUNSI is governed by NRC regulations and policies as well as other applicable law.

5. SUNSI shall not be used or reproduced by Authorized Recipients except as necessary for the conduct of this proceeding.
6. SUNSI shall be treated as confidential by Authorized Recipients. Authorized Recipients may copy and take notes of SUNSI, but such copies and notes become SUNSI subject to the terms of this Protective Order. Authorized Recipients may generate documents containing SUNSI, but such documents are also subject to the terms of this Protective Order.

Authorized Recipients shall not reveal, either during or after this proceeding, any SUNSI that is received by virtue of this proceeding as long as the information remains SUNSI.

7. Marking Documents Containing SUNSI:
a. Each document containing SUNSI shall be marked [Insert appropriate SUNSI marking in bold capitalized text] in a conspicuous manner at the top of every page (including the first page or cover page and transmittal documents) and centered when feasible.

<2 This provision applies only when the Petitioner is represented by legal counsel.>

<3 The text within the curly brackets will be included if the NRC Staff is to provide the initial set of SUNSI to the Petitioner in accordance with paragraph 19 of the Protective Order.>

b. Electronic storage media (including, but not limited to USB sticks, removable hard drives, CD ROMs, or DVDs) containing SUNSI shall be marked SUNSI.
c. Authorized recipients shall treat unmarked information that qualifies as SUNSI in accordance with the terms of this order.
8. Safeguarding SUNSI: Authorized Recipients shall take reasonable precautions to guard against unauthorized disclosure of SUNSI. Among the reasonable precautions, the following measures shall be included:
a. Each Authorized Recipient shall establish a controlled environment in which to protect SUNSI from unauthorized access or disclosure and make use of those controlled environments. A controlled environment is any area or space with adequate physical or procedural controls to protect SUNSI from unauthorized access or disclosure.
b. Each Authorized Recipient shall reasonably ensure that unauthorized individuals cannot access or observe SUNSI, or overhear conversations discussing SUNSI.
c. Each Authorized Recipient shall keep SUNSI under his or her direct control or store SUNSI in a secure location such as a locked filing cabinet, closet, or other storage container so that only Authorized Holders can observe or access the SUNSI.
d. Each Authorized Recipient shall restrict access to electronic information systems containing SUNSI so that only Authorized Holders can observe or access the SUNSI.
9. SUNSI may be transmitted only to Authorized Holders and only in accordance with the following requirements:
a. SUNSI shall be electronically transmitted (such as by phone, computer, tablet, smartphone, etc.) in encrypted form, if available.<4> If encrypted transmission is not

<4 The availability of encrypted transmission will be discussed among the hearing participants.

If one or more particular forms of encrypted transmission are available, the proposed protective order may specify the form or forms permitted and disallow other forms of unencrypted transmission, as practical.>

available, SUNSI may be electronically transmitted in non-encrypted form, but only when the sender double-checks that the transmission will be received only by an Authorized Holder.

i. To double-check that a transmission to a telephone number, email address, or other electronic destination will be received only by an Authorized Holder, the sender must verify prior to transmission that the telephone number, email address, or other electronic destination is correct.

ii. SUNSI may be discussed during a phone call only if all those capable of listening are Authorized Holders.

iii. SUNSI shall not be transmitted by facsimile unless no other form of electronic transmission is available.<5>

b. SUNSI may be physically transmitted only by the following means:
i. by hand delivery from an Authorized Holder to another Authorized Holder, or ii. by U.S. mail or commercial delivery service in an opaque envelope addressed to the Authorized Holder with no external markings to indicate the presence of SUNSI.
10. Documents containing SUNSI shall be filed using the E-Filing system6 as follows:
a. The Petitioner, Licensee, and NRC Staff shall take the necessary actions to obtain a digital certificate and file documents in this proceeding using the E-Filing system.

<5 Experience suggests that transmission by facsimile is no longer necessary or practical in adjudicatory proceedings. If fax nonetheless is to be used, then the proposed protective order should provide for encrypted transmission, if available, and require the sender to double-check that the recipient telephone number is correct and to verify at the time of transmission that an Authorized Holder is physically present at the recipient fax machine.>

6 Participants seeking an exemption from the E-Filing requirements must request an exemption in accordance with 10 C.F.R. § 2.302(g).

b. The person filing the document shall choose the option Non-Public Submission to prevent the document from being filed in the public docket of the proceeding.
c. In the Submission Comments portion of the Non-Public Submission form, the filer shall include a statement that the filing contains SUNSI.
d. Only the {Board OR Presiding Officer and Special Assistants}, NRC Staff counsel, the Licensees counsel, the Petitioners representative(s), the Office of the Secretary (HearingDocket@nrc.gov), the Office of Commission Appellate Adjudication (OCAAmail@nrc.gov), and other Authorized Holders shall be checked as recipients on the electronic service list.
e. All non-public filings shall be accompanied by a separate, publicly filed cover letter that briefly identifies the nature of the non-public filing without including SUNSI.
11. Persons may not reveal SUNSI during any open hearing or conference session in this proceeding. At any open hearing or conference, any person who intends to discuss SUNSI shall notify the {Board OR Presiding Officer} and the participants that such discussion will contain SUNSI prior to the statement being made. Such statements containing SUNSI may be provided only in closed session as permitted by the {Board OR Presiding Officer}.
12. The Petitioner shall maintain a log of all copies of materials containing SUNSI within its possession or control.
13. If the Petitioner has reason to believe that SUNSI may have been lost or misplaced, or that SUNSI has otherwise become available to unauthorized persons, the Petitioner shall promptly notify the {Board OR Presiding Officer}, the Licensees counsel, and NRC Staff counsel regarding that belief and the reason for that belief by filing a notification through the E-Filing system as a non-public submission in accordance with paragraphs 10.b to 10.d of this Protective Order, without publicly filing a cover letter as would otherwise be required by paragraph 10.e of this Protective Order. If any Authorized Recipient has reason to believe that SUNSI may have been lost or misplaced, or that SUNSI has otherwise become available to

unauthorized persons, that person shall promptly notify the Petitioners representative of that belief so that the Petitioner may make the required notification.

14. The {Board OR Presiding Officer} may alter or amend this Protective Order and resolve disputes regarding the application of its terms. The Petitioner, Licensee, or NRC Staff may seek amendments to this Protective Order or the Non-Disclosure Declarations via motion (see 10 C.F.R. § 2.323).
15. SUNSI shall remain available to each Authorized Recipient until the Access Termination Date. The Access Termination Date is the earlier of (a) the date of an order by the

{Board OR Presiding Officer} or the Commission rescinding the right of access granted by this Protective Order; (b) the date of an order by the {Board OR Presiding Officer} terminating this proceeding (for any SUNSI other than that needed to pursue or defend against an appeal of a

{Board OR Presiding Officer} order); or (c) the date that an order terminating this proceeding is no longer subject to judicial review (for any SUNSI that is needed to pursue or defend against an appeal of a {Board OR Presiding Officer} order). Within sixty (60) days of the Access Termination Date, the Petitioner shall either destroy all materials containing SUNSI or return such materials to the participant that provided the SUNSI to the Petitioner. Each Authorized Recipient shall take those actions necessary for the Petitioner to satisfy this obligation, but Authorized Recipients may retain copies of filings, official transcripts, exhibits, and notes that have been redacted so that only those portions not containing SUNSI remain accessible. Each Authorized Recipient shall execute the attached Termination of Possession Declaration (Attachment 2) stating that the SUNSI within his or her possession or control has been returned or destroyed. The Petitioner shall send a copy of the executed Declaration(s) to counsel for the Licensee and NRC Staff within sixty (60) days of the Access Termination Date.

16. Nothing in this Protective Order shall preclude a participant to this proceeding from objecting to the use of an exhibit, testimony, or a pleading because it contains SUNSI. The

{Board OR Presiding Officer} may issue additional orders concerning the use of SUNSI.

17. Nothing in this Protective Order shall preclude any person from seeking public disclosure of SUNSI in accordance with NRC regulations and applicable federal law. Nothing in this Protective Order shall preclude any person from seeking through discovery in any other administrative or judicial proceeding, any information protected by this Protective Order.
18. Any violation of this Protective Order or of any Non-Disclosure Declaration executed hereunder may result in the imposition of sanctions as the {Board OR Presiding Officer} or the Commission deems appropriate. Nothing in this Protective Order restricts or waives the Licensees or the NRCs rights to pursue any other legal or equitable remedies that may be available in the event of actual or anticipated disclosure of SUNSI.
19. The Petitioner must file executed Non-Disclosure Declarations within two (2) business days after the issuance of this Protective Order. Within two (2) business days after filing of the executed Non-Disclosure Declarations, the [Licensee OR NRC Staff] shall provide to the Petitioners representative a copy of the following SUNSI information: [identify that SUNSI for which the Petitioners need has been determined]. The [Licensee OR NRC Staff] will also provide a copy of this SUNSI information to the [NRC Staff OR Licensee].

{20. Filing deadlines for contentions and answers may be included, if appropriate.}

ATTACHMENT 1 NON-DISCLOSURE DECLARATION I, _________________________________, state:

1. I have read the [Date], {Atomic Safety and Licensing Boards (Boards) OR Presiding Officers} Protective Order issued in this proceeding for [Plant], [Docket Nos. ], and will comply in all respects with its terms and conditions regarding the Sensitive Unclassified Non-Safeguards Information (SUNSI) produced in connection therewith. I will protect and keep confidential all SUNSI including security-related and/or proprietary information in accordance with the terms of this Non-Disclosure Declaration.
2. I will not disclose SUNSI to anyone except an Authorized Holder as defined in the Protective Order. I will protect documents containing SUNSI in written or recorded form (including any portions of transcripts of in camera hearings, filed testimony, or any other documents containing such SUNSI), so that the SUNSI contained therein remains at all times under the control of an Authorized Holder and is not revealed to anyone else.
3. When not under my direct control or the direct control of another Authorized Holder, I will keep and protect all documents containing SUNSI (including, without limitation, transcripts, pleadings, documents that I generate, and any notes and copies that I make) in a secure locked place such as a filing cabinet, closet, or other storage container.
4. I will restrict access to electronic information systems with SUNSI in accordance with the terms of the Protective Order.
5. I will transmit SUNSI and file documents containing SUNSI only in accordance with the terms of the Protective Order.
6. I will mark each document containing SUNSI in accordance with the terms of the Protective Order.
7. Neither during nor after this proceeding, will I publicly reveal any SUNSI that I receive by virtue of this proceeding as long as the information remains SUNSI.
8. I acknowledge that any violation of the terms of this declaration or the {Boards OR Presiding Officers} Protective Order, which incorporates the terms of this declaration, may result in the imposition of such sanctions on me that the {Board OR Presiding Officer} or the Commission may deem to be appropriate, or any other legal or equitable remedies that may be available in the event of actual or anticipated disclosure of SUNSI.

WHEREFORE, I certify under penalty of perjury that the foregoing is true and correct and do solemnly agree to protect and keep confidential such SUNSI as may be disclosed to me in this proceeding, in accordance with the terms of this declaration.

Signature Executed on ____________________________________

Date

ATTACHMENT 2 TERMINATION OF POSSESSION DECLARATION I, _________________________________, state:

In accordance with the [Date], {Atomic Safety and Licensing Boards OR Presiding Officers}

Protective Order, I have destroyed or returned all Sensitive Unclassified Non-Safeguards Information (SUNSI) in my possession by one or more of the following methods (check all that apply):

____ I have destroyed materials containing SUNSI in accordance with the Protective Order.

____ I have returned SUNSI to the participant (Licensee or NRC Staff) that provided the SUNSI to the Petitioner.

____ I have returned SUNSI to the Petitioners representative so that he or she can destroy or return the SUNSI in accordance with the Protective Order.

I hereby certify under penalty of perjury that the foregoing is true and correct.

Signature Executed on ____________________________________

Date

Retrieved from "https://kanterella.com/w/index.php?title=ML18239A329&oldid=2399570"