President's National Security Telecommunications Advisory Committee (NSTAC): Legislative and Regulatory Group Report [June 1999] [open pdf - 57KB]
This President's National Security Telecommunications Advisory Committee (NSTAC) report discusses "The Fiscal Year 1999 Omnibus Spending Law (Public Law 105-277) passed in November 1998, [which] includes a provision that directs the Office of Management and Budget (OMB) to revise Circular A-110 to ensure that all data produced under an award will be made available to the public through the procedures established under the Freedom of Information Act (FOIA). At a practical level, Congress is requiring Federal agencies to proactively collect all data that meets the criteria of the legislation. As a result, information voluntarily provided by the telecommunications and/or information industry relating to protecting critical infrastructures (e.g., information pursuant to PDD-63), as well as background data supporting the voluntarily provided information, could be subject to FOIA requests. Thus, the proposed revision to Circular A-110 could impact information sharing between industry and Government by increasing industry concerns regarding the release of sensitive threat and vulnerability data. The LRG initiated review of the proposed revision and is assessing options for safeguarding against potentially increased exposure of the telecommunications and information industries to FOIA. Per a request by the President's Council on Y2K Conversion, the IES tasked the LRG to look at relevant Year 2000 (Y2K) legal and regulatory issues, particularly the success of the Y2K Readiness and Disclosure Act in being a catalyst to information sharing within industry. The LRG sent a letter to the NSTAC's IES representatives seeking comments on the Y2K Act and any additional legislative or regulatory actions that could facilitate Y2K-related information sharing and remediation. While a limited number of companies responded and no consensus was achieved, valuable information was received from the participating NSTAC companies. A nonattributional summary of the responses was shared with the Council in February 1999."
National Security Telecommunications Advisory Committee (NSTAC): http://www.ncs.gov/nstac/