<< COB00001 >>
IN THE UNITED STATES DISTRICT COURT
FOR THE DISTRICT OF COLUMBIA
ELOUISE PEPION COBELL, ~I	)
		)
	Plaintiffs,	)
		)
	V.	)	Case No. 1:96CV01285
)	(Judge Lamberth)
GALE A. NORTON, Secretary of the Interior, ~ IL,)
)
	Defendants.	)
CONSENT ORDER REGARDING INFORMATION TECHNOLOGY SECURITY
	WHEREAS, the Interior Defendants proposed this Consent Order to replace the
Temporary Restraining order entered by this Court on December 5, 2001, as amended on
December 6, 2001;
	WHEREAS, Plaintiffs filed their Motion for Temporary Restraining Order on March 7,
2000;
	WHEREAS, Plaintiffs filed their Opposition to Defendants' Motion for Clarification of
Temporary Restraining Order on March 14,2000;
	WHEREAS, Plaintiffs filed their Opposition to Defendants' Consolidated Motions for an
Enlargement of Time to File a Reply to D~fendants' Motion for Modification of Temporary
Restraining Order and to File a Response to Plaintiffs' Motion for Preliminary Injunction on
March 16, 2000;
	WHEREAS, Plaintiffs filed their Motion for Extension of Temporary Restraining Order
on March 20, 2000;
1
<< COB00002 >>
	WHEREAS, Plaintiffs filed their Consolidated Reply to Defendants' Opposition to
Motion for Preliminary Injunction and Opposition to Defendants' Motion to Dissolve the
Modified Temporary Restraining Order or~ March 28, 2000;
	WI-IEREAS, Plaintiffs filed their Motion for Special Master to Investigate the Office of
Information Resource Management for Failing to Implement Adequate Security Measures and
the Interior Secretary and Her Employees' and Counsel's Related Representations and
Recommend Immediate and Long-Term Corrective Action and Disciplinary Measures, As
Appropriate on March 30, 2001;
	WHEREAS, Plaintiffs' filed their Reply to "Secretary Norton's" Opposition to Plaintiffs'
Motion For Special Master Investigation Qf Interior's Division of Information Resource
Management and Recommendations on Corrective Action and Disciplinary Measures on May 7,
2001.
	WhEREAS, Plaintiffs filed their Consolidated Motion for an Emergency Temporary
Restraining Order and Motion for a PreIin~iinary Injunction and Motion for Order to Show Cause
Why Secretary Norton, Her Employees an~d Counsel Should Not Be Held in Contempt on May
17,2001;
	WHEREAS, in light of the information presented by Plaintiffs in these filings, the Special
Master, in accordance with his authority under the Court's February 22, 1999, February 24, 1999
and August 12,1999 Orders and at the Co~irt's request, investigated the security of the,
Department of the Interior's ("Interior's") trust-related information technology systems;
	WHEREAS, on November 14, 20(~1, the Special Master issued his Report and
Recommendation Regarding the Security of Trust Data at the Department of the Interior, in
2
D
<< COB00003 >>
which he identified numerous deficiencies in the security of Interior's trust-related information
technology systems and individual Indian trust data;
	WHEREAS, on November 12, 2001, Electronic Data Systems issued a report, entitled
Interim Information Assurance Report and Roadmap for TAAMS and BIA Data Cleanup, which
provided certain short-term and long-terrp recommendations to improve the security of Interior's
information technology systems and to protect individual Indian trust data;
	WHEREAS, Plaintiffs filed their Consolidated Reply to Defendant Department of the
Interior's Response to Consolidated Mot~on for a Temporary Restraining Order and Motion for a
Preliminary Injunction and Motion for Order to Show Cause Why Secretary Norton, Her
Employees and Counsel Should Not Be ~-Ield in Contempt and Renewal of Motion for
Temporary Restraining Order As Amended on November 16, 2001;
	WHEREAS, Plaintiffs filed their Alternative Motion for Temporary Restraining Order on
December 4, 2001;
	WHEREAS, on December 5,2091, this Court entered a Temporary Restraining Order,
amended on December 6,2001, requiring Interior Defendants to "immediately disconnect from
the Internet all information technology systems that house or provide access to individual Indian
trust data" and to "inunediately disconn~ct from the Internet all computers within the custody and
control of the Department of the Interioi~, its employees and contractors, that have access to
individual Indian trust data;"
	WHEREAS, Interior Defendant~ filed Notice of Actions Taken by the Department of the
Interior to Comply With to December 5,2001 Temporary Restraining Order, filed on December
7,2001;
3
<< COB00004 >>
	WHEREAS, information technolc~gy systems provide important or critical services for
individual Indians trust beneficiaries;
	WHEREAS, Interior Defendants recognize significant deficiencies in the security of
information technology systems protecting individual Indian trust data. Correcting these
deficiencies merits Interior Defendants' iipmediate attention;
	WHEREAS, for the purposes of tl~is Order only, the following terms have the following
definitions:
Information technology sy.~tem- Any equipment or interconnected system or
subsystem of equipment, that is used in the automatic acquisition, storage,
manipulation, managemen~, movement, control, display, switching, interchange,
transmission, or reception ~f data or information, including computers, ancillary
equipment, software, firmware and similar procedures, services (including support
services), and related resources.
Individual Indian trust da - All data stored in an information technology system
upon which the Governm nt must rely to fulfill its trust duties to Native
Americans pursuant to the Trust Fund Management Reform Act of 1994 (P.L. No.
103-412), other applicable statutes and orders of this Court reflecting, for
example, the existence of ndividual Indian trust assets (e.g., as derived from
ownership data, trust pate ts, plot descriptions, surveys, jacket files, statement of
accounts), the collection o income from individual Indian trust assets (e.g., as
derived from deposit tickets, journal vouchers, schedule of collections), use or
management of individual Indian trust assets (e.g., as'derived from leases, sales,
rights-of-way, investment reports, production reports, sales contracts), or the
disbursement of individua! Indian trust assets (e.g., as derived from transactidn
ledgers, check registers, ~action registers, or lists of canceled or undelivered
checks).
Individual Indian mast as.~ets- Lands, natural resources, monies, or other assets
held in trust at a particulai~ time by the United States, or that are or were at a
particular time restricted against alienation, for individual Indians.
House- The storage by ele~tronic means of individual Indian trust data.
Access- The ability to gair~ electronic entry into information technology systems;
4
p
<< COB00005 >>
	WHEREAS, Interior Defendants represent that they have contracted with Predictive
Systems, Inc. to install network firewalls ~tnd network intrusion detection systems in front of its
Internet access points located at its Restoiii, Albuquerque and Phoenix offices of Information
Resource Management by January 31, 2002. Under that contract, Predictive Systems is also
required to provide continuous monitoring of those systems for one year;
WHEREAS Interior Defendants r~present that they will task a qualified independent
contractor to perform a system-by-system evaluation of the requirements to bring relevant
individual Indian trust information technology systems into compliance with applicable standards
outlined in 0MB Circular A-130;
	WHEREAS, Interior Defendants r~present that they intend to bring relevant individual
Indian trust information technology systems into compliance with applicable standards outlined
in 0MB Circular A-130; and
	WHEREAS, Interior Defendants h¶ve consented to the entry of this Order.
	In accordance with the foregoing, i~ is hereby:
	ORDERED that Interior Defendant~ may operate any information technology system that
is not connected to the Internet, but which was shut down pursuant to the December 5,2001
Temporary Restraining Order, following st~bmission of reasonable assurances to the Special
Master, and Interior shall not reconnect an~ information technology system to the Internet
without the concurrence of the Special Ma~ter as provided herein; and it is further
	ORDERED that Interior Defendant~ may reconnect to the Internet any information
technology system that does not house indi~ridual Indian trust data and that does not provide
access to individual Indian trust data sevent~'-two (72) hours after providing actual notice with
5
D
<< COB00006 >>
appropriate documentation to the Special Master and Plainfiffs' counsel or immediately upon
concurrence of the Special Master; and it further
	ORDERED that Interior may reco~ect to the Internet, for specified periods, any
information technology system that house~ or provides access to individual Indian trust data, for
the limited purposes of(1) testing the sec rity of the information technology systems, or (2)
performing those functions necessary to r ceive, account for, and distribute trust funds or
appropriated funds, or to provide other ne essary services. At least seventy-two (72) hours
before temporarily reconnecting, Interior hall give actual notice including to the Special Master
and Plaintiffs' counsel with appropriate d cumentation of its intent to reconnect temporarily,
including but not limited to, the duration. At that time, Interior shall provide its plan to
reconnect temporarily to the Special Mast r. The Special Master shall review the plan and
perform any inquiries he deems necessary to determine if it provides adequate security for
individual Indian trust data. If the Special Master objects to the plan because it does not provide
adequate security for individual Indian tru t data, he shall inform Interior of his objections and
Interior shall work with the Special Maste to attempt to resolve those objections. Interior shall
not reconnect temporarily until such objee ions have been resolved to the satisfaction of the
Special Master. If the Interior Defendants and the Special Master cannot resolve the Special
Master's objections, notwithstanding their best efforts, the Interior Defendants may seek relief
from the Court. Prior to the expiration of e seventy-two hour advance period, Interior shall
contact the Special Master to make sure h has had sufficient time to assess the security
implications of Interior's plan. Interior sh 11 not reconnect temporarily if the Special Master
indicates that he has not had sufficient tim . Interior may reconnect before the expiration of the
6
I
<< COB00007 >>
seventy-two (72) hour period if the Special Master determines doing so is appropriate. The
parties shall not make any information about such reconnection publicly available prior to the
end of the reconnection period; and it is further
	ORDERED that Interior may reconnect to the Internet any information technology system
that houses or provides access to individual Indian trust data. At least seventy-two (72) hours
before reconnecting, Interior shall give actual notice to the Special Master and Plaintiffs' counsel
with appropriate documentation of its intent to reconnect. At that time, Interior shall provide its
plan to reconnect to the Special Master. The Special Master shall review the plan and perform
any inquiries he deems necessary to determine if it provides adequate security for individual
Indian trust data. If the Special Master ol~jects to the plan because it does not provide adequate
security for individual Indian trust data, he shall inform Interior of his objections and Interior
shall work with the Special Master to attempt to resolve those objections. Interior shall not
reconnect until such objections have been resolved to the satisfaction of the Special Master. If
the Interior Defendants and the Special Master cannot resolve the Special Master's objections,
notwithstanding their best efforts, the Interior Defendants may seek relief from the Court. Prior
to the expiration of the seventy-two hour ~dvance period, Interior shall contact the Special
Master to make sure he has had sufficient time to assess the securit5' implicatibn~ 'of Interior's
plan. Interior shall not reconnect if the Special Master indicates that he has not had sufficient
time; and it is tbrther
	ORDERED that the Special Master shall verify compliance with this Consent Order and
may conduct interviews with Interior personnel or contractors or conduct site visits wherever
information technology systems or individual Indian trust data is housed or accessed. Each party
7
D
<< COB00008 >>
will have the opportunity to have at least one counsel present at such interviews or site visits, and
any additional personnel permitted by the Special Master. The Special Master will provide
notice to counsel for both parties in advance of such interviews or site visits, but such notice may
be limited to the minimum necessary for counsel to make arrangements to attend. Unless
expressly permitted by the Special Master in writing, counsel shall not inform their clients or any
third parties about such interviews or site visits in advance; and it is further
	ORDERED that the Temporary Restraining Order entered by the Court on December 5,
2001, as amended on December 6, 2001, be and hereby is superseded by this Order; and it is
further
	ORDERED that this Consent Order may be vacated by this Court once the Court has
determined the Interior Defendants are in full compliance with this Consent Order and Interior's
relevant information technology systems are in compliance with the applicable standards outlined
in 0MB Circular A-130.
	SO ORDERED this l1~day of	2001.
C
	RO	LAMBERTH
United States District Judge
8
D