...
Data sensitivity and security
In general these permit applications do not contain highly sensitive information. However, information Information collected pursuant to requirements of the MSA, including permit application information, is protected by its confidentiality provisions at ยง 402 and under its implementing regulations at 50 CFR Part 600 Subpart E, including NOAA Administrative Order (NAO) 216-100. Additional protections of the Privacy Act and FOIA apply to such data as well as those collected under the Halibut Act. Most permit applications contain some personally identifying information (PII) and some few applications may contain proprietary business information.
Mitigating controls
Perhaps the most significant mitigating control is that in commercial fisheries transactions, both parties to the transaction (typically the fisher and the fish processor) are permitted entities and each has some responsibility for accurate and complete record-keeping and reporting (for example, the fisher may be required to keep a logbook showing fishing efforts and catch, while the processor is required to report fish purchased). In these transactions it is typical for the parties to the transactions to have opposite and balancing interests (for example, when a fisher is selling fish to a processor, the fisher wants the amount paid to be high, while the processor wants the amount paid to be low). These multiple sources of information and counter-balanced incentives tend to make deception more difficult to initiate and sustain.
...