US info-sharing program draws fire

Taken from Security Focus.com

"The so-called Protected Critical Infrastructure Information (PCII) program allows corporations who run key elements of U.S. infrastructure - energy firms, telecommunications carriers, financial institutions, etc. - to submit details about their physical and cyber vulnerabilities to a newly-formed office within the Department of Homeland Security, with legally-binding assurances that the information will not be used against them or released to the public.

The programme implements controversial legislation that bounced around Capitol Hill for years before Congress passed it in the wake of the September 11 attacks as part of the Homeland Security Act of 2002. Security agencies have long sought information about vulnerabilities and likely attack points in critical infrastructures, but have found the private sector reluctant to share, for fear that sensitive or embarrassing information would be released through the Freedom of Information Act (FOIA)."