CHAPTER 605 - SAFEGUARDS AND SECURITY MATTERS

Title 10 > CHAPTER 605

Sections (13)

§ 6221 Prohibition on international inspections of Department of Energy facilities unless protection of restricted data is certified

The Secretary of Energy may not allow an inspection of a national security laboratory or nuclear weapons production facility by the International Atomic Energy Agency until the Secretary certifies to Congress that no Restricted Data will be revealed during such inspection. (Added Pub. L. 119–60, div. C, title XXXI, § 3111(a) , Dec. 18, 2025 , 139 Stat. 1401 .)

§ 6222 Restrictions on access to national security laboratories by foreign visitors from sensitive countries

(a) Background Review Required.— The Secretary of Energy and the Administrator may not admit to any facility described in paragraph (3) of subsection (c) other than areas accessible to the general public any individual who is a citizen or agent of a covered foreign nation or a nation on the current sensitive countries list unless the Secretary or Administrator first completes a background review with respect to that individual.

(b) Sense of Congress Regarding Background Reviews.— It is the sense of Congress that the Secretary of Energy, the Director of the Federal Bureau of Investigation, and the Director of National Intelligence should ensure that background reviews carried out under this section are completed in not more than 15 days.

(c) Prohibition on Admittance.— With respect to an individual who is a citizen or agent of a covered foreign nation, the Secretary and the Administrator may not, except as provided in paragraph (2), admit such individual to any areas not accessible to the general public within a facility described in paragraph (3). The Secretary, acting through the Administrator, may waive the prohibition under paragraph (1) with respect to an individual who is a citizen or agent of a covered foreign nation if, not later than 30 days prior to admitting such individual to a facility described in such paragraph, the Secretary certifies to Congress that— the admittance of such individual to the facility is in the national security interests of the United States; no classified or restricted data will be revealed to such individual in connection with the admittance of such individual to the facility; the Secretary or Administrator has consulted with the heads of other relevant departments or agencies of the United States Government to mitigate risks associated with the admittance of such individual; and the background review completed to 1 subsection (a) with respect to such individual did not uncover any previously unreported affiliation with military or intelligence organizations associated with a covered foreign nation. A facility described in this paragraph is a facility, or any portion thereof, that directly supports the mission, functions, and operations of the Administration (as described in this subpart) and is located on— a national security laboratory; a nuclear weapons production facility; or a site that directly supports the protection, development, sustainment, or disposal of technologies or materials related to the provision of nuclear propulsion for United States naval vessels. The prohibition under paragraph (1) shall take effect on April 15, 2025 .

(d) Rule of Construction.— Nothing in this section shall be construed to limit or otherwise affect the authority of the Secretary or the Administrator to— admit to a facility described in paragraph (3) of subsection (c)— a citizen or lawful permanent resident of the United States; an individual involved in an International Atomic Energy Agency (IAEA) inspection (as defined in the “Agreement between the United States and the IAEA for the Application of Safeguards in the U.S.”); or an individual involved in information exchanges in support of activities of the United States with respect to nonproliferation, counterproliferation, and counterterrorism, in accordance with international treaties or other legally-binding agreements or instruments to which the United States is a party; or admit any individual to a facility, or any portion thereof, that is not directly associated with or directly funded to perform the mission, functions, and operations of the Administration (as described in this subpart).

(e) Definitions.— For purposes of this section: The term “background review”, commonly known as an indices check, means a review of information provided by the Director of National Intelligence and the Director of the Federal Bureau of Investigation regarding personal background, including information relating to any history of criminal activity or to any evidence of espionage. The term “covered foreign nation” means— the People’s Republic of China; the Russian Federation; the Democratic People’s Republic of Korea; and the Islamic Republic of Iran. The term “sensitive countries list” means the list prescribed by the Secretary of Energy known as the Department of Energy List of Sensitive Countries.

§ 6223 Background investigations of certain personnel at Department of Energy facilities

The Secretary of Energy shall ensure that an investigation meeting the requirements of section 145 of the Atomic Energy Act of 1954 ( 42 U.S.C. 2165 ) is made for each Department of Energy employee, or contractor employee, at a national security laboratory or nuclear weapons production facility who— carries out duties or responsibilities in or around a location where Restricted Data is present; or has or may have regular access to a location where Restricted Data is present. (Added Pub. L. 119–60, div. C, title XXXI, § 3111(a) , Dec. 18, 2025 , 139 Stat. 1403 .)

§ 6224 Department of Energy counterintelligence polygraph program

(a) New Counterintelligence Polygraph Program Required.— The Secretary of Energy shall carry out, under regulations prescribed under this section, a new counterintelligence polygraph program for the Department of Energy. The purpose of the new program is to minimize the potential for release or disclosure of classified data, materials, or information.

(b) Authorities and Limitations.— The Secretary shall prescribe regulations for the new counterintelligence polygraph program required by subsection (a) in accordance with the provisions of subchapter II of chapter 5 of title 5 (commonly referred to as the Administrative Procedures Act). In prescribing regulations for the new program, the Secretary shall take into account the results of the Polygraph Review. Not later than six months after obtaining the results of the Polygraph Review, the Secretary shall issue a notice of proposed rulemaking for the new program. In the event of a counterintelligence investigation, the regulations prescribed under paragraph (1) may ensure that the persons subject to the counterintelligence polygraph program required by subsection (a) include any person who is— a national of the United States (as such term is defined in section 101 of the Immigration and Nationality Act ( 8 U.S.C. 1101 )) and also a national of a foreign state; and an employee or contractor who requires access to classified information.

(c) Polygraph Review Defined.— In this section, the term “Polygraph Review” means the review of the Committee to Review the Scientific Evidence on the Polygraph of the National Academy of Sciences.

§ 6225 Notice to congressional committees of certain security and counterintelligence failures within atomic energy defense programs

(a) Required Notification.— The Secretary of Energy shall submit to the Committees on Armed Services of the Senate and House of Representatives a notification of each significant atomic energy defense intelligence loss. Any such notification shall be provided only after consultation with the Director of National Intelligence and the Director of the Federal Bureau of Investigation, as appropriate.

(b) Significant Atomic Energy Defense Intelligence Losses.— In this section, the term “significant atomic energy defense intelligence loss” means any national security or counterintelligence failure or compromise of classified information at a facility of the Department of Energy or operated by a contractor of the Department that the Secretary considers likely to cause significant harm or damage to the national security interests of the United States.

(c) Manner of Notification.— Notification of a significant atomic energy defense intelligence loss under subsection (a) shall be provided, in accordance with the procedures established pursuant to subsection (d), not later than 30 days after the date on which the Department of Energy determines that the loss has taken place.

(d) Procedures.— The Secretary of Energy and the Committees on Armed Services of the Senate and House of Representatives shall each establish such procedures as may be necessary to protect from unauthorized disclosure classified information, information relating to intelligence sources and methods, and sensitive law enforcement information that is submitted to those committees pursuant to this section and that are otherwise necessary to carry out the provisions of this section.

(e) Statutory Construction.— Nothing in this section shall be construed as authority to withhold any information from the Committees on Armed Services of the Senate and House of Representatives on the grounds that providing the information to those committees would constitute the unauthorized disclosure of classified information, information relating to intelligence sources and methods, or sensitive law enforcement information. Nothing in this section shall be construed to modify or supersede any other requirement to report information on intelligence activities to Congress, including the requirement under section 501 of the National Security Act of 1947 ( 50 U.S.C. 3091 ) for the President to ensure that the congressional intelligence committees are kept fully informed of the intelligence activities of the United States and for those committees to notify promptly other congressional committees of any matter relating to intelligence activities requiring the attention of those committees.

§ 6226 Annual 11 So in original. Probably should be “Biennial”. report and certification on status of security of atomic energy defense facilities

(a) Report and Certification on Nuclear Security Enterprise.— Not later than September 30 of each even-numbered year, the Administrator shall submit to the Secretary of Energy— a report detailing the status of security at facilities holding Category I and II quantities of special nuclear material that are administered by the Administration; and written certification that such facilities are secure and that the security measures at such facilities meet the security standards and requirements of the Administration and the Department of Energy. If the Administrator is unable to make the certification described in paragraph (1)(B) with respect to a facility, the Administrator shall submit to the Secretary with the matters required by paragraph (1) a corrective action plan for the facility describing— the deficiency that resulted in the Administrator being unable to make the certification; the actions to be taken to correct the deficiency; and timelines for taking such actions. Not later than December 1 of each even-numbered year, the Secretary shall submit to the congressional defense committees the unaltered report, certification, and any corrective action plans submitted by the Administrator under paragraphs (1) and (2) together with any comments of the Secretary.

(b) Report and Certification on Atomic Energy Defense Facilities Not Administered by the Administration.— Not later than December 1 of each even-numbered year, the Secretary shall submit to the congressional defense committees— a report detailing the status of the security of atomic energy defense facilities holding Category I and II quantities of special nuclear material that are not administered by the Administration; and written certification that such facilities are secure and that the security measures at such facilities meet the security standards and requirements of the Department of Energy. If the Secretary is unable to make the certification described in paragraph (1)(B) with respect to a facility, the Secretary shall submit to the congressional defense committees, together with the matters required by paragraph (1), a corrective action plan describing— the deficiency that resulted in the Secretary being unable to make the certification; the actions to be taken to correct the deficiency; and timelines for taking such actions.

§ 6227 Protection of certain nuclear facilities and assets from unmanned aircraft

(a) Authority.— Notwithstanding any provision of title 18, the Secretary of Energy may take such actions described in subsection (b)(1) that are necessary to mitigate the threat (as defined by the Secretary of Energy, in consultation with the Secretary of Transportation) that an unmanned aircraft system or unmanned aircraft poses to the safety or security of a covered facility or asset.

(b) Actions Described.— The actions described in this paragraph are the following: Detect, identify, monitor, and track the unmanned aircraft system or unmanned aircraft, without prior consent, including by means of intercept or other access of a wire, oral, or electronic communication used to control the unmanned aircraft system or unmanned aircraft. Warn the operator of the unmanned aircraft system or unmanned aircraft, including by passive or active, and direct or indirect physical, electronic, radio, and electromagnetic means. Disrupt control of the unmanned aircraft system or unmanned aircraft, without prior consent, including by disabling the unmanned aircraft system or unmanned aircraft by intercepting, interfering, or causing interference with wire, oral, electronic, or radio communications used to control the unmanned aircraft system or unmanned aircraft. Seize or exercise control of the unmanned aircraft system or unmanned aircraft. Seize or otherwise confiscate the unmanned aircraft system or unmanned aircraft. Use reasonable force to disable, damage, or destroy the unmanned aircraft system or unmanned aircraft. The Secretary of Energy shall develop the actions described in paragraph (1) in coordination with the Secretary of Transportation.

(c) Forfeiture.— Any unmanned aircraft system or unmanned aircraft described in subsection (a) that is seized by the Secretary of Energy is subject to forfeiture to the United States.

(d) Regulations.— The Secretary of Energy and the Secretary of Transportation may prescribe regulations and shall issue guidance in the respective areas of each Secretary to carry out this section.

(e) Definitions.— In this section: The term “covered facility or asset” means any facility or asset that is— identified by the Secretary of Energy for purposes of this section; located in the United States (including the territories and possessions of the United States); and owned by or contracted to the National Nuclear Security Administration, including any facility that stores or uses special nuclear material; or a national security laboratory or nuclear weapons production facility. The terms “unmanned aircraft” and “unmanned aircraft system” have the meanings given those terms in section 331 of the FAA Modernization and Reform Act of 2012 ( Public Law 112–95 ; 49 U.S.C. 40101 1 note).

§ 6228 Reporting on penetrations of networks of contractors and subcontractors

(a) Procedures for Reporting Penetrations.— The Administrator shall establish procedures that require each contractor and subcontractor to report to the Chief Information Officer when a covered network of the contractor or subcontractor that meets the criteria established pursuant to subsection (b) is successfully penetrated.

(b) Establishment of Criteria for Covered Networks.— The Administrator shall, in consultation with the officials specified in paragraph (2), establish criteria for covered networks to be subject to the procedures for reporting penetrations under subsection (a). The officials specified in this paragraph are the following officials of the Administration: The Deputy Administrator for Defense Programs. The Associate Administrator for Acquisition and Project Management. The Chief Information Officer. Any other official of the Administration the Administrator considers necessary.

(c) Procedure Requirements.— The procedures established pursuant to subsection (a) shall require each contractor or subcontractor to submit to the Chief Information Officer a report on each successful penetration of a covered network of the contractor or subcontractor that meets the criteria established pursuant to subsection (b) not later than 60 days after the discovery of the successful penetration. Subject to subparagraph (C), each report required by subparagraph (A) with respect to a successful penetration of a covered network of a contractor or subcontractor shall include the following: A description of the technique or method used in such penetration. A sample of the malicious software, if discovered and isolated by the contractor or subcontractor, involved in such penetration. A summary of information created by or for the Administration in connection with any program of the Administration that has been potentially compromised as a result of such penetration. If a contractor or subcontractor is not able to obtain all of the information required by subparagraph (B) to be included in a report required by subparagraph (A) by the date that is 60 days after the discovery of a successful penetration of a covered network of the contractor or subcontractor, the contractor or subcontractor shall— include in the report all information available as of that date; and provide to the Chief Information Officer the additional information required by subparagraph (B) as the information becomes available. Concurrent with the establishment of the procedures pursuant to subsection (a), the Administrator shall establish procedures to be used if information owned by the Administration was in use during or at risk as a result of the successful penetration of a covered network— in order to— in the case of a penetration of a covered network of a management and operating contractor, enhance the access of personnel of the Administration to Government-owned equipment and information; and in the case of a penetration of a covered network of a contractor or subcontractor that is not a management and operating contractor, facilitate the access of personnel of the Administration to the equipment and information of the contractor or subcontractor; and which shall— include mechanisms for personnel of the Administration to, upon request, obtain access to equipment or information of a contractor or subcontractor necessary to conduct forensic analysis in addition to any analysis conducted by the contractor or subcontractor; provide that a contractor or subcontractor is only required to provide access to equipment or information as described in clause (i) to determine whether information created by or for the Administration in connection with any program of the Administration was successfully exfiltrated from a network of the contractor or subcontractor and, if so, what information was exfiltrated; and provide for the reasonable protection of trade secrets, commercial or financial information, and information that can be used to identify a specific person. The procedures established pursuant to subsection (a) shall allow for limiting the dissemination of information obtained or derived through such procedures so that such information may be disseminated only to entities— with missions that may be affected by such information; that may be called upon to assist in the diagnosis, detection, or mitigation of cyber incidents; that conduct counterintelligence or law enforcement investigations; or for national security purposes, including cyber situational awareness and defense purposes.

(d) Definitions.— In this section: The term “Chief Information Officer” means the Associate Administrator for Information Management and Chief Information Officer of the Administration. The term “contractor” means a private entity that has entered into a contract or contractual action of any kind with the Administration to furnish supplies, equipment, materials, or services of any kind. The term “covered network” includes any network or information system that accesses, receives, or stores— classified information; or sensitive unclassified information germane to any program of the Administration, as determined by the Administrator. The term “subcontractor” means a private entity that has entered into a contract or contractual action with a contractor or another subcontractor to furnish supplies, equipment, materials, or services of any kind in connection with another contract in support of any program of the Administration.

§ 6231 Review of certain documents before declassification and release

(a) In General.— The Secretary of Energy shall ensure that, before a document of the Department of Energy that contains national security information is released or declassified, such document is reviewed to determine whether it contains Restricted Data.

(b) Limitation on Declassification.— The Secretary may not implement the automatic declassification provisions of Executive Order No. 13526 ( 50 U.S.C. 3161 note) if the Secretary determines that such implementation could result in the automatic declassification and release of documents containing Restricted Data.

§ 6232 Protection against inadvertent release of restricted data and formerly restricted data

(a) Plan for Protection Against Release.— The Secretary of Energy and the Archivist of the United States shall, after consultation with the members of the National Security Council and in consultation with the Secretary of Defense and the heads of other appropriate Federal agencies, develop a plan to prevent the inadvertent release of records containing Restricted Data or Formerly Restricted Data during the automatic declassification of records under Executive Order No. 13526 ( 50 U.S.C. 3161 note).

(b) Plan Elements.— The plan under subsection (a) shall include the following: The actions to be taken in order to ensure that records subject to Executive Order No. 13526 are reviewed on a page-by-page basis for Restricted Data and Formerly Restricted Data unless they have been determined to be highly unlikely to contain Restricted Data or Formerly Restricted Data. The criteria and process by which documents are determined to be highly unlikely to contain Restricted Data or Formerly Restricted Data. The actions to be taken in order to ensure proper training, supervision, and evaluation of personnel engaged in declassification under that Executive order so that such personnel recognize Restricted Data and Formerly Restricted Data. The extent to which automated declassification technologies will be used under that Executive order to protect Restricted Data and Formerly Restricted Data from inadvertent release. Procedures for periodic review and evaluation by the Secretary of Energy, in consultation with the Director of the Information Security Oversight Office of the National Archives and Records Administration, of compliance by Federal agencies with the plan. Procedures for resolving disagreements among Federal agencies regarding declassification procedures and decisions under the plan. The funding, personnel, and other resources required to carry out the plan. A timetable for implementation of the plan.

(c) Limitation on Declassification of Certain Records.— Effective on October 17, 1998 , and except as provided in paragraph (3), a record referred to in subsection (a) may not be declassified unless the agency having custody of the record reviews the record on a page-by-page basis to ensure that the record does not contain Restricted Data or Formerly Restricted Data. Any record determined as a result of a review under paragraph (1) to contain Restricted Data or Formerly Restricted Data may not be declassified until the Secretary of Energy, in conjunction with the head of the agency having custody of the record, determines that the document is suitable for declassification. After the date occurring 60 days after the submission of the plan required by subsection (a) to the committees referred to in paragraphs (1) and (2) of subsection (d), the requirement under paragraph (1) to review a record on a page-by-page basis shall not apply in the case of a record determined, under the actions specified in the plan pursuant to subsection (b)(1), to be a record that is highly unlikely to contain Restricted Data or Formerly Restricted Data.

(d) Submission of Plan.— The Secretary of Energy shall submit the plan required under subsection (a) to the following: The Committee on Armed Services of the Senate. The Committee on Armed Services of the House of Representatives. The Assistant to the President for National Security Affairs.

(e) Report and Notification Regarding Inadvertent Releases.— The Secretary of Energy shall submit to the committees and Assistant to the President specified in subsection (d) a report on inadvertent releases of Restricted Data or Formerly Restricted Data under Executive Order No. 12958 that occurred before October 17, 1998 . The Secretary of Energy shall, in each even-numbered year beginning in 2010, submit to the committees and Assistant to the President specified in subsection (d) a report identifying any inadvertent releases of Restricted Data or Formerly Restricted Data under Executive Order No. 13526 discovered in the two-year period preceding the submittal of the report.

§ 6233 Supplement to plan for declassification of restricted data and formerly restricted data

(a) Supplement to Plan.— The Secretary of Energy and the Archivist of the United States shall, after consultation with the members of the National Security Council and in consultation with the Secretary of Defense and the heads of other appropriate Federal agencies, develop a supplement to the plan required under subsection (a) of section 6232.

(b) Contents of Supplement.— The supplement shall provide for the application of that plan (including in particular the element of the plan required by section 6232(b)(1)) to all records subject to Executive Order No. 12958 that were determined before October 17, 1998 , to be suitable for declassification.

(c) Limitation on Declassification of Records.— All records referred to in subsection (b) shall be treated, for purposes of subsection (c) of section 6232, in the same manner as records referred to in subsection (a) of such section.

(d) Submission of Supplement.— The Secretary of Energy shall submit the supplement required under subsection (a) to the recipients of the plan referred to in subsection (d) of section 6232.

§ 6234 Protection of classified information during laboratory-to-laboratory exchanges

(a) Provision of Training.— The Secretary of Energy shall ensure that all Department of Energy employees and Department of Energy contractor employees participating in laboratory-to-laboratory cooperative exchange activities are fully trained in matters relating to the protection of classified information and to potential espionage and counterintelligence threats.

(b) Countering of Espionage and Intelligence-gathering Abroad.— The Secretary shall establish a pool of Department employees and Department contractor employees who are specially trained to counter threats of espionage and intelligence-gathering by foreign nationals against Department employees and Department contractor employees who travel abroad for laboratory-to-laboratory exchange activities or other cooperative exchange activities on behalf of the Department. The Director of Intelligence and Counterintelligence of the Department of Energy may assign at least one employee from the pool established under paragraph (1) to accompany a group of Department employees or Department contractor employees who travel to any nation designated to be a sensitive country for laboratory-to-laboratory exchange activities or other cooperative exchange activities on behalf of the Department.

§ 6235 Identification in budget materials of amounts for declassification activities and limitation on expenditures for such activities

(a) Amounts for Declassification of Records.— The Secretary of Energy shall include in the budget justification materials submitted to Congress in support of the Department of Energy budget for any fiscal year (as submitted with the budget of the President under section 1105(a) of title 31 ) specific identification, as a budgetary line item, of the amounts required to carry out programmed activities during that fiscal year to declassify records pursuant to Executive Order No. 13526 ( 50 U.S.C. 3161 note), or any successor Executive order, or to comply with any statutory requirement to declassify Government records.

(b) Certification Required With Respect to Automatic Declassification of Records.— No records of the Department of Energy that have not as of October 5, 1999 , been reviewed for declassification shall be subject to automatic declassification unless the Secretary of Energy certifies to Congress that such declassification would not harm the national security.