Domestic Security Enhancement Act of 2003

["Jason Coombs" <jasonc () science org>]

Domestic Security Enhancement Act of 2003, A.K.A. Patriot Act II, is
circulating in "discussion draft" form. It includes a requirement for
companies that use potentially dangerous chemicals to produce a "worst case
scenario" report which would be "obfuscated" to provide everyone with
increased security.

Although Patriot Act II is a terrible, horrible, not-very-good idea, the
parallels here with what software vendors should be required to do in the
way of publishing their own "worst case scenario" reports for code they
propose to release into the wild or vulnerabilities they patch are poignant.

See:

http://publicintegrity.org/dtaweb/home.asp
http://www.publicintegrity.org/dtaweb/downloads/Story_01_020703_Doc_1.pdf

Section 202, “Distribution of ‘Worst Case Scenario’ Information”: This would
introduce new FOIA restrictions with regard to the Environmental Protection
Agency. As provided for in the Clean Air Act, the EPA requires private
companies that use potentially dangerous chemicals must produce a “worst
case scenario” report detailing the effect that the release of these
controlled substances would have on the surrounding community. Section 202
of this Act would, however, restrict FOIA requests to these reports, which
the bill’s drafters refer to as “a roadmap for terrorists.” By reducing
public access to “read-only” methods for only those persons “who live and
work in the geographical area likely to be affected by a worst-case
scenario,” this subtitle would obfuscate an established level of
transparency between private industry and the public.