Proposals for further consideration by the Friend of the Chair on Confidentiality Issues

ARTICLE IV

CONFIDENTIALITY PROVISIONS

1. The Organization shall conduct its activities provided for under this Protocol in the least intrusive manner consistent with the timely and efficient accomplishment of their objectives. It shall request only the information and data necessary to fulfil its responsibilities under this Protocol and shall use this data and information only for the purpose of this Protocol. It shall avoid, to the extent possible, any access to information and data not related to the aims of this Protocol. It shall take every precaution to protect the confidentiality of information on civil and military activities and facilities in the implementation of this Protocol and, in particular, shall abide by the confidentiality provisions set forth in this Protocol.

2. Each State Party shall have the right to take measures as it deems necessary to protect confidential information in accordance with the provisions of the Protocol.

3. The Director-General shall have the primary responsibility for ensuring the protection of all confidential information which comes into possession of the Technical Secretariat. Based on guidelines provided for within this Protocol, the Director-General shall establish and maintain a stringent regime governing the handling of confidential information by the Technical Secretariat (hereinafter referred to as "the Confidentiality Regime") including measures to protect confidential information obtained in the course or as a result of on-site activities as well as the necessary procedures to be followed in case of breaches or alleged breaches of confidentiality to ensure effective protection against unauthorized disclosure. This regime shall be approved and periodically reviewed by the Conference of the States Parties.

It is proposed to deal with content and handling of the reports in Article III and Annex D:

4. States Parties shall be entitled to receive in accordance with the relevant provisions of this Protocol the following:³⁰

(a) The initial and annual declarations provided by States Parties on a reciprocal basis in accordance with paragraph 2, subsection II, and paragraph 4, subsection III of Article III, section D;

(b) Reports on the activities of the Technical Secretariat as compiled and issued by the Director-General;

(c) Reports on investigations as well as observations and comments on these reports, if any, from the receiving States Parties in accordance with Annex D; [If necessary, the information contained in these reports shall be edited to ensure that they contain no confidential information;]

(d) Reports on visits in accordance with Article III, section D, subsection II; [If necessary, the information contained in these reports shall be edited to ensure that they contain no confidential information;]

(e) Annual declarations required under Article VII;

(f) Other information and data to be supplied to States Parties in accordance with the provisions of this Protocol.

Each State Party shall treat information and data received from the Organization in accordance with the level of confidentiality established for that information and data and shall treat it exclusively in connection with its rights and obligations under this Protocol and in accordance with its provisions.

5. The relevant organs and subsidiary organs of the Organization shall be entitled to receive from the Technical Secretariat information and data necessary for the performance of the functions entrusted to them by the provisions of this Protocol. The provision of any confidential information and data shall be strictly limited to the minimum necessary for the performance of these functions and shall be in conformity with the procedures of the Confidentiality Regime.

It is proposed to delete paragraph 6 and to merge the text with paragraph 8 of Annex E, section III:

6. The Director-General shall impose appropriate disciplinary measures on staff members of the Technical Secretariat who violated their obligations to protect confidential information. In case of breaches of confidentiality, the immunity of [the Director-General and] the staff members of the Technical Secretariat [as well as the immunity of the Organization] may be waived in accordance with the provisions on privileges and immunities contained in Article IX of this Protocol and the agreement referred to in paragraph 49 of that Article.

7 6. Any State Party to this Protocol which considers that it has been affected by a breach of confidentiality or that its natural or legal persons have suffered from damage through such a breach may seek to settle the dispute in accordance with the provisions set forth in Article XII. In case a dispute related to confidentiality cannot be settled between the States Parties or between States Parties and the Organization directly, a commission for the settlement of disputes related to confidentiality (hereinafter referred to as "Confidentiality Commission"), set up as a subsidiary organ of the Conference in accordance with Article IX, paragraph 22 (f), shall consider the case. The Confidentiality Commission shall have the powers and functions as set forth in this Protocol. The Commission shall be appointed by the Conference. Rules governing its composition and its operating procedures shall be adopted by the Conference.