Cybersecurity Directive From Bush Kept Secret
(CN) - President George W. Bush's presidential directive on cybersecurity is not subject to the Freedom of Information Act, a federal judge ruled.
The Electronic Privacy Information Center had filed the FOIA request in June 2009, seeking information related to National Security Presidential Directive 54.
Bush had sent the confidential document to "a select and limited group of senior foreign policy advisors, cabinet officials, and agency heads on the subject of cybersecurity," EPIC claimed.
While the document is classified top secret, portions of it are unclassified.
U.S. District Judge Beryl Howell ruled Monday, however, that the directive is not an agency record subject to a FOIA request because it did not originate with the National Security Administration.
"NSPD 54 is decidedly unlike the agency-controlled documents in Paisley [v. CIA] and Holy Spirit [v. CIA], where the FOIA-exempt entity, Congress, placed little or no restrictions on the documents once they were transferred to the agencies," Howell wrote.
Instead, the White House made clear that no recipient should distribute or disclose the document without its express permission.
"The secretive nature of these documents is made apparent by the fact that the public only learns of them once they are released and can only guess at how many each President has issued," Howell added.
While the United States has released some directives voluntarily to the public, plaintiffs who have requested them directly have been uniformly denied, according to the ruling.
"Such national security instruments appear to have only been released voluntarily by the president or NSC [National Security Counsel] that created them, or their release has been approved after a substantial period of time has passed, typically through presidential libraries," the 25-page opinion states. "Although the plaintiff in the instant case has made strong arguments as to why the public has an interest in the release of NSPD 54, precedent counsels that such documents have not been found releasable under the FOIA."
But regarding requested supporting documents, Howell found that the NSA improperly narrowed its search for responsive documents to those distributed only "to the NSA," rather than "to any federal agency charged with implementing the cybersecurity scheme."
"By limiting its interpretation of records responsive to the plaintiff's requests only to records emanating from outside the defendant agency, the defendant violates this basic FOIA convention," Howell added.