HSD seeks to secure data it gets from the private sector

HSD seeks to secure data it gets from the private sector

The Homeland Security Department has proposed rules under which it would protect systems information it receives from the private sector.

The proposed rule explicitly applies to hardware and software that makes up critical-infrastructure systems. The government relies on many such systems, such as private voice and data networks, for its daily operations.

Companies have been wary of submitting information to the department for several reasons, including the possibility that their competitors could access commercially important data. Some members of Congress and privacy advocates criticized the enacted version of the Homeland Security Act of 2002 as including excessively broad exemptions from the Freedom of Information Act for such information.

The proposed rule-making notice, issued Tuesday, is aimed at implementing the Critical Infrastructure Information Act of 2002, which appears in Subtitle B of Title II of the Homeland Security Act.

That law calls for HSD to shield from the public the information that the private sector submits.

The proposed rule would apply to all federal agencies that receive such information, according to the notice published in the Federal Register. Under the rule-making proposal, the procedures also would apply to state, local and foreign governments as well as government contractors.

The proposal calls for Homeland Security to safeguard the information in secure systems or locations and to impose that requirement on any other agencies or contractors to which it discloses the information.

Under the proposal, private-sector organizations could specify information to be exempted from FOIA requests. The department could deny organizations' designation of information as critical-infrastructure and return it.

The proposed rule calls for a program manager of critical- infrastructure information. Among other duties, the official would report any losses of critical-infrastructure data to the department's inspector general, its Information Analysis and Infrastructure Protection Directorate and the organization that submitted the information.

Comments on the proposal are due June 16. The department will accept comments at [email protected].


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected