Web 2.0 risks and rewards for federal agencies

Potential security and privacy issues balance gov. innovation and cost savings.

usgs-earthquake-tweets.jpgThe nature of record keeping and government transparency in the information age is rapidly changing. Officials can text, tweet, direct message, send “Facemail,” IM or Skype, all from a personal smartphone. That’s why yesterday’s testimony of David Ferriero, Archivist of the United States, at a hearing on “Government 2.0: Federal Agency Use Of Web 2.0 Technologies” was both critically relevant and useful. (It’s embedded below, after the jump.)</p.

Officials are “free to use external accounts as long as emails are captured into records management systems,” he said. “Every new technology provides new challenges to what is a record.” Ferriero said that new guidance on government use of social media will be released this fall, updating the 2009 guidance issued by the National Archives and Records Administration (NARA).

The biggest challenge, said Ferriero, is whether the record is the whole site or just a portion. “Web 2.0 offers opportunities unimagined a decade ago,” he said.

David McClure, associate administrator for citizen services and innovative technologies at the General Services Administration, echoed that sentiment in his testimony.”Web 2.0 isn’t fundamentally about the technology itself but how people are coming together to achieve extraordinary results,” he said, pointing to uses for idea management, ranking or ranking ideas, communication and more. “From an efficiency perspective, a lot of software meets those needs without the need for the agency to build tools, when the market is as robust as it is today.”

More on the House subcommittee hearing on Government 2.0 after the jump, including a United States General Accountability Office (GAO) report on Web 2.0 and security in government and videos.

The potential of Web 2.0 technology, as illustrated by the many examples McClure provided in his testimony, is balanced by both risk and privacy concerns. “The expectation is that any tool for government use adheres to the Privacy Act and a Privacy Impact Assessment,” said McClure. Applications must be compliant with relevant regulations to be on Apps.gov, said McClure.

Gregory Wilshuen, director of information security issues for the GAO, testified at the hearing about government security challenges posed by the use of Web 2.0 platforms by federal agencies. He delivered a new report, embedded below, and said that the GAO will be looking at the preparation of agencies to retain records from social media platforms. “We’ve found a number of agencies using technology to interact well,” he said. “Several are using technology in an effective manner using videos and blogs.” Wilshuen said that the GAO will examine whether information maintained by third-party providers is subject to Freedom of Information requests, which is, as he put it, as “rather strenuous.”

In reviewing federal activity, Wilshuen said the GAO found most agencies are using social media platforms. He highlighted three effective examples:

The challenge throughout all of these applications lies in privacy, security and records management, said Wilshuen. “Are these federal records?”

Testimony of United States Archivist

“If we’re going to be advising other agencies on how to use these tools, we need to use them ourselves,” said Ferriero. For instance, Ferriero said that given the severe budget conditions expected for the year ahead, they’re using IdeaScale to crowdsource ideas. Similarly, the National Archives crowdsourced the redesign of its website.

“We need to rethink the definition of a record,” said Ferriero. “What part of technology is permanent that we need to keep in perpetuity?” When asked about the areas the committee should focus oversight upon, Ferriero said that it’s clear agencies have identified a “moderate to high risk” regarding archiving electronic agencies and that NARA needs to provide more guidance.” His written testimony is embedded below:

Testimony of David McClure on Web 2.0 in government

McClure offered one direction for archiving: distinguishing between official government business versus personal use. Some officials have chosen to use multiple accounts for that reason, though gray areas are a real risk given the closeness of Washington society.

McClure was crystal clear on one point: the rapid changes to technology have changed American society. “Web 2.0 tools are essential for responding to shifting expectations of government,” he said, citing the hundreds of billions of pieces of content shared on social networks and viewership of YouTube. McClure said that government is “expected to engage” on these new platforms. Using them, however, “should be aligned with core government principles,” much as social media is used for business purposes in the private sector. McClure pointed to the Library of Congress, State Department and the TSA’s IdeaFactory as examples of agencies using social media to deliver on their missions.

Consumer watchdog: More scrutiny of Web 2.0

Simpson urged the subcommittee not only to look at abstract technologies but also to compare those providing services, their approaches to privacy. In cloud computing and security, there’s a “tendency of tech companies to overpraise.” Simpson said Google missed the deadline for its Los Angeles cloud implementation, as the city had to come up with more money after Google did not meet security requirements set by the Los Angeles police department. (Google and partner Computer Sciences Corp. agreed to reimburse the city for the cost of the delay, which, according to MarketWatch, should only reach about $135,000).

Simpson reflected that his personal experience of Web 2.0 on the Obama campaign showed him that they can be powerful tools to “improve government transparency, responsiveness and citizen involvement.” He balanced that potential with challenges to consumer privacy, including Google’s “Wi-Spy” and Buzz missteps and Facebook’s changing privacy policy. Simpson also raised concerns about federal agencies implicitly endorsing individual Web 2.0 technology companies, advocating for the enactment of robust privacy laws by Congress with meaningful warnings.

His testimony is embedded below:

Government 2.0, meet politics

Due to continued friction between Republicans and the Obama White House, the oversight hearing got off to a bit of a bumpy start. Politics overshadowed the technology. At issue was the Google Buzz imbroglio that involved White House deputy CTO Andrew McLaughlin and the absence of White House deputy CTO Beth Noveck, who had originally been slated to testify in front of the subcommittee on June 24th. Contrary to earlier reports, Consumer Watchdog’s John Simpson did testify.

The substance of the Republican concern goes to whether communications by members of the executive branch are subject to the Presidential Records Act and thus must be disclosed. The position taken by Representative Lacy Clay (D-IL) was that the White House Office of Science and Technology Policy (OSTP), where McLaughlin works, is subject to the Federal Records Act, wherein an individual using a third-party electronic messaging system, such as Gmail, needs to ensure that a record gets into a proper records management system. Given that McLaughlin produced the email records due to a FOIA request and was reprimanded by the White House, Clay considered the matter closed.

Rep. Patrick McHenry (R-SC) did not, nor did Rep. Darrell Issa (R-CA). Issa, the ranking member on the subcommittee, has continued to voice concerns about the administration’s Google ties. McHenry also raised concerns about reports that White House staff met lobbyists at Caribou Coffee or used personal email accounts to communication, thereby avoiding visitor logs or records management systems.

The issue of officials and staff in the executive branch using non-federal email systems is far from new, however, as Rep. Eleanor Holmes Norton noted in her response to McHenry. Among the thousands of emails from the Bush Administration were those sent by Karl Rove, which now appear lost to history.

It is unfortunate that, due to the politics surrounding the hearing, Noveck did not testify, a choice perhaps driven by media reports of a “showdown,” as her knowledge of the use of social software by the federal government would have offered insight to both the subcommittee and the American people, to whom she and the Representatives are both ultimately responsible. After votes to subpoena Noveck and adjourn the hearing were denied on party lines, 5-4, the subcommittee heard from the four witnesses. Hillicon Valley reported further on the political wrangling yesterday.

On video, transparency and Government 2.0

The Oversight Committee posted videos of the testimony and the back and forth between legislators. Additionally, House IT staff said the government hearing on Government 2.0 would be streamed at oversight.house.gov. It was impossible to miss, however, that the committee Twitter account, @OversightDems, didn’t issue a single tweet about the hearing. An ironic committee policy came to light as well: only credentialed press were allowed to use laptops at the hearing, hampering the ability of government staff, bloggers or citizens to participate in documenting, discussing or posting status updates about the event online. Emily Long, a reporter from NextGov, didn’t find the hearing to be social at all. Given the focus on the elements of open government in 2010, participation, transparency and collaboration, or Government 2.0 as described by McClure, wherein lightweight tools are used to share information about government activities, that policy deserves to be revisited.

Part 1

Part 2

Part 3

Part 4


tags: , , ,