U.S. to Keep Key Data On Infrastructure Secret
Firms Encouraged to Report Security Gaps

By John Mintz
Washington Post Staff Writer
Thursday, February 19, 2004; Page A21

Starting tomorrow, chemical companies, railroads, electric utilities and other parts of the nation's critical infrastructure can begin submitting sensitive information to the Department of Homeland Security about their vulnerabilities to terrorist attacks with assurances that their proprietary data would be safe from public disclosure.

Under the Homeland Security Act of 2002, the department can deem data voluntarily provided by businesses that help the government stave off possible disruptions by terrorists as secret and unavailable to outsiders. The law's supporters view it as a way for U.S. officials to help map security plans for critical U.S. infrastructure, 85 percent of which is in private hands.

But some advocates for environmental protection and open-records laws say unscrupulous firms might manipulate the rules as part of an attempt to evade federal enforcement of health or safety rules.

Sean Moulton, a senior policy analyst with OMB Watch, a nonprofit group that opposes government secrecy, said that during the drafting of the law and the rules being released this week, key industries successfully lobbied for procedures ensuring that any information they share with Homeland Security would remain secret and would not be usable by other agencies in civil enforcement actions.

"The government agreed that 'we'll keep secret this information you give to Homeland Security, and we won't do anything with it,' " other than for counterterrorist purposes, Moulton said. "It's naive to think we won't have bad actors in industry" misusing the protections, he said.