|
Sensitive Security Information (SSI) is a category of sensitive but unclassified information under the United States government's information sharing and control rules. SSI is information obtained in the conduct of security activities whose public disclosure would, in the judgement of specified government agencies, harm transportation security, be an unwarranted invasion of privacy, or reveal trade secrets or privileged or confidential information. SSI is governed by Title 49 of the Code of Federal Regulations (CFR), parts 15 and 1520. SSI was created to help share transportation-related information deemed too revealing for public disclosure between Federal government agencies; State, local, tribal, and foreign governments; U.S. and foreign air carriers; and others. SSI is not a form of classification under Executive Order 12958 as amended; that is, it is not classified national security information in the sense of Top Secret, Secret or Confidential. ==History== SSI got its start in the Air Transportation Security Act of 1974 (Pub. L. No. 93-366), which, among other things, authorized the Federal Aviation Administration (FAA) to prohibit disclosure of information obtained whose disclosure would constitute an unwarranted invasion of personal privacy; reveal trade secrets or privileged or confidential commercial or financial information obtained from any person; or would reduce the safety of passengers — all notwithstanding the Freedom of Information Act. On June 28, 1976, FAA published a proposal to create Title 14 Code of Federal Regulations (CFR) Part 191 entitled “Withholding Security Information from Disclosure under the Air Transportation Security Act of 1974.” Part 191 created the category of sensitive but unclassified information now known as Sensitive Security Information (SSI), and described the information to be protected from disclosure, including “the security program of any airport; the security program of any air carrier; any device for the detection of any explosive or incendiary device or weapon; and, any contingency security plan.” Less than a year after the December 21, 1988, bombing of Pan Am Flight 103 over Lockerbie, Scotland, the President's Commission on Aviation Security and Terrorism recommended improvements in FAA security bulletins, leading to the creation of Security Directives and Information Circulars. In 1990, section 9121 of the Aviation Safety and Capacity Expansion Act of 1990 (Pub. L. 101-508) broadened 14 CFR Part 191 to prohibit disclosure of “any information obtained in the conduct of security or research and development activities.” The Aviation Security Improvement Act of 1990 (Pub. L. No. 101-604) required minimizing the number of people with access to information about threats, often contained in security directives (SDs) and information circulars (ICs). On March 21, 1997, FAA revised 14 CFR Part 191, and changed its title to “Protection of Sensitive Security Information.” It also strengthened the existing rule to protect SSI from unauthorized disclosure, expanded its application to air carriers, airport operators, indirect air carriers, foreign air carriers, and individuals, and specified in more detail the information protected to include SDs, ICs, and inspection, incident, and enforcement-related SSI. Following the September 11, 2001, terrorist attacks in the United States, Congress passed the Aviation and Transportation Security Act (ATSA) (Pub. L. No. 107-71), which established the Transportation Security Administration (TSA) under the Department of Transportation and transferred the responsibility for civil aviation security from FAA to TSA. On February 22, 2002, FAA and TSA published 49 CFR Part 1520, which handed SSI and most other FAA aviation security duties to TSA. It also specified in more detail which information is SSI, and protected vulnerability assessments for all modes of transportation. The Homeland Security Act of 2002 (Pub. L. No. 107-296) established the Department of Homeland Security (DHS) and transferred TSA from DOT to DHS. The Act also amended Title 49 U.S.C. §40119 to retain SSI authority for the Secretary of Transportation, and added subsection (s) to 49 U.S.C. § 114, reaffirming TSA’s authority under DHS to prescribe SSI regulations. TSA and DOT expanded the SSI regulation to incorporate maritime security measures implemented by U.S. Coast Guard regulations and clarify SSI provisions in an interim final rule (IFR) issued on May 18, 2004. The DOT SSI regulation is at 49 CFR Part 15, and the TSA SSI regulation remains at 49 CFR Part 1520. Title 6 CFR Part 37, published January 29, 2008, requires a security plan and related vulnerability assessments that are defined as SSI and governed by 49 CFR 1520. The Homeland Security Appropriations Act of 2006 (Pub. L. No. 109-90, codified at 6 U.S.C. § 114) required DHS to provide department-wide policies for designating, safeguarding, and marking documents as SSI, along with auditing and accountability procedures. The Act also required that DHS report to Congress the number of SSI Coordinators within DHS, and provide a list of documents designated as SSI in their entirety. It also required that DHS provide guidance that includes extensive examples of SSI to further define the categories found under 49 CFR section 1520.5(b)(1) through (16). The Act directed that such guidance serve as the primary basis and authority for protecting, sharing, and marking information as SSI. The Homeland Security Appropriations Act of 2007 (Pub. L. No. 109-295) required DHS to revise its SSI directives and mandated timely review of SSI requests. It also contained reporting requirements, mandated expanded access to SSI in litigation, and required that all SSI over three years old, and not in current SSI categories, be released upon request unless the DHS Secretary (designee ) makes a written determination that the information must remain SSI. The Rail Transportation Security Final Rule, published in the Federal Register on November 26, 2008, added rail-related terms and covered persons to Part 1520, including railroad carriers, rail facilities, rail hazardous materials shippers and receivers, and rail transit systems that are detailed in a new Part 1580. Although rail vulnerability assessments and threat information were already SSI under Part 1520, this rail final rule specifies that information on rail security investigations and inspections, security measures, security training materials, critical rail infrastructure assets, and research and development is also SSI. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Sensitive Security Information」の詳細全文を読む スポンサード リンク
|