||1.3, 1.3.1, 184.108.40.206, 220.127.116.11, 1.3.2, 1.3.3, 1.3.2 (new), 18.104.22.168 (new), 22.214.171.124 (new), 126.96.36.199 (new), 1.3.3 (new), 1.3.4, 1.3.5, 1.3.6, 1.3.8, 1.3.9 (delete), 2.1, 2.2, 3.10, 3.10.2, 3.10.3, 3.10.4, 12.1, 12.3, 17.3.2, 17.4
||This Nodal Protocol Revision Request (NPRR) clarifies parties’ responsibilities regarding ERCOT Critical Energy Infrastructure Information (ECEII). This NPRR defines ECEII, adds lists of items that are considered ECEII, specifies the restrictions imposed upon parties that receive or create ECEII, and provides a framework for the submission of ECEII to ERCOT. A process has been created for contesting ERCOT determinations regarding confidentiality status. This NPRR also deletes language in Section 188.8.131.52 that is duplicative of paragraph (1)(b) of Planning Guide Section 5.5.4, Notification to ERCOT Concerning Certain Project Developments.
The Federal Energy Regulatory Commission (FERC), in a series of orders issued in 2003, adopted a definition of Critical Energy Infrastructure Information (CEII) and established regulations for submitting CEII to and obtaining CEII from FERC. Subsequent FERC orders further refined these regulations. While the FERC regulations do not require ERCOT to adopt similar rules regarding the handling of CEII, the Protocols currently include a definition for CEII, closely based on the FERC definition, although there are only minimal requirements regarding CEII in the current Protocols. In practice, ERCOT restricts access to CEII, and strongly believes that limiting access and requiring secure handling of CEII is reasonable and appropriate in connection with its role as the recipient and producer of vast amounts of information, some of which is sensitive for commercial or security reasons. The rules proposed in this NPRR are based on a review of FERC’s CEII regulations and similar rules adopted by other Independent System Operators (ISOs) and Regional Transmission Organizations (RTOs).
The Market Information System (MIS) Secure Area was intended to be used for ERCOT to provide routine Market Participant access to information that is sensitive for security reasons – i.e., ECEII. Paragraph (1) of Section 12.1 states in part that “[t]he MIS Secure Area provides restricted access to critical energy infrastructure information.” While much of the information currently required by the Protocols and Other Binding Documents to be posted on the MIS Secure Area does constitute ECEII, ERCOT Staff has identified several instances in which information required to be posted on the MIS Secure Area is not ECEII and thus would be more appropriately located on the MIS Public Area. As a follow-up to this NPRR, ERCOT Staff intends to conduct a more comprehensive review of items required to be posted on the MIS Secure Area, and expects to submit one or more additional Revision Requests to relocate those items that do not constitute ECEII.
To provide Market Participants time to adjust their processes to account for the changes enacted through this NPRR, ERCOT proposes that the NPRR become effective on the first day of the seventh month following ERCOT Board approval (e.g., July 1, 2019 effective date if approved by the ERCOT Board at its December 2018 meeting).