Ad Hoc Group Working Paper 231

The Biological and Toxin Weapons Convention (BTWC) Database

Working Paper by the Friend of the Chair on Confidentiality: Confidentiality Annex (WP.231)

The full text of this Working Paper is provided below; this is from the 8th Session of the Ad Hoc Group of States Parties. Please note: the page numbers given are those which appear in the original text.

Click here to view the Disclaimer.

Click here to return to the list of Working Papers.

AD HOC GROUP OF THE STATES PARTIES
TO THE CONVENTION ON THE PROHIBITION
OF THE DEVELOPMENT, PRODUCTION AND
STOCKPILING OF BACTERIOLOGICAL
(BIOLOGICAL) AND TOXIN WEAPONS AND
ON THEIR DESTRUCTION

BWC/AD HOC GROUP/WP.231
25 September 1997

Original: ENGLISH

________________________________________________________________________________

Eighth session
Geneva, 15 September - 3 October 1997

Working paper submitted by the Friend of the Chair
on Confidentiality

Article IV: Confidentiality Annex

I. General principles for the handling of confidential information

1. The Need-to-know Principle

[The Organization] shall require only the minimum amount of information and data necessary for the timely and efficient carrying out of its responsibilities under [this Protocol] and shall avoid any access to [confidential] information and data not related to the aims of this Protocol. [The Organization] shall define as precisely as possible the information to which [the Organization] shall be given access by the States Parties.

2. The Confidentiality Regime

In order to establish the regime governing the handling of confidential information pursuant to Article IV (hereinafter referred to as the Confidentiality Regime), an appropriate unit of [the Secretariat] (hereinafter referred to as the Confidentiality Unit) [shall][may] be charged with overall supervision of the administration of confidentiality provisions.

As the objective of the Confidentiality Regime is the protection of the rights of the States Parties providing the information, the regime shall be considered and approved by [the Conference of the States Parties]. The approval of [the Conference] shall be mandatory for opening, further handling and authorized release of the information and data the States Parties have passed on to [the Organization] in confidence.

Subsequently, the [Director-General] shall report annually to [the Conference] on the implementation of the regime governing the handling of confidential information by [the Secretariat].

GE.97-64392

BWC/AD HOC GROUP /WP.231
page 2

3. The establishment of a Classification System

The head of the Confidentiality Unit or persons to whom it has delegated such authority shall have the authority to classify information and data received from outside [the Secretariat] according to a classification system, which is to be introduced by the head of the Confidentiality Unit. The classification system shall provide for clear criteria ensuring the inclusion of information into appropriate categories of confidentiality and shall be considered and approved by [the Conference].

All data and documents obtained by [the Secretariat] shall be evaluated by the Confidentiality Unit in order to establish whether they contain confidential information. If confidential information is contained, the Confidentiality Unit shall classify this information according to the classification system [provided that the State Party of which the information was obtained has not already classified that information].

4. Criteria for Confidentiality

Information shall be considered confidential if:

(i) it is designated to be confidential from the State Party from which the information was obtained and to which the information refers; or

(ii) in the judgement of [the Director-General or][the head of the Confidentiality Unit], its unauthorized disclosure could reasonably be expected to either cause damage to the State Party to which it refers or to the mechanisms for implementation of this Protocol.

5. Obligations for handling of Confidential Information

Each access by a staff member of [the Secretariat] to [a physical medium holding] confidential information shall be regulated in accordance with its classification and shall be granted only on a need-to-know basis. [Each access to confidential information of [(level) to be specified] shall be recorded on file when accessing and exiting. This record shall be retained for [(time period) to be specified]].

Wherever possible [the Secretariat] shall avoid the transmission of [(level) to be specified] confidential information in telephone conversations, by electronic means or fax/telex to or from locations outside of [the Secretariat][unless it is enciphered (coded)(scrambled)].

Each State Party shall treat information which it receives from [the Organization] in accordance with the level of confidentiality established for that information. Upon

BWC/AD HOC GROUP /WP.231
page 3

request, a State Party shall provide details on the handling of information provided to it by [the Organization].

6. Obligations for intended release of Confidential Information

No confidential information obtained by [the Secretariat] in connection with the implementation of this Convention shall be published or otherwise released, except under at least one of the following conditions:

(i) the information is [summarized][generalized] in a way that the resulting information is no longer of a confidential nature;

(ii) all States Parties directly concerned explicitly agree to the publication/release;

(iii) the information is - in accordance with the provisions set forth in [this Protocol] - required by the States Parties to be assured of the continued compliance with this Convention by other States Parties;

(iv) [after carefully weighing up,][in the judgement of the Director-General] the release is necessary to fulfil [the Organization's] obligations under this Protocol.

[If necessary to fulfil its obligations under this Protocol,][the Secretariat] may grant access to information and data classified as confidential to entities or individuals not staff of [the Secretariat] only on specific approval of [the Director-General][the head of the Confidentiality Unit]. [The Secretariat] shall notify a State Party [at least 30 days] before any such access is intended.

7. Obligation for special investigation on request

[The Secretariat] shall at the request of the States Parties be prepared to examine information and data which the States Parties regard as being of particular sensitivity in a special manner. Such information and data would not [in any case] have to be physically transmitted to [the Secretariat], provided that it remained available for ready further examination by [the Secretariat] on premises of the States Parties.

___________

Click here to return to the list of AHG documents.