Geospatial Data Details: Specifics Regarding Geodetic Products
In the realm of Controlled Unclassified Information (CUI), a specific category that warrants attention is the CUI//SP-GEO. This category pertains to imagery, imagery intelligence, or geospatial information and is subject to sanctions related to Geospatial information, as indicated by the banner marking CUI//SP-GEO.
The source documents for this CUI category are primarily derived from government cybersecurity and information security frameworks. These frameworks govern the handling and protection of geospatial data.
Key directives that define the CUI categories and their associated source documents include those from the National Archives and Records Administration (NARA) under CUI Policy (32 CFR Part 2002) and from Department of Defense (DoD) directives and Intelligence Community policies relating to Geospatial Intelligence (GEOINT).
The CUI Program regulation (32 CFR Part 2002) sets out CUI categories and the basis for designating information types, including special handling for geospatial data. The NARA CUI Registry defines CUI categories, including Special Categories like SP-GEO related to geospatial intelligence, and lists specific handling and safeguarding guidance.
Executive Order 13556 on Controlled Unclassified Information establishes policy for CUI and defines categories including geographic and imagery intelligence data. The DoD Manual 5200.01 covers DoD Information Security Program and responsibilities, including CUI markings for geospatial information.
Intelligence Community Directive (ICD) 205 details the handling and safeguarding of GEOINT within intelligence community programs. NIST Special Publications, such as SP 800-171 or SP 800-53, though they focus on cybersecurity requirements for protecting Controlled Unclassified Information generally, inform how geospatial systems and imagery data are secured.
While NIST SP 800-63 and SP 800-171 appear relevant for digital identity and security control frameworks supporting CUI protection, they do not specifically address CUI//SP-GEO imagery or geospatial data themselves. The EPA terminology and acronyms resource does not directly pertain to CUI or geospatial data security but illustrates the type of controlled vocabularies used in federal information management.
For authoritative identifying source documents related exactly to CUI//SP-GEO imagery and geospatial information, the best references will be the NARA CUI Registry and DoD or Intelligence Community issued instructions that define the category, handling requirements, and applicable markings.
It is important to note that the documents under this CUI Authority are subject to safeguarding and/or dissemination authority, and the sanctions for the documents under this CUI Authority are not specified in the current paragraph. This CUI Authority is categorized as Specified.
Data-and-cloud-computing technology plays a crucial role in the handling and protection of geospatial data, which is a part of the CUI//SP-GEO category. The National Archives and Records Administration (NARA) CUI Registry, as well as Department of Defense (DoD) instructions and Intelligence Community policies, provide specific handling and safeguarding guidance for this category.
