government policy needs in a web 2.0 world
DESCRIPTION
Alex Koury's from GSA - presentation to Government 2.0 Boot Camp attendeesTRANSCRIPT
![Page 1: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/1.jpg)
U.S. General Services Administration
Government Policy Needs in a Web 2.0 World
Alexander KoudryOffice of Governmentwide PolicyOffice of Technology Strategy
Alexander KoudryOffice of Governmentwide PolicyOffice of Technology Strategy
Presented on April 14, 2009Presented on April 14, 2009
![Page 2: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/2.jpg)
2
GSA Office of Governmentwide Policy
Facilitates government wide information technology policy activities including creation, facilitation, education, and outreach
![Page 3: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/3.jpg)
3
Policy - A deliberate plan of action to guide decisions and achieve rational outcome(s).
Often implemented to avoid a negative effect or seek a positive outcome
![Page 4: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/4.jpg)
4
Policy Life Cycle
Identification of issue or agenda setting Decision making Policy analysis and evaluation Policy development or formation Policy implementation
![Page 5: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/5.jpg)
5
Web 2.0 Policy Needs Existing Policy Analysis Policy Analysis requires Policy Analysts, or at least resources
with those skill sets Steps involved include:
Identifying existing policies relevant to the new technology Determining which policies apply Deciding if any gaps are present and how to address them Identifying any conflicts and how to resolve them
Complicated considerably when technologies converge
![Page 6: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/6.jpg)
6
Key PointsThe internet-enabled collaborative
technologies referred to here as Web 2.0 are evolving at a very rapid rate
![Page 7: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/7.jpg)
7
Key PointsThe internet-enabled collaborative
technologies referred to here as Web 2.0 are evolving at a very rapid rate
Most information technology policies that apply to Web 2.0 are not technology specific
![Page 8: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/8.jpg)
8
Key PointsThe internet-enabled collaborative technologies
referred to here as Web 2.0 are evolving at a very rapid rate
Most information technology policies that apply to Web 2.0 are not technology specific
Understanding existing laws, regulations, directives and guidance is critical when planning Web 2.0 technology projects
![Page 9: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/9.jpg)
9
Why Have Policy
Safety Trust Security Rights of Ownership Equal Access Record Keeping
![Page 10: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/10.jpg)
Policy Areas
Other
Information Management
Equal AccessInformationAssurance
Technology
Overlap
![Page 11: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/11.jpg)
11
Policy Evolution
As technologies evolve polices need to be changed to meet the new environment.
The new Administration may decide to modify the policies as they have the opportunity to review them.
![Page 12: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/12.jpg)
12
Types of Policy
Information Exchange Dissemination Products Quality Intellectual Property Public Data Usability of Data Records Management
Information Management
![Page 13: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/13.jpg)
13
Types of Policy
Security Identity
Authentication Privacy Protection of
Children
InformationAssurance
![Page 14: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/14.jpg)
14
Types of Policy
Linking to external servers Persistent cookies
Equal Access to Citizens Who have disabilities Who have limited English proficiency Who do not have high speed Internet
Technology
Equal Access
![Page 15: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/15.jpg)
15
Types of Policy
Rulemaking Advisory Groups Procurement “Dot Gov” Domain
Other
![Page 16: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/16.jpg)
16
Information Management
![Page 17: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/17.jpg)
17
Management of Information Exchange
OMB Circular A-130 and the Paperwork Reduction Act Agencies are required to disseminate information to the public in a
timely, equitable, efficient, and appropriate manner Required to establish and maintain Information Dissemination Product
Inventories. Must consider disparities of access and how those without internet
access will have access to important disseminations. Alternative strategies to distribute information to meet needs above
should be developed alongside any utilization of Web 2.0 tools. Agencies should clearly state when and how their tools are moderated
and what users are allowed, and not allowed, to contribute.
![Page 18: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/18.jpg)
18
Accountability for Information Dissemination Products E-Government Act, Section 207 Agencies are required to develop priorities and schedules for
making government information available and accessible to the public
Inventories must be posted on Agency websites. The annual E-Government Act report to OMB must contain
information on the final inventories, priorities and schedules. Agencies required to implement and maintain an Information
Dissemination Management System.
![Page 19: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/19.jpg)
19
Information Quality
Information Quality Act, Pub. L. No. 106-554 Agencies are required to maximize the quality, objectivity, utility, and
integrity of information and services provided to the public. With regard to Web 2.0 information dissemination products, Agencies
must reasonably ensure suitable information and service quality consistent with the level of importance of the information.
Reasonable steps include: 1) clearly identifying the limitations inherent in the information
dissemination product (e.g., possibility of errors, degree of reliability, and validity)
2) taking reasonable steps to remove the limitations inherent in the information, and
3) reconsidering delivery of the information or services.
![Page 20: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/20.jpg)
20
Intellectual Property
Copyright.gov, U.S. Trademark Law Web 2.0 technologies that allow public contribution of content can
create challenges regarding the protection of Intellectual Property contributed by visitors.
The ease of copying and propagating data from many sources on the internet makes it very easy to unintentionally breach copyright laws.
Agencies must establish policies and post clear disclaimers detailing the copyrights that non-government contributors to their sites may retain.
Agencies must be diligent to ensure that they consider existing intellectual property and copyright laws when implementing Web 2.0 technologies.
![Page 21: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/21.jpg)
21
Public Data
Copyright.gov, U.S. Trademark Law The Federal government typically provides public data which is
not considered copyrightable intellectual property Government content on any site is generally public domain and
therefore can not become the intellectual property of an individual or be protected by a site provider.
Care must be taken to not create the appearance of a copyright on a government created work, unless specifically permitted by statute.
![Page 22: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/22.jpg)
22
Usability of Data
OMB Memo M-05-04 Many Web 2.0 technologies allow users to take data from one
website and combine it with data from another, commonly referred to as “Mashups.”
Agency public websites are required, to the extent practicable and necessary to achieve intended purposes, to provide all data in an open, industry standard format that permits users to aggregate, disaggregate, or otherwise manipulate and analyze the data to meet their needs.
Agencies need to ensure that these open industry standard formats are followed to maximize the utility of their data.
![Page 23: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/23.jpg)
23
Records Management and Archiving
OMB Circular A-130, “Management of Federal Information Resources,” section 8a4 and Implications of Recent Web Technologies for NARA Web Guidance
When using electronic media the regulations that govern proper management and archival of records still apply.
Agencies need to evaluate their use of Web 2.0 technologies and determine the most appropriate methods to capture and retain records on both government servers and technologies hosted on non-Federal hosts.
![Page 24: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/24.jpg)
24
InformationAssurance
![Page 25: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/25.jpg)
25
Security
OMB Memo M-05-04, NIST Special Publications 800-39 and 800-53. When government websites become two-way communities, it opens
the possibility of virus and other attack agents being inserted into the government environment. Many of the security policies in OMB Memo M-05-04 have implications for Web 2.0 technologies.
Agencies are required to provide adequate security controls to ensure information is resistant to tampering, to preserve accuracy, to maintain confidentiality as necessary, and to ensure that the information or service is available as intended by the Agency and as expected by users.
![Page 26: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/26.jpg)
26
FISMA
Under the Federal Information Security Management Act (FISMA), and OMB guidance, a Certification and Accreditation (C&A) process is required on all Federal IT systems
This C&A activity must be performed by an independent third party auditing team and must conform to the Risk Management Framework of the National Institute of Standards and Technology.
![Page 27: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/27.jpg)
27
Identity Authentication of Users
OMB Memo M-04-04, NIST Special Publication 800-63. Agencies must decide the appropriate levels of openness, moderation,
authentication and attribution for use on Web2.0 interfaces. There is a balance between access, identity authentication, attribution, and concern for authoritative sourcing in the level of moderation that is needed on a site.
OMB Memo M-04-04 requires Agencies to perform a standardized risk assessment on all applications they put online. The risk assessment also identifies the Level of Assurance (LOA) of identity the application should require from an end user’s identity credential (userID/password pair, digital certificate or other identity management technology)
![Page 28: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/28.jpg)
28
Protection of Children
Children’s Online Privacy Protection Act (COPPA) Prohibits collection of individually identifiable information from
children Defines child as under the age of 13 In effect since April 21, 2000 FTC determines if a web site is directed to children
![Page 29: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/29.jpg)
29
Privacy
OMB Memo M-03-22 Federal public websites, including those using Web 2.0
technologies, are required to conduct privacy impact assessments, post privacy policies on each website, post a “Privacy Act Statement” that describes the Agency’s legal authority for collecting personal data and how the data will be used
Agencies must post privacy policies in a standardized machine readable format such as the Platform for Privacy Preferences Project
![Page 30: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/30.jpg)
30
Technology
![Page 31: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/31.jpg)
31
Linking to External Servers
OMB Memo M-05-04 Many Web 2.0 services are hosted outside government websites.
Example:Media sharing services like YouTube. Agencies are required to establish and enforce explicit Agency-wide
linking policies that set out management controls for linking beyond the Agency to outside services and websites.
Pop-up or intermediary screens should be used to notify users that they are exiting a government website.
Disclaimers detailing the level of moderation found on third party sites are often appropriate on these notification screens.
![Page 32: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/32.jpg)
32
Persistent Cookies (Privacy)
OMB Memo M-03-22 Federal websites are prohibited from using persistent cookies
and other web tracking methods unless their use has been approved by an Agency head or designated Agency sub-head, for a compelling need.
When approved in this fashion, Agencies must post clear notice of the nature of the information collected in the cookies, the purpose and use of the information, whether or not and to whom the information will be disclosed, and the privacy safeguards applied to the information collected.
![Page 33: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/33.jpg)
33
Equal Access
![Page 34: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/34.jpg)
34
Equal Access to Citizens Who Have Disabilities
Section 508 of the Rehabilitation Act of 1973 Requires that electronic and information technologies purchased,
maintained, or used by the Federal Government meet certain accessibility standards.
These standards are designed to make online information and services fully available to the 54 million Americans who have disabilities
Agencies implementing Web 2.0 services must pay particular attention to complying with the requirements of Section 508.
Agencies employing non-Federal services to provide Web 2.0 capabilities are also required to ensure that persons with disabilities have equivalent access to the information on these third party sites as required in Section 508.
![Page 35: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/35.jpg)
35
Equal Access to Citizens Who Have Limited English Proficiency
Commonly Asked Questions and Answers Regarding Executive Order 13166 and Executive Order 13166
Executive Order 13166 requires that Agencies provide appropriate access to persons with limited English proficiency.
The scope of this requirement encompasses all “federally conducted programs and activities,” Anything an Agency does, including using Web 2.0 technologies to communicate and collaborate with citizens, falls under the reach of the mandate.
Under this Executive Order, Agencies must determine how much information they need to provide in other languages based on an assessment of customer needs.
![Page 36: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/36.jpg)
36
Equal Access to Citizens Who Do Not Have High Speed Internet OMB Circular A-130 section 8 (See a5(d)) and Appendix IV Agencies are required to provide members of the public who do not have
internet connectivity with timely and equitable access to information, for example, by providing hard copies of reports and forms.
Using Web 2.0 technologies as an exclusive channel for information distribution would prevent users without internet access, including economically disadvantaged persons, from receiving such information.
In addition, some Web 2.0 services require high speed internet access and high bandwidth, which may not be available in rural areas or may be unaffordable.
In general, this requirement is no different for Web 2.0 implementations than it is for other electronic service offerings. Programs must simply make alternative, non-electronic, forms of information dissemination available upon request.
![Page 37: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/37.jpg)
37
Other
![Page 38: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/38.jpg)
38
Rulemaking
Web 2.0 technologies may provide a medium to allow many ideas to be surfaced and easily discussed.
Using new media does not relieve the agency from the established process of public rulemaking which includes publication in the Federal Register (electronically and on paper for those without computer access) and a public comment period.
The consolidated web presence for rulemaking is Regulations.Gov, which allows views of all pending regulations, RSS feeds of new postings and permits submission of comments. The site also permits the online reconciliation of all comments
![Page 39: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/39.jpg)
39
Advisory Groups
FACA Some uses of Web 2.0 technologies may meet the functional
definition of a virtual or electronic advisory group and therefore fall under the purview of the Federal Advisory Committee Act (FACA).
Any advisory group, with limited exceptions, that is established or utilized by a federal Agency and that has at least one member who is not a federal employee, must comply with the FACA.
To find out if a group comes under the FACA, any individual may contact the sponsoring Agency's Committee Management Officer, or the GSA Committee Management Secretariat.
![Page 40: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/40.jpg)
40
Procurement
Federal Acquisition Regulations Small Business Utilization
Many, if not most of these policies are supported by procurement law.
![Page 41: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/41.jpg)
41
Dot Gov Domains
41 C.F.R. § 102-173.90 GSA clearly prohibits advertising on Federal public websites
registered in the .gov domain
![Page 42: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/42.jpg)
42
How to ensure policy compliance when developing web 2.0 applications
Use a planning process that begins with needs Identify applicable policies to your project Make policy compliance part of your contracts for goods and
services Determine policy metrics to include in contracts Measure to ensure that policy is followed Remediate where necessary
![Page 43: Government Policy Needs in a Web 2.0 World](https://reader035.vdocuments.mx/reader035/viewer/2022070302/546ea7feaf79597b298b580d/html5/thumbnails/43.jpg)
43
Key PointsThe internet-enabled collaborative technologies
referred to here as Web 2.0 are evolving at a very rapid rate
Most information technology policies that apply to Web 2.0 are not technology specific
Understanding existing laws, regulations, directives and guidance is critical when planning Web 2.0 technology projects