[unisog] Freedom of Information Act
Martin, James E.
martin at more.net
Tue Sep 9 15:14:26 GMT 2003
In Missouri, we've exempted any details of computer security configuration from disclosure (Section 610.021, R.S.MO 2002). This section was passed as part of Missouri's homeland defense planning.
While there's no redaction requirement, a number of Missouri public sector orgs seem to be removing public user directories under this provision while citing viruses and spam as the threat.
James E. Martin
MOREnet Network Security Coordinator
University of Missouri System
voice: 573-884-7200 fax: 573-884-6673
From: Bob Kalal [mailto:kalal.1 at osu.edu]
Sent: Monday, September 08, 2003 6:27 PM
To: Chris Stoermer
Cc: unisog at sans.org
Subject: Re: [unisog] Freedom of Information Act
You're lucky if it took the federal Freedom of Information Act.
Addresses, and almost everything else, about all employees of
the state of Ohio, including state university employees, are
available to any "person" in the broadest legal sense under
the Ohio Public Records Law. There are recent anti-terrorism
exceptions for fire fighters and law enforcement personnel
involved in certain active cases.
The Ohio State University
At 1:14 PM -0500 9/8/03, Chris Stoermer wrote:
>An email came through the other day that had one of my alternate
>addresses as the delivery address. After doing a little snooping, I
>found that our email addresses are part of "directory information"
>covered in the FIA.
>In light of all the security concerns we have with viruses, would
>any of us agree that the definition of "directory information" needs
>I have already written my reps. I even sent a message to "Homeland Security".
More information about the unisog