March 24, 2006 12:21 PM PST
Homeland security group to meet away from public eye
- Related Stories
Homeland Security wraps up first mock cyberattackFebruary 10, 2006
Homeland Security's vague cyber planNovember 7, 2005
Homeland Security chief wants to collaborateOctober 11, 2005
U.S. cybersecurity due for FEMA-like calamity?October 10, 2005
Safeguarding IT against the next KatrinaAugust 29, 2005
New law may tighten power plant securityAugust 16, 2005
The newly created Critical Infrastructure Partnership Advisory Council is charged with sharing information aimed at protecting the nation's infrastructure, cybercomponents included. Michael Chertoff, the U.S. Department of Homeland Security Secretary, cited security reasons when he signed off on exempting the council from the Federal Advisory Committee Act, or FACA.
The decision, which many private-sector players had strongly recommended, was released in a departmental notice published Friday.
The council, which plans to meet at least quarterly, will bring together various federal agency employees and private-sector representatives to discuss the Department of Homeland Security's infrastructure protection plan, which remains in draft form. The fields represented range from agriculture and energy to information technology and telecommunications. Participants include the U.S. Telecom Association, the Cellular Telecommunications Industry Association and Internet infrastructure services provider VeriSign.
If those participants are required to comply with FACA, it could leave them seriously hindered in sharing "sensitive homeland security information," the department said.
The 1972 law generally requires such groups to meet in open sessions, make written meeting materials publicly available, and deliver a 15-day notice of any decision to close a meeting to the public. The last is a particular point of concern for Homeland Security officials, who anticipate that private emergency meetings may need to be scheduled on short notice.
The private sector, fearing that sensitive data will get to the wrong hands, has continued to resist sharing important information with the feds, the Department of Homeland Security said, citing government auditors' findings from late 2003.
Making the meetings public would amount to "giving our nation's enemies information they could use to most effectively attack a particular infrastructure and cause cascading consequences across multiple infrastructures," another departmental advisory council warned in August.
One privacy advocate said he didn't buy the excuses. "The public has an extremely strong interest in knowing whether DHS and the relevant industries are doing enough to protect facilities, and whether there might be company negligence that contributes to any possible security vulnerabilities," David Sobel, a general counsel at the Electronic Privacy Information Center, wrote in an e-mail interview.
Michael Aisenberg, government relations director for VeriSign, dismissed such worries, saying he predicted only a limited number of the council's meetings would actually be closed to the public.
"But there are families of data and information that are much more appropriately handled in confidence, at least in the early phases of an exploit or event," he said, praising the exemption as highly valuable and long overdue. "There were no tools in place to allow DHS or any other agency to have meetings with collective groups of government and industry that would not be covered by the FACA."
Homeland Security said in Friday's notice that it recognized "the important principle of transparency as a foundation for public confidence in government" and planned to make the council's meetings public whenever "feasibly consistent with security objectives." It said it also planned to issue public notices of all meetings, closed and open alike, "unless exigent circumstances arise" and that it would maintain a publicly available Web site with meeting agendas and periodic reports.
20 commentsJoin the conversation! Add your comment