79 FR 44095, July 30, 2014, unless otherwise noted.
The purpose of this part is to ensure that information within the Department of Homeland Security (DHS) relating to the national security is classified, safeguarded, and declassified pursuant to the provisions of Executive Order 13526, and implementing directives from the Information Security Oversight Office (ISOO) of the National Archives and Records Administration (NARA).
(a) This part applies to all employees, detailees, and non-contractor personnel inside and outside the Executive Branch who are granted access to classified information by the DHS, in accordance with the standards in Executive Order 13526, and its implementing directives, and Executive Order 13549, “Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities,” and its implementing directives.
(b) This part does not apply to contractors, grantees and other categories of personnel falling under the purview of Executive Order 12829, National Industrial Security Program, as amended, and its implementing directives.
(c) This part is independent of and does not affect any classification procedures or requirements of the Atomic Energy Act of 1954, as amended (42 U.S.C. 2011 et seq.).
(d) This part does not, and is not intended to, create any right to judicial review, or any other right or benefit or trust responsibility, substantive or procedural, enforceable by a party against the United States, its agencies or instrumentalities, its officers or employees, or any other person. This part creates limited rights to administrative review of decisions. This part does not, and is not intended to, create any right to judicial review of administrative action.
The terms defined or used in Executive Order 13526, and the implementing directives in 32 CFR part 2001 and 2004 are applicable to this part.
(a) The DHS Chief Security Officer (hereafter “Chief Security Officer”) is designated as the Senior Agency Official as required by section 5.4(d) of Executive Order 13526, and, except as specifically provided elsewhere in this part, is authorized to administer the DHS Classified National Security Information program pursuant to Executive Order 13526.
(b) To the extent that 32 CFR part 2001 refers to the agency head or “designee,” the Chief Security Officer is such designee unless determined otherwise by the Secretary. The Chief Security Officer may further delegate the associated authorities.
(c) The Chief Security Officer shall, among other actions:
(1) Oversee and administer the DHS's program established under Executive Order 13526;
(2) Promulgate implementing regulations;
(3) Establish and maintain DHS-wide security education and training programs, to include implementation and management of mandatory training for DHS officials who have been delegated original classification authority and those who perform derivative classification actions and suspension of such authority for failure to attend such training;
(4) Establish and maintain an ongoing self-inspection program that shall include regularly reviewing representative samples of DHS's original and derivative classification actions, correcting instances of misclassification, and reporting annually to the Director of ISOO on the DHS self-inspection program;
(5) Establish procedures to prevent unnecessary access to classified information, including procedures that:
(i) Require that a need for access to classified information is established before initiating administrative procedures to grant access; and
(ii) Ensure that the number of persons granted access to classified information is limited to the minimum necessary for operational and security requirements and needs;
(6) Develop special contingency plans for the safeguarding of classified information used in or near hostile or potentially hostile areas;
(7) Coordinate with the DHS Chief Human Capital Officer, as appropriate, to ensure that the performance contract or other system used to rate personnel performance includes the management of classified information as a critical element or item to be evaluated in the rating of:
(i) Original classification authorities;
(ii) Security managers or security specialists; and
(iii) All other personnel whose duties significantly involve the creation or handling of classified information, including persons who apply derivative classification markings;
(8) Account for the costs associated with implementing this part and report the cost to the Director of ISOO;
(9) Assign in a prompt manner personnel to respond to any request, appeal, challenge, complaint, or suggestion concerning Executive Order 13526, that pertains to classified information that originated in a DHS component that no longer exists and for which there is no clear successor in function;
(10) Establish a secure capability to receive information, allegations, or complaints regarding over-classification or incorrect classification and to provide a ready source for guidance on proper classification;
(11) Report violations, take corrective measures and assess appropriate sanctions as warranted, in accordance with Executive Order 13526;
(12) Oversee DHS creation and participation in special access programs authorized under Executive Order 13526;
(13) Direct and administer DHS's personnel security program in accordance with Executive Order 12968 and other applicable law;
(14) Direct and administer DHS implementation and compliance with the National Industrial Security Program in accordance with Executive Order 12829 and other applicable guidance; and
(15) Perform any other duties as the Secretary may designate.
(d) The Chief Security Officer shall maintain a current list of all officials authorized pursuant to this part to originally classify or declassify documents.
(e) The Chief Security Officer shall establish and maintain a means for appointing, tracking, and training DHS officials who do or will perform original and derivative classification actions.
(f) The Chief Security Officer shall administer a program for the implementation, management, and oversight of access to and safeguarding of classified information provided to state, local, tribal, and private sector personnel pursuant to Executive Order 13549, “Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities,” and its implementing directives.
(g) Nothing in this part will be interpreted to abrogate or affect the responsibilities of the Director of National Intelligence under the National Security Act of 1947, Public Law 235 (1947), as amended, and E.O. 12333, United States Intelligence Activities (1981), as amended, or any responsibilities of the Under Secretary for Intelligence and Analysis conferred by presidential or intelligence community directive implicating those authorities, insofar as those authorities concern classified sources, methods, and activities, classified national intelligence, or sensitive compartmented information and are executed consistent with delegations or designations of authority issued pursuant to the statutory authority of the Secretary.
Each DHS component shall appoint a security officer or security liaison to implement this part. The security officer/security liaison shall:
(a) Implement, observe, and enforce security regulations or procedures within their component with respect to the classification, declassification, safeguarding, handling, and storage of classified national security information;
(b) Report violations of the provisions of this part to the Chief Security Officer committed by employees of their component, as required by implementing directives;
(c) Ensure that employees of their component attend mandatory security education and training, as required by the DHS classified information security procedures, to include those component officials delegated the authority to classify information originally and those who perform derivative classification actions;
(d) Continuously review the requirements for personnel access to classified information as a part of the continuous need-to-know evaluation, and initiate action to administratively withdraw or reduce the level of access authorized, as appropriate; and
(e) Cooperate fully with any request from the Chief Security Officer for assistance in the implementation of this part.
(a) Any person who suspects or has knowledge of a violation of this part, including the known or suspected loss or compromise of classified information, shall promptly report such violations or possible violations, pursuant to requirements set forth in DHS directives.
(b) DHS employees and detailees may be reprimanded, suspended without pay, terminated from classification authority, suspended from or denied access to classified information, or subject to other sanctions in accordance with applicable law and DHS regulations or directives if they:
(1) Knowingly, willfully, or negligently disclose to unauthorized persons information properly classified under Executive Order 13526, or its predecessor orders;
(2) Knowingly, willfully, or negligently classify or continue the classification of information in violation of Executive Order 13526, or its implementing directives; or
(3) Knowingly, willfully, or negligently create or continue a special access program contrary to the requirements of Executive Order 13526; or,
(4) Knowingly, willfully, or negligently violate any other provision of Executive Order 13526, or DHS implementing directives, or;
(5) Knowingly, willfully, or negligently grant eligibility for, or allow access to, classified information in violation of Executive Order 13526, or its implementing directives, this part, or DHS implementing directives promulgated by the Chief Security Officer.
(a) Any DHS official or organization, except for the Office of Inspector General in matters involving the Office of Inspector General only, receiving an order or subpoena from a federal or state court, or an administrative subpoena from a federal agency, to produce classified information (see 6 CFR 5.41 through 5.49), required to submit classified information for official DHS litigation purposes, or receiving classified information from another organization for production of such in litigation, shall notify the Office of the General Counsel, unless the demand for production is made by the Office of the General Counsel, and immediately determine from the agency originating the classified information whether the information can be declassified. If declassification is not possible, DHS representatives will take appropriate action to protect such information, pursuant to the provisions of this section.
(b) If a determination is made under paragraph (a) of this section to produce classified information in a judicial proceeding in any manner, the DHS General Counsel attorney, or the Office of Inspector General attorney, if the matter involves the Office of Inspector General only, in conjunction with the Department of Justice, shall take appropriate steps to protect classified information in judicial proceedings and retrieve the information when the information is no longer required in such judicial proceedings, in accordance with the Department of Justice procedures, and in Federal criminal cases, pursuant to the requirements of Classified Information Procedures Act (CIPA), Public Law 96-456, 94 Stat. 2025, (18 U.S.C. App.), and the “Security Procedures Established Pursuant to Public Law 96-456, 94 Stat. 2025, by the Chief Justice of the United States for the Protection of Classified Information,” and other applicable authorities.
(a) Top Secret original classification authority may only be exercised by the Secretary and by officials with a demonstrable and continuing need to exercise such authority and to whom such authority is delegated in writing by the Secretary. The Chief Security Officer, as the Senior Agency Official, is delegated authority to originally classify information up to and including Top Secret. No official who is delegated Top Secret original classification authority by the Secretary may further delegate such authority.
(b) The Chief Security Officer may delegate Secret and Confidential original classification authority to other officials with a demonstrable and continuing need to exercise such authority. No official who is delegated original classification authority by the Secretary or the Chief Security Officer may further delegate such authority.
(c) Persons who are delegated original classification authority shall attend mandatory classification training within 60 days of the delegation, and annually thereafter. Persons who fail to attend mandatory training shall have such authority suspended until such time as the training occurs.
(1) Except for suspensions of the Inspector General's classification authority, the Chief Security Officer may waive a suspension of authority for no longer than 60 days following the due date of the training when unavoidable circumstances exist that prevent the person from attending the training.
(2) For cases involving suspension of the Inspector General's classification authority under paragraph (c) of this section, only the Secretary or Deputy Secretary may waive such a suspension.
(d) Officials authorized to classify information at a specified level are also authorized to classify information at a lower level. In the absence of an official authorized to exercise classification authority, the person designated to act in lieu of such official may exercise the official's classification authority.
(e) Declassification authority may be exercised by the official who authorized the original classification, if that official is still serving in the same position and has original classification authority; the originator's current successor in function, if that individual has original classification authority; a supervisory official of either the originator or his or her successor in function, if the supervisory official has original classification authority; or officials delegated declassification authority by the Secretary or the Chief Security Officer.
(a) Information may be originally classified only if all of the following standards are met:
(1) An original classification authority is classifying the information;
(2) The information is owned by, produced by or for, or is under the control of the United States Government;
(3) The information falls within one or more of the categories of information specified in section 1.4 of Executive Order 13526; and
(4) The original classification authority determines that the unauthorized disclosure of the information reasonably could be expected to cause identifiable and describable damage to the national security.
(b) Information shall be classified as Top Secret, Secret, or Confidential in accordance with and in compliance with the standards and criteria in Executive Order 13526. No other terms shall be used to identify United States classified information except as otherwise provided by statute.
(c) If there is significant doubt about the need to classify information it shall not be classified. If classification is warranted but there is significant doubt about the appropriate level of classification it shall be classified at the lower level.
(d) Original classification decisions made by a DHS original classification authority shall be incorporated into a security classification guide in a timely manner but no later than one year from the date of the original decision. Such decisions shall be reported to the Office of the Chief Security Officer, Administrative Security Division, within thirty days following the original classification decision.
(e) All DHS security classification guides shall be coordinated through and receive the concurrence of the Office of the Chief Security Officer, Administrative Security Division, prior to approval and publication by an original classification authority.
(f) Information shall not be classified in order to:
(1) Conceal inefficiency, violations of law, or administrative error;
(2) Prevent embarrassment to a person, organization, or agency;
(3) Restrain competition;
(4) Prevent or delay release of information that does not require protection in the interest of national security.
(g) Information may not be reclassified after it has been declassified and released to the public under proper authority unless:
(1) The reclassification is approved in writing by the Secretary based on a document-by-document determination that the reclassification of the information is required to prevent significant and demonstrable damage to the national security;
(2) The reclassification of the information meets the standards and criteria for classification pursuant to Executive Order 13526;
(3) The information may be reasonably recovered without bringing undue attention to the information; and
(4) The reclassification action is reported promptly to the Assistant to the President for National Security Affairs (National Security Advisor) and the Director of ISOO.
(5) For documents in the physical and legal custody of the National Archives and Records Administration that have previously been made available for public use and determined to warrant reclassification per paragraphs (g)(1) through (4) of this section, the Secretary shall notify the Archivist of the United States, who shall suspend public access pending approval by the Director of ISOO. Any such decision made by the Director of ISOO may be appealed by the Secretary to the President through the National Security Advisor.
(h) Information that has not previously been disclosed to the public under proper authority may be classified or reclassified after DHS has received a request for it under the Freedom of Information Act (5 U.S.C. 552), the Presidential Records Act, 44 U.S.C. 2204(c)(1), the Privacy Act of 1974 (5 U.S.C. 552a), or the mandatory review provisions of Executive Order 13526, section 3.5. When it is necessary to classify or reclassify such information, it shall be done so on a document-by-document basis with the personal participation of and under the direction of the Secretary or Deputy Secretary.
(a) Whenever persons who do not have original classification authority originate or develop information that they believe requires immediate classification and safeguarding, and no authorized original classifier is available, that person shall:
(1) Safeguard the information in a manner appropriate for the classification level they believe it to be;
(2) Apply the appropriate overall classification markings; and
(3) Within five working days, securely transmit the information to the organization that has appropriate subject matter interest and original classification authority.
(b) When it is not clear which component would be the appropriate original classifier, the information shall be sent to the Office of the Chief Security Officer, Administrative Security Division, to determine the appropriate organization.
(c) The applicable original classification authority shall decide within 30 days of receipt whether the information warrants classification pursuant to Executive Order 13526 and shall render such decision in writing.
(a) The DHS Undersecretary for Management has delegated to certain DHS employees the authority to disclose classified information to an individual or individuals not otherwise eligible for access in emergency situations when there is an imminent threat to life or in defense of the homeland.
(b) In exercising this authority, the delegees shall adhere to the following conditions:
(1) Limit the amount of classified information disclosed to a minimum to achieve the intended purpose;
(2) Limit the number of individuals who receive it to only those persons with a specific need-to-know;
(3) Transmit the classified information through approved communication channels by the most secure and expeditious method possible, or by other means deemed necessary in exigent circumstances;
(4) Provide instructions about what specific information is classified and how it should be safeguarded. Physical custody of classified information must remain with an authorized Federal Government entity, in all but the most extraordinary circumstances as determined by the delegated official;
(5) Provide appropriate briefings to the recipients on their responsibilities not to disclose the information and obtain from the recipients a signed DHS Emergency Release of Classified Information Non-disclosure Form. In emergency situations requiring immediate verbal release of information, the signed nondisclosure agreement memorializing the briefing may be received after the emergency abates;
(6) Within 72 hours of the disclosure of classified information, or the earliest opportunity that the emergency permits, but no later than 7 days after the release, the disclosing authority must notify the DHS Office of the Chief Security Officer, Administrative Security Division, and the originating agency of the information disclosed. A copy of the signed nondisclosure agreements should be forwarded with the notification, or as soon thereafter as practical.
(7) Release of information pursuant to this authority does not constitute declassification of the information.
(8) Authority to disclose classified information under the above conditions may not be further delegated.
(a) At the time of original classification, original classification authorities shall apply a date or event in which the information will be automatically declassified.
(b) The original classification authority shall attempt to establish a specific date or event that is not more than 10 years from the date of origination in which the information will be automatically declassified. If the original classification authority cannot determine an earlier specific date or event it shall be marked for automatic declassification 10 years from the date of origination.
(c) If the original classification authority determines that the sensitivity of the information requires classification beyond 10 years, it may be marked for automatic declassification for up to 25 years from the date of the original classification decision.
(d) Original classification authorities do not have the authority to classify or retain the classification of information beyond 25 years from the date of origination. The only exceptions to this rule are information that would clearly and demonstrably be expected to reveal the identity of a confidential human source or human intelligence source, or, key design concepts of weapons of mass destruction. In these instances, the information shall be marked for declassification based on implementing directives issued pursuant to Executive Order 13526. In all other instances, classification beyond 25 years shall only be authorized in accordance with § 7.28 and Executive Order 13526.
(a) Classified information, in all forms, must be marked in a manner that is immediately apparent pursuant to the standards set forth in section 1.6 of Executive Order 13526; 32 CFR part 2001, subpart B; and internal DHS guidance approved and distributed by the Office of the Chief Security Officer.
(b) Foreign government information shall retain its original classification markings or be assigned a U.S. classification that provides a degree of protection at least equivalent to that required by the entity that furnished the information.
(c) Information assigned a level of classification under predecessor Executive Orders shall remain classified at that level of classification, except as otherwise provided herein, i.e., the information is reclassified or declassified.
(a) Derivative classification is defined as the incorporating, paraphrasing, restating, or generating in a new form information that is already classified, and marking the newly developed material consistent with the classification markings that apply to the source information. Information is also derivatively classified when classification is based on instructions provided in a security classification guide.
(b) Persons need not possess original classification authority to derivatively classify information based on source documents or classification guides.
(c) Persons who perform derivative classification actions shall be designated as authorized derivative classifiers as specified in directives published by the Office of the Chief Security Officer.
(d) Persons who are designated as authorized derivative classifiers shall attend mandatory classification training before performing derivative classification actions, and once every two years thereafter. Persons who fail to attend mandatory training shall have such authority suspended until such time as the training occurs.
(1) Except for suspensions of the Office of Inspector General's classification authority, the Chief Security Officer may waive the suspension of authority for no longer than 60 days following the due date of the training when unavoidable circumstances exist that prevent the person from attending the training.
(2) For cases involving suspension of the Office of Inspector General's classification authority under paragraph (d) of this section, only the Secretary or Deputy Secretary may waive such a suspension.
(e) Persons who apply derivative classification markings shall observe original classification decisions and carry forward to any newly created documents the pertinent classification markings.
(f) Information classified derivatively from other classified information shall be classified and marked in accordance with the standards set forth in sections 2.1 and 2.2 of Executive Order 13526, 32 CFR part 2001, and internal DHS guidance provided by the Office of the Chief Security Officer.
(a) Classified information shall be declassified as soon as it no longer meets the standards for classification. Declassification and downgrading is governed by part 3 of Executive Order 13526, implementing ISOO directives at 32 CFR part 2001, subpart C, and applicable internal DHS direction provided by the Office of the Chief Security Officer.
(b) Information shall be declassified or downgraded by the official who authorized the original classification if that official is still serving in the same position and has original classification authority, the originator's successor if that position has original classification authority, or a supervisory official of either if that position has original classification authority, or, by officials delegated such authority in writing by the Secretary or the Chief Security Officer, or, pursuant to section 3.1.(e) of Executive Order 13526, the Director of the Information Security Oversight Office.
(c) It is presumed that information that continues to meet the classification requirements under Executive Order 13526 requires continued protection. In some exceptional cases during declassification reviews, the need to protect classified information may be outweighed by the public interest in disclosure of the information, and in these cases the information should be declassified. If it appears that the public interest in disclosure of the information may outweigh the need to protect the information, the declassification reviewing official shall refer the information with a recommendation for decision to the Chief Security Officer. The Chief Security Officer shall review the information and after consulting with the applicable original classification authority and other components and agencies with equities, make a recommendation to the Secretary on whether the public interest in disclosure outweighs the damage to national security that might reasonably be expected from disclosure. The Secretary shall decide whether to declassify the information. The decision of the Secretary shall be final. This provision does not amplify or modify the substantive criteria or procedures for classification or create any substantive or procedural rights subject to judicial review.
(d) Each component shall develop schedules for declassification of records in the National Archives.
(a) Subject to paragraph (b) of this section and paragraphs 3.3(b)-(d) and (g)-(j) of Executive Order 13526, all classified information contained in records that are more than 25 years old that have been determined to have permanent historical value shall be declassified automatically on December 31st of the year that is 25 years from the date of origin.
(b) At least one year before information is declassified automatically under this section, the Chief Security Officer shall notify the ISOO of any specific information that DHS proposes to exempt from automatic declassification. The notification shall include:
(1) A description of the information;
(2) An explanation of why the information is exempt from automatic declassification and must remain classified for a longer period of time; and
(3) A specific date or event for declassification of the information whenever the information exempted does not identify a confidential human source or human intelligence source, or, key design concepts of weapons of mass destruction.
(c) Proposed exemptions under this section shall be forwarded to the Chief Security Officer. When the Chief Security Officer determines the exemption request is consistent with this section, he or she will submit the exemption request to the Executive Secretary of the Interagency Security Classification Appeals Panel (ISCAP) for approval.
(d) Declassification guides that narrowly and precisely define exempted information may be used to exempt information from automatic declassification. Declassification guides must include the exemption notification information detailed in paragraph (b) of this section, and be approved pursuant to paragraph (c) of this section. The creation of declassification guides to cite proposed or ISCAP-approved DHS exemptions shall be coordinated through and processed by the Office of the Chief Security Officer, Administrative Security Division.
(a) The Chief Security Officer and applicable components will support the NARA, National Declassification Center (NDC), which was established to streamline declassification processes, facilitate quality-assurance measures, and implement standardized training regarding the declassification of records determined to have permanent historical value. The Chief Security Officer will assign DHS personnel on an as-needed basis to address declassification matters and priorities containing DHS equities.
(b) The Office of the Chief Security Officer shall provide the NDC with all DHS classification and declassification guides that include ISCAP-approved exemptions from automatic declassification.
(c) The Chief Security Officer, or his designee, shall oversee DHS-wide support to the NDC, including representing DHS in consultations with the NDC Director.
The original classification authority, to the greatest extent possible, shall declassify classified information contained in records determined to have permanent historical value under 44 U.S.C. 2107 before they are accessioned into the National Archives.
(a) Authorized holders of information classified by DHS or any other agency who, in good faith, believe that specific information is improperly or unnecessarily classified are encouraged and expected to challenge the classification status of that information pursuant to section 1.8 of Executive Order 13526. Authorized holders may submit classification challenges in writing to the original classification authority with jurisdiction over the information in question. If an original classification authority cannot be determined, the challenge shall be submitted to the Office of the Chief Security Officer, Administrative Security Division. The challenge need not be more specific than a question as to why the information is or is not classified, or is classified at a certain level.
(b) If anonymity of the challenger is requested, the challenger may submit the challenge to the Office of the Chief Security Officer, Administrative Security Division. The Administrative Security Division will act as an agent for the challenger and the identity of the challenger will be redacted.
(c) The original classification authority shall no later than 60 days from receipt of the challenge, provide a written response to the submitter. The original classification authority may classify or declassify the information subject to the challenge and, if applicable, state specific reasons why the original classification determination was proper. If the original classification authority is not able to respond within 60 days, he or she shall inform the individual who filed the challenge in writing of that fact, and the anticipated determination date.
(d) The individual challenging the classification will be notified of the determination made by the original classification authority and that the individual may appeal this determination to the Chief Security Officer, or in cases involving appeals by Office of Inspector General employees, the Secretary or Deputy Secretary. Upon receipt of such appeals, the Chief Security Officer, or in cases involving appeals by Office of Inspector General employees, the Secretary or Deputy Secretary, shall convene a DHS Classification Appeals Panel (DHS/CAP). The DHS/CAP shall, at a minimum, consist of representatives from the Office of the Chief Security Officer, the Office of General Counsel, and a representative from the component having jurisdiction over the information. Additional members may be added as determined by the Chief Security Officer. The DHS/CAP shall be chaired by the Chief Security Officer.
(e) If the requester files an appeal through the DHS/CAP, and the appeal is denied, the requester shall be notified of the right to appeal the denial to the Interagency Security Classification Appeals Panel (ISCAP) pursuant to section 5.3 of Executive Order 13526, and the rules issued by the ISCAP pursuant to section 5.3 of Executive Order 13526.
(f) Any individual who challenges a classification and believes that any action has been taken against him or her in retaliation or retribution because of that challenge may report the facts to the Office of Inspector General via its Hotline or Web site, or other appropriate office.
(g) Nothing in this section shall prohibit a person from informally challenging the classified status of information directly to the original classification authority.
(h) Classification challenge provisions are not applicable to documents required to be submitted for prepublication review or other administrative process pursuant to an approved non-disclosure agreement.
(i) Requests for review of classified material for declassification by persons other than authorized holders are governed by § 7.32.
(a) Any individual, as “individual” is defined by 5 U.S.C. 552a(a)(2) (with the exception of a foreign government entity or any representative thereof), may request that classified information be reviewed for declassification pursuant to the mandatory declassification review provisions of section 3.5 of Executive Order 13526. Such requests must be sent to the Departmental Disclosure Officer, Privacy Office, 245 Murray Lane SW., Building 410, Washington, DC 20528.
(b) The request must describe the document or material with enough specificity to allow it to be located by the component with a reasonable amount of effort. Components will generally consider deficient any requests for declassification review of, for instance, broad categories of information, entire file series of records, or similar non-specific requests.
(1) When the description of the information in the request is deficient, the component shall solicit as much additional identifying information as possible from the requester.
(2) If the information or material requested cannot be obtained with a reasonable amount of effort, the component shall provide the requester, through the DHS Disclosure Officer, with written notification of the reasons why no action will be taken and of the requester's right to appeal.
(c) Requests for review of information that has been subjected to a declassification review request within the preceding two years shall not be processed. The DHS Disclosure Officer will notify the requester of such denial.
(d) Mandatory Declassification Review provisions are not applicable to documents required to be submitted for prepublication review or other administrative process pursuant to an approved non-disclosure agreement.
(e) Requests for information exempted from search or review under sections 701, 702, or 703 of the National Security Act of 1947, as added and amended (50 U.S.C. 431-433), or other provisions of law, shall not be processed. The DHS Disclosure Officer will notify the requester of such denial.
(f) If documents or material being reviewed for declassification under this section contain information that has been originally classified by another government agency, the reviewing authority shall notify the DHS Disclosure Officer. Unless the association of that organization with the requested information is itself classified, the DHS Disclosure Officer will then notify the requester of the referral.
(g) A DHS component may refuse to confirm or deny the existence, or non-existence, of requested information when its existence or non-existence, is properly classified.
(h) DHS components shall make a final determination on the request as soon as practicable but within one year from receipt. When information cannot be declassified in its entirety, components shall make reasonable efforts to redact those portions that still meet the standards for classification and release those declassified portions of the requested information that constitute a coherent segment.
(i) DHS components shall notify the DHS Disclosure Officer of the determination made in the processing of a mandatory review request. Such notification shall include the number of pages declassified in full; the number of pages declassified in part; and the number of pages where declassification was denied.
(j) The DHS Disclosure Officer shall maintain a record of all mandatory review actions for reporting in accordance with applicable Federal requirements.
(k) The mandatory declassification review system shall provide for administrative appeal in cases where the review results in the information remaining classified. The requester shall be notified of the results of the review and of the right to appeal the denial of declassification. To address such appeals, the DHS Disclosure Office shall convene a DHS Classification Appeals Panel (DHS/CAP). The DHS/CAP shall, at a minimum, consist of representatives from the Disclosure Office, the Office of the Chief Security Officer, the Office of General Counsel, and a representative from the component having jurisdiction over the information. Additional members may be added as determined by the DHS Disclosure Officer. The DHS/CAP shall be chaired by the DHS Disclosure Officer.
(l) If the requester files an appeal through the DHS/CAP, and the appeal is denied, the requester shall be notified of the right to appeal the denial to the ISCAP pursuant to section 5.3 of Executive Order 13526, and the rules issued by the ISCAP pursuant to section 5.3 of Executive Order 13526.