Sensitive security information

The safeguarding and sharing of SSI is governed by Title 49 Code of Federal Regulations (CFR) parts 15 and 1520.

L. 101–508) broadened 14 CFR Part 191 to prohibit disclosure of "any information obtained in the conduct of security or research and development activities."

On March 21, 1997, FAA revised 14 CFR Part 191, and changed its title to "Protection of Sensitive Security Information."

Following the September 11, 2001 terrorist attacks in the United States, Congress passed the Aviation and Transportation Security Act (Pub.

§ 114) required DHS to provide department-wide policies for designating, safeguarding, and marking documents as SSI, along with auditing and accountability procedures.

It also required that DHS provide guidance that includes extensive examples of SSI to further define the individual categories found under 49 CFR section 1520.5(b)(1) through (16).

The Act directed that such guidance serve as the primary basis and authority for protecting, sharing, and marking information as SSI.

The SSI regulation restricts the release of SSI to people with a "need to know" (see 49 CFR §1520.11), defined generally as those who need the information to do their jobs in transportation security, for example: DHS and TSA officials, airport operators, airline personnel, railroad carriers, rail hazardous materials shippers and receivers, vessel and maritime port owners and operators, and others as noted in 49 CFR §1520.7.

Information receiving SSI designation includes but is not limited to: A June 2005 report from the U.S. Government Accountability Office (GAO) titled "Clear Policies and Oversight Needed for Designation of Sensitive Security Information (SSI)," criticized TSA's monitoring controls, saying, "TSA has not established and documented policies and internal control procedures for monitoring compliance with the regulations, policies, and procedures governing its SSI designation process, including ongoing monitoring of the process.

Identification of SSI has often appeared to be ad-hoc, marked by confusion and disagreement depending on the viewpoint, experience, and training of the identifier.

[3]However, in a November 30, 2007, report to Congress entitled Transportation Security Administration's Processes for Designating and Releasing Sensitive Security Information, GAO said: "DHS, primarily through TSA's SSI Office, has addressed all of the legislative mandates from the DHS Appropriations Act, 2007, and taken actions to satisfy all of the recommendations from our June 2005 report.

[5] "The Administration's most recent attempt to define 'classifiable' holds employees liable for disclosers of unclassified information, without any prior notice to them of its special status.

Without the classification markings on unclassified information, however, an employee cannot be sure that the nondisclosure agreements' restrictions apply to that material.

Senator) Barbara Boxer noted at the hearings: I am concerned this will force would-be whistleblowers to have to ask their superiors about classification determinations.

If properly marked as SSI, a document clearly warns an employee to follow regulatory requirements and implementation guidance regarding disclosure.

Accordingly, access to this information should only be limited when it is necessary to guard against those who pose a threat and their ability to develop techniques to subvert security measures.

"[7] John Podesta, chief of the Presidential transition of Barack Obama team, told U.S. lawmakers on September 16, 2008, that over the previous seven years, "the Bush administration has increased secrecy and curtailed access to information through a variety of means," including: On May 29, 2014, United States House Committee on Oversight and Government Reform Republican Chairman Darrell Issa and Democrat Ranking Member Elijah Cummings issued a highly critical report[9] about SSI.

It cited these findings: "TSA improperly designated certain information as SSI in order to avoid its public release.

TSA repeatedly released information to the public against the advice of the SSI office and without having produced suitable documentation to explain the decision.

On Page 17 of the report, it cited in detail the pending U.S. Supreme Court case, Department of Homeland Security v. MacLean: "TSA's release of information related to [Federal Air Marshals (FAM)] is particularly ironic given the agency's treatment of whistleblower and former air marshal Robert MacLean.

In 2003, MacLean blew the whistle on TSA's plans to cancel FAM coverage on flights despite the threat of an imminent Al Qaeda hijacking plot.

Numerous Members of Congress raised concerns, and DHS retracted the order to cancel FAM coverage, calling it 'a mistake.