NARA weighs standardizing access rules for foreign vendors seeking secret data

A government office that oversees the policy behind a federal program to secure classified national security information held by contractors has proposed additional guidelines for how some highly sensitive data could be released to government contractors under foreign ownership or control.

The National Archives and Records Administration’s (NARA)  Information Security Oversight Office (ISOO) has proposed a rule that would standardize the process through which some categories of classified information can be released to non-U.S. contractors under a Special Security Agreement (SSA). SSAs are arrangements used by the government to mitigate the foreign ownership or control of contractors that require access to sensitive data.

The proposed rule focuses on “proscribed information” that includes Top Secret, Communications Security, Restricted Data, Special Access Program, or Sensitive Compartmented Information. Currently, there isn't a governmentwide standard for the release of those types of data to foreign controlled or owned contractors under SSAs, according to the proposed rule published in the Federal Register Nov. 30.

By executive order, the ISOO is responsible for policy oversight of the National Industrial Security Program (NISP), a partnership between the government and industry to safeguard classified information.

“The NISP was established with the goal of a single, integrated, cohesive industrial security program to both protect classified information and to preserve our nation's economic and technological interests,” William Bosanko, director of ISOO, said in an e-mail message.

Bosanko said,“While the NISP has resulted in significant improvements, the truth is that both government and industry can — and must — do better. The proposed rule was developed with input from agencies as well as industry via the National Industrial Security Program Policy Advisory Panel. This represents just one small step in our efforts to seek a more efficient and effective NISP.

The proposal would amend current federal regulations related to the NISP program. Under the proposal, departments and agencies would be required to assess whether releasing proscribed information to contractors with or in the process of getting an SSA is consistent with national security interests before authorizing access. The evaluation would be named a National Interest Determination (NID).

The NID requirement would apply to new contracts and to existing contracts when companies seek an SSA after being bought by non-U.S. organizations. Decisions would ordinarily be made within 30 or 60 days depending on the situation, according to the proposed rule.

Comments on the proposed rule are being accepted until Jan. 29, 2010.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.