Computer Security Act (1987)

Computer Security Act (1987)

The Computer Security Act of 1987 is the first major United States government effort to legislate protection and defense for unclassified information in governmentrelated computer systems. The act mandates the National Bureau of Standards to develop and implement procedures that improve the security and privacy of sensitive material and creates a means for establishing minimum acceptable security practices.

The CSA arose out of congressional concerns about computer database vulnerability and executive branch over-zealousness on computer matters. While the Department of Defense argued that unclassified information could be pieced together to create a national security threat, President Ronald Reagan's 1984 National Security Decision Directive 145 set information safeguards at such a high level that private computer data companies loudly complained to legislators about federal scrutiny of their customers. Congress decided to assess the vulnerability of government computers, develop technical and management strategies against access to sensitive information, and establish mandatory training for employees in computer and communication security. The resulting CSA also designates the creation of a twelve-member advisory board that meets at least three times per year and reports to the Secretary of Commerce, the Office of Management and Budget, the National Security Council, and Congress.

While the CSA is designed to prevent the release of sensitive information, the law specifically forbids any federal agency to withhold information requested under the Freedom of Information Act (FOIA). It also does not authorize any agency to limit, restrict, or regulate the collection, disclosure, use, or sale of privately owned or public domain information. Despite this provision journalists have encountered increasing difficulty obtaining FOIA access to federal material stored in computer databases. Librarians have also observed that the Department of Defense, Department of Energy, and NASA release fewer documents to the public than in the years prior to CSA.

In light of the George W. Bush administration's concern with secrecy as an element of national security, the CSA will likely continue to be used to limit public access to government information.



Blyth, Andrew and Gerald L. Kovacich. Information Assurance: Surviving in the Information Environment. London: Springer, 2001.

Martin, Shannon E. Bits, Bytes, and Big Brother: Federal Information Control in the Technological Age. Westport, CT: Praeger, 1995.


Bush Administration (2001–), United States National Security Policy
Classified Information
Commerce Department Intelligence and Security Responsibilities, United States
Computer Fraud and Abuse Act of 1986
Computer Hackers
Computer Hardware Security
DOD (United States Department of Defense)
DOE (United States Department of Energy)
FOIA (Freedom of Information Act)
Information Security
NSC (National Security Council)
Reagan Administration (1981–1989), United States National Security Policy

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

Computer Security Act (1987) forum