Editor’s Note: Read complete report here. Below is an excerpt.
In a July 8, 2014 decision, the Federal Labor Relations Authority (FLRA) held that agencies’ ability to take action to fulfill their responsibilities under the FISMA could be subject to collective bargaining rules.
In the case, the U.S. Department of Homeland Security’s (DHS) Immigration and Customs Enforcement (ICE) subcomponent identified a significant increase in network infections and privacy compromises that were related to employees accessing their personnel email from work computers (webmail). In response, the agency notified the union and terminated employees’ webmail access. The union objected, arguing that such action was subject to collective bargaining. In its decision, the FLRA held that the agency could not block webmail access through the agency’s network without first providing the union an opportunity to bargain.
The FLRA majority’s analysis stated that under federal labor law, matters concerning conditions of employment over which an agency has discretion are negotiable if the agency’s discretion is not sole and exclusive . . .” Ultimately, the FLRA majority found that imprecise wording in FISMA on agencies’ IT security responsibility failed to “demonstrate[] congressional intent to vest the Agency with sole and exclusive discretion over information security matters.”
The FLRA’s dissenting member disagreed stating that the majority’s decision effectively undermined agencies’ ability to fulfill their responsibilities under FISMA. He wrote: “it is obvious to me (after having served for seven and half years as the CIO at the U.S. Department of Labor) that neither the [FLRA] nor the Arbitrator possesses the specialized knowledge or expertise that would permit us to decide when a federal agency ought to address specific security risks or permit us to second guess how that agency should exercise those responsibilities.” He further added, “I cannot conclude that Congress intended for our Statute to be read so expansively as to impose additional–in this case bargaining–requirements on federal agencies before they can act to secure the integrity of their federal IT systems, the breach of which, could directly impact our nation’s security and economic prosperity.”
Leave a Reply