United States State Department, Agreement Between the Government of the United States of America and the Government of the United Kingdom of Great Britain and Northern Ireland on Cooperation in Science and Technology for Critical Infrastructure Protection and Other Homeland/Civil Security Matters , No Date. Unclassified.
National Security Archive
A 2009 U.S.–U.K. science‑and‑technology pact codifies joint cyber‑infrastructure research, revealing how fiscal pressure and emerging digital threats reshaped the special relationship.
Source: United States State Department, Agreement Between the Government of the United States of America and the Government of the United Kingdom of Great Britain and Northern Ireland on Cooperation in Science and Technology for Critical Infrastructure Protection and Other Homeland/Civil Security Matters , No Date. Unclassified. Date: Jan 1, 2009 Archive: US State Department Collection: Cyber Vault: Delegation of Authority Oct 25, 2017
Editorial Analysis
Original analysis by the DriftSeas editorial desk. The complete primary-source document, transcribed from the National Security Archive scan, appears in full below.
A Transatlantic Pact for the Digital Age
The agreement reproduced in the declassified file is not a treaty in the traditional sense, but a practical framework for joint research and development on critical‑infrastructure protection. Signed on 1 January 2009, it was drafted under the auspices of the U.S. State Department and the U.K. Foreign and Commonwealth Office, two ministries that have long acted as the diplomatic conduit for the “special relationship” in security matters. The timing is telling: the document emerged just months after the Obama administration’s first budget cycle and at the height of the 2007‑2009 global financial crisis, when both Washington and London were confronting a wave of cyber‑enabled threats to power grids, financial networks, and transportation systems.
From Cold‑War Collaboration to Cyber‑Centric Cooperation
During the Cold War, U.S.–U.K. scientific exchange was anchored in defense‑industry consortia such as the 1995 Memorandum of Understanding on Counter‑Terrorism R&D. That precedent is explicitly invoked in the preamble, signalling a continuity of bilateral trust while acknowledging a shift in focus. By 2009, “critical infrastructure” had expanded beyond physical assets to include the nascent cyber‑domain, a fact reflected in the agreement’s repeated emphasis on “physical and cyber‑based” systems. The document therefore belongs to the broader historical episode of post‑9/11 security integration, where the United States and its allies sought to institutionalize information sharing to counter asymmetric threats that could strike both civilian and military targets.
Who is Speaking, and What Their Language Reveals
The signatories are not named in the excerpt, but the language—“the Parties” and “Contracting Agency”—mirrors the legalese of other bilateral science‑and‑technology accords. This anonymity is intentional: it allows the agreement to be implemented by a rotating roster of agencies (e.g., the Department of Homeland Security, the National Science Foundation, the U.K.’s Department for Business, Energy & Industrial Strategy) without requiring a fresh diplomatic note each time. The preamble’s focus on “eliminate unnecessary duplication” and “obtain the most efficient and cost‑effective results” betrays a fiscal consciousness that was acute in 2009, when both governments faced budgetary constraints.
Reading Between the Lines
Several clauses, while seemingly routine, hint at deeper strategic calculations. The definition of “Controlled Unclassified Information” explicitly lists categories such as “Sensitive Homeland Security Information” and “Protected Critical Infrastructure Information.” By codifying these designations, the agreement creates a legal bridge for sharing data that would otherwise be siloed under domestic statutes like the U.S. Homeland Security Act or the U.K.’s Protected Disclosures Act. Moreover, the reference to the 1995 Intellectual Property Rights annex signals an awareness of commercial sensitivities: many of the technologies under development—advanced sensors, encryption algorithms, resilient grid controls—have dual‑use potential and valuable market value. The agreement thus pre‑emptively addresses the tension between open scientific collaboration and the protection of proprietary or classified assets.
Legacy and Contemporary Relevance
Although the text stops short of listing specific projects, the framework it establishes has been the backbone of numerous joint initiatives, from the 2010s’ “Cyber‑Physical Systems” pilots to the more recent “Joint Cyber‑Security Research Programme” announced in 2021. The emphasis on “jointly‑funded projects” foreshadows the current model of blended public‑private partnerships that dominate cyber‑infrastructure funding. In an era where supply‑chain attacks on critical vendors (e.g., the 2020 SolarWinds breach) have shown how interdependence can be weaponized, the agreement’s insistence on “information exchanges” and “technical standards” remains a cornerstone of allied resilience.
The 2009 agreement is therefore more than a bureaucratic memorandum; it is a snapshot of a strategic pivot toward collaborative cyber‑defense at a time when both nations were redefining the contours of national security. Its language reveals a balancing act—securing shared knowledge while guarding commercial and classified interests—that continues to shape how the United States and United Kingdom coordinate on emerging threats. For scholars of transatlantic security, the document offers a concrete illustration of how diplomatic, scientific, and economic imperatives were woven together to create a durable, if often invisible, architecture of mutual protection.
04-788
AGREEMENT BETWEEN THE GOVERNMENT OF THE UNITED STATES OF AMERICA AND THE GOVERNMENT OF THE UNITED KINGDOM OF GREAT BRITAIN AND NORTHERN IRELAND ON COOPERATION IN SCIENCE AND TECHNOLOGY FOR CRITICAL INFRASTRUCTURE PROTECTION AND OTHER HOMELAND/CIVIL SECURITY MATTERS
The Government of the United States of America and the Government of the United Kingdom of Great Britain and Northern Ireland (hereinafter referred to as the “Parties”):
Having a common interest in research and development relating to critical infrastructure protection and other homeland/civil security matters;
Seeking to make the best use of their respective research and technology development capacities, eliminate unnecessary duplication of work and obtain the most efficient and cost effective results through cooperative activities;
Desiring to increase the exchanges of information and personnel in areas pertinent to the identification of homeland/civil security threats and countermeasures and the development of technical standards, operational procedures, and supporting methodologies that govern the use of relevant technologies;
Stressing that physical and cyber-based critical infrastructures and other homeland/civil security capabilities, both governmental and private, are essential to the operations and security of the Parties’ respective economies and governments;
Noting that the Parties’ economies are increasingly interdependent, and that infrastructure protection and homeland/civil security are of paramount concern to the Parties’ respective governments;
Being aware of research, development, testing, evaluation, development of technical standards and operations in both countries in chemical, biological, radiological, nuclear and explosive countermeasures and in other areas that could enhance critical infrastructure protection and homeland/civil security;
Noting the important work accomplished under arrangements such as the Memorandum of Understanding between the Secretary of Defense on behalf of the Department of Defense of the United States of America and the Secretary of State for Defence of the United Kingdom of Great Britain and Northern Ireland Concerning Counter Terrorism Research and Development of April 6, 1995, and desiring to avoid duplicating those efforts;
Recognizing a common desire to:
- expand the homeland/civil security technology capabilities of each Party;
- minimize unnecessary duplication of work;
- obtain more efficient and cost-effective results; and
- adapt more flexibly to the dynamic threat environment
through information exchanges and the conduct of jointly-funded projects that are mutually beneficial and that relate to the application of state-of-the-art and emerging security technologies, making best use of the Parties' respective research, development, and testing and evaluation capacities;
Affirming a common interest in enhancing the longstanding collaborative efforts of the Parties' respective agencies, private sector and governmental organizations, and academic institutions in generating scientific and technological solutions to counter threats, reduce vulnerabilities, and respond to and recover from incidents and emergencies in those areas having the potential for causing significant security, economic, and/or social impacts;
Desiring to set forth a vehicle for the conduct of cooperative scientific and technological research, development, testing and evaluation in the fields of critical infrastructure protection and homeland/civil security;
Agree to the following:
ARTICLE I
Definitions
For purposes of this Agreement between the Government of the United States of America and the Government of the United Kingdom of Great Britain and Northern Ireland on Cooperation in Science and Technology for Critical Infrastructure Protection and Other Homeland/Civil Security Matters (the "Agreement"), the Parties have adopted the following definitions:
Business Confidential Information Has the meaning given to it in Section III of Annex I to the Agreement between the Government of the United States and the Government of the United Kingdom of Great Britain and Northern Ireland concerning the Agreement on the Annex on Intellectual Property Rights of November 29, 1995.
Classified Information Official information that requires protection for national security, law enforcement, civil security, commercial or other reasons and is so designated by
the application of the appropriate security classification markings in accordance with the national laws, regulations, policies, or directives of either Party. It may be in oral, visual, magnetic, electronic, or documentary form, or in the form of Equipment and Material or technology.
Contract
Any mutually binding legal relationship under the national laws of either Party that obligates a Contractor to furnish supplies or services in relation to a Project, and obligates one or both of the Parties to pay for them.
Contracting Agency
Any entity within the government organization of a Party that has authority to enter into, administer, and/or terminate contracts.
Contractor
Any entity awarded a Contract by the relevant Party's Contracting Agency.
Controlled Unclassified Information
Information that is not Classified Information, but to which access or distribution limitations have been applied in accordance with national laws, regulations, policies, or directives of either Party. Whether the information is provided or generated under this Agreement, it will be marked to identify its sensitive character. This definition includes, but is not limited to information marked "Sensitive Homeland Security Information", "For Official Use Only", "Law Enforcement Sensitive Information" or "Protected Critical Infrastructure Information". Controlled Unclassified Information may include Proprietary Information.
Cooperative Activity
Any form of activity described in Article VII (Forms of Cooperative Activity) of this Agreement under which the Parties agree to cooperate to achieve the objectives of this Agreement. Such activity will normally take the form of a Project.
Critical Infrastructure
Governmental and/or private activities or sectors that are identified by each Party in its laws, executive orders, directives or policies as "Critical Infrastructure".
Equipment and Material
Any material, equipment, end item, subsystem, or component generated, acquired or provided for use in any Cooperative Activity.
Intellectual Property Has the meaning given in Article 2 of the Convention Establishing the World Intellectual Property Organization, done at Stockholm, July 14, 1967. It may also include other subject matters as agreed by the Parties.
Participant Any non-federal or non-central government person or entity, including but not limited to a private sector organization, academic institution, Contractor or laboratory (or subsidiary thereof) engaged in accordance with Article IX (Participants).
Project A specific form of Cooperative Activity described in Article VIII (Projects).
Project Arrangement The instrument setting out the scope of any Project to be carried out by the Parties.
Project Background Information Information not generated in the performance of a Project.
Project Foreground Information Information generated in the performance of a Project.
Project Information Any information provided to, generated in, or used in a Project regardless of form or type, including that of a scientific, technical, business, or financial nature, and including photographs, reports, manuals, threat data, experimental data, test data, designs, specifications, processes, techniques, inventions, software, source code, drawings, technical writings, sound recordings, pictorial representations, and other graphical presentations; whether in magnetic tape, electronic media, computer memory, or any other form and whether or not subject to intellectual property protections.
Proprietary Information Information which is owned by a private individual, corporation, or a government and which is either: (a) known only to the owner and/or persons in privity with the owner, and therefore not available to the public, or (b) is known to the public but is entitled to intellectual property or other legal protection against unauthorized use.
Research, Development, Testing, and Evaluation (RDT&E) Programs and activities, including basic research, applied research, advanced technology development, proof of principle, verification, validation, and development of technical standards of the Parties and/or Participants that seek to identify, develop, and implement technological and analytical solutions, tools and techniques to address the homeland/civil security capability needs of each Party.
Third Party Any entity or person who is neither a Party to this Agreement nor a Participant in any of its Cooperative Activities.
ARTICLE II
Objective
The objective of this Agreement is to establish a framework to encourage, develop and facilitate bilateral Cooperative Activity in science and technology that contributes to the homeland/civil security capabilities of both Parties in:
- the protection of Critical Infrastructure;
- the prevention and detection of, response to, and forensics and attribution applied to terrorist or other homeland/civil security threats and/or indicators; and
- crisis response and consequence management and mitigation for high-consequence events.
ARTICLE III
Means of Achieving Objectives
The Parties shall seek to achieve the objectives set out in Article II (Objectives) by:
- facilitating a systematic exchange of technologies, personnel, and information derived from or applied to similar and complementary operational research, development, testing, and evaluation programs;
- collaborating to develop technologies and prototype systems that assist in countering present and anticipated terrorist actions in their respective territories and other homeland/civil threats that satisfy their common strategic interests and requirements;
- integrating or adapting the homeland/civil security technologies of each Party to save development costs;
conducting evaluation and testing of prototype homeland/civil security technologies;
developing an approach to identify shared priorities for Cooperative Activity;
ensuring consistent and appropriate measures of effectiveness by development and implementation of appropriate standards and supporting test protocols and methodologies;
involving, as appropriate, a wide range of public and private sector research and development organizations in Cooperative Activity developed pursuant to this Agreement;
providing reciprocal opportunities to engage in Cooperative Activity, with shared responsibilities and contributions, which are commensurate with the Parties' or the Participants' respective resources;
providing comparable access to government-sponsored or government-supported programs and facilities for visiting researchers and experts, and comparable access to and exchange of information and Equipment and Material; and
facilitating prompt exchange of information and Equipment and Material, which may affect Cooperative Activity, and facilitating the dissemination of information and Equipment and Material, consistent with applicable national laws, regulations, policies and directives.
ARTICLE IV
Executive Agents
The Undersecretary of Science and Technology of the United States Department of Homeland Security is the primary official within the Government of the United States with responsibility for the executive oversight of Cooperative Activity within the United States and is hereby designated as the "US Executive Agent" responsible for the administration of this Agreement. The duties of the US Executive Agent may be performed on his behalf by the Assistant Secretary of Homeland Security for Science and Technology.
The Chief Scientific Advisor of the Home Office (or equivalent position in the event of a reorganization) is the primary official within the Government of the United Kingdom of Great Britain and Northern Ireland with responsibility for executive oversight of Cooperative Activity within the United Kingdom and is hereby designated as the "UK Executive Agent" responsible for the administration of this Agreement. The duties of the UK Executive Agent may be performed on his behalf
by the Chief Scientist of the Police Scientific Development Branch of the Home Office.
- Prior to undertaking Cooperative Activity (including any Project) under this Agreement, the Parties through their Executive Agents designated above, shall agree in writing upon the nature, scope, and duration of the Cooperative Activity.
ARTICLE V
Management
The Executive Agents shall appoint Agreement Directors who shall be responsible for the day-to-day management of this Agreement and its Cooperative Activities. In addition the Agreement Directors shall be responsible for:
a. promoting Cooperative Activity under this Agreement;
b. managing activities carried out under this Agreement and its Projects and exercising technical and financial oversight;
c. monitoring the overall use and effectiveness of this Agreement;
d. recommending amendments to this Agreement to the Parties;
e. resolving issues;
f. authorizing involvement by Participants in Cooperative Activities pursuant to this Agreement;
g. establishing and maintaining security guidelines, including procedures related to exchange, storage, and transmission of information and equivalent security markings to be applied to exchanged information in accordance with Article XII (Information Security);
h. developing and maintaining an outline of the Cooperative Activities and their associated costs. This outline will be known as the annual work plan and will document the work to be carried out under each Project Arrangement; and
i. developing and maintaining a strategic plan setting out the objectives of the Cooperative Activities being carried out at any given time and the Parties' intentions for future cooperation.
The Agreement Directors shall meet at least annually to review implementation of the Agreement and at such other times as they consider necessary to implement this Agreement. The Agreement Directors shall be
responsible for coordinating with other coordination bodies established by the Parties.
ARTICLE VI
Areas of Cooperative Activity
The Parties shall facilitate Cooperative Activity in broad areas related to protection of Critical Infrastructure and homeland/civil security. Areas of Cooperative Activity include, but are not limited to:
- development and implementation of threat and vulnerability assessments, interdependency analyses, and methodologies related to potential threats to Critical Infrastructure systems and other homeland/civil security scenarios;
- assessment of prior operational experiences and evaluation for the purposes of articulating operational deficiencies into definable technical requirements and appropriate standards and supporting methodologies;
- integration of existing technologies for use in surveillance and detection in support of permissible homeland/civil security activities, or in defense against terrorism and other homeland/civil security threats;
- research and development of technologies and systems to meet user requirements or capability gaps and national needs;
- testing and evaluation of specific prototype systems for homeland/civil security applications in both laboratory environments and real or simulated operational settings. This includes technologies associated with enhanced detection and monitoring of potential terrorist activities and those associated with recovery and reconstitution of damaged or compromised systems;
- preparation of detailed final test reports to allow either Party or their Participants to evaluate follow-on efforts individually or to allow the transition of successful prototypes into operational deployments;
- system protection (including protection of automated infrastructure control systems) and information assurance (including protecting the integrity of data and information in control systems);
- reciprocal education, training, and exchange of scientific and technical personnel, and exchange of Equipment and Material in science and technology areas including research, development, testing, and evaluation; and
- development and exchange of best practices, standards, and guidelines.
# NATIONAL SECURITY ARCHIVE
National Security Archive,
Suite 701, Gelman Library, The George Washington University,
2130 H Street, NW, Washington, D.C., 20037,
Phone: 202/994-7000, Fax: 202/994-7005, nsarchiv@gwu.edu