Download the Code of Federal Regulations in XML.
The Electronic Code of Federal Regulations (e-CFR) is a regularly updated, unofficial editorial compilation of CFR material and Federal Register amendments produced by the National Archives and Records Administration's Office of the Federal Register (OFR) and the Government Printing Office.
Parallel Table of Authorities and Rules for the Code of Federal Regulations and the United States Code
Text | PDF
Find, review, and submit comments on Federal rules that are open for comment and published in the Federal Register using Regulations.gov.
Purchase individual CFR titles from the U.S. Government Online Bookstore.
Find issues of the CFR (including issues prior to 1996) at a local Federal depository library.
Electronic Code of Federal Regulations
Title 32: National Defense
PART 291—DEFENSE NUCLEAR AGENCY (DNA) FREEDOM OF INFORMATION ACT PROGRAM
§291.7 Administrative instruction.
§291.9 For official use only (FOUO).
Appendix A to Part 291—Freedom of Information Act Request (DNA Form 524)
Authority: 5 U.S.C. 552.
Source: 56 FR 9842, Mar. 8, 1991, unless otherwise noted.
This part establishes policies and procedures for the DNA FOIA program.
This part applies to Headquarters, Defense Nuclear Agency (HQ, DNA), Field Command, Defense Nuclear Agency (FCDNA), and the Armed Forces Radiobiology Research Institute (AFRRI).
(a) FOIA Request. A written request for DNA records made by any person, including a member of the public (U.S. or foreign citizen), an organization, or a business, but not including a Federal agency or a fugitive from the law that either explicitly or implicitly invokes the FOIA (5 U.S.C. 552), 32 CFR part 285, 286, or this part.
(b) Agency record. (1) The products of data compilation, such as all books, papers, maps, and photographs, machine readable materials or other documentary materials, regardless of physical form or characteristics, made or received by an agency of the United States Government under Federal law in connection with the transaction of public business and in DNA's possession and control at the time the FOIA request is made.
(2) The following are not included within the definition of the word record:
(i) Objects or articles, such as structures, furniture, vehicles and equipment, whatever their historical value, or value as evidence.
(ii) Administrative tools by which records are created, stored, and retrieved, if not created or used as sources of information about organizations, policies, functions, decisions, or procedures of a DNA organization. Normally, computer software, including source code, object code, and listings of source and object codes, regardless of medium are not agency records. (This does not include the underlying data which is processed and produced by such software and which may in some instances be stored with the software.) Exceptions to this position are outlined in paragraph (b)(3) of this section.
(iii) Anything that is not a tangible or documentary record, such as an individual's memory or oral communication.
(iv) Personal records of an individual not subject to agency creation or retention requirements, created and maintained primarily for the convenience of an agency employee, and not distributed to other agency employees for their official use.
(v) Information stored within a computer for which there is no existing computer program for retrieval of the requested information.
(3) In some instances, computer software may have to be treated as an agency record and processed under the FOIA. These situations are rare, and shall be treated on a case-by-case basis. Examples of when computer software may have to be treated as an agency record are:
(i) When the data is embedded within the software and cannot be extracted without the software. In this situation, both the data and the software must be reviewed for release or denial under the FOIA.
(ii) Where the software itself reveals information about organizations, policies, functions, decisions, or procedures of a DNA office, such as computer models used to forecast budget outlays, calculate retirement system costs, or optimization models on travel costs.
(iii) Refer to §291.8(b) exemptions 2, 4 and 5 for guidance on release determinations of computer software.
(4) If unaltered publications and processed documents, such as regulations, manuals, maps, charts, and related geophysical materials are available to the public through an established distribution system with or without charge, the provisions of 5 U.S.C. 552(a)(3) normally do not apply and they need not be processed under the FOIA. Normally, documents disclosed to the public by publication in the Federal Register also require no processing under the FOIA. In such cases, PAO will direct the requester to the appropriate source, to obtain the record.
(d) Initial denial authority (IDA). The Deputy Director (DDIR), DNA, has the authority to withhold records requested under the FOIA for one or more of the nine categories (set forth §291.8) of records exempt from mandatory disclosure.
(e) Appellate authority. The Director, DNA.
(f) Administrative appeal. A request by a member of the general public, made under the FOIA, asking the appellate authority of a DoD Component (Director, DNA) to reverse an IDA decision to withhold all or part of a requested record or to deny a request for a waiver or reduction of fees.
(g) Public interest. Public interest is official information that sheds light on an agency's performance of its statutory duties because it falls within the statutory purpose of the FOIA in informing citizens about what their government is doing. That statutory purpose, however, is not fostered by disclosure of information about private citizens that is accumulated in various governmental files that reveals little or nothing about an agency's or official's own conduct.
(h) Electronic data. Electronic data are those records and information which are created, stored, and retrievable by electronic means. This does not include computer software, which is the tool by which to create, store, or retrieve electronic data. Refer to paragraphs (b) (2) and (3) of this section for a discussion of computer software.
(a) Compliance with the FOIA. DNA personnel are expected to comply with the FOIA and this part in both letter and spirit. This strict adherence is necessary to provide uniformity in the implementation of the DNA FOIA Program and to create conditions that will promote public trust. It is DNA policy to fully and completely respond to public requests for information concerning its operations and activities, consistent with national security objectives.
(b) Openness with the public. 32 CFR part 286 states that all DoD employees shall conduct DoD activities in an open manner consistent with the need for security and adherence to other requirements of law and regulation. Records that are not specifically exempt from disclosure under the Act shall, upon request, be made readily accessible to the public in accordance with rules promulgated by competent authority, whether or not the Act is invoked.
(c) Avoidance of procedural obstacles. DNA offices shall ensure that procedural matters do not unnecessarily impede a requester from obtaining DNA records promptly. PAO shall provide assistance to requesters to help them understand and comply with procedures established by this Instruction, the 32 CFR part 286 and any supplemental regulations published by DoD.
(d) Prompt action on requests. When a member of the public complies with the procedures established for obtaining DNA records, the request shall receive prompt attention; a reply shall be dispatched within 10 working days, unless a delay is authorized. When PAO has a significant number of requests, e.g., 10 or more, the requests shall be processed in order of receipt.
However, this does not preclude PAO from completing action on a request which can be easily answered, regardless of its ranking within the order of receipt. In addition, PAO may expedite action on a request regardless of its ranking within the order of receipt upon a showing of exceptional need or urgency. Exceptional need or urgency is determined at the discretion of the PAO.
(e) Use of exemptions. It is DoD/DNA policy to make records publicly available, unless they qualify for exemption under one or more of the nine exemptions. Components may elect to make a discretionary release; however, a discretionary release is generally not appropriate for records exempt under exemptions 1, 3, 4, 6 and 7(C). Exemptions 4, 6 and 7(C) cannot be claimed when the requester is the submitter of the information.
(f) Public domain. Nonexempt records released under the authority of this part are considered to be in the public domain. Such records may also be made available through the reading room channel to facilitate public access. Exempt records released pursuant to this part or other statutory or regulatory authority, however, may be considered to be in the public domain when their release constitutes a waiver of the FOIA exemption. When the release does not constitute such a waiver, such as when disclosure is made to a properly constituted advisory committee or to a Congressional committee, the released records do not lose their exempt status. Also, while authority may exist to disclose records to individuals in their official capacity, the provisions of this part apply if the same individual seeks the records in a private or personal capacity.
(g) Creating a record. (1) A record must exist and be in the possession of and in control of the DNA at the time of the search to be considered subject to this part and the FOIA. Mere possession of a record does not presume agency control, and such records, or identifiable portions thereof, would be referred to the originating agency for direct response to the requester. There is no obligation to create or compile a record to satisfy a FOIA request. However, a DNA employee may compile a new record when so doing would result in a more useful response to the requester, or be less burdensome to the agency than providing existing records, and the requester does not object. The cost of creating or compiling such a record may not be charged to the requester unless the fee for creating the record is equal to or less than the fee which would be charged for providing the existing record.
(2) With respect to electronic data, the issue of whether records are actually created or merely extracted from an existing database is not always readily apparent. Consequently, when responding to FOIA requests for electronic data where creation of a record, programming, or particular format are questionable, offices should apply a standard of reasonableness. In other words, if the capability exists to respond to the request, and the effort would be a business as usual approach, then the request should be processed. However, the request need not be processed where the capability to respond does not exist without a significant expenditure of resources, thus not being a normal business as usual approach.
(h) Description of requested record. (1) Identification of the record desired is the responsibility of the member of the public who requests a record. The requester must provide a description of the desired record that will enable the Government to locate the record with a reasonable amount of effort. The Act does not authorize “fishing expeditions.” When DNA receives a request that does not “reasonably describe” the requested record, PAO shall notify the requester of the defect. The defect should be highlighted in a specificity letter, asking the requester to provide the type of information outlined in paragraph (h)(2) of this section. DNA is not obligated to act on the request until the requester responds to the specificity letter. When practical, PAO shall offer assistance to the requester in identifying the records sought and in reformulating the request to reduce the burden on the Agency in complying with the Act.
(2) The following guidelines are provided to deal with “fishing expedition” requests and are based on the principle of reasonable effort. Descriptive information about a record may be divided into two broad categories.
(i) Category I is file-related and includes information such as type of record (for example, memorandum), title, index citation, subject area, date the record was created, and originator.
(ii) Category II is event-related and includes the circumstances that resulted in the record being created or the date and circumstances surrounding the event the record covers.
(3) Generally, a record is not reasonably described unless the description contains sufficient Category I information to permit the conduct of an organized, nonrandom search based on DNA's filing arrangements and existing retrieval systems, or unless the record contains sufficient Category II information to permit inference of the Category I elements needed to conduct such a search.
(4) The following guidelines deal with requests for personal records. Ordinarily, when personal identifiers are provided only in connection with a request for records concerning the requester, only records retrievable by personal identifiers need be searched. Search for such records may be conducted under Privacy Act procedures. No record may be denied that is releaseable under the FOIA.
(5) The above guidelines notwithstanding, the decision of an office concerning reasonableness of description must be based on knowledge of its files. If the description enables office personnel to locate the record with reasonable effort, the description is adequate.
(i) Reasons for not releasing a record. (1) The request is transferred to another DoD component, or to another Federal agency.
(2) The request is withdrawn by the requester.
(3) The information requested is not a record within the meaning of the FOIA and 32 CFR part 286.
(4) A record has not been described with sufficient particularity to enable DNA to locate it by conducting a reasonable search.
(5) The requester has failed reasonably to comply with procedural requirements, including payment of fees, imposed by 32 CFR part 286 or this part.
(6) The DNA determines, through knowledge of its files and reasonable search efforts, that it neither controls nor otherwise possesses the requested record.
(7) The record is subject to one or more of the nine exemptions set forth in §291.8, and a significant and legitimate government purpose is served by withholding.
(a) The Director, DNA, as appellate authority, is responsible for reviewing and making the final decision on FOIA appeals.
(b) The DDIR, as IDA, is responsible for reviewing all initial denials to FOIA requests and has sole responsibility for withholding that information.
(c) The DNA FOIA Officer, who is also the Public Affairs Officer, manages and implements the DNA FOIA program. In this regard, the Public Affairs Officer serves as the FOIA point-of-contact and liaison between DNA and the Office of the Assistant Secretary of Defense (Public Affairs) (OASD(PA)), Directorate for Freedom of Information and Security Review (DFOI/SR). The Public Affairs Officer is responsible for:
(1) Advising OASD(PA), DFOI/SR, of any DNA denial of a request for records or appeals that may affect another DoD component.
(2) Ensuring publication of this part in the Federal Register.
(3) Ensuring that the Command Services Directorate publishes in the Federal Register a notice of where, how and by what authority DNA performs its functions.
(4) Ensuring that the Command Services Directorate, publishes an index of DNA instructions in the Federal Register.
(5) Coordinating all FOIA actions, except routine, interim replies indicating initial receipt of a FOIA request through the appropriate DNA offices and the DNA General Counsel (GC).
(6) Forwarding all fees collected under the FOIA to the HQ, DNA, Finance and Accounting Officer for further processing.
(7) Coordinating action on FOIA requests that involve other government organizations (e.g., when DNA is not the original classifier for a classified document) with those organizations.
(8) Ensuring FOIA briefings are presented annually for DNA personnel.
(9) Submitting an annual report to OASD(PA), DFOI/SR, in accordance with the requirements of DoD Directive 5400.11.1
1Copies may be obtained, at cost, from the National Technical Information Service, 5285 Port Royal Road, Springfield, VA 22161.
(d) The Commander, FCDNA, is responsible for determining, based on current directives and instruction, what information in FCDNA custody may be released to FOIA requesters. (This responsibility may be delegated.) The Commander, FCDNA, is responsible for designating a representative to process FOIA requests. The Commander has the authority to release documents in response to the FOIA. When FCDNA releases information under the FOIA, it will forward a copy of the request, the response and the appropriate cost sheet to HQ, DNA, ATTN: PAO (FOIA). FCDNA will not deny requests for information under the FOIA; instead, it will forward to HQ, DNA, PAO a recommendation and justification for denying the FOIA request.
(e) The Director, AFRRI, is responsible for designating a representative to process FOIA requests and to forward them to HQ, DNA, (PAO) for coordination and preparation of a final response.
(f) The DNA GC shall coordinate on all DNA FOIA response except routine interim letters which acknowledge receipt of the FOIA request. That office shall also ensure uniformity in the legal position and interpretation by DNA of the FOIA, and coordinate with the DoD GC, as necessary.
(g) The HQ, DNA, Finance and Accounting Officer will ensure that fees collected under the FOIA are forwarded to the Finance and Accounting Office, U.S. Army, to be submitted to the Treasury of the United States.
(h) HQ, DNA, Assistant Director for Intelligence and Security, Classification Management Division (ISCM), will conduct security reviews of classified documents requested under the FOIA. ISCM will determine whether the document.
(1) Contains information that meets requirements for withholding under Exemption 1 Executive Order 12356.
(2) Has information that meets requirements for withholding under Exemption 3, to include Restricted Data and Formerly Restricted Data, 42 U.S.C. 2162.
(3) Has information that may be declassified or sanitized. ISCM is also responsible for sanitizing DNA classified information from documents requested under the FOIA (refer to §291.6(b)(5)). In addition, ISCM is responsible for advising the Assistant Director for Technical Information (CSTI) to notify the appropriate authorities when information has been reclassified as a result of a DNA FOIA review.
(i) HQ, DNA, CSLE will, upon request, ensure that photocopies are made of 50-page or larger documents being processed under the FOIA. (Copies are required only when documents are not available from other sources.)
(j) CSTI, Technical Library Division (TITL), will, upon notification from PAO that a document has been cleared for public release under the FOIA, retain the marked up document in its files, annotate the FOIA case number in the computerized data base and ensure that the document is made available to the public through the National Technical Information Service (NTIS).
(k) Commander, FCDNA; Director, AFRRI; and directors and chiefs of staff elements at HQ, DNA, will ensure that personnel are familiar with the procedures and contents of this part prior to acting on FOIA requests. They will also make sure that FOIA actions forwarded to their offices for processing are closely monitored to ensure accountability and that their input to PAO is provided in a timely manner and in accordance with this part. (Refer to §291.7(b)(2)). If the office(s) cannot meet the FOIA suspense, they must request an extension. In addition, they will ensure that, upon request by PAO, appropriate technical personnel sanitize information such as unclassified technical data, that is determined to be exempt from disclosure under the FOIA. (Refer to §291.7(b)(5)).
(a) If HQ, DNA personnel receive a FOIA request that has not been logged and processed through PAO, they will immediately handcarry the request to PAO. TDNM and AFRRI personnel will forward all FOIA requests to HQ, DNA, Attn: PAO. FCDNA will adhere to paragraph 6d and FCDNA Supplement to DNA Instruction 5400.7C.2
2Copies can be obtained from Defense Nuclear Agency PAO or SSAB, Defense Nuclear Agency, 6801 Telegraph Road, Alexandria, VA 22310-3398.
(b) When a FOIA request is received by PAO, HQ, DNA, the following procedures apply:
(1) The request will be date stamped, reviewed to determine if it meets the requirements of 5 U.S.C. 552, logged in, assigned an action number, suspensed, and attached to a FOIA cover sheet with instructions for forwarding to the appropriate office. A copy of DD Form 2086 or DD Form 2086-1 will also be attached to the FOIA request.
(2) A copy of the request will be handcarried by PAO to the designated HQ, DNA, action office(s) or forwarded to AFRRI or FCDNA, as appropriate. The office or component providing input for the FOIA request must keep track of the request and meet the PAO suspense. The HQ, DNA input, or negative response, if there are no records available, will be handcarried to PAO. AFRRI will send the recommended response in daily distribution. FCDNA will telefax the proposed response in addition to mailing the original. All FOIA actions must include a completed DD Form 2086 or 2086-1. Each office acting on FOIA requests will indicate on the form the search, review/excise and coordination time spent processing the FOIA action, and provide the number of pages copied.
(3) The DNA PAO will prepare the response to the requester and coordinate it with the offices that provided input, the GC, and if appropriate, ISCM, the IDA, the Director, DNA, OASD(PA), and outside agencies, if involved. The PAO will maintain files of all FOIA actions per DNA Instruction 5015.4B.
(4) If a request is received by a DNA office which does not have records responsive but office personnel believe another office would have the records requested, they must contact the other office to confirm the existence of the documents, forward the FOIA action to that office and notify PAO.
(5) FOIAs involving classified information. When ISCM or contractor security reviewers receive a classified document from PAO for processing under the FOIA, they will conduct a security review to determine if the document may be sanitized or declassified. Most DNA documents requested under the FOIA are queued on a first-come, first-served basis and shall be reviewed in that order. When security reviewers determine that part or all of the information in a classified document may be sanitized or declassified, they will ensure that the appropriate copies are ordered from the Defense Technical Information Center (DTIC). The DTIC copy will be marked up during review. Cases not placed in queue will be suspensed by PAO. They may include documents with less than 10 pages or documents under suspense from other organizations which require a DNA review. All DNA documents reviewed will be marked with a special pen that does not permit photocopying of the classified portions. Security review must include a detailed response providing the appropriate exemption(s) and justification for withholding.
When the Field Command Security Division (FCSS) receives a classified document for processing under the FOIA, they will conduct a security review to determine if the document may be sanitized or declassified. When FCSS determines that part or all of the information in a classified document may be sanitized or declassified, FCSS will make a copy which will be marked up during review. Upon completion of its review, FCSS will provide the marked up document and a sanitized version of the document to PAO. FCSS review must include a detailed response providing the appropriate exemption(s) and justification for withholding. When ISCM/FCSS completes its review, ISCM/FCSS will forward the master copy to the appropriate technical office(s) for review. That office will determine whether the remaining unclassified information is releaseable and provide its response to ISCM/FCSS. If the office recommends that part or all of the information be withheld, then it must forward a detailed response providing the appropriate exemption(s) and justification for withholding. The technical office will return documents with results of their review to ISCM. ISCM will forward the results of both reviews to PAO for further processing. If either ISCM/FCSS or the DNA office reviewing the action recommends additional review by another agency, they will provide the full name and address of that agency with a technical point-of-contact, if known. PAO will forward the action to that organization for further review. When PAO receives that organization's review determination, it will forward the results to ISCM/FCSS. After all reviews are completed, ISCM/FCSS will sanitize the document and handcarry (FCSS will forward) the sanitized as well as the marked up copy to PAO for final processing.
(6) FOIAs involving unclassified information. The appropriate technical office(s) will review unclassified documents for release under the FOIA. If the office(s) determines that part or all of the document should be withheld, it must provide PAO a written recommendation with the appropriate exemption(s) (§291.8) and detailed reasons for withholding the information. Upon PAO request, the technical office(s) will sanitize the unclassified information that is being withheld. Sanitization will be done on a photocopy of the document or on a document that has been obtained from DTIC.
§291.7 Administrative instruction.
(a) FOIA requesters shall clearly mark their requests as such, both on the envelope and in the body of the letter. Identification of the record desired is the responsibility of the FOIA requester. The requester must provide a description of the desired record that enables DNA to locate it with a reasonable amount of effort. The Act does not authorize “fishing expeditions.” FOIA requests should be sent to the following address: Public Affairs Officer, Defense Nuclear Agency, Attention: FOIA, 6801 Telegraph Road, Alexandria, VA 22310-3398. Requester failure to comply with this section shall not be sole grounds of denial for requested information.
(b) FOIA appeals must be clearly marked as such, both on the envelope and in the body of the letter. Persons appealing DNA denial letters should include a copy of the denial letter, the case number, a statement of the relief sought and the grounds upon which it is brought. Appeals should be sent to the following address: Director, Defense Nuclear Agency, 6801 Telegraph Road, Alexandria, VA 22310-3398.
(c) The time limitations for responding to legitimate FOIA requests are:
(1) Determinations to release, deny or transfer a record shall be made and the decision reported to the requester within 10 working days after the request is received in PAO.
(2) If additional time is needed to respond to a request, the requester will be notified within the 10-day period. When PAO has a significant number of requests, e.g., 10 or more, the requests shall be processed in order of receipt. However, this does not preclude PAO from completing action on a request which can be easily answered, regardless of its ranking within the order of receipt. PAO may expedite action on a request regardless of its ranking within the order of receipt upon a showing of exceptional need or urgency. Exceptional need or urgency is determined at the discretion of the Public Affairs Officer.
(3) If a request for a record is denied and the requester appeals the decision of the IDA, the requester should file the appeal so that it reaches DNA no later than 60 calendar days after the date of the initial denial letter. At the conclusion of this period, the case may be considered closed; however, such closure does not preclude the requester from filing litigation. In cases where the requester is provided several incremental determinations for a single request, the time for the appeal shall not begin until the requester receives the last such notification. A final determination on the appeal normally shall be made within 20 working days after receipt. If additional time is needed due to unusual circumstances, the final decision may be delayed for the number of working days (not to exceed 10), that were not utilized as additional time for responding to the initial request. If an appeal is denied, the Director, DNA, will notify the requester of the right to judicial review of the decision. Appeal procedures also apply to the disapproval of a request for waiver or reduction of fees.
(d) If DNA denies the requested document in whole or in part, the response must include detailed rationale for withholding information and the specific exemption that applies so the requester can make a decision concerning appeal. When the initial denial is based in whole or in part on a security classification, the explanation should include a summary of the applicable criteria for classification, as well as an explanation, to the extent reasonably feasible, of how those criteria apply to the particular record in question. Denial letters must also include the name and title of the IDA, and cite the name and address of the Director, DNA, as the appellate authority.
(e) All final responses will address the status of fees collectible under the FOIA. Fees of $15 or less will be waived, regardless of category of requester.
(f) A formal reading room for the public, as defined in 32 CFR part 286, does not exist at DNA (HQ, FCDNA or AFRRI) because of security requirements. However, the PAO will arrange for a suitable location and escort, if required, for members of the public to review DNA documents released under the FOIA. In addition, most reports released under the FOIA are sent to the National Technical Information Service (NTIS).
(a) General. Records that meet the exemption criteria listed in paragraph (b) below may be withheld from public disclosure and will not be published in the Federal Register, made available in a library, reading room, or provided in response to a FOIA request.
(b) FOIA exemptions. The following types of records may be withheld in whole or in part from public disclosure under the FOIA, unless otherwise prescribed by law. A discretionary release (see also §291.4(e)) to one requester may preclude the withholding of the same record under a FOIA exemption if the record is subsequently requested by someone else. In applying exemptions, the identity of the requester and the purpose for which the record is sought are irrelevant with the exception that an exemption may not be invoked where the particular interest to be protected is the requester's interest.
(1) Number 1. Those properly and currently classified in the interest of national defense or foreign policy, as specifically authorized under the criteria established by executive order and implemented by regulations, such as DoD 5200.1-R.3 Although material is not classified at the time of the FOIA request, a classification review may be undertaken to determine whether the information should be classified. The procedures in DoD 5200.1-R, section 2-204f., apply. In addition, this exemption shall be invoked when the following situations are apparent:
3See footnote 1 to §291.5(c)(9).
(i) The fact of the existence or nonexistence of a record would itself reveal classified information. In this situation, DNA shall neither confirm nor deny the existence or nonexistence of the record being requested. A “refusal to confirm or deny” response must be used consistently, not only when a record exists, but also when a record does not exist. Otherwise, the pattern of using a “no record” response when a record does not exist, and a “refusal to confirm or deny” when a record does exist will itself disclose national security information.
(ii) Information that concerns one or more of the classification categories established by executive order and DoD 5200.1-R shall be classified if its unauthorized disclosure, either by itself or in the context of other information, reasonably could be expected to cause damage to the national security.
(2) Number 2. Those related solely to the internal personnel rules and practices of DNA. This exemption has two profiles, high b2 and low b2.
(i) Records qualifying under high b2 are those containing or constituting statutes, rules, regulations, orders, manuals, directives, and instructions, the release of which would allow circumvention of these records, thereby substantially hindering the effective performance of a significant function of the DNA. Examples include:
(A) Those operating rules, guidelines and manuals for DNA investigators, inspectors, auditors, or examiners that must remain privileged in order for the DNA office to fulfill a legal requirement.
(B) Personnel and other administration matters, such as examination questions and answers used in training courses or in the determination of the qualifications of candidates for employment, entrance on duty, advancement, or promotion.
(C) Computer software meeting the standards of paragraph 291.3(b)(2)(iii), the release of which would allow circumvention of a statute or DoD rules, regulations, orders, manuals, directives, or instructions. In this situation, the use of the software must be clearly examined to ensure a circumvention possibility exists.
(ii) Records qualifying under the low b2 profile are those that are trivial and housekeeping in nature for which there is no legitimate public interest or benefit to be gained by release, and it would constitute an administrative burden to process the request in order to disclose the records. Examples include: Rules of personnel's use of parking facilities or regulation of lunch hours, statements of policy as to sick leave, and trivial administrative data such as file numbers, mail routing stamps, initials, data processing notations, brief references to previous communications, and other like administrative markings.
(3) Number 3. Those containing matters that a statute specifically exempts from disclosure by terms that permit no discretion on the issue, or in accordance with criteria established by that statute for withholding or referring to particular types of matters to be withheld. Examples of statutes are:
(i) National Security Agency Information Exemption, Public Law 86-36, section 6.
(ii) Patent Secrecy, 35 U.S.C. 181-188. Any records containing information relating to inventions that are the subject of patent applications on which Patent Secrecy Orders have been issued.
(iii) Restricted Data and Formerly Restricted Data, 42 U.S.C. 2162.
(iv) Communication Intelligence, 18 U.S.C. 798.
(v) Authority to Withhold from Public Disclosure Certain Technical Data, 10 U.S.C. 130 and DoD Directive 5230.25.4
4See footnote 1 to §291.5(c)(9).
(vi) Confidentiality of Medical Quality Records: Qualified Immunity Participants, 10 U.S.C. 1102.
(vii) Physical Protection of Special Nuclear Material: Limitation on Dissemination of Unclassified Information, 10 U.S.C. 128.
(viii) Protection of Intelligence Sources and Methods, 50 U.S.C. 403 (d)(3).
(4) Number 4. Those containing trade secrets or commercial or financial information that DNA receives from a person or organization outside the government with the understanding that the information or record will be retained on a privileged or confidential basis in accordance with the customary handling of such records. Records within the exemption must contain trade secrets, or commercial or financial records, the disclosure of which is likely to cause substantial harm to the competitive position of the source providing the information; impair the Government's ability to obtain necessary information in the future; or impair some other legitimate government interest. Examples include:
(i) Commercial or financial information received in confidence in connection with loans, bids, contracts, or proposals, as well as other information received in confidence or privileged, such as trade secrets, inventions, discoveries, or other proprietary data. See 32 CFR part 286h, “Release of Acquisition-Related Information.”
(ii) Statistical data and commercial or financial information concerning contract performance, income, profits, losses and expenditures, if offered and received in confidence from a contractor or potential contractor.
(iii) Personal statements given in the course of inspections, investigations, or audits, when such statements are received in confidence from the individual and retained in confidence because they reveal trade secrets or commercial or financial information normally considered confidential or privileged.
(iv) Financial data provided in confidence by private employers in connection with locality wage surveys that are used to fix and adjust pay schedules applicable to the prevailing wage rate of employees within the Department of Defense.
(v) Scientific and manufacturing processes or developments concerning technical or scientific data or other information, submitted with an application for a research grant, or with a report, while research is in progress.
(vi) Technical or scientific data developed by a contractor or subcontractor exclusively at private expense, and technical or scientific data developed in part with Federal funds and in part at private expense, wherein the contractor or subcontractor has retained legitimate proprietary interests in such data in accordance with title 10, U.S.C. 2320-2321 and DoD Federal Acquisition Regulation Supplement (DFARS), subpart 27.4. Technical data developed exclusively with Federal funds may be withheld under Exemption Number 3 if it meets the criteria of 10 U.S.C. 130 and DoD Directive 5230.25 (refer to paragraph (b)(3)(v)).
(vii) Computer software meeting the conditions of section 4 (b)(3), which is copyrighted under the Copyright Act of 1976 (17 U.S.C. 106), the disclosure of which would have an adverse impact on the potential market value of a copyrighted work.
(5) Number 5. Except as provided in paragraphs (b)(5)(i) through (v) of this section, internal advice, recommendations, and subjective evaluations, as contrasted with factual matters, that are reflected in records pertaining to the decisionmaking process of any agency, whether within or among agencies (as defined in 5 U.S.C. 552(e)) or within or among DoD/DNA offices. Also exempted are records pertaining to the attorney-client privilege and the attorney work-product privilege.
(i) Examples include:
(A) The nonfactual portions of staff papers, to include after-action reports and situation reports containing staff evaluations, advice, opinions or suggestions.
(B) Advice, suggestions, or evaluations prepared on behalf of the DNA by individual consultants or by boards, committees, councils, groups, panels, conferences, commissions, task forces, or other similar groups that are formed for the purpose of obtaining advice and recommendations.
(C) Those nonfactual portions of evaluations by DNA personnel of contractors and their products.
(D) Information of a speculative, tentative, or evaluative nature or such matters as proposed plans to procure, lease or otherwise acquire and dispose of materials, real estate, facilities or functions, when such information would provide undue or unfair competitive advantage to private personal interests or would impede legitimate government functions.
(E) Trade secret or other confidential research, development, or commercial information owned by the Government, where premature release is likely to affect the Government's negotiating position or other commercial interests.
(F) Records that are exchanged among agency personnel as part of the preparation for anticipated administrative proceedings by DNA, or litigation before any federal, state, or military court, as well as records that qualify for the attorney-client privilege.
(G) Those portions of official reports of inspection, reports of the Inspector General, audits, investigations, or surveys pertaining to safety, security, or the internal management, administration, or operation of DNA when these records have traditionally been treated by the courts as privileged against disclosure in litigation.
(H) Computer software meeting the standards of paragraph 291.3(b)(2)(iii), which is deliberative in nature, the disclosure of which would inhibit or chill the decision-making process. In this situation, the use of software must be closely examined to ensure its deliberative nature.
(I) Planning, programming, and budgetary information which is involved in the defense planning and resource allocation process.
(ii) If any such intra- or inter-agency record or reasonably segregable portion of such record hypothetically would be made available routinely through the “discovery process” in the course of litigation with DNA, i.e., the process by which litigants obtain information from each other that is relevant to the issues in trial or hearing, then it should not be withheld from the general public even though “discovery” has not been sought in actual litigation. If, however, the information hypothetically would only be made available through the discovery process by special order of the court based on the particular needs of a litigant, balanced against the interests of the agency in maintaining its confidentiality, then the record or document need not be made available under this part. Consult with legal counsel to determine whether exemption 5 material would be routinely made available through the “discovery process”.
(iii) Intra- or inter-agency memoranda or letters that are factual, or those reasonably segregable portions that are factual, are routinely made available through “discovery,” and shall be made available to a requester, unless the factual material is otherwise exempt from release, inextricably intertwined with the exempt information, so fragmented as to be uninformative, or so redundant of information already available to the requester as to provide no new substantive information.
(iv) A direction or order from a superior to a subordinate, though contained in an internal communication, generally cannot be withheld from a requester if it constitutes policy guidance or a decision, as distinguished from a discussion of preliminary matters or a request for information or advice that would compromise the decision-making process.
(v) An internal communication concerning a decision that subsequently has been made a matter of public record must be made available to a requester when the rationale for the decision is expressly adopted or incorporated by reference in the record containing the decision.
(6) Number 6. Information in personnel and medical files, as well as similar personal information in other files, that, if disclosed to the requester would result in a clearly unwarranted invasion of personal privacy. Release of information about an individual contained in a Privacy Act System of Records that would constitute a clearly unwarranted invasion of privacy is prohibited, and could subject the releaser to civil and criminal penalties.
(i) Examples of other files containing personal information similar to that contained in personnel and medical files include:
(A) Those compiled to evaluate or adjudicate the suitability of candidates for civilian employment or membership in the Armed Forces, and the eligibility of individuals (civilian, military, or contractor employees) for security clearances, or for access to particularly sensitive classified information.
(B) Files containing reports, records, and other material pertaining to personnel matters in which administrative action, including disciplinary action, may be taken.
(ii) Home addresses are normally not releasable without the consent of the individuals concerned. In addition, lists of DoD military and civilian personnel's names and duty addresses who are assigned to units that are sensitive, routinely deployable, or stationed in foreign territories can constitute a clearly unwarranted invasion of personal privacy.
(A) Privacy interest. A privacy interest may exist in personal information even though the information has been disclosed at some place and time. If personal information is not freely available from sources other than the Federal Government, a privacy interest exists in its nondisclosure. The fact that the Federal Government expended funds to prepare, index and maintain records on personal information, and the fact that a requester invokes FOIA to obtain these records indicates the information is not freely available.
(B) Published telephone directories, organizational charts, rosters and similar materials for personnel assigned to units that are sensitive, routinely deployable, or stationed in foreign territories are withholdable under this exemption.
(iii) This exemption shall not be used in an attempt to protect the privacy of a deceased person, but it may be used to protect the privacy of the deceased person's family.
(iv) Individuals' personnel, medical, or similar file may be withheld from them or their designated legal representative only to the extent consistent with DoD Directive 5400.11.
(v) A clearly unwarranted invasion of the privacy of the persons identified in a personnel, medical or similar record may constitute a basis for deleting those reasonably segregable portions of that record, even when providing it to the subject of the record. When withholding personal information from the subject of the record, legal counsel should first be consulted.
(7) Number 7. Records or information compiled for law enforcement purposes; i.e., civil, criminal, or military law, including the implementation of executive orders or regulations issued pursuant to law. This exemption may be invoked to prevent disclosure of documents not originally created for, but later gathered for law enforcement purposes.
(i) This exemption applies, however, only to the extent that production of such law enforcement records or information could result in the following:
(A) Could reasonably be expected to interfere with enforcement proceedings.
(B) Would deprive a person of the right to a fair trial or to an impartial adjudication.
(C) Could reasonably be expected to constitute an unwarranted invasion of personal privacy of a living person, including surviving family members of an individual identified in such a record.
(1) This exemption also applies when the fact of the existence or nonexistence of a responsive record would itself reveal personally private information, and the public interest in disclosure is not sufficient to outweigh the privacy interest. In this situation, DNA shall neither confirm nor deny the existence or nonexistence of the record being requested.
(2) A “refusal to confirm or deny” response must be used consistently, not only when a record exists, but also when a record does not exist. Otherwise, the pattern of using a “no records” response when a record does not exist and a “refusal to confirm or deny” when a record does exist will itself disclose personally private information.
(3) Refusal to confirm or deny should not be used when the person whose personal privacy is in jeopardy has provided the requester with a waiver of his or her privacy rights; or the person whose personal privacy is in jeopardy is deceased, and DNA is aware of that fact.
(D) Could reasonably be expected to disclose the identity of a confidential source including a source within DNA, a state, local or foreign agency or authority, or any private institution which furnishes the information on a confidential basis.
(E) Could disclose confidential information furnished from a confidential source and obtained by a criminal law enforcement authority in a criminal investigation or by an agency conducting a lawful national security intelligence investigation.
(F) Would disclose techniques and procedures for law enforcement investigations or prosecutions, or would disclose guidelines for law enforcement investigations or prosecutions if such disclosure could reasonably be expected to risk circumvention of the law.
(G) Could reasonably be expected to endanger the life, or the physical safety of any individual.
(ii) Examples include:
(A) Statements of witnesses and other material developed during the course of the investigation and all materials prepared in connection with related government litigation or adjudicative proceedings.
(B) The identity of firms or individuals being investigated for alleged irregularities involving contracting with DNA when no indictment has been obtained nor any civil action filed against them by the United States.
(C) Information obtained in confidence, expressed or implied, in the course of a criminal investigation by a criminal law enforcement agency or office within DNA, or a lawful national security intelligence investigation conducted by an authorized agency or office within DNA. National security intelligence investigations include background security investigations and those investigations conducted for the purpose of obtaining affirmative or counterintelligence information.
(iii) The right of individual litigants to investigative records currently available by law (such as, the Jencks Act, 18 U.S.C. 3500 is not diminished.
(iv) When the subject of an investigative record is the requester of the record, it may be withheld only as authorized by DoD Directive 5400.11.
(v) Exclusions. Excluded from the previous exemptions are the following two situations applicable to the Department of Defense.
(A) Whenever a request is made which involves access to records or information compiled for law enforcement purposes and the investigation or proceedings involves a possible violation or criminal law where there is reason to believe that the subject of the investigation or proceedings is unaware of its pendency, and the disclosure of the existence of the records could reasonably be expected to interfere with enforcement proceedings. Components may, during only such times as that circumstance continues, treat the records or information as not subject to the FOIA. In such situation, the response to the requester will state that no records were found.
(B) Whenever informant records maintained by a criminal law enforcement organization within a DoD component under the informant's name or personal identifier are requested by a third party using the informant's name or personal identifier, the Component may treat the records as not subject to the FOIA, unless the informant's status as an informant has been officially confirmed. If it is determined that the records are not subject to exemption 7, the response to the requester will state that no records were found.
(8) Number 8. Those contained in or related to examination, operation or condition reports prepared by, on behalf of, or for the use of any agency responsible for the regulation or supervision of financial institutions.
(9) Number 9. Those containing geological and geophysical information and data (including maps) concerning wells.
§291.9 For official use only (FOUO).
Information that has not been given a security classification pursuant to the criteria of an Executive Order, but which may be withheld from the public for one or more of the reasons cited in FOIA exemptions 2 through 9 shall be considered as being for official use only. No other material shall be considered or marked “For Official Use Only” (FOUO) and FOUO is not authorized as an anemic form of classification to protect national security interests. See DNA Instruction 5230.2A5 for additional information regarding FOUO policy.
5See footnote 2, to §291.6(a)
(a) Prior FOUO application. The prior application of FOUO markings is not a conclusive basis for withholding a record that is requested under the FOIA. When such a record is requested, the information in it shall be evaluated to determine whether, under current circumstances, FOIA exemptions apply in withholding the record or portions of it. If any exemption or exemptions apply or applies, it may nonetheless be released when it is determined that no governmental interest will be jeopardized by its release.
(b) Historical papers. Records, such as notes, working papers, and drafts retained as historical evidence of DNA actions enjoy no special status apart from the exemptions under the FOIA.
(c) Time to mark records. The marking of records at the time of their creation provides notice of FOUO content and facilitates review when a record is requested under the FOIA. Records requested under the FOIA that do not bear such markings, shall not be assumed to be releaseable without examination for the presence of information that requires continued protection and qualifies as exempt from public release.
(d) Distribution statement. Information in a technical document that requires a distribution statement pursuant to DNA Instruction 5230.24A shall bear that statement and may be marked FOUO, as appropriate.
(e) Termination. The originator or other competent authority, e.g., initial denial and appellate authorities, shall terminate “For Official Use Only” markings or status when circumstances indicate that the information no longer requires protection from public disclosure. When FOUO status is terminated, all known holders shall be notified, to the extent practical. Upon notification, holders shall efface or remove the “For Official Use Only” markings, but records in file or storage need not be retrieved solely for that purpose.
(f) Disposal. (1) Nonrecord copies of FOUO materials may be destroyed by tearing each copy into pieces to preclude reconstructing, and placing them in regular trash containers. When local circumstances or experience indicates that this destruction method is not sufficiently protective of FOUO information, local authorities may direct other methods but must give due consideration to the additional expense balanced against the degree of sensitivity of the type of FOUO information contained in the records.
(2) Record copies of FOUO documents shall be disposed of in accordance with the disposal standards established under 44 U.S.C. chapter 33, as implemented by DNA instructions concerning records disposal.
(g) Unauthorized disclosure. The unauthorized disclosure of FOUO records does not constitute an unauthorized disclosure of DNA information classified for security purposes. Appropriate administrative action shall be taken, however, to fix responsibility for unauthorized disclosure whenever feasible, and appropriate disciplinary action shall be taken against those responsible. Unauthorized disclosure of FOUO information that is protected by the Privacy Act, may also result in civil and criminal sanctions against responsible persons. The DNA office that originated the FOUO information shall be informed of its unauthorized disclosure.
Appendix A to Part 291—Freedom of Information Act Request (DNA Form 524)
Suspense Item—Freedom of Information Act Request
Information Required in PAO NLT
FOIA Case No.
Please conduct a search within your organization to determine if there is information/documents responsive to the attached FOIA request.
If you recommend withholding information from the documents requested, please refer to the FOIA exemptions listed on the reverse.
If this request is for a technical proposal, please provide the name and address for the contact person at the company which was awarded the contract and the name and office symbol to the TM.
Record time spent on this request and the number of pages copied on the enclosed DD Form 2086.
If you believe other DNA offices should be involved in processing this request, please advise PAO ASAP.
If you have any questions call PAO, 57095 or 57306. Do not place this FOIA action in distribution.
DNA Form 524 (28 June 90) Previous Editions Obsolete.
Explanation of Exemptions
Freedom of Information Act (5 USC 552)
(b)(1) Applies to information which is currently and properly classified pursuant to an Executive Order in the interest of national defense or foreign policy. (See Executive Order 12356, DoD Regulation 5200.1-R and DNA Instruction 5400-7C.)
(b)(2) Applies to information which pertains solely to the internal rules and practices of the Agency; this exemption has two profiles, “high” and “low.” The “high” profile permits withholding of a document which, if released, would allow circumvention of an agency rule, policy, or statute, thereby impeding the agency in the conduct of its mission. The “low” profile permits withholding if there is no public interest in the document, and it would be an administrative burden to process the request.
(b)(3) Applies to information specifically exempted by a statute establishing particular criteria for withholding. The language of the statute must clearly state that the information will not be disclosed.
(b)(4) Applies to information such as trade secrets and commercial or financial information obtained from a company on a privileged or confidential basis which, if released, would result in competitive harm to the company.
(b)(5) Applies to inter- and intra-agency memoranda which are deliberative in nature; this exemption is appropriate for internal documents which are part of the decision making process, and contain subjective evaluations, opinions and recommendations.
(b)(6) Applies to information release of which could reasonably be expected to constitute a clearly unwarranted invasion of the personal privacy of individuals; and
(b)(7) Applies to records or information compiled for law enforcement purposes that (A) could reasonably be expected to interfere with law enforcement proceedings, (B) would deprive a person of a right to a fair trial or impartial adjudication, (C) could reasonably be expected to constitute an unwarranted invasion of the personal privacy of others, (D) disclose the identity of a confidential source, (E) disclose investigative techniques and procedures, or (F) could reasonably be expected to endanger the life or physical safety or any individual.
(b)(8) Permits the withholding of matters contained in, or related to, examination, operating or conditions reports prepared by, on behalf of, or for the use of, an agency responsible for the regulation and supervision of financial institutions.
(b)(9) Permits the withholding of geological information and data including maps, concerning wells.