 ATTORNEY GENERAL OF TEXAS GREG ABBOTT | |
 |
March 8, 2010 Ms. Neera Chatterjee Office of General Counsel University of Texas System 201 West Seventh Street Austin, Texas 78701-2902 OR2010-03359 Dear Ms. Chatterjee: You ask whether certain information is subject to required public disclosure under the Public Information Act (the "Act"), chapter 552 of the Government Code. Your request was assigned ID# 372634 (ORR# 51). The University of Texas at San Antonio (the "university") received a request for five categories of information relating to intrusions into university computer systems. You state the university has not located any information responsive to three categories of requested information. (1) You state the university has released information responsive to one category of information. You claim the submitted information responsive to the remaining category of information is excepted from disclosure under section 552.139 of the Government Code. We have considered the exception you claim and reviewed the submitted information. Section 552.139 of the Government Code provides: (a) Information is excepted from [required public disclosure] if it is information that relates to computer network security, to restricted information under Section 2059.055 [of the Government Code], or to the design, operation, or defense of a computer network. (b) The following information is confidential: (1) a computer network vulnerability report; and (2) any other assessment of the extent to which data processing operations, a computer, or a computer program, network, system, or software of a governmental body or of a contractor of a governmental body is vulnerable to unauthorized access or harm, including an assessment of the extent to which the governmental body's or contractor's electronically stored information is vulnerable to alteration, damage, or erasure. Gov't Code § 552.139. You inform us the submitted e-mails "pertain[] to an assessment by individuals in the [u]niversity's information technology department of computer vulnerabilities after the [u]niversity's servers were compromised in 2006." You further assert the information at issue "relates to how the university will correct any computer vulnerabilities that may have facilitated the breaches and contains sensitive information that potentially reveals weaknesses in the [u]niversity's computer network." Based on these representations and our review, we conclude the university must withhold the submitted information under section 552.139 of the Government Code. This letter ruling is limited to the particular information at issue in this request and limited to the facts as presented to us; therefore, this ruling must not be relied upon as a previous determination regarding any other information or any other circumstances. This ruling triggers important deadlines regarding the rights and responsibilities of the governmental body and of the requestor. For more information concerning those rights and responsibilities, please visit our website at http://www.oag.state.tx.us/open/index_orl.php, or call the Office of the Attorney General's Open Government Hotline, toll free, at (877) 673-6839. Questions concerning the allowable charges for providing public information under the Act must be directed to the Cost Rules Administrator of the Office of the Attorney General, toll free, at (888) 672-6787. Sincerely, Mack T. Harrison Assistant Attorney General Open Records Division MTH/rl Ref: ID# 372634 Enc. Submitted documents c: Requestor (w/o enclosures) Footnotes1. We note that the Act does not require a governmental body to disclose information that did not exist when the request for information was received. Econ. Opportunities Dev. Corp. v. Bustamante, 562 S.W.2d266 (Tex. App.--San Antonio 1978, writ dism'd); Open Records Decision No. 452 at 3 (1986).
POST OFFICE BOX 12548, AUSTIN, TEXAS 78711-2548 TEL: (512) 463-2100 WEB: WWW.OAG.STATE.TX.US |