What exactly is CUI? CUI is information generated or held by the government that necessitates safeguarding or distribution controls in accordance with relevant laws, regulations, and government-wide policies. CUI is not a classified piece of information. The only thing that makes it classified is if it contains data that would harm national security.
Who can view CUI? Anyone who has a legitimate interest in doing so. This may include foreign governments to which Canada provides access to CUI, but also includes other parties such as non-government organizations.
If you have a valid reason for wanting to know more about CUI, for example if you are interested in applying for a job with the Government of Canada and need to know whether any of their databases contain information about CUI, then you should be able to obtain this information from a competent authority.
How does Canada protect CUI? Under the Privacy Act, federal departments and agencies must take measures to protect CUI. These measures include establishing policies and procedures to store CUI, as well as implementing physical, electronic, and organizational safeguards to prevent unauthorized persons from accessing CUI.
Are there any exceptions? Yes.
CUI is unclassified material connected with a legislation, rule, or government-wide policy that has been designated as needing protecting. It necessitates access control, handling, tagging, dissemination restrictions, and other safeguards. The term is short for "cited in the index."
All laws, executive orders, treaties, rulings, and other formal statements of policy that affect your work are published in the Federal Register. The Federal Register is a daily publication printed by the Government Printing Office. It contains all official notices from federal agencies and key decisions of the United States Supreme Court. Substantive rules, which have the force of law when adopted by an agency, also appear in the Federal Register. Many regulations are required to be published in order to create a public record of what was considered by Congress or the agency.
All classified materials, including those kept in confidential files, are subject to declassification review by one or more officials within an agency. The Chief Privacy Officer (CPO) is responsible for coordinating this activity across the Department. The CPO works with other officials within the Department who may have jurisdiction over particular classes of classified information to determine what should be declassified and how it can be done in a manner that protects sensitive information while still allowing the public to see important aspects of our national history.
Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls in accordance with applicable laws, regulations, and government-wide policies but is not classified as "Classified National Security Information" under Executive Order 13526 or the Atomic Energy Act, as amended. CUI includes items such as the following: technical data, research materials, documents, drawings, and computer files containing information about DOE operations or activities, including computer systems.
The Controlled Unclassified Information Policy (CUIP) defines the categories of CUI and their respective handling requirements. The CUIP also establishes a process for managing CUI.
All employees have a responsibility to protect and respect others' rights to privacy and confidentiality. They should also be aware of their own responsibilities in this area. The Department has established a program through which individuals can decline to disclose certain information about themselves. This program is called "OPEN." For more information, see Open Your Own Door - How Do I Decline An Invitation To Meet Or Give Feedback?
Employees who have reason to believe that other people's personal information is being disclosed in a manner inconsistent with the CUIP should report it immediately by contacting the employee's supervisor or the Employee Assistance Program (EAP).
Controlled Unclassified Information (CUI) is information that must be safeguarded or disseminated in accordance with relevant legislation, regulations, and government-wide policy but is not classified by Executive Order 13526 or the Atomic Energy Act, as amended. This includes information that has been marked "For Official Use Only" or "Not for Release to Public."
In addition, CUI includes information that is available to the public on a confidential basis due to its status as trade secrets, proprietary data, or other similar circumstances. This category also includes information that is exempt from disclosure under federal law.
Finally, CUI includes information that is protected by statute or regulation, such as information related to national security or law enforcement investigations or proceedings.
Examples of CI include names, phone numbers, email addresses, mailing addresses, financial information (such as social security numbers), personnel records, and medical or disability information. Criminal intelligence includes information about crimes committed or planned against U.S. citizens or nationals.
Examples of CII include technology products under development, prototypes, models, drawings, tests results, and other material evidence related to the CIA's mission. CII also includes information about foreign countries' military capabilities if released could affect U.S. national security.