12 FAM 260 COUNTERINTELLIGENCE

UNCLASSIFIED (U)

12 FAM 260

COUNTERINTELLIGENCE

(CT:DS-425; 05-08-2024)
(Office of Origin: DS/DO/ICI)

(CT:DS-425; 05-08-2024)

The terms used herein are defined as follows:

(1) Aberrant Behavior: Actions or activities deviating from acceptable norms and potentially harmful to the individual in question, others, or both;

(2) Bonds of Affection: A bond which involves a particular person who is not interchangeable with anyone else or a relationship that is emotionally significant. The individual wishes to maintain proximity or contact with the person with whom he or she has an affectional tie;

(3) Criminal Misconduct: Violations of criminal law, whether or not prosecuted or detected by law enforcement. Information of significance may include reliable information calling into question a person’s ability or willingness to comply with laws, rules, and regulations; a pattern of minor offenses which in combination or a single serious offense that cast doubt on the individual’s judgment, reliability, or trustworthiness; and/or credible allegations, admissions, matters of record, or evidence of criminal offenses regardless of arrest, prosecution, or conviction;

(4) Drug or Alcohol Abuse: Use of illegal substances, habitual use or misuse of controlled substances or alcohol;

(5) Employee: U.S. government direct hire, unless specifically noted to include contractor and/or locally employed staff;

(6) Foreign Intelligence Entity (FIE): Known or suspected foreign state or non-state organizations or persons that conduct intelligence activities to acquire U.S. information, block or impair U.S. intelligence collection, influence U.S. policy, or disrupt U.S. systems and programs. The term includes foreign intelligence and security services and foreign terrorist organizations (FTO).

(7) Financial or Fiscal Management Irresponsibility: Being financially irresponsible means someone who lives far above their means, unnecessarily borrows money from others, does not have any savings or investments, and demonstrates disregard for their financial position;

(8) Immediate Family Member: Parents, siblings, children, custodial caregiver, and member of household, whether related biologically, through adoption, or by marriage;

(9) Family ties: An individual who is related to others by law, blood, marriage, or adoption, and shares a close personal connection, typically within a household or extended family unit;

(10) Investigative file: The investigative file refers to the employee’s or applicant’s “security file”. The term “investigative file” may include other files or reports maintained by the Department, such as a report of a criminal, misconduct, or counterintelligence investigation;

(11) Military Armed Forces: The combined military, naval, and air forces of a nation;

(12) Misconduct: Unacceptable or improper behavior; mismanagement of responsibilities (see 3 FAM 4370 and 4540);

(13) Ministry of Foreign Affairs: The government department or entity responsible for a country's foreign policy and relations, diplomacy, bilateral, and multilateral relations affairs as well as for providing support for a country's citizens who are abroad;

(14) National Security Eligibility: Eligibility for access to classified information or eligibility to hold a sensitive position, to include access to sensitive compartmented information, restricted data, and controlled or special access program information;

(15) Permanent Change of Station (PCS): Change of official duty station;

(16) Personnel: U.S. government direct hire employee, third party contractor, or personal services contractor;

(17) Personnel File: The Department official personnel file which serves as the repository for conduct and performance-related documents for employees;

(18) Police Service: Civil force of a national or local government, responsible for the prevention and detection of crime and the maintenance of public order;

(19) Professional Ethics: Personal and corporate standards of behavior expected of professionals. Standards set by professional organizations for the behavior and values of people working within a specific field;

(20) Romantic Involvement: Marriage, relationship, or interaction between individuals involving casual or serious dating, sexual contact, intimacy, personal affection, emotional attachment, or cohabitation;

(21) Assignment Security Appeals Panel (A-SAP): A high level panel responsible for reviewing appeals from assignment restrictions and assignment reviews, consistent with Part 5 of E.O. 12968; and Department of State Authorization Act of 2023, Div. F, Section 6115, Pub. L. No. 118-31. See 12 FAM 234 for procedures for Security Appeals Panel review of assignment restrictions and security clearance denials and revocations;

(22) Security Practices: Methods and tools employed to ensure the integrity of or protect personnel, information, property, and infrastructure from harm or compromise;

(23) Sensitive Position: Any position within or in support of an agency in which the occupant could bring about, by virtue of the nature of the position, a material adverse effect on the national security regardless of whether the occupant has access to classified information, and regardless of whether the occupant is an employee, military service member, or contractor;

(24) Target of Interest: Individuals deemed of sufficient value warranting observation, monitoring, or engagement;

(25) Temporary Duty: A place, away from a personnel’s official duty station, where the personnel is authorized to travel;

(26) Unauthorized Disclosure: The compromise of classified or administratively controlled information to another person who is not authorized to receive such information; and

(27) Whole Person Concept: A careful balance of a number of variables in an individual's life to determine whether that individual's circumstances raise a security concern, if at all, and whether that concern has been mitigated such that the individual may receive a favorable determination. This Whole-Person Concept evaluation focuses on whether the individual, even with security concerns, is an acceptable security risk. In other words, no single issue should automatically disqualify an applicant for a security clearance or assignment. If mitigating factors are present, they should be considered to determine the quality of the overall character content of an applicant.

12 FAM 261.2 Program Implementation

(CT:DS-425; 05-08-2024)

a. The Department’s counterintelligence (CI) program is defensive in nature. Its purpose is to deter, detect, defend, and disrupt the threats posed by hostile FIE against U.S. diplomatic personnel, facilities, equipment, and information. The Department's CI programs, under Secretary of State security responsibilities and consistent with the President’s Letter of Instruction (PLOI) to Chiefs of Mission, support all United States Government missions abroad (other than facilities or installations subject to the control of a United States area military commander), and the U.S. government personnel and their accompanying eligible family members, with limited exceptions.

b. The Office of Counterintelligence (DS/DO/CI) is responsible for the implementation of all CI programs, which the Bureau of Diplomatic Security (DS) coordinates with the Bureau of Intelligence and Research (INR) and other members of the U.S. Intelligence Community. DS/DO/CI conducts CI investigations (see 1 FAM 262.4-1) and implements the programs described in this subchapter.

12 FAM 261.3 Authority

(CT:DS-425; 05-08-2024)

a. The Omnibus Diplomatic Security and Antiterrorism Act of 1986, Public Law 99-399, Section 103, authorizes the Secretary of State to develop and implement policies and programs that provide for the security of U.S. Government operations of a diplomatic nature, and foreign government operations of a diplomatic nature in the United States. This mission includes consultation with Federal agencies having personnel under COM authority.

b. The Secretary of State is authorized to develop and implement a special personnel security program for the Department’s employees who are responsible for security at diplomatic and consular posts in high-intelligence threat countries in accordance with Public Law 100-204, Section 155(a).

c. Presidential Decision Directive of August 5, 1993, entitled, “Security Awareness and Reporting of Foreign Contacts” (PDD/NSC-12).

d. E.O. 13467, as amended, provides that the appointment or retention of each individual in the Federal government is subject to an investigation to determine whether the Federal service of the person being investigated is clearly consistent with the interests of the national security. The scope of the investigation is determined in the first instance according to the degree of material adverse effect the occupant of the position sought to be filled could bring about, by virtue of the nature of the position, on the national security.

e. 5 U.S.C. 301 authorizes heads of agencies to prescribe regulations regarding the conduct of employees.

f. 22 U.S.C. 2651a gives the Secretary of State authority to prescribe regulations relating to duties, functions, and obligations of the Department’s employees (see 3 FAM, Personnel).

g. E.O. 12968 establishes a uniform Federal personnel security program for employees who will be considered for initial or continued access to classified information.

h. Security Executive Agent Directive (SEAD) Directive 3 (SEAD-3), “Reporting Requirements for Personnel with Access to Classified Information or Who Hold a Sensitive Position, dated December 14, 2016, effective date June 12, 2017.

12 FAM 261.4 Counterintelligence Working Groups

(CT:DS-425; 05-08-2024)

a. Counterintelligence working groups (CIWGs) review post-specific CI issues on a periodic basis and are chaired by the deputy chief of mission (DCM). DS/DO/CI provides guidance and advice, as necessary, to post CIWGs that perform the following functions:

(1) Evaluate human intelligence (HUMINT) and technical threats posed by host government and/or foreign intelligence services;

(2) Determine the level of vulnerability of existing personnel and facilities;

(3) Take appropriate actions to counter an identified threat;

(4) Monitor the effectiveness of existing CI plans, programs, and practices; and

(5) Coordinate all post CI programs.

b. See 12 FAH-6, Overseas Security Policy Board (OSPB) Security Standards and Policy Handbook, for CIWG reporting requirements and meeting frequencies. A report of issues addressed at each meeting is submitted to DS/DO/CI

12 FAM 261.5 Counterintelligence Surveys

(CT:DS-425; 05-08-2024)

a. DS/DO/CI performs CI surveys at posts identified in the Department’s Security Environment Threat List (SETL) as having a critical or high HUMINT threat (the SETL is available on the classified network via links on the Department’s Web site). Although surveys are intended for only critical and high HUMINT threat posts, any regional security officer (RSO) may request that DS/DO/CI perform a CI survey based on a changing threat environment.

b. CI surveys provide:

(1) An analysis of the HUMINT threat at the post;

(2) An evaluation of the effectiveness of existing post countermeasures; and

(3) Recommendations for improving those countermeasures.

12 FAM 262 SECURITY AWARENESS AND CONTACT REPORTING

12 FAM 262.1 Policy

(CT:DS-425; 05-08-2024)

a. The Department’s regulations have long required employees to report contacts with nationals of certain countries, due to both intelligence and terrorism concerns. Presidential Decision Directive/NSC-12 issued specific instructions and mandated that all U.S. Government agencies implement similar programs. The procedures listed in 12 FAM 262.1, paragraph b meet the President’s requirement that those who serve in America’s most sensitive jobs work with security offices to guard against illegal or unauthorized access to classified or otherwise sensitive information.

b. All employees and contractors must report:

(1) Unofficial contact with a national from a country with critical HUMINT threat posts listed on the Department’s SETL if the employee and/or critical threat foreign national suggest, agree to, or actually have a second meeting after an initial encounter;

(2) Contact and/or association with a person or organization whom the employee knows or suspects advocate the unlawful overthrow of the U.S. Government;

(3) Contact and/or association with a person whom the employee knows or suspects is a member or supporter of foreign terrorist organizations (FTOs), as designated by the Secretary of State (this list is available on the Foreign Terrorist Organizations page).

(4) Unofficial contact with a person whom the employee knows or suspects is a member of a foreign intelligence agency, regardless of nationality;

(5) Illegal or unauthorized access that is sought to classified or otherwise sensitive information; or

(6) The employee’s concern that he or she may be the target of actual or attempted exploitation by a foreign entity.

c. This policy is not intended to limit or impair professional or personal contacts. Its purpose is to protect the security of the United States and its employees while ensuring the privacy of employees and their freedom of association. Further, this policy seeks to ensure that security risks to persons or to the U.S. Government are identified at the earliest possible opportunity and deterred, and that protective steps are taken to avoid compromise of U.S. personnel and national security interests. Employees are considered partners in the management of this regulation.

d. The term “contact” means all manner of personal or impersonal communication and includes, but is not limited to, written, telephonic, electronic mail, text messaging, chat room discussion or other social media, facsimile, wire, and/or amateur radio.

12 FAM 262.1-1 Application

(CT:DS-154; 04-12-2010)

These regulations apply abroad to all U.S. citizen employees of the U.S. Government, civilian or military, whether permanently assigned or sent abroad on a temporary duty (TDY) basis, who are under COM authority, as well as Department employees on the staffs of international organizations. In addition, these regulations apply abroad to contractors of the U.S. Government. Domestically, these regulations apply to all employees and contractors of the Department. These regulations do not apply domestically to employees or contractors of U.S. Government agencies other than the Department.

12 FAM 262.1-2 Legal Authorities

(CT:DS-154; 04-12-2010)

a. Title I of Public Law 99-399, the Omnibus Diplomatic Security and Antiterrorism Act of 1986, as amended, codified at 22 U.S.C. 4801 et seq.

b. Presidential Decision Directive of August 5, 1993, entitled, “Security Awareness and Reporting of Foreign Contacts” (PDD/NSC-12).

12 FAM 262.1-3 Implementation

(CT:DS-424; 04-17-2024)

The Office of Counterintelligence (DS/DO/CI) is responsible for administering this program domestically for the Department and abroad through RSOs.

12 FAM 262.2 Security Awareness and Counseling

(CT:DS-424; 04-17-2024)

a. The regional security officer (RSO) or the post security officer (PSO) must give an arrival briefing to all employees and contractors assigned to the post on a permanent change of station. The briefing must include information on CI issues of concern at the post and contact reporting responsibilities, to include a listing of all current critical HUMINT threat posts and information on where to find the SETL on the Department’s classified network. The RSO or PSO must brief TDY personnel on contact reporting responsibilities and other CI issues, as appropriate, but in every case if the TDY is over 25 days. The RSO or PSO is also available to provide an unclassified brief to adult dependents of employees and contractors on a voluntary basis. (See 12 FAM 263—Counterintelligence Awareness Program.) Domestically, the bureau security officer (BSO) must brief Bureau employees on CI issues.

b. When an employee reports a contact, the RSO abroad and DS/DO/CI domestically must conduct checks to determine if information is available, indicating that the foreign national has a background connected with intelligence gathering. The RSO or DS/DO/CI may, as appropriate, discuss the results of the checks with the employee.

c. The success of this policy is dependent upon the security awareness of each employee and upon each employee’s understanding of and cooperation with its intent. The RSO, PSO, or DS/DO/CI should alert employees to any suspicious activity or approach by individuals of any nationality. At the post, if an employee is unsure about the circumstances of a contact, the employee must discuss the situation with the RSO or PSO, to determine whether filing a report is necessary. In the United States, employees must consult with DS/DO/CI.

12 FAM 262.3 Responsibilities and Procedures

12 FAM 262.3-1 RSO and PSO

(CT:DS-424; 04-17-2024)

a. The RSO or PSO must brief all mission employees, TDY employees, and contractors about the contact reporting policy and obtain their signatures on an Acknowledgement of Policy Format (see 12 FAM Exhibit 262.3-1).

b. When Foreign Contact Report forms are filed by employees at the post, RSOs or PSOs must review and evaluate the reported information and discuss the contact with the employee, providing counseling, as appropriate. The contact reports are automatically forwarded to DS/DO/CI for additional vetting and processing. The RSO or PSO must promptly report any facts or circumstances of a reported contact with individuals of any nationality to DS/DO/CI and the employee’s parent agency if they appear to:

(1) Indicate an attempt, intention, or reasonable potential to obtain unauthorized access to classified, sensitive, or proprietary information or technology; or

(2) Indicate the possibility that the employee is being targeted for development by a foreign entity or agent of a foreign entity.

12 FAM 262.3-2 Employee Responsibility

(CT:DS-424; 04-17-2024)

a. Employees and contractors must familiarize themselves with posts listed as critical for HUMINT threat on the SETL at least annually.

b. Employees and contractors must immediately report any contacts with individuals of any nationality under circumstances referred to in 12 FAM 262.1, paragraph b. In general, employee reporting should occur within one business day after such contact has occurred. If unable to report within this time frame, or unsure about the need to report at all, employees at post should notify the RSO or PSO as soon as practicable. If the RSO/PSO is unavailable, notify the DCM. Domestically, employees must promptly notify either DS/DO/CI or the security office of their parent agency, as appropriate.

c. Employees to whom these regulations apply must use Form DS-1887, Foreign Contact Report (available on E-Forms), to report all contacts for which reports are required under 12 FAM 262.1, paragraph b. If the official duty station is a U.S. mission abroad, the report must be submitted to either the RSO or PSO. If the official duty station is in the United States, employees and contractors of the Department must send the Foreign Contact Report to DS/DO/CI. Form DS-1887 is encrypted when transmitted and is secure as any online banking transaction an employee may conduct via the Internet. The form will be sent to a DS Special Agent in DS/DO/CI responsible for the employee’s region. A paper copy of Form DS-1887 may be submitted when there is no access to the Department OpenNet.

d. Failure to comply with 12 FAM 262.1, paragraph b, Policy, for any reason may initiate a DS review of the circumstances leading to the non-compliance. DS will determine whether, considering all facts available upon receipt of the initial information, it is in the interests of the national security to suspend the employee’s access to classified information on an interim basis until sufficient information is available to determine whether access to classified information will be reinstated or the employee’s clearance will be revoked. DS may also refer such cases to the Bureau of Human Resource’s Office of Employee Relations (GTM/ER) for the appropriate administrative action, as required.

12 FAM 262.3-3 Post Discretion

(CT:DS-154; 04-12-2010)

Posts may establish additional procedures to suit their particular security situations. Before adopting any additional procedures, the post CIWG should discuss them and then DS, in coordination with the security offices of parent agencies represented at the post, must approve them. All post requirements must be consistent with PDD/NSC-12 and meet the minimum requirements of 12 FAM 262.1, Policy.

12 FAM 262.3-4 Other Agency Discretion

(CT:DS-154; 04-12-2010)

Other than the Department, agencies that are under COM authority may also require their employees under special access programs to follow additional reporting requirements, to the extent that such policies and requirements are consistent with PDD/NSC-12 and 12 FAM 262.1, Policy.

12 FAM 262.3-5 Contact Reports Originating at Post

(CT:DS-424; 04-17-2024)

The RSO or PSO must expedite employee contact reports, when not submitted electronically via the myData homepage, to DS/DO/CI or through DS/DO/CI to the employee’s parent agency. DS/DO/CI must also refer such information to the Central Intelligence Agency (CIA), following procedures agreed to between DS and the CIA.

12 FAM 262.3-6 Contact Reports Originating Domestically

(CT:DS-424; 04-17-2024)

DS/DO/CI must refer contact reports received domestically from employees or contractors of the Department to the Federal Bureau of Investigation (FBI), following procedures agreed to between DS and the FBI.

12 FAM 262.4 Accountability

(CT:DS-425; 05-08-2024)

Upon receiving a contact report and if DS/DO/CI perceives actual or potential security problems relating to an individual of any nationality, DS/DO/CI or the RSO must advise the employee to take appropriate precautions. A signed acknowledgement of the individual’s understanding of these precautions should be obtained and a copy forwarded to DS/DO/CI. As noted in 12 FAM 262.3-2, paragraph c, Employee Responsibility, disciplinary action and/or suspension of a security clearance may result from an employee’s failure to report a contact under the circumstances described in 12 FAM 262.1, Policy.

12 FAM 263 COUNTERINTELLIGENCE AWARENESS PROGRAM

12 FAM 263.1 Policy

(CT:DS-425; 05-08-2024)

a. The RSO or PSO must brief all employees and contractors assigned to the post on permanent change of station. The briefing must include the information on CI. The RSO or PSO should make unclassified briefings available to adult dependents of employees and to contractors on a voluntary basis.

b. This policy applies to all executive branch employees under COM authority regardless of their home agency.

c. For the purpose of this section, the term “contractor” is defined as a U.S. personal services contractor under COM authority or an employee of a commercial firm having a contract with the U.S. Government and assigned to a U.S. mission overseas.

12 FAM 263.2 CI Awareness Training

(CT:DS-424; 04-17-2024)

DS/DO/CI conducts CI and security awareness training programs, in coordination with the Foreign Service Institute and the Foreign Affairs Training Center (FASTC), and with other agencies, for the following employees and their dependents:

(1) Chiefs of Missions (generally Ambassadors) and DCMs;

(2) Foreign Service officers and specialists, ;

(3) Contractors and other Department personnel assigned to critical HUMINT threat CI posts;

(4) Diplomatic Security personnel, including special agents, security engineering officers, security technical specialists, and couriers;

(5) Marine security guards;

(6) Navy Seabees;

(7) U.S. military attachés; and

(8) Other U.S. Government agency personnel, as required.

12 FAM 263.3 Post HUMINT Threat-Specific Procedures

(CT:DS-425; 05-08-2024)

Post threat levels are defined and identified on the SETL (classified), which is published by DS.

12 FAM 263.3-1 Low, Medium, and High Counterintelligence-Threat Posts

(CT:DS-425; 05-08-2024)

a. RSOs or PSOs must provide CI briefings to locally employed staff (LE staff) who are U.S. citizens and ensure that those LE staff who are Foreign Service nationals (FSNs) and third-country nationals (TCNs) are briefed in accordance with the FSN briefing program.

b. At high-threat posts, RSOs or PSOs should provide CI briefings to TDY personnel and other official visitors. At low- and medium-threat posts, RSOs or PSOs should distribute an unclassified written notice to TDY personnel and other visitors giving them guidance on the local intelligence threat.

c. RSOs or PSOs must conduct departure security debriefings for all employees and contractors completing a tour of duty at a post. The debriefing must include a discussion of CI matters. Should the RSO or PSO obtain information of a CI concern, they must forward a copy of the debriefing to DS/DO/CI, which must forward a copy to the parent agency where applicable.

12 FAM 263.3-2 Critical Human Intelligence-Threat Posts

(CT:DS-425; 05-08-2024)

a. FIEs may target U.S. Government (USG) personnel for potential exploitation. The tactics used by FIEs whose countries have critical Human Intelligence (HUMINT) threat posts are aggressive, sophisticated, and well-funded, and therefore place personnel, their family members, and U.S. national security information at increased risk. The Department of State mitigates risk through implementation of programs developed by the Bureau of Diplomatic Security (DS) in consultation with the Overseas Security Policy Board (OSPB). The assignment review process is a defensive program applied across the executive branch to mitigate threats and vulnerabilities to personnel and national security information. All executive branch agencies with employees under COM authority must follow this process. DS/DO/CI is responsible for managing and coordinating, respectively, the process for Department and executive branch agency personnel:

(1) All executive branch agencies sending personnel to critical HUMINT threat posts must review the proposed permanent and temporary duty (TDY), in excess of 60 calendar days accumulated in one year (not necessarily consecutive), assignment of all personnel to determine their suitability;

(2) Executive branch agencies and personnel must familiarize themselves with and adhere to this process; and

(3) The process for assignment review for Department personnel is outlined in 12 FAM 263.3-2(b) and for other executive branch agency personnel in 12 FAH-6 H-211.5.

b. Due to the risk of service at a critical HUMINT threat post, the Director General of the Foreign Service (DG) must be able to make informed decisions regarding the assignment of Department employees proposed for such posts. DS/DO/CI supports the DG’s determination through an application of the whole-person concept based upon available information and criteria, noting that no single issue automatically disqualifies an applicant for an assignment. DS/DO/CI reviews an employee’s investigative and personnel files; evaluates security and suitability factors that could adversely affect suitability for assignment; examines any personal vulnerabilities potentially subject to FIE exploitation; and assesses the counterintelligence environment at the post along with the tactics, techniques, and procedures of relevant FIEs. DS/DO/CI prepares a recommendation to the DG with respect to an employee’s assignment suitability to a critical HUMINT threat post after considering the available information in light of the following criteria:

(1) Whether the employee or an immediate family member has an immediate family member still residing in the proposed critical HUMINT threat country;

(2) Whether the employee or an immediate family member has other family ties in any critical HUMINT threat post where a FIE could exploit familial bonds of affection;

(3) Whether the employee has family ties to an individual currently or recently employed by the critical HUMINT threat country’s military armed forces, intelligence or security service, police service, or ministry of foreign affairs;

(4) Whether the employee has a history of poor security practices (e.g., 12 FAM 262, 12 FAM 550, or 12 FAM 630) that are recent and of a serious nature;

(5) Whether the employee is or has been a known target of interest to a FIE;

(6) Whether the employee has a history of aberrant behavior such as drug or alcohol abuse or criminal misconduct;

(7) Whether the employee has demonstrated emotional instability (as determined by the Office of Medical Services (MED));

(8) Whether the employee has exhibited financial or fiscal management irresponsibility that interferes with their performance of duty;

(9) Whether a past investigation concerning the employee documents a serious allegation concerning misconduct, suitability, or professional ethics that could be exploited by a FIE;

(10) Whether the employee has had more than one previous assignment to the same critical HUMINT threat post;

(11) Whether the employee has made an unauthorized disclosure of sensitive or classified information;

(12) Whether the employee or immediate family member has demonstrated loyalty to the proposed critical HUMINT threat country of assignment (i.e., previously employed with the FIE or ministry of foreign affairs); and

(13) Whether the employee has had romantic involvement with citizen(s) of the proposed critical HUMINT threat country of assignment.

12 FAM 263.3-3 Assignments for Department Employees

(CT:DS-425; 05-08-2024)

a. Procedures for Initiating Review of Assignment or TDY:

(1) Subsequent to a of registering a handshake for a proposed assignment to a critical HUMINT threat post by the Office of Career Development and Assignments (GTM/CDA), GTM/CDA notifies DS/DO/CI of the proposed assignment. For TDY assignments, the employing Bureau is responsible for tracking the employee’s time during a calendar year assigned to the critical HUMINT threat post in question and notifying DS/DO/CI via CLASSNET one month in advance of proposed TDY assignments in excess of 60 cumulative calendar days;

(2) For both PCS assignments and TDYs in excess of 60 cumulative calendar days in one year, DS/DO/CI conducts a review of the proposed assignment. If DS/DO/CI concludes that the available information in light of the criteria in 12 FAM 263.3-2 supports the proposed assignment, DS/DO/CI notifies GTM/CDA accordingly;

(3) If DS/DO/CI concludes that the available information in light of the criteria 12 FAM 263.3-2 reflects a risk to national security, or associated risk to an employee or family member, DS/DO/CI submits a recommendation, via DSS, to the Director General (DG) in the form of an action memorandum (AM) with analysis specific to the criteria considered. DS/DO/CI will endeavor to submit the AM to the DG within 90 calendar days of notification of the proposed assignment, although factors outside DS’s control may affect this timeline. These factors may include requests to the employee to provide additional details not included in their investigative file, pending investigations, or information requested in support of the review from other U.S. government agencies. In the event a case remains pending for more than 30 calendar days, 12 FAM 263.3-3(b)(2) specifies notification requirements to the employee. When this occurs, DS/DO/CI will contact GTM/CDA which, in turn, will notify the employee;

(4) The recommendation is based upon an evaluation of the available information regarding the individual in light of the criteria listed at 12 FAM 263.3-2(b), and the counterintelligence environment of the proposed post. All readily available information is considered by DS/DO/CI to make a recommendation to enable the DG to make a timely and informed decision regarding the proposed assignment to a critical HUMINT threat post. Any doubts concerning the proposed assignment are resolved in favor of national security; and

(5) The DG may or may not concur with the recommendation regarding the proposed assignment to a critical HUMINT threat post based on the best interests of national security, the Department, and the employee. Upon the DG’s request, DS must and the relevant regional bureau may provide any pertinent information regarding the recommendation to the DG. The DG may also ask the relevant regional bureau to provide additional information.

b. Assignment Review Status Notifications:

(1) GTM/CDA, via the employee’s respective Career Development Officer (CDO) or Assignments Officer (AO), is the primary point of contact for employees regarding status of proposed assignments. DS/DO/CI is the secondary point of contact (DSPassThruReq@state.gov); and

(2) DS/DO/CI will provide GTM/CDA regular updates on assignment reviews pending more than 30 calendar days from the time GTM/CDA notified DS/DO/CI of the proposed assignment, as well as an estimated date of completion for each pending assignment review. GTM/CDA will in turn notify affected employees of the status of their respective case. This notification will provide information related to the assignment review process, to include information for employees considering assignments to critical HUMINT threat posts.

12 FAM 263.3-4 Decision, Reconsideration and Appeals Procedures for Department Employees

(CT:DS-425; 05-08-2024)

a. No objection decision. If DS/DO/CI review of the proposed assignment concludes that the available information in light of the criteria in 12 FAM 263.3-2 does not increase the risk to national security or the employee, DS/DO/CI notifies GTM/CDA accordingly and GTM/CDA will continue the assignment process.

b. Objection decision. If the DG concurs with a DS/DO/CI recommendation against a proposed assignment based on elevated risk to national security or the employee, the DG will notify the employee through GTM/CDA in writing within ten business days of the DG’s decision. The notification will include the specific criteria from 12 FAM 263.3-2 relevant to the decision.

c. Reconsideration of DG Decision. The employee may, within ten business days of the date the employee received notification of the DG’s decision to deny an assignment, request a reconsideration of the decision by the DG. To request that the DG reconsider the decision, the employee communicates the request for reconsideration, with any additional information they wish to submit, to the DG via DGDirect@state.gov and provides a copy of their submission to their CDO. The DG will consider the request for reconsideration within ten business days from the date the request was submitted via DGDirect.

d. Appeal to the Assignments Security Appeals Panel (A-SAP). If the employee wishes to appeal to the A-SAP the DG's decision on a reconsideration under subsection (c) above, the individual must notify the DG in writing within 10 days business via DGDirect@state.gov, with a copy to their CDO, of their intent to appeal within 10 business days of the DG’s decision, or in the event the employee seeks a reconsideration of the decision by the DG, within ten business days of notice of the DG’s decision regarding reconsideration. DS/DO/CI and GTM shall coordinate to transmit the appeal to the A-SAP, which will endeavor to schedule a meeting to hear the appeal promptly.

e. A-SAP Composition, Process, and Decision.

(1) The A-SAP for the assignment review process is comprised of five voting members: M (who serves as chair); the PDAS for the Bureau of Global Talent Management (GTM); the PDAS for the Bureau of Intelligence and Research (INR); the Director of the Office of Civil Rights (S/OCR); and the PDAS from the geographic bureau to which the assignment review applies. The A-SAP will additionally have two non-voting advisors: a representative from the Office of the Legal Adviser (L/M) and a representative from DS/DO/CI. The DS/DO/CI representative will not be present once A-SAP begins deliberations.

(2) The A-SAP Chairperson will schedule and notify the A-SAP members as well as GTM/CDA, the employee, and DS/DO/CI of the date on which the A-SAP will begin deliberations of the individual’s appeal. The A-SAP shall convene no later than 120 calendar days from the date the employee requests an appeal.

(3) DS/DO/CI will provide via CLASSNET to the A-SAP a copy of the documents that served as the basis of the DG’s decision. No later than twenty-one (21) calendar days prior to the A-SAP convening, a copy of such document(s) shall also be furnished to the employee, to the extent such documents would be provided if requested under the Privacy Act and/or the Freedom of Information Act, as applicable. In appropriate cases and where consistent with national security, law-enforcement interests, and the Privacy Act, an employee possessing the requisite national security eligibility may be permitted to have access to classified information in such documents.

(4) The employee may provide a written statement via CLASSNET in support of the appeal to the A-SAP for dissemination among the A-SAP members. If the employee chooses to provide a written statement, the employee must submit the statement at least two weeks before the date the A-SAP is scheduled to meet.

(5) The employee may request to appear before the A-SAP in person, where practical, or virtually via security video telephone or teleconference, if requested and secure connectivity is available. The employee's optional appearance is at their discretion. The personal appearance will not be adversarial in nature. The individual may not produce or request witnesses at this appearance; any witness statements that the individual wishes to introduce must be submitted in writing and no later than two weeks before the scheduled appearance, as provided in subparagraph 4 above. The individual has no right to compel such witness statements. Communications must be at the appropriate level of classification (e.g. SECRET) and via the appropriate system (e.g., ClassNet).

(6) Deliberation. The A-SAP may request additional information from the individual or from the Department prior to rendering its decision.

(7) Decision of the A-SAP. The A-SAP may decide to sustain or overturn the DG’s decision regarding an assignment to a critical Human Intelligence (HUMINT) post. In reaching its decision, the A-SAP will determine whether sustaining or overturning the DG decision is clearly consistent with the national security interests of the United States. Any doubt shall be resolved in favor of national security. The A-SAP’s decision shall be the final decision of the Department.

(8) The A-SAP will communicate to the DG, GTM/CDA, DS/DO/CI, and the employee their decision within 10 business days from the date the A-SAP takes its decision.

f. Nothing in this policy affects the authority of a COM as set out in U.S. law and presidential directive to set the size, composition, or mandate of staff under the COM’s authority. See the President’s Letter of Instruction as outlined in 1 FAM 013.2(d).

12 FAM 263.3-5 Contractor Application and Process

(CT:DS-425; 05-08-2024)

The Industrial Security Division (DS/IS/IND) reviews the background investigations of all contractors and employees of contractors proposed for assignment to critical HUMINT threat posts. DS uses the provisions of 12 FAM 263.3-2, paragraph b, Critical Human Intelligence Threat Posts, 12 FAM 570, Industrial Security Program, and 12 FAM 230, Personnel Security, as a basis for adjudicating final determinations on suitability. When there are CI concerns, DS/IS/IND forwards the investigation to DS/DO/CI. DS/DO/CI reviews the investigation and provides a recommendation back to DS/IS/IND, which determines whether the contractor may be assigned to a critical HUMINT threat post. DS/IS/IND shall inform the relevant Contracting Officer Representative of the determination.

12 FAM 263.3-6 Post Required Briefings

(CT:DS-425; 05-08-2024)

a. The RSO or PSO must provide CI briefings to locally employed U.S. citizens under COM authority and ensure that FSNs and TCNs are briefed in accordance with the FSN briefing program;

b. The RSO or PSO must conduct a CI awareness refresher briefing with all employees annually. The RSO or PSO should make these refresher briefings available to adult dependents on a voluntary basis;

c. The RSO or PSO must conduct a routine departure security debriefing for all employees and contractors completing a tour of duty at a post prior to the employee’s or contractor’s departure. The debriefing must include a discussion of CI matters. Should the RSO or PSO obtain information of a CI concern, he or she must forward a copy of the debriefing to DS/DO/CI, which must forward a copy to the parent agency; and

d. The RSO must notify DS/DO/CI and the RSO at a gaining post of personnel transfers and then schedule debriefings. All employees completing a tour of duty must receive a special in-depth CI debriefing conducted by DS/DO/CI or, in the case of direct transfers, by the RSO or PSO of the gaining post. All contract personnel must receive a special CI debriefing by either DS/DO/CI or the contractor. All TDY employees must receive a special CI debriefing upon completion of the TDY conducted by DS/DO/CI or, in the case of TDY from one post to another, by the RSO or PSO of the post of their residence. Employees or contract personnel of agencies other than those of the Department who are returning to Washington, DC must receive debriefing from the security office of their parent agency; when transferring between posts, the RSO or PSO at the gaining post must debrief other agency personnel to report security concerns or information of interest to their agency or to future travelers. The RSO or PSO should send copies of all special debriefings to DS/DO/CI, which will forward a copy to parent agencies. PSOs must also send a copy to the RSO. The RSO must notify DS/DO/CI and the RSO at a gaining post of personnel transfers so that debriefings can be scheduled.

12 FAM 263.4 Domestic Programs

(CT:DS-424; 04-17-2024)

a. State only: DS/DO/CI provides individual and post-specific domestic CI training on a formal and ad hoc basis and arranges for or provides post-specific briefings for individuals on a need-to-know basis.

b. In cooperation with DS/DO/CI, the Foreign Service Institute (FSI) sponsors programs for employees assigned to selected critical threat posts. New Department employees attending FSI orientation also receive a segment on CI awareness.

c. DS/DO/CI tailors specific programs for specialty professions such as cleared U.S. citizen guards, communicators, Seabees, etc.

d. DS/DO/CI also provides CI briefings and policy support to other U.S. Government agencies.

12 FAM 264 PERSONAL TRAVEL TO CRITICAL HUMAN INTELLIGENCE THREAT COUNTRIES

12 FAM 264.1 Scope and Applicability

12 FAM 264.1-1 Scope

(CT:DS-425; 05-08-2024)

a. These requirements apply to Department employees and domestic contractors and to those of employees of other agencies serving overseas under chief of mission (COM) authority. The Overseas Security Policy Board (OSPB) also cleared these requirements.

b. The requirements govern personal travel to countries with a critical HUMINT threat level and certain countries where the United States does not have diplomatic relations, which are both listed in the SETL.

12 FAM 264.1-2 Program Responsibility

(CT:DS-424; 04-17-2024)

DS/DO/CI directly administers this program for the Department’s employees stationed domestically and indirectly through the RSO or PSO at posts.

12 FAM 264.2 Travel to Critical HUMINT THREAT POSTS

(CT:DS-424; 04-17-2024)

a. The criteria in the paragraphs in this section apply to travel to countries in which critical HUMINT threat posts are located, regardless of the threat level where the employee departs from or is stationed.

b. All employees and contractors of the U.S. Government under COM authority must notify the RSO or PSO at the post of their residence and schedule a CI defensive security briefing at least 2 weeks before starting personal travel to any country with a critical HUMINT threat level, including travel with tour groups. Employees and contractors of the Department stationed domestically must directly notify DS/DO/CI.

c. Each employee intending to travel must provide a notification of personal travel using the format in 12 FAM Exhibit 264.2. The RSO, PSO, or DS/DO/CI must retain this information as part of the permanent record.

d. The RSO, PSO, or DS/DO/CI must provide pertinent information from the travel notification to U.S. embassies in the countries listed on the itinerary at least 1 week prior to the traveler’s intended departure. (Use the format in 12 FAM Exhibit 264.2.) RSOs or PSOs must also provide copies of their communications to DS/DO/CI and to the security office of the traveler’s parent agency.

e. The RSO, PSO, or DS/DO/CI, as appropriate, must provide each traveler with a CI defensive security briefing prior to their travel.

f. If detained or subjected to significant harassment or provocation while traveling, the travelers must immediately contact the nearest U.S. consul, attaché, RSO, or duty officer. Upon return to the post of their residence or Washington, DC, the traveler must report any unusual incidents, including those of potential security concerns, to the RSO, PSO, or DS/DO/CI, as appropriate. RSOs and PSOs must in turn report unusual incidents, detention, harassment, provocation, etc. to DS/DO/CI, which must forward copies of the reports to the traveler’s parent agency.

g. Employees of the Department granted access to sensitive compartmented information (SCI) have no additional travel obligation.

h. The Department encourages spouses, domestic partners as defined in 3 FAM 1610, and adult dependents of employees to advise the RSO, PSO, or DS/DO/CI, as appropriate, of their personal travel, and receive any available unclassified defensive security briefings, especially those at their post of residence.

12 FAM 265 THROUGH 269 UNASSIGNED

12 FAM Exhibit 262.3-1
ACKNOWLEDGEMENT OF POLICY GOVERNING OFFICIAL AND PERSONAL RELATIONSHIPS WITH CERTAIN FOREIGN NATIONALS AND CONTACT REPORTING RESPONSIBILITIES (FORMAT)

(CT:DS-424; 04-17-2024)

This is to acknowledge that:

I have been briefed on this policy and understand my responsibilities to report contacts and associations with individuals listed in 12 FAM 262.1, paragraph b;

I understand that this policy applies abroad to all U.S. citizen employees of the U.S. Government, civilian or military, including contract employees, whether permanently assigned or TDY, who are under the authority of a chief of mission. Domestically, this policy applies to employees and contractors of the Department of State;

I understand that my failure to comply with this policy provides grounds for appropriate disciplinary action and/or suspension of my security clearance;

I understand that I should caution my adult dependents about the potential threat from foreign intelligence services and encourage them to report any attempts by foreign nationals to exploit them;

I understand that if I have any questions regarding this policy, I should raise them with the regional security officer or post security officer while abroad and the Department of State’s Bureau of Diplomatic Security Office of Counterintelligence(DS/DO/CI) when in the United States.

Signature Signature Date

Employee Name (typed or printed) Witnessing Official’s Name and Title

Position Post/Bureau

Agency