Last week organizations concerned with open government and accountability released a letter expressing their concern with several sections of the recently-introduced Cybersecurity Act of 2012 and urging the Senate to delay voting on the bill until the issues have been carefully and thoroughly reviewed.
The letter cites provisions in the bill that create unnecessary, overbroad and unwise limitations to access of information, including broad exemptions to the Freedom of Information Act (FOIA), and jeopardize the rights of whistleblowers. Particularly troubling provisions that grant the government new authorities to keep information secret include an exceedingly broad exemption for “critical infrastructure information,” that ignores the strong public interest in some of the information that may be covered. Some of these provisions also conflict with Congress’ recent effort in the National Defense Authorization Act (NDAA) of 2012 to limit the scope of CII information that can be withheld by the Department of Defense. Similarly, the bill cuts off all public access to information that may be included in the newly-created cybersecurity exchanges — even though we do not know what types of information may be shared in the exchanges, what protection it warrants, or how best to protect that information.
According to Patrice McDermott, Executive Director of OpenTheGovernment.org, "Public access to information is critical to accountability. What does our government know about risks and vulnerabilities and what is it doing to ensure these are mitigated? What we are kept from knowing can indeed hurt us. The Senate owes it to the public to carefully consider and pass a bill that both protects our nation’s computer networks and promotes transparency and accountability."