Stories
Slash Boxes
Comments

SoylentNews is people

posted by CoolHand on Friday May 15 2015, @09:02PM   Printer-friendly
from the keep-it-secret-keep-it-safe dept.

Steven Aftergood at the Secrecy News blog is reporting that the U.S. is planning to adopt a new government-wide designation for information that is unclassified, yet withheld from the public, replacing "100 different markings for such information [that] existed across the executive branch":

After years of preparation, the executive branch is poised to adopt a government-wide system for designating and safeguarding unclassified information that is to be withheld from public disclosure. The new system of "controlled unclassified information" (CUI) will replace the dozens of improvised control markings used by various agencies that have created confusion and impeded information sharing inside and outside of government. A proposed rule on CUI was published for public comment on May 8 in the Federal Register. While CUI is by definition unclassified, it is nevertheless understood to require protection against public disclosure on the basis of statute, regulation, or agency policy. In many or most cases, the categories of information that qualify as CUI are non-controversial, and include sensitive information related to law enforcement, nuclear security, grand jury proceedings, and so on.

One of the striking features of the new CUI program is that it limits the prevailing autonomy of individual agencies and obliges them to conform to a consistent government-wide standard. "CUI categories and subcategories are the exclusive means of designating CUI throughout the executive branch," the proposed rule states. "Agencies may not control any unclassified information outside of the CUI Program." Nor do agencies get to decide on their own what qualifies as CUI.

"The mere fact that information is designated as CUI has no bearing on determinations pursuant to any law requiring the disclosure of information or permitting disclosure as a matter of discretion," the new proposed rule said. The possibility that CUI information could or should be publicly disclosed on an authorized basis is not precluded. More specifically, a CUI marking in itself does not constitute an exemption to the Freedom of Information Act, the rule said. However, a statutory restriction that justifies designating information as CUI would also likely make it exempt from release under FOIA.

More subtly, noted John P. Fitzpatrick, the director of the Information Security Oversight Office, there is a large mass of material that is neither CUI nor non-CUI– until someone looks at it and makes an assessment. In all such cases (other than voluntary disclosure by an agency), public access would be governed by the provisions and exemptions of the FOIA.

Public comments are due by July 7.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by physicsmajor on Friday May 15 2015, @10:23PM

    by physicsmajor (1471) on Friday May 15 2015, @10:23PM (#183512)

    Not baby steps. This is the big one.

    Information is classified, or it isn't. The Freedom Of Information Act (FOIA) is there for a reason, because the .gov has gotten worse and worse about this even without bullshit like CUI. If CUI actually gets implemented, I guarantee that immediately 99% of .gov information will immediately fall under its incredibly vague and broad scope.

    If it isn't classified, it's public. Government is by the people, for the people, and that means it's accountable to us, not the other way 'round. Start making noise to friends and family, folks, as the media definitely won't be covering this save perhaps John Oliver.

    Starting Score:    1  point
    Moderation   +3  
       Insightful=3, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 1, Informative) by Anonymous Coward on Friday May 15 2015, @11:26PM

    by Anonymous Coward on Friday May 15 2015, @11:26PM (#183560)

    I think you misread the summary. It said that any statutory requirement that results in a CUI designation would likely also require FOIA exemption.

    CUI is an executive branch implementation of a variety of statutory requirements which previously were implemented by ad hoc classifications.

    Statutory means created by the legislative branch.

    The FOIA exemptions originate from the legislative branch.

    Any use of FOIA exemptions stems from existing authority granted to the executive branch, the CUI thing means they'll all have the same label. But the label doesn't give them FOIA exemption; it's correlation without causation.

  • (Score: 0) by Anonymous Coward on Saturday May 16 2015, @01:42AM

    by Anonymous Coward on Saturday May 16 2015, @01:42AM (#183611)

    Yeah, I’m sure you want the details of your Social Security Account to be public, despite their not being classified material.

    Time was, one had to stamp materials Confidential RUUR before sending them — Regrade Unclassified Upon Receipt. This was replaced w/ EFTO, Encrypt for Transmission Only.

    Having standards which are widely applied is fine, so long as they’re reasonable, subject to public oversight and don’t interfere w/ the workings of the FOIA.