Dust-up over new FOIA exemption in cyber bill

Cybersecurity legislation advancing in Congress could create the first brand-new exemption to the Freedom of Information Act in nearly half a century—a prospect that alarms transparency advocates and some lawmakers.

A bill approved by the Senate Intelligence Committee last month would add a new tenth exemption to FOIA, covering all "information shared with or provided to the Federal Government" under the new measure.

Another provision in the legislation would require that "cyber threat indicators and defensive measures" which companies or individuals share with the federal government be "withheld, without discretion, from the public." The Senate bill, which is expected to come to the floor soon, also seeks to shut off any access to that information under state or local freedom of information laws.

Two cybersecurity bills are expected to be taken up on the House floor as soon as this week. Both contain similar language about keeping confidential threat and defensive measure information turned over to the government. However, a new FOIA exemption that was in the House Intelligence Committee cyber bill was taken out, a spokesman confirmed Friday.

In an official Senate Intelligence Committee report made public over the weekend, two Democratic members of that panel objected to the new FOIA exemption, which would be the first brand-new exemption added to the landmark transparency legislation since 1967.

"We are unconvinced that it is necessary to create an entirely new exemption to the Freedom of Information Act, or FOIA," Sens. Martin Heinrich (D-N.M.) and Mazie Hirono (D-Hawaii) wrote in a statement accompanying the panel's report on the cyber bill. "Government transparency is critical in order for citizens to hold their elected officials and bureaucrats accountable; however, the bill's inclusion of a new FOIA exemption is overbroad and unnecessary as the types of information shared with the government through this bill would already be exempt from unnecessary public release under current FOIA exemptions."

"To the extent FOIA exemptions need to be updated, those changes should only be made following open hearings in which all stakeholders have an opportunity to have their voices heard," Heinrich and Hirono added. They also said they might propose a floor amendment to address their concerns.

Read the entire piece at: http://www.politico.com/blogs/under-the-radar/2015/04/dustup-over-new-foia-exemption-in-cyber-bill-205760.html