Cloud Computing Article from Information Week – John Foley

Information Week’s John Foley on the Gov 2.0 Summit and Cloud computing

We need to begin defining the types of data

Public

Private

Confidential

Secret

Personal

Shared

Transient

Foreign

And develop standards about their use and handling. If you can think of other types of data please comment.

Leave a Comment

2 Comments

Leave a Reply

Jon Walman

Richard, a little more context regarding the “types” of data requested would be helpful, but I recommend adding: FOUO, Top Secret, Proprietary, Sensitive using published Federal definitions wherever they exist.

Richard Truex

Thanks for the comment…

I found this about For Official Use Only

SUMMARY: This documents removes Subpart D, “For Official Use Only”
(FOUO) from 32 CFR part 286, “DoD Freedom of Information Act Program
Regulations” and reserves that subpart for future use. Removing this
from 32 CFR part 286 will eliminate confusion of the authoritative FOUO
guidance and who is the authority on FOUO. This removal will alleviate
any further uncertainty, avoid duplication of FOUO guidance, and is
considered an administrative action.

DATES: Effective Date: November 27, 2006.

FOR FURTHER INFORMATION CONTACT: Mr. Stephen Fisher, 703-696-4697.

SUPPLEMENTARY INFORMATION: The Under Secretary of Defense
(Intelligence) (USD(I)) is responsible for FOUO guidance. This guidance
(FOUO) is included in Appendix 3 of DoD 5200.1-R \1\ which is the
current FOUO guidance for the Department of Defense.

And this for the other terms….

The U.S. classification of information system has three classification levels — Top Secret, Secret, and Confidential — which are defined in EO 12356.2 Those levels are used both for NSI and atomic energy information (RD and FRD). Section 1.1(a) of EO 12356 states that:

(a) National Security Information (hereinafter “classified information”) shall be classified at one of the following three levels:

(1) “Top Secret” shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause exceptionally grave damage to the national security.

(2) “Secret” shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause serious damage to the national security.

(3) “Confidential” shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause damage to the national security.

Section 1.1(b) of EO 12356 states that “except as otherwise provided by statute, no other terms shall be used to identify classified information.”

Additional thoughts are welcome. And particularly about the Section 1.1(b)