After a string of highly publicized attacks on energy pipelines in different areas of the country, several Congressmen addressed a letter to US Attorney General Jeff Sessions last month, asking that the United States Department of Justice (DOJ) respond to several questions concerning the ability and intent of the DOJ to investigate and prosecute criminal activity against energy infrastructure at the federal level. The letter also asks for DOJ clarification on whether attacks against the nation’s energy infrastructure fall within the DOJ’s understanding of 18 U.S.C. § 2331(5), which defines “domestic terrorism” to include activities that “involve acts dangerous to human life that are a violation of the criminal laws of the United States or of any State” and that “appear to be intended to . . . influence the policy of a government by intimidation or coercion.”
The Senate Intelligence Committee recently approved the “Cybersecurity Information Sharing Act”, which would facilitate the sharing of information about cybersecurity threats or countermeasures by among private entities and with the federal government. If information is shared in accordance with certain requirements (such as the use of technical controls to protect shared information), the bill provides broad protections for entities sharing information for cybersecurity purposes, including immunity against any legal action related to the monitoring, sharing, or receipt of information done in accordance with the Act.
PHMSA published an Information Collection Renewal Notice in June regarding the renewal of existing data that the Agency collects through the National Pipeline Mapping System (NPMS). 78 Fed. Reg. 36016 (June 14, 2013). Since that time, the Agency received one comment from the Pipeline Safety Trust (PST) requesting the following improvements to the data collected by the NPMS: (1) increase the accuracy of HCA data to assist local community emergency-planning efforts; (2) require that operators update NPMS information annually; and (3) require that operators provide system-specific information through the NPMS, such as pipe diameter, operating pressure, product transported, and potential impact radius. On September 18, 2013, PHMSA responded to the comment noting that it will consider these suggestions when evaluating further changes to the NPMS data requirements and by extending the comment period an additional thirty days to October 18, 2013. 78 Fed. Reg. 57455 (September 19, 2013). As discussed in a prior Pipelinelaw practice pointer on increased FOIA requests, PST’s comments touch upon issues related to sensitive infrastructure data, such as detailed information regarding pipeline location and characteristics, that may be protected from disclosure to third parties for security reasons under FOIA. The industry should be mindful of the risks inherent in making this information publicly available on the internet and possible options for limiting access to sensitive pipeline infrastructure information.