Governor approves cybersecurity FOIA exemptions

LANSING (AP) — Open-records disclosures can no longer include information on cybersecurity plans and vulnerabilities in Michigan.

Gov. Rick Snyder signed legislation Monday that allows for the exclusion of cybersecurity information shared with Michigan State Police and other government bodies.

The changes cleared the Legislature in a bill sponsored by Republican Rep. Brandt Iden of Oshtemo earlier this month.

Supporters say the exemption reassures companies that sensitive information shared with officials in the event of a security breach does not surface in public-records requests under Michigan's Freedom of Information Act.

The exclusion also applies to requests that could trigger future security breaches.

The Michigan Press Association opposes the curtailment, saying it allows for excessive exemption-taking.

Last week, the state announced that a recent audit found phishing vulnerabilities among its public employees.