For Official Use Only (FOUO)
And Similar Designations

For Official Use Only (FOUO) is a document designation, not a classification. This designation is used by Department of Defense and a number of other federal agencies to identify information or material which, although unclassified, may not be appropriate for public release.

There is no national policy governing use of the For Official Use Only designation. DoD Directive 5400.7 defines For Official Use Only information as "unclassified information that may be exempt from mandatory release to the public under the Freedom of Information Act (FOIA)." The policy is implemented by DoD Regulation 5400.7-R and 5200.1-R.

  The For Official Use Only designation is also used by CIA, Homeland Security, and a number of other federal agencies, but each agency is responsible for determining how it shall be used. The categories of protected information may be quite different from one agency to another, although in every case the protected information must be covered by one of the nine categories of information that are exempt from public release under FOIA.

Some agencies use different terminology for the same types of information. For example, Department of Justice uses For Official Use Only but adds the words Law Enforcement Sensitive, abbreviated FOUO-LES. Department of Energy uses Official Use Only (OUO). The National Geospatial-Intelligence Agency uses Limited Distribution. Department of State uses Sensitive But Unclassified (SBU), formerly called Limited Official Use (LOU). The Drug Enforcement Administration uses DEA Sensitive. In all cases the designations refer to unclassified, sensitive information that is or may be exempt from public release under the Freedom of Information Act.

The fact that information is marked FOUO or any comparable designation does not mean it is automatically exempt from public release under FOIA. If a request for the information is received, it must be reviewed to see if it meets the FOIA dual test: (1) It fits into one of the nine FOIA exemption categories, and (2) There is a legitimate government purpose served by withholding the information. On the other hand, the absence of the FOUO or other marking does not automatically mean the information must be released in response to a FOIA request.

Statutory/Regulatory Responsibilities & Obligations

Each government department or agency defines what information shall be protected and how its protected information shall be handled. The procedures for marking, safeguarding, and controlling access to FOUO and comparable categories of information are very similar for all the agencies, but there are some individual differences. The following information pertains only to Department of Defense FOUO information. When dealing with comparable information from another department or agency, check with the originator regarding appropriate handling.

Access to FOUO Information

FOUO information may be disseminated within the DoD components and between officials of the DoD components and DoD contractors, consultants, and grantees as necessary in the conduct of official business. FOUO information may also be released to officials in other departments and agencies of the executive and judicial branches as needed for a lawful and authorized government purpose.

Special procedures govern the release of FOUO information to Congress and the General Accounting Office (GAO). Special procedures are also required before NGA Limited Distribution information may be provided to any foreign government.

The final responsibility for determining whether an individual has a valid need for access to information designated FOUO rests with the individual who has authorized possession, knowledge or control of the information and not on the prospective recipient.

Marking FOUO Information

Unclassified documents and material containing FOUO information shall be marked as follows:

• Documents will be marked FOR OFFICIAL USE ONLY at the bottom of the front cover (if there is one), the title page (if there is one), the first page, and the outside of the back cover (if there is one).
   
• Pages of the document that contain FOUO information shall be marked FOR OFFICIAL USE ONLY at the bottom.
   
• Each paragraph containing FOUO information shall be marked with the abbreviation FOUO in parentheses at the beginning of the FOUO portion. Subjects, titles, and each section or part of a document shall be similarly marked.
   
• Material other than paper documents (for example, slides, computer media, films, etc.) shall bear markings which alert the holder or viewer that the material contains FOUO information.
   

• FOUO documents and material transmitted outside the Department of Defense must bear an expanded marking on the face of the document so that non-DoD holders understand the status of the information. A statement similar to this one should be used:

This document contains information exempt
from mandatory disclosure under the FOIA.
Exemption(s) _ apply.

When FOUO information is contained within a classified document, the same rules apply except that full pages that contain FOUO information but no classified information shall be marked FOR OFFICIAL USE ONLY at both the top and bottom of the page.

Safeguarding FOUO Information

FOUO information should be handled in a manner that provides reasonable assurance that unauthorized persons do not gain access.

During working hours, reasonable steps should be taken to minimize risk of access by unauthorized personnel. After working hours, FOUO may be stored as a minimum in unlocked containers, desks or cabinets if government or government-contract building security is provided. If government or government-contract building security is not provided, it must be stored at a minimum in a locked desk, file cabinet, bookcase, locked room, or similar place.

FOUO documents and material may be transmitted via first class mail, parcel post, or -- for bulk shipments -- fourth class mail.

Electronic transmission of FOUO information, e.g., voice, data or facsimile, and e-mail, shall be by approved secure communications systems or systems utilizing other protective measures such as Public Key Infrastructure (PKI), whenever practical. FOUO information may be put on an Internet web site only if access to the site is limited to a specific target audience and the information is encrypted. See Pre-Publication Review of Web Site Content.

FOUO documents may be destroyed by any of the means approved for the destruction of classified information, or by any other means that would make it difficult to recognize or reconstruct the information.

Enforcement

Administrative penalties may be imposed for misuse of FOUO information. Criminal penalties may be imposed depending on the actual content of the information (privacy, export control, etc.).

Legal & Regulatory Authorities
5 USC 301 - Departmental Regulations
DoD Regulation 5200.1-R - The Information Security Program
DoD Directive 5400.7 - The Freedom of Information Act (FOIA) Program
DoD Regulation 5400.7-R – The DoD Freedom of Information Act Program
DoD Regulation 5400.11-R – Department of Defense Privacy Program

HOME   |  SENSITIVE UNCLASSIFIED CONTENTS   |   TOP OF PAGE   |   HELP

INFORMATION | CONDUCT | THREATS | TECH VULNERABILITY | ASSISTANCE
SPY STORIES | TREASON 101