Guidelines for Handling SSI

The U.S. Coast Guard issued a Navigation and Vessel Inspection Circular (NVIC) containing guidelines for handling sensitive security information (SSI). According to regulations promulgated by the Transportation Security Administration (TSA), SSI includes such items as security plans and contingency plans; security directives; information circulars; performance specifications; vulnerability assessments; security inspection or investigative information; threat information; security measures; security screening information; security training materials; critical maritime infrastructure asset information; systems security information; and confidential business information, among other things. Improper handling of SSI may result in civil penalty or other enforcement or corrective action. There are numerous problems with the SSI program, mostly related to the broad definition. For example, SSI is defined to include USCG NVICs related to maritime security. Thus, the NVIC that is the basis for this news item is SSI, yet it is posted on the Internet. Until the definition of SSI is narrowed to a more reasonable level, it may prove meaningless. NVIC 10-04 (HK Law).