On December 10, the NRC staff issued SECY-21-0105 seeking approval from the NRC commissioners to publish a notice of final rule that would officially replace the NRC's sensitive unclassified non-safeguards information (SUNSI) program with a Controlled Unclassified Information (CUI) program. The new rules would appear in 10 CFR Part 2, "Agency Rules of Practice and Procedure," and be consistent with the government-wide rules on CUI in 32 CFR Part 2002.
Several years ago, the US government embarked on a project to standardize federal agency programs—including the NRC’s—for managing unclassified-but-sensitive information. At the NRC, this government-wide Controlled Unclassified Information (CUI) program is intended to replace the agency’s Sensitive Unclassified Non-Safeguards Information (SUNSI) program.
The NRC published a notice of a petition for rulemaking from the Tribal Radioactive Materials Transportation Committee (TRMTC) in the Federal Register on April 9 asking the NRC to revise 10 CFR Part 37 to require that licensees provide advanced notification to participating tribal governments of certain radioactive material shipments that will cross a tribe’s reservation.
The comment period for the NRC’s draft Regulatory Issue Summary (RIS) on true identity verification requirements closed on June 15, 2020. The industry had asked for and received a 45-day extension from the original April 30 deadline to provide comments.
Executive Order 13920, “Securing the United States Bulk-Power System,” issued on May 1 limits the US use of bulk-power system equipment produced by “foreign adversaries.”
Read our recent LawFlash discussing the US Department of the Treasury’s updated criteria outlining which businesses are eligible to apply for CARES Act loans allocated for businesses “critical to maintaining national security.”
Read our recent LawFlash detailing the key takeaways for energy companies from the Coronavirus Aid, Relief, and Economic Security Act signed into law on March 27. Although the act does not expressly provide relief for energy companies, many of its provisions impact energy sector companies.
The NRC published notice of a draft Regulatory Issue Summary (RIS) (previously published in ADAMS) in the Federal Register on March 31. The draft RIS purports to “clarify” licensees’ requirements pursuant to 10 CFR § 73.56(d)(3) to verify the “true identity” of non-immigrant foreign nationals who are granted unescorted access to nuclear power plants.
Nuclear Power Corporation of India Limited (NPCIL) announced on October 30 that the malware “Dtrack” had been found on the administrative network of the Kudankulam Nuclear Power Plant (KKNPP) in early September 2019. KKNPP is the largest nuclear power plant in India, equipped with two Russian-designed VVER pressurized water reactors, each with a capacity of 1,000 megawatts. Both reactor units feed southern India’s power grid.
The Nuclear Regulatory Commission’s (NRC’s) Assistant Inspector General for Audits issued a memorandum on August 20 on the status of recommendations based on the Office of Inspector General’s (OIG’s) Audit of NRC’s Cyber Security Inspections at Nuclear Power Plants (OIG-19-A-13). As previously reported on Up & Atom, OIG recommended that the NRC work to close the critical skill gap for future cybersecurity inspection staffing, and develop and implement cybersecurity performance measures for licensees to use to demonstrate sustained program effectiveness. Based on the NRC’s July 3, 2019, response, OIG has issued this status of recommendations.