In the latest effort to encourage owners and operators of the nations critical infrastructure to hand over threat and vulnerability data to federal agencies, companies that do so may be given further exemption from longstanding federal laws designed to promote open government.
Last week, a group of industry executives who serve on the presidents National Infrastructure Advisory Council recommended a new, more informal model of information sharing, which they would like exempted from the 1972 Federal Advisory Committee Act. Under FACA, federal agencies that sponsor advisory committees generally must open meetings to the public, publish advance notice of the meetings and maintain records of expenditures.
Created three years ago to help improve the security of critical infrastructure elements such as the power grid, oil refineries, telecommunications systems and the computer networks that support them, the NIAC works through the Department of Homeland Security. Headed by Erle Nye, chairman emeritus of TXU Corp., and John Chambers, president and CEO of Cisco Systems Inc., the NIAC maintains that FACA inhibits the private-public dialogue and limits the advice that companies can provide, a position widely held throughout corporate America.
“I think the barrier right now is a fear on the part of industry that by sharing information it can be revealed to the public,” said Ellen Glover, chair of the Industry Advisory Council and executive vice president at ICF Consulting Group Inc., in Washington. “Once youve acknowledged your vulnerabilities in an open forum and you dont have a way to address them, there are a lot of things that can happen.”
An exemption from FACA would eliminate a requirement that the advisory groups reflect a balance of viewpoints, said Jon Devine, at the Natural Resources Defense Council in Washington.
“The last thing we need now is a new way for corporate cronies to secretly influence government policies,” Devine said. “Pushing the Department of Homeland Security to allow industry groups to advise the government about critical infrastructure without following FACA is the wrong policy.”
Under the recommended framework for information sharing, called the Sector Partnership Model, each industry sector would organize its own independent Sector Coordinating Councils. Each council would serve as the sectors primary contact point for the government, identifying and supporting the information-sharing functions deemed most appropriate for that industry.