It is critical to maintain the availability of information and distribute it to those who can use and protect it properly. This entails being transparent about information-sharing practices; protecting sources and methods; and ensuring privacy and protecting civil liberties, while also enabling law enforcement investigations.

Supporting information-sharing initiatives exist both at the national and regional level. Information-sharing activities can protect privacy by applying the Fair Information Practice Principles (FIPPs) and protect civil liberties by complying with applicable laws and policies.

It is equally crucial to ensure adequate protection of sensitive business and security information that could cause serious adverse impacts to private businesses, the economy and public or private enterprise security through unauthorized disclosure, access, or use.

The Federal Government has a statutory responsibility to safeguard critical infrastructure information.

DHS and other agencies use the Protected Critical Infrastructure Information (PCII) program and other protocols such as Classified National Security Information, Law Enforcement Sensitive Information and Federal Security Classification Guidelines.

The PCII program, authorized by the Critical Infrastructure Information (CII) Act of 2002 and its implementing regulations (Title 6 of the Code of Federal Regulations Part 29), defines both the requirements for submitting CII and those that government agencies must follow for accessing and safeguarding CII.