HSD bill would give companies FOIA protection

HSD bill would give companies FOIA protection

Information about IT security threats volunteered by the private sector to the proposed Homeland Security Department would be exempt from the Freedom of Information Act under House and Senate versions of the HSD bill.

The exemption is intended to encourage cooperation between the public and private sectors. Proposals for FOIA protection in earlier legislation sponsored by Sen. Robert Bennett (R-Utah) were criticized as too broad. A spokeswoman for Bennett said the Homeland Security amendment approved last week by the Senate Governmental Affairs Committee is more narrowly crafted than exemptions offered under the earlier bill.

Exemptions would apply only to information submitted voluntarily to the Homeland Security Department, using FOIA's existing mechanism for shielding information. Records obtained independently of HSD would not be protected from public disclosure under FOIA, and information currently subject to FOIA would remain available.

For several years government officials have tried to encourage greater cooperation between the public sector and government in securing information systems, because companies own and operate the vast majority of the nation's critical IT infrastructure. But data sharing has been limited by company concerns that proprietary information shared with the government could become publicly available under FOIA.

The Critical Infrastructure Information Security Act of 2001 offered protection from disclosure, but the Justice Department and public advocacy groups complained that overly broad definitions could hamper investigations.

Sen. Joseph I. Lieberman (D-Conn.) said broadly exempting data from FOIA could 'undermine the bedrock American principle of the public's right to know.' The Natural Resources Defense Council worried that companies could use the bill to bury incriminating information in their disclosures, forestalling its use against them.

The NRDC still feels additional FOIA exemptions are unnecessary but said the new proposals offer a better balance between security and accountability.

'The amendment appropriately narrows the scope of the provisions and protects the public interest,' said NRDC legislative director Alyssondra Campaigne. 'It does not offer blanket immunity.'

Bennett spokeswoman Mary Jane Collipriest said FOIA provisions in the Homeland Security legislation being taken up by the Senate make the Critical Infrastructure Information Security Act unnecessary. The act probably will be allowed to die in the Governmental Affairs Committee, she said.

About the Author

William Jackson is a Maryland-based freelance writer.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.