and certain types of knowledge—wherever they are produced and however they are funded—as “sensitive but unclassified” (SBU).

The problem of “sensitive information” is not new. Classification is only one of the ways in which the US government controls public access to information. Across the federal government, there are dozens of categories that apply narrowly or broadly to specific types of information (see Figure SCS-1).⁶ Some of the categories are defined in statute, some through regulation, and some only through administrative practices. In addition, different agencies may assign a variety of civil and even criminal penalties for violation of their restrictions.⁷

Here, the fundamental issue is the scope of restrictions—that is, how much should the government try to control? When the primary US opponent was another technologically sophisticated state, the Soviet Union, the case could be made that one should focus on S&T areas that could truly make a difference in terms of adding to Soviet capabilities or undermining those of the United States. With the fall of the Soviet Union, some argue that the range of less technologically sophisticated opponents, including terrorists, now confronting the United States means that the government should try to deny access to the much wider range of information and technologies that could be useful to them.

While recognizing the legitimate concerns that others may take advantage of open access to information, technologies, and materials for malicious purposes, past examinations of the potential tradeoffs between openness and security have concluded that the United States is best served by focusing its efforts on protecting fewer, very-high-value areas of S&T.⁸ This is particularly true in fields where knowledge is advancing quickly and diffusing rapidly; otherwise, the United States may expend its efforts in attempts to control knowledge and technology that are readily available elsewhere. In addition, many of the existing and proposed lists of “sensitive”