Comment Now: Draft Guidelines on Data Classification Practices
A US data classification standard with peripheral AI mention - not a priority item for APS AI governance practitioners.
Key points
- NIST SP 1800-39 provides practical guidance on classifying sensitive unstructured data using commercial tools.
- AI is mentioned only as a downstream beneficiary of good data classification - not the subject of the guidance.
- Limited direct relevance to Australian federal AI governance work; primarily a US data security standards item.
Summary
NIST's National Cybersecurity Center of Excellence has released a draft Special Publication (SP 1800-39) offering practical guidance on discovering, identifying, and labelling sensitive unstructured data using commercially available classification tools. The guidance targets data lakes, file repositories, and email systems, and positions data classification as a foundational step for broader security measures including Zero Trust, quantum-safe cryptography, and secure AI model training. Public comments are open through 30 March 2026. AI features only as a downstream use case, not as the primary subject.
"Comment Now: Draft Guidelines on Data Classification Practices" Source: NIST Information Technology RSS Published: 12 February 2026 URL: https://www.nist.gov/news-events/news/2026/02/comment-now-draft-guidelines-data-classification-practices NIST's National Cybersecurity Center of Excellence has released a draft Special Publication (SP 1800-39) offering practical guidance on discovering, identifying, and labelling sensitive unstructured data using commercially available classification tools. The guidance targets data lakes, file repositories, and email systems, and positions data classification as a foundational step for broader security measures including Zero Trust, quantum-safe cryptography, and secure AI model training. Public comments are open through 30 March 2026. AI features only as a downstream use case, not as the primary subject. Retrieved from SIMS, 18 May 2026.