|
Size: 1661
Comment: Access
|
← Revision 9 as of 2025-10-02 17:03:56 ⇥
Size: 2217
Comment: Typos
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 15: | Line 15: |
| If someone who does not meet those criteria accesses the information, there is an '''unauthorized disclosure''' ('''UD'''). |
|
| Line 16: | Line 18: |
Certain agencies or departments have specific guidance for unclassified information; examples include limited distribution or additional protections. This is the distinction between '''CUI Basic''' and '''CUI Specified'''. |
|
| Line 23: | Line 27: |
| The creation of CUI, and the assignment of oversight to [[UnitedStates/NationalArchivesAndRecordsAdministration|NARA]], was implemented to replace an information regime that was complex and seen as being weaponized to circumvent [[UnitedStates/InformationLaw/FreedomOfInformationAct|FOIA]] requests. Several [[UnitedStates/Departments|departments]], especially the [[UnitedStates/DepartmentOfDefense|U.S. Department of Defense]], has implemented labels for controlling unclassified information. |
Several [[UnitedStates/Departments|departments]], especially the [[UnitedStates/DepartmentOfDefense|U.S. Department of Defense]], have complex histories of labels for controlling unclassified information. |
| Line 32: | Line 34: |
| The creation of the CUI designation, and the assignment of oversight to the '''Information Security Oversight Office''' ('''ISOO''') under [[UnitedStates/NationalArchivesAndRecordsAdministration|NARA]], is intended to streamline bureaucratic red tape and to address the abuse of controls to circumvent [[UnitedStates/InformationLaw/FreedomOfInformationAct|FOIA]] requests. The new DoD policy is implemented in '''DoD Instruction (DoDI) 5200.48 Controlled Unclassified Information (CUI)'''. |
Controlled Unclassified Information
Controlled Unclassified Information (CUI) is a category of unclassified information overseen by the National Archives and Records Administration.
Definition
CUI exists within the paradigm of classification for government-generated information. It specifically refers to information that is not eligible for classification. Access is contingent on a lawful government purpose; a need-to-know is generally not required, although laws can carve out specific requirements.
If someone who does not meet those criteria accesses the information, there is an unauthorized disclosure (UD).
CUI generally includes all of PII, PHI, and CTI.
Certain agencies or departments have specific guidance for unclassified information; examples include limited distribution or additional protections. This is the distinction between CUI Basic and CUI Specified.
History
Several departments, especially the U.S. Department of Defense, have complex histories of labels for controlling unclassified information.
- For Official Use Only (FOUO)
- Sensitive But Unclassified (SBU)
- Law Enforcement Sensitive (LES)
- and so on
The creation of the CUI designation, and the assignment of oversight to the Information Security Oversight Office (ISOO) under NARA, is intended to streamline bureaucratic red tape and to address the abuse of controls to circumvent FOIA requests.
The new DoD policy is implemented in DoD Instruction (DoDI) 5200.48 Controlled Unclassified Information (CUI).