Only two companies and two associations have submitted information to the Department of Homeland Security (DHS) that will be kept secret under the Critical Infrastructure Information (CII) program, according to an April 21 testimony. At the time of the testimony, DHS had been operating the program for two months. The DHS Assistant Secretary for Infrastructure Protection, Robert Liscouski, revealed the low number of submissions while testifying before a joint session of the House Select Committee on Homeland Security’s Subcommittee on Cybersecurity, Science and Research & Development and the Subcommittee on Infrastructure and Border Protection. Liscouski expressed gratitude that the agency has not been inundated with submissions in its beginning stages. As evidenced in comments to DHS during the proposed rule comment period, the private sector worried that the CII program did not provide adequate protections and information would still become public. These fears might account for the lack of submissions. It was previously unknown what resources would be allocated to the program; Liscouski stated in his testimony that the program has 32 people on staff. It is unclear what tasks the staff is working on and why they are grateful for a slow start given the high number of staffing resources. Public interest groups expressed concern throughout the development of the CII program that the guidelines would open the door to abuse because companies, not DHS, decide what information qualifies as CII. After submission, the government is prohibited from publicly disclosing the information. Moreover, any submitted information may not be used for any regulatory action to correct problems with a facility’s infrastructure. Additionally, the CII program provides liability immunity for companies that submit, protecting them if an accident were to occur. The low level of initial participation by industry in the CII program does not solve the issues raised by the public interest groups. The four submissions thus far may represent serious safety problems that the government can now neither forces the companies to correct nor inform the public about. DHS published the interim final rule for CII Feb. 20. See OMB Watch’s Homeland Security page for more background on CII.