FAS

White House Offers Glimpse of Cybersecurity Program

03.03.10 | 3 min read | Text by Steven Aftergood

The White House yesterday released a newly declassified description (pdf) of the Comprehensive National Cybersecurity Initiative (CNCI), a highly classified program that is intended to protect U.S. government computer networks against intrusion and disruption.

The cybersecurity initiative was established in January 2008 by President Bush’s classified National Security Presidential Directive (NSPD) 54, and quickly became controversial in part because of the intense secrecy surrounding it.

“Virtually everything about the initiative is highly classified,” the Senate Armed Services Committee complained in 2008, “and most of the information that is not classified is categorized as ‘For Official Use Only’.  These restrictions preclude public education, awareness and debate about the policy and legal issues, real or imagined, that the initiative poses in the areas of privacy and civil liberties…. The Committee strongly urges the [Bush] Administration to reconsider the necessity and wisdom of the blanket, indiscriminate classification levels established for the initiative.”  No such reconsideration was forthcoming until now.

Concerns about overclassification were also expressed by the National Academy of Sciences in a 2009 report, which called for “a broad, unclassified national debate and discussion about cyber-attack policy,” and argued that “secrecy even about broad policy issues serves mostly to inhibit necessary discussion about them.”

The Comprehensive National Cybersecurity Initiative was “the single largest request and the most important initiative of the President’s fiscal year 2009 [intelligence] budget request,” the House Intelligence Committee said in its report on the FY2009 intelligence authorization act.

The Electronic Privacy Information Center filed a Freedom of Information Act lawsuit (pdf) just last month seeking declassification and disclosure of the Bush Administration’s NSPD 54.

But that foundational directive was not disclosed, nor did the Obama Administration address the issue of offensive cyber policy raised by the National Academy.  Instead, the White House released a descriptive summary of 12 component elements of the Cybersecurity Initiative, a gesture that it said was consistent with the President’s emphasis on increased transparency.

“Transparency is particularly vital in areas, such as the CNCI, where there have been legitimate questions about sensitive topics like the role of the intelligence community in cybersecurity,” said Howard A. Schmidt, the White House Cybersecurity Coordinator who announced the disclosure.  “Transparency provides the American people with the ability to partner with government and participate meaningfully in the discussion about how we can use the extraordinary resources and expertise of the intelligence community with proper oversight for the protection of privacy and civil liberties,” Mr. Schmidt said.

But without a clear delineation of legal authorities and implementation mechanisms, the scope for meaningful public discussion seems limited.

As the House Intelligence Committee put it in 2008, “a cybersecurity initiative [is] worthwhile in principle, but the details of the CNCI remain vague and, thus, open to question.”

In order to bolster independent oversight of programs such as the CNCI that must remain classified, at least in part, dozens of public interest organizations including the Federation of American Scientists this week urged President Obama (pdf) to finally appoint the members of an independent executive branch oversight board.

The Privacy and Civil Liberties Oversight Board (pdf), originally proposed in 2004 by the 9/11 Commission to monitor and defend civil liberties in information sharing and counterterrorism activities, was given independent agency status by Congress in 2007.  But it has remained vacant since that time and thus unable to fulfill its assigned task.

“It is crucial that you nominate qualified individuals to serve on the PCLOB, so that it may begin to provide guidance as new policies and procedures are developed,” the public interest group letter said.

publications
See all publications
FAS
Article
Scaling Team Science is the Important Experiment We Need

X-Labs seek to expand on what FROs have shown is possible: the generation of foundational infrastructure for entire new fields of research science.

07.14.26 | 6 min read
read more
Government Capacity
Blog
An open letter to the new NYC PIT Crew

This is a tremendous opportunity to redefine what people expect from government, and in doing so, inspire cities across the country to raise their own ambitions. We are excited to see this initiative lead the way and look forward to cheering your success.

07.13.26 | 3 min read
read more
Government Capacity
Policy Memo
We Need a U.S. Permitting Corps: Executive and Legislative Recommendations

Despite significant political momentum behind reform efforts, limited attention has been paid to the federal workforce that will actually be responsible for interpreting and implementing new permitting regulations and better outcomes.

07.08.26 | 10 min read
read more
Environment
Press release
Amid Sweltering Weather, the Federation of American Scientists Releases Expert-Sourced “State and Local Heat Policy Agenda”

Nearly 150 organizations and government officials have endorsed the call to action and solutions for extreme heat, now public at HeatAgenda.US Washington, D.C. – July 7, 2026 – As millions of Americans continue to struggle to stay cool following one of the hottest Independence Day holidays on record, the Federation of American Scientists (FAS), one […]

07.07.26 | 3 min read
read more