TITLE 6 - HOMELAND SECURITY

CHAPTER I - DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY

PART 29 - PROTECTED CRITICAL INFRASTRUCTURE INFORMATION

29.5 - Requirements for protection.

  (a) CII shall receive the protections of section 214 of the CII Act of 2002 only when: (1) Such information is voluntarily submitted to the Protected CII Program Manager or the Protected CII Program Manager's designees; (2) The information is submitted for use by DHS for the security of critical infrastructure and protected systems, analysis, warning, interdependency study, recovery, reconstitution, or other informational purposes including, without limitation, the identification, analysis, prevention, preemption, and/or disruption of terrorist threats to our homeland, as evidenced below; (3) The information is accompanied by an express statement as follows: (i) In the case of written information or records, through a written marking on the information or records substantially similar to the following: This information is voluntarily submitted to the Federal government in expectation of protection from disclosure as provided by the provisions of the Critical Infrastructure Information Act of 2002; or (ii) In the case of oral information, within fifteen calendar days of the oral submission, through a written statement comparable to the one specified above, and a certification as specified below, accompanied by a written or otherwise tangible version of the oral information initially provided; and (4) The submitted information additionally is accompanied by a statement, signed by the submitting entity, certifying essentially to the following on behalf of the named entity: (i) The submitter is voluntarily providing the information for the purposes of the CII Act of 2002; (ii) The information being submitted is not being submitted in lieu of independent compliance with a Federal legal requirement; (iii) The information is or is not required to be submitted to a Federal agency. If the information is required to be submitted to a Federal agency, the submitter shall identify the Federal agency requiring submission and the legal authority that mandates the submission; and (iv) The information is of a type not customarily in the public domain.

  (b) Information that is not submitted to the Protected CII Program Manager or the Protected CII Program Manager's designees will not qualify for protection under the CII Act of 2002. Any DHS component other than the IAIP Directorate that receives information with a request for protection under the CII Act of 2002, shall immediately forward the information to the Protected CII Program Manager. Only the Protected CII Program Manager or the Protected CII Program Manager's designees are authorized to acknowledge receipt and validate Protected CII pursuant to 29.6(a).

  (c) Federal agencies and DHS components other than the IAIP Directorate shall maintain information as protected by the provisions of the CII Act of 2002 when that information is provided to the agency or component by the Protected CII Program Manager or the Protected CII Program Manager's designees and is marked as required in 29.6(c).

  (d) All submissions seeking Protected CII status shall be regarded as submitted with the presumption of good faith on the part of the submitter.

  (e) Submissions must affirm the understanding of the submitter that any false representations on such submissions may constitute a violation of 18 U.S.C. 1001 and are punishable by fine and imprisonment.