Director of Central Intelligence Directive 6/4, Annex D and E

DCID 6/4 ANNEX D: Appeals Procedures -- Denial or Revocation of Access

1. Policy.

This annex establishes common appeals procedures for the denial or revocation of access to sensitive compartmented information (SCI) by entities of the Intelligence Community after adjudication pursuant to the provisions of DCID 6/4. This annex is promulgated pursuant to Executive Order 12333, Executive Order 12968, and the National Security Act of 1947, as amended. For the purposes of this annex, all references to DCID 6/4 include the basic document and all of its annexes. Any individual who has been considered for initial or continued access to SCI pursuant to the provisions of DCID 6/4 shall, to the extent provided below, be afforded an opportunity to appeal the denial or revocation of such access. This annex supersedes any and all other practices and procedures for the appeal of the denial or revocation of SCI access. This annex will not be construed to require the disclosure of classified information or information concerning intelligence sources and methods, nor will it be construed to afford an opportunity to appeal before the actual denial or revocation of SCI access. In addition, the provisions of DCID 6/4, or any other document or provision of law, will not be construed to create a liberty or property interest of any kind in the access of any individual to SCI.

2. Applicability.

This annex applies to all US Government civilian and military personnel, as well as any other individuals, including contractors and employees of contractors, who are considered for initial or continued access to SCI. This annex does not apply to decisions regarding employment and will not be construed to affect or impair public Law 88-290 or the authority of any entity to effect applicant or personnel actions pursuant to Public Law 88-290, Public Law 86-36, or other applicable law.

3. SCI Access Determination Authority.

Adjudications for access to SCI will be made in accordance with DCID 6/4 by a Determination Authority designated by the Senior Official of the Intelligence Community (SOIC) of each entity. Access to SCI shall be denied or revoked whenever it is determined that a person does not meet the security standards provided for in DCID 6/4. Any doubt about an individual's eligibility for access or continued access to SCI shall be resolved in favor of the national security and access will be denied or revoked.

4. Procedures.

a. Individuals will be:

(1) Provided as comprehensive and detailed a written explanation of the basis for that determination as the national security interests of the United States and other applicable law permit.

(2) Informed in this written explanation of their right to be represented by counsel or other representative at their own expense; to request any documents, records or reports upon which a denial or revocation is based; and, to request the entire investigative file as permitted by the national security and other applicable law.

(3) Provided within 30 days, upon request and to the extent the documents would be provided if requested under the Freedom of Information Act (5 U.S.C. 552) or the Privacy Act (5 U.S.C. 552a), as applicable, any documents, records and reports upon which a denial or revocation is based.

(4) Provided an opportunity to reply in writing within 45 days of receipt of relevant documentation to request a review of the determination.

(5) Provided written notice of and reasons for the results of the review, the identity of the deciding authority in accordance with operational requirements, and written notice of the right to appeal.

(6) Provided an opportunity to appeal in writing to a high level panel, appointed by the SOIC, which shall be comprised of at least three members, two of whom shall be selected from outside the security field. Decisions of the panel shall be in writing, and final, except when the SOIC chooses to exercise the appeal authority personally, based on a recommendation from the panel, and provided to the individual.

(7) Provided an opportunity to appear personally and to present relevant documents, materials and information at some point in the process before an adjudicative or other authority, other than the investigating entity, as determined by the SOIC. A written summary or recording of such appearance shall be made part of the applicant’s or employee’s security record, unless such appearance occurs in the presence of the appeals panel described in subsection a.(6) of this section, in which case the written decision of the panel shall be made part of the applicant's or employee's security record.

b. When a SOIC or their principal deputy personally certifies that a procedure set forth in this section cannot be made available in a particular case without damaging the national security interests of the United States by revealing classified information, the particular procedure shall not be made available. This certification shall be conclusive.

c. Nothing in this annex shall prohibit a SOIC from personally exercising the appeal authority in paragraph a.(6) above based upon recommendations from an appeals panel. In such case, the decision of the SOIC shall be final.

d. A SOIC may determine that the appeal procedures prescribed in this annex cannot be invoked in a manner that is consistent with the national security. In such cases, a SOIC may deny an individual an appeal pursuant to this annex and the authority delegated to the SOIC by the DCI under the National Security Act of 1947, as amended. The SOIC’s determination in this regard shall be conclusive.

e. The DCI or DDCI may take any actions regarding an individual’s SCI access without regard to any of the provisions of this or any other regulation or directive. The DCI or DDCI may consult with the agency head pertaining to any action to be taken regarding an individual's SCI access.

f. This annex does not create nor confer on any person or entity any right to administrative or judicial review of these procedures, their implementation, or decisions or actions rendered thereunder. It also does not create or confer any right, benefit, or privilege, whether substantive or procedural, for access to classified information. Finally, this annex does not create or confer any substantive or procedural right, benefit, or privilege enforceable by any party against the United States or any agency, department, or instrumentality of the executive branch, its officers or employees, for any other person.

ANNEX E: Standards for SCI Security Awareness Programs in the US Intelligence Community

Consistent with controls and procedures set forth in DCID 1/19, "Security Policy for Sensitive Compartmented Information," and its supplement, "DCID 1/19 Security Policy Manual," standards are hereby established for the SCI security education programs designed to enhance the security awareness of the US Government civilian and military personnel and private contractors working in the US Intelligence Community. Compliance with these standards is required for all departments/agencies within the Intelligence Community. Existing security awareness programs will be modified to conform with these standards. Departments/agencies will establish a documented program to ensure that training has been presented to all personnel.

All individuals nominated for or holding SCI access approval will be notified initially and annually thereafter of their responsibility to report to their cognizant security officers any activities or conduct such as described in Annex C that could conflict with their ability to protect classified information from unauthorized disclosure. Any outside employment, activities or conduct that could create real or apparent conflicts with their responsibility to protect classified information must be reported.

The security awareness requirements set forth herein are divided into three phases. Phase 1 concerns the initial indoctrination of individuals, which is normally administered before access to SCI. Phase 2 concerns the continuing security awareness program required to maintain an increased security awareness throughout the period of access. Phase 3 sets forth the final guidelines and instructions when access to SCI is terminated.

1. Initial Indoctrination.

As soon as practicable after being approved for access to SCI, personnel will receive an initial security indoctrination that will include:

a. The need for and purpose of SCI, and the adverse effect on the national security that could result from unauthorized disclosure.

b. The intelligence mission of the department/agency to include the reasons why intelligence information is sensitive.

c. The administrative, personnel, physical, and other procedural security requirements of the department/agency and those requirements peculiar to specific duty assignments, including information on who to consult to determine if particular outside employment or activity might be of concern.

d. Individual classification management responsibilities as set forth in appropriate directives and regulations to include classification/declassification guidelines and marking requirements.

e. The definitions and criminal penalties for espionage, including harboring or concealing persons; gathering, transmitting, or losing defense information; gathering or delivering defense information to aid foreign governments; photographing and sketching defense installations; unauthorized disclosure of classified information (Title 18, U.S.C., Sections 792 through 795, 797, and 798), the Internal Security Act of 1950 (Title 50, U.S.C., Section 783), the Intelligence Identities Protection Act of 1982 (Title 50, U.S.C., Sections 421 through 426) and, when appropriate, the Atomic Energy Act (Sections 224 through 227).

f. The administrative sanctions for violation or disregard for security procedures.

g. A review of the techniques employed by foreign intelligence organizations in attempting to obtain national security information.

h. Individual security responsibilities including:

(1) The prohibition against discussing SCI in a non-secure area, over a non-secure telephone, or in any other manner that permits access by unauthorized persons.

(2) The need to determine, before disseminating SCI, that the prospective recipient has the proper security access approval, that the SCI is needed in order to perform official duties, and that the recipient can properly protect the information.

(3) The need to exercise security in activities as members of professional, commercial, scholarly or advocacy organizations that publish or discuss information on intelligence, defense or foreign affairs.

(4) The continuing obligation to submit for review any planned articles, books, speeches or public statements that contain or purport to contain SCI or information relating to or derived from SCI, as specified by the nondisclosure agreements that are a prerequisite for access to SCI.

(5) Obligation to report travel to or connections with countries with aggressive proactive intelligence capabilities, or contacts with foreign nationals under certain circumstances, or attempts (including blackmail, coercion and harassment) by unauthorized persons to obtain national security information, physical security deficiencies, and loss or possible compromise of SCI material.

(6) Obligation to report to proper authorities all activities or conduct of an individual who has access to SCI which relates to guidelines described in Annex C, such as:

(a) Involvement in activities or sympathetic association with persons which/who unlawfully practice or advocate the overthrow or alteration of the United States Government by unconstitutional means.
(b) Foreign influence concerns/close personal association with foreign nationals.
(c) Foreign citizenship or foreign monetary interests.
(d) Sexual behavior that is criminal or reflects a lack of judgment or discretion.
(e) Unwillingness to comply with rules and regulations or to cooperate with security processing.
(f) Unexplained affluence or excessive indebtedness.
(g) Alcohol abuse.
(h) Illegal or improper drug use/involvement.
(i) Apparent mental or emotional disorder(s).
(j) Criminal conduct.
(k) Noncompliance with security requirements.
(l) Engagement in outside activities which could cause a conflict of interest.
(m) Misuse of information technology systems.

(7) Identification of the elements in the department/agency to which matters of security interest are to be referred.

2. Periodic Awareness Enhancement.

Each department/agency will establish a continuing security awareness program that will provide frequent exposure of personnel to security awareness material. Implementation of a continuing program may include live briefings, audiovisual presentations (e.g., video tapes, films, and slide/tape programs), printed material (e.g., posters, memorandums, pamphlets, fliers), or a combination thereof. It is essential that current information and materials be utilized. Programs should be designed to meet the particular needs of the department/agency.

a. The basic elements for this program will include, but are not limited to, the following:

(1) The foreign intelligence threat (including the threats associated with foreign travel and foreign associations).

(2) The technical threat.

(3) Administrative, personnel, physical, and procedural security.

(4) Individual classification management responsibility.

(5) Criminal penalties and administrative sanctions.

(6) Individual security responsibilities.

(7) A review of other appropriate department/agency requirements.

b. Special security briefings/debriefings should supplement the existing security awareness programs in the following situations:

(1) When an individual is designated as a courier.

(2) When high risk situations are present, specifically:

(a) When an individual travels, officially or unofficially, to or through countries with aggressive/proactive intelligence capabilities or with connection(s) to terrorism or criminal activity, or:

(b) When an individual has, or anticipates contact with a representative(s) of the countries identified above.

(3) When any other situation arises for which the SOIC or designee determines that an increased level of protection is necessary.

3. Debriefing.

When a department/agency has determined that access to SCI is no longer required, final instructions and guidelines will be provided to the individual. At a minimum these shall include:

a. A requirement that the individual read appropriate sections of Titles 18 and 50, U.S.C., and that the intent and criminal sanctions of these laws relative to espionage and unauthorized disclosure be clarified.

b. The continuing obligation, under the prepublication and other provisions of the nondisclosure agreement for SCI, never to divulge; publish; or reveal by writing, word, conduct, or otherwise, to any unauthorized persons any SCI, without the written consent of appropriate department/agency officials.

c. An acknowledgment that the individual will report without delay to the Federal Bureau of Investigation, or the department/agency, any attempt by an unauthorized person to solicit national security information.

d. A declaration that the individual no longer possesses any documents or material containing SCI.

e. A reminder of the risks associated with foreign travel and foreign association.