This Blur's For You

Since 9/11, security has become the watchword of the nation, though the initial hysteria has begun to abate somewhat. However, one of the ongoing casualties of the crusade for hyper-security has been access to once-public information. Maps and mappable information have been primary targets. The blurred image comes from Google Maps, and is an apparent attempt to hide the Salem Power Plant, a coal-fired power plant in Salem, Massachusetts. This is not unusual. In fact, one Wikipedia entry has managed to create a lengthy list of sites throughout the world that appear to have been censored by Google Maps - blurred or conspicuously missing imagery (see "Satellite map images with missing or unclear data"). Google has been largely silent about this practice in the U.S., though some governments (e.g., India) have been very public about asking Google to blur images of sensitive sites. At least one local politician in New York is also calling on Google to blur aerial imagery of sensitive military and government sites. There is also evidence that Google may be altering aerial imagery of sensitive commercial sites, such as areas where genetically modified crops are grown (see "What Google Won't Map," Gridskipper).

It's difficult if not impossible to know what kinds of geographic data have been censored or even deemed censor-worthy, either by government or other institutions. In July 2006, the federal Department of Homeland Security (DHS) released its National Infrastructure Protection Plan (NIPP),which provides the framework for how all levels of government and the private sector will manage the protection of the nation's critical infrastructure and key resources. An important part of this framework is the designation of what actually constitutes "critical infrastructure." In fact, it wasn't long before DHS came under withering criticism by its own Office of Inspector General, as well as Congress, for the NIPP's overly expansive definition of "critical infrastructure." As Senator Barbara Boxer of California put it, "I would love to provide protection for every activity in America, but the reality is that we need to set priorities" (see "DHS Officials Quarrel Over Internal Report," RCR Wireless News 07/24/2006).

The lack of a coherent national policy has not stopped government agencies from implementing their own ad hoc procedures. A recent report by NPR featured the struggle between a computer consultant and the state of Connecticut over access to GIS maps of water and sewer systems in the towns of Greenwich and Stamford (see "Security Officials Seek to Block Some Online Maps" NPR 10/8/ 2007). Connecticut's Freedom of Information Commission ruled that such data were too sensitive, and that the towns could only release maps without sewer and water systems, fire hydrants and man holes. Here in the Commonwealth of Massachusetts, the state's GIS dissemination agency MassGIS has implemented minimal security protocol around certain GIS data sets. Users wanting to download GIS data of large hazardous waste generators must first fill out a request, which includes detailed contact information, before being sent a link to enable download of the data.

MassGIS's approach is not too different from policies set in place by the Federal Energy Regulatory Commission (FERC) regarding Critical Energy Infrastructure Information (CEII), which FERC defines as "existing and proposed systems and assets, whether physical or virtual, the incapacity or destruction of which would negatively affect security, economic security, public health or safety, or any combination of those matters." That's about as specific as they get (see "FERC Tries to Strike a Fine Balance," Electric Utility Week 11/13/2006). Moreover, FERC allows utilities - whether private or publicly owned - to define for themselves what should be classified as CEII when those entities submit required documentation and information. This loose discretion, and the overzealous application of the CEII designation, actually worked against FERC and the energy industry in at least one case. California officials recently nixed a $700 million liquefied natural gas terminal proposed by Sound Energy Solutions (SES) because neither FERC nor SES were forthcoming with all of the information needed to complete the final Environmental Impact Report (see "Long Beach LNG terminal dead in water after officials end environmental review," Gas Market Report 01/26/2007).

It's worth remembering that there is social value, including safety and security, in public access to information about critical infrastructure and even hazardous or dangerous facilities. Some of the most important laws and traditions around public access in the U.S. were founded specifically on concerns about safety and security. In December 1984, a pesticide plant in Bhopal, India blew up, releasing a deadly cloud of methyl isocyanate gas that killed over 20,000 people in the surrounding community, and permanently maimed up to 100,000 others. It was (and still is) the worst industrial disaster in history. A host of factors were involved in the making of this catastrophe, but one of them was the complete ignorance of anyone outside of the plant about what was going on inside the plant (including local officials). A sister facility in Institute, West Virginia experienced a comparatively minor incident at about the same time (sending 134 people to the hospital), but the horror of Bhopal had already set the world on edge. In the U.S., the federal government and the public were still reeling from the drama at Love Canal and the discovery of previously uncounted and hidden sources of hazardous chemicals throughout the country. As a result, Congress passed the Emergency Planning and Community Right to Know Act (EPCRA) in 1986, which established requirements for emergency planning and reporting on hazardous and toxic chemicals. This legislation required facilities storing or handling potentially hazardous materials to report this information to State Emergency Response Commissions, Local Emergency Planning Committees, and local fire departments. In addition, it created a toxic release inventory (TRI) system that enabled the the tracking and monitoring of chemicals and facilities throughout the country. The TRI and other EPCRA provisions have been some of the most important tools for researchers as well as public health and safety officials. An enormous volume of environmental health and safety research and planning has relied on regular access to mappable TRI data. More importantly, this legislation recognized and institutionalized the right of communities and the public to have access to information about activities with health and safety implications.

On the 20th anniversary of the Bhopal tragedy in 2004, two EPA officials reflected on the evolution of incident prevention and response at chemical facilities over the last two decades. They argued that Bhopal and 9/11 were the transformative events, both of which highlighted the issue of safety and security, but with diametrically opposed results (see "The Post-Bhopal and Post-9/11 Transformations in Chemical Emergency Prevention and Response Policy in the United States"). It is an odd twist of circumstances that public disclosure, once touted as the mechanism to promote safety and security, could so quickly be relabeled as a threat to security.