Government Executive - Authors - Joseph Marks

Government layoffs are making us less safe in cyberspace, experts fear

Joseph Marks — Wed, 30 Jul 2025 15:32:00 -0400

When the Trump administration took office in January, it inherited a precarious cyber threat environment in which years of investments in defense had failed to curb the threat from Russia, China and other U.S. adversaries.

Six months later, challenges faced by federal agencies are far worse — the result of a wave of layoffs and voluntary separations instigated by the Department of Government Efficiency, or DOGE, which has dramatically impaired the government’s ability to defend itself in cyberspace, according to former officials and experts.

The exits mark the first time in the digital era that the government’s cyber defense has grown worse rather than better, they say, endangering not just federal agencies but a trove of critical industry sectors that rely on cyber assistance from the U.S. government.

The cuts also come at a time when the nation’s adversaries are eager to attack in cyberspace — both to take advantage of federal government mayhem and to settle scores over U.S. actions, such as harsh tariffs on Chinese goods and the bombing of Iranian nuclear facilities.

“We have measurably increased our cyber risk as a country,” said Michael Daniel, who served as White House cyber czar during the Obama administration and is now president of the Cyber Threat Alliance, a coalition of tech firms that share cyber threat information.

Mass exodus

About one-third of employees at the government’s top cyber agency, the Cybersecurity and Infrastructure Security Agency, or CISA, have left government since the start of the Trump administration, through a combination of buyouts, early retirements and layoffs. That’s roughly 1,000 cyber defenders off the job. Those that remain are facing a nearly insurmountable set of challenges, shouldering ever more responsibilities, working under the constant threat of additional downsizing and budget cuts and triaging a new set of threats created by the Trump administration’s insistence on speeding up the pace of government.

“A lot of good people have left. Those that [remain] have fewer resources to do things the right way. Fewer hands doing defense means we’re less safe,” said a former senior cyber official who exited government during the Trump administration and requested anonymity to speak candidly about the government’s cyber risks.

There have also been cyber exits at the FBI and other federal agencies, though precise numbers are less clear.

The FBI declined to disclose how many employees have exited its cyber division in response to a Nextgov/FCW query or to comment on the effects of the departures on its cyber mission.

In response to a Nextgov/FCW query about the effects of CISA’s employee exodus, Public Affairs Director Marci McCarthy said the agency “is laser-focused on securing America’s critical infrastructure and strengthening cyber resilience across the government and industry.”

“We are proud to be the nation's cyber defense agency and remain steadfast in our mission,” McCarthy said.

DOGE never specifically targeted cyber workers for layoffs. The CISA departures come primarily from voluntary buyouts and, to a lesser extent, the elimination of CISA offices dealing with election integrity and diversity. But the result is the same. The president’s proposed 2026 budget would cut CISA funding by nearly $500 million if adopted into law, making re-filling those positions highly unlikely.

“I’m hearing from folks that have remained that they’re down 30 to 40 percent in some mission critical areas. Those kinds of deficits in talent and expertise really do impact the mission,” a former Homeland Security Department cyber official who now advises federal agencies on cyber protections, said.

“If you’re a foreign adversary, you’re like, ‘This is a field day. We couldn’t hope for a better series of outcomes,’” said the former official who also requested anonymity to speak candidly.

Reversing course

The mass staff exodus and proposed budget cuts represent a massive course reversal for government cyber efforts. CISA was founded with about 1,000 employees in 2018. Within five years, that number had more than tripled to nearly 3,200 full-time employees. During roughly the same time period, the agency’s budget approximately doubled to nearly $3 billion.

That growth was commensurate with the broadening scope of the threat during a period that saw massive criminal and nation state-backed hacks targeting government agencies and critical infrastructure, such as pipelines, ports and hospitals.

The government also dramatically expanded its cyber support for critical infrastructure during this period, including a massive push to help secure election systems against hacking — assistance that’s now in jeopardy.

“Everyone I talk to [in industry] says it’s radio silence from CISA and there’s a sharp decrease [in communications] from the FBI,” Daniel said.

The backsliding with industry is particularly concerning for former officials because the government has spent years trying to convince companies that it’s in their best interest to cooperate with the federal government on cyber challenges, including by sharing threat information.

That has been an uphill battle for two big reasons. First, companies fear getting attacked by privacy advocates over concerns that they’re turning over customer data to the government. Second, they argue that government processes for declassifying cyber threat information are so onerous that information the government shares back often isn’t very actionable.

“Industry’s willingness to continue to be patient with government and share what it can is something that, I worry, is going to head in the wrong direction,” said Megan Stifel, chief strategy officer at the Institute for Security and Technology think tank and formerly a top National Security Council cyber official during the Obama administration.

Trump released an executive order in March suggesting that some cyber responsibilities now managed by the federal government, such as cooperating with industry, should devolve to the states. That proposal dangerously underestimates the severity and complexity of the cyber threat, which states, with their comparatively meager cyber and IT budgets, are ill-equipped to handle, experts say.

“States don’t have the capability to handle the risk coming at them,” said Tarah Wheeler, a longtime cyber professional who is now senior fellow for global cyber policy at the Council on Foreign Relations. “They don’t have the capability to handle North [expletive] Korea.”

Fewer people, more vulnerabilities and insider threats

Experts and former officials highlighted three major categories of cyber risk facing government in the wake of the DOGE cuts.

First, there’s the basic loss of manpower.

“If a system is designed to be operated with a certain number of people to ensure security, then, without that number of people, it’s either going to fail quietly or fail loudly,” Wheeler said. “We know what systems are failing loudly now. We don’t know which ones are failing quietly.”

Second, there’s the cyber risk created by DOGE’s efforts themselves, including a slapdash approach to handling sensitive government data and a history of skipping security protocols.

Many of those security vulnerabilities were discovered relatively quickly, such as a custom-built server installed at the Office of Personnel Management to send mass emails to federal employees that hadn’t undergone required privacy checks. But many other vulnerabilities may remain undiscovered.

DOGE’s staff has shrunk significantly since its leader, billionaire Elon Musk, left government in May, though several dozen DOGE staffers remain in government, mostly focused on technical modernization efforts rather than layoffs.

Finally, there’s the risk that disgruntled employees who remain in government will retaliate by mishandling classified information — perhaps by passing it to a foreign adversary or by swiping and potentially releasing information aimed at damaging the Trump administration. Disgruntled employees with high-level access to government computer systems could also sabotage those systems or destroy their data.

Such insider threats are a perennial concern for government and industry, spurred by high profile examples from the military and intelligence community such as Chelsea Manning, Edward Snowden and Reality Winner. But those concerns spike during periods of mass layoffs and other organizational stresses.

Organizations that study insider threats, including Carnegie Mellon University’s Software Engineering Institute, have routinely found a link between layoffs and increased insider threat risk in industry.

“Disgruntled employees are one of the biggest insider threat risks,” said Matthew Bunn, a Harvard professor focused on national security and co-editor of a book-length study on insider threats produced by Harvard’s Belfer Center for Science and International Affairs. “If you’re laying off thousands of people, you’re creating thousands of negative work events and lots of potentially disgruntled employees.”

DOGE’s callous approach to federal employees, including strong-arming top officials and erroneously firing and then rehiring employees at the National Nuclear Security Administration and other agencies, is likely to increase the insider threat risk, Bunn said.

“They’re not remotely following best practices,” Bunn said. “I’m not sure I have great advice for a situation where you’re wielding a pretty sharp axe and cutting a lot of people at once — some of whom may be the people you need for spotting insider threats and other threats to the organization. That’s going to be a risky situation no matter what.”

Former officials pointed to an additional insider threat risk within DOGE itself, which, during its heyday, was staffed primarily by government outsiders, some of whom had links to Musk’s private companies. DOGE staffers were given broad access to sensitive digital systems at the Social Security Administration, the Office of Personnel Management and other agencies, but it’s unclear what security and background checks they went through.

One risk is that a DOGE staffer who was insufficiently vetted might have released classified government data to an adversary. Another is that government employees who feared the damage the new efficiency teams could do to their careers could have been easily conned by hackers impersonating DOGE. In both cases, the results of those breaches could remain undetected for months or years.

“If an email arrives with a spoofed DOGE address with a request for records and it’s your job [on the line] if you don’t do it, that’s a heightened environment for spear phishing campaigns,” said Tarah Wheeler, a senior fellow for global cyber policy at the Council on Foreign Relations. Spear phishing is a form of digital attack in which hackers send a message specifically tailored to fool its target into releasing secret information or unknowingly downloading malicious software.

A recruiting nightmare

The effects of the government’s cyber purge will likely be even more damaging down the road.

The federal government has spent years trying to recruit cyber workers away from the private sector, where salaries are typically much higher. Those efforts included special rules that allow for higher pay for cyber workers and programs that encourage those in industry to take short-term government rotations. Agencies also touted the benefits of government work, including better job stability than the private sector.

After the past few months, however, government work is looking like a far riskier bet.

“People work for the government because of mission and, in some cases, because the government provides more stability. Both those reasons have been undercut. The federal government's commitment to the mission seems less, and the stability is gone,” Phil Reitinger, a former Homeland Security Department cyber official who now leads the Global Cyber Alliance, a nonprofit that provides free cybersecurity tools, said.

When the government’s current cyber staffing proves unsustainable and recruiting is difficult, the government is likely to turn to contractors to fill the gaps. That’s an option that will not only be costlier than retaining experienced government cyber defenders but is unlikely to replace the institutional knowledge lost during the past few months because contractors typically move in and out of positions more frequently, a former long-serving government cyber contractor said.

“As government employees take off, either through retirement or through layoffs, those doing the threat analysis are stretched thinner, with less mature guidance, and are left to FITFO,” said the former contractor, who requested anonymity, using an acronym for “figure it the [expletive] out.”

“The disruptions that have happened over the past six months are going to take years to address,” Daniel said. “We’re looking at an extended period of time when the U.S. government will have reduced cyber capabilities. That gives our adversaries an opportunity.”

]]>

Judge Tosses OPM Breach Lawsuits, Plaintiffs Appeal

Joseph Marks — Wed, 20 Sep 2017 14:04:00 -0400

A federal judge tossed out a lawsuit Tuesday from a group of federal employees who say gross negligence by the Office of Personnel Management contributed to the office’s 2015 data breach that exposed sensitive security clearance information about more than 20 million people.

The lawsuit filed by the National Treasury Employees Union can’t go forward because the employees can’t prove they were actually harmed by the breach, Judge Amy Jackson said.

The personnel office breach is widely believed to have been a Chinese intelligence operation aimed at identifying high-placed government employees who might be vulnerable to bribes or blackmail. The breach focused on SF-86 forms, highly sensitive security clearance documents where prospective employees describe troubles with money, romantic relationships and substance abuse among other topics. The breach also included a smaller number of fingerprints.

As a result, there’s no evidence the breached information ever made it into the hands of cyber criminals who might use it to commit tax fraud, apply for phony credit cards or steal a victim’s identity—the sort of damage that might give the plaintiffs standing to sue, Jackson said.

Jackson also dismissed a separate lawsuit from 38 federal employees and the American Federation of Government Employees union. That suit also named the personnel office’s contractor, KeyPoint Government Solutions, which was also breached.

“Neither the Supreme Court nor the U.S. Court of Appeals for the D.C. Circuit has held that the fact that a person’s data was taken is enough by itself to create standing to sue,” the judge’s opinion states. “A plaintiff who claims an actual injury must be able to connect it to the defendant’s actions, and a person who is pointing to a threat of future harm must show that the harm is certainly impending or that the risk is substantial.”

In the case of the personnel office breach, that likelihood simply isn’t there, the judge said.

The unions also failed to show that the personnel office isn’t protected from lawsuits by sovereign immunity, Jackson said.

The National Treasury Employees Union has already appealed the case to the federal appeals court in Washington, D.C., the union said in a press release.

“The union’s members provided OPM with deeply personal information as a condition of their employment, and they did so on an explicit promise of confidentiality,” the union, which represents about 150,000 federal employees at 31 agencies, said in a press release.

“OPM flagrantly disregarded its promise by failing to secure that personal information,” the union said.

NTEU wants the personnel office to give breach victims lifetime credit monitoring and identity theft protection services and wants the court to bar OPM from storing union members’ personal information in electronic form. Currently, hack victims are slated to get 10 years of identity protection services.

The other plaintiff, the American Federation of Government employees union said in a statement that it is “seriously evaluating all options,” but did not pledge to appeal the ruling. The union said the ruling reflected “an unduly narrow view of the rights of data breach victim.”

The Obama administration never publicly accused the Chinese government of being behind the OPM breach. A threat to sanction Chinese officials for the breach, however, is widely believed to have been the catalyst for a 2015 deal between Obama and Chinese President Xi Jinping in which both nations pledged not to hack the other for financial gain.

Chinese commercial espionage, which former National Security Agency Director Keith Alexander once described as the “greatest transfer of wealth in history,” has significantly declined since that agreement, cybersecurity firms say.

Eric Katz contributed to this report.

]]>

Mapping Better Decisions At EPA

Joseph Marks — Fri, 09 May 2014 10:27:43 -0400

The Environmental Protection Agency office charged with taking legal actions against water and air polluters used to organize its enforcement targeting meetings around spreadsheets and graphs.

Those spreadsheets detailed places with large oil and gas production and other possible pollutants where EPA might want to focus its own inspection efforts or reach out to state-level enforcement agencies.

During the past two years, the agency has largely replaced the spreadsheets and tables with digital maps, which make it easier to visualize precisely where the top polluting areas are and how those areas correspond to population centers, according to Harvey Simon, EPA’s geospatial information officer. This allows the agency to focus inspections and enforcement efforts where they will do the most good.

“Rather than verbally going through tables and spreadsheets you have a lot of people who are not [geographic information systems] practitioners who are able to share map information,” Simon says. “That’s allowed them to take a more targeted and data-driven approach to deciding what to
do where.”

The change is a result of the EPA Geoplatform, a tool built with Esri’s ArcGIS Online. The product allows agencies to build custom Web maps using base maps provided by Esri mashed up with their own data.

When the EPA Geoplatform launched in May 2012 about 250 people were registered to create and share mapping data within the agency. That number has grown to more than 1,000 during the past 20 months, Simon says.

“The whole idea of the platform effort is to democratize the use of geospatial information within the agency,” he says. “It’s relatively simple now to make a Web map and mash up data that’s useful for your work, so many users are creating Web maps themselves without any support from a consultant or from a GIS expert in their office.”

A governmentwide geoplatform was launched in 2012, spurred largely by agencies’ frustrations with the difficulty of sharing mapping data after the 2010 explosion of the Deepwater Horizon oil rig in the Gulf of Mexico.

The platform’s goal was twofold. First, officials wanted to share mapping data more widely between agencies so they could avoid duplicating each other’s work and to share data more easily during an emergency. Second, the government wanted to simplify the process for viewing and creating Web maps, so they could be used more easily by nonspecialists.

EPA’s geoplatform has essentially the same goals. The majority of the maps the agency builds using the platform aren’t publicly accessible, so EPA doesn’t have to worry about scrubbing maps of data that could reveal personal information about citizens or proprietary data about companies. EPA publishes some maps that don’t pose privacy concerns on its websites as well as on the national geoplatform and Data.gov, the government’s data repository.

When ArcGIS Online has been judged compliant with the Federal Information Security Management Act, or FISMA, EPA will be able to share significantly more nonpublic maps through the national geoplatform and tap into more maps produced by other agencies, Simon says. The Agriculture Department is in charge of that certification process, which was not complete as of press time. Based on where it stands in the FISMA process, Esri expects it to be complete soon, the company told Nextgov.

EPA’s geoplatform has also made it easier for the agency’s environmental justice office to share common data.

EPA’s environmental justice field offices, which provide grants and guidance to communities overburdened by pollution, had developed numerous desktop-based mapping tools, each of which used environmental and census data in slightly different ways, Simon says. Now the agency is standardizing those tools so field offices can share information consistently using the geoplatform.

EPA hopes to publish more public maps that will be useful to entrepreneurs and nonprofits looking at issues such as how highway developments and traffic patterns affect the environment, Simon says.

The agency would also like to integrate more maps across its public Web presence to give citizens a more
visual understanding of environmental issues and to integrate more real-time data into public Web maps. As the government’s ability to synthesize real-time data improves, for example, the agency might publish maps that show sensor data during environmental emergencies.

“Instead of taking weeks to process that data and figure out how to display it, we could potentially use it for operations immediately and prep it for public consumption as well,” Simon says.

EPA might also cull data from Twitter, he says, to map how the public is reacting to some regional environmental concern such as odor coming from a river or other body of water.

]]>

All For One

Joseph Marks — Fri, 28 Mar 2014 09:34:54 -0400

When Hurricane Katrina struck the Gulf Coast in 2005, the response and recovery were considered a disaster for government. There was no clear chain of command. Communication broke down between federal agencies and state and local responders. And many of the hurricane’s victims, left homeless and broken by the disaster, felt as if they had nowhere to turn.

When Hurricane Sandy struck the Northeast and Mid-Atlantic in 2012, it was a different story. The Federal Emergency Management Agency deftly shared weather information and aerial photographs collected by the Civil Air Patrol among federal, local and nongovernment responders. Those responders moved swiftly to the most affected areas. Relief wasn’t immediate for the storm’s victims but it arrived—and there were numerous routes to request it, online and in person.

Part of the transformation was a credit to legislation passed in Katrina’s wake that established clearer lines of authority during disaster response and a significant boost in FEMA’s funding. Another share of the credit, FEMA Chief Information Officer Adrian Gardner says, goes to a renewed focus at FEMA and its partners at the federal, state, local and tribal levels on sharing data and sharing burdens and on being equipped with the communications and information technology that allows them to do that.

When Gardner talks about the future of emergency response, he focuses less on the complex web of federal, state and local agencies gathering data, charting responses and providing services and more on the data itself. That includes information about the resources each town in and around a storm’s path can offer, the latest aerial photography and data on power grid damage supplied by the Energy Department and local utilities.

When that data can be shared quickly and clearly and when all the partners in an emergency can communicate about it just as seamlessly, he says, the recovery will look less like individual efforts from an alphabet soup of agencies and more like a unified response that’s left government silos behind.

“You’ve got to have good decision support mechanisms, and that’s all about getting data into the right hands and making it data you can quickly consume,” he says. “It can’t just be a barrage of data the decision-maker has to wade through to make an informed decision. We need quick, simplified data that has the same look and feel across the board.”

Sandy’s Lessons

Disaster response seems like a natural fit for this concept of a unified government, driven by data and heedless of agency divisions. Storms are superhuman forces after all, barreling obliviously over geographic and bureaucratic boundaries.

There are lessons in Sandy, though, that observers say could make government faster, cheaper and more accessible even when Mother Nature isn’t pounding at the door.

Among those lessons: The old bureaucratic barriers that separate one agency from another are less important than the lines that bound different parts of the human experience; data collected by one office can be immensely useful to another only if they can share it; and sharing is easier for government and citizens alike if they can speak just once rather than many times.

These lessons are already bearing fruit in some places.

The Education Department, for instance, has partnered with the Internal Revenue Service to offer a tool that automatically loads parents’ income information into the online Free Application for Student Aid so they don’t have to search through old files and enter it manually. New York, Los Angeles and other cities have launched 3-1-1 mobile apps that serve as single points of entry for citizens reporting everything from graffiti on their streets to a missed trash pickup. And small business owners can now visit Business USA—a one-stop site for government-backed financing, exporting guidance and other resources—rather than search a slew of agency websites.

Advocates are looking for something more, though—that point where the divisions between agencies and levels of government become hardly perceivable to citizens and where the data and resources of one agency are instantly accessible for others to rely on and learn from.

The upside to this process for most citizens is simplicity. When different parts of government are sharing data and coordinating management there is less bureaucracy on the citizen side.

The benefit is twofold for government. First, there are cost savings when agencies spend less time doing the same work. An April 2013 report from the Government Accountability Office found 17 areas in which agencies were duplicating each other’s work or overlapping unnecessarily, equating to billions of dollars in wasted money.

“We’ve got to do this because basically we’re running out of money,” says Tom Davis, director of government relations with the consulting firm Deloitte and a former Republican congressman from Virginia and chairman of the House Oversight and Government Reform Committee.

“Given the deficits we have, we can either make some significant cuts to programs, we can significantly increase taxes or we can make significant reforms in the way we deliver services,” he says. “There’s not enough money anymore to waste it on inefficiencies.”

Second, there’s the issue of complexity. Globalization, technological innovation and a slew of other trends have made government’s problems more complicated and interconnected in the past 15 years, says Mark Forman, the first administrator for e-government during the George W. Bush administration.

Forman offers the example of the savings and loan crisis during the late 1980s. The response to that crisis was managed mainly by an ad hoc organization known as the Resolution Trust Corporation.

By comparison, the government response to the 2008 financial crisis required coordinated efforts by agencies ranging from the Treasury Department to the Transportation Department as well as the ad hoc Recovery Accountability and Transparency Board.

“We went through a period where issues were simpler,” Forman says. “The organizations that dealt with them were fairly parsimonious and easy to architect. That started to change in the ’90s because the complexity of problems grew exponentially as the world became interconnected by the Internet and other things. It’s not just a technological trend; it’s a social trend that includes technology.”

Government Leans In

Davis and Forman are part of a working group sponsored by the American Council for Technology and Industry Advisory Council, known as ACT-IAC, which is focused on reforming government operations and technology around broad themes like health care and education as well as life events, such as entering the workforce, having a child, launching a business or retiring.

The project, called Smart Lean Government, aims to transform not just how federal and state agencies share data and software systems but how those agencies are organized.

New parents, for example, must engage with myriad federal and state agencies to get their child a Social Security number, record vaccinations, claim the child as a dependent on their tax forms, and apply for insurance subsidies or other benefits. Under the Smart Lean model an interagency group might share those services and the data they collected across the federal government and with state and local agencies.

For the child’s parents it might be as simple as filling out a TurboTax-like responsive form at a one-stop government website. For the local, state and federal agencies that consume that data, however, it would require a complex web of people and computer systems to work together in a new way.

State departments of motor vehicles might also be able to track and collect unpaid parking tickets issued by cities and counties when they provide new car registrations, and state tax agencies might share basic data about residents who move from state to state.

Driven by Data

In addition to making it easier to provide services, sharing this data across different levels of government could also yield insights at a more granular level, making government policy less of a blunt instrument, says Edward Montgomery, dean of the McCourt School of Public Policy at Georgetown University.

By gathering, sharing and analyzing the full universe of data, government could micro-target its policies, offering different flavors of education grants or tax credits from state to state or even county to county, he says.

“There’s a gold mine of information already in existence that we’ve simply not tapped into because we don’t have systems that allow us to share it between government agencies,” he says.

Local school districts, for example, could access data collected by the Education, Treasury, Commerce and Labor departments; officials at those departments could cooperate to give schools better guidance on what students should learn to compete in a new marketplace; and data collected by those school districts could filter back up to educate state and federal agencies about how they should allocate grants and other resources.

Montgomery envisions a future in which public policy is targeted at citizens and regions in much the same way Google and Facebook target ads. The government’s push to reduce unemployment, for example, would be different in New Orleans than it is in Skokie, Ill., based on a trove of data from federal agencies, local unemployment offices, environmental conditions and even residents’ job-related Internet searches. The response to climate change would be similarly diverse based on local environmental factors.

Who Pays?

While the greatest benefit to this sort of cooperation and data sharing is the money it would save, cost is also one of the greatest barriers. This conflict is playing out now in an executive-legislative battle over the Digital Accountability and Transparency Act, known as the DATA Act, which would require standard coding across government for spending data on grants and contracts.

The goal of the legislation—sponsored by Sens. Mark Warner, D-Va., and Rob Portman, R-Ohio, in the Senate and Reps. Darrell Issa, R-Calif., and Elijah Cummings, D-Md., in the House—is to make it easier for data crunchers inside and outside government to compare and analyze data across agencies, spotting waste and duplication. It would also make it easier for grant recipients at the state and county levels who deal with different computer systems and different agencies—in some cases, even to manage similar grants.

In a leaked memo from January, the White House’s Office of Management and Budget suggested a pared-back bill that would only require agencies to release their spending data in machine readable forms, saving the cost of moving to standardized software systems for entering that data, but making it more difficult to plumb cross-agency data for insights.

The problem is that while a standardized system would benefit the government at large, that change wouldn’t initially benefit agencies, which would be burdened with the cost of buying, implementing and training on new systems, says Forman. Agencies also would likely have to put some of the funding parsed out to them by Congress in shared accounts to administer such a system, putting them at risk of paying out more than their fair share.

Warner has said he won’t roll back the requirements in his original bill.

Finding a Balance

Some say too much unity could interfere with agencies’ individual missions, especially when it comes to sharing information and resources among states or between states and the federal government.

This problem has diminished in recent years as developers have become adept at building both uniformity and flexibility into IT systems, says Kristin Russell, chief information officer for the state of Colorado.

Russell is helping manage a federal grant to build a unified unemployment benefits system for a consortium of states including Colorado, Arizona, Wyoming and North Dakota.

The system will look different in each state and will reflect the idiosyncrasies of how each one manages unemployment benefits, she says. But the portals’ technological nervous systems will all be the same and they’ll be housed, along with the data they collect, in the same computer cloud.

Russell, who was formerly a vice president at the technology company Oracle, hopes this model of sharing costs, technology and data when people move across state lines will spread to other states and spheres of government. As unemployment systems become outdated, she says, states will be able to hook into the consortium system for less money than building their own new systems.

“I really feel that states are sort of the perfect ecosystem for this type of innovation,” Russell says, “because they’re big enough to have a pretty profound impact, but not so big that they get tied up in a lot of regulation and red tape.

Others are skeptical of sharing technology across too broad a swath of government. For an example of consolidation’s dangers, they need look no further than HealthCare.gov, the Obama administration’s online health insurance marketplace that directly serves insurance seekers in 36 states. The system provides underlying data to 14 states and the District of Columbia, which built their own marketplaces.

HealthCare.gov nearly imploded upon launch, shutting the majority of insurance seekers out of the system before they could enroll in a plan. It took about two months of major repairs before the system was meeting performance expectations. Several state marketplaces have also suffered from performance problems, some of them caused by back-end data-sharing with the federal marketplace, but they’ve generally performed better than HealthCare.gov.

“I’ll just say in retrospect, I’m glad there wasn’t a single federal exchange,” says Tom Davis, the former House Oversight Committee chairman.

That’s not just Monday morning quarterbacking. Davis opposes “one size fits all” solutions that don’t account for differences in health care, education and other issues among states, but he also opposes what other Smart Lean advocates call “too many sizes.” The trick, he says, is sharing enough systems, data and responsibilities to get a look at the big picture and learn from it, but not so much that government loses flexibility.

“The private sector thrives on data to make smart decisions and to compete in the marketplace,” he says. “Government has to do the same thing. Otherwise we’ll be flying blind and legislating by anecdote and that hasn’t proved to be very effective.”

****

Treating Citizens Like
Customers in Colorado

As a private sector technology executive, Kristin Russell watched companies become adept at tracking customers from one division to the next and learning everything they could about them along the way.

When a warranty expired, a product was recalled or a superior product came out, they knew just who to contact. And they knew the best way to contact them.

When Russell became Colorado’s chief information officer, she saw something different. State agencies weren’t competing with anyone, so they had little incentive to offer great customer service.

This wasn’t just bad for citizens. It was costly for government too. One agency spent $4 million annually on postage. If citizens could opt for email-only contacts statewide, that figure could be reduced significantly, Russell says.

Russell and Colorado’s Chief Technology Officer Sherri Hammons started planning for a governmentwide customer relations management system that could recognize citizens from one agency to the next, save their addresses and personal information, and alert them to services they might qualify for.

An early version, called PEAK, offers a unified portal for medical, welfare and child support services and links to the state’s new online health insurance marketplace. Russell hopes to expand the PEAK concept across Colorado’s 22 agencies so citizens can interact with government once and be done.

****

One Agency Isn’t Enough

Nothing is simple in the modern world, especially for government. When the nation was reeling from a savings and loan crisis in the 1990s, the government response mostly fell to the newly created Resolution Trust Corporation. When a bigger financial crisis hit in 2008, numerous agencies had to work together on the response. Here’s a short list:

Treasury Department

Oversaw the Troubled Asset Relief Program and generally guided the government’s response

Recovery Accountability Transparency Board

Created to oversee President Obama’s stimulus program to boost the economy

Transportation Department

Managed the Cash for Clunkers program - aimed at boosting new auto sales

Consumer Financial Protection Bureau

Was created to guard consumers from the sort of predatory loans that helped spark the financial crisis

Federal Deposit Insurance Corporation

Helped shore up failing banks and other lending institutions

---

Listen to Joseph Marks talk about the story on the Excellence in Government podcast:

]]>

Tech Roundup

Aliya Sternstein, Bob Brewin, and Joseph Marks — Fri, 15 Nov 2013 00:00:00 -0500

Game On

Building an educational game for a smartphone or tablet is a pretty tall order for federal agencies. It has to be sufficiently engaging so it doesn’t wilt when compared with apps from private sector leaders such as Zynga. But you can’t ramp up the fun by compromising the app’s educational value or you’ll shortchange young learners and fail to fulfill the agency’s mission.

One app that crosses both these high bars is Solve the Outbreak, an iPad game developed by the Centers for Disease Control and Prevention. The reviewers in Nextgov’s apps rating project gave it 4.5 points out of 5, making it one of the highest scoring apps in the project’s two-year history.

The app presents players with real-world disease outbreaks and teaches them about epidemiology and data analysis as they make decisions about how to respond. Along the way, players earn points until they reach the rank “disease detective.”

Our reviewers thought the app was educational enough to be used in a classroom and fun enough to hold high school students’ interest—a high bar as anyone who’s spent much time with adolescents knows.

“This is the type of learning I love for kids to have,” says Ted Chan, founder of Practicequiz.com and chief technology officer of Cook123.com. “It teaches that a lot of the math, biology, science and statistics concepts they are learning have meaningful applications.”

The reviewers’ only criticism of the app was that it’s only available on the iPad.

For more information, check out Nextgov’s Building Better Apps project at www.nextgov.com.

Joseph Marks

Glass Half Empty

Federal agencies for 15 years have been unable to move cybersecurity off a list of the government’s most imperiled initiatives, with a new audit revealing a declining number of agencies—half—do not annually train employees on security.

Perennial weaknesses in network security endanger national security because of the pervasiveness of the Internet and sophisticated cyber threats, according to a Government Accountability Office report released in September.

In fiscal 2012, 12 of the 24 major federal agencies provided annual security awareness training to at least 90 percent of their network users, compared with 22 agencies the prior year.

These and other “weaknesses show that information security continues to be a major challenge for federal agencies,” the audit states. “Until steps are taken to address these persistent challenges, overall progress in improving the nation’s cybersecurity posture is likely to remain limited.”

Aliya Sternstein

Testing 1,2,3

Contractors that helped develop the Obama administration’s troubled online health insurance marketplace say the Centers for Medicare and Medicaid Services, which oversaw the project, performed only two weeks of testing before going live on Oct. 1.

That’s significantly less testing time than usual for major Web applications, representatives from HealthCare.gov contractors CGI Federal and QSSI say. They declined to say how much time should have been allocated.

CGI played a major role in building Medicare.gov, for which it had several months of testing, says senior vice president Cheryl Campbell.

Joseph Marks

NSA Needs a 12-Step Program

Since Edward Snowden started leaking details on how the National Security Agency gobbles up exabytes of data worldwide, it has become increasingly clear that it has an unhealthy addiction.

NSA chief Keith Alexander has said the agency needs to collect “haystacks” of data in order to detect terrorist needles, an effort The Washington Post says “occasionally threatened to overwhelm storage repositories, forcing the agency to halt its intake with ‘emergency detasking’ orders.”

Those are real signs of addiction. The explanation for this spying—everyone does it—is an excuse used by alcoholics on the 10th beer of the evening while everyone else at the bar slowly sips their second.

I’m not suggesting NSA go cold turkey, but it might try tapering off—a terabyte at a time.

Bob Brewin

]]>

New Directions

Joseph Marks — Tue, 01 Oct 2013 01:00:00 -0400

When it comes to government technology, assigning responsibility can be tricky.

Take the new email system the General Services Administration launched in 2011. GSA Chief Information Officer Casey Coleman appeared to be on the hook for that one. Click on any GSA project on the Federal IT Dashboard, a website that tracks government spending, and Coleman’s picture is right next to a table of performance
metrics. The buck stops here, that photo seems to say. Don’t like how your email’s performing? Give Coleman a call.

The real story is more complicated. First, the vast majority of GSA’s 17,000 employees don’t work for Coleman, so for the system to have any chance of succeeding she needed buy-in from leaders of GSA’s Public Buildings Service,
Federal Acquisition Service and various smaller divisions.

And Coleman—like all government technology chiefs, with the exception of the Veterans Affairs Department’s acting CIO, Stephen Warren—doesn’t actually control her agency’s information technology budget. She wields a lot of influence, but if a project goes off the rails she needs authorization from other agency leaders to rework or kill the contract.

Then there were the contracting officers who managed the vendor competition for GSA’s new email system, the security experts who made demands of it and Unisys Corp., the company that set up and maintains the Google-based calendar, email and collaboration suite.

The story gets even more complicated when you look outside GSA. This was the first agencywide transition to cloud-based email, meaning all the messages, contacts and calendars are stored in off-site servers that GSA staffers access through the Internet. Agencies across government were planning to adopt cloud email systems or were already in the process, so the federal CIO’s office inside the Office of Management and Budget took a keen interest in the project, looking both for best practices and for roadblocks.

GSA reports to OMB several times a year on its adherence to technology mandates, and U.S. CIO Steven VanRoekel leads extensive review sessions of agencies’ IT portfolios—especially their troubled projects.

Then there’s Congress and its auditing arm, the Government Accountability Office, looking to uncover any evidence of inefficiency or incompetence in federal IT spending. And there are the American people demanding good government at a reasonable cost. That’s what all those emails are about after all, making sure citizens aren’t paying too much for federal employees’ office supplies or for extra Saturday janitorial service at a federal building in Fargo.

The problem is that having all these cooks in the kitchen sometimes leads to crossed wires, inefficiency and obfuscation rather than smart IT investments. And it’s often tough to get a handle on who is to blame.

This inefficiency has serious consequences. The U.S. government is the world’s largest single buyer of information technology, spending about $80 billion on IT products and services each year. Auditors have estimated better management and oversight of these purchases could save the government $10 billion over five years. That’s $3 billion more than the entire annual funding for the National Science Foundation in 2012.

Just as important, better management could streamline the acquisition process so agencies are less likely to buy technology that’s outdated or doesn’t do what it’s supposed to.

Rep. Gerry Connolly, D-Va., grilled VanRoekel about this when he testified before a House panel on government operations in July. Connolly, who represents perhaps the most technology contractor-dense district in the nation, asked why Defense Department CIO Teri Takai doesn’t list any of her investments as “high risk” on the IT Dashboard. Many of those investments are a year or more past due and millions or billions of dollars over their original budgets. One system to deliver soldier health data online has even become grist for political comedy on The Daily Show because it still can’t connect with its partner system at the Veterans Affairs Department, despite years of trying.

VanRoekel told lawmakers that some Defense projects were undoubtedly at great risk, but that Takai wasn’t trying to cover up problems. She doesn’t control the budgets for those projects, he explained, and bases her reviews on assessments from deep inside the military services and other Defense agencies. So who should Connolly haul before his subcommittee and bawl out for the poor project performance? The answer isn’t clear.

Connolly is co-sponsoring legislation that would simplify the convoluted federal IT process with House Oversight and Government Reform Committee Chairman Darrell Issa, R-Calif. The Federal IT Acquisition Reform Act, or FITARA, would make CIOs presidential appointees and give them full authority over their agencies’ IT budgets. The bill also would create centers of excellence to deal with certain categories of complicated technology purchases and put the force of law behind Obama administration initiatives to cut the number of federal data centers and move more storage to computer clouds.

Existing statutes would exempt the Defense Department from the portions of FITARA dealing with CIO authority, but not from other elements of the bill. Connolly has argued that the Pentagon actually would be most affected by
FITARA because it’s the largest user of bulk buying contracts developed by GSA.

A version of the bill was tacked onto the National Defense Authorization Act that passed the House in June. It’s not clear yet whether the IT buying overhaul will win approval in
the Senate.

FITARA has drawn advocates and skeptics. Supporters say the bill would bring much needed uniformity to the way technology is bought and managed throughout the federal government, not to mention accountability for failures.

Some critics, however, say the bill favors a top-down management style that could result in IT buying decisions at higher levels by people who know less about what’s needed. Others argue the bill papers over the competing interests of various government divisions with a one-size-fits-all approach that would cause more conflict than comity.

But both sides acknowledge one thing: They’ve been through this debate before.

IT Reform All Over Again

The 1996 Clinger-Cohen Act was designed to respond to similar shortfalls in accountability. Before the legislation was introduced, a congressional report titled “Computer Chaos” described antiquated systems, “poor management, inadequate planning and an acquisition process that is too cumbersome to competitively purchase computer technology before it is obsolete.”

Clinger-Cohen created federal CIOs and established an interagency CIO Council to sort out best practices for the government’s trickier IT problems. The law also required agencies to establish performance goals for their IT systems and adopt best practices from the private sector. In many ways, Clinger-Cohen brought the government into the age of large-scale deployment of IT to improve government performance, along with President Clinton’s National Partnership for Reinventing Government.

Some say, however, that Clinger-Cohen was never properly implemented. It’s this 17-year-old dispute that, in many ways, is at the heart of the debate over FITARA today.

According to the critics, Clinger-Cohen was, if not a perfect fix to the problem of mismanaged government IT, at least a very good start. The trouble began, they say, when the law went to the Office of Management and Budget and federal agencies for implementation.

Agencies watered down the legislation’s vision of a strong CIO with broad authority over IT systems, they say, and OMB failed to impose uniform standards for what a CIO ought to be and do. The position has been viewed in some cases as a sinecure for administration favorites without real technical expertise who lack the power to crack down on technology fiefdoms or to insist agencies take a unified approach to buying and implementing major software systems.

Paul Brubaker helped design Clinger- Cohen when he was staff director for then-Sen. William Cohen, R-Maine. On the legislation’s 10-year anniversary in 2006, he told CIO magazine that the law had been “totally bastardized to fit political agendas” during the Clinton and Bush administrations, adding that government IT faced “the same basic problems we did 10 years ago.”

For some major IT operations there hasn’t been much progress in the seven years since.

The “Computer Chaos” report opened by detailing three “antiquated and inefficient computer systems” that “cost the government billions.” First, there were details of “outdated Internal Revenue Service computer systems” that have “contributed to a $70 billion backlog in uncollected taxes and unreliable financial records.” Flash forward 16 years to 2012 when a Treasury Department auditor found that IRS’ efforts to modernize its systems posed a major risk and left taxpayer information vulnerable to hackers.

Then there was the account of an outdated air traffic control system that was “failing at an increasing rate.” Seventeen years later, the Federal Aviation Administration’s next generation air traffic control system is facing delays that could stretch up to a decade, according to internal auditors.

The list closed with the Defense Department’s stew of outdated accounting systems so poorly integrated that it was impossible for the Government Accountability Office to audit the Pentagon’s books. It still can’t. The Pentagon’s goal now is to be auditable by 2017.

Brubaker, who now heads the Defense Department’s planning and performance management office, didn’t respond to an interview request for this article.

What Went Wrong

For some critics of Clinger-Cohen’s implementation, FITARA represents a do-over, an opportunity to put right what went wrong 17 years ago. Doing that, however, means sorting out just what went wrong.

One major factor, former Commerce Department CIO Alan Balutis says, is that some at OMB never bought into Clinger-Cohen’s reforms and resented congressional meddling in what were essentially executive branch issues. Balutis is now a director for Cisco’s Internet Business Solutions Group.

This was exacerbated, he says, by the fact that the bill’s eponymous sponsors both left Congress shortly after it was enacted. Rep. William Clinger, R-Pa., retired, and Cohen left to become President Clinton’s third secretary of Defense.

In 2006, retired Air Force lieutenant colonel and IT policy consultant Wes Andrues wrote a five-part series for Government Executive detailing how Clinger-Cohen had failed to meet expectations. Most notably, Andrues wrote, a “sense of Congress” addendum that the bill should reduce governmentwide IT spending by 5 percent while, at the same time, increasing efficiency never came to pass. In reality, nonintelligence IT costs rose about 7 percent annually throughout the Bush administration. Those costs have essentially flattened out but not decreased since President Obama took office.

There was a lot of “cultural momentum” to make Clinger-Cohen a success, Andrues told Government Executive recently. But in the end there wasn’t enough to change how the govern-ment operates.

One problem, he says, is that even in the 1990s, IT was so integrated into how government employees did their jobs that yielding authority over those software and hardware systems to someone else seemed like a huge imposition and one that would likely decrease efficiency rather than raise it. In the end, it was often easier to make IT purchases by going around CIO offices rather than through them, he says.

The integration of IT into everything government does has only increased since then, Andrues says.

Seeking a Balance

There is another view, however, that sees the Clinger-Cohen implementation not as flawed but as, perhaps, the best that can be expected of legislation in such a complex arena.

Federal agencies have a variety of legacy IT systems, missions and priorities, so imposing Clinger-Cohen as a one-size-fits-all solution might have produced more harm than good, says Daniel Chenok, a former branch chief at OMB and now executive director at IBM’s Center for the Business of Government.

“Any management statute should be introduced in the context of an agency’s history, its budget and statutory authorities,” he says. “So it’s highly unlikely you’ll have an immediate, perfectly consistent application of a new management framework in every agency. That’s not just true for Clinger-Cohen, but for any management statute.”

While he’s not opposed to reforming how the government manages IT, Chenok warns that proper management requires a careful balancing of interests and expectations—between CIOs and other managers within an agency, between agencies and OMB, and between the executive branch and Congress.

“It’s just hard to legislate good management,” he says. “The role of a statute—and this is a little political science-y—is to create a framework and expectations from Congress. Congress wants to make sure its understanding of best practices is reflected in statutes and the administration wants flexibility to order itself and to manage as it sees fit. Where that middle ground is evolves over time and won’t ever be totally settled on either side of the ledger. It’s always an evolving picture, not a perfect end state.”

A Long Road

Connolly cites ingrained resistance inside agencies and a lack of congressional oversight by Clinger-Cohen’s sponsors as stumbling blocks for the law, two things he hopes to avoid with FITARA.

“The bottom line is that, as with any bill I work on, I do not believe the job is finished once the president signs the measure into law,” he says. “If anything, I view enactment as merely the beginning of the most labor-intensive, and perhaps most important, part of the legislative process—exercising diligent oversight to ensure the law is implemented in accordance with congressional intent.”

Connolly played down a prevalent view in the government IT community that OMB opposes FITARA and would try to weaken it during the implementation phase. That perception is largely based on noncommittal answers VanRoekel gave during testimony before the House Oversight and Government Reform Committee and its various subcommittees, including a comment about CIO budget authority being less important than CIOs having “a seat at the table” when major management and policy issues are
up for discussion.

Connolly warned during a July 25 hearing of the House Oversight Subcommittee on Government Operations that the Obama administration would “have problems on both sides of the aisle” if it didn’t get behind the reform act. Connolly is the subcommittee’s ranking Democrat.

In a mid-August email to Government Executive, Connolly said he believed VanRoekel and OMB were largely supportive of IT reform and that VanRoekel had made clear in private that he wanted to establish a stronger, more cooperative relationship with congressional overseers. That should bode well for FITARA if it becomes law.

Even with good relations between OMB and Congress, FITARA could still face roadblocks, Balutis says. Notably, the famously tense relationship between co-sponsors Issa and Connolly could unravel, making congressional oversight less effective. The Oversight Committee might also be distracted by some new scandal or the administration that takes office in 2016 could be less cooperative with the legislation or have its own ideas about IT reform.

Despite those cautionary notes, Balutis is optimistic about the bill’s chances.

“In a second term, presidents and key officials begin to think about an administration’s legacy and about things they can accomplish on the president’s watch as opposed to initiatives that won’t come to fruition for years and years,” he says, citing a July 8 speech during which President Obama said that smarter and more user-friendly technology would be at the heart of his second-term management agenda.

“You saw that at the tail end of the Bush administration, and I suspect the same things will be happening in the Obama administration,” Balutis says. “This would fit that framework.”

]]>

A Bidder’s EZ Button

Joseph Marks — Sun, 01 Sep 2013 01:00:00 -0400

A novice might think The MIS Department, a Chicago technology firm, would have no trouble winning government contracts.

The company has a proven track record engineering complex computer systems and building websites. It has done the arduous legwork of getting authorized to provide services to the federal government, the state of Illinois, Cook County and the city of Chicago. It’s even filed paperwork for 8(a) certification, which allows the company to compete for a special class of contracts reserved for minority-owned small businesses.

And, get this: Company president Rajeev Chopra was chief information officer for President Obama’s 2012 reelection campaign, responsible for keeping a suite of information technology tools up and running for more than 2 million staffers and volunteers across 813 field offices.

But even with all that going for it, MIS, which stands for Management Information Systems, for years was unable to take a government contract to the finish line.

Why? Most of the company’s dozen or so employees were busy, for one thing, working on IT contracts with Chicago businesses and political groups in Washington that Chopra encountered during the campaign. That left only Devlin Kane, director of business development, to try to drum up government work.

“That’s a Herculean task for a small business without a specific contracting person,” Kane says. “It’s such inside baseball, and it really takes a working knowledge of government. We found two RFPs that fit our capabilities and, no joke, they were almost 300 pages. I don’t have time to read a 300-page RFP, let alone respond to it.”

RFP stands for request for proposal. The call for bids is one of the first tangible expressions of a contract that may eventually deliver a payroll system or a farmer’s aid program or a fighter jet.

The two RFPs Kane worked on were at the county level. Federal RFPs are, if anything, even more complex. They frequently add up to hundreds of pages divided between a dozen or more PDF and Word documents, all linked behind a generic title deep in the guts of FedBizOpps, the Federal Business Opportunities website.

“The amazing part to me is that all that length doesn’t equal clarity,” Kane says. “In all those behemoth contracts they still fail to articulate some pretty basic stuff.”

As a result, most federal contracts that aren’t reserved for small businesses go to big ones, and small firms that do win contracts tend to specialize in government work and its arcane ways.

One effort to improve this system is RFP-EZ, a Small Business Administration website that aims to match some low-cost technology projects with qualified companies that might not otherwise get them. RFP-EZ was built by a team of Presidential Innovation Fellows, government short-termers with extensive private sector experience. The site was designed to reduce the government’s grunt work on small technology contracts while opening federal work to small, innovative startups in Web design, data sharing and open source technologies.

SBA posted four contract filings to RFP-EZ during a beta test early this year. The White House and the Health and Human Services Department each posted one more. The RFPs were all short, usually less than a dozen pages. Instead of lengthy descriptions of business capabilities, they asked for Web links to companies’ relevant work.

MIS bid on two RFP-EZ contracts and won one to upgrade the website of the Small Business Investment Company program at SBA.

“Our whole response was 1,400 words,” Kane says. “The difference between reading a 200-page RFP and only having to write a 1,400-word response is pretty striking.”

Other reviews of the simplified process were also positive. The innovation fellows liked that RFP-EZ broadened the market. About half the beta test’s roughly 600 RFP-EZ bidders had never competed for a federal contract. The project’s federal sponsors liked that those new market entrants were offering lower prices, at least based on the small sample in the beta test. RFP-EZ contract winners bid 30 percent lower than competitors for the same contracts on FedBizOpps.

Jed Wood is a Chicago Web designer who worked on the RFP-EZ pilot. Making government more attractive to the startup set was the easy part, he says. The innovation fellows had roots in new companies and knew what was needed: shorter RFPs, more clarity, less hassle.

The harder part, he says, was building a system that appealed to risk-averse government contracting officers. The fellows spent hours going from one contracting officer to the next, asking how the team could make their lives easier.

They came up with a statement of work composer. Statements of work are typically attached to RFPs and explain exactly what the agency expects from a contractor at every step. Contracting officers labor over these documents because one false word can send a vendor down the wrong path or spark a legal dispute.

The RFP-EZ statement of work composer gives contracting officers a series of templates to work from when dealing with new or emerging fields so they don’t have to reinvent the wheel with each contract or layer on complicated legal language to cover their hides. The fellows team also built an automated bid monitor, which helps contracting officers sort through proposals.

Project RFP-EZ was renewed with a second round of innovation fellows in June. That team wants to set up RFP-EZ solicitations to automatically cross post to FedBizOpps, says Greg Godbout, an Arlington developer who’s working on the project. The team also wants to beef up the site’s base code and expand the project’s scope to include mobile app development and machine translation. More importantly, the fellows want to expand the number of agencies testing the tool.

The plan is to continuously update RPF-EZ based on users’ feedback rather than to aim for a “final version,” according to a project spokesman.

“Our goal all along was to think of this as just version one,” Wood says. “It was a six-month sprint and then we’d hand it off with lessons learned and a trail of breadcrumbs. They’ve taken our base code and now they’re getting to work on round two.”

]]>

Tech Roundup

Aliya Sternstein, Bob Brewin, and Joseph Marks — Sun, 01 Sep 2013 01:00:00 -0400

Chasing Ghost Viruses

After detecting malicious software in system components at Commerce Department headquarters, federal officials in 2012 disconnected the Economic Development Administration’s computer infrastructure, annihilated $170,000 worth of equipment and cut off staff email and website access nationwide, according to an inspector general audit released in late June.

The response was overkill. It turns out there was no widespread malware infection—something officials learned more than a year later, after the IG informed them.

The chain of destruction began in late 2011, when the Homeland Security Department notified Commerce about possible worms in the department’s systems. Commerce traced the problem to parts on the headquarters’ network that support the Economic Development Administration. Believing the issue was widespread, EDA in January 2012 asked Commerce to disconnect its systems from the network, which cut access to email for all agency employees and prevented field office personnel from accessing other vital applications as well.

Officials then began demolishing computers, printers, TVs, cameras, computer mice, keyboards and other IT parts. In April 2012, the agency brought the workforce back online using alternative services, but the demolition continued for four more months—until the agency ran out of funds. In total, EDA spent more than $2.7 million—over half of its fiscal 2012 IT budget—on recovery efforts, the IG found.

One cause for the confusion: The Computer Incident Response Team member assigned to the job was unqualified. Rather than hand the agency a list of possibly infected components, the employee mistakenly provided a roster of 146 components within the network, only six of which were actually contaminated.

- Aliya Sternstein

The Eyes Have It

New federal guidelines on iris recognition allow the Homeland Security Department to proceed with a $100 million plan for modernizing employee badges.

Following the Sept. 11, 2001, terrorist attacks, Congress passed legislation requiring that government personnel have smart card credentials to access all government buildings and networks. In May, DHS began searching for a contractor to replace the department’s fingerprint identification system with more cutting-edge technology, such as iris matching capabilities. But there was no consistent way to exchange eye images between cameras and card readers.

That changed in July after the National Institute of Standards and Technology finalized guidelines for incorporating iris scans into employee IDs.

As of July 3, DHS expected to spend up to $102.8 million to provide staff with upgraded biometric smart cards during the next decade, according to contract filings.

- Aliya Sternstein

Lagging IT Reform

Rep. Gerry Connolly, D-Va., lashed out at federal technology leaders for being slow to adopt cost-saving reforms laid out early in the Obama administration—such as consolidating data centers and shifting data to computer clouds—and for inadequately reporting on progress.

“My hope is that as we move forward all of us can try to find ways to encourage and exhort and pressure the federal government to come into the 21st century with management changes and allocation and investment changes that will better serve the country,” he said.

- Joseph Marks

China Loves the Navy’s GPS Landing System

I did a Google search for some background information on the precision GPS landing system the Navy used to help guide its unmanned X-47B to a carrier landing, and one of the first hits to pop up was a paper by three authors from China’s Naval University of Engineering.

The paper, presented in May at a conference in Wuhan, China, goes into great detail about the landing system. I wondered where China obtained so much information about a U.S. Navy program, until I stumbled across a 2010 Naval Air Systems Command presentation, which included many of the details used in the 2013 China report.

The authors even included the same graphic used by the U.S. Navy in 2010 to illustrate how the precision guidance system works.

Too bad NAVAIR can’t copyright its slide decks.

- Bob Brewin

]]>

Around Government

Kellie Lunney, Joseph Marks, and Eric Katz — Thu, 01 Aug 2013 01:00:00 -0400

Decoding Rap and Regs

GSA considers site that analyzes hip-hop lyrics to cut through jargon.

What will be the next social media platform to make it big in government? The answer may be Rap Genius, a four-year-old tool to decode hip-hop lyrics that federal agencies could use to crowdsource explanations of policy memos and proposed regulations.

The General Services Administration is talking with Rap Genius about creating a federal friendly version of the website, which has racked up more than 68,000 annotations to Kanye West’s new album Yeezus.

“We want to stop chasing the social media tail and start getting in front of it,” GSA’s social media lead Justin Herman says.

If the deal goes through, agencies will likely have to maintain accounts on a segmented part of the site so their documents won’t be displayed next to links for hip-hop songs with profane titles, he says.

The U.S. Geological Survey has already set up an account on Rap Genius where several of the agency’s policy documents have been annotated by geology enthusiasts.

Rap Genius edits range from translating slang terms into standard English to fleshing out how a rapper’s biography informed a particular lyric. The site has branched out from hip-hop, including Poetry Genius and News Genius, which annotates political speeches and quotes.

Government has mixed crowdsourcing and policy in the past, but usually for developing rather than explaining it. The Open Gov Foundation built a tool called Madison to crowdsource edits to legislation, and agencies have used IdeaScale to pool suggestions for improving programs.

- Joseph Marks

Playing to Strengths

With age comes wisdom. But that wisdom is not always applied on the job.

In the federal workplace, young employees are more likely than their older colleagues to be in jobs that play to their strengths, according to a Gallup survey. Eighty-five percent of feds ages 18 to 29 said they “use their strengths to do what they do best every day,” compared with just 77 percent of workers who are 65 or older.

The opposite is true in the private sector, where 86 percent of those 65 or older said they work to their strengths, while only 82 percent of 18- to 29-year-olds said the same.

“The fact that younger federal employees are just as likely as those in the private sector to report using their strengths could be a selling point to attract top talent to the government,” the polling organization wrote.

The survey also linked mismatched skills to employee disengagement. Only 1 percent are disengaged when supervisors focus on their strengths, while 22 percent are disengaged when forced to draw on their weaknesses, according to Gallup.

The study was part of a larger Gallup-Healthways Well-Being Index, which surveyed 115,000 people throughout 2012.

- Eric Katz

A Payday Double Take

Salary gaps and the sexes get a closer look in government.

News Flash: There’s still a pay gap between men and women.

Full-time working women earn on average 77 cents for every dollar that men earn. Still, statistics show that more women than men earn college degrees, and women are the sole or primary breadwinners in a record 40 percent of households with children under age 18.

This year marks the 50th anniversary of the Equal Pay Act, which prohibits wage discrimination based on gender. President Obama in May directed a review of pay and promotion policies at federal agencies to eliminate any gender pay gaps. Agencies have to report back to the Office of Personnel Management in August; OPM then will have 180 days to recommend changes to the General Schedule to address the issue.

So how does the government stack up in terms of gender pay equity?

Women typically earn less than men “even when they are in the same occupation,” the Merit Systems Protection Board said in a 2011 analysis of federal salaries. Job classifications, experience and education only partially explain those salary differences, according to MSPB. Women also are less likely to be in senior government jobs that pay more, the study found, concluding that “the glass ceiling has been fractured, but it has not been shattered.”

- Kellie Lunney

Feds Out of Favor

More Americans than ever view the federal government negatively, with fewer than three in 10 having a favorable opinion. Favorable ratings of the federal government are down from a high point of 82 percent in November 2001 and 42 percent in July 2009, shortly after President Obama took office. Views of state and local governments, however, remain positive, according to a recent poll from the Pew Research Center. Local governments continue to receive the most favorable reviews, while the gap between federal and nonfederal ratings has widened to unprecedented levels.

]]>

Tech Roundup

Bob Brewin, Joseph Marks, and Kedar Pavgi — Thu, 01 Aug 2013 01:00:00 -0400

CIA’s Virus Trouble

The Government Accountability Office found that the CIA gave Amazon an unfair advantage when it agreed to weaken security requirements on a $150 million contract for a massive intelligence community computer cloud it had already awarded to the Web giant.

During post-award negotiations, Amazon asked the CIA to weaken a requirement that all software in the cloud be verifiably free from computer viruses that might let unauthorized people see intelligence data, GAO wrote.

Amazon asked that it only be required to vouch for software it had built itself, not for third party and open source software it planned to include in the system. The CIA agreed, prompting a challenge from IBM, which had also bid on the contract.

If IBM had known in advance that requirement might be loosened, that could have substantially changed both the company’s bid and its competitiveness.

“It is a fundamental principle of government procurement that competition must be conducted on an equal basis,” GAO said. “Offerors must be treated equally and provided with a common basis for the preparation of their proposals.”

GAO recommended that the CIA re-bid the cloud contract and reimburse IBM for the cost of challenging the award. GAO’s bid protest rulings aren’t officially binding but agencies often follow them.

Computer clouds typically offer cheaper storage space than traditional government data centers and allow agencies to perform more complex computing operations with larger amounts of data.

GAO also upheld another section of IBM’s protest, which claimed the CIA unfairly adjusted the likely price of proposed cloud offerings based on inconsistent standards.

- Joseph Marks

Twitter Diplomacy

The State Department’s social media presence vastly dwarfs that of other countries using Internet-based tools for public diplomacy efforts, according to a new report.

The 39 U.S. ambassadors with a digital media presence pack a significant punch, based on an analysis by the Canadian Defense and Foreign Affairs Institute. U.S. ambassadors with Twitter accounts have a combined 538,942 followers and average more than 16,000 followers per account.

“Users of social media who do not engage in substantive, real-time exchanges are unlikely to make their voices heard,” the report says.

State has pushed to incorporate the latest social media networks in its public diplomacy efforts. Recently, the General Services Administration struck a deal to allow agencies to use the video-sharing service Vine. Many embassies have begun posting videos that show off American culture.

- Kedar Pavgi

Goodbye Paper

In June, the Veterans Affairs Department finished installing its paperless Veterans Benefits Management System in all 56 of its regional offices. VBMS is a key element of plans to eliminate the backlog of disability claims.

“Now that the system is in place, much work continues to be done as we roll out more features and train more users,” says Tommy Sowers, assistant secretary of public and intergovernmental affairs.

“This is a big crossover year for us,” says VA Secretary Eric Shinseki. “We have for decades sat astride rivers of paper. Now we are in the process of turning off paper spigots and turning on electronic ones.”

- Bob Brewin

Oops, About Those Loan Records …

The Veterans Affairs Department inadvertently deleted 464,000 home loan files, and Sen. Ron Portman, R-Ohio, wants to know why.

In a letter to VA Secretary Eric Shinseki, Portman said he learned that the Cleveland regional office deleted almost half a million electronic records relating to loans, grants and applications. “While I understand the VA has taken steps to remedy the situation, the limited communication and delayed incident reporting are particularly concerning,” he said.

Portman had a lot of questions, including whether VA had backup systems and how often backups were performed.

VA spokeswoman Jo Schuda said human error on May 25 accounted for the deletion of the documents and images, which are used by lenders, appraisers and internal staff.

Employees are being retrained to prevent this error in the future, she said. No personal information was compromised.

- Bob Brewin

]]>

Build Once, Use Often

Joseph Marks — Thu, 01 Aug 2013 01:00:00 -0400

May marked a White House deadline for government agencies to begin streaming data directly to outside developers and the public through application programming interfaces, or APIs. Basically, these are instructions for one computer to continuously grab information from another.

Some agencies launched a dozen or more APIs in response to the mandate, which is part of President Obama’s open government initiative.

At the Labor Department, lead information technology specialist Mike
Pulsifer took a different tack. Labor published just one API for 175 information stockpiles, ranging from workforce statistics to historical trends for the Consumer Price Index.

Pulsifer has been assembling the API since 2011. The plan, he says, is to build for the long term. This strategy allows the agency to pack new data sets into the existing API rather than developing a separate infrastructure for each one.

Pulsifer came up with the idea from the photo sharing site Flickr, which has consolidated all of its data into a single stream. No one else at Labor was using APIs, so building once and using often seemed like a good approach.

“We started really small with three data sets that were admittedly of limited usefulness,” he says. The plan worked, and other divisions began agreeing to let Pulsifer’s API grab their data.

“We’ve got a tremendous amount of data that we’d love for app developers out there to turn into information,” Pulsifer says. “The stories that can be told from this data, that’s what we’re really hoping the public can produce out of this.”

]]>

Governing Gets Social

Joseph Marks — Mon, 01 Jul 2013 01:00:00 -0400

Due to an editing error the first paragraph of this story was initially omitted.

More than 4 million people joined together online in December 2011 to express outrage over the Stop Online Piracy Act, a bill Congress was considering that would have made content-sharing websties legally responsible for their users' copyright violations, with punishments including prison time.

The proposed law would have drastically changed if not destroyed the business models of YouTube, Wikipedia and other popular websites whose content is contributed by the public. People who frequent those sites vented their ire in online petitions, blog posts and Web comments. They emailed their representatives in Congress and bombed the lawmakers’ Twitter feeds and Facebook pages with angry comments.

As 2011 drew to a close, politicians got the message. One by one they announced their opposition to SOPA or to its Senate counterpart, the Protect Intellectual Property Act. President Obama said he opposed the legislation too, and in January 2012 both houses shelved the bills before they ever faced a floor vote.

Experts called the campaign a victory for digital democracy: The people had spoken— the ones who don’t have lobbyists or make large campaign donations. And just as important, their representatives had listened.

There was a problem, though. Through social media, ordinary citizens told Congress and the president what they didn’t want. But the filmmakers, recording artists and others concerned about protecting intellectual property rights, many of whom supported SOPA, had a legitimate beef. And there was no good way to gauge what measures the public would support to address that.

A handful of staffers in the office of Rep. Darrell Issa, R-Calif., thought they might have a solution. As the debate over SOPA rose to a boil, they launched the Madison Project, an online forum where users could comment on proposed legislation, suggest alternative text and vote those suggestions up or down. It was a cross between Microsoft Word’s track changes function and crowdsourced book reviews on Amazon.

SOPA was Madison’s first guinea pig.

“On the first day we had 150,000 unique visitors and were getting ridiculously awesome content, with ‘awesome’ defined as useful,” says Seamus Kraft, then an Issa staffer who helped launch the project.

Comments came from Web-savvy citizens as well as from a handful of advocacy organizations such as the Electronic Frontier Foundation.

Since that first posting in 2011, Madison has hosted other bills aimed at preserving Internet freedom, making federal spending more transparent and increasing cyber protections for government computer networks, most of which have been introduced in Congress.

Issa introduced the Online Protection and Enforcement of Digital Trade Act, a SOPA alternative developed largely through Madison edits, in January 2012. Government Executive Media Group’s technology website Nextgov is hosting the Madison version of a bill introduced by Issa and Rep. Gerry Connolly, D-Va., to reform federal information technology purchasing.

Management of Madison has also spun off into the nonprofit and officially nonpartisan OpenGov Foundation with Kraft, Issa and California attorney James Lacy listed as co-founders. Issa, who made millions in the automotive security field before running for Congress, provided the foundation’s seed money. It has received additional funding from the Knight Foundation, which supports media and open government initiatives.

The OpenGov Foundation has also partnered with the state of Maryland to release a machine-readable version of the state’s code of laws and plans to release all bills introduced in the Maryland legislature in a social forum during the next legislative session, Kraft says.

“Do I think we’re ever going to develop to the point where everything is in an accessible interface like Madison and citizens are helping write every regulation or piece of legislation from scratch?” Kraft asks. “No. But can that happen frequently? Yeah. And the data will be there for [lawmakers and others] to do whatever they want with it.”

Madison is just one of a dozen or more initiatives that are transforming the way the government engages citizens online. They range from gathering feedback on Philadelphia’s transportation reforms to making computers more accessible to the blind. While the initiatives have different objectives, they have three things in common: First, they target more specialized audiences than the typical government Facebook post or Twitter blast. Second, they tend to live on platforms tailored to their audiences. Finally, they are interactive, asking more from participants than a simple like or retweet.

Tapping Outsiders

Social media took hold slowly in the federal government. In 2003, during the George W. Bush administration, White House Chief of Staff Andrew Card became the first administration official to answer citizen questions online, but it wasn’t until 2009 that most agencies began launching Facebook, Twitter and YouTube profiles. The impetus to use social media in government has gained urgency, though, spurred largely by agencies’ desire to remain relevant to increasingly tech-savvy citizens for whom checking for updates on an agency’s blog or home-page seems hopelessly inefficient.

The earliest and easiest way for government to use social media is as a broadcast platform for policy statements and press releases.

The second phase is interactive, which typically has meant responding to citizen questions. The Education Department’s Federal Student Aid office holds regular Twitter office hours, for example, to answer questions about the labyrinthine process for submitting the Free Application for Federal Student Aid. The White House website We the People offers official government responses to petitions that receive more than 100,000 signatures.

The third phase of social interaction goes beyond responding to questions to involve expert citizens on a particular issue in the policymaking process. Citizen edits to legislation on Madison, for example, have been incorporated into the official bills.

In other cases, the document itself might be open to public edits. When an interagency team began work on a governmentwide open data policy that was released in May, the group decided to do the majority of its editing inside Github, a popular open source development site that stores a unique URL for each edit to computer code or a text document. Once the policy was released, the team opened the documents up to anyone on GitHub who wanted to weigh in.

Within days, more than three dozen citizen edits had come in, ranging from correcting typos to suggesting larger policy changes. Federal Chief Information Officer Steven VanRoekel personally managed and integrated many of the citizen updates, known as “pull requests.”

Ben Balter worked on the open data policy as a Presidential Innovation Fellow and now works at GitHub as a liaison to the federal government. He envisions a world in which similar policy documents will be open to the public before they are officially released so nongovernment experts can contribute at every stage of the process.

“The government, in its public-facing efforts, has the tendency to say ‘we’re the experts here and if you want to give us some free labor that’s fine, but we know what’s best,’ ” Balter says. “But that’s not how the Internet works. If the government publishes something on a social network, that means the world’s foremost experts can comment on it, which can be very helpful. The government has to shift from worrying about managing that community to worrying about growing it and making sure it has the resources it needs.”

The developer set calls this a “Web-based” model, meaning disparate parts of the machine are all cranking at once and fully aware of one another’s work. They contrast that with a “hub and spoke” model in which a central authority, say a federal agency, manages the entire development process and integrates feedback and advice from all the other players one at a time.

As agencies struggle with tighter budgets, relying on volunteered expertise from outsiders can be a money saver and a force multiplier, Balter says. The culture shift is that government will have to be freer with the staff memos, budget requests and other information that’s typically guarded from public view.

“In the intelligence community, yes, things need to be centralized,” Balter says. “But a lot of stuff the government is working on, if it’s data that eventually will be or could be public, there’s no reason they can’t open it up earlier [and] that they can’t blur the distinction between government and public.”

Kraft sees similar potential when uninvited experts comment on legislation through Madison.

“A lot of people know a hell of a lot more than you do about any issue you’re working on, and you should have the ability to put that to work,” he says.

Honing In

Not all examples of this new breed of interactive social media happen at the macro level of legislation and presidential directives. Agencies across government have been turning to the platform IdeaScale, for instance, to gather feedback on more granular policy questions.

Once an agency poses a question on IdeaScale, anyone can offer a response or suggestion and other discussion participants can vote those suggestions up or down. That typically means the wisdom of the masses will drive the best ideas from the most qualified participants to the top of the queue without officials having to sift through every suggestion.

The Labor Department’s Office of Disability Employment Policy has run numerous IdeaScale campaigns aimed at addressing accessibility for the disabled, such as improving transportation options for veterans and making it easier for students to enter the workforce.

Answering policy questions like that in a smart way requires gathering and processing feedback from up to 5,000 people spread across the Defense, Veterans Affairs, Transportation and Education departments; dozens of businesses, nonprofits and advocacy organizations; and from disabled veterans and students themselves, the office’s policy adviser Michael Reardon says.

By gathering that feedback through IdeaScale rather than mass emails and public forums, the office not only saves time and money, it also removes barriers to participation and receives continual feedback as it watches constituents hash out ideas in public, Reardon says.

“If you’re someone with a disability and you want to provide input on a transit authority that provides services to you, [typically] you’d have to show up at a meeting site, take off work, go in front of a group for three minutes and then there’s no feedback mechanism,” Reardon says.

Meeting Your Audience

A critical element of interactive social media is that the platform must fit the audience, Kraft says. The cobbled together first draft of Madison was ideal for a Web savvy crowd that was eager to weigh in on SOPA and other Internet-focused legislation, he says. The OpenGov Foundation is working on an updated and more user friendly version due out this summer.

Madison 2.0 will offer “all the functionality of Facebook,” Kraft says. Everyone who uses the site will be able to create a personal page with legislative issues, bills and edits. Lawmakers will be able to drag and drop proposed bills into the system and outside contributors can collaboratively write legislation from scratch.

Similarly, GitHub made sense for the developer crowd interested in collaborating on the White House open data policy while IdeaScale is a better fit for reaching a more general constituency.

Finding the right platform to reach a narrow audience doesn’t necessarily mean searching out some dusty corner of the online world. When Michelle Lee was asked to gather feedback about proposed changes to Philadelphia transit lines, she considered numerous online platforms. The problem was that about 40 percent of Philadelphia homes lacked broadband Internet access, which meant the people most affected by the changes were unlikely to take part in an online survey.

Lee worked on the project with Code for America, a nonprofit that pairs technology entrepreneurs with municipal governments. She launched a text message survey of frequent bus riders along routes that might be served by a new rapid transit system. Signs urged riders to text a number to take a three-question survey, which asked about their transit habits and how those might change if a rapid transit option was available.

About 90 percent of the people who started the survey finished it. When the city updates its transit plan, Lee’s team plans to text survey participants to let them know how their feedback was used.

“Text appealed to us because the status quo to participate at that point was to go to a two-hour meeting and this pulled that commitment level to the other extreme,” Lee says.

Lee is now the chief executive of Textizen, a for-profit business housed, until recently, in the San Francisco-based Code for America’s startup incubator. Textizen has run surveys for other cities, including one for the Flint, Mich., planning commission, which was rewriting its 20-year strategic plan.

Most attendees at planning commission meetings were in their mid-50s, Lee says, which meant they’d have little stake in questions like whether the city offered good elementary schools. Via text, the commission was able to collect a broader base of citizen input, she says.

A Civic Universe Online

What many people see as the endgame for projects like Madison and Textizen is a vibrant civic culture in which people report potholes, sign petitions and even vote online or through mobile devices.

The Internet is great at gathering and processing information, but it’s not as good at verifying who that information is coming from, says Alan Shark, a Rutgers University professor and executive director of the Public Technology Institute, a nonprofit that focuses on technology issues affecting local governments.

“Star Trek is here,” Shark says. “We have these personal communicators, their use is continuing to grow dramatically and we’re going to have broader civic participation because of it. The missing piece is trusted identities.”

This is a stumbling block the Federal Communications Commission ran into in 2009 when it sought to use IdeaScale and an FCC blog not just to gather informal policy recommendations but also to collect official comments on a proposed regulation aimed at ensuring net neutrality.

Net neutrality—the idea that all information packets sent through the Internet should be treated equally rather than larger players being able to buy preferential treatment—is a passionate issue for many Web entrepreneurs and consumers, most of whom are unused to posting comments in the Federal Register. The FCC wanted those people to have a say, so it met with them someplace more accessible, says GitHub’s Balter, an intern in FCC’s technology office at the time.

Accepting comments through the blog and IdeaScale proved nearly as great a bureaucratic hurdle as publishing the proposed rule, Balter says. The 107-page notice of proposed rulemaking includes several legalistic paragraphs explaining that the commission would only accept IdeaScale comments that included the commenter’s identifying information.

The question of trusted identities online stretches far beyond civic participation. The Commerce Department’s National Institute of Standards and Technology is focused on the problem, largely to stem cyber espionage and identity theft in the private sector. But the institute also is interested in helping government provide better online services, such as processing tax bills, Social Security benefits and veterans’ disability claims.

Once NIST is satisfied with digital credentialing standards, that could be the key to online voting and other forms of civic participation, Shark says.

Some deeper form of credentialing also could help state and local governments and Congress members assess feedback they receive through Facebook, Twitter and other social media, by sifting out comments from people who aren’t constituents, according to Balter.

“Otherwise I could tweet to my congressman that I support gun control or something like that and say I’m Ben from Chicago, but I’m actually in Russia or China,” he says.

Such credentialing could drastically change the voting landscape, Lee says.

“If people could vote through text messages or some other convenient media, if they didn’t have to go to a polling site and verify their identity and fill out a form every few years that would transform who votes and how we think about voting,” she says.

]]>

Tech Roundup

Aliya Sternstein, Bob Brewin, and Joseph Marks — Mon, 01 Jul 2013 00:00:00 -0400

Data Derby

Government agencies must collect and publish new information in open, machine-readable and, whenever possible, nonproprietary formats, according to a White House executive order and open data policy
published May 9.

The idea behind the initiative is that information the government collects for the purposes of management, regulation and security can also be used by entrepreneurs to build products that aid consumers and turn a profit—much like the billion-dollar industry that has been built on government-supplied Global Positioning System information, for example.

What’s more, public access to government data can raise awareness of an issue or lead to smarter consumer choices. The website WeMakeItSafer, for example, aggregates government information about product recalls.

“Starting today, we’re making even more government data available online, which will help launch even more new startups,” President Obama said in a statement. “And we’re making it easier for people to find the data and use it, so that entrepreneurs can build products and services we haven’t even imagined yet.”

Government contractors and the open government community both applauded the executive order.

Hudson Hollister of the Data Transparency Coalition trade association notes that better maintained government data could help contractors save money by allowing them to automate more reporting and compliance processes.

“Spending and programs would become more efficient, because data standards would permit the deployment of big data analytics to find waste and fraud,” he says. “Even our capital markets would benefit, because public regulatory filings converted into open data would be a more accessible source of actionable information
for investors.”

- Joseph Marks

Secure Those Phones

The Office of Management and Budget sent agencies instructions for securing government-owned commercial smartphones and tablets in an effort to bring consistency to what had been an ad hoc patchwork of guidelines. The 104-page compilation of controls was accompanied by a manual for picking the most appropriate mobile device setup.

The instructions are part of a digital government strategy the White House laid out one year ago that called on agencies to “adopt a coordinated approach to ensure privacy and security in a digital age.”

The departments of Homeland Security and Defense, along with the National Institute of Standards and Technology, developed the baseline protocols as first steps only. Later guidance, for example, might focus on continuous monitoring of controls, cryptography, securing the data instead of the device, and ensuring data is only shared with authorized users.

- Aliya Sternstein

Savings Shortfall

An initiative to consolidate federal data centers is well short of its goal of $3 billion in reduced spending by 2015, according to the Government Accountability Office.

Only five of 24 federal agencies have reported estimated savings through 2014 and those total less than $700 million, according to the House Oversight and Government Reform Committee’s panel on government operations.

The proposed savings, which GAO expects the White House will achieve eventually, will come from moving data to computer clouds and using more efficient centers.

- Joseph Marks

The Health Records Mess

Secretary of Defense Chuck Hagel’s decision to modernize the Defense Department’s electronic health record through the purchase of commercial software looks like a setback for development of an integrated electronic health record with the Veterans Affairs Department.

Except for a passing reference, the Hagel memo makes no reference to the iEHR, and seems more of the same go-it-alone approach favored by the Pentagon.

This approach could run into serious congressional roadblocks. On May 14, the House Appropriations Committee backed language in the 2014 Defense spending bill that said no funds could be expended on any EHR project unless it is an open architecture that serves both departments.

In addition, Frank Kendall, undersecretary of Defense for acquisition, says 20 vendors have products that could meet the Pentagon’s needs—and since they all have lawyers, protests are inevitable.

- Bob Brewin

]]>

Tech Roundup

Aliya Sternstein, Bob Brewin, and Joseph Marks — Tue, 28 May 2013 09:56:18 -0400

Transparency Moves

President Obama’s fiscal 2014 budget proposal transfers control of USAspending.gov, the spending transparency website, from the General Services Administration to the Treasury Department.

The administration plans to give Treasury $5.5 million to manage the site, previously bankrolled by the congressionally mandated e-government fund, which is devoted to using the Internet to improve citizen services and access to public information.

“Treasury will conduct an analysis of the operation and information in USAspending and determine what changes in the medium or long term may be warranted,” a department spokeswoman says. “The collection of governmentwide financial management information is closely aligned with Treasury responsibilities.”

Whether the transfer from GSA to Treasury is good or bad news for transparency advocates is unclear, says Daniel Schuman, policy counsel for the Sunlight Foundation.

Congress envisioned the e-gov fund as a proving ground for technology-driven transparency initiatives, so it’s appropriate that the five-year-old USAspending should move to a permanent home, he says.

On the one hand, Treasury may be seen as a less political home for USAspending than the White House-based Office of Management and Budget; on the other hand, OMB has a better bully pulpit to force agencies to report spending and to make other transparency reforms, he says.

The USAspending transfer may leave more of the e-gov fund for other transparency initiatives such as the federal IT Dashboard, which tracks tech spending.

The president requested $20 million for the e-gov fund this year, but Congress typically appropriates less money than the White House requests.

- Joseph Marks

Budget Shift

The Defense Department has quietly shifted management and oversight of health information technology, including procurements, from the Military Health System and the TRICARE Management Activity, to Frank Kendall, undersecretary of Defense

for acquisition, technology and logistics.

One official said the move reflects frustration among senior Pentagon leaders with MHS’ efforts to procure new health IT systems, both independently and in partnership with the Veterans Affairs Department to develop an integrated electronic heath record. The departments have spent at least $1 billion during the past five years pursuing an integrated system.

The shift is a major blow to MHS and TRICARE.

Defense Secretary Chuck Hagel told lawmakers at a hearing of the House Appropriations Committee’s Defense panel on April 16 that he had taken personal responsibility for the iEHR and said in late March he had deferred a request for proposals for a new Defense electronic health record because “I didn’t think we knew what the hell we were doing.”

- Bob Brewin

CIOs Support IT Reform

Many government chief information officers think a proposed congressional overhaul that would give them broader authority over how their agencies buy information technology is a “step in the right direction,” according to TechAmerica’s CIO Insights survey.

In congressional testimony, CIOs typically avoid saying whether such budget authority would be helpful. Federal CIO Steven VanRoekel has said authority over IT spending is less important than CIOs having “a seat at the table” during agency mission discussions.

The survey found 76 percent of IT spending still goes to the operation and maintenance of existing systems, despite attempts to shift more funding to new initiatives.

- Joseph Marks

About That Job Description

In August 2010, then-Defense Secretary Robert Gates shut down the Office of the Assistant Secretary for Networks and Information Integration as one small piece of a budget cutting exercise, with a new and improved chief information officer shop taking over many of the tasks once performed by the office.

In late April, Deputy Secretary Ashton Carter sent out a memo that finally got around to transferring the responsibilities and functions of the disestablished Networks and Information Integration Office to the Defense CIO.

That memo clarified that the CIO—currently Teri Takai—will provide policy guidance on cybersecurity and gives her what looks like considerable sway over the IT budgets of the four services.

- Bob Brewin

]]>

Tech Roundup

Bob Brewin and Joseph Marks — Mon, 01 Apr 2013 00:00:00 -0400

Rebooting IT Acquisition

House Oversight and Government Reform Committee Chairman Darrell Issa, R-Calif., wants to overhaul the way the government buys information technology with legislation introduced in March.

Issa first floated the proposed IT reboot in September 2012 and has been gathering input from industry and government workers since then.

The Federal IT Reform Act would give chief information officers full budget authority, including the ability to shift agency funds from one project to another based on particular needs. It also would make agency CIOs presidential appointees. The bill was co-sponsored by Rep. Gerry Connolly, D-Va., ranking Democrat on the oversight panel’s main technology subcommittee.

The government’s $80 billion in annual IT purchases has been plagued by cost overruns and missed deadlines. Issa and others have touted technology’s ability to lower the overall cost of government by making operations more efficient and reducing the need for travel.

“Ultimately IT is the toll we pay to better spend $3.5 trillion,” Issa said. “It’s not about the $80 billion we spend on IT.”

His bill also will call for the title CIO to be reserved for just one person at each agency. There are now 243 CIOs across government; the excessive use of the title diminishes its authority, he said.

“This is a single point of accountability with the title of chief—someone who can say ‘I’ve got $6 billion, and I’ll be darned if I’ll waste it,’” he said.

- Joseph Marks

Replacing a Dinosaur

The Navy and the Defense Contract Management Agency have started the process of replacing the vintage 1996 Defense Department Standard Procurement System, which managed 800,000 contracts worth $190 billion in 2011.

In a request for information to potential vendors posted on FedBizOpps, the Navy said it wants to acquire an electronic procurement system to replace the contract writing capabilities of the Standard Procurement System. DCMA posted a notice seeking similar software.

Frank Kendall, undersecretary of Defense for acquisition, technology and logistics, mandated the sunset of the Standard Procurement System by September 2015 and directed the services to develop their own. The 17-year-old departmentwide system “is difficult to maintain and improve and is technologically fragile,” Kendall said in a 2011 memorandum.

Emerging technologies no longer require a “one size fits all” contracting system, he said.

- Bob Brewin

Averting the Next Scandal

The General Services Administration is considering building a menu of contractors offering services that can help agencies avoid the sort of conference spending scandals that rocked GSA itself in 2012.

Contractors listed on the menu would help centralize agencies’ conference and meeting spending in unified databases, ensure competitive pricing for purchases, minimize the risk of cancellation fees and archive key information to pass along to watchdogs, the request for information said.

If GSA moves forward with the project, meetings management would become a special item number on GSA’s Schedule 599 for Travel Services Solutions.

- Joseph Marks

How Rubber Cement Brought Down a $4.6 Million Drone

The Air Force used a rather weird approach to technology insertion with a Predator drone that crashed in Afghanistan on May 8,
2009, according to the service’s aerospace mishaps database.

Some unknown soul “tacked into place” a software chip that controlled an aileron on the wings of the armed Predator, using the same kind of silicone vulcanizing rubber cement used for minor car repairs, according to the Air Force crash report. This makeshift approach was aimed at facilitating easy removal of the chip for programming updates, the report said.

Alas, vibration in flight knocked the chip loose, which in turn knocked out operation of the aileron and led to the crash and destruction of the $4.6 million drone.

- Bob Brewin

]]>

Welcome to the Data Driven World

Joseph Marks — Mon, 01 Apr 2013 00:00:00 -0400

University of Wisconsin geologist Shanan Peters was frustrated by how much he didn’t know.

Most geological discoveries were locked away in troves of research journals so voluminous that he and his colleagues could read only a fraction of them. The sheer magnitude of existing research forced most geologists to limit the scope of their work so they could reasonably grasp what had already been done in the field. Research that received little notice when it was published too often was consigned to oblivion, wasting away in dusty journals, even if it could benefit contemporary scientists.

A decade ago, Peters would have had to accept his field’s human limitations. That’s no longer the case. In the summer of 2012, he teamed up with two University of Wisconsin computer scientists on a project they call GeoDeepDive.

The computer system built by professors Miron Livny and Christopher Re will pore over scanned pages from pre-Internet science journals, generations of websites, archived spreadsheets and video clips to create a database comprising, as nearly as possible, the entire universe of trusted geological data. Ultimately, the system will use contextual clues and technology similar to IBM’s Watson to turn those massive piles of unstructured and often forgotten information—what Livny and Re call “dark data”—into a database that Peters and his colleagues could query with questions such as: How porous is Earth’s crust? How much carbon does it contain? How has that changed over the millennia?

The benefits of GeoDeepDive will be twofold, Peters says. First, it will give researchers a larger collection of data than ever before with which to attack problems in the geosciences. Second, it will allow scientists to broaden their research because they will be able to pose questions to the system that they lack the expertise to answer on their own.

“Some problems were kind of off limits,” Peters says. “You couldn’t really think about reasonably addressing them in a meaningful way in one lifetime. These new tools have that promise—to change the types of questions we’re able to ask and the nature of answers we get.”

Order From Chaos

GeoDeepDive is one of dozens of projects that received funding from a $200 million White House initiative launched in March 2012 to help government agencies, businesses and researchers make better use of what’s called “big data.”

Here’s what that means: Data exist all over the world, in proliferating amounts. Satellites beam back images comprising every square mile of Earth multiple times each day; publishers crank out book after book; and 4.5 million new URLs appear on the Web each month. Electronic sensors record vehicle speeds on the Interstate Highway System, weather conditions in New York’s Central Park and water activity at the bottom of the Indian Ocean. Until recently, scientists, sociologists, journalists and marketers had no way to make sense of all this data. They were like U.S. intelligence agencies before the Sept. 11 terrorist attacks. All the information was there, but no one was able to put it together.

Three things have brought order to that cacophony in recent years. The first is the growth of massive computer clouds that virtually bring together tens or hundreds of thousands of servers and trillions of bytes of processing capacity. The second is a new brand of software that can link hundreds of those computers together so they effectively act like one massive computer with a nearly unlimited hunger for raw data to crunch.

The third element is a vastly improved capacity to sort through unstructured data. That includes information from videos, books, environmental sensors and basically anything else that can’t be neatly organized into a spreadsheet. Then computers can act more like humans, pulling meaning from complex information such as Peters’ geosciences journals without, on the surface at least, reducing it to a series of simple binary questions.

“For a number of years we’ve worked really hard at transforming the information we were collecting into something that computers could understand,” says Sky Bristol, chief of Science Information Services at the U.S. Geological Survey. “We created all these convoluted data structures that sort of made sense to humans but made more sense to computers. What’s happened over the last number of years is that we not only have more powerful computers and better software and algorithms but we’re also able to create data structures that are much more human understandable, that are much more natural to our way of looking at the world.

“The next revolution that’s starting to come,” he says, “is instead of spending a lot of energy turning data into something computers can understand, we can train computers to understand the data and information we humans understand.”

Big Promises

Big data has hit the digital world in a big way. The claims for its power can seem hyperbolic. A recent advertisement for a launch event for the book Big Data: A Revolution That Will Transform How We Live, Work, and Think (Eamon Dolan/Houghton Mifflin Harcourt, 2013) promised the authors would explain why the “revolution” wrought by big data is “on par with the Internet (or perhaps even the printing press).”

Big data’s promise to transform society is real, though. To see its effect one need not look to Guttenberg but to Zuckerberg, Page and Brin. Each day Facebook and Google chew through millions of pages of unstructured text embedded in searches, emails and Facebook feeds to deliver targeted ads that have changed how sellers reach consumers online.

Retailers are mining satellite data to determine what sort of customers are parking in their competitors’ parking lots, when they’re arriving and how long they’re staying. An official with Cisco’s consulting arm recently suggested big box retailers could crunch through security camera recordings of customers’ walking pace, facial expressions and eye movements to determine the optimal placement of impulse purchases or what store temperature is most conducive to selling men’s shoes.

Big data is making an appearance in international aid projects, in historical research and even in literary analysis.

Re, the University of Wisconsin computer scientist, recently teamed with English professor Robin Valenza to build a system similar to GeoDeepDive that crawls through 140,000 books published in the United Kingdom during the 18^th century. Valenza is using the tool to investigate how concepts such as romantic love entered the English canon. Ben Schmidt, a Princeton University graduate student in history, has used a similar database built on the Google Books collection to spot linguistic anachronisms in the period TV shows Downton Abbey and Mad Men. His assessment: The Sterling Cooper advertising execs of Mad Men may look dapper in their period suits but they talk about “keeping a low profile” and “focus grouping”—concepts that didn’t enter the language until much later.

The ‘Holy Grail’

The White House’s big data investment was spawned by a 2011 report from the President’s Council of Advisors on Science and Technology, a group of academics and representatives of corporations including Google and Microsoft. The report found private sector and academic researchers were increasingly relying on big data but weren’t doing the sort of basic research and development that could help the field realize its full potential.

The council wasn’t alone. The research arm of McKinsey Global Institute predicted in May 2011 that by 2018 the United States will face a 50 percent to 60 percent gap between demand for big data analysis and the supply of people capable of performing it. The research firm Gartner predicted in December 2011 that 85 percent of Fortune 500 firms will be unprepared to leverage big data for a competitive advantage by 2015.

The White House investment was funneled through the National Science Foundation, the National Institutes of Health, and the Defense and Energy departments, among other agencies. The grants are aimed partly at developing tools for unstructured data analysis in the private, academic and nonprofit worlds but also at improving the way data is gathered, stored and shared in government, says Suzi Iacono, deputy assistant director of the NSF’s Directorate for Computer and Information Science and Engineering.

As an example, Iacono cites the field of emergency management. New data storage and analysis tools are improving the abilities of the National Weather Service, FEMA and other agencies to predict when and how major storms such as Hurricane Sandy are likely to hit the United States. New Web and mobile data tools are making it easier for agencies to share that information during a crisis.

“If we could bring together heterogeneous data about weather models from the past, current weather predictions, data about where people are on the ground, where responders are located— if we could bring all this disparate data together and analyze them to make predictions about evacuation routes, we could actually get people out of harm’s way,” she says. “We could save lives. That’s the Holy Grail.”

One of the largest impacts big data is likely to have on government programs in the near term is by cutting down on waste and fraud, according to a report from the industry group TechAmerica released in May 2012.

The Centers for Medicare and Medicaid Services launched a system in 2011 that crunches through the more than 4 million claims it pays daily to determine the patterns most typical of fraud and possibly deny claims matching those patterns before they’re paid out. The government must pay all Medicare claims within 30 days. Because it lacks the resources to investigate all claims within that window CMS typically has paid claims and then investigated later, an inefficient practice known as “pay and chase.”

The board that tracks spending on President Obama’s 2009 stimulus package used a similar system to weed out nefarious contractors.

Big data is having an impact across government, though, in areas far afield from fraud detection. The data analysis company Modus Operandi received a $1 million Army contract in late 2012 to build a system called Clear Heart, which would dig through hundreds of hours of video—including footage from heavily populated areas—and pick out body movements that suggest what officials call “adversarial intent.” That could mean the posture or hand gestures associated with drawing a gun or planting a roadside bomb or the gait of someone wearing a suicide bombing vest.

The contract covers only the development of the system, not its implementation. But Clear Heart holds clear promise for drone surveillance, Modus Operandi President Richard McNeight says. It could be used to alert analysts to possible dangers or to automatically shed video that doesn’t show adversarial intent, so analysts can better focus their efforts.

The technology also could have domestic applications, McNeight says.

He cites the situation in Newtown, Conn., where a gunman killed 20 elementary school students and six adults. “If you’d had a video camera connected with this system it could have given an early warning that someone was roaming the halls with a gun,” McNeight says.

Big data’s greatest long-term effects are likely to be in the hard sciences, where it has the capacity to change hypothesis-driven research fields into data driven ones. During a panel discussion following the announcement of the White House big data initiative, Johns Hopkins University physics professor Alex Szalay described new computer tools that he and his colleagues are using to run models for testing the big-bang theory.

“There’s just a deluge of data,” the NSF’s Iacono says. “And rather than starting by developing your own hypothesis, now you can do the data analysis first and develop your hypotheses when you’re deeper in.”

Coupled with this shift in how some scientific research is being done is an equally consequential change in who’s doing that research, Iacono says.

“In the old days if you wanted to know what was going on in the Indian Ocean,” she says, “you had to get a boat and get a crew, figure out the right time to go and then you’d come back and analyze your data. For a lot of reasons it was easier for men to do that. But big data democratizes things. Now we’ve got sensors on the whole floor of the Indian Ocean, and you can look at that data every morning, afternoon and night.”

Big data also has democratized the economics of conducting research.

One of NIH’s flagship big data initiatives involves putting information from more than 1,000 individual human genomes inside Amazon’s Elastic Compute Cloud, which stores masses of nonsensitive government information. Amazon is storing the genomes dataset for free. The information consumes about 2,000 terabytes—that’s roughly the capacity required to continuously play MP3 audio files for 380 years—far more storage than most universities or research facilities can afford. The company then charges researchers to analyze the dataset inside its cloud, based on the amount of computing required.

This storage model has opened up research to huge numbers of health and drug researchers, academics and even graduate students who could never have afforded to enter the field before, says Matt Wood, principal data scientist at Amazon Web Services. It has the potential to drastically speed up the development of treatments for diseases such as breast cancer and diabetes.

Over time, Wood says, the project also will broaden the scope of questions those researchers can afford to ask.

“If you rewind seven years, the questions that scientists could ask were constrained by the resources available to them, because they didn’t have half a million dollars to spend on a supercomputer,” he says. “Now we don’t have to worry about arbitrary constraints, so research is significantly accelerated. They don’t have to live with the repercussions of making incorrect assumptions or of running an experiment that didn’t play out.”

]]>

GSA Releases Draft Solicitation for Massive Professional Services Contract Vehicle

Joseph Marks — Thu, 28 Mar 2013 15:10:25 -0400

The General Services Administration moved one step closer to launching an overarching contract vehicle for professional services Thursday by releasing two draft requests for proposals.

The agency is inviting comments on the draft RFPs and through its GSA Interact system.

The contract vehicle, known as One Acquisition Solution for Integrated Services, or OASIS, would include contracts for accounting, communication, security and transportation, among other services.

OASIS would be an indefinite delivery, indefinite quantity contract that would last 10 years in its first incarnation, according to the draft RFPs. GSA's two draft solicitions were a general RFP and another focused on small businesses.

Once GSA chooses companies to participate in OASIS, those companies can compete to provide services to government agencies, including the Defense Department, on an ongoing basis.

GSA hasn’t yet determined the price ceiling for all services provided under OASIS, according to the draft RFP.

“OASIS will complement GSA’s Multiple Award Schedules program and provide agencies with more flexible full-service options,” GSA said in a statement. “OASIS will also drive better outcomes for the federal government around reducing costs and expenses, improving operating efficiency and increasing focus on socioeconomic contracting goals.”

The team developing OASIS sought input from the contracting community and the public earlier this year and met with over 60 people interested in the project in one-on-one sessions, according to the statement.

Correction: The original version of this story mischaracterized how services will be purchased under OASIS. Companies selected to participate will be able to compete for federal contracts with agencies including the Defense Department.

(Image via Lisa S./Shutterstock.com)

]]>

Tech Roundup

Aliya Sternstein, Bob Brewin, and Joseph Marks — Fri, 01 Feb 2013 01:00:00 -0500

Radio Static

The Homeland Security Department spent $430 million on a fruitless plan to enable radio users departmentwide to communicate on the same frequency, according to an internal audit released in November 2012.

Of 479 radio users the DHS inspector general tested, only one knew how to tune in to the common channel, the report stated. Employees either were unaware the channel existed, could not find it, or switched to an outdated channel inherited from the Treasury Department.

“Personnel do not have interoperable communications that they can rely on during daily operations, planned events and emergencies,” acting IG Charles K. Edwards wrote in the report.

About 123,000 employees use the handheld and mobile radios. Homeland Security this spring shelled out $3 billion for new tactical communications to serve the entire department, along with the White House and the Interior, Justice and State departments.

The root of the disconnect, according to the report, is top department leaders have provided little guidance and no enforcement to ensure personnel use the channel. The shift to a single frequency began when the department formed in 2003.

The department rejected the IG’s recommendation that leaders create an office with the power to ensure users across agencies can communicate with each other. In an undated response to a draft report, DHS officials explained they already have such an entity overseeing interoperability, called the Joint Wireless Program Management Office.

The IG replied that the office is toothless.

“The structure, based upon cooperation and not authority, is the same management approach that proved ineffective in the past,” Edwards wrote. “The department has a high probability of repeating past mistakes.”

- Aliya Sternstein

Digital Savings

The $34 million Federal Citizen Services Fund, which pays for tools such as a template for writing federal
purchase orders and the USA.gov website, saved the government nearly twice that dollar figure in fiscal 2012, officials say.

The fund pays for much of the work done by the General Services Administration’s Office of Citizen Services and Innovative Technologies. The $64 million in savings comes primarily from using free or low-cost services provided by OSCIT and from eliminating duplicative purchases, according to the office’s annual report.

Some highlights:

- The government’s search engine Search.usa.gov has more than doubled the websites it supports to 1,100.

- Federal agencies signed 728 service agreements with 58 social media providers and GSA negotiated agreements with Foursquare, Google Plus, Storify, Tumblr and others.

- Officials working on the office’s First Fridays project tested the usability of 26 federal websites, 61 percent more than in 2011.

- Joseph Marks

Destination Pinterest

The Obama administration joined the social media site Pinterest late last year by pinning a registration form to attend a White House “holiday social” in December.

The White House also posted its first set of pinboards that day, and administration officials sought advice from commenters about how they should use Pinterest.

The administration is likely to post “pins and boards that range from inspiring images and quotes to infographics that help explain key issues to details about the life inside the White House,” a blog post said.

The General Services Administration has penned a service agreement with Pinterest that other agencies can adopt.

- Joseph Marks

Easing Into Civilian Life

The Defense and Veterans Affairs departments have beefed up their Transition Assistance Program for troops leaving the armed services. They have set up a one-stop website with the Labor Department replete with resources to ease the way from military to civilian life and careers.

These include online career transition courses, an employment hub with tips on how to craft a résumé and handle job interviews, a resource directory for ill or wounded troops, and a guide on how to file disability claims early.

I had none of these resources available to me when I left the Marine Corps in 1967. My transition amounted to heading back to New York City on my lonesome. The development of this website is a sign that bureaucracies can change for the better.

- Bob Brewin

]]>

When the People Speak Is Anyone Listening?

Joseph Marks — Fri, 01 Feb 2013 01:00:00 -0500

The White House’s online petition website We the People showcased both unity and division as 2012 came to a close.

Division came first. In the weeks after President Obama’s reelection in November 2012, citizens from all 50 states took to the site to demand permission to secede from the union. Unity followed in December when 200,000 people signed a petition to urge stricter gun control laws in just five days following the deadly shooting of 20 students and six adults at Sandy Hook Elementary School in Newtown, Conn.

A separate petition asking the president to designate the Westboro Baptist Church, which pledged to picket the funerals of Sandy Hook victims, as a hate group garnered more than 300,000 signatures, setting a new record for a We the People petition.

This schizophrenia is nothing new for We the People, which has played many roles during its 18-month life span.

President Obama called the site “a direct line to the White House on the issues and concerns that matter most” to citizens when it went online in September 2011. Anyone can launch a petition on the site and promote it through social media. The White House pledged to respond formally to petitions that receive more than 25,000 signatures. It increased the threshold to 100,000 signatures in January.

Others, however, quickly deemed We the People a haven for kooks, cranks and stoners. The first set of petitions that earned a response included eight seeking more liberal marijuana laws, one asking to phase out the penny and two demanding the government come clean about its communications with space aliens.

We the People then went through a fallow period. Petitioners were disappointed with what they saw as rote replies from government functionaries, mostly restating existing policy. One of the most popular petitions from this period urged officials to “actually take these petitions seriously instead of just using them as an excuse to pretend you are listening.”

The string of postelection secession petitions brought We the People fully into the public eye. They were featured everywhere from Fox News to The Daily Show.

The Texas petition rapidly became one of the most popular ever posted to the site. That forced a disavowal from Texas Gov. Rick Perry, who has been accused of advocating secession in the past.

White House Press Secretary Jay Carney penned a response to the petitions in January saying democracy’s goal should be to “form a more perfect union,” not to tear the current one apart.

Harvard University professor Archon Fung recommends keeping We the People’s secession flurry in perspective. The Texas petition received 125,000 signatures. That’s only a tiny fraction of politically engaged Americans online. Petitions from Louisiana received 37,000 signatures and Florida 35,000.

A Change.org petition asking Florida officials to charge George Zimmerman in the February 2012 shooting of teenager Trayvon Martin, by comparison, received more than 2.2 million signatures. It also, arguably, helped catalyze the public outcry and media storm that led to Zimmerman being charged with second-degree murder in April.

“I think if you take the petition mechanism seriously, you have to have a view about what’s enough to take notice and say, ‘this is something people care about,’” Fung says. “Is 120,000 signatures a lot? It doesn’t strike me as very much.”

Fung says he was impressed by the velocity of signatures on the gun control petition, which was posted around the same time several members of Congress were reversing long-held opposition to any new gun regulations. That petition became the most popular ever posted to the site after just three days online.

He criticized the White House for cutting off new signatures when it responded to that petition after only one week, saying it would have been instructive to see how high the signature count might have gone.

Fung’s research focuses on public engagement in government policy. He draws a distinction between public participation and deliberation. He gives We the People some credit for stoking participation but faults the project for not including a deliberative component, which he considers much more important.

“The nature of a petition is that people express a view they already have, and it doesn’t give them an opportunity to reflect on other views or consider alternatives,” he says.

In other words, We the People is basically about broadcasting two messages to the world. A citizen makes one statement when she writes up her petition. If that petition reaches the threshold of 100,000 signatures, someone in government will pen a response. That closes the loop. Everyone else only has the choice of signing onto the original petitioner’s statement or passing it by.

Instead of writing a blanket reply to the secession petitions, Fung says, the White House could have invited a delegation of secessionists for a chat with administration officials. Through deliberation, he says, the group might have come up with some less fundamental conciliation the White House could make. At the very least, it would have shown the White House is seriously listening to their concerns.

One of the chief barriers to civic discourse, Fung says, is that the more politically charged an environment is, the more likely people are to descend into hostility and refuse to compromise. As evidence he cites the discussion tabs on two Wikipedia pages: one for Hillary Clinton and the other, black holes. Though she represents a much less complex phenomenon than intergalactic physics, Hillary has generated significantly more controversy.

Simply because it was built and promoted by the White House, We the People is bound to draw a heated crowd, Fung says.

Those partisans aren’t limited to secessionists. A Government Executive analysis two weeks after the secession petitions began appearing on We the People found about half the newly posted nonsecession petitions advocated a strongly liberal or conservative position. The liberals and conservatives were about evenly split. A similar analysis the year before found liberals vastly outweighed conservatives on the site.

Even during such a highly partisan period, almost one-third of new We the People petitions advocate relatively neutral causes such as creating a more standardized procedure for granting presidential pardons and better regulating the water level of Lake Huron. One petitioner who crossed the response threshold, however, asked the Obama administration to begin construction on a Star Wars-style Death Star. That would both explode the national debt and cause international friction, a tongue-in-cheek White House response noted.

If there are winners among We the People petitioners, it’s likely the nonpartisans who are seeking relatively minor changes to federal regulations and who might not otherwise be able to bend the administration’s ear.

The administration credited We the People petitioners with helping cement its opposition to the proposed Stop Online Piracy Act, a controversial but largely nonpartisan bill that would have made Web hosts such as YouTube legally liable for content posted to their sites. Another petition asking for tighter restrictions on large-scale dog breeders actually produced a proposed rule from the Agriculture Department’s Animal and Plant Health Inspection Service that’s working its way through the regulatory process.

“It’s an ongoing problem where people in the country feel like they can’t get their voices heard,” says Kathleen Summers, who manages the Humane Society of the United States’ Puppy Mills Campaign and authored the dog breeder petition. “To some extent it will always be that way with government. No one can expect a personal response to every letter they send. That’s why this site is really helpful, because it lets the most important issues rise to the top.”

]]>

Agencies want better guidance on BYOD

Joseph Marks — Wed, 26 Dec 2012 00:00:00 -0500

Federal agencies want better guidance from the White House on how, when and whether they should reimburse employees who use their own mobile devices for government business, according to a coalition of technology officials.

Agencies also want better guidance on the legal, financial and privacy implications of switching to so-called bring-your-own-device, or BYOD, policies, according to the Dec. 11 report from the federal Chief Information Officers Council.

One of the greatest barriers to BYOD adoption, and to mobile adoption in government generally, is the lack of adequate processes to keep government data encrypted, the report said.

If data is sufficiently encrypted it can be viewed on a smartphone or tablet and not leave a trace on the device itself after the employee closes out of it. That would limit the danger of a lost phone turning into a million-dollar problem.

Agencies also would like better established protocols for how to use authentication, the report said. That means ensuring the person on the other end of the smartphone or tablet is who he says he is.

The government’s top technology officials should establish a cross-agency team to examine the legal and privacy implications of employees using nongovernment furnished mobile devices, the report recommended.

“As the pace of technology advancement continues to increase, standards and processes must be updated and new technologies developed to allow the continued use of commercial off-the-shelf products,” the report said, “giving government users access to the latest technologies to meet their missions without sacrificing privacy and security.”

(Image via Stuart Miles/Shutterstock.com)

]]>

The era of government-supplied technology for employees is eroding

Joseph Marks — Wed, 12 Dec 2012 11:26:00 -0500

The next four to eight years in federal IT will be defined by what workers increasingly lack, experts say, including agency-issued phones, tablets and even laptops for telework.

“Bring your own device” policies already have been rolled out at some agencies, mostly on a voluntary basis. As the years roll on and agency-issued BlackBerrys and other product lines wear out, those policies will become increasingly common and, in some cases, mandatory, experts say.

The most basic reason is efficiency.

“Apple just released the iPhone 5,” said Darren Ash, chief information officer at the Nuclear Regulatory Commission and president of the American Council for Technology. “In the Android market it seems like a new model comes along every month. We can’t keep up.”

But there’s a deeper reason too. Just as the government doesn’t provide most employees with cars or Metro passes, some argue there’s no fundamental reason agencies should spend energy and resources providing workers with cellphones when they’re perfectly willing to get one for themselves. In fact, many employees would rather choose the product they want. It’s a trope of government technology conferences that many federal employees carry a government-issued BlackBerry in one pocket and a personal iPhone or Android in the other. In theory, reducing that clutter would be good for agencies, employees and the government’s carbon footprint.

Agencies have said they might offset this new employee burden with a stipend.

But resistance to a BYOD policy has been twofold. First, officials don’t trust iPhones and Androids to keep government information secure from hackers. Second, agencies aren’t sure they trust employees to not leave devices full of sensitive government documents sitting unsecured in the back seats of taxis or let children play Angry Birds on them.

Employees, for their part, don’t much like the idea of giving security officials power over their devices, which can be the equivalent of a personal diary, a calendar and a family photo album wrapped into one.

Officials are likely to crack both of these problems over the next administration or two, experts say. At the center of both will be a robust identity management system -- one that knows who you are and where you are and that can keep work and personal information separate, said Karen Evans, who was e-government director during the George W. Bush administration. On the work side of the device, security officials would be able to control settings and remotely wipe away any data if the device was compromised, she said. Evans is now national director for the U.S. Cyber Challenge, an organization devoted to bringing more technology students into the public and private cybersecurity workforce.

An effective identity management system also would require a mobile-based biometric identification, such as a fingerprint or iris scan, to reach classified or sensitive information, IBM’s Chenok says. That technology isn’t commercially available and there are no government standards for it, but it should be on its way within the decade, he says.

With BYOD, as with collaborative technologies and other advances, four or eight years might be long enough for the beginning of a culture change, but the government moves like a battleship not a speedboat, said Steve Charles, co-founder and executive vice president of ImmixGroup, a federal technology contractor. The rule, he says, will be a lot of pilots and a lot of time before the ship of state changes course entirely.

“Look at how long it took for management to start to take seriously the idea that you can legitimately telework,” he says. “That took five or six years at least. The same thing will happen with BYOD or BYO anything. The activities from one shop to the next are so disparate. The idea the whole government is going to wholesale change how everyone operates is ridiculous. The short answer is it’s going to happen piecemeal.”

]]>

Tech Roundup

Aliya Sternstein, Bob Brewin, and Joseph Marks — Sat, 01 Dec 2012 00:00:00 -0500

Tracking Diplomats

The agency charged with securing U.S. embassies plans to purchase a system that could locate and track diplomats during an emergency based on the signals beaming from their satellite and cellphones, documents show. That system could be extremely effective at monitoring security during an embassy or consulate attack, but also could expose diplomats to new dangers if the system were hacked.

The personnel tracking locator system would replace nine-year-old technology that the State Department’s Diplomatic Security Service uses to pinpoint the location of employees both at embassies and domestically. It’s not clear whether the existing personnel tracker played any role in the State Department response to the Sept. 11 attack in Benghazi, Libya, that killed Ambassador J. Christopher Stevens and three other diplomats. The department declined to answer questions about the current tracking system or its proposed replacement.

“What’s dangerous about this is that these systems can be hacked so they could basically be beaconing [diplomats’] positions,” says Tom Kellermann, vice president of cybersecurity at Trend Micro, a company that develops antivirus software.

“There’s a phenomenon all through the U.S. government where physical and personal security folks adopt technology to provide more kinetic security and, in fact, they open up an entirely new can of worms,” Kellerman adds.

DSS is responsible for securing embassies from attack and for protecting certain State Department officials traveling abroad. The service also is responsible for guarding some foreign dignitaries traveling in the United States.

- Joseph Marks

Stormy Forecast

The Obama administration’s plan to share weather satellite frequencies with commercial cellular carriers could degrade scientists’ ability to forecast hurricanes and monitor flooding, weather and spectrum, experts told Nextgov.

The Federal Communications Commission proposed reallocating spectrum used by weather satellites in the 1675-1710 MHz band for commercial use in its 2010 National Broadband plan, a shift widely opposed by weather organizations worldwide. FCC and the National Telecommunications and Information Administration in August narrowed the portion of spectrum up for grabs to the 1695-1710 MHz band and endorsed sharing it with commercial users.

John Snow, professor of meteorology at the University of Oklahoma, says this plan could interfere with the reception of data from satellite sounding instruments that measure atmospheric temperatures, cloud cover, moisture and humidity. Weather satellite instruments play a key role in assessing conditions over oceans—where hurricanes form—because forecasters do not have other means of measuring key parameters as they do over land, Snow says.

- Bob Brewin

Cyber Safeguards

U.S. and foreign government officials, along with antivirus companies and banks, have formed a coalition to push for adoption of electronic safeguards that could help them avoid data breach lawsuits.

Led by a veteran of the National Security Agency, the Consortium for Cybersecurity Action is proposing a set of 20 security controls for immunizing computer systems.

“This is about priority,” said Tony Sager, who in June retired from NSA. The 20 steps are “the most important defenses that every firm should put in place that are of greatest value.”

- Aliya Sternstein

Demonstrating Telework’s Value

While much of the federal workforce in Washington took Oct. 29 to 30 off when Hurricane Sandy pounded the East Coast, 2,000 employees at the Defense Information Systems Agency—roughly 40 percent of DISA workers—continued to work from home thanks to a well-developed telecommuting plan put in place more than five years ago.

DISA spokesman Steven Doub said employees who are authorized to telework were instructed to take their laptops home the weekend prior to the storm as a precautionary measure so they could take unscheduled telework as needed.

Although some Washington-area federal workers probably lacked power and Internet service and had to deal with storm damage, Sandy makes a good argument for having a governmentwide telework infrastructure.

- Bob Brewin

]]>

Up to the Challenge

Joseph Marks — Sat, 01 Dec 2012 00:00:00 -0500

In February 2011, the South Harbor Maine-based startup Flagsuit won a contract to develop new astronaut gloves for testing at NASA’s Johnson Space Center in Houston. It was a big opportunity for Flagsuit founder and chief executive Peter Homer, who was managing a South Harbor community center when he first spotted a NASA prize competition online six years earlier.

The competition—to build a more flexible glove—was one of the Centennial Challenges that NASA has been offering annually since 2003 to commemorate the 100^th anniversary of the Wright brothers’ first flight.

These challenges are sometimes focused on acquiring specific technology, says Jenn Gustetic, NASA’s challenges and prizes program executive. Just as often, though, they’re a method to spur competition in an underdeveloped market or to bring in expertise from outside fields so the same old problems aren’t always tackled in the same old ways, she says.

A survey of the roughly 7,500 people who entered a NASA competition to find a better method of predicting solar flares, for example, found 81 percent of the entrants had never competed for a traditional NASA contract, Gustetic says. The winner of that 2009 challenge wasn’t an aerospace expert but a retired radio frequency engineer from Lempster, N.H. His tool can predict solar flares 24 hours in advance with 75 percent accuracy, NASA officials say, and could significantly reduce astronauts’ exposure to damaging radiation.

Harvard Associate Professor Karim R. Lakhani has found competitors from outside a challenge’s primary field are actually more likely to find winning solutions than those who are in it. The more distant the field the better, he says.

Homer was one of those outsiders. He’d spent the early part of his career as a mechanical engineer in General Electric’s satellite division, but engineering was far from his daily life. He thought the challenge looked like something “a guy in his garage” might be able to tackle.

Homer worked in fits and starts on his challenge entry at first. “It was a side project I got myself involved in out of intellectual curiosity,” he says. “My goal was to make a showing so I wouldn’t feel like I embarrassed myself.”

With about three months to go, Homer got serious. He started spending most evenings and weekends working on the glove and invested a few thousand dollars from his savings. “That’s all I really had,” he says. “I got good at scrounging materials and utilizing resources like eBay.”

With six weeks to go, Homer decided his original design was beyond saving. He threw it out and started over, working faster and learning from his mistakes. The gamble paid off. In May 2007, Homer was awarded the competition’s top prize: $250,000.

Homer founded Flagsuit that same year, partially at the urging of space industry officials who had kept an eye on the competition. In 2009, he won a second competition phase. By 2011, he had his contract with NASA, which means his gloves might one day find their way onboard the International Space Station or on missions to Mars. He also was contracting with commercial space companies and industrial firms that needed gloves with similar characteristics.

“I’m totally here now because of that challenge and because of what happened afterwards,” he says. “I think this is a great value because the sponsoring organization gets a lot of information and good ideas and they only pay for the ones that bear fruit.”

Homer’s assessment—and his story—is what’s behind Challenge.gov, an Obama administration initiative that has hosted more than 200 competitions since its 2010 launch focused on everything from air quality to arms control to blocking illegal robo calls.

It’s often difficult to untie the final knot, though: putting technology built by challenge competitors to work.

This is partly due to regulations that require agencies to buy goods and services through standard procurement procedures rather than by other means such as prize competitions, Gustetic says.

In some cases, NASA competitions eventually lead to a contract with a company founded by the winner, as was the case with Homer and Flagsuit. That can be a lengthy process, though, and requires a lot of post-award work by the winner.

Homer has nothing but praise for NASA’s challenge team but says there was little initial follow up from the agency’s spacesuit designers. “That changed, but it didn’t happen overnight, and it took a lot of relationship building,” he says.

There are shorter paths, Gustetic says, but there’s no silver bullet.

In some cases NASA hires the organization running the competition as a prime contractor and the terms of the challenge state the winner’s work will be handed over to NASA as, essentially, the work of a subcontractor.

In other cases, technology developed during a competition is acquired by a major NASA supplier, which incorporates the invention into its own products and sometimes hires the winner, she says.

Regardless of whether winning technology makes its way directly to NASA, everything developed during a competition helps to expand the market, according to Gustetic.

“We’re asking folks to think about new technology or new applications of technology that folks largely aren’t working on yet,” she says. “You may have only one or two or three winners, but you could then get a potential pool of people that become a viable industry . . . We could say, ‘you guys now have solutions in this space; let’s figure out which one we want to procure.’ ”

]]>

Could Social Networking Kill Email in the Office?

Joseph Marks — Wed, 28 Nov 2012 00:00:00 -0500

Could social networking actually replace email and phone calls in the workplace? One agency thinks so. The National Nuclear Security Administration plans to roll out a social network next spring that will replace many of its traditional modes of communication.

The platform, called One Voice, is a pilot that other divisions of the Energy Department might adopt in the future, NNSA Chief Technology Officer Travis Howerton told a recent federal technology policy forum sponsored by the Association for Federal Information Resources Management, a government-industry partnership. The initial launch will include the agency’s roughly 45,000 employees and contractors spread across 10 locations.

Howerton described the social networking program as similar to Facebook, with a broadly accessible layer that everyone in the system can look at, as well as numerous subcommunities for employees in particular divisions or with certain expertise. Accessing the site will require extensive authentication and additional security controls will apply to specific communities that discuss sensitive information. The social networking platform will include embedded systems for instant messaging, Web conferencing and other tools.

“The way I like to describe where we’re going is today we’re chartered to make weapons of mass destruction using a weapon of mass distraction, which is email,” Howerton said. “How much of your email is actionable? Ten percent, maybe 15? The rest of it is people cc-ing you on things they think you need to know that you really don’t. And there’s 60 percent of it that’s just straight spam.”

One Voice is part of an Energy Department information technology reform effort Howerton is leading called RightPath. If the NNSA pilot proves successful, other Energy divisions will be able to adopt the network without significant additional testing, he said.

“We’re approving an IT modernization strategy that says this is the answer for the agency, but what we want to do is prove it at scale,” Howerton said. “We want to crawl-walk-run, but it is an agencywide goal to get to that end state.”

A social information exchange rather than a one-to-one email exchange can help employees filter out extraneous information and reduce the pressure to send unnecessary responses, according to Howerton. It also can bring useful participants into a conversation that an emailer might not have thought to include and filter out those who are not essential, he added.

“If we have multiple projects coming up and we want to get a feel for what the community thinks, we have the ability to quickly put that out and get feedback,” Howerton said. “It has things like town halls in it and we can publish video out to our constituents.”

The system will archive all information to guard against losing institutional knowledge when an employee leaves the agency or changes jobs.

The greatest challenge in adopting the system has been developing the architecture to support it, Howerton said, such as a cloud-based network that reaches all the agency’s dispersed offices and an authentication system to ensure the platform is secure.

Once the system is operating, NNSA will consider integrating other workplace functions into it, such as training, he added.

“This will foundationally change the way people work,” Howerton said. “If you look at moving to a virtual workforce, one of the things you lose is those relationships. If you’re working from home every day, a social network allows you to build relationships with people in your community and establish status.”

]]>

Government has Shuttered 64 Data Centers Since August

Joseph Marks — Fri, 16 Nov 2012 17:03:00 -0500

The government has shuttered 382 data centers since 2010, 64 of them in the past three months, according to updated figures the Office of Management and Budget released Thursday.

Agencies plan to close 315 more centers by the end of September 2013, according to a spreadsheet posted to the government open data platform Data.gov.

The government had closed 318 data centers as of the last update in August. The latest update included all data centers closed as of Oct. 26.

OMB plans to shut down about 40 percent of the government’s original stock of roughly 3,100 data centers by the end of 2015. The program is expected to save $5 billion, though those savings won’t all have accrued by the 2015 deadline, federal Chief Information Officer Steven VanRoekel has said.

The initiative is aimed at modernizing the government’s computer storage by shifting to more efficient consolidated data centers and to computer clouds.

]]>