NSA declines to release presidential Cyber directive
The National Security Agency (NSA) said it will not publicly release a Presidential Directive document that would establish a broader set of standards that would guide federal agencies in confronting Cyber threats.
Presidential Policy Directive 20, first reported in the Washington Post on Nov. 14, was reportedly signed by president Obama in October and explicitly makes a distinction between network defense and cyber-operations to guide officials charged with making often-rapid decisions when confronted with electronic threats.
The Electronic Privacy and Information Center (EPIC), filed a Freedom of Information Act (FOIA) request to make the document public because it said the measure could expand NSA’s Cyber security authority. “Transparency is crucial to the public’s ability to monitor the government’s national security efforts and ensure that federal agencies respect privacy rights and comply with their obligations under the Privacy Act,” said EPIC’s request.
EPIC said that NSA denied the request on Nov. 21 arguing that it doesn’t have to release the document because it is a confidential presidential communication and contains information that is classified “Secret” and “Top Secret” by the agency. NSA said disclosure of the order could “reasonably be expected to cause exceptionally grave damage to the national security.”
The agency said EPIC could file an appeal with the NSA/Central Security Service denial and EPIC said it plans to do so. The privacy group said it is litigating similar FOIA requests with NSA, including the release of NSPD 54, a 2008 presidential directive setting out the NSA’s cybersecurity authority. The group called NSA a “black hole for public information about cybersecurity” in an official statement to Congress earlier this year.
|Event Details||Dates of Event|
|SANS Counter Hack 2013||Nov 7 - 14|
|SANS Pen Test Hackfest 2013||Nov 7 - 14|
|SANS Korea 2013||Nov 11 - 16|
|Military Exports & Compliance Asia||Nov 12 - 14|
|NCT: Counter IED Asia, 12 - 15 November 2013, Bangkok||Nov 12 - 15|
|School Safety Symposium||Nov 13 - 13|
|Southwest Microwave Perimeter Defense Seminar||Nov 13 - 13|
|OWASP AppSec USA 2013||Nov 18 - 21|
|GovSec West Conference & Expo 2013||Nov 19 - 20|
|Southwest Microwave Perimeter Defense Seminar||Nov 19 - 19|
|Oracle 7th Annual Federal Forum||Nov 20 - 20|
|World BORDERPOL Congress||Dec 3 - 4|
|Critical Infrastructure Protection and Resilience Europe||Feb 12 - 13|