ML11206B172
| ML11206B172 | |
| Person / Time | |
|---|---|
| Site: | Vogtle  |
| Issue date: | 07/20/2011 |
| From: | Ernstes M E NRC/RGN-II/DRS/PSB2 |
| To: | Tynan T E Southern Nuclear Operating Co |
| References | |
| RIS-2005-26 | |
| Download: ML11206B172 (18) | |
See also: RIS 2005-26
Text
July 20, 2011
Mr. Tom Vice President Southern Nuclear Operating Company, Inc. Vogtle Electric Generating Plant 7821 River Road Waynesboro, GA 30830
SUBJECT: UPDATE OF NUCLEAR REGULATORY COMMISSION (NRC) DISTRIBUTION LIST FOR DOCUMENTS CONTAINING SAFEGUARDS (SGI), (OUO), AND ROUTINE INFORMATION - (VOGTLE NUCLEAR PLANT)
Dear Mr. Tynan:
I am writing to request current information on those individuals authorized to receive documents containing Safeguards (SGI), Official Use Only (OUO), and Routine information on issues relating to your facility. Safeguards information is a special category of sensitive unclassified information authorized by Section 147 of the Atomic Energy Act of 1954, as amended (the Act), to be protected. While SGI is considered sensitive unclassified information, it is handled and protected more like classified confidential information than like other sensitive unclassified information (e.g., privacy and proprietary information). Access to SGI is controlled by a valid need-to-know basis. It is the responsibility of the NRC to maintain the integrity of SGI distribution, therefore we are currently in the process of verifying the identity, and contact information of individuals designated to receive documents with SGI, OUO, and Routine information for your facility. You are requested to provide an updated distribution list of those persons who should receive documents containing SGI, OUO, and Routine information within 20 days of the date of this letter to: ATTN: Document Control Desk, Washington, D.C. 20555-0001; with a copy to the Regional Administrator Region II, so that we can verify and/or update our distribution information. Please ensure that each list clearly specifies the individuals who are authorized to receive matter specific correspondence. To facilitate this request, I have enclosed a copy of the NRC's official distribution list on file, which has been organized by category. Additionally, you will find NRC Regulatory Issue Summary 2005-26 defining control of sensitive unclassified non-safeguards information related to nuclear power reactors, and NRC Regulatory Issue Summary 2003-08, Summary of Safeguards Information Requirements.
SNC 2 In accordance with 10 CFR 2.390 of the NRC's "Rules of Practice," a copy of this letter and its enclosures will be available electronically for public inspection in the NRC Public Document Room or from the Publicly Available Records (PARS) component of NRC's document system (ADAMS). ADAMS is accessible from the NRC Web site at http://ww.nrc.gov/reading-rm/adams.html (the Public Electronic Room).
Should you have any questions concerning this letter, please contact us.
Sincerely,/RA/ Michael E. Ernstes, Chief Plant Support Branch 2 Division of Reactor Safety Docket No.: 50-424, 50-425 License No.: NPF-68, NPF-81
Enclosures:
1. Current Official Distribution List 2. NRC Regulatory Issue Summary 2005-26 3. NRC Regulatory Issue Summary 2003-08 SNC 2 In accordance with 10 CFR 2.390 of the NRC's "Rules of Practice," a copy of this letter and its enclosures will be available electronically for public inspection in the NRC Public Document Room or from the Publicly Available Records (PARS) component of NRC's document system (ADAMS). ADAMS is accessible from the NRC Web site at http://ww.nrc.gov/reading-rm/adams.html (the Public Electronic Room).
Should you have any questions concerning this letter, please contact us.
Sincerely,/RA/ Michael E. Ernstes, Chief Plant Support Branch 2 Division of Reactor Safety Docket No.: 50-424, 50-425 License No.: NPF-68, NPF-81
Enclosures:
1. Current Official Distribution List 2. NRC Regulatory Issue Summary 2005-26 3. NRC Regulatory Issue Summary 2003-08 X PUBLICLY AVAILABLE G NON-PUBLICLY AVAILABLE G SENSITIVE X NON-SENSITIVE ADAMS: X Yes ACCESSION NUMBER: _________________________ X SUNSI REVIEW COMPLETE X FORM 665 ATTACHED OFFICE RII: DRS RII: DRS RII: DRP SIGNATURE RA RA RA NAME J. CALLOWAY M. ERNSTES S. SHAEFFER DATE 07/15/2011 07/20/2011 07/18/2011 E-MAIL COPY? YES NO YES NO YES NO YES NO YES NO YES NO YES NO OFFICIAL RECORD COPY DOCUMENT NAME: G:\DRSII\PSBII\SGI PROTECTION LETTERS\2011 SGI DISTRIBUTION UPDATE\VOGTLE SGI PROTECTION LTR UPDATE 2011.DOCX OFFICIAL DISTRIBUTION LIST VOGTLE NUCLEAR PLANT Enclosure 1 ROUTINE DISTRIBUTION: cc w/encl: Division of Radiological Health TN Dept. of Environment & Conservation 401 Church Street Nashville, TN 37243-1532 B. D. McKinney, Jr. Regulatory Response Manager Southern Nuclear Operating Company, Inc. Electronic Mail Distribution Hickox, T. Mark Vogtle Electric Generating Plant Electronic Mail Distribution M. J. Ajluni Nuclear Licensing Director Southern Nuclear Operating Company, Inc. Electronic Mail Distribution Sandra Threatt, Manager Nuclear Response and Emergency Environmental Surveillance Bureau of Land and Waste Management Department of Health and Environmental Control Electronic Mail Distribution T. D. Honeycutt Regulatory Response Supervisor Southern Nuclear Operating Company, Inc. Electronic Mail Distribution Jeffrey T. Gasser Chief Nuclear Officer Southern Nuclear Operating Company, Inc. Electronic Mail Distribution L. Mike Stinson Vice President Joseph M. Farley Nuclear Plant Southern Nuclear Operating Company, Inc. Electronic Mail Distribution L. P. Hill Licensing Supervisor Southern Nuclear Operating Company, Inc. Electronic Mail Distribution N. J. Stringfellow Licensing Manager Southern Nuclear Operating Company, Inc. Electronic Mail Distribution R. L. Gladney Licensing Engineer Southern Nuclear Operating Company, Inc. Electronic Mail Distribution Paula Marino Vice President Engineering Southern Nuclear Operating Company, Inc. Electronic Mail Distribution Bob Masse Resident Manager Vogtle Electric Generating Plant Oglethorpe Power Corporation Electronic Mail Distribution J. L. Pemberton SVP & General Counsel-Ops & SNC Southern Nuclear Operating Company, Inc. Electronic Mail Distribution S. C. Swanson Site Support Manager Vogtle Electric Generating Plant Electronic Mail Distribution Chris Clark Commissioner Georgia Department of Natural Resources Electronic Mail Distribution Lee Foley Manager of Contracts Generation Oglethorpe Power Corporation Electronic Mail Distribution F. Allen Barnes Director Environmental Protection Division Georgia Department of Natural Resources Electronic Mail Distribution OFFICIAL DISTRIBUTION LIST VOGTLE NUCLEAR PLANT Enclosure 1 ROUTINE DISTRIBUTION: cc w/encl (Continued): Cynthia A. Sanders Radioactive Materials Program Manager Environmental Protection Division Georgia Department of Natural Resources Electronic Mail Distribution James A. Sommerville Program Coordination Branch Chief Environmental Protection Division Georgia Department of Natural Resources Electronic Mail Distribution James C. Hardeman Environmental Radiation Program Manager Environmental Protection Division Georgia Department of Natural Resources Electronic Mail Distribution Ted V. Jackson Emergency Response and Radiation Program Manager Environmental Protection Division Georgia Department of Natural Resources Electronic Mail Distribution Mr. Steven M. Jackson Senior Engineer - Power Supply Municipal Electric Authority of Georgia Electronic Mail Distribution Mr. Reece McAlister Executive Secretary Georgia Public Service Commission Electronic Mail Distribution Office of the Attorney General 40 Capitol Square, SW Atlanta, GA 30334 L. L. Crumpton Administrative Assistant, Sr. Southern Nuclear Operating Company, Inc. Electronic Mail Distribution Office of the County Commissioner Burke County Commission Electronic Mail Distribution Arthur H. Domby, Esq. Troutman Sanders Electronic Mail Distribution Director Consumers' Utility Counsel Division Govenor's Office of Consumer Affairs 2 M. L. King, Jr. Drive Plaza Level East; Suite 356 Atlanta, GA 30334-4600 Senior Resident Inspector U.S. Nuclear Regulatory Commission Vogtle Electric Generating Plant U.S. NRC 7821 River Road Waynesboro, GA 30830 Richard Haynes Director, Division of Waste Management Bureau of Land and Waste Management S.C. Department of Health and Environmental Control Electronic Mail Distribution Amy Whaley Engineer Nuclear Generation Development and Construction Electronic Mail Distribution OFFICIAL DISTRIBUTION LIST VOGTLE NUCLEAR PLANT Enclosure 1 (OUO) DISTRIBUTION cc w/encl Jeffrey T. Gasser Chief Nuclear Officer Southern Nuclear Operating Company, Inc. 40 Iverness Center Parkway Birmingham, AL 35242 K. C. Dyar Security Manager Vogtle Electric Generating Plant 7821 River Road Waynesboro, GA 30830 Keith Wooten Project Manager Nuclear Fleet Security Southern Nuclear Operating Company, Inc. 40 Iverness Center Parkway Birmingham, AL 35242 David Burford Manager Nuclear Fleet Security Southern Nuclear Operating Company, Inc. 40 Iverness Center Parkway Birmingham, AL 35242 Russ Dedrickson Plant Manager Vogtle Electric Generating Plant 7821 River Road Waynesboro, GA 30830 OFFICIAL DISTRIBUTION LIST VOGTLE NUCLEAR PLANT Enclosure 1 SAFEGUARDS (SGI) DISTRIBUTION: cc w/encl L. Mike Stinson Vice President Joseph M. Farley Nuclear Plant Southern Nuclear Operating Company, Inc. Farley Nuclear Plant P.O. Drawer 470 BIN B500 Ashford, AL 36312 cc w/Inspection Summary: Jeffrey T. Gasser Chief Nuclear Officer Southern Nuclear Operating Company, Inc. 40 Iverness Center Parkway Birmingham, AL 35242 Keith Wooten, Project Manager Nuclear Fleet Security Southern Nuclear Operating Company, Inc. 40 Iverness Center Parkway Birmingham, AL 35242 David Burford Manager Nuclear Fleet Security Southern Nuclear Operating Company, Inc. 40 Iverness Center Parkway Birmingham, AL 35242 Lee Foley Manager of Contracts Generation Oglethorpe Power Corporation 2100 East Exchange Place P.O. Box 1349 Tucker, GA 30085-1349 Russ Dedrickson Plant Manager Vogtle Electric Generating Plant 7821 River Road Waynesboro, GA 30830 F. Allen Barnes Director Environmental Protection Division Georgia Department of Natural Resources 2 Martin Luther King Jr. Drive. Suite 1152 East Floyd Tower Atlanta, GA 30334-9000 Office of the Attorney General 40 Capitol Square, SW Atlanta, GA 30334 Office of the County Commissioner Burke County Commission Waynesboro, GA 30830 Bob Masse Resident Manager Vogtle Electric Generating Plant Oglethorpe Power Corporation 7821 River Road Waynesboro, GA 30830 Arthur H. Domby, Esq. Troutman Sanders Nations Bank Plaza 600 Peachtree Street, NE, Suite 5200 Atlanta, GA 30308-2216 Senior Engineer Power Supply Municipal Electric Authority of Georgia 1470 Riveredge Parkway NW Atlanta, GA 30328-4684 Reece McAlister Executive Secretary Public Service Commission 244 Washington Street, SW Atlanta, GA 30334 Director Consumers' Utility Counsel Division Govenor's Office of Consumer Affairs 2 M. L. King, Jr. Drive Plaza Level East; Suite 356 Atlanta, GA 30334-4600 Cynthia A. Sanders Radioactive Materials Program Manager Environmental Protection Division Georgia Department of Natural Resources 4220 International Parkway Suite 100 Atlanta, GA 30354-3906 OFFICIAL DISTRIBUTION LIST VOGTLE NUCLEAR PLANT Enclosure 1 J. L. Pemberton SVP & General Counsel-Ops & SNC Southern Nuclear Operating Company, Inc. 40 Inverness Center Parkway BIN B022 Birmingham, AL 35242 K. C. Dyar Security Manager Vogtle Electric Generating Plant Paula Marino Vice President Engineering Southern Nuclear Operating Company, Inc. P.O. Box 1295 Birmingham, AL 35201-1295 7821 River Road Waynesboro, GA 30830 ML051430228 November 7, 2005NRC REGULATORY ISSUE SUMMARY 2005-26CONTROL OF SENSITIVE UNCLASSIFIED NONSAFEGUARDSINFORMATION RELATED TO NUCLEAR POWER REACTORSADDRESSEESAll holders of operating licenses for nuclear power reactors and holders of and applicants forcertificates for reactor designs.INTENTThe U.S. Nuclear Regulatory Commission (NRC) is issuing this regulatory issue summary (RIS)to inform the addressees of the appropriate handling of information that warrants controlsbecause of continuing concerns about terrorist attacks against the critical infrastructure of theUnited States. The NRC intends to balance its responsibility to preserve public access toinformation and support meaningful participation in NRC's regulatory processes against itsresponsibility to withhold information that might unnecessarily compromise the security ofnuclear facilities. Licensees for operating nuclear power plants and reactor facility designersmay need to assess their document control procedures to ensure they protect sensitiveinformation. Although no specific action or written response is required, the NRC encouragesthe addressees for this RIS, vendors and contractors, and others who may possess sensitiveinformation to destroy, mark, or otherwise control the information to avoid inadvertentlyproviding assistance to those who might use the information for malevolent acts.BACKGROUND INFORMATIONNRC traditionally has given the public access to a significant amount of information about thefacilities and materials the agency regulates. Openness has been and remains a cornerstoneof NRC's regulatory philosophy. The Atomic Energy Act, subsequent legislation, and variousNRC regulations have given the public the right to participate in the licensing and oversightprocess for nuclear power reactors and other NRC licensees. To participate in a meaningfulway, the public must have access to information about the design and operation of regulatedfacilities and use of nuclear materials. However, NRC and other Government agencies havealways withheld some information from public disclosure for reasons of security, personalprivacy, or commercial or trade secret protection. In light of increased terrorist activityworldwide, NRC reexamined its document disclosure policies.
RIS 2005-26 Page 2 of 5Since the events of September 11, 2001, NRC has issued advisories and taken specific actionsregarding the security of its licensed facilities. NRC has also assessed and revised its policiesand practices for control of information so that information that could reasonably be expected tobe useful to terrorists in planning or executing an attack against nuclear power plants or otherNRC-licensed facilities will be withheld from public disclosure. The most recent and detailedguidance on the control of information related to operating nuclear power plants is provided inthe Commission paper SECY-04-0191, "Withholding Sensitive Unclassified InformationConcerning Nuclear Power Reactors From Public Disclosure," dated October 19, 2004, and theassociated staff requirements memorandum dated November 9, 2004. Also seeSECY-05-0091, "Task Force Report on Public Disclosure of Security-Related Information,"dated May 18, 2005, and the associated staff requirements memorandum dated June 30, 2005. The NRC staff is preparing similar guidance for materials licensees and expects to make itavailable to the public in early 2006.SUMMARY OF ISSUEConsidering the various reviews, legislation, and other changes since September 11, 2001, theNRC staff believes that clarifying NRC's current procedures and policies regarding the controlof information will be beneficial to stakeholders. NRC will continue to make available to thepublic most of the information that the agency receives from or sends to its licensees. Inaddition, the public will have access to a large amount of information included in various reportsproduced by the NRC staff. Much of NRC's information also will be readily available to thepublic via the NRC Web site (www.nrc.gov) and the NRC's electronic document managementsystem (ADAMS) (www.nrc.gov/reading-rm/adams.html). In addition, other information may bereleased to the public in response to formal or informal requests. The exceptions for certaininformation to be withheld from public disclosure for reasons other than security (e.g., privacy,proprietary, and pre-decisional information) have not changed as a result of recent events. Theappropriate handling of Safeguards Information (SGI) is discussed in RIS-2003-08, "Protectionof Safeguards Information From Unauthorized Disclosure," dated April 30, 2003, and morespecific SGI designation guidance documents. NRC withheld from public disclosure some information related to protecting operating nuclearpower plants although it does not meet the existing criteria for designation as SGI. This type ofinformation was recognized before September 11, 2001, and, when submitted to NRC by alicensee, was withheld from public disclosure according to the provisions of 10 CFR2.390(d)(1). This regulation states:(d) The following information is considered commercial or financial information within themeaning of §9.17(a)(4) of this chapter and is subject to disclosure only in accordancewith the provisions of §9.19 of this chapter.(1) Correspondence and reports to or from the NRC which contain information orrecords concerning a licensee's or applicant's physical protection, classified matterprotection, or material control and accounting program for special nuclear material nototherwise designated as Safeguards Information or classified as National SecurityInformation or Restricted Data.
RIS 2005-26 Page 3 of 5NRC expects that licensees will continue to request NRC withhold some information citing10 CFR 2.390(d)(1) and that the volume of material requested to be withheld from publicdisclosure under this provision will increase as the NRC staff and licensees implement theguidance in this RIS. NRC changed its procedures shortly after September 11, 2001, towithhold from public disclosure various categories of documents likely to include individualrecords that warrant withholding under 10 CFR 2.390. The NRC staff will assess the need towithhold such document categories if licensees routinely identify specific documents containingsensitive information. The NRC staff will interact with licensees on a case-by-case basisregarding the use of the provisions of 10 CFR 2.390(d)(1) to assure that information is properlycontrolled, under either Section 2.390(d)(1) or one of the other Freedom of Information Act(FOIA) exemptions that might be applicable. Licensees that identify information to be withheldfrom public disclosure in accordance with 10 CFR 2.390(d)(1) or other provision in theregulation should use the same general practices as used for proprietary commercial orfinancial information. As shown on the attached diagram, the cover letter should clearly statethat the document includes sensitive information and the affected pages should include themarking "Security-Related Information - Withhold Under 10 CFR 2.390." Unlike therequirements for withholding proprietary information, licensees are not required to provide anaffidavit for sensitive information withheld under 10 CFR 2.390(d) and related to (1) physicalprotection or (2) material control and accounting.Most information received and generated by NRC deals with design, operations, or othermatters not directly related to the physical security of nuclear facilities or radioactive materials. This information, if not protected as proprietary or under another exception, is generally madeavailable to the public. After September 11, 2001, NRC and other Government agenciesresponded to concerns that some information easily available on public Web sites or by othermeans might be useful to terrorists. SECY-04-0191 provides the primary NRC guidance onwhether information related to operating nuclear power plants should be withheld from publicdisclosure in light of the post-September 11 concerns. The NRC staff has posted the guidanceand related material within the public reading room (http://www.nrc.gov/reading-rm.html) on theNRC Web site, and stakeholders can ask questions or make suggestions about the guidanceand the examples. As discussed in SECY-04-0191, other Government agencies have issued regulations orguidance for protecting information that could be reasonably expected to be useful to terroristsin planning or executing an attack on critical infrastructure.*Protected critical infrastructure information (PCII) is information related to the security ofcritical infrastructure that is voluntarily provided to the Department of Homeland Security(DHS). *Critical energy infrastructure information (CEII) is defined in Federal Energy RegulatoryCommission (FERC) regulations as information related to energy-related infrastructure (e.g., hydroelectric dams and electric transmission systems).*Sensitive security information (SSI) is defined in Transportation Safety Administration(TSA) and Department of Transportation (DOT) regulations as information about thesecurity of transportation assets, including pipelines.
RIS 2005-26 Page 4 of 5Licensees may need to assess and revise their procedures for handling sensitive unclassifiednonsafeguards information in their normal activities and interactions with parties other thanNRC. During discussions of existing practices with various licensees, the NRC staff discoveredthat licensees vary in how they treat and protect information that was previously unprotected butnow is considered sensitive. Some licensees have instituted more restrictive controls. Somehave determined that their routine business practices provide an appropriate level of protectionfor the sensitive information. As described in 10 CFR 2.390, information deemed sensitive because it relates to physicalprotection or material control and accounting is protected in much the same way as commercialor financial information. As with proprietary information, licensees are expected to havesufficient internal controls to keep the information confidential. Possible methods to prevent theinadvertent release of sensitive unclassified nonsafeguards information include markingdocuments as described in 10 CFR 2.390, restricting access to electronic recordkeepingsystems, and controlling the reproduction, distribution, and destruction of potentially sensitiverecords. NRC uses the marking "Security-Related Information - Withhold Under10 CFR 2.390" and encourages the use of this marking by licensees and others possessinginformation deemed sensitive using the guidance in SECY-04-0191. Licensees should ensurethat similar controls are in place when sensitive information is provided to outside parties suchas contractors or other Government agencies. The NRC staff posted information on NRC'sWeb site (http://www.nrc.gov/reading-rm.html) and included a feedback form for questions orsuggestions on how to effectively control sensitive information. BACKFIT DISCUSSIONThis RIS requires no action or written response. Any action on the part of addressees toassess and revise their document control procedures in accordance with the guidancecontained in this RIS is strictly voluntary and, therefore, is not a backfit under 10 CFR 50.109. Consequently, the NRC staff did not perform a backfit analysis.FEDERAL REGISTER NOTIFICATIONA notice of opportunity for public comment on this RIS was not published in the FederalRegister because it is informational and pertains to a staff position that does not represent adeparture from current regulatory requirements and practice. NRC intends to work with theNuclear Energy Institute, industry representatives, members of the public, and otherstakeholders in modifying related guidance documents.SMALL BUSINESS REGULATORY ENFORCEMENT FAIRNESS ACT OF 1996The NRC has determined that this action is not a rule and thus is not subject to the SmallBusiness Regulatory Enforcement Fairness Act of 1996.
RIS 2005-26 Page 5 of 5PAPERWORK REDUCTION ACT STATEMENTThis RIS does not contain information collections and, therefore, is not subject to therequirements of the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.).CONTACTPlease direct any questions about this matter to the technical contacts listed below or to theappropriate Office of Nuclear Reactor Regulation (NRR) project manager./RA/ By Patrick L. Hiland For/Michael J. Case, DirectorDivision of Inspection and Regional SupportOffice of Nuclear Reactor RegulationTechnical Contacts:William Reckley, NRRMargie Kotzalas, NRR301-415-1323301-415-2737E-mail: wdr@nrc.govE-mail: mxk5@nrc.gov
Attachment:
Marking diagram for documents withheld under 10 CFR 2.390Note: NRC generic communications may be found on the NRC public Web site,http://www.nrc.gov, under Electronic Reading Room/Document Collections.
Security-Related InformationWithhold Under 10 CFR 2.390SubjectXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXAttachment RIS-2005-26 Page 1 of 1SUGGESTED MARKINGSWithhold From Public Disclosure In Accordance With 10 CFR 2.390 Overall page marking on the top of all pagesEnsure Subject Line is non-sensitiveAppropriate ControlsAccess:Need-to-know in order to perform official licensee functions.Storage:Openly within licensee facilities with electronic or other accesscontrols, for example, key cards, guards, alarms.Mail:U.S. Postal Service first class mail, single opaque envelope withno markings to indicate 10 CFR 2.390 contents.Electronic Transmission:Over encrypted phone, facsimile, computer, if available;otherwise over non-encrypted circuits where recipient willbe present to receive the transmission.
RIS 2003-08 Page 1 of 4SUMMARY OF REQUIREMENTSI. AUTHORITYThe Atomic Energy Act of 1954, as amended, 42 U.S.C. §§ 2011 et seq. (Act), grants theNuclear Regulatory Commission broad and unique authority to prohibit the unauthorizeddisclosure of Safeguards Information upon a determination that the unauthorized disclosure of such information could reasonably be expected to have a significant adverse effect on the health and safety of the public or the common defense and security by significantly increasing the likelihood of theft, diversion, or sabotage of materials or facilities subject to NRC jurisdiction.
Section 147 of the Act, 42 U.S.C. § 2167. For licensees and any other person, whether or not a licensee (primarily 10 C.F.R. Part 50reactor licensees, 10 C.F.R. Part 70 licensees for special nuclear material, and their employeesand contractors) subject to the requirements in 10 C.F.R. Part 73, Safeguards Information is defined by NRC regulation as follows:Safeguards Information means information not otherwise classified as NationalSecurity Information or Restricted Data which specifically identifies a licensee's or applicant's detailed, (1) security measures for the physical protection of special nuclear material, or (2) security measures for the physical protection and location of certain plant equipment vital to the safety of production or utilization facilities. 10 C.F.R. § 73.2.Specific requirements for the protection of Safeguards Information are contained in10 C.F.R. § 73.21. Access to Safeguards Information is limited as follows:(c) Access to Safeguards Information. (1) Except as the Commission mayotherwise authorize, no person may have access to Safeguards Information unless the person has an established "need to know" for the information and is: (i) An employee, agent, or contractor of an applicant, a licensee, theCommission, or the United States Government. However, an individual to be authorized access to Safeguards Information by a nuclear power reactor applicant or licensee must undergo a Federal Bureau of Investigation criminal history check to the extent required by 10 CFR 73.57; (ii) A member of a duly authorized committee of the Congress; (iii) The Governor of a State or designated representatives; (iv) A representative of the International Atomic Energy Agency (IAEA) engagedin activities associated with the U.S./IAEA Safeguards Agreement who has beencertified by the NRC; RIS 2003-08 Page 2 of 4 (v) A member of a state or local law enforcement authority that is responsible forresponding to requests for assistance during safeguards emergencies; or(vi) An individual to whom disclosure is ordered pursuant to § 2.744(e) of thischapter [10 CFR 2.744(e)]. (2) Except as the Commission may otherwise authorize, no person may discloseSafeguards Information to any other person except as set forth in paragraph (c)(1) of this section. 10 C.F.R. § 73.21(c).The "need to know" requirement is specified by NRC regulation as follows:Need to know means a determination by a person having responsibility forprotecting Safeguards Information that a proposed recipient's access toSafeguards Information is necessary in the performance of official, contractual, or licensee duties of employment.10 C.F.R. § 73.2.Thus, unless otherwise authorized by the Commission, NRC regulations limit access toSafeguards Information to certain specified individuals who have been determined to have a
"need to know," i.e., specified individuals whose access has been determined to be necessary in the performance of official, contractual or licensee duties of employment. Furthermore, except as otherwise authorized by the Commission, no person may discloseSafeguards Information to any other person unless that other person is one of the specified persons listed in 10 C.F.R. § 73.21(c)(1) and that person also has a "need to know."
10 C.F.R. § 73.21(c)(2). These regulations and prohibitions on unauthorized disclosure of Safeguards Information are applicable to all licensees and all individuals:This part [10 C.F.R. Part 73] prescribes requirements for the protection of Safeguards Information in the hands of any person, whether or not a licensee of the Commission, who produces, receives, or acquires Safeguards Information.10 C.F.R. § 73.1(b)(7).The Commission's statutory authority to protect and prohibit the unauthorized disclosure ofSafeguards Information is even broader than is reflected in these regulations. Section 147 of the Act grants the Commission explicit authority to "issue such orders, as necessary to prohibit the unauthorized disclosure of safeguards information . . . ." This authority extends to information concerning special nuclear material, source material, and byproduct material, as well as production and utilization facilities.
RIS 2003-08 Page 3 of 4The Act explicitly provides: "Any person, whether or not a licensee of the Commission, who violates any regulations adopted under this section shall be subject to the civil monetary penalties of Section 234 of this Act." Section 147a of the Act. Section 234a of the Actprovides for a civil monetary penalty not to exceed $120,000 for each violation. See10 C.F.R. § 2.205(j) (2003). Furthermore, a willful violation of any regulation or order governingSafeguards Information is a felony subject to criminal penalties in the form of fines or imprisonment, or both. See Sections 147b and 223a of the Act. The NRC Enforcement Policy outlines potential NRC actions against both licensees andindividuals for violations of the regulations and Orders using criteria that evaluate both the details and severity of the violation. II. DISCUSSIONAll licensees and all other persons who now have, or in the future may have, access to Safeguards Information must comply with all applicable requirements delineated in regulations and Orders governing the handling and unauthorized disclosure of Safeguards Information. As stipulated in 10 C.F.R. § 73.21(a), licensees and persons who produce, receive or acquire Safeguards Information are required to ensure that Safeguards Information is protected against unauthorized disclosure. To meet this requirement, licensees and persons subject to 10 C.F.R. § 73.21(a) shall establish and maintain an information protection system governing the proper handling and unauthorized disclosure of Safeguards Information. All licensees should be aware that since the requirements of 10 C.F.R. § 73.21(a) apply to all persons who receive Safeguards Information, they apply to all contractors whose employees may haveaccess to Safeguards Information and they must either adhere to the licensee's policies andprocedures on Safeguards Information or develop, maintain and implement their own information protection system, but the licensees remain responsible for the conduct of their contractors. The elements of the required information protection system are specified in 10 C.F.R. § 73.21(b) through (i). The information protection system must address, at a minimum, the following: the general performance requirement that each person who produces, receives, or acquires Safeguards Information shall ensure that Safeguards Information is protected against unauthorized disclosure; protection of Safeguards Information at fixed sites, in use and in storage, and while in transit; inspections, audits and evaluations; correspondence containing Safeguards Information; access to Safeguards Information; preparation, marking, reproduction and destruction of documents; external transmission of documents; use of automatic data processing systems; and removal of the Safeguards Information category.As noted above, in addition to the responsibility of each licensee to ensure that all of itsemployees, contractors and subcontractors, and their employees comply with applicable requirements, all contractors, subcontractors, and individual employees also are individually responsible for complying with applicable requirements and all are subject to civil and criminal sanctions for failures to comply. The NRC considers that violations of the requirements applicable to the handling of Safeguards Information are a serious breach of adequate protection of the public health and safety and the common defense and security of the United States.
RIS 2003-08 Page 4 of 4As a result, the staff intends to use the NRC Enforcement Policy, including the discretion to increase penalties for violations, to determine appropriate sanctions against licensees and individuals who violate these requirements. In addition, the Commission may use its discretion,based on the severity of the violation, to further increase the penalty for any violation up to thestatutory maximum. Willful violations of these requirements will also be referred to the Department of Justice for a determination of whether criminal penalties will be pursued.