(a) In establishing a civilian space program, the Congress required NASA to “provide for the widest practicable and appropriate dissemination of information concerning its activities and the results thereof,” and for the withholding from public inspection of that information that is classified to protect the national security.

(b) The Order was promulgated in recognition of the essential requirement for an informed public concerning the activities of its Government, as well as the need to protect certain national security information from unauthorized disclosure. It delegates to NASA certain responsibility for matters pertaining to national security and confers on the Administrator of NASA, or such responsible officers or employees as the Administrator may designate, the authority for original classification of official information or material which requires protection in the interest of national security. It also provides for:

(1) Basic classification, downgrading and declassification guidelines;

(2) The issuance of directives prescribing the procedures to be followed in safeguarding classified information or material;

(3) A monitoring system to ensure the effectiveness of the Order;

(4) Appropriate administrative sanctions against officers and employees of the United States Government who are found to be in violation of the Order or implementing directive; and

(5) Classification limitations and restrictions as discussed in §§ 1203.410 and 1203.411.

(c) The Order requires the timely identification and protection of that NASA information the disclosure of which would be contrary to the best interest of national security. Accordingly, the determination in each case must be based on a judgment as to whether disclosure of information could reasonably be expected to result in damage to the national security.

[44 FR 34913, June 18, 1979, as amended at 48 FR 5889, Feb. 9, 1983; 78 FR 5117, Jan. 24, 2013]

The objectives of the NASA Information Security Program are to:

(a) Ensure that information is classified only when a sound basis exists for such classification and only for such period as is necessary.

(b) Prevent both the unwarranted classification and the overclassification of NASA information.

(c) Ensure the greatest practicable uniformity within NASA in the classification of information.

(d) Ensure effective coordination and reasonable uniformity with other Government departments and agencies, particularly in areas where there is an exchange or sharing of information, techniques, hardware, software, or other technologies.

(e) Provide a timely and effective means for downgrading or declassifying information when the circumstances necessitating the original classification change or no longer exist.

[44 FR 34913, June 18, 1979, as amended at 78 FR 5117, Jan. 24, 2013]

(a) The Chairperson, NASA Information Security Program Committee (NISPC) (Subpart I of this part), who is the Assistant Administrator for Protective Services, or designee, is responsible for:

(1) Directing the NASA Information Security Program (NISP) in accordance with NASA policies and objectives and applicable laws and regulations.

(2) Ensuring effective compliance with and implementation of “the Order” and the Information Security Oversight Office Directive No. 1 relating to security classification matters.

(3) Reviewing, in consultation with the NASA Information Security Program Committee NISPC, questions, suggestions, appeals and compliance concerning the NISP and making determinations concerning them.

(4) Coordinating NASA security classification matters with NASA Centers and component facilities and other Government agencies.

(5) Ensuring Security Classification Guides for NASA are developed for NASA programs and projects.

(6) Developing, maintaining and recommending to the Administrator guidelines for the systematic review covering all classified information under NASA's jurisdiction.

(7) Reviewing and coordinating with appropriate offices all appeals of denials of requests for records under sections 552 and 552a of Title 5, United States Code (Freedom of Information and Privacy Acts) when the denials are based on the records' continued classification.

(8) Recommending to the Administrator appropriate administrative action to correct abuse or violations of any provision of the NISP, including notifications by warning letter, formal reprimand and to the extent permitted by law, suspension without pay and removal.

(b) All NASA employees are responsible for bringing to the attention of the Chairperson of the NISPC any information security problems in need of resolution, any areas of interest wherein information security guidance is lacking, and any other matters likely to impede achievement of the objectives prescribed in this section.

(c) Each NASA official to whom the authority for original classification is delegated shall be accountable for the propriety of each classification (see subpart H) and is responsible for:

(1) Ensuring that classification determinations are consistent with the policy and objectives prescribed above, and other applicable guidelines.

(2) Bringing to the attention of the Chairperson, NISPC, for resolution, any disagreement with classification determinations made by other NASA officials.

(3) Ensuring that information and material which no longer requires its present level of protection is promptly downgraded or declassified in accordance with applicable guidelines within a reasonable period.

(d) Other supervisors of NASA offices are responsible for:

(1) Ensuring that classified information or material prepared within their respective offices is appropriately marked.

(2) Ensuring that material proposed for public release is reviewed to redact classified information contained therein.

(e) Chiefs of Protective Services at NASA Centers are responsible for:

(1) Developing proposed Security Classification Guides and submitting the guide to the Office of Protective Services for review and approval.

(2) Ensuring that classified information or material prepared in their respective Center is appropriately marked.

(3) Ensuring that material proposed for public release is reviewed to redact classified information.

(4) Coordinating all security classification actions with the Center's Protective Services Office.

(f) The Director of the Office of Protective Services, NASA Headquarters, who serves as a member and Executive Secretary of the NISPC, is responsible for the NASA-wide coordination of security classification matters.

(g) The Information Security Program Manager, Office of Protective Services (OPS), is responsible for establishing procedures for the safeguarding of classified information or material (e.g., accountability, control, access, storage, transmission, and marking) and for ensuring that such procedures are systematically reviewed; and those which are duplicative or unnecessary are eliminated.

[44 FR 34913, June 18, 1979, as amended at 45 FR 3888, Jan. 21, 1980; 48 FR 5890, Feb. 9, 1983; 53 FR 41318, Oct. 21, 1988; 64 FR 72535, Dec. 28, 1999; 78 FR 5117, Jan. 24, 2013]

(a) General. Upon determination that information or material must be classified, the degree of protection commensurate with the sensitivity of the information must be determined. If there is reasonable doubt about the need to classify information, it shall be safeguarded as if it were classified pending a determination by an original classification authority, who shall make this determination within 30 days. If there is reasonable doubt about the appropriate level of classification, it shall be safeguarded at the higher level of classification pending a determination by an original classification authority, who shall make this determination within 30 days.

(b) Authorized categories of classification. The three categories of classification, as authorized and defined in “the Order,” are set out below. No other restrictive markings are authorized to be placed on NASA classified documents or materials except as expressly provided by statute or by NASA Directives.

(1) Top Secret. Top Secret is the designation applied to information or material, the unauthorized disclosure of which could reasonably be expected to cause exceptionally grave damage to the national security.

(2) Secret. Secret is the designation applied to information or material, the unauthorized disclosure of which could reasonably be expected to cause serious damage to the national security.

(3) Confidential. Confidential is the designation applied to that information or material for which the unauthorized disclosure could reasonably be expected to cause damage to the national security.

[44 FR 34913, June 18, 1979, as amended at 48 FR 5890, Feb. 9, 1983; 78 FR 5117, Jan. 24, 2013]