Reps. David Obey, D-Wis., and Martin Olav Sabo, D-Minn., said they are concerned that DHS, and the Transportation Security Administration in particular, are misapplying the "sensitive security information" designation. Obey is the full committee's ranking member, while Sabo is ranking member of the committee's homeland security subcommittee.
"Recent events have led to our concern regarding [DHS and TSA] practices and procedures for determining whether information should be protected under the SSI designation," the lawmakers wrote in a Sept. 14 letter to the Government Accountability Office.
For example, the lawmakers said TSA recently provided written responses to questions that were designated as sensitive security information, but did not treat the same information as sensitive a month earlier. In another example, TSA said certain information related to the electronic screening of checked baggage at airports was SSI when the information had already been reported in the public domain.
The lawmakers asked GAO to review DHS and TSA procedures for determining whether information should be given the SSI designation; procedures for removing the designation; internal controls to ensure the compliance with laws governing the designation; the number of staff with SSI authority; and training provided to that staff.
TSA spokesman Darrin Kayser said his agency constantly tries to balance making information public while providing security.
"TSA is committed to being a transparent agency, but we also recognize we have a duty to protect the millions of passengers that use all modes of transportation every day," Kayser said. "We don't want to give the terrorists a guide to our vulnerabilities."
He declined to comment on the specific examples raised in the letter from Obey and Sabo.
Congress gave TSA the responsibility to establish regulations for the use of sensitive security information. TSA defines SSI as information that must be protected from improper disclosure in order to ensure transportation security.
According to a June report from the Congressional Research Service, SSI is information that describes air carrier screening procedures, airport or air carrier security programs, maritime transportation security procedures and other related transportation security matters. When TSA designates information as SSI, its disclosure is limited by a strict need-to-know basis as determined by the agency, and disclosure restrictions remain in force until revoked by the agency.
"TSA's application of the SSI regulations has, however, resulted in some controversies over airport security procedures, employee accountability, passenger screening, and airport secrecy agreements," the CRS report stated. "Some experts believe that too much information has been kept from the public in these circumstances. TSA states, however, that protecting SSI is warranted because of the need to protect transportation systems."
Last May, TSA announced that the SSI designation was being expanded to include maritime security. The agency said the expansion was necessary to protect "security plans and other information" that maritime facilities and vessels were implementing to meet Coast Guard regulations.
Obey and Sabo said sensitive material needs to be protected, but the public also needs to be informed of information that affects safety and security.
"Although the release of certain sensitive information could put the nation's citizens and infrastructure at risk, the federal government should be mindful of the public's legitimate interest in, and right to know, information related to threats to the transportation system and associated vulnerabilities," they said. "Accordingly, access to this information should only be limited when it is necessary to guard against those who pose a threat and their ability to develop techniques to subvert security measures."