Skip to main content
Title 9: Criminal

9-90.000 - National Security

9-90.010 National Security
9-90.020 National Security Matters—Prior Approval, Consultation, and Notification Requirements
9-90.040 National Security Cyber Specialists in United States Attorneys' Offices
9-90.050 National/International Security Coordinators in United States Attorneys' Offices
9-90.100 General Policies Concerning Prosecutions For Crimes Directed at National Security and for Other Crimes in which National Security Issues May Arise
9-90.200 Policies and Procedures for Criminal Cases That Involve Classified Information
9-90.210 Contacts with the Intelligence Community Regarding Criminal Investigations or Prosecutions
9-90.230 Disclosure Of Classified Information to the Grand Jury
9-90.240 Classified Information Procedures Act (CIPA)
9-90.300 Policies for the Prosecution of Espionage, Export and Other Internal Security Offenses
9-90.400 Atomic Energy Act
9-90.440 Other Prohibited Transactions Involving Nuclear Materials—18 U.S.C. § 831
9-90.500 Internal Security
9-90.550 Contempt of Congress—2 U.S.C. §  192
9-90.600 Export Control and Unlawful Transactions with Foreign Countries
9-90.610 Export Control Reform Act—50 U.S.C. §§ 4801-4852
9-90.620 Arms Export Control Act—22 U.S.C. §  2778
9-90.625 Export Control and Sanctions Enforcement Policy for Business Organizations
9-90.630 Trading With the Enemy Act—50 U.S.C. § 4305(b)/Foreign Assets Control
9-90.640 International Emergency Economic Powers Act—50 U.S.C. § 1701 et seq.
9-90.700 Registration and Lobbying Provisions
9-90.710 Foreign Agents Registration Act—22 U.S.C. § 611 et seq.
9-90.720 Public Officials Acting As Agents Of Foreign Principals—18 U.S.C. § 219
9-90.730 Disclosure of Foreign Influence Operations


9-90.010 - National Security

A. Introduction and Scope.

Protecting our national security is the Department's top priority.  National security encompasses the national defense, foreign intelligence and counterintelligence, international and internal security, and foreign relations. This includes countering terrorism; combating espionage and economic espionage conducted  for the benefit of any foreign government, foreign instrumentality, or foreign agent; enforcing export controls and sanctions; and disrupting cyber threats that are perpetrated by nation states, terrorists, or their agents or proxies.

When national security issues arise during a criminal prosecution, they must be resolved through  careful coordination by the Department of Justice (Department) with high level officials from the intelligence, military and foreign affairs communities. In addition, the Attorney General, or the Attorney General's designee, has certain statutory authority and obligations related to national security prosecutions.That authority  and those obligations may be properly exercised and met only with appropriate coordination within the Department by the respective United States Attorneys' Offices (USAOs).

This chapter applies to national security matters other than counterterrorism matters; counterterrorism matters are covered principally by JM 9-2.136 et seq.  In addition, this chapter does not apply when a matter's sole nexus to national security is foreign relations (e.g., international extradition; indictment of a high ranking foreign official for a non­ national security crime; and other treaty-related issues). Coordination of such matters will be handled by the Criminal Division, Office of International Affairs (OIA). See JM 9-2.400 for circumstances requiring  prior consultation  with or approval from OIA.

Prior approval, consultation and notification requirements related to national security can be found in JM 9-90.020, below.

B. Authority to Conduct  Prosecutions Relating to the National Security.

The enforcement  of all criminal laws affecting, involving or relating to the national security, and the responsibility for prosecuting criminal offenses, such as conspiracy, perjury and false statements, arising out of offenses related to national security, is assigned to the Assistant Attorney General (AAG) of the National Security Division. Where a matter affects the national security, regardless of the specific statute(s) implicated,  prosecutions shall be instituted and conducted under the supervision of the Assistant Attorney General, National Security Division, or higher authority. 28 C.F.R. § 0.72.

The Counterintelligence and Export Control Section (CES) of the National Security Division, under the supervision of the AAG or a higher authority,  conducts, handles, and supervises prosecutions within the scope of this chapter.

[updated March 2016] 


9-90.020 - National Security Matters—Prior Approval, Consultation, and Notification Requirements

  1. What Constitutes a Case Affecting, Involving, or Relating to the National Security.
    1. National Security Statutes
      Criminal provisions affecting, involving, or relating to the national security are:
      • 2 U.S.C. § 192 (Contempt of Congress Related to National Security)
      • 8 U.S.C. § 1185(b) (Travel Control of Citizens)
      • 18 U.S.C. § 219 et seq. (Officers and Employees of the United States Acting as Foreign Agents)
      • 18 U.S.C. § 791 et seq. (Espionage; Unauthorized Disclosure of Classified Information)
      • 18 U.S.C. § 951 et seq. (Neutrality  Laws)
      • 18 U.S.C. § 1030(a)(1) (Computer  Espionage)
      • 18 U.S.C. § 1542 et seq. (Passport Violations Related to National Security)
      • 18 U.S.C. § 1924 (Unauthorized Removal and Retention of Classified Documents or Material)
      • 18 U.S.C. § 1831 (Economic Espionage)
      • 18 U.S.C. § 2151 et seq. (Sabotage)
      • 18 U.S.C. § 2381 et seq. (Treason, Sedition and Subversive Activities)
      • 22 U.S.C. § 611 et seq. (Foreign Agents Registration)
      • 22 U.S.C. § 2778 (Arms Export Control Act)
      • 42 U.S.C. § 2274 to 2278, 2284, and other Atomic Energy Violations that Affect National Security (Atomic Energy Act)
      • 50 U.S.C. § 3121 (Intelligence Identities Protection Act)
      • 50 U.S.C. § 782 et seq. (Communication  of Classified Information by Government Officer or Employee)
      • 50 U.S.C. § 851 et seq. (Registration of Person Who Has Knowledge Concerning Espionage Activities)
      • 50 U.S.C. § 1701 et seq. (International Emergency Economic Powers Act)
      • 50 U.S.C. § 4801 et seq. (Export Control Reform Act)
      • 50 U.S.C. § 4305(b) (Trading With the Enemy Act)
    2. Other Matters that Affect the National Security

      A variety of other Federal statutes may also be used to prevent, disrupt, and prosecute national security threats. Thus, prosecutions pursuant to criminal statutes other than those set forth in 9-90.020(A)(1) may also affect national security (e.g., a case involving wire fraud or hacking by or on behalf of a foreign government in which 18 U.S.C. § 1831 or 18 U.S.C.§ 1030(a)(1) are not specifically included as charges).

      If a particular matter affects the national security, or if there is a reasonable question about whether a particular matter affects the national security, the USAO shall consult with CES to discuss how the matter should be treated. If the USAO is coordinating with another component of Main Justice, the USAO shall consult directly with CES unless the other component of Main Justice has agreed to facilitate this required consultation.
  2. Consultation and Approval Requirements.
    Prosecution of a case involving a national security statute set forth in 9-90.020(A)(1) shall not be instituted without the express approval of the National Security Division or higher authority. In addition, in such cases, CES shall be consulted before:

    • an arrest is made,
    • a search warrant is obtained,
    • a grand jury investigation is commenced,
    • immunity is offered,
    • an indictment is presented,
    • an information is filed,
    • a civil injunctive action is filed,
    • a prosecution  is declined,
    • a count is dismissed,
    • a plea agreement is filed,
    • a sentencing commitment or other disposition is made,
    • or an adverse ruling or decision is appealed.

    In any other prosecution  that affects the national security, regardless of the specific statute(s) implicated, or if there is a reasonable question about whether a particular matter affects the national security, the USAO shall consult with CES to discuss how the matter should be treated and whether the above prior approval or consultation requirements should apply. If the USAO is coordinating with another component of Main Justice, the USAO shall consult directly with CES unless the other component of Main Justice has agreed to facilitate this required consultation.

    Consultation with CES is also required in all cases in which classified information  plays a role in the prosecutive decision, and all cases that require the protections afforded by the Classified Information Procedures Act, 18 U.S.C. app. 3, i.e., cases in which classified information  may be disclosed during the pretrial, trial or appellate stage of the litigation.

    Finally, before initiating a prosecution under 2 U.S.C. § 441e, Campaign Contributions by Foreign Nationals, the Registration Unit of CES, (202) 233-0986, shall be consulted.

[cited in JM 9-2.111JM 9-90.010JM 9-90.300JM 9-90.400JM 9-90.500JM 9-90.550; JM 9-90.600JM 9-90.610JM 9-90.620JM 9-90.640JM 9-90.700JM 9-90.720]

[updated December 2020]


9-90.040 - National Security Cyber Specialists in United States Attorneys' Offices

Each United States Attorney’s Office (USAO) shall designate one or more AUSAs as the district’s National Security Cyber Specialist (NSCS). The NSCS AUSAs shall serve as the primary point of contact for all of the district’s law enforcement activities regarding cyber and cyber-enabled crime that are defined in Section 9-50.201, that falls within the scope of this chapter. The National Security Cyber Section (NatSec Cyber), in partnership with the Federal Bureau of Investigation (FBI), has primary responsibility for developing the Department’s overall strategies for investigating, disrupting, and deterring cyber threats within the scope of this chapter and shall exercise the Assistant Attorney General’s supervisory authority over all such investigations, cases, and other disruptions. NatSec Cyber, working in close partnership with the Computer Crime and Intellectual Property Section (CCIPS), shall provide programmatic support to the NSCS AUSAs through the National Security Cyber Specialist Network (NSCS Network).  In addition to developing and prosecuting their own cyber and cyber-enabled crime cases within the scope of this chapter and assisting NSCS and Computer Hacking and Intellecual Property (CHIP) AUSAs in such cases, as described in Sections 9-50.105 and 9-90.020, NatSec Cyber supports the NSCS Network by serving as a source and conduit for disseminated cyber-related intelligence reporting and developing and implementing training programs for such AUSAs in cooperation with CCIPS and the Office of Legal Education (OLE), as described in Section 9-50.600. At the discretion of U.S. Attorneys, NSCS AUSAs may also serve as CHIP AUSAs, or assist them in addressing these threats.

In the context of cyber and cyber-enabled crime investigations within the scope of this chapter, the NSCS AUSAs are responsible for, among other things, ensuring their offices awareness of and in-house training with respect to:

  • timely issuance of legal process for cyber victim identification, as described in Section 9-50.700;
  • all available U.S. and foreign government authorities and “tools” to disrupt cyber threats, as well as the applicable consultation requirements, as described in Section 9-50.204;
  • notification, deconfliction, and reporting requirements for applicable cyber and cyber-enabled crime investigations, as described in Section 9-51.101;
  • consultation requirements with respect to decisions to charge a case under the Computer Fraud and Abuse Act, 18 U.S.C. § 1030, as required by Section 9-48.000; and
  • Departmental policies related to foreign affairs, intelligence, and national security relevant to prosecutions and investigations, including classified discovery issues, Federal Rule of Criminal Procedure 6(e)(3)(D) information-sharing provisions, and issues related to operational security, such as the availability of non-disclosure orders for “exceptional circumstances” under the relevant Department policies and a district court’s “highly sensitive document” policies.

NSCS AUSAs shall also support CHIP AUSAs in executing the latter’s responsibilities as described in JM 9-50.104 and 9-50.105.

NatSec Cyber shall serve as a resource of expertise for NSCS, CHIP, and other AUSAs when pursuing the “all tools” disruption approach to cyber and cyber-enabled crimes, as described in Section 9-50.204. USAOs should utilize NatSec Cyber's demonstrated experience with such authorities and tools in the context of national security-related investigations, and their extensive network of relevant contacts. For any instance in which the USAO or other Department component (other than the FBI or NSD) seeks to initiate contact with an agency of the intelligence community or the Department of Defense, regarding issues arising during a cyber or cyber-enabled crime investigation or prosecution, it is the duty of the NSCS AUSA or other employee to consult with the Chief of NatSec Cyber or a designee prior to undertaking such contact. Such a consultation shall also occur for any instance in which the USAO or other Department component (other than the FBI or NSD) seeks to initiate contact with other inter-agency partners or foreign government regarding issues arising during cyber or cyber-enabled crime investigations or prosecutions within the scope of this chapter. 

All NSCS AUSAs shall maintain a top secret/sensitive compartment information (TS/SCI) clearance in order to review, discuss, and use classified information in connection with cyber and cyber-enabled crime investigations that affect, involve, or relate to the national security.

[added August 2023]


9-90.050 - National/International Security Coordinators in United States Attorneys' Offices

Each United States Attorney's Office (USAO) shall designate an AUSA as the National/International Security Coordinator. The National/International Security Coordinator is intended to be the initial point of contact for the office on matters relating to foreign relations, intelligence and national defense. [In some offices, the duties of the National/International Security Coordinator may be divided between foreign affairs and national security issues due to the volume of matters within the office.] The National/International Security Coordinator is responsible for, among other things, notifying the Chief of the Counterintelligence and Export Control Section (CES) whenever national security issues arise in the USAO in the course of prosecutions of offenses not related to the national security. In any instance in which the USAO seeks to initiate contact with an agency of the intelligence community regarding national security issues arising during a criminal investigation or prosecution, it is the duty of the National/International Security Coordinator to initiate contact with the Chief of CES prior to undertaking contact with the intelligence community.

The National/International Security Coordinator shall maintain a top secret clearance in order to review and use classified information in connection with national security investigations or prosecutions. The National/International Security Coordinator shall be familiar with Departmental policies related to national security prosecutions and investigations including disclosure of classified information to the grand jury.

The National/International Security Coordinator's primary responsibilities, acting in his or her capacity as point of contact for foreign relations, include acting as the liaison on all incoming and outgoing requests for extradition and mutual legal assistance, and ensuring the timely submission of supporting documents.

The National/International Security Coordinator should be knowledgeable of relevant Department policies, forms, briefs, and memoranda in the area of international affairs, intelligence and national security issues and should serve as the in-house resource and trainer on those issues.

[updated January 2020]


9-90.100 - General Policies Concerning Prosecutions For Crimes Directed at National Security and for Other Crimes in which National Security Issues May Arise

The Attorney General has determined that all criminal cases relating to activities directed against the national security (See JM 9-90.300 et seq.), as well as collateral offenses such as perjury that arise out of such activities, are to be supervised by the Assistant Attorney General (AAG), National Security Division. Although the AAG may assign those cases within the National Security Division, prosecution of national security cases will ordinarily be handled by the USAO in the district where venue lies. When a national security investigation is initially referred to the National Security Division, the AAG, or his/her designee, will notify the United States Attorney (USA) in that district as soon as possible following the referral. In either event, the AAG shall retain general supervisory authority over the conduct of the case from its inception until its conclusion, including appeal.

When national security issues arise in United States Attorneys' Offices in the course of prosecutions of offenses not related to the national security, that district's National/International Security Coordinator must notify the Chief of the Counterintelligence and Export Control Section (CES). That Section Chief shall be responsible for insuring that the Assistant United States Attorney (AUSA) assigned to the case is aware of and complies with Departmental policies related to national security prosecutions.

[updated January 2020]


9-90.200 - Policies and Procedures for Criminal Cases That Involve Classified Information

With the concurrence of the appropriate Deputy Assistant Attorney General (DAAG), National Security Division, or of the DAAG's designated National Security Division Section Chief, the Department attorney or the assigned AUSA may seek access to classified information in the custody and control of one or more of the United States intelligence agencies. The National Security Division's Counterintelligence and Export Control Section (CES) has primary responsibility to assist all Departmental officials and USAOs on all matters related to national security, including approval of requests for production of preexisting classified information in connection with an anticipated or ongoing criminal prosecution. Other sections of the National Security Division may also assist, according to the subject matter of the activity involved in a particular prosecution. Occasionally, a law enforcement agency may also possess documents that are classified for national security purposes and which should be reviewed in connection with a criminal case. The procedures discussed herein also apply to those documents.

The Classified Information Procedures Act (CIPA), Title 18, United States Code, App. III, is the mechanism by which the disclosure of classified information must be controlled during the course of a criminal prosecution. CES is responsible to insure proper adherence to CIPA, at the pre-trial, trial, and appellate stages of a prosecution. CES personnel will assist the prosecuting attorney in properly drafting a request to an intelligence agency for production of its information and/or materials for review by the AUSA and will provide advice and consultation regarding review and use of those materials.

There are certain unique requirements that apply to cases involving classified information. First, only the Attorney General, the Deputy Attorney General, the Associate Attorney General or the Assistant Attorney General (AAG), National Security Division, can authorize the declination of a prosecution for national security reasons. CIPA sections 12 and 14. Such declinations must be included in a report submitted to Congress pursuant to the requirements of section 13 of CIPA. This report is initially prepared by the CES.

Further, classified information that is or may be relevant to a criminal prosecution cannot be utilized, even for discovery purposes, without coordinating with the agency that is responsible for classifying or declassifying that information. This rule applies to oral disclosures of classified information, such as certain statements by present or former government employees, or contract employees who hold or held security clearances and were given access to classified information. See also JM 9-90.240.

Because of regulatory limitations on dissemination of classified information, special considerations apply to investigations that involve classified information. First, when interviewing witnesses, classified information may be discussed only if the witnesses have appropriate security clearances and the agency that classified the information has approved such disclosure. Second, although the grand jurors are precluded under Fed. R. Crim. P. 6(e)(2) from disclosing matters occurring before the grand jury, a prosecutor nevertheless may not disclose classified information to the grand jury except by agreement of the agency responsible for classifying that information. Third, witnesses, subjects or targets of an investigation who have lawfully acquired classified information cannot lawfully disclose such information to their uncleared attorneys. Those attorneys should therefore either obtain a securit y clearance that would allow access to the classified information or seek to have the information declassified. If the defense attorney chooses the latter alternative, the prosecutor must file a motion requesting the court to issue a protective order that controls the use of that classified information and protects it from disclosure to unauthorized persons. For guidance on how to handle classified information during investigations or before the grand jury, see JM 9-90.230 and contact the CES.

[updated January 2020]


9-90.210 - Contacts with the Intelligence Community Regarding Criminal Investigations or Prosecutions

  1. Generally. Although both are arms of the Executive Branch, the Federal law enforcement and intelligence communities have very distinct identities, mandates, and methods. For the purpose of this chapter, the law enforcement community (LEC) includes all Federal investigative and prosecutive agencies. The intelligence community (IC) includes the Central Intelligence Agency, the National Security Agency, the Defense Intelligence Agency, and the National Reconnaissance Office. It also includes the intelligence components of the Department of State, Federal Bureau of Investigation, Department of Treasury, Department of Energy, and the respective military services. The mission of the LEC is to identify, target, investigate, arrest, prosecute, and convict those persons who commit crimes in violation of Federal laws. The mission of the IC is to perform intelligence activities necessary for the conduct of foreign relations and the protection of the national security, including the collection of information and the production and dissemination of intelligence; and the collection of information concerning espionage, international terrorist activities, and international narcotics activities.

    The Federal LEC must carry out its mission in accordance with the provisions of the United States Constitution, case law, statutes, and rules of procedure and evidence. Its compliance with those constraints is continually monitored by the judicial branch. Through its internal affairs and professional responsibility offices, the components of the LEC also perform self-monitoring of the legality of its investigative activities.

    The IC carries out its mission in accordance with the United States Constitution, the National Security Act of 1947 and other statutes, case law, and with select Executive Orders issued by the President, primarily E.O. 12958 (issued by President Clinton on October 14, 1995). The IC's compliance with legislative constraints is monitored by the Senate Select Committee on Intelligence (SSCI) and the House Permanent Select Committee On Intelligence (HPSCI). The IC also polices itself through its various inspectors general offices.

    The two communities occasionally find themselves mutually affected by a criminal case, such as when a defendant seeks access to classified information to assist in his/her defense. When that occurs, an issue of major concern to both communities is the adequate protection of sensitive intelligence sources and methods. This protection is accomplished by the prosecutor through the invocation of CIPA, and by the IC, by placing restrictions on access to the information, or by including special warnings and caveats that restrict the use of the information.

    Although coordination on matters of common concern is critical to the proper functioning of the two communities, prosecutors must be aware of the concomitant need of both communities to maintain a well-delineated separation between criminal prosecutions and foreign intelligence activities, in which less-stringent restraints apply to the government. Not to do so may invite the perception of an attempt to avoid criminal law protections by disguising a criminal investigation as an intelligence operation. The judicial response to that may be the suppression of evidence in the criminal case, e.g., United States v. Truong Dinh Hung, 629 F.2d 908 (4th Cir. 1980).
     
  2. Approval to Request a File Search. Initial contacts with the IC by the Department of Justice (Department), or by any United States Attorney's Office (USAO), for the purpose of requesting a search of IC files in connection with a criminal investigation or prosecution must be approved by the National Security Division's (CES). A request to the CES by a USAO for a search of IC files for preexisting intelligence information relevant to a criminal investigation or indictment must be in writing and must have been approved by the United States Attorney (USA) or a senior designee, e.g., the First Assistant, or the National/International Security Coordinator.

    Such requests shall be undertaken only when there exist objective articulable facts justifying the conclusion that
     
    1. within specific files, or category of files, there will likely be information of which the prudent prosecutor should be aware in deciding whether, or against whom, or for what offenses to seek an indictment from the grand jury;
    2. there are intelligence-related issues likely to arise post-indictment that the prosecutor should address preemptively, and that searching IC files is likely to duce information helpful to resolving those issues; or
    3. there are documents or information within the intelligence community that fall reasonably within the scope of the prosecutor's affirmative discovery obligations to the defendant, as that scope has been defined by the Federal courts.

    That the information within the possession of the intelligence community is classified shall have no effect either on the prosecutor's obligation to undertake the review of IC files or on the legally-mandated scope of that review. Similarly, except as modified by CIPA, the prosecutor's obligation to produce to the defendant information found during that review is unaffected by the classified nature of that information.
     
  3. The Search Request. Immediately upon the prosecutor's conclusion, based on the principles outlined above, that a search of IC files is appropriate, the prosecutor should consult with the district National/International Security Coordinator and initiate telephonic contact with the National Security Division's CES. The USA or his/her designee must approve the AUSA's request before it is submitted to the CES. See paragraph B, supra. The CES, in consultation with the Office of Intelligence Policy and Review (OIPR), will determine whether a search of IC files is appropriate. If there is a determination that a search of IC files is appropriate under the circumstances described by the prosecutor, the prosecutor will be required to prepare a written search request to be submitted to the IC agencies through the CES.

    In line with the Department's general policy, search requests must be focused, narrowly drawn, and based upon carefully reasoned and case-specific grounds. Each request should be accompanied by a prosecution memorandum that sufficiently identifies the individual and corporate targets of the investigation (e.g., full name, known aliases, date of birth, place of birth, social security number, citizenship, etc.); that summarizes the evidence already known about those targets (specifically that which the prosecution believes justifies a search of IC files). Ordinarily, the prosecutor should confine the search request to a period of time that conforms with that of the underlying criminal activity that necessitates the search and that specifies the type of information that is sought (e.g., what, if any, witting relationship the person has had or currently has with an IC agency, payments made to the person, criminal activity known by the IC agency to have been committed by the person in question, etc.). If the prosecutor's search request pertains to witnesses who will testify for the government, the same information should be provided as to them.

    The prosecutor should avoid asking an IC agency any conceptual questions or to draw any conclusions about the entities named, especially conclusions of a legal nature. Rather, the search request should present questions that require answers consisting of discrete facts that will enable the prosecutor to draw conclusions concerning the broader conceptual issues extant in his/her case.
     
  4. Submitting the Search Request to the IC. The National Security Division, CES, acting on behalf of the prosecutor, will formally transmit the search request to the appropriate element(s) of the IC. In some cases, that request may be followed by a planning and strategy meeting between the assigned prosecutors, the CES, and representatives of the appropriate IC agencies.

    To expedite the pace of the search, the prosecutor should request that each IC agency obtain limited third agency waivers from other IC agencies for purposes of the initial review of documents in response to the search request. Except with certain very sensitive types of classified information, this will normally allow an agency that possesses a responsive classified document originated by another agency to produce that document to the prosecutors without having first to obtain the permission of the originating agency. Any subsequent disclosure or dissemination beyond the prosecutor's initial review of the documents must first be approved by the originating agency.
     
  5. Review of Documents Identified by the IC as Responsive to the Search Request. Members of the prosecution team (including the attorneys and investigators) must have all necessary security clearances before they will be permitted access to classified information. This may be accomplished by contacting the Security Programs Staff for the Executive Office for United States Attorneys. In some instances when delay should be avoided, an uncleared AUSA may have the National/International Security Coordinator or an attorney from the CES review selected documents. During the review of classified information, it is crucial that all regulations pertaining to the handling of classified information be observed. The Justice Management Division's Security and Emergency Planning Staff will assist the prosecutor in taking the necessary measures in the USAO's to physically and administratively protect any classified information that is determined to be relevant to a particular case.

    The prosecutor must also be prepared to undertake appropriate measures for keeping track of the IC documents that are produced in response to a search request. Depending on the volume of documents produced, the administrative burden of that process may be enormous. A critical part of that burden will be the establishment of procedures for identifying what documents are produced by the IC agencies, and, thereafter, for indexing those documents that the prosecutor has reviewed and determined to be relevant to the case. In all events, classified documents obtained from the IC must be secured in the appropriate Department approved receptacle and segregated from investigative documents produced by law enforcement agencies. The Department's Security and Emergency Planning Office and CES are available to advise the prosecutor on such matters.

 

[updated January 2020]


9-90.230 - Disclosure Of Classified Information to the Grand Jury

Grand jurors do not have the security clearances required for access to classified information. Accordingly, disclosure of such information to a grand jury may only be done with the approval of the agency responsible for classifying the information sought to be disclosed.

There are measures that a prosecutor can take that will increase the likelihood that the appropriate intelligence agency will approve the use of its information before the grand jury. First and foremost is the use of an unclassified summary of the information prepared by the prosecutor in concert with the IC agency. In other instances, the agency may simply be able to declassify the particular document(s) involved, in whole or in part, by excising certain portions that make the document particularly sensitive but that are not relevant to the use desired by the prosecutor.

Of greater difficulty would be the request of a prosecutor that an intelligence agency officer or asset testify as a witness before the grand jury. If a target of the grand jury investigation was, or is, an intelligence officer, asset, or other employee of the intelligence community, in addition to the usual concerns related to the appearance of a target before the grand jury, the prosecutor must take care to protect against "retaliatory" testimony by that individual, in the form of unauthorized disclosure of classified information. Accordingly, prior to any grand jury appearance by such target, the Assistant United States Attorney, in coordination with the CES, must consult with any intelligence agency whose information may be disclosed by the target's testimony. As a rule, because hearsay testimony is permissible before the grand jury, the prosecutor will likely have alternatives, such as the testimony of a summary witness, which would obviate the need for the agency officer's testimony before the grand jury. If a summary witness is not a viable option, however, the prosecutor must obtain the approval of the CES before making any effort to secure the presence before the grand jury of an intelligence agency officer or asset. The CES will assist the prosecutor as much as possible in arranging for that testimony or in structuring an alternative thereto that will provide essentially the same information to the grand jury.

[cited in JM 9-90.200]


9-90.240 - Classified Information Procedures Act (CIPA)

The Counterintelligence and Export Control Section (CES) is responsible for the development and implementation of policies and procedures related to CIPA. All Assistant United States Attorneys and departmental attorneys prosecuting CIPA cases are required to consult with, and closely coordinate, their cases with the CES. In particular, prosecutors must:

  1. notify CES if a district court or appellate court will not accept a substitution proposed by the government under section 6(c);
  2. obtain the prior approval of the Solicitor General to file an interlocutory appeal under Section 7(a) of CIPA; and
  3. immediately notify CES if it becomes likely that an intelligence agency employee will testify in any criminal case.

CES is also responsible for the preparation of reports to Congress concerning cases in which prosecution is declined for national security reasons and reports concerning the operation and effectiveness of the act.

[cited in JM 9-90.200]

[updated January 2020]


9-90.300 - Policies for the Prosecution of Espionage, Export and Other Internal Security Offenses

Chapter 37 of 18 U.S.C. proscribes espionage and related activities. All prosecutions under Chapter 37 shall be initiated and conducted in accordance with JM 9-90.020. Various statutes supplement the provisions of Chapter 37 to criminalize activities that jeopardize the national defense or national security. Prosecutions pursuant to these provisions must also be instituted and conducted in accordance with JM 9-90.020. The Counterintelligence and Export Control Section supervises prosecutions of espionage and espionage related offenses.

[cited in JM 9-90.100]

[updated January 2020]


9-90.400 - Atomic Energy Act

Prosecutions under the Atomic Energy Act, 42 U.S.C. §§ 2272 to 2276, are subject to the requirements of JM 9-90.020 when they involve the national security. The Atomic Energy Act provides that prosecutions pursuant to it shall be commenced by the Attorney General, after he or she has notified the Nuclear Regulatory Commission. See 42 U.S.C. § 2271(c). Prosecutions brought pursuant to 42 U.S.C. § § 2272 to 2276 must be expressly authorized by the Attorney General.

[updated January 2020]


9-90.440 - Other Prohibited Transactions Involving Nuclear Materials—18 U.S.C. § 831

The Convention on the Physical Protection of Nuclear Materials Implementation Act of 1982, Pub.L. No. 97-351, makes it a criminal offense: (1) to possess unlawfully or use nuclear material when it will cause substantial injury; (2) to take or use nuclear material without authorization, or to obtain nuclear material fraudulently; or (3) to threaten or attempt to use nuclear material for illegal purposes. See 18 U.S.C. § 831.


9-90.500 - Internal Security

Numerous offenses pertaining to the internal security of the United States can be prosecuted only with the approval of, and under the supervision of, the Assistant Attorney General of the National Security Division, or higher authority. Authorization and supervision requirements are found at JM 9-90.020. The Counterintelligence and Export Control Section of the National Security Division supervises prosecutions involving internal security.

[updated January 2020]


9-90.550 - Contempt of Congress—2 U.S.C. § 192

The Counterintelligence and Export Control Section has jurisdiction over prosecutions under 2 U.S.C. § 192 in which witnesses have Communist Party or other subversive connections. Under the provisions of 2 U.S.C. § 194, contempt of Congress cases are referred directly by the Congress to the United States Attorney, by certification. If such a case is referred to a United States Attorney, in accordance with the JM 9-90.020 he or she should immediately notify the National Security Division, and no prosecution shall be initiated without prior authorization by the National Security Division.

[cited in JM 9-69.200]


9-90.600 - Export Control and Unlawful Transactions with Foreign Countries

The prosecution of any violation of export control statutes shall be authorized only in accordance with JM 9-90.020 unless otherwise noted.

The Chief of the Counterintelligence and Export Control Section supervises prosecutions of export control offenses, and can be reached at (202) 233-0986.

[updated January 2020]


9-90.610 - Export Control Reform Act—50 U.S.C. §§ 4801-4852

The Export Control Reform Act, 50 U.S.C. §§ 4801-4852, and the rules and regulations promulgated thereunder, 15 C.F.R. parts  730 to 774, prohibit the export of strategic goods and technologies without a license from the Department of Commerce. Violations are investigated by the Department of Commerce, the Department of Homeland Security and other law enforcement agencies.

The prosecution of Export Control Reform Act violations frequently involves foreign policy, national security, and intelligence issues that require close coordination with the Department of Commerce, Department of State, the CIA and other agencies. Therefore, prosecution of Export Control Reform Act violations shall not be undertaken without the prior approval of the National Security Division. See JM 9-90.020. However, the United States Attorney is authorized to take whatever action is necessary to prevent the commission of an offense where time does not permit seeking prior authorization. Often an illegal export can be prevented by seizing the items that are about to be exported. Seizure of strategic goods and technologies that are about to be exported in violation of the Export Control Reform Act is authorized by 50 U.S.C.  § 4820 and 22 U.S.C. § 401. [Violations occurring prior to the enactment of the Export Control Reform Act on August 13, 2018, may be charged under the authority of its predecessor statute, the Export Administration Act, as continued in effect by the International Emergency Economic Powers Act, 50 U.S.C. §§ 1701 et seq., upon prior approval of the National Security Division.]

[updated December 2020]


9-90.620 - Arms Export Control Act—22 U.S.C. § 2778

The Arms Export Control Act, 22 U.S.C. § 2778, and the rules and regulations promulgated thereunder, 22 C.F.R. § 121-130, prohibit the importation and exportation of arms, ammunition and implements of war without a license from the Department of State. Violations are investigated by the Customs Service.

Unless the unlicensed shipment has no relevance to the foreign relations of the United States (e.g., smuggling small quantities of weapons), prosecution of violations of the Arms Export Control Act should not be undertaken without prior approval of the National Security Division. See JM 9-90.020. However, the United States Attorney is authorized to take whatever action is necessary to prevent the commission of an offense where time does not permit seeking prior authorization. Often an illegal exportation can be circumvented by seizure of the munitions pursuant to the provisions of 22 U.S.C. § 401.


9-90.625 - Export Control and Sanctions Enforcement Policy for Business Organizations[1]

Introduction

The unlawful export of sensitive commodities, technologies, and services, as well as trading and engaging in transactions with sanctioned countries and designated individuals and entities, undermines the national security of the United States. Thwarting these unlawful efforts and holding those who violate our export controls and sanctions laws accountable is a top priority for the National Security Division (NSD) of the Department of Justice.  

Business organizations and their employees are at the forefront of the effort to combat export control and sanctions violations. As the gatekeepers of our export-controlled technologies, business organizations play a vital role in protecting our national security. The Department encourages companies to voluntarily self-disclose all potentially willful[2] violations of the statutes implementing the U.S. government’s primary export control and sanctions regimes—the Arms Export Control Act (AECA), 22 U.S.C. § 2778, the Export Control Reform Act (ECRA), 50 U.S.C. § 4801 et seq., and the International Emergency Economic Powers Act (IEEPA), 50 U.S.C. § 1705—directly to NSD.[3]

This Policy sets forth the criteria that the Department, through NSD’s  Counterintelligence and Export Control Section (CES)[4] and in partnership with the U.S. Attorneys’ Offices, uses in determining an appropriate resolution for an organization that makes a voluntary self-disclosure (VSD) in export controls and/or sanctions matters. It is important to note that almost all criminal violations of U.S. export control and sanctions laws harm the national security or have the potential to cause such harm. This threat to national security informs how the Department arrives at an appropriate resolution with a business organization and distinguishes these cases from other types of corporate wrongdoing. Federal prosecutors must balance the goal of encouraging such disclosures and cooperation against the goal of deterring these very serious offenses.  

Benefits of the Policy

With those goals in mind, it is the Department’s policy that when a company (1) voluntarily self-discloses export control or sanctions violations to CES, (2) fully cooperates, and (3) timely and appropriately remediates, consistent with the definitions below, there is a presumption that the company will receive a non-prosecution agreement and will not pay a fine, absent aggravating factors. Aggravating factors, as described below, include exports of items that are particularly sensitive or to end users that are of heightened concern; repeated violations; involvement of senior management; and significant profit.

If, due to aggravating factors, a different criminal resolution—i.e., a deferred prosecution agreement or guilty plea – is warranted for a company that has voluntarily self-disclosed, fully cooperated, and timely and appropriately remediated, the Department:

  • will accord, or recommend to a sentencing court, a fine that is, at least, 50% less than the amount that otherwise would be available under the alternative fine provision, 18 U.S.C. § 3571(d). In other words, the Department will cap the recommended fine at an amount equal to the gross gain or gross loss;[5] and
  • will not require appointment of a monitor if a company has, at the time of resolution, implemented an effective compliance program.   

At a minimum, however, even in cases in which the company is receiving a non-prosecution agreement, the company will not be permitted to retain any of the unlawfully obtained gain. The company is required to pay all disgorgement, forfeiture, and/or restitution resulting from the misconduct at issue.

Definitions

For purposes of this Policy, the following definitions apply:

1.         Voluntary Self-Disclosure

The following actions are required for a company’s disclosure to be voluntary:

  • The company discloses the conduct to CES “prior to an imminent threat of disclosure or government investigation,” U.S.S.G. § 8C2.5(g)(1);[6]
  • The company discloses the conduct to CES “within a reasonably prompt time after becoming aware of the offense,” U.S.S.G. § 8C2.5(g)(1), with the burden on the company to demonstrate timeliness;[7] and
  • The company discloses all relevant facts known to it at the time of the disclosure, including as to any individuals substantially involved in or responsible for the misconduct at issue.[8]

It is important to note that when a company identifies potentially willful conduct, but chooses to self-report only to a regulatory agency and not to DOJ, the company will not qualify for the benefits of a VSD under this Policy in any subsequent DOJ investigation. 

2.         Full Cooperation

In addition to the provisions contained in the Principles of Federal Prosecution of Business Organizations, see Justice Manual 9-28.000, the following actions will be required for a company to receive credit for full cooperation for purposes of this Policy:

  • Disclosure on a timely basis of all facts relevant to the wrongdoing at issue, including: all relevant facts gathered during a company’s internal investigation; attribution of facts to specific sources where such attribution does not violate the attorney-client privilege, rather than a general narrative of the facts; timely updates on a company’s internal investigation, including but not limited to rolling disclosures of information; all facts related to involvement in the criminal activity by the company’s officers, employees, or agents; and all facts known or that become known to the company regarding potential criminal conduct by all third-party companies (including their officers, employees, or agents);
  • Proactive cooperation, rather than reactive; that is, the company must timely disclose all facts that are relevant to the investigation, even when not specifically asked to do so.  Additionally, where the company is aware of relevant evidence not in the company’s possession, it must identify that evidence to the Department.
  • Timely preservation, collection, and disclosure of relevant documents and information relating to their provenance, including (a) disclosure of overseas documents, the locations in which such documents were found, and who found the documents, (b) facilitation of third-party production of documents, and (c) where requested and appropriate, provision of translations of relevant documents in foreign languages;
    • Note: When a company claims that disclosure of overseas documents is prohibited due to data privacy, blocking statutes, or other reasons related to foreign law, the company bears the burden of establishing the prohibition. Moreover, a company should work diligently to identify all available legal bases to provide such documents;
  • When requested and appropriate, de-confliction of witness interviews and other investigative steps that a company intends to take as part of its internal investigation with steps that the Department intends to take as part of its investigation;[9] and
  • When requested, making available for interviews by the Department those company officers and employees who possess relevant information; this includes, when appropriate and possible, officers, employees, and agents located overseas as well as former officers and employees (subject to the individuals’ Fifth Amendment rights), and, when possible, the facilitation of production of third-party witnesses.

As set forth in Justice Manual 9-28.720, eligibility for cooperation credit is not predicated upon the waiver of the attorney-client privilege or work product protection. Nothing herein alters the Justice Manual policy, which remains in full force and effect. Furthermore, not all companies will satisfy all the components of full cooperation, whether because they decide to cooperate only later in an investigation or they timely decide to cooperate but fail to meet all of the criteria listed above. In general, such companies should be eligible for some cooperation credit if they provide all relevant information related to individual accountability, but the benefits generally will be markedly less than for full cooperation as defined in this Policy, depending on the extent to which the cooperation is lacking.

3. Timely and Appropriate Remediation

The following items will be required for a company to receive full credit for timely and appropriate remediation under this Policy:[10]

  • Demonstration of thorough analysis of causes of underlying conduct (i.e., a root cause analysis) and, when appropriate, remediation to address the root causes;
  • Implementation of an effective compliance program, the criteria for which will be periodically updated and which may vary based on the size and resources of the organization, but may include:
    • The company’s culture of compliance, including awareness among employees that any criminal conduct, including the conduct underlying the investigation, will not be tolerated;
    • The resources the company has dedicated to compliance;
    • The quality and experience of the personnel involved in compliance, such that they can understand and identify the transactions and activities that pose a potential risk;
    • The authority and independence of the compliance function and the availability of compliance expertise to the board;
    • The effectiveness of the company’s risk assessment and the manner in which the company’s compliance program has been tailored based on that risk assessment;
    • The compensation and promotion of the personnel involved in compliance, in view of their role, responsibilities, performance, and other appropriate factors;
    • The auditing of the compliance program to assure its effectiveness; and
    • The reporting structure of any compliance personnel employed or contracted by the company.
  • Appropriate discipline of employees, including those identified by the company as responsible for the misconduct, either through direct participation or failure in oversight, as well as those with supervisory authority over the area in which the criminal conduct occurred;
  • Appropriate retention of business records, and prohibition of the improper destruction or deletion of business records, including implementing appropriate guidance and controls on the use of personal communications and ephemeral messaging platforms that undermine the company’s ability to appropriately retain business records or communications or otherwise comply with the company’s document retention policies or legal obligations; and
  • Any additional steps that demonstrate recognition of the seriousness of the company’s misconduct, acceptance of responsibility for it, and the implementation of measures to reduce the risk of repetition of such misconduct, including measures to identify future risks.

Potential Aggravating Factors

The following are examples of aggravating factors that represent elevated threats to the national security and that, if present to a substantial degree, could result in a more stringent resolution for an organization that has engaged in criminal export control and/or sanctions violations:[11]

  • Exports of items controlled for nuclear nonproliferation or missile technology reasons to a proliferator country;
  • Exports of items known to be used in the construction of weapons of mass destruction;
  • Exports to a Foreign Terrorist Organization or Specially Designated Global Terrorist;
  • Exports of military items to a hostile foreign power;
  • Repeated violations, including similar administrative or criminal violations in the past; and
  • Knowing involvement of upper management in the criminal conduct.

Conclusion  

This Policy will serve to further deter export control and sanctions violations in the first place; encourage companies to implement strong export control and sanctions compliance programs to prevent and detect such violations; and increase the ability of the Department to prosecute individual wrongdoers whose conduct might otherwise have gone undiscovered or been impossible to prove.


 

[1] This Policy supersedes the Department’s “Guidance Regarding Voluntary Self-Disclosures, Cooperation, and Remediation in Export Control and Sanctions Investigations Involving Business Organizations,” dated October 2, 2016. This Policy does not create any privileges, benefits, or rights, substantive or procedural, enforceable by any individual, organization, party, or witness in any administrative, civil, or criminal matter.

[2] In export control and sanctions cases, NSD uses the definition of willfulness set forth in Bryan v. United States, 524 U.S. 184 (1998). Under Bryan, an act is willful if done with the knowledge that it is illegal. The government, however, is not required to show the defendant was aware of the specific law, rule, or regulation that its conduct may have violated.

[3] Businesses should continue to make voluntary self-disclosures to appropriate regulatory agencies under existing procedures. It is not the purpose of this Policy to alter that practice.

[4] Voluntary self-disclosures (VSDs) covered by this Policy should be emailed to CES at the following address: NSDCES.ExportVSD@usdoj.gov. VSDs can also be mailed to the Deputy Chief for Export Control and Sanctions, Counterintelligence and Export Control Section, 950 Pennsylvania Ave., NW, Washington, D.C. 20530. The current Deputy Chief is Elizabeth L. D. Cannon, elizabeth.cannon@usdoj.gov.

[5] The Fine Guidelines for corporate defendants, covered in the U.S. Sentencing Guidelines (U.S.S.G.) §§ 8C2.1 - 8C2.9, do not apply to charges for export control and sanctions violations. See U.S.S.G. § 8C2.1. Instead U.S.S.G. § 8C2.10 directs that the fine be determined pursuant to “the general statutory provisions governing sentencing.”  See U.S.S.G. § 8C2.10 cmt. background. Prosecutors in these matters rely on the alternative fine provision in 18 U.S.C. § 3571(d) and on forfeiture. Under 18 U.S.C. § 3571(d), the fine would ordinarily be capped at an amount equal to twice the gross gain or gross loss. In addition, DDTC, BIS, and OFAC commonly impose administrative fines for export control and sanctions violations. Consistent with Department policy, NSD attorneys will endeavor to coordinate with and consider the amount of fines, penalties, and/or forfeiture paid to other federal, state, local, or foreign enforcement authorities that are seeking to resolve a case with a company for the same misconduct. See Justice Manual § 1-12.100.

[6] If a company makes a disclosure before it becomes aware of an ongoing nonpublic government investigation, the company will be considered to have made a voluntary self-disclosure.

[7] When a company undertakes a merger or acquisition, uncovers misconduct by the merged or acquired entity through thorough and timely due diligence or, in appropriate instances, through post-acquisition audits or compliance integration efforts, and voluntarily self-discloses the misconduct and otherwise takes action consistent with this Policy (including, among other requirements, the timely implementation of an effective compliance program at the merged or acquired entity), there will be a presumption of a non-prosecution agreement in accordance with and subject to the other requirements of this Policy.

[8] The Department recognizes that a company may not be in a position to know all relevant facts at the time of a voluntary self-disclosure, especially where only preliminary investigative efforts have been possible. In such circumstances, a company should make clear that it is making its disclosure based upon a preliminary investigation or assessment of information, but it should nonetheless provide a fulsome disclosure of the relevant facts known to it at that time.

[9] Although the Department may, where appropriate, request that a company refrain from taking a specific action for a limited period of time for de-confliction purposes, the Department will not take any steps to affirmatively direct a company’s internal investigation efforts.

[10] NSD will also coordinate with the appropriate regulatory agency in assessing a corporation’s remediation efforts and compliance program.

[11] This list is not exhaustive.

[added December 2019]



9-90.630 - Trading With the Enemy Act—50 U.S.C. § 4305(b)/Foreign Assets Control

Pursuant to the authority granted in the Trading With the Enemy Act, 50 U.S.C. § 4305(b), the Secretary of the Treasury has promulgated regulations prohibiting unlicensed transactions between U.S. nationals and certain designated foreign countries and their nationals. See 31 C.F.R. § 500.101. Investigations of violations of the Foreign Assets Control regulations are conducted by the Treasury Department, and cases are referred by that Department to the CES. Prosecutors must consult the CES  before charging violations of the Trading With the Enemy Act.

[updated December 2020]


9-90.640 - International Emergency Economic Powers Act—50 U.S.C. § 1701 et seq.

Pursuant to the International Emergency Economic Powers Act, 50 U.S.C. §§ 1701-1707, the President is granted authority to declare a national emergency with respect to any unusual and extraordinary threat that has its source outside the United States, and to take action to meet that threat including the imposition of controls over property in which any foreign country or a national thereof has an interest. Criminal violations are investigated by the Treasury Department. Prosecution of violations which involve the export of property in which a foreign national or foreign country has an interest shall not be undertaken without prior approval of the CES of the National Security Division. See JM 9-90.020.

[updated December 2020]


9-90.700 - Registration and Lobbying Provisions

The CES enforces four registration statutes: (1) the Foreign Agents Registration Act of 1938, as amended, 22 U.S.C. § 611 et seq.; (2) the Voorhis Act, 18 U.S.C. § 2386; (3) the Act of August 1, 1956, 50 U.S.C. § § 851 to 857; and (4) the Federal Regulation of Lobbying Act, 2 U.S.C. § 261 et seq.; and a related statute, 18 U.S.C. § 219, which is a conflict of interest provision. The express prior approval of the National Security Division or higher authority must be obtained before prosecution may be initiated under any of these provisions. See JM 9-90.020. In addition, the CES is responsible for the supervision of prosecutions under 2 U.S.C. § 441e, the foreign campaign contribution prohibition. The CES should be consulted before initiating grand jury proceedings, or seeking an indictment or filing an information under these provisions. In addition, the Counterintelligence and Export Control Section or higher authority must be consulted prior to the dismissal of any counts pursuant to the Foreign Agents Registration Act of 1938, as amended 22 U.S.C. § 611 et seq. See JM 9-90.020.

[updated January 2020] 


9-90.710 - Foreign Agents Registration Act—22 U.S.C. § 611 et seq.

The Foreign Agents Registration Act (FARA) requires that agents of foreign principals engaged in political or quasi-political activities register with the Attorney General unless exempt. Inquiries regarding administration and enforcement of FARA should be directed to the Registration Unit, National Security Division, Department of Justice, Washington, D.C. 20530. No prosecution under FARA may be instituted without the express prior approval of the National Security Division or higher authority.

[updated January 2020]


9-90.720 - Public Officials Acting As Agents Of Foreign Principals—18 U.S.C. § 219

It is illegal for a public official to act as an agent of a foreign principal in such a manner as to require his/her registration under the Foreign Agents Registration Act (FARA). See 18 U.S.C. § 219. This prohibition does not apply to the employment of a foreign agent as a special United States Government employee in any case where the head of the employing agency certifies that such employment is required in the national interest. No prosecution under this section should be instituted without the express authorization of the National Security Division or higher authority. See JM 9-90.020.

Note that Members of Congress are expressly covered by 18 U.S.C. § 219.

[updated January 2020]


9-90.730 - Disclosure of Foreign Influence Operations

Foreign influence operations include covert actions by foreign governments intended to sow divisions in our society, undermine confidence in our democratic institutions, and otherwise affect political sentiment and public discourse to achieve strategic geopolitical objectives. Such operations are often empowered by modern technology that facilitates malicious cyber activity and covert or anonymous communications with U.S. audiences on a mass scale from abroad.

Our Nation’s democratic processes and institutions are strong and must remain resilient in the face of this threat. It is the policy of the Department of Justice to investigate, disrupt, and prosecute the perpetrators of illegal foreign influence activities where feasible. It is also the Department’s policy to alert the victims and unwitting targets of foreign influence activities, when appropriate and consistent with the Department’s policies and practices, and with our national security interests.

It may not be possible or prudent to disclose foreign influence operations in certain contexts because of investigative or operational considerations, or other constraints. In some circumstances, however, public exposure and attribution of foreign influence operations can be an important means of countering the threat and rendering those operations less effective.

Information the Department of Justice collects concerning foreign influence operations may be disclosed as follows:

  • To support arrests and charges for federal crimes arising out of foreign influence operations, such as hacking or malicious cyber activity, identity theft, and fraud.
  • To alert victims of federal crimes arising out of foreign influence operations, consistent with Department guidelines on victim notification and assistance. See Attorney General Guidelines for Victim and Witness Assistance; see also 34 U.S.C. § 20141 (Victims’ Rights and Restitution Act); 18 U.S.C. § 3771 (Crime Victims’ Rights Act).
  • To alert unwitting recipients of foreign government-sponsored covert support, as necessary to assist in countering the threat.
  • To alert technology companies or other private sector entities to foreign influence operations where their services are used to disseminate covert foreign government propaganda or disinformation, or to provide other covert support to political organizations or groups.
  • To alert relevant Congressional committees to significant intelligence activities, consistent with statutory reporting requirements and Executive Branch policies.
  • To alert the public or other affected individuals, where the federal or national interests in doing so outweigh any countervailing considerations. For example, there may be an important federal or national interest in publicly disclosing a foreign influence operation that threatens to undermine confidence in the government or public institutions; risks inciting violence or other illegal actions; or may cause substantial harm, alarm, or confusion if left unaddressed. On the other hand, in some cases, public disclosure of a foreign influence operation may be counterproductive because it may amplify or otherwise exacerbate the foreign government’s messaging, or may re-victimize the victim.

In performing these functions, the Department will be mindful of the following principles and policies:

  • Partisan political considerations must play no role in efforts to alert victims, other affected individuals, or the American public to foreign influence operations against the United States. Such efforts must not be for the purpose of conferring any advantage or disadvantage on any political or social group or any individual or organization.
  • In considering whether and how to disclose foreign influence operations, or the details thereof, the Department will seek to protect intelligence sources and methods, investigations, and other U.S. government operations.
  • Foreign influence operations will be publicly identified as such only when the Department can attribute those activities to a foreign government with high confidence. Disinformation or other support or influence by unknown or domestic sources not acting on behalf of a foreign government is beyond the scope of this policy.
  • Where a criminal or national security investigation during an election cycle is at issue, the Department must also be careful to adhere to longstanding policies regarding the timing of charges or taking overt investigative steps. See, e.g., U.S. Dept. of Justice, Federal Prosecution of Election Offenses 8-9, 84–85 (8th ed. 2017).

The Department (including the FBI) will not necessarily be the appropriate entity to disclose information publicly concerning a foreign influence operation. Where a Department component is considering whether to alert the general public to a specific foreign influence operation, consultation with the National Security Division is required. Nothing in this policy is intended to impair information sharing undertaken by Department components for investigative or intelligence purposes.

[updated November 2022]