Inc. - Sensitive Security Information, Certified® (SSI) Body of Knowledge

Sensitive Security Information, Certified (SSI) Body of Knowledge

American Board for Certification in Homeland Security

CRC Press

Taylor & Francis Group

6000 Broken Sound Parkway NW, Suite 300

Boca Raton, FL 33487-2742

2015 by Taylor & Francis Group

CRC Press is an imprint of Taylor & Francis Group, an Informa business

No claim to original U.S. Government works

Version Date: 20160310

International Standard Book Number-13: 978-1-4987-8838-0 (EPUB)

This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint.

Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers.

For permission to photocopy or use material electronically from this work, please access www.copyright.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged.

Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe.

Visit the Taylor & Francis Web site at http://www.taylorandfrancis.com

and the CRC Press Web site at www.crcpress.com

CRC Press is a premier publisher of scientific, technology and medical content, reaching around the globe to publish the pioneering achievements of science that provide researchers, professionals, and students with the resources they need to make further advances. CRC Press is a member of Taylor & Francis Group, an informa business.

For more authoritative books in your field and for in-depth information about CRC Press books, visit www.crcpress.com

• Join our email list to receive exclusive, unadvertised discounts and alerts when new books publish in your field
• Visit Featured Authors to learn about your favorite author with detailed bios, news about their work, and discussions of their research
• Read the latest book reviews from industry experts, influencers, and thought leaders about STM (Science, Technology and Medicine) reference and textbooks

The tables in this ebook have been modified to enhance the reader experience. On compatible devices, the enhancement should keep the header rows visible as you scroll through a table.

Please report any issues with this ebook or any desired enhancements to the .

www.crcpress.com

Section I

CHAPTER 1 The History of SSI

CHAPTER 2 Terms and Definitions

CHAPTER 3 The Importance of SSI

CHAPTER 4 The History of the SSI Classification System

Chapter 1

The term sensitive security information first appeared in 1974, when the Federal Aviation Administration (FAA) tried to anticipate airplane hijackings by collecting information from airlines, sometimes personal, about passengers. The FAA withheld this information from the public. During this time, SSI was limited to information concerning the safety of passengers. The FAAs definition and use of SSI withstood testing in 1993, when a Washington, DC, court ruled that SSI did not fall under the authority of the Freedom of Information Act.

Immediately after the terrorist attacks of September 11, 2001, national security became the most important concern for the United States. Regulations relating specifically to transportation increased, because the attacks involved the hijacking of commercial airline planes. Congress passed legislation that created the Transportation Security Administration (TSA), a division of the Department of Homeland Security. Part of the responsibility of the TSA was to develop regulations for SSI. Because Congress passed this legislation after September 11, 2001, SSI has fueled a debate about when information should be shared with the public and when it should be kept secret.

Within 2 months of the September 11 attacks, Congress passed the Aviation and Transportation Security Act, which allowed it to pass a bill creating the TSA as an agency of the Department of Homeland Security. Then Congress passed the Homeland Security Act. These pieces of legislation contained tiny changes that translated to a big expansion in the meaning of SSI. In the bill creating the TSA, the word air was dropped before passengers , which had the effect of extending SSI to all types of passengers. Next, the Homeland Security Act also omitted passengers , which meant that more information would fit into the definition of SSI, not just information about passengers.

The definition of SSI has greatly expanded in the wake of September 11, 2001. Once, SSI had applied only to airline passengers, but the new definition includes other types of travel and, according to the Coalition of Journalists for Open Government, any information that the TSA, Coast Guard, or Department of Transportation finds could be dangerous to the security of transportation if disclosed. The information needs only a connection to transportation of any sort, even including pipelines. Authority rests with the TSA administrator to decide whether disclosure would put passenger safety at risk. If information receives the SSI designation, then disclosure occurs on a need-to-know basis, which the TSA determines.

The TSA now defines SSI as unclassified information of a sensitive nature, that if publicly disclosed could be expected to have a harmful impact on the security of federal operations or assets, the health and safety of the public, or the nations long-term economic prosperity. If the TSA considers information to be SSI, then that information may be kept from the public.

One important point to remember with the governments definition of SSI is that only information regarding transportation security and not other types of security may be classified as SSI. Also, SSI may be kept private solely on the discretion of the TSA and not for specific or limited reasons. No time limits for release of information or declassification of SSI exist. All of these factors contribute to the controversy that the TSA has too much power.

SSI needs to be protected to prevent its disclosure. If a document contains SSI, then that document must have a protective marking and a statement clearly stating the existence of SSI in its content.