Senate Committee Questions Pentagon’s Information Restrictions

A United States Senate committee has questioned whether a new data label created to protect sensitive information is being abused by the Pentagon to prevent the disclosure of important information to the public.

The Senate Armed Services Committee, which authorizes defense spending, asked William LaPlante to review the increasing use of the freshly concocted Controlled Unclassified Information (CUI) label by the defense secretary’s office and the military services.

Former head of acquisition for the Air Force, LaPlante is President Joe Biden’s nominee for chief weapons buyer.

The panel said it was “concerned the designation could be abused to limit public dissemination of critical cost, schedule and performance information” in written questions submitted to LaPlante.

In a written response, LaPlante said that “if confirmed, I will review the policies and guidance for use of CUI and other classifications to ensure they are being utilized appropriately.” 

Senator Elizabeth Warren said on Tuesday that some information withheld from the public after being designated CUI, such as costs to taxpayers or whether weapons work, had always been available before to the American people. 

Erich Kron, a security awareness advocate at KnowBe4, commented that properly classifying data has always been a challenge for those doing the classification. 

“While there is guidance in place, there are also times when classification can be based on an individual’s interpretation of what information may be damaging or sensitive,” said Kron. 

“In one sense, we may not want to disclose the failures or delays related to specific weapons systems to our potential adversaries. Yet, on the other hand, citizens have the right to question potentially wasteful spending of tax dollars.”

Kron added that declassifying or reclassifying data can be a very difficult task. 

“To add to the complexity, only those with access to the classification level of the data, and to the data itself, would be able to really consider if the data is over classified, something that citizens without access to the data have no way of seeing, leaving them little recourse to access data that may be within their right to access once it is classified.”

What’s Hot on Infosecurity Magazine?