Freedom of Information Act (FOIA) policy
Protection of information technology infrastructure and .gov domain listings
The overarching policy Internet Gov Domain Policy and Guidelines directs that the listing of Gov Domain names, registration information and DNS attribute will not be released in order to reduce or avoid security incidents. The Gov domain listing of URLs and IP addresses is security sensitive, maintained in encrypted format during operation, and protected from disclosure under the mosaic exemption for infrastructure. The information in itself, if disclosed, could be used for potentially extremely effective cyber attacks on the Federal Government’s entire internet infrastructure.
We do not release listings of the Dotgov domains as provided for under the second exemption of FOIA (5 U.S.C. 552(b)(2)), high exemption 2, related solely to the internal personnel rules and practices of an agency. This is because release of the information presents a security risk to the Government’s internet infrastructure. The Department of Justice’s 2007 FOIA Guide states that the second exemption may protect sensitive but unclassified information.
However, many Federal Government domains that are used for web access are publicly accessible with links on usa.gov (A-Z Agency Index). This list is updated on a regular basis. The protection of our Government’s internet infrastructure is of critical importance to our operations.