When the Bush administration drew up draft legislation to create a new Department of Homeland Security, it included a special privilege for the Office of Information Analysis and Infrastructure Protection, a key branch of the new agency. Information submitted voluntarily to the office about the security of computer systems, power plants, transportation infrastructure, banks, telecommunications, and any other facilities deemed critical to the U.S. economy would receive a blanket exemption from the Freedom of Information Act (FOIA). As a result, reams of information the government collects from private industry -- and from state and local governments -- would be kept secret from the public.
Some kind of FOIA exemption will almost certainly become law. The House approved its version of homeland security legislation on July 26. The bill included the broad exemption the administration requested, with some minor changes. The committee marking up the Senate's version of the bill has approved a more limited exemption than the House, setting the stage for a battle over the breadth of the measure in joint committee. Congress has vowed to have a homeland security bill on the president's desk in time for the anniversary of the attack.
Regardless of the exemption's final scope, it will be only the latest offensive in the Bush administration's sustained assault on transparency in government. The trend dates from the second month of Bush's term, when he blocked the scheduled release of presidential and vice presidential records from the Reagan administration. But it has accelerated dramatically since the terrorist attacks last fall. In an October 12, 2001, memo to all federal agencies, Attorney General John Ashcroft instructed government officials to withhold any information requested under FOIA if there is any "sound legal basis" for doing so. (The previous standard for denying a FOIA request, adopted in 1993, instructed agencies to withhold only information that could cause "foreseeable harm.") Ashcroft promised that the Department of Justice would defend any agency that withholds information under his new criterion. The impact of the new standard is hard to measure, but watchdog groups worry it has turned foot dragging and noncooperation on FOIA requests into official policy.
In March, White House Chief of Staff Andrew Card reiterated the message in another all-agency memo. Card reminded departments to safeguard any information, no matter how old, that could be helpful in the development of weapons of mass destruction, "as well as other information that could be misused to harm the security of our Nation and the safety of our people." Guidelines issued with the memo instructed all departments to apply the new standard even to unclassified information that might be "sensitive," a term left undefined.
Such a vague and sweeping directive to withhold information has watchdog groups from all shades of the political spectrum up in arms. Most of these groups, interested in preserving integrity and good practice in government, rely heavily on FOIA requests to uncover government waste and misconduct.
"The whole posture of the administration has been to resist disclosure and discourage public access," says Steven Aftergood, who tracks government secrecy for the Federation of American Scientists, a D.C.-based nonprofit that advocates nuclear disarmament. Using FOIA requests as his primary tool, Aftergood has toiled for years to learn the real size of the U.S. intelligence budget. "I understand the need for increased secrecy in narrowly defined areas, like production of biological weapons, for example," he says. "But what is happening is that a blanket is being thrown over all kinds of things that have nothing to do with terrorism."
As examples, Aftergood cites Vice President Dick Cheney's refusal to release details of his meetings with energy industry executives and the removal of unclassified data from government Web sites -- including the entire library of technical reports from the national labs in Los Alamos, New Mexico.
In April the Electronic Privacy and Information Center (EPIC), a nonprofit civil liberties group, filed suit against the new Office of Homeland Security after it refused to respond to a FOIA request for information on proposals to create a national identification card. The Department of Justice will defend the decision in court. The DOJ is also fighting a FOIA suit Aftergood has filed against the CIA: The spy agency has refused to disclose the total U.S. intelligence budget for 1947 and 1948, citing national security concerns.
If the Ashcroft and Card memos threaten the ethic of transparency, critics contend that the proposed FOIA exemption for the new infrastructure protection office is a full-scale assault on the public's right to know what their government is up to.
"This concerns me deeply as a conservative Republican," says Mark Tapscott, director of the Heritage Foundation's Center for Media and Public Policy. "This is so broad it amounts to an exemption without end. Information about any company that could even tangentially identify itself with the war on terrorism could conceivably be put behind closed doors."
Congress passed the Freedom of Information Act in 1966 and strengthened it significantly in 1974, in the aftermath of Watergate. According to David Sobel, lead counsel at EPIC, the act may now be on its deathbed. The White House bill "would gut FOIA as a vehicle for open government in a large number of critical areas," he says. Testifying before a House subcommittee on July 9, Sobel warned that the exemption would make it impossible to hold the Department of Homeland Security (DHS) accountable should things go wrong. "'What did DHS know and when did it know it'' is a question that will go unanswered," he told the committee.
A combination of six existing departments spread across five agencies, the new infrastructure protection office is supposed to coordinate security for the nation's key infrastructure and industries, including telecommunications, energy, water supply, banking and finance, transportation, emergency services, and public health facilities. Bush's lead adviser on infrastructure protection, Richard Clarke, recently told Congress this definition might need to be expanded to include other industries. The administration's proposed exemption would place all information that corporations "voluntarily" submit to the office under wraps forever.
Despite its broad definition, "critical infrastructure protection" in practice has thus far meant fighting malicious computer hackers. Debates over information flows have generally focused on the reluctance of companies to inform the government when they have been hacked. Corporations complain that they need assurance that potentially embarrassing or proprietary information about attacks submitted voluntarily to the government won't leak out to the public or to their competitors.
Ronald Dick is director of the FBI's National Infrastructure Protection Center, a department created in 1998 to monitor and provide warnings of cybercrime. He told Congress in May that only 34 percent of computer hacking attacks on industry were reported to law enforcement during the 12-month period ending in April of this year. "The two primary reasons for not making a report were negative publicity and the recognition that competitors would use the information against them," Dick said. He testified that his department finds the existing FOIA exemptions sufficient, but "if the private sector doesn't believe it...then we need to provide them those assurances that make them feel that a partnership with the government is worthwhile." With that, he tacitly endorsed a broader exemption.
But opponents of the exemption argue that plenty of protection for sensitive information is already written into the law. After all, nine categories of information are currently protected from disclosure under FOIA. "Trade secrets and commercial or financial information" are exempt from FOIA requests, along with banking and law enforcement records, data pertaining to national security, and the like.