Having a security clearance means handling documents with strict procedures regarding who else can see or handle them. For Official Use Only (FOUO) is one of many designations, but it is nonetheless an important label to understand. Whether you have a security clearance or are hoping to get one, knowing this information will help you in a job interview by showing that you’ve researched proper procedures, and take them seriously.
For Official Use Only (FOUO) is a document designation, not a classification. This designation is used by Department of Defense and a number of other federal agencies to identify information or material which, although unclassified, may not be appropriate for public release.
There is no national policy governing use of the For Official Use Only designation. DoD Directive 5400.7 defines For Official Use Only information as "unclassified information that may be exempt from mandatory release to the public under the Freedom of Information Act (FOIA)." The policy is implemented by DoD Regulation 5400.7-R and 5200.1-R.
The For Official Use Only designation is also used by CIA and a number of other federal agencies, but each agency is responsible for determining how it shall be used. The categories of protected information may be quite different from one agency to another, although in every case the protected information must be covered by one of the nine categories of information that are exempt from public release under FOIA.
Some agencies use different terminology for the same types of information. For example, Department of Energy uses Official Use Only (OUO). Department of State uses Sensitive But Unclassified (SBU), formerly called Limited Official Use (LOU). The Drug Enforcement Administration uses DEA Sensitive. In all cases the designations refer to unclassified, sensitive information that is or may be exempt from public release under the Freedom of Information Act.
The fact that information is marked FOUO does not mean it is automatically exempt from public release under FOIA. If a request for the information is received, it must be reviewed to see if it meets the FOIA dual test: (1) It fits into one of the nine FOIA exemption categories, and (2) There is a legitimate government purpose served by withholding the information. On the other hand, the absence of the FOUO or other marking does not automatically mean the information must be released in response to a FOIA request.
Statutory/Regulatory Responsibilities & Obligations
Each government department or agency defines what information shall be protected and how its protected information shall be handled. The following information pertains only to Department of Defense FOUO information. When dealing with sensitive but unclassified information from another department or agency, check with the originator regarding appropriate handling.
Access to FOUO Information
FOUO information may be disseminated within the DoD components and between officials of the DoD components and DoD contractors, consultants, and grantees as necessary in the conduct of official business. FOUO information may also be released to officials in other departments and agencies of the executive and judicial branches in performance of a valid government function.
Marking FOUO Information
Unclassified documents and material containing FOUO information shall be marked as follows:
- Documents will be marked FOR OFFICIAL USE ONLY at the bottom of the front cover (if there is one), the title page (if there is one), the first page, and the outside of the back cover (if there is one).
- Pages of the document that contain FOUO information shall be marked FOR OFFICIAL USE ONLY at the bottom.-
- Each paragraph containing FOUO information shall be marked with the abbreviation FOUO in parentheses at the beginning of the FOUO portion.
- Material other than paper documents (for example, slides, computer media, films, etc.) shall bear markings which alert the holder or viewer that the material contains FOUO information.
- FOUO documents and material transmitted outside the Department of Defense must bear an expanded marking on the face of the document so that non-DoD holders understand the status of the information. A statement similar to this one should be used:
This document contains information exempt from mandatory disclosure under the FOIA. Exemption(s) _ apply.
When FOUO information is contained within a classified document, the same rules apply except that full pages that contain FOUO information but no classified information shall be marked FOR OFFICIAL USE ONLY at both the top and bottom of the page.
Safeguarding FOUO Information
FOUO information should be handled in a manner that provides reasonable assurance that unauthorized persons do not gain access.
During working hours, reasonable steps should be taken to minimize risk of access by unauthorized personnel. After working hours, FOUO may be stored as a minimum in unlocked containers, desks or cabinets if government or government-contract building security is provided. If government or government-contract building security is not provided, it must be stored at a minimum in a locked desk, file cabinet, bookcase, locked room, or similar place.
FOUO documents and material may be transmitted via first class mail, parcel post, or -- for bulk shipments -- fourth class mail.
Fax or e-mail transmission of FOUO information (voice, data or facsimile) should be by encrypted communications systems whenever practical. FOUO information may be put on an Internet web site only if access to the site is limited to a specific target audience and the information is encrypted. See Pre-Publication Review of Web Site Content.
FOUO documents may be destroyed by shredding or tearing into pieces and discarding the pieces in a regular trash container unless circumstances suggest a need for more careful protection.
Administrative penalties may be imposed for misuse of FOUO information. Criminal penalties may be imposed depending on the actual content of the information (privacy, export control, etc.).
Legal & Regulatory Authorities 5 USC 301 - Departmental Regulations DoD Regulation 5200.1-R - The Information Security Program DoD Directive 5400.7 - The Freedom of Information Act (FOIA) Program DoD Regulation 5400.7-R – The DoD Freedom of Information Act Program DoD Regulation 5400.11-R – Department of Defense Privacy Program