DCI AUTHORITY TO SET SECURITY STANDARDS FOR CONTRACTORS

Approved For Rise 2002/CU 4 M-RDP94B01041 ROe300100010-5 MEMORANDUM FOR: DD/PTOS FROM: Chief, Special Security Center SUBJECT: DCI Authority to Set Security Standards for Contractors 1. The National Security Act of 1947, as amended, is the basic document from which all DCI authority has been derived. This document states the DCI's responsibility to "protect intelligence sources and methods". All subsequent EO's and agreements refer to the original 1947 Act. 2. None of these documents or inter-agency agreements specifically set out what sanctions or actions can be taken against an industrial contractor who does not conform to security requirements. 3. The following are excerpts from a chronology of Executive Orders and directives charging the DCI with security responsibility: a. National Security Act 1947 - "The Director of Central Intelligence shall be responsible for protecting intelligence sources and methods from unauthorized disclosure." b. White House Memorandum, 26 August 1960, establishing a Compartmented Control System-" The Director of Central Intelligence, in consultation with USIB, will be responsible to me for determining all questions involved in the critical protection and control of the foregoing TALENT material and information." c. Agreement between Secretary of Defense and Director of Central Intelligence reference responsibilities of the NRO 2 May 1962- "In accordance with the basic responsibilities of the DCI for protection of intelligence sources and methods, CIA will establish security policy for the NRP, including provisions for a uniform system of security control and appropriate delegation of security responsibility." HANDLE: V,'k C(.)NTr'_,c ONLY. Appr6or Release 2002,0.1}/ $ CfIA-RDP94B01041 R00 3t 0100010-5  Approved For Remise 2002/01 DP94B01041 RQQ{300100010-5 ITT d. Agreement for reorganization of the NRP, 11 August 1965- "DCI will provide security policy and guidance to main- tain the uniform security system in the whole NRP area." e. NRP Security Directive No. 1, 27 August 1971, Para 3, reaffirms DCI responsibility for protection of intelligence sources and methods with respect to NRP data. f. National Security Council Directive No. 1, 17 February 1972- "The DCI Shall develop and review security standards and practices as they relate to the protection of intelligence, and intelligence sources and methods from unauthorized disclosures". g. National Security Council Directive No. 6, 17 February 1972- "The DCI will develop and establish policies and procedures for the protection of SIGINT, including the degree and type of security protection to be given SIGINT activities through the protection of information about them and derived from them'.'. h. Executive Order No. 11905, 8 February 1976- "Insure that appropriate programs are developed which properly protect intelligence sources and methods and analytical procedures". "The DCI is authorized to protect by lawful means against disclosure by present or former employees of the CIA or persons or employees or organizations presently or formerly under contract with the Agency." 4. It would appear that the DCI's authorities in regard to contractors would be those agreed to by contract and in accordance with those DOD procurement regulations (ASPR) to which the Agency subscribes. The present standard security sections of Agency contracts have been under review by the Office of General Counsel since the Boyce-Lee incident. Their unofficial opinion is that contract security caveats as they are presently written are unenforceable in a court of law. Vy, - r.r>id 11201._ S '_ T`a1 ONLY. 25X1A i' Approved For Release 2002/t Mb$--:tIA-RDP94B01041R000300100010-5  Approved For Release 2002/01 8 ,q^-RDP94B01041 Ri1a9300100010-5 5. While there is no specific statute or directive which would prohibit the DCI form cancelling contracts, there is also no statute or directive which would empower him to do so. ~1""NDLU V! co 7R ol_. SYSTEM ONL- 25X1A 25X1A Approved For Release 2002/01/08 : CIA-RDP94BOl041 R000300100010-5  } Approved For Ruse 2002M>. IA-RDP94B01041 X300100010-5 SOURCES CHECKS 1. National Security Act of 1947 as amended See 102 Para (3) . CIA Act of 1949 Executive Order - 11905 18 Feb 76 Executive Orders 10985 10909 10104 11652 5. Espionage Acts Title 18 6. Internal Security Act of 1950 7. White House Memorandum dated 26 Aug 60 establishing T-J-I Security Control System 8. Agreement between Secretary of Defense F DCI on the responsibility ofNR02May62 9. NRP Directive #1 20 Nov 66 10. Agreement for re-organization of NRP 11 Aug 65 11. NRP Security Directive #1 27 Aug 71 12. National Security Council Directive #1 17 Feb 72 13. NSC Directive #6 17 Feb 72 14. NRP Directive #5 5 1967 }iANoL VI CO 7'I ROL :Y:~rCNLS, Approved For Release 2002/01108 1 70A-RDP94B01041 R000300100010-5 25X1A