[House Report 106-1035] [From the U.S. Government Publishing Office] 106th Congress Rept. 106-1035 HOUSE OF REPRESENTATIVES 2d Session Part 1 _______________________________________________________________________ NUCLEAR SECRETS SAFETY ACT OF 2000 __________ R E P O R T OF THE COMMITTEE ON ARMED SERVICES HOUSE OF REPRESENTATIVES ON H.R. 4737 [Including cost estimate of the Congressional Budget Office]December 15, 2000.--Committed to the Committee of the Whole House on the State of the Union and ordered to be printed __________ U.S. GOVERNMENT PRINTING OFFICE 89-006 WASHINGTON : 2000 HOUSE COMMITTEE ON ARMED SERVICES One Hundred Sixth Congress FLOYD D. SPENCE, South Carolina, Chairman BOB STUMP, Arizona IKE SKELTON, Missouri DUNCAN HUNTER, California NORMAN SISISKY, Virginia JOHN R. KASICH, Ohio JOHN M. SPRATT, Jr., South HERBERT H. BATEMAN, Virginia Carolina JAMES V. HANSEN, Utah SOLOMON P. ORTIZ, Texas CURT WELDON, Pennsylvania OWEN PICKETT, Virginia JOEL HEFLEY, Colorado LANE EVANS, Illinois JIM SAXTON, New Jersey GENE TAYLOR, Mississippi STEVE BUYER, Indiana NEIL ABERCROMBIE, Hawaii TILLIE K. FOWLER, Florida MARTIN T. MEEHAN, Massachusetts JOHN M. McHUGH, New York ROBERT A. UNDERWOOD, Guam JAMES TALENT, Missouri PATRICK J. KENNEDY, Rhode Island TERRY EVERETT, Alabama ROD R. BLAGOJEVICH, Illinois ROSCOE G. BARTLETT, Maryland SILVESTRE REYES, Texas HOWARD ``BUCK'' McKEON, California TOM ALLEN, Maine J.C. WATTS, Jr., Oklahoma VIC SNYDER, Arkansas MAC THORNBERRY, Texas JIM TURNER, Texas JOHN N. HOSTETTLER, Indiana ADAM SMITH, Washington SAXBY CHAMBLISS, Georgia LORETTA SANCHEZ, California VAN HILLEARY, Tennessee JAMES H. MALONEY, Connecticut JOE SCARBOROUGH, Florida MIKE McINTYRE, North Carolina WALTER B. JONES, Jr., North CIRO D. RODRIGUEZ, Texas Carolina CYNTHIA A. McKINNEY, Georgia LINDSEY GRAHAM, South Carolina ELLEN O. TAUSCHER, California JIM RYUN, Kansas ROBERT BRADY, Pennsylvania BOB RILEY, Alabama ROBERT E. ANDREWS, New Jersey JIM GIBBONS, Nevada BARON P. HILL, Indiana MARY BONO, California MIKE THOMPSON, California JOSEPH PITTS, Pennsylvania JOHN B. LARSON, Connecticut ROBIN HAYES, North Carolina STEVEN KUYKENDALL, California DONALD SHERWOOD, Pennsylvania Robert S. Rangel, Staff Director C O N T E N T S ---------- Page Purpose and Background........................................... 2 Legislative History.............................................. 4 Section-by-Section Analysis...................................... 4 Section 1--Short Title......................................... 4 Section 2--Inventory of Restricted Data at National Security Laboratories................................................. 4 Section 3--Increased Security for Vaults at National Security Laboratories................................................. 4 Section 4--Use of Electronic Locks for Classified Areas and Classified Information of National Security Administration... 5 Committee Position............................................... 5 Fiscal Data...................................................... 5 Congressional Budget Office Estimate........................... 5 Committee Cost Estimate........................................ 7 Oversight Findings............................................... 7 Constitutional Authority Statement............................... 7 Statement of Federal Mandates.................................... 7 Record Vote...................................................... 7 Changes in Existing Law Made by the Bill, as Reported............ 9 106th Congress Rept. 106-1035 HOUSE OF REPRESENTATIVES 2d Session Part 1 ====================================================================== NUCLEAR SECRETS SAFETY ACT OF 2000 _______ December 15, 2000.--Ordered to be printed _______ Mr. Spence, from the Committee on Armed Services, submitted the following R E P O R T [To accompany H.R. 4737] [Including cost estimate of the Congressional Budget Office] The Committee on Armed Services, to whom was referred the bill (H.R. 4737) to require an inventory of documents and devices containing Restricted Data at the national security laboratories of the Department of Energy, to improve security procedures for access to the vaults containing Restricted Data at those laboratories, and for other purposes, having considered the same, report favorably thereon with amendments and recommend that the bill as amended do pass. The amendments are as follows: Strike out all after the enacting clause and insert in lieu thereof the following: SECTION 1. SHORT TITLE. This Act may be cited as the ``Nuclear Secrets Safety Act of 2000''. SEC. 2. INVENTORY OF RESTRICTED DATA AT NATIONAL SECURITY LABORATORIES. (a) Inventory Required.--Not later than 90 days after the date of the enactment of this Act, the Administrator for Nuclear Security shall conduct an inventory of each document or device at each national security laboratory that contains Restricted Data and shall submit to the Committee on Armed Services of the Senate and the Committee on Armed Services of the House of Representatives a report containing the results of that inventory. (b) Definitions.--For purposes of this section: (1) The term ``national security laboratory'' has the meaning given such term in section 3281 of the National Nuclear Security Administration Act (50 U.S.C. 2471). (2) The term ``Restricted Data'' has the meaning given such term in paragraphs (1) and (2) of section 11 y. of the Atomic Energy Act of 1954 (42 U.S.C. 2014(y)). SEC. 3. INCREASED SECURITY FOR VAULTS AT NATIONAL SECURITY LABORATORIES. (a) Access to Vaults.--(1) Section 3234 of the National Nuclear Security Administration Act (50 U.S.C. 2424) is amended-- (A) by striking ``The Administrator'' and inserting ``(a) Procedures Required.--The Administrator''; and (B) by adding at the end the following new subsection: ``(b) Access to Vaults at National Security Laboratories.--With respect to any vault containing Restricted Data at any national security laboratory, the procedures shall, at a minimum, provide that an individual shall not have unrestricted access to any such vault except in accordance with the following requirements: ``(1) Before each such access, the identity of the individual is verified by-- ``(A) an attendant through direct visual observation; ``(B) biometric technology; or ``(C) other means providing a high confidence level in verifying the identity of the individual. ``(2) For each such access, a permanent record of such access is maintained. ``(c) Change of Lock Combinations to Vaults at National Security Laboratories.--The Administrator shall ensure, for each vault containing Restricted Data at each national security laboratory, that the combination of each lock to such vault is changed not later than-- ``(1) one week after each removal of an individual from the list of individuals permitted access to such vault; and ``(2) 12 months after the date on which the combination was last changed.''. (2) The requirements of subsection (b) of section 3234 of such Act (as added by paragraph (1)) shall apply to each access referred to in that subsection that occurs after the expiration of the 24-hour period beginning upon the enactment of this Act. (3) The Administrator for Nuclear Security shall ensure, for each vault containing Restricted Data at each national security laboratory, that the combination of each lock to such vault is changed not later than 30 days after the date of the enactment of this Act. (b) Report on NNSA Polygraph Policy.--(1) Not later than 90 days after the date of the enactment of this Act, the Administrator for Nuclear Security shall submit to the Committee on Armed Services of the Senate and the Committee on Armed Services of the House of Representatives a report on the policy recommendations of the Adminstrator regarding the use of counterintelligence polygraph examinations within the National Nuclear Security Administration. The report shall contain the recommendations of the Administrator as to what the policy of the Administration should be regarding-- (A) the use of such examinations generally as a prerequisite to access (restricted or unrestricted) to Restricted Data; and (B) the use of such examinations as a prerequisite to access (restricted or unrestricted) to vaults containing Restricted Data. (2) For purposes of this section, the term ``Restricted Data'' has the meaning given such term in paragraphs (1) and (2) of section 11 y. of the Atomic Energy Act of 1954 (42 U.S.C. 2014(y)). SEC. 4. USE OF ELECTRONIC LOCKS FOR CLASSIFIED AREAS AND CLASSIFIED INFORMATION OF NATIONAL NUCLEAR SECURITY ADMINISTRATION. Section 3234 of the National Nuclear Security Administration Act (50 U.S.C. 2424), as amended by section 3 of this Act, is further amended by adding at the end the following new subsection: ``(d) Electronic Locks Required.--The Administrator shall ensure that, after October 1, 2002, each lock used by the Administration to secure any vault, safe, or other container used to store Restricted Data is an electronic lock that meets or exceeds the FF-L-2740A lock standard of the General Services Administration, as in effect on the date of the enactment of the Nuclear Secrets Safety Act of 2000.''. Amend the title so as to read: A bill to require an inventory of documents and devices containing Restricted Data at the national security laboratories of the National Nuclear Security Administration, to improve security procedures for access to the vaults containing Restricted Data at those laboratories, and for other purposes. Purpose and Background The purpose of H.R. 4737 is to enhance security controls over the handling of classified nuclear weapons information at the national security laboratories of the National Nuclear Security Administration (NNSA) of the Department of Energy (DOE). As amended by the committee, the bill would require the Administrator for Nuclear Security to conduct an inventory of each document or device containing classified nuclear weapons information and to assess the use of polygraphic examinations as a prerequisite to access to such information. H.R. 4737 would also specify the procedures required to gain access to document storage vaults at the national security laboratories and would establish minimum standards for electronic locks for use in the safeguarding of classified nuclear weapons information. On June 9, 2000, the Committee on Armed Services was notified by the Department of Energy that two computer hard drives containing classified Restricted Data were missing from a classified document storage vault located in the weapons design ``X Division'' at the Los Alamos National Laboratory. The committee notes that Restricted Data is classified information concerning the development, design, manufacture, and use of nuclear weapons. The committee further notes that such information can only be accessed by individuals with specific and appropriate security clearances. The hard drives were designed for use with a portable computer by the Nuclear Emergency Search Team (NEST) for emergency deployments to locate and disarm lost nuclear devices of the United States or other nations, or to disarm potential terrorist-produced nuclear devices. The hard drive contained classified nuclear weapon information to aid the NEST team in these emergency situations. The Department of Energy and the Federal Bureau of Investigation (FBI) conducted searches to locate the hard drives and to determine which laboratory staff members had access to the devices. The FBI also began to administer polygraphic examinations to members of the NEST team to determine the disposition of the hard drives. On June 14, 2000 the Committee on Armed Services held a hearing to examine the security failure at Los Alamos National Laboratory and to assess security policies and procedures of the national security laboratories in the handling of classified nuclear weapons information. The committee determined that 26 members of the NEST team had unrestricted, 24-hour access to the document storage vault where the hard drives and their computers were stored. Information supplied by the Department of Energy indicated that the hard drives could be removed by cleared individuals without a ``sign out'' because the hard drives were classified as Secret-level Restricted Data and that existing DOE security policies and procedures did not require specific accountability over individual Secret-level documents or devices, including for those documents or devices containing Restricted Data relating to nuclear weapons. As a result of these security policies and procedures, there was no record of when, or by whom, the hard drives were removed from the classified storage vaults. In addition, the committee further determined that Secret-level Restricted Data held by the Department of Energy is not subject to regular inventory procedures and that changes in lock combinations and other routine security procedures for the handling of classified information had not been effectively implemented. Notwithstanding the recovery of the two hard drives by staff of the Department of Energy from behind a photocopier within the ``X Division'' on June 16, 2000, the committee believes that significant enhancements of basic security policies and procedures in the handling of classified nuclear weapons information by the Department of Energy is warranted. Legislative History H.R. 4737 was introduced on June 23, 2000 and referred to the Committee on Armed Services. On June 28, 2000, the Committee held a markup session to consider H.R. 4737. The committee adopted an amendment in the nature of a substitute by a voice vote. The amended version of the bill was reported favorably by a voice vote. Section-by-Section Analysis The following is a section-by-section analysis of the amendment in the nature of a substitute adopted by the committee. SECTION 1--SHORT TITLE This section would cite the Act as the ``Nuclear Secrets Safety Act of 2000.'' SECTION 2--INVENTORY OF RESTRICTED DATA AT NATIONAL SECURITY LABORATORIES This section would require the Administrator for Nuclear Security to conduct an inventory of each document or device at each national security laboratory that contains Restricted Data not later than ninety days after the date of enactment of this Act. This section would also require the Administrator to submit a report containing the results of that inventory to the Senate Armed Services Committee and the House Armed Services Committee. SECTION 3--INCREASED SECURITY FOR VAULTS AT NATIONAL SECURITY LABORATORIES This section would amend section 2424 of title 50, United States Code, to require the Administrator for Nuclear Security to ensure that procedures governing access to any vault containing Restricted Data at any national security laboratory shall require that the identity of an individual with unrestricted access to any such vault be verified by an attendant through direct visual observation, biometric technology, or other means that would provide a high confidence level in verifying the identity of the individual and thata permanent record of such access be maintained. This section would also require the Administrator to ensure that changes of lock combinations to vaults at national security laboratories are changed within certain specified time limits. This section would further require the Administrator to assess the use of polygraphic examinations as a prerequisite to restricted or unrestricted access to Restricted Data or vaults containing such data. The Administrator shall submit his report, and any recommendation, to the Senate Armed Services Committee and the House Armed Services Committee not later than ninety days after the date of enactment of this Act. SECTION 4--USE OF ELECTRONIC LOCKS FOR CLASSIFIED AREAS AND CLASSIFIED INFORMATION OF NATIONAL NUCLEAR SECURITY ADMINISTRATION This section would amend section 2424 of title 50, United States Code, to require the Administrator for Nuclear Security to ensure that, after October 1, 2002, each lock used by the National Nuclear Security Administration to secure any vault, safe, or other container used to store Restricted Data is an electronic lock that meets or exceeds certain specified lock standards of the General Services Administration. Committee Position On June 28, 2000, the Committee on Armed Services, a quorum being present, approved H.R. 4737, as amended, by a voice vote. Fiscal Data Pursuant to clause 3(d)(2)(A) of rule XIII of the Rules of the House of Representatives, the committee attempted to ascertain annual outlays resulting from the bill during fiscal year 2001 and the four following fiscal years. The results of such efforts are reflected in the cost estimate prepared by the Director of the Congressional Budget Office under section 402 of the Congressional Budget Act of 1974, which is included in this report pursuant to clause 3(c)(3) of rule XIII of the Rules of the House. CONGRESSIONAL BUDGET OFFICE ESTIMATE In compliance with clause 3(c)(3) of rule XIII of the Rules of the House of Representatives, the cost estimate prepared by the Congressional Budget Office and submitted pursuant to section 402(a) of the Congressional Budget Act of 1974 is as follows: U.S. Congress, Congressional Budget Office, Washington, DC, July 10, 2000. Hon. Floyd Spence, Chairman, Committee on Armed Services, House of Representatives, Washington, DC. Dear Mr. Chairman: The Congressional Budget Office has prepared the enclosed cost estimate for H.R. 4737, the Nuclear Secrets Safety Act. If you wish further details on this estimate, we will be pleased to provide them. The CBO staff contact is Matthew A. Schmit. Sincerely, Dan L. Crippen, Director. H.R. 4737--Nuclear Secrets Safety Act H.R. 4737 would require the Department of Energy to take an inventory of all restricted material at its national security laboratories (Los Alamos, Sandia, and Lawrence Livermore) and would require measures to further control access to this material. These measures include biological identification devices for restricted vaults and electronic locks for all safes. CBO estimates that implementing the bill would cost about $28 million over the 2001-2003 period, assuming appropriation of the necessary funds. Because H.R. 4737 would not affect direct spending or receipts, pay-as-you-go procedures would not apply. H.R. 4737 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act (UMRA). Public universities that contract with the National Nuclear Security Administration (NNSA) would incur additional costs as a result of this legislation, but those costs would be covered through their contractual agreements with the federal government. Estimated cost to the Federal Government: The estimated budgetary impact of H.R. 4737 is shown in the following table. The costs of this legislation fall within budget function 050 (national defense). Basis of estimate: CBO estimates that implementing H.R. 4737 would cost $28 million, assuming appropriation of the necessary amounts. Of that total, $25 million would stem from the inventory of restricted material and $3 million would result from the purchase and installation of biological identification devices on restricted vaults. CBO estimates no incremental cost from installing electronic locks because that is being done under current law. ---------------------------------------------------------------------------------------------------------------- By fiscal year, in millions of dollars ----------------------------------------------------- 2000 2001 2002 2003 2004 2005 ---------------------------------------------------------------------------------------------------------------- SPENDING SUBJECT TO APPROPRIATION Spending under current law for NNSA weapons activities: Estimated authorization level \1\..................... 4,427 4,427 4,427 4,427 4,427 4,427 Estimated outlays..................................... 4,250 4,506 4,427 4,427 4,427 4,427 Proposed changes: Estimated authorization level......................... 0 28 0 0 0 0 Estimated outlays..................................... 0 18 9 1 0 0 Spending under H.R. 4737 for NNSA weapons activities: Estimated authorization level......................... 4,427 4,455 4,427 4,427 4,427 4,427 Estimated outlays..................................... 4,250 4,524 4,436 4,428 4,427 4,427 ---------------------------------------------------------------------------------------------------------------- \1\ The 2000 level is the amount appropriated for that year. The current-law amounts for 2001 through 2005 assume that appropriations remain at the 2000 level. If they are adjusted for inflation the base amounts would rise by about $110 million a year, but the estimated changes would remain as shown under ``Proposed Changes.'' The estimated cost of taking an inventory of restricted material is based on information from the three national security laboratories. An inventory of this scope is not a routine procedure at the national security laboratories, and extra personnel would be required to complete it. The inventory would cover approximately 8.5 million documents in 4,300 repositories. Information from the labs indicate that costs would range from $4,500 to $8,000 to inventory each repository. CBO assumes the average cost per repository would be about $6,000. CBO expects that installing biological identification devices on restricted vaults would cost--on average-- approximately $5,000 per vault, based on information from the laboratories and the General Services Administration. This cost might vary widely depending on the need for integration into existing security systems and the total size of the network. CBO expects that such devices would be installed on about 540 vaults. Pay-as-you-go considerations: None. Intergovernmental and private-sector impact: H.R. 4737 contains no intergovernmental or private-sector mandates as defined in UMRA. Public universities that contract with the NNSA would incur additional costs as a result of this legislation, but those costs would be covered through their contractual agreements with the federal government. Estimate prepared by: Federal costs: Matthew A. Schmit. Impact on State, local, and tribal governments: Leo Lex. Impact on the private sector: R. William Thomas. Estimate approved by: Peter H. Fontaine, Deputy Assistant Director for Budget Analysis. COMMITTEE COST ESTIMATE Pursuant to clause 3(d) of rule XIII of the Rules of the House of Representatives, the committee generally concurs with the estimate contained in the report of the Congressional Budget Office. Oversight Findings With respect to clause 3(c)(1) of rule XIII of the Rules of the House of Representatives, this legislation results from hearings and other oversight activities conducted by the committee pursuant to clause 2(b)(1) of rule X. With respect to clause 3(c)(2) of rule XIII of the Rules of the House of Representatives and section 308(a)(1) of the Congressional Budget Act of 1974, this legislation does not include any new spending or credit authority, nor does it provide for any increase or decrease in tax revenues or expenditures. The fiscal features of this legislation are addressed in the estimate prepared by the Director of the Congressional Budget Office under section 402 of the Congressional Budget Act of 1974. With respect to clause 3(c)(4) of rule XIII of the Rules of the House of Representatives, the committee has not received a report from the Committee on Government Reform and Oversight pertaining to the subject matter of H.R. 4737. Constitutional Authority Statement Pursuant to clause 3(d)(1) of rule XIII of the Rules of the House of Representatives, the committee finds the authority for this legislation in Article I, section 8 of the United States Constitution. Statement of Federal Mandates Pursuant to section 423 of Public Law 104-4, this legislation contains no Federal mandates with respect to state, local, and tribal governments, nor with respect to the private sector. Similarly, the bill provides no unfunded Federal intergovernmental mandates. Record Vote In accordance with clause 3(b) of rule XIII of the Rules of the House of Representatives, a record vote was taken with respect to the committee's consideration of an amendment offered by Mr. Abercrombie. The record of this vote can be found on the following page. The committee ordered H.R. 4737, as amended, reported to the House with a favorable recommendation by a voice vote, a quorum being present.
Changes in Existing Law Made by the Bill, as Reported In compliance with clause 3(e) of rule XIII of the Rules of the House of Representatives, changes in existing law made by the bill, as reported, are shown as follows (existing law proposed to be omitted is enclosed in black brackets, new matter is printed in italic, existing law in which no change is proposed is shown in roman): SECTION 3234 OF THE NATIONAL NUCLEAR SECURITY ADMINISTRATION ACT SEC. 3234. PROCEDURES RELATING TO ACCESS BY INDIVIDUALS TO CLASSIFIED AREAS AND INFORMATION OF ADMINISTRATION. [The Administrator] (a) Procedures Required.--The Administrator shall establish appropriate procedures to ensure that any individual is not permitted unescorted access to any classified area, or access to classified information, of the Administration until that individual has been verified to hold the appropriate security clearances. (b) Access to Vaults at National Security Laboratories.--With respect to any vault containing Restricted Data at any national security laboratory, the procedures shall, at a minimum, provide that an individual shall not have unrestricted access to any such vault except in accordance with the following requirements: (1) Before each such access, the identity of the individual is verified by-- (A) an attendant through direct visual observation; (B) biometric technology; or (C) other means providing a high confidence level in verifying the identity of the individual. (2) For each such access, a permanent record of such access is maintained. (c) Change of Lock Combinations to Vaults at National Security Laboratories.--The Administrator shall ensure, for each vault containing Restricted Data at each national security laboratory, that the combination of each lock to such vault is changed not later than-- (1) one week after each removal of an individual from the list of individuals permitted access to such vault; and (2) 12 months after the date on which the combination was last changed. (d) Electronic Locks Required.--The Administrator shall ensure that, after October 1, 2002, each lock used by the Administration to secure any vault, safe, or other container used to store Restricted Data is an electronic lock that meets or exceeds the FF-L-2740A lock standard of the General Services Administration, as in effect on the date of the enactment of the Nuclear Secrets Safety Act of 2000.