New FOIA amendment in Delaware could have #opendata repercussions - Technical.ly Delaware

Civic

May 18, 2016 11:59 am

New FOIA amendment in Delaware could have #opendata repercussions

Open data guy Mark Headd is concerned that some wording might be problematic.

Wilmington's abuzz about it. Could a new bill set it back?

(Photo by Flickr user justgrimes, used under a Creative Commons license)

An amendment has been proposed to Delaware’s Freedom of Information Act legislation, and Mark Headd, a tech exec who specializes in open government and civic access, thinks it could be problematic for open data transparency.

First, here’s what the proposed amendment says about § 10002(l)(17)a., Title 29 of the Delaware Code (the new stuff is underlined):

(l) ”Public record” is information of any kind, owned, made, used, retained, received, produced, composed, drafted or otherwise compiled or collected, by any public body, relating in any way to public business, or in any way of public interest, or in any way related to public purposes, regardless of the physical form or characteristic by which such information is stored, recorded or reproduced. For purposes of this chapter, the following records shall not be deemed public:

(17)a. The following records, which, if copied or inspected, could jeopardize the security of any structure owned by the State or any of its political subdivisions, or could facilitate the planning of a terrorist attack, or could endanger the life or physical safety of an individual:

  1. Information technology (IT) infrastructure details, including but not limited to file layouts, data dictionaries, source code, logical and physical design of IT systems and interfaces, detailed hardwareand software inventories, network architecture and schematics, vulnerability reports, and any other information that, if disclosed, could jeopardize the security or integrity of an information and technology system owned, operated or maintained by the State or any public body subject to the requirements of this Chapter.

“I just really sort of raised my eyebrows a bit when I read it,” Headd said. “It’s going through the General Assembly, and at the same time, the governor is saying we’re going to push forward with open data.”

Gov. Jack Markell holds up the open data executive order.

Gov. Jack Markell holds up the open data executive order in January. (Photo by Chris A. Williams)

What’s troubling to him, Headd said, are the phrases “file layouts, data dictionaries and source code.”

Advertisement

“Data dictionaries are very useful, essential for open data sets, and file layouts, if you’re using an open data set, you need a file layout,” he said.

Source code is also a helpful tool with open data, he said, noting that the City of Philadelphia has been using GitHub extensively to release source code.

The phrase “software inventories” also concerns him. “While it is certainly possible for someone to request a list of software being used by state agencies as a potential attack vector, it seems pretty unlikely,” Headd wrote in an email. “There are lots of other ways to scan for vulnerabilities in software and systems that don’t require someone to submit a FOIA request.”

And FOIA-ing a list of the state government’s softwares could be helpful, he added, to shine a light on agencies needlessly buying the same kind of software from different vendors or buying software from politically connected vendors.

Ryan Harrington, an organizer of Open Data Delaware, talked with Headd about it and says Headd has a point about the bill’s language possibly posing problems. “His logic makes a lot of sense,” Harrington said. “I can see how SB 258 could be overreaching, though the spirit of the bill still makes sense.”

Headd said he doesn’t take issue with what the intent of the bill was, but wonders if the wording might be reconsidered: “It seems like the language could perhaps be reviewed in a little more general way … so that the intent is matched with the language here.”

People: Mark Headd
-30-
JOIN THE COMMUNITY, BECOME A MEMBER
Already a member? Sign in here

Advertisement

CompStat helped lower Wilmington’s crime rate — but what the heck is it, exactly?

An open data silver lining for Wilmington

Curious about open data? Join our civic tech Slack chat on Friday

SPONSORED

Delaware

Hear from the privacy pros at Security by the Schuylkill

Philadelphia

Technically Media

Technical.ly Editorial Intern (Summer 2019)

Apply Now
Philadelphia

KickUp

Software Engineer

Apply Now
Malvern, PA

Vanguard

Senior Front End Engineer – CX Journey Lab

Apply Now

Port of Wilmington expansion expected to create thousands of jobs

New season, new look for Open Data Delaware

Using crowdsourcing to create a dataset — on parking in Wilmington

SPONSORED

Delaware

Learn to lead digital transformation at Phorum 2019

Baltimore, MD 21201

14 West

Senior Software Engineer (Java + Apache Spark)

Apply Now

Sign-up for daily news updates from Technical.ly Delaware

Do NOT follow this link or you will be banned from the site!