ML080940158: Difference between revisions

From kanterella
Jump to navigation Jump to search
(Created page by program invented by StriderTol)
(Created page by program invented by StriderTol)
Line 17: Line 17:


=Text=
=Text=
{{#Wiki_filter:ML051430228UNITED STATESNUCLEAR REGULATORY COMMISSIONOFFICE OF NUCLEAR REACTOR REGULATIONWASHINGTON, D.C. 20555-0001November 7, 2005NRC REGULATORY ISSUE SUMMARY 2005-26CONTROL OF SENSITIVE UNCLASSIFIED NONSAFEGUARDSINFORMATION RELATED TO NUCLEAR POWER REACTORSADDRESSEESAll holders of operating licenses for nuclear power reactors and holders of and applicants forcertificates for reactor designs.INTENTThe U.S. Nuclear Regulatory Commission (NRC) is issuing this regulatory issue summary (RIS)to inform the addressees of the appropriate handling of information that warrants controlsbecause of continuing concerns about terrorist attacks against the critical infrastructure of theUnited States.  The NRC intends to balance its responsibility to preserve public access toinformation and support meaningful participation in NRC's regulatory processes against itsresponsibility to withhold information that might unnecessarily compromise the security ofnuclear facilitiesLicensees for operating nuclear power plants and reactor facility designersmay need to assess their document control procedures to ensure they protect sensitiveinformationAlthough no specific action or written response is required, the NRC encouragesthe addressees for this RIS, vendors and contractors, and others who may possess sensitiveinformation to destroy, mark, or otherwise control the information to avoid inadvertentlyproviding assistance to those who might use the information for malevolent acts.BACKGROUND INFORMATIONNRC traditionally has given the public access to a significant amount of information about thefacilities and materials the agency regulates.  Openness has been and remains a cornerstoneof NRC's regulatory philosophy.  The Atomic Energy Act, subsequent legislation, and variousNRC regulations have given the public the right to participate in the licensing and oversightprocess for nuclear power reactors and other NRC licensees.  To participate in a meaningfulway, the public must have access to information about the design and operation of regulatedfacilities and use of nuclear materials.  However, NRC and other Government agencies havealways withheld some information from public disclosure for reasons of security, personalprivacy, or commercial or trade secret protection.  In light of increased terrorist activityworldwide, NRC reexamined its document disclosure policies.  
{{#Wiki_filter:ML051430228
RIS 2005-26   Page 2 of 5Since the events of September 11, 2001, NRC has issued advisories and taken specific actionsregarding the security of its licensed facilities.  NRC has also assessed and revised its policiesand practices for control of information so that information that could reasonably be expected tobe useful to terrorists in planning or executing an attack against nuclear power plants or otherNRC-licensed facilities will be withheld from public disclosure.  The most recent and detailedguidance on the control of information related to operating nuclear power plants is provided inthe Commission paper SECY-04-0191, "Withholding Sensitive Unclassified InformationConcerning Nuclear Power Reactors From Public Disclosure," dated October 19, 2004, and theassociated staff requirements memorandum dated November 9, 2004.  Also seeSECY-05-0091, "Task Force Report on Public Disclosure of Security-Related Information,"dated May 18, 2005, and the associated staff requirements memorandum dated June 30, 2005. The NRC staff is preparing similar guidance for materials licensees and expects to make itavailable to the public in early 2006.SUMMARY OF ISSUEConsidering the various reviews, legislation, and other changes since September 11, 2001, theNRC staff believes that clarifying NRC's current procedures and policies regarding the controlof information will be beneficial to stakeholders.  NRC will continue to make available to thepublic most of the information that the agency receives from or sends to its licenseesInaddition, the public will have access to a large amount of information included in various reportsproduced by the NRC staff.  Much of NRC's information also will be readily available to thepublic via the NRC Web site (www.nrc.gov) and the NRC's electronic document managementsystem (ADAMS) (www.nrc.gov/reading-rm/adams.html).  In addition, other information may bereleased to the public in response to formal or informal requests.  The exceptions for certaininformation to be withheld from public disclosure for reasons other than security (e.g., privacy,proprietary, and pre-decisional information) have not changed as a result of recent eventsTheappropriate handling of Safeguards Information (SGI) is discussed in RIS-2003-08, "Protectionof Safeguards Information From Unauthorized Disclosure," dated April 30, 2003, and morespecific SGI designation guidance documents.  NRC withheld from public disclosure some information related to protecting operating nuclearpower plants although it does not meet the existing criteria for designation as SGI.  This type ofinformation was recognized before September 11, 2001, and, when submitted to NRC by alicensee, was withheld from public disclosure according to the provisions of 10 CFR2.390(d)(1).  This regulation states:(d) The following information is considered commercial or financial information within themeaning of §9.17(a)(4) of this chapter and is subject to disclosure only in accordancewith the provisions of §9.19 of this chapter.(1) Correspondence and reports to or from the NRC which contain information orrecords concerning a licensee's or applicant's physical protection, classified matterprotection, or material control and accounting program for special nuclear material nototherwise designated as Safeguards Information or classified as National SecurityInformation or Restricted Data.  
UNITED STATES
RIS 2005-26   Page 3 of 5NRC expects that licensees will continue to request NRC withhold some information citing10 CFR 2.390(d)(1) and that the volume of material requested to be withheld from publicdisclosure under this provision will increase as the NRC staff and licensees implement theguidance in this RIS.  NRC changed its procedures shortly after September 11, 2001, towithhold from public disclosure various categories of documents likely to include individualrecords that warrant withholding under 10 CFR 2.390.  The NRC staff will assess the need towithhold such document categories if licensees routinely identify specific documents containingsensitive information.  The NRC staff will interact with licensees on a case-by-case basisregarding the use of the provisions of 10 CFR 2.390(d)(1) to assure that information is properlycontrolled, under either Section 2.390(d)(1) or one of the other Freedom of Information Act(FOIA) exemptions that might be applicable.  Licensees that identify information to be withheldfrom public disclosure in accordance with 10 CFR 2.390(d)(1) or other provision in theregulation should use the same general practices as used for proprietary commercial orfinancial information.  As shown on the attached diagram, the cover letter should clearly statethat the document includes sensitive information and the affected pages should include themarking "Security-Related Information - Withhold Under 10 CFR 2.390."  Unlike therequirements for withholding proprietary information, licensees are not required to provide anaffidavit for sensitive information withheld under 10 CFR 2.390(d) and related to (1) physicalprotection or (2) material control and accounting.Most information received and generated by NRC deals with design, operations, or othermatters not directly related to the physical security of nuclear facilities or radioactive materials. This information, if not protected as proprietary or under another exception, is generally madeavailable to the public.  After September 11, 2001, NRC and other Government agenciesresponded to concerns that some information easily available on public Web sites or by othermeans might be useful to terrorists.  SECY-04-0191 provides the primary NRC guidance onwhether information related to operating nuclear power plants should be withheld from publicdisclosure in light of the post-September 11 concerns.  The NRC staff has posted the guidanceand related material within the public reading room (http://www.nrc.gov/reading-rm.html) on theNRC Web site, and stakeholders can ask questions or make suggestions about the guidanceand the examples.  As discussed in SECY-04-0191, other Government agencies have issued regulations orguidance for protecting information that could be reasonably expected to be useful to terroristsin planning or executing an attack on critical infrastructure.*Protected critical infrastructure information (PCII) is information related to the security ofcritical infrastructure that is voluntarily provided to the Department of Homeland Security(DHS). *Critical energy infrastructure information (CEII) is defined in Federal Energy RegulatoryCommission (FERC) regulations as information related to energy-related infrastructure (e.g., hydroelectric dams and electric transmission systems).*Sensitive security information (SSI) is defined in Transportation Safety Administration(TSA) and Department of Transportation (DOT) regulations as information about thesecurity of transportation assets, including pipelines.  
NUCLE AR RE GULATOR Y COM MISS ION OFFICE OF NUC LEAR REAC TOR REGU LATION WASHINGTON, D.C. 20555-0001
RIS 2005-26   Page 4 of 5Licensees may need to assess and revise their procedures for handling sensitive unclassifiednonsafeguards information in their normal activities and interactions with parties other thanNRCDuring discussions of existing practices with various licensees, the NRC staff discoveredthat licensees vary in how they treat and protect information that was previously unprotected butnow is considered sensitiveSome licensees have instituted more restrictive controlsSomehave determined that their routine business practices provide an appropriate level of protectionfor the sensitive information.  As described in 10 CFR 2.390, information deemed sensitive because it relates to physicalprotection or material control and accounting is protected in much the same way as commercialor financial information.  As with proprietary information, licensees are expected to havesufficient internal controls to keep the information confidential.  Possible methods to prevent theinadvertent release of sensitive unclassified nonsafeguards information include markingdocuments as described in 10 CFR 2.390, restricting access to electronic recordkeepingsystems, and controlling the reproduction, distribution, and destruction of potentially sensitiverecords.  NRC uses the marking "Security-Related Information - Withhold Under10 CFR 2.390" and encourages the use of this marking by licensees and others possessinginformation deemed sensitive using the guidance in SECY-04-0191.  Licensees should ensurethat similar controls are in place when sensitive information is provided to outside parties suchas contractors or other Government agencies.  The NRC staff posted information on NRC'sWeb site (http://www.nrc.gov/reading-rm.html) and included a feedback form for questions orsuggestions on how to effectively control sensitive informationBACKFIT DISCUSSIONThis RIS requires no action or written responseAny action on the part of addressees toassess and revise their document control procedures in accordance with the guidancecontained in this RIS is strictly voluntary and, therefore, is not a backfit under 10 CFR 50.109. Consequently, the NRC staff did not perform a backfit analysis.FEDERAL REGISTER NOTIFICATIONA notice of opportunity for public comment on this RIS was not published in the FederalRegister because it is informational and pertains to a staff position that does not represent adeparture from current regulatory requirements and practice.  NRC intends to work with theNuclear Energy Institute, industry representatives, members of the public, and otherstakeholders in modifying related guidance documents.SMALL BUSINESS REGULATORY ENFORCEMENT FAIRNESS ACT OF 1996The NRC has determined that this action is not a rule and thus is not subject to the SmallBusiness Regulatory Enforcement Fairness Act of 1996.   
November 7, 2005 NRC REGUL AT ORY ISSUE SUMMA
RIS 2005-26   Page 5 of 5PAPERWORK REDUCTION ACT STATEMENTThis RIS does not contain information collections and, therefore, is not subject to therequirements of the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.).CONTACTPlease direct any questions about this matter to the technical contacts listed below or to theappropriate Office of Nuclear Reactor Regulation (NRR) project manager./RA/ By Patrick L. Hiland For/Michael J. Case, DirectorDivision of Inspection and Regional SupportOffice of Nuclear Reactor RegulationTechnical Contacts:William Reckley, NRRMargie Kotzalas, NRR301-415-1323301-415-2737E-mail: wdr@nrc.govE-mail: mxk5@nrc.govAttachmentMarking diagram for documents withheld under 10 CFR 2.390Note:  NRC generic communications may be found on the NRC public Web site,http://www.nrc.gov, under Electronic Reading Room/Document Collections.  
RY 2005-26
Security-Related InformationWithhold Under 10 CFR 2.390SubjectXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
CONTROL OF SENSITIVE UNCLASSIFIED NONSAFEGUA
XXXXXXXXXXAttachment
RDS INFORMATION RELATED TO NU
CLEAR POWER REA
CTORS ADDRESSEES
All hold ers of operating li
censes for nucle
ar power re
actors and hol
ders of and appl
icants for
certificates for reactor d
esigns.INTENT The U.S. Nuclear Regulator
y Commission (NRC) is issuing this regulatory issue summ
ary (RIS)to inform the addres
sees of the appropriate hand
ling of inform
ation that warrants controls
because of conti
nuing concerns  
about terrorist a
ttacks against the cri
tical infrastructu
re of the Unite d State s.  The N RC in tends to bal ance i ts resp onsib ilit y to p reserv e publ ic acc ess to informat ion a nd sup port me aningful parti cipat ion i n NRC's regu latory proce sses a gainst its responsibil
ity to w ithhold i nformation that might unn
ecessarily
compromise the  
security of
nucle ar facil itiesLic ensee s for ope rating nucle ar pow er pla nts an d reac tor faci lity desi gners may need t
o assess their doc
ument contro l procedu res to en sure th ey protec t sensit ive informationAl
though no speci
fic action or w
ritten response
is required, th
e NRC enco
urages the addr essees f or this RI
S, vendor s and cont
ractor s, and ot hers who ma
y possess sensitive
information to dest
roy, mark, or other
wise control the information to avoid inadvertently
providin g assistance to  
those who  
might use the in
formation for malevol
ent acts.BA CKGROU ND INF ORMA TION NRC traditi
onally has given th
e public access to a si
gnificant amount of in
formation about the
facilities a
nd materials  
the agency regul
ates.  Openness  
has been and
remains a co
rnerstone of NRC's regula
tory phil osophy.  The  
Atomic Energy  
Act, subsequent l
egislation, a
nd variou s NRC regulatio
ns have giv
en the publ
ic the right to  
participate i
n the lice
nsing and ov
ersight process for nucle
ar power re
actors and othe
r NRC lic ensees.  To parti
cipate in  
a meaningful
way, the public mus
t have acce
ss to information  
about the desi
gn and operatio
n of regulated
facilit ies and use
of nucle ar mat erials.  However, NRC an
d other G overnme nt agen cies have alway s withhel d some information  
from public dis
closure for reason
s of security, p
ersonal priv acy, or comme rcial or trad e secre t prote ction.  In l ight of i ncreas ed terr orist activ ity worldw ide, NRC re
examined i
ts document dis
closure pol
icies.  
RIS 2005-26
Pag e 2 of 5 Since the e
vents of Septembe
r 11, 2001, NR
C has issue
d adviso ries and taken s
pecific action
s regarding the securi
ty of its li
censed facili
ties.  NRC  
has also as
sessed and re
vised i ts policie
s and pr actice s for con trol o f informat
ion s o that informat ion th at cou ld rea sonab ly b e exp ected to be useful to terrori
sts in plan
ning or exec
uting an attack again
st nuclear po
wer plan ts or other
NRC-licen sed faciliti
es wil l be wi thheld from publi
c disclosu
re.  The most recent  
and detail
ed guidance on the control of inf
ormation related to operat
ing nuclear power plants is provided in
the Commission
paper SECY
-04-0191, "Withholding Sensi
tive Uncl assified Information
Concerning Nu
clear Pow er Reactors From  
Public Di sclosure," dated
October 19, 2004 , and the associated sta
ff requirements memorandum dated  
November 9, 2004.  Also
see SECY-05-009 1, "Task F
orce R eport o n Publ ic Di sclos ure of S ecuri ty-Re lated Informati
on,"dated May 18, 20 05, an d the a ssoci ated s taff requir
ements memoran dum dat ed Jun e 30, 2 005. The NRC staff
is preparing similar guidance f
or materials licensees and expects to mak
e it availab le to the pu
blic in early 200 6.SUMMARY OF ISSUE
Considerin
g the various
review s, legislati
on, and other c
hanges since S
eptember 11, 200
1, the NRC staff believ
es that clari
fying NRC's  
current procedures
and poli cies regarding the
control of information wi
ll be ben eficial to stakeho
lders.  NRC
will continue to  
make availab
le to the publi c most o f the in formatio n that the age ncy r eceiv es from o r send s to i ts li censee sIn addit ion, t he pub lic w ill have acces s to a large a mount o f informat
ion i nclud ed in vari ous re ports produced by
the NRC sta
ff.  Much of NRC's
information als
o will be readil
y avai lable to th
e public v ia the NRC
Web site (www.n
rc.gov) and the  
NRC's el ectronic docume
nt management
system (ADAM
S) (www.nrc.gov/reading-rm/adams.html
).  In additi
on, other informatio
n may be released to the public in response to form
al or informal request
s.  The exceptions for cert
ain infor mation to be withhe
ld from public disc
losure f or reas ons othe r than se curity (e.g., privacy, proprietary, a
nd pre-decisi
onal information) have not  
changed as a res
ult of recent ev
entsThe
appropriate ha
ndling of Safeguards Informatio
n (SGI) is dis
cussed in R
IS-2003-08, "Prote
ction of Safegua
rds Infor mation From U nautho rize d Dis closu re," da ted Ap ril 3 0, 200 3, and more speci fic SGI d esigna tion gu idanc e docu ments.  NRC wi thheld from publi
c disclosu
re some information  
related to prote
cting operating nu
clear power pl ants although i
t does not meet th
e existi ng criteria for desi
gnation as SGI.  Thi
s type of infor mation was recog
nized bef ore Sept ember 11, 2001, and, when su
bmitt ed to NRC by a
licensee, w
as withhe ld from public  
disclosure  
according to the  
provisio ns of 10 CFR
2.390(d)(1).  This re
gulation states: (d) The follow
ing information i
s considered
commercial or  
financial i
nformation with
in the meaning of §9.17(a)(4) o
f this chapter and
is subject to  
disclosure  
only in accordance
with the pr ovis ions of §9.19 of this chapt er.(1) Corresponden
ce and reports  
to or from the NRC  
which co ntain information
or records concerni
ng a license
e's or appl
icant's phy
sical protec
tion, classi
fied matter
protection, or mate
rial control
and accounti
ng program for special  
nuclear materia
l not otherw ise d esigna ted as Safegua rds Infor mation or cl assifi ed as Natio nal S ecuri ty Information or Restri
cted Data.  
RIS 2005-26
Pag e 3 of 5 NRC expe cts that lice
nsees wi ll contin ue to request NRC
withhol d some information  
citing 10 CFR 2.390(d)(1) and that the volume of
material requested to be withheld fr
om public disclosure
under this pro
vision will increase as  
the NRC staff and l
icensees i
mplement the
guidan ce in this RIS.  N RC ch anged i ts proc edures shortl y after Septe mber 11 , 2001 , to withhol d from public di
sclosure v
arious categorie
s of documents li
kely to inc
lude indi vidual record s that warra nt wi thhol ding u nder 1 0 CFR 2.390.  The N RC sta ff will asses s the n eed to withhol d such documen
t categories if li
censees routin
ely ide ntify specific  
documents contai
ning sensitive information.  The NRC staf
f will interact with licensees on a case-by-case basis
regarding the use of
the provisions of 10 CFR 2.390(d)(1) to assu
re that informat
ion is properly
controlled, u
nder either S
ection 2.390(d
)(1) or one of the o
ther Freedom of Information  
Act (FOIA) exemptions that m
ight be applicable.  Licensees that identify inf
ormation to be withheld
from public dis
closure in  
accordance w
ith 10 CFR
2.390(d)(1) or oth
er provisi
on in the regulation sho
uld use the  
same general prac
tices as used
for proprietary  
commercial or
financi al in formatio n.  As show n on th e attac hed di agram, th e cov er let ter sho uld c learl y sta te that the document  
includes s
ensitive information and  
the affected pages shoul
d include the marking "Security-R
elated Information  
- Withhold Under 10 CFR
2.390."  Unl
ike the requirements for wi
thholding prop
rietary in
formation, license
es are not requi
red to provi
de an affidavit for sensiti
ve information  
withhel d under 10 C
FR 2.390(d) an
d related to  
(1) physica
l prot ecti on o r (2) mate rial con trol and acc ount ing.Most informatio
n receive d and generated  
by NRC deals w ith design, op
erations, or oth
er matters not di rectly relat ed to t he phy sical securi ty of n uclea r facil ities or rad ioact ive materi als. This information, i
f not protected as p
roprietary o
r under another  
exception, is generally
made availab le to the pu
blic.  After Sep
tember 11, 2001, NRC and oth
er Government agenc
ies responded to c
oncerns that some
information easi
ly ava ilable o n public Web sites or by other
means might be use
ful to terrorists.  S
ECY-04-0191  
provides the primary N
RC guidance  
on whether information relate
d to operating nuclear power plants should be withheld from
public disclosure
in light of the  
post-September 11  
concerns.  The N
RC staff has posted th
e guidance
and related  
material w
ithin the p
ublic readi
ng room (http://ww
w.nrc.gov/readi
ng-rm.html) on the
NRC Web site, and stakehol
ders can ask questi
ons or make suggestions  
about the guida
nce and th e exa mples.  As discussed
in SECY-04-0191, other Gov
ernment agencies  
have issu ed regulations
or guidan ce for pr otecti ng inform ation that c ould be rea sonab ly e xpec ted to be use ful to t errori sts in planni ng or executi
ng an attack on criti
cal infrastructure.
*Protected criti
cal infrastructure  
information (PCII) i
s information rel
ated to the sec
urity of criti cal i nfrastru cture t hat is vol untari ly p rovi ded to the De partmen t of Home land Securi ty (DHS). *Criti cal e nergy infrastr ucture informa tion (CEII) i s defin ed in Feder al En ergy R egulat ory Commission (FE
RC) regulation
s as information  
related to ene
rgy-related in
frastructure (e.g., hy droel ectric dams a nd el ectric transmi ssion syste ms).*Sensitiv e security  
information (SSI) i
s defined in  
Transportation Sa
fety Administrati
on (TSA) and Departmen
t of Transportation (DOT) regul
ations as i
nformation about the
security of trans
portation asse
ts, includi
ng pipeline
s.  
RIS 2005-26
Pag e 4 of 5 Licensees may
need to asse
ss and revi
se their proce
dures for handli
ng sensitiv
e unclassi
fied nonsafeguards information
in their n
ormal activ
ities and  
interactions  
with parti
es other than
NRCDuri
ng discussion
s of existin
g practices w
ith vario us license
es, the NRC  
staff discovered
that license
es vary in how they treat and
protect information  
that was pre
viously unprotected bu
t now is con sider ed sen sitiv eSom e lic ensee s hav e ins titute d more restri ctiv e cont rolsSome have determi
ned that their  
routine busi
ness practices
provide an appropria
te level of protection
for the s ensit ive informat ion.  As described
in 10 CF R 2.390, informatio
n deemed sensi
tive beca use it relate
s to physi
cal protection or mate
rial control
and accounti
ng is protected i
n much the same  
way as commercial
or fina ncial inf ormat ion.  As with pr
oprieta ry infor mation , license es are expe
cted to have sufficient internal
controls to keep
the information c
onfidential.   
Possible methods to prev
ent the inadverten
t release of sens
itive un classified no
nsafeguards information i
nclude marking
documents as de
scribed in  
10 CFR 2.39
0, restricting acce
ss to electroni
c recordkeeping
system s, and co ntrollin g the re produc tion, dis tribut ion, and de
struc tion of potent ially sensit
ive records.  NRC  
uses the marking "Sec
urity-Rela
ted Information - Withhold Unde
r 10 CFR 2.39
0" and encoura
ges the use of this  
marking by lic
ensees and o
thers possessi
ng informat ion d eemed s ensit ive using t he gui dance in SE CY-04-0191.  Lice nsees shoul d ensu re that similar  
controls are i
n place w hen sensiti
ve information  
is provi ded to outsid
e parties suc
h as contractors or other
Government agencies.  T
he NRC staff posted inf
ormation on NRC's
Web site (http://www.n
rc.gov/reading-rm.html) an
d include d a feedback form for questions o
r suggesti ons on how to effecti
vely contro l sen sitiv e infor mationBA CKFIT DISCU SSION This R IS requi res no actio n or w ritten respo nseA ny ac tion o n the p art of ad dresse es to assess and rev
ise their do
cument control p
rocedures in  
accordance w
ith the guidan
ce contai ned i n this RIS i s stric tly v olunt ary a nd, the refore, i s not a backfit under 10 CFR 50.10 9. Consequently , the NRC sta
ff did not perform a backfit anal
ysis.FEDERAL REGISTER
NOTIF ICA TION A notice of opp
ortunity for pub
lic comment on
this RIS w
as not publi
shed in the  
Federal Register becau se it is in formatio nal a nd per tains to a s taff posi tion t hat do es not repres ent a departure from current regul
atory requirements
and practice.  NRC inte
nds to work w
ith the Nuclear Ene
rgy Institute, in
dustry represe
ntatives, membe
rs of the publi
c, and other
stakeholders in
modifying rela
ted guidance d
ocuments.SMAL L BUSINESS
REGULA TORY ENFOR
CEMENT FA IRNESS A CT OF 1996
The NRC has determined that this act
ion is not a rule and thus is not subject to the Small
Busin ess Re gulato ry En forcemen t Fair ness A ct of 199 6.   
RIS 2005-26
Pag e 5 of 5 PAPERWORK REDUCTION A
CT STA TEMENT This RIS does  
not contain i
nformation colle
ctions and, th
erefore, is not sub
ject to the
require ments o f the Pa perw ork Red uctio n Act o f 1995 (44 U.S.C. 350 1 et se q.).CONTACT Please di rect any questi
ons about thi
s matter to the tech
nical conta
cts listed b
elow or to the approp riate Office of N
uclea r Reac tor Regu latio n (NRR) proje ct mana ger./RA/ By Patrick
L. Hiland For
/Michael J. Case, Di
rector Divi sion of Inspe ction and R egiona l Sup port Office of Nuclear Reacto
r Regulation
Technical Co
ntacts: W illiam Reckley, NRR
Margie Kotzalas, NRR
301-415-1323
301-415-2737
E-mail: wdr@nrc.gov
E-mail: mxk5@nrc.gov
AttachmentM
arking diagram for documents  
withhel d under 10 C
FR 2.390 Note:  NRC  
generic communica
tions may b
e found on the N
RC publi c Web site, http://www.nrc.gov, under E
lectronic Re
ading Room/Docu
ment Collecti
ons.  
Security-Re
lated Information
Withhold Under 10 CFR
2.390 Subject XXXXXXXXXX
XXXXXXXXXX
XXXXXXXXXX
 
XXXXXXXXXX
Attachment
 
RIS-2005-26
RIS-2005-26
Page 1 of 1SUGGESTED MARKINGSWithhold From Public Disclosure In Accordance With 10 CFR 2.390                                                                                                                  Overall page marking on the top of all pagesEnsure Subject Line is non-sensitiveAppropriate ControlsAccess:Need-to-know in order to perform official licensee functions.Storage:Openly within licensee facilities with electronic or other accesscontrols, for example, key cards, guards, alarms.Mail:U.S. Postal Service first class mail, single opaque envelope withno markings to indicate 10 CFR 2.390 contents.Electronic Transmission:Over encrypted phone, facsimile, computer, if available;otherwise over non-encrypted circuits where recipient willbe present to receive the transmission.


Pag e 1 of 1 SUGGESTED MA
RKINGS Withhold From Pub
lic Disclosure In
Ac cordance With 1
0 CFR 2.390
           
           
           
           
           
           
           
           
           
      Over
all page marking on
the top of all pa
ges Ensure Subjec t Line is non-se nsitive Appropriate Controls
Access: Need-to-know i
n order to perform official
licensee
functions.
Storage: Openly w ithin li censee facili
ties wi th electronic
or other acces
s controls, for exa
mple, key cards , guards, alarms.
Mail: U.S. P ostal Serv ice fir st cla ss mai l, si ngle o paque e nvel ope w ith no markings to indi
cate 10 CFR
2.390 contents.
Electronic Tran
smission: Over encryp
ted phone, facsimi
le, computer, if av
ailable;otherwise over non-encrypted circuits where recipient will
be present to re
ceive the transmission.
}}
}}

Revision as of 10:15, 30 August 2018

Control of Sensitive Unclassified Nonsafeguards Information Related to Nuclear Power Reactors
ML080940158
Person / Time
Site: Hatch  Southern Nuclear icon.png
Issue date: 11/07/2005
From: Case M J
NRC/NRR/ADRO/DIRS
To:
References
RIS-05-026
Download: ML080940158 (6)


See also: RIS 2005-26

Text

ML051430228

UNITED STATES

NUCLE AR RE GULATOR Y COM MISS ION OFFICE OF NUC LEAR REAC TOR REGU LATION WASHINGTON, D.C. 20555-0001

November 7, 2005 NRC REGUL AT ORY ISSUE SUMMA

RY 2005-26

CONTROL OF SENSITIVE UNCLASSIFIED NONSAFEGUA

RDS INFORMATION RELATED TO NU

CLEAR POWER REA

CTORS ADDRESSEES

All hold ers of operating li

censes for nucle

ar power re

actors and hol

ders of and appl

icants for

certificates for reactor d

esigns.INTENT The U.S. Nuclear Regulator

y Commission (NRC) is issuing this regulatory issue summ

ary (RIS)to inform the addres

sees of the appropriate hand

ling of inform

ation that warrants controls

because of conti

nuing concerns

about terrorist a

ttacks against the cri

tical infrastructu

re of the Unite d State s. The N RC in tends to bal ance i ts resp onsib ilit y to p reserv e publ ic acc ess to informat ion a nd sup port me aningful parti cipat ion i n NRC's regu latory proce sses a gainst its responsibil

ity to w ithhold i nformation that might unn

ecessarily

compromise the

security of

nucle ar facil ities. Lic ensee s for ope rating nucle ar pow er pla nts an d reac tor faci lity desi gners may need t

o assess their doc

ument contro l procedu res to en sure th ey protec t sensit ive information. Al

though no speci

fic action or w

ritten response

is required, th

e NRC enco

urages the addr essees f or this RI

S, vendor s and cont

ractor s, and ot hers who ma

y possess sensitive

information to dest

roy, mark, or other

wise control the information to avoid inadvertently

providin g assistance to

those who

might use the in

formation for malevol

ent acts.BA CKGROU ND INF ORMA TION NRC traditi

onally has given th

e public access to a si

gnificant amount of in

formation about the

facilities a

nd materials

the agency regul

ates. Openness

has been and

remains a co

rnerstone of NRC's regula

tory phil osophy. The

Atomic Energy

Act, subsequent l

egislation, a

nd variou s NRC regulatio

ns have giv

en the publ

ic the right to

participate i

n the lice

nsing and ov

ersight process for nucle

ar power re

actors and othe

r NRC lic ensees. To parti

cipate in

a meaningful

way, the public mus

t have acce

ss to information

about the desi

gn and operatio

n of regulated

facilit ies and use

of nucle ar mat erials. However, NRC an

d other G overnme nt agen cies have alway s withhel d some information

from public dis

closure for reason

s of security, p

ersonal priv acy, or comme rcial or trad e secre t prote ction. In l ight of i ncreas ed terr orist activ ity worldw ide, NRC re

examined i

ts document dis

closure pol

icies.

RIS 2005-26

Pag e 2 of 5 Since the e

vents of Septembe

r 11, 2001, NR

C has issue

d adviso ries and taken s

pecific action

s regarding the securi

ty of its li

censed facili

ties. NRC

has also as

sessed and re

vised i ts policie

s and pr actice s for con trol o f informat

ion s o that informat ion th at cou ld rea sonab ly b e exp ected to be useful to terrori

sts in plan

ning or exec

uting an attack again

st nuclear po

wer plan ts or other

NRC-licen sed faciliti

es wil l be wi thheld from publi

c disclosu

re. The most recent

and detail

ed guidance on the control of inf

ormation related to operat

ing nuclear power plants is provided in

the Commission

paper SECY

-04-0191, "Withholding Sensi

tive Uncl assified Information

Concerning Nu

clear Pow er Reactors From

Public Di sclosure," dated

October 19, 2004 , and the associated sta

ff requirements memorandum dated

November 9, 2004. Also

see SECY-05-009 1, "Task F

orce R eport o n Publ ic Di sclos ure of S ecuri ty-Re lated Informati

on,"dated May 18, 20 05, an d the a ssoci ated s taff requir

ements memoran dum dat ed Jun e 30, 2 005. The NRC staff

is preparing similar guidance f

or materials licensees and expects to mak

e it availab le to the pu

blic in early 200 6.SUMMARY OF ISSUE

Considerin

g the various

review s, legislati

on, and other c

hanges since S

eptember 11, 200

1, the NRC staff believ

es that clari

fying NRC's

current procedures

and poli cies regarding the

control of information wi

ll be ben eficial to stakeho

lders. NRC

will continue to

make availab

le to the publi c most o f the in formatio n that the age ncy r eceiv es from o r send s to i ts li censee s. In addit ion, t he pub lic w ill have acces s to a large a mount o f informat

ion i nclud ed in vari ous re ports produced by

the NRC sta

ff. Much of NRC's

information als

o will be readil

y avai lable to th

e public v ia the NRC

Web site (www.n

rc.gov) and the

NRC's el ectronic docume

nt management

system (ADAM

S) (www.nrc.gov/reading-rm/adams.html

). In additi

on, other informatio

n may be released to the public in response to form

al or informal request

s. The exceptions for cert

ain infor mation to be withhe

ld from public disc

losure f or reas ons othe r than se curity (e.g., privacy, proprietary, a

nd pre-decisi

onal information) have not

changed as a res

ult of recent ev

ents. The

appropriate ha

ndling of Safeguards Informatio

n (SGI) is dis

cussed in R

IS-2003-08, "Prote

ction of Safegua

rds Infor mation From U nautho rize d Dis closu re," da ted Ap ril 3 0, 200 3, and more speci fic SGI d esigna tion gu idanc e docu ments. NRC wi thheld from publi

c disclosu

re some information

related to prote

cting operating nu

clear power pl ants although i

t does not meet th

e existi ng criteria for desi

gnation as SGI. Thi

s type of infor mation was recog

nized bef ore Sept ember 11, 2001, and, when su

bmitt ed to NRC by a

licensee, w

as withhe ld from public

disclosure

according to the

provisio ns of 10 CFR 2.390(d)(1). This re

gulation states: (d) The follow

ing information i

s considered

commercial or

financial i

nformation with

in the meaning of §9.17(a)(4) o

f this chapter and

is subject to

disclosure

only in accordance

with the pr ovis ions of §9.19 of this chapt er.(1) Corresponden

ce and reports

to or from the NRC

which co ntain information

or records concerni

ng a license

e's or appl

icant's phy

sical protec

tion, classi

fied matter

protection, or mate

rial control

and accounti

ng program for special

nuclear materia

l not otherw ise d esigna ted as Safegua rds Infor mation or cl assifi ed as Natio nal S ecuri ty Information or Restri

cted Data.

RIS 2005-26

Pag e 3 of 5 NRC expe cts that lice

nsees wi ll contin ue to request NRC

withhol d some information

citing 10 CFR 2.390(d)(1) and that the volume of

material requested to be withheld fr

om public disclosure

under this pro

vision will increase as

the NRC staff and l

icensees i

mplement the

guidan ce in this RIS. N RC ch anged i ts proc edures shortl y after Septe mber 11 , 2001 , to withhol d from public di

sclosure v

arious categorie

s of documents li

kely to inc

lude indi vidual record s that warra nt wi thhol ding u nder 1 0 CFR 2.390. The N RC sta ff will asses s the n eed to withhol d such documen

t categories if li

censees routin

ely ide ntify specific

documents contai

ning sensitive information. The NRC staf

f will interact with licensees on a case-by-case basis

regarding the use of

the provisions of 10 CFR 2.390(d)(1) to assu

re that informat

ion is properly

controlled, u

nder either S

ection 2.390(d

)(1) or one of the o

ther Freedom of Information

Act (FOIA) exemptions that m

ight be applicable. Licensees that identify inf

ormation to be withheld

from public dis

closure in

accordance w

ith 10 CFR

2.390(d)(1) or oth

er provisi

on in the regulation sho

uld use the

same general prac

tices as used

for proprietary

commercial or

financi al in formatio n. As show n on th e attac hed di agram, th e cov er let ter sho uld c learl y sta te that the document

includes s

ensitive information and

the affected pages shoul

d include the marking "Security-R

elated Information

- Withhold Under 10 CFR

2.390." Unl

ike the requirements for wi

thholding prop

rietary in

formation, license

es are not requi

red to provi

de an affidavit for sensiti

ve information

withhel d under 10 C

FR 2.390(d) an

d related to

(1) physica

l prot ecti on o r (2) mate rial con trol and acc ount ing.Most informatio

n receive d and generated

by NRC deals w ith design, op

erations, or oth

er matters not di rectly relat ed to t he phy sical securi ty of n uclea r facil ities or rad ioact ive materi als. This information, i

f not protected as p

roprietary o

r under another

exception, is generally

made availab le to the pu

blic. After Sep

tember 11, 2001, NRC and oth

er Government agenc

ies responded to c

oncerns that some

information easi

ly ava ilable o n public Web sites or by other

means might be use

ful to terrorists. S

ECY-04-0191

provides the primary N

RC guidance

on whether information relate

d to operating nuclear power plants should be withheld from

public disclosure

in light of the

post-September 11

concerns. The N

RC staff has posted th

e guidance

and related

material w

ithin the p

ublic readi

ng room (http://ww

w.nrc.gov/readi

ng-rm.html) on the

NRC Web site, and stakehol

ders can ask questi

ons or make suggestions

about the guida

nce and th e exa mples. As discussed

in SECY-04-0191, other Gov

ernment agencies

have issu ed regulations

or guidan ce for pr otecti ng inform ation that c ould be rea sonab ly e xpec ted to be use ful to t errori sts in planni ng or executi

ng an attack on criti

cal infrastructure.

  • Protected criti

cal infrastructure

information (PCII) i

s information rel

ated to the sec

urity of criti cal i nfrastru cture t hat is vol untari ly p rovi ded to the De partmen t of Home land Securi ty (DHS). *Criti cal e nergy infrastr ucture informa tion (CEII) i s defin ed in Feder al En ergy R egulat ory Commission (FE

RC) regulation

s as information

related to ene

rgy-related in

frastructure (e.g., hy droel ectric dams a nd el ectric transmi ssion syste ms).*Sensitiv e security

information (SSI) i

s defined in

Transportation Sa

fety Administrati

on (TSA) and Departmen

t of Transportation (DOT) regul

ations as i

nformation about the

security of trans

portation asse

ts, includi

ng pipeline

s.

RIS 2005-26

Pag e 4 of 5 Licensees may

need to asse

ss and revi

se their proce

dures for handli

ng sensitiv

e unclassi

fied nonsafeguards information

in their n

ormal activ

ities and

interactions

with parti

es other than

NRC. Duri

ng discussion

s of existin

g practices w

ith vario us license

es, the NRC

staff discovered

that license

es vary in how they treat and

protect information

that was pre

viously unprotected bu

t now is con sider ed sen sitiv e. Som e lic ensee s hav e ins titute d more restri ctiv e cont rols. Some have determi

ned that their

routine busi

ness practices

provide an appropria

te level of protection

for the s ensit ive informat ion. As described

in 10 CF R 2.390, informatio

n deemed sensi

tive beca use it relate

s to physi

cal protection or mate

rial control

and accounti

ng is protected i

n much the same

way as commercial

or fina ncial inf ormat ion. As with pr

oprieta ry infor mation , license es are expe

cted to have sufficient internal

controls to keep

the information c

onfidential.

Possible methods to prev

ent the inadverten

t release of sens

itive un classified no

nsafeguards information i

nclude marking

documents as de

scribed in

10 CFR 2.39

0, restricting acce

ss to electroni

c recordkeeping

system s, and co ntrollin g the re produc tion, dis tribut ion, and de

struc tion of potent ially sensit

ive records. NRC

uses the marking "Sec

urity-Rela

ted Information - Withhold Unde

r 10 CFR 2.39

0" and encoura

ges the use of this

marking by lic

ensees and o

thers possessi

ng informat ion d eemed s ensit ive using t he gui dance in SE CY-04-0191. Lice nsees shoul d ensu re that similar

controls are i

n place w hen sensiti

ve information

is provi ded to outsid

e parties suc

h as contractors or other

Government agencies. T

he NRC staff posted inf

ormation on NRC's

Web site (http://www.n

rc.gov/reading-rm.html) an

d include d a feedback form for questions o

r suggesti ons on how to effecti

vely contro l sen sitiv e infor mation. BA CKFIT DISCU SSION This R IS requi res no actio n or w ritten respo nse. A ny ac tion o n the p art of ad dresse es to assess and rev

ise their do

cument control p

rocedures in

accordance w

ith the guidan

ce contai ned i n this RIS i s stric tly v olunt ary a nd, the refore, i s not a backfit under 10 CFR 50.10 9. Consequently , the NRC sta

ff did not perform a backfit anal

ysis.FEDERAL REGISTER

NOTIF ICA TION A notice of opp

ortunity for pub

lic comment on

this RIS w

as not publi

shed in the

Federal Register becau se it is in formatio nal a nd per tains to a s taff posi tion t hat do es not repres ent a departure from current regul

atory requirements

and practice. NRC inte

nds to work w

ith the Nuclear Ene

rgy Institute, in

dustry represe

ntatives, membe

rs of the publi

c, and other

stakeholders in

modifying rela

ted guidance d

ocuments.SMAL L BUSINESS

REGULA TORY ENFOR

CEMENT FA IRNESS A CT OF 1996

The NRC has determined that this act

ion is not a rule and thus is not subject to the Small

Busin ess Re gulato ry En forcemen t Fair ness A ct of 199 6.

RIS 2005-26

Pag e 5 of 5 PAPERWORK REDUCTION A

CT STA TEMENT This RIS does

not contain i

nformation colle

ctions and, th

erefore, is not sub

ject to the

require ments o f the Pa perw ork Red uctio n Act o f 1995 (44 U.S.C. 350 1 et se q.).CONTACT Please di rect any questi

ons about thi

s matter to the tech

nical conta

cts listed b

elow or to the approp riate Office of N

uclea r Reac tor Regu latio n (NRR) proje ct mana ger./RA/ By Patrick

L. Hiland For

/Michael J. Case, Di

rector Divi sion of Inspe ction and R egiona l Sup port Office of Nuclear Reacto

r Regulation

Technical Co

ntacts: W illiam Reckley, NRR

Margie Kotzalas, NRR

301-415-1323

301-415-2737

E-mail: wdr@nrc.gov

E-mail: mxk5@nrc.gov

Attachment: M

arking diagram for documents

withhel d under 10 C

FR 2.390 Note: NRC

generic communica

tions may b

e found on the N

RC publi c Web site, http://www.nrc.gov, under E

lectronic Re

ading Room/Docu

ment Collecti

ons.

Security-Re

lated Information

Withhold Under 10 CFR

2.390 Subject XXXXXXXXXX

XXXXXXXXXX

XXXXXXXXXX

XXXXXXXXXX

Attachment

RIS-2005-26

Pag e 1 of 1 SUGGESTED MA

RKINGS Withhold From Pub

lic Disclosure In

Ac cordance With 1

0 CFR 2.390

Over

all page marking on

the top of all pa

ges Ensure Subjec t Line is non-se nsitive Appropriate Controls

Access: Need-to-know i

n order to perform official

licensee

functions.

Storage: Openly w ithin li censee facili

ties wi th electronic

or other acces

s controls, for exa

mple, key cards , guards, alarms.

Mail: U.S. P ostal Serv ice fir st cla ss mai l, si ngle o paque e nvel ope w ith no markings to indi

cate 10 CFR

2.390 contents.

Electronic Tran

smission: Over encryp

ted phone, facsimi

le, computer, if av

ailable;otherwise over non-encrypted circuits where recipient will

be present to re

ceive the transmission.