Senate Bill 258
148th General Assembly (2015 - 2016)
The General Assembly has ended, the current status is the final status.
Rep. K. Williams
AN ACT TO AMEND TITLE 29 OF THE DELAWARE CODE RELATING TO THE FREEDOM OF INFORMATION ACT.
The Delaware Freedom of Information Act, 29 Del. C. Ch. 100 ("FOIA") currently exempts from the definition of public record those documents that could jeopardize security of the state, "[f]acilitate the planning of a terrorist attack," or "endanger the life or physical safety of an individual." 29 Del. C. § 10002 (l)(17)(a)(2). While the current provision includes "telecommunications network facilities and switching equipment," the provision has not been updated since its adoption in 2002 in response to the September 11, 2001 terrorist attacks, and it may not sufficiently protect the State’s information security systems from FOIA requests that are designed to facilitate a cyber security attack. This legislation adds language that allows the Department of Technology and Information, as well as other public bodies subject to FOIA, to refrain from disclosing information about the underpinnings of our state computer network and systems. This information in the hands of a requestor increases the risk of a cyber attack and may allow a requesting party to obtain confidential data about the State’s citizens (including confidential payroll, medical, academic, and personnel records). This exemption is similar to the existing provisions that exempt the State from withholding blueprint and alarm system data that would allow a burglar to break into a physical building.