Cyber Eye: How public should our public data be?
- By William Jackson
- Nov 17, 2004
In an old 'Rocky and Bullwinkle' episode, the dithering Capt. Peter Peachfuzz confounded the heroes by classifying a telephone directory Top Secret.
'It has my telephone number in it,' the captain explained.
Agencies have not yet gone that far, but a new security classification seems to be emerging somewhere below Top Secret, Secret and Confidential. It's the new Inconvenient classification, and it applies to public data that must not appear on a public Web site.
The Nuclear Regulatory Commission last month shut down its Agencywide Documents Access and Management System Web site while it was purged of Inconvenient documents. It also blocked online access to its Electronic Hearing Docket and staff documents relating to the high-level waste repository at Yucca Mountain, Nevada.
'The NRC is widening its review to remove additional information that could potentially be of use to a terrorist,' the agency said in announcing the shutdown.Nervous agencies
The NRC is not alone in its hypersensitivity. Fearing a terrorist behind every browser, nervous agencies shut down their Web sites in the months following Sept. 11 and removed data that had been freely available until then.
Inconvenient information includes floor plans, maps, blueprints and lists of hazardous materials, which could allow lazy terrorists to do their research remotely rather than go to the trouble of casing a potential target in person.
The notion that some public information is Inconvenient is troubling. The rationale is that this kind of data is of limited value to the public and could be of greater value to terrorists. This assumes that anyone wanting to see Inconvenient information is a terrorist until he or she can prove otherwise.
That is not the way a free society works. One of our government's responsibilities is to make information available to the public, with the exception of personal data that would violate someone's privacy, or information that presents a real'not supposed'security risk. It is possible that public information could be misused by terrorists, but that misuse is covered by criminal laws. The solution is to prevent or punish the criminal act, not to hide public information. Law enforcement is hard work, but restriction of freedom is no substitute. Freedom isn't always convenient.
Ben Franklin wrote, 'They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.'
NRC noted that no classified material or information on nuclear safeguards had ever been permitted on its Web site. But its guidelines now state that 'any information that could be useful, or could reasonably be expected to be useful, to a terrorist in a potential attack should be withheld.'
Sounds to me like that could include the phone book.
William Jackson is freelance writer and the author of the CyberEye blog.