POGO and Partners Oppose FOIA Threats in Cybersecurity Bills
ORGANIZATIONS OPPOSED TO UNDERCUTTING FOIA IN CYBERSECURITY BILLS
Dear Senators:
On behalf of the undersigned organizations concerned with government openness and accountability, we are writing to oppose S.2105, the Cybersecurity Act of 2012, if it includes Title 7. We are also writing to oppose S. 2151, Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (SECURE IT). Both Section 704(d) of S. 2105 and S. 2151 create unnecessary, overbroad and unwise exemptions to the Freedom of Information Act (FOIA).
S. 2151 and Title 7 of S. 2105 cut off all public access to ”cyber(security) threat” information received by the government before Congress and the public have the chance to understand the types of information that are covered by these bills. Much of the sensitive information likely to be shared is already protected from disclosure under the FOIA; other information that may be shared could be critical for the public to ensure its safety. Unnecessarily wide-ranging exemptions of this type have the potential to harm public safety and the national defense more than they enhance those interests; the public is unable to assess whether the government is adequately combating cybersecurity threats and, therefore, unable to assess whether or how to participate in that process, and to hold officials accountable.
The SECURE IT bill goes well beyond these concerns. Section 105 of the bill, titled “Technical Amendments,” significantly modifies the FOIA by creating a new exemption that gives the government the authority to withhold information shared with or to a cybersecurity center. This “technical amendment” would be one of the most far-reaching substantive amendments of the Act’s exemptions since 1986. Moreover, Section 105 refers back to troubling provisions in Section 102 of the bill that: expand the authority of the federal government to withhold under the FOIA any and all “voluntarily shared information” given to the cybersecurity centers; create a non-discretionary (b)(3) for all such information; preempt state and local laws; and envision that procedures will be implemented without opportunities for notice and comment.
Some of the undersigned have also voiced concerns about the overly-broad FOIA exemption in Section 107 of S.2105, and its impact on whistleblower protections. We understand, however, that the next version of S. 2105 will include a much narrower definition, scope and limitation of covered critical infrastructure information and an enhanced savings clause for existing whistleblower protections. If Section 107 is so amended, our groups would not oppose that section of the bill.
Any amendment to the Freedom of Information Act, especially amendments of this scope, should be referred to the Senate Judiciary Committee, which has jurisdiction over FOIA. Careful consideration by that Committee of FOIA-related legislation, including public hearings, is necessary to ensure that the bill promotes transparency and public accountability while allowing the government to withhold only that information which truly requires protection. Time again over the past quarter-century, proposals to amend the Act’s existing exemptions have been rejected as unwise; this proposal, even more dangerously, would add an exemption rather than merely modify one, a fact that itself risks repercussions.
We urge you to oppose S.2105 if it includes Title 7 and to oppose S. 2151 in its entirety. We look forward to working with Congress to ensure any cybersecurity legislation passed into law both protects our nation’s computer networks and promotes transparency and accountability to the public. If you would like to discuss these issues further, please contact Patrice McDermott, Executive Director of OpenTheGovernment.org, at 202-332-6736 or [email protected].
Sincerely,
American Association of Law Libraries
American Association of University Professors
American Booksellers Foundation for Free Expression
American Library Association
American Society of News Editors
Arizona Newspaper Association
Article 19
Association of Research Libraries
Bill of Rights Defense Committee
Citizens for Responsibility and Ethics in
Washington – CREW
Community Research
Council on American-Islamic Relations – CAIR
Defending Dissent Foundation
Electronic Frontier Foundation – EFF
Entertainment Consumers Association
Freedom of Information Center at the Missouri School of Journalism
iSolon.org
Knowledge Ecology International
Liberty Coalition
National Coalition Against Censorship
National Freedom of Information Coalition
National Priorities Project
National Security Archive
OMB Watch
OpenTheGovernment.org
Project On Government Oversight – POGO
Public Employees for Environmental
Responsibility – PEER
Reporters Without Borders
Society of American Archivists
Society of Professional Journalists
Special Libraries Association
Sunlight Foundation
Understanding Government
Utah Foundation for Open Government
Washington Coalition for Open Government
Individual (additional information for identification purposes):
Brian R. Hook
Editor, B.R. Hook & Missouri Journal
-
POGO Staff
Oversight in your inbox
Sent Saturdays