Federal Government Information Access Policy*
Taken and updated from Agenda for Access, OMB Watch http://www.ombwatch.org/article/articleview/526/1/74/ (2/02)
Initially created by Susan Doran, Knowledge Management Consulting. With appreciation to Charles McLure for his bibliography, "Selected Federal Policies Affecting the Development and Management of Website" http://istweb.syr.edu/~mcclure/Fed.IT.Webpolicy.bib.May18.1.html
Policy
Management of Federal Information Resources
Paperwork Reduction Act
Identifying
NumberOMB Circular A-130
Public Law 104-13 [44 USC Section 35]
Date of Action-
Status1985 Revised 1993, 1994, 1996 (minor); revisions proposed April 13, 2000
1980 Reauthorized in 1986; amended in 1989, 1995; up for reauthorization in 2001, introduced in House 2/27/2001.
Description/
SummaryProvides implementing guidance for the Paperwork Reduction Act (PRA). Frames the responsibility to inform the public as integral to agency's mission, thus encouraging agencies to proactively disseminate information, rather than solely reacting to public information requests. Directs agencies to maintain inventories of-or other search and retrieval aids to-their information resources to meet agencies' own records management goals and to help the public gain access to government information (see GILS). Instructs agencies to avoid disseminating information solely through electronic means, unless the agency knows that a substantial portion of the intended audience has ready access to the necessary information technology, or that exclusive use of such method would not impose substantial costs to users. Requires agencies to conduct information collection and processing to protect personal privacy and guarantee confidentiality, consistent with PRA and the Privacy Act. Encourages agencies to share and cooperatively manage information with other agencies. Defines "information resources management" as both government information itself and its related resources (personnel, equipment, funds, and technology). Promotes agency investment in information technology to lower the cost of federal program administration, and to reduce burden and improve service delivery to the public. Directs agencies to apply lifecycle management practices and benefit/cost evaluation to information resource management and dissemination activities.
Proposed revisions will bring the Circular into accord with the 1995 Paperwork Reduction Act, the E-FOIA amendments of 1996, and the Clinger-Cohen Act.Addresses two primary areas: (1) agency information dissemination and access practices, under the umbrella of information resources management (IRM), and (2) the collection of information from the public, and the relative burden that such collection might create. Directs agencies to implement a management system for all information dissemination products, and states that, at a minimum, such a system would: (1) assure that information dissemination products are necessary for proper performance of agency functions, (2) ensure that members of the public with disabilities have reasonable access, (3) facilitate availability of government publications to depository libraries through the Government Printing Office, and (4) include, as an integral part, communication with the public to include adequate notice when initiating, substantially modifying, or terminating significant information products. Establishes the Office of Information and Regulatory Affairs within OMB to establish consistent and uniform IRM policies throughout the federal government, and to oversee the establishment of a Government Information Locator Service (formerly Federal Information Locator Service-see GILS) facilitate identification and sharing of information among federal agencies. The 1995 amendments instruct agencies to avoid making electronic information dissemination the sole means of disseminating the product unless the agency knows that a substantial portion of the intended audience has ready access to the necessary information technology or that exclusive use of such method will not impose substantial acquisition costs on the users. Reminds agencies that their information dissemination practices are to be based upon equitable and timely terms, to achieve the best balance between the goals of maximizing usefulness of the information and minimizing the cost to the government and the public. OMB Memorandum M-95-22 (1995) issues guidance to agencies to: (1) increase their knowledge of information users and user needs; (2) improve quality of information services and products; (3) notify the public about changes in information dissemination; and (4) consider other relevant federal policies (e.g., FOIA) when developing information dissemination strategies.
Web Links
http://www.whitehouse.gov/omb/
circulars/a130/a130trans4.htmlhttp://www4.law.cornell.edu/uscode/
44/ch35.html
http://www.whitehouse.gov/OMB/
memoranda/m95-22.html
Policy
FOIA - Freedom of Information Act
E-FOIA: Electronic Freedom of Information Act
Identifying
NumberPublic Law 89-554 [5 USC Section 552]
Public Law 104-231 [5 USC Section 552]
Date of Action-
Status1966 (amended in 1974, 1976, 1978, 1984, 1986, 1996)
1996 (amends 5 USC 552 - FOIA)
Description/
SummaryProvides a means for the public to access information created and held by federal agencies. "Those seeking information are no longer required to show a need for information. Replaces the "need to know" standard with a "right to know" doctrine. The government now has to justify the need for secrecy. "Requires agencies to disclose records, upon written request by an individual, unless the records fall within one of 9 exemption areas (including classified information, agency administration and personnel information, trade secrets and confidential information). Does not apply to documents produced or held by federal elected officials, including the President, Vice President, Senators, and Congressmen. Provides administrative and judicial remedies when access is denied. A White House Memorandum on FOIA (1993) urged agencies to take initiative in providing better access to agency information, namely through electronic means. The 1996 amendment addresses electronically created information (see E-FOIA). In 1997, the Supreme Court yesterday let stand a lower-court ruling that records kept by the president's National Security Council are not subject to disclosure under the Freedom of Information Act.
Mandates agencies to make all reasonable efforts to provide government records available to requestors in the medium of their choice. Amends FOIA's definition of "record" to mean that all information collected and maintained by an agency (except as exempted by the Act), regardless of format, is subject to E-FOIA. Encourages agencies to use technology to ensure greater public access-to simplify the process; decrease response time; increase consistency and quality of information provided; and enhance usefulness of information collected, maintained, and disseminated. Requires agencies to expand the types of records to be made available online, and to make reasonable efforts to search for information in electronic form or format. Directs each agency to establish: (1) electronic reading rooms to organize and make accessible specific categories of agency information (e.g., opinions, policy statements, staff manuals) and a new category-- records already released through FOIA that are expected to be "repeatedly requested"; (2) reference guides to educate the public on how to request and obtain records; and (3) an index of all of an agency's major information systems, and a description of these and of records locator systems maintained by the agency. OMB has recommended that these be available through the agency's web site or a Government Information Locator Service "presence" (see GILS).
Web Links
http://www4.law.cornell.edu/uscode/
5/552.html
http://www.gwu.edu/~nsarchiv/nsa/
efoia.html
http://www.whitehouse.gov/OMB/
memoranda/m97-10.html
http://www.whitehouse.gov/OMB/
memoranda/m9809.html
Policy
Federal Records Act
Presidential Records Act
Identifying
Number44 USC Section 3301
44 USC Section 2201-2207
Date of Action-
StatusOct. 22, 1968; amended Oct. 21, 1976
November 4, 1978
Description/
SummaryDefines federal records as any document or material that is made or received in the course of government business, which should be kept as evidence of that business or because it contains valuable information. The FRA was amended in 1976; expanded ''records'' to include ''machine readable materials.'' In August 1995, NARA issued a revised regulation on records management, emphasizing that electronic mail messages may be records under the Federal Records Act. Electronic messages, documents, and files are records when they meet the definition of federal records-i.e., that can be read by using a computer or other electronic device, including email correspondence, word processing documents, and records located on an agencies' World Wide Web site. Plans and capabilities for storing electronic records vary greatly across government. Agencies apparently lack specific guidance in determining whether such things as routine e-mail messages are electronic records worthy of preserving. NARA is issuing new guidance to agencies on management of electronic records, but has postponed a survey that would have assessed the extent to which agencies use electronic records management programs. (See Government Accounting Office's report, "National Archives: Preserving Electronic Records in an Era of Rapidly Changing Technology"-GGGD-99-94.) (Also see "Electronic Records Management")
The Presidential Records Act (PRA) changed the legal status of Presidential and Vice Presidential materials from private to public property-i.e., under the PRA, official records of the President and his staff are owned by the United States, not by the President. The National Archives and Records Administration is required to take custody of these records (which includes electronic records, such as email correspondence) when a President leaves office, and to maintain them in a federal depository. These records are eligible for access under the Freedom of Information Act (FOIA) five years after the President leaves office. The President may restrict access to specific kinds of information for up to 12 years after he leaves office. After that point, the records are reviewed for FOIA exemptions only. The records of the Reagan administration were the first to be administered under this law.
Web Links
Policy
Electronic Records Management
Classified National Security Information
Identifying
NumberNARA Bulletin 2000-02 (Replaces Bulletin 99-04)
Executive Order 12958
Date of Action-
StatusDecember 27, 1999
1995 [amended November 19, 1999 by EO 13142; revokes EO 12356 (1982)]
Description/
SummaryBulletin 2000-02 notifies agencies that NARA Bulletin 99-04, Scheduling electronic copies of program records and administrative records not covered by the General Records Schedules (GRS), is suspended. That bulletin covered electronic copies that were created using word processing or electronic mail software that remain on the "live" computer system after the recordkeeping copy is produced. Clarifies when the GRS 20 disposition authority for electronic copies (items 13 and 14) may be used. GRS 20, items 13 and 14, which apply to word processing and electronic mail copies, may be used only for electronic copies of scheduled records, and only after a recordkeeping copy has been produced and filed in a recordkeeping system. Reminds agencies that NARA Bulletin 99-05, Disposition of electronic records (NARA Bulletin 98-02), issued on September 24, 1999, remains in effect. That bulletin states that new and revised items on SF 115s, Request for Records Disposition Authority, submitted for NARA approval must include provision for the disposition of both the copy of a record that resides on electronic mail or other office automation applications, and the recordkeeping copy maintained in the recordkeeping system.
Bulletin 99-04 provided guidance to federal agencies on procedures for scheduling electronic copies of an agency's currently scheduled program records that were created using word processing or electronic mail software that remain on the "live" computer system after a record-keeping copy is produced. Agencies have until February 1, 2000 to submit to NARA either new records schedules for their electronic copies, or a detailed plan for scheduling the records (which must occur with two years NARA's approval of their plan). Provides for training to agency records officers to assist them with developing their schedules or plans. Supercedes General Records Schedule (GRS) 20, which authorized federal agencies to destroy electronic versions of word processing, electronic mail, and other electronic records without any review of whether the records had sufficient value to warrant their retention. The public interest organization, Public Citizen-joined by organizations of historians, librarians and individual researchers-challenged these rules in a lawsuit (Public Citizen v. John Carlin, Archivist of the United States, in the U.S. District Court for Washington, D.C.), charging that NARA was ignoring its responsibility to ensure that historically valuable electronic records were preserved. The courts agreed, and struck down the rules in a decision that emphasized the unique value of electronic records. GRS 20 was declared "null and void" by a federal judge in October 1997.Mandates all classified information contained in records of 25 years old and older, with permanent historical value, be automatically declassified within five years of enactment of the executive order (unless an agency acted to keep them classified, based on an exemption provided in the order). Agencies had five years to complete their records reviews, with 15 percent of the reviews to be completed within the first year. An amendment extended the deadline for 18 months, after agencies appealed to the President that they were unable to meet the 2000 deadline. Established the Interagency Security Classification Appeals Panel (ISCAP), which provides for an independent review board to rule on appeals from members of the public (and government employees) who filed requests for mandatory declassification, and were denied by the classifying agency. ISCAP is composed of representatives of the Departments of State, Defense, and Justice, National Security Council, CIA, and NARA. As of January 1999, ISCAP had voted on 163 appeals (83 percent of documents reviewed were declassified, entirely or in part).
Web Links
http://www.nara.gov/records/
policy/b2000-02.html
http://www.nara.gov/records/
policy/b9905.htmlhttp://www.fas.org/sgp/
clinton/eo12958.htmlhttp://www.fas.org/sgp/
clinton/eo13142.htmlhttp://www.dss.mil/seclib
/eo12958.htm
Policy
Privacy Act
Privacy and Personal Information in Federal Records (President's Memorandum) May 14, 1998
Identifying
NumberPublic Law 93-579 [5 USC Section 552a]
M-99-05 Instructions on complying with President's Memorandum
Date of Action-
Status1974
January 7, 1999
Description/
SummaryDescribes the manner in which personal information of individuals can be disclosed by the federal agencies. Restricts the government's ability to disseminate information that could infringe on the personal privacy of an individual. Agencies are directed to maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency. Government agencies may release or disclose Privacy Act data only after appropriate review or with prior written consent of the individual to whom the information pertains. Requires agencies to allow individuals access to their records. An application of the Privacy Act to electronic information is agencies' collection of citizen's email addresses. When agencies intentionally collect email addresses and compile them into databases or mailing lists, the information is considered a "personal identifier and personal record," and they must notify the public that they are collecting this information, and why. Agencies are not required to notify the public of incidental accumulation of email addresses (e.g., through listservs and discussion groups), if the accumulation is maintained automatically by the software and not used by agency employees.
This Memorandum contains the text of the President's May 14, 1998 Memorandum as well as instructions to agencies on how to comply." In his Memorandum, the President directed Federal agencies to review their current information practices and ensure that they are being conducted in accordance with privacy law and policy. The President also directed OMB to issue instructions to the agencies on how to conduct this review. Indicates agencies should: (1) designate a senior official within the agency to assume primary responsibility for privacy; and (2) conduct a thorough review of its systems of records, "paying special attention to Internet and other electronic communications activities that may involve the collection, use, or disclosure of personal information."
States: "increased computerization of federal records permits information to be used and analyzed in ways that could diminish individual privacy in the absence of additional safeguards. As development and implementation of new information technologies create new possibilities for the management of personal information, it is appropriate to reexamine the federal government's role in promoting the interests of a democratic society in personal privacy and the free flow of information."Web Links
http://www.epic.org/privacy
/laws/ clinton-privacy
-memo-598.html
Policy
Information Technology Management Reform Act (Clinger-Cohen Act)
Section 508 of The Rehabilitation Act
Identifying
NumberPublic Law 104-106 [40 USC Section 1401]
29 USC Section 794d
Date of Action-
StatusFebruary 10,1996
1998
Description/
SummaryGrants authority to the head of each agency to acquire information technology (IT) resources and makes them responsible for effectively managing IT investments. Includes the establishment of the following: (1) best practices for capital planning for IT acquisitions and investments; (2) Chief Information Officer positions within federal departments and agencies; and (3) performance evaluation measurements for IT. Requires that agencies establish a process to ensure that the public has timely and equitable access to the agency's information, and regularly solicit and consider public input on the agency's information dissemination activities. Abolished the Brooks Act and the Federal Information Resources Management Regulation (issued to implement the Brooks Act), which made the General Services Administration the central authority for procurement of "automatic data processing" resources. Reassigned overall responsibility for the acquisition and management of IT to OMB.
Requires that federal agencies' electronic and information technology be accessible to people with disabilities, including members of the public and federal employees. Establishes requirements for any electronic and information technology developed, maintained, procured, or used by the federal government. Directs agencies to ensure (unless an undue burden would be imposed) that all of their electronic and information technology allows for comparable levels of access and usability to federal information by members of the public with disabilities as to members of the public without disabilities. (The same standards also apply to access by federal employees with disabilities.) Mandates all federal agencies to conduct a self-evaluation of their current electronic and information technology and to report the results to the Department of Justice. DOJ must report the results of the survey to the President by February 7, 2000. The Architectural and Transportation Barriers Compliance Board will then issue standards defining which electronic and information technology is covered, and describe what is meant by "accessible technology," by setting forth technical and functional performance criteria.
Web Links
http://thomas.loc.gov/cgi-bin/
bdquery/ z?d104:SN01124:|TOM:
/bss/d104query.html
Policy
Government Performance and Results Act
Setting Customer Service Standards
Identifying
NumberPublic Law 103-62 [44 USC Section 1441]
Executive Order 12862
Date of Action-
Status1993
September 11, 1993
Description/
SummaryIntended to improve federal program effectiveness and public accountability by focusing on results, service quality, and customer satisfaction. Mandates adoption of strategic and annual planning processes-to be tied to the budget and authorization cycles, and based on established and measurable performance indicators-to inform Congress and the public of: (1) performance goals for agencies' major program and activities; (2) measures used to gauge performance; (3) strategies and resources-e.g., skills, technology, human, capital, information, and other resources-required to meet performance goals; (4) procedures used to verify and validate performance; and (5) performance compared with established goals, including reasons goals were not met, and actions plans and schedules for meeting unmet goals.
Requires federal agencies to incorporate customer needs and expectations into their strategic planning processes. Mandates agencies to improve accessibility to federal government information and services by: (1) identifying customers who are, or should be, served by the agency; (2) surveying customers to determine the type and quality of services needed, and barriers to those services; (3) benchmarking customer service performance against "the best in the business"; (4) making information, services, and complaint systems easily accessible; and (5) providing means to address customer complaints. Provisions added to Clinton's 1995 "Memorandum on Customer Service" (1995) require agencies to develop a "Customer Service Plan," to gauge the success of the plans, in a form readily accessible to customers, for all operations that deliver significant services directly to the public.
Web Links
http://thomas.loc.gov/cgi-bin/
bdquery/ z?d103:SN00020:|TOM:
bss/d103query.html
http://www4.law.cornell.edu/uscode/31/1115.htmlhttp://www.archives.gov/federal_register/executive_orders/pdf/12862.pdf
Policy
Federal Information Technology
Computer Security Act
Identifying
NumberExecutive Order 13011
Public Law 100-235 [15 USC Chapter 7 and 40 USC Section 1441]
Date of Action-
Status1996
1988
Description/
SummaryReiterates and links related policies (Information Technology Management Reform Act, Paperwork Reduction Act, and Goverment Performance and Results Act). Formalizes OMB's oversight authority of IT management . Stresses importance of performance-based planning and implementation of federal IT to improve agencies' mission-based performance levels and service to the public. Refocuses IT management to directly support agencies' strategic missions; implements investment review process that drives budget formulation and execution for information systems; and restructures the way agencies perform their functions before investing in information technology. Creates Chief Information Officer Council, Government Information Technology Services Board, and Information Technology Resources Board.
Creates a means for establishing minimum acceptable security practices for federal computer systems without limiting the scope of security measures already planned or in use. Prescribes "cost effective" computer security rather than "absolute" security. Requires each agency with a federal computer system to establish a plan for the security and privacy of sensitive information, and to train federal employees in security matters relating to the management, operation, and use of federal computer systems. Administered through the National Institute of Standards and Technology (NIST), which is responsible for developing standards and guidelines necessary for assuring the protection of sensitive information.
Web Links
http://www4.law.cornell.edu/uscode/
15/ch7.html#PC7
http://www4.law.cornell.edu/uscode/
40/1441.html
http://thomas.loc.gov/cgi-bin/bdquery/
z?d100:HR00145:|TOM:/bss/
d100query.html
http://www.epic.org/crypto/csa/csa.html
Policy
The Federal Information Security Management Act (FISMA) of 2002
GPO Electronic Information Access Enhancement Act
Identifying
NumberPublic Law 107-347, Title III
Public Law 103-40 [44 USC Chapter 41]
Date of Action-
StatusDecember 17, 2002 (effective immediately)
1993
Description/
SummaryThe Federal Information Security Management Act (FISMA) of 2002 was tacked on to the E-Government Act, making the provisions of GISRA, which expired in November 2002, permanent as well as expanding them. FISMA became effective December 17, 2002. To the purposes section are added the acknowledgement that commercially developed information security products offer advanced, dynamic, robust, and effective information security solutions and the recognition that individual agencies should select their own specific hardware and software information security solutions from among these commercially developed products. A definition for information security is provided. "(1) The term 'information security' means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide – (A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; (B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and (C) availability, which means ensuring timely and reliable access to and use of information." The other purposes set forth for the new FISMA remain essentially the same as in GISRA, which is to provide a comprehensive framework for ensuring information security controls, recognizing the highly networked nature of the Federal computing environment, providing for minimum security controls, and to provide oversight of agency information security programs. As in GISRA, Federal agencies are responsible for providing information security protections commensurate with the risk and magnitude of the harm resulting from unauthorized disclosure, disruption, modification, or destruction of information collected by or by a contractor on behalf of the agency. A new requirement is to ensure that information security management processes are integrated with agency strategic and operational planning processes. As in GISRA, the agency head must delegate to the CIO the authority to ensure compliance with the Act and designate a senior agency information security officer. Requirements for the security officer are added; the officer must possess professional qualifications and have information security duties as his/her primary duty and head an office with the mission and resources to assist in ensuring compliance with the Act. The security officer must develop and maintain the agency-wide information security program. Periodic risk assessments, testing and evaluating information security controls and techniques, and security awareness training continue to be required. The annual independent evaluation continues on the testing of a representative subset of the agency’s information systems. FISMA changes the testing of the effectiveness of "control techniques" to the testing of the effectiveness of "policies, procedures, and practices" on the subset. As in GISRA, existing audits, reports, or evaluations may be used to meet these requirements.
Required the Superintendent of Documents, through the Government Printing Office, to provide online electronic access to the Federal Register, the Congressional Record, and other "appropriate publications." The online system established under this statute is "GPO Access," launched in June 1994. This statute marked the first general mandate for electronic dissemination of records issued by all federal agencies. Also requires the Superintendent of Documents to accommodate, to the extent practical, agency requests to include their information in the GPO online access system. GPO Access provides public access to more than 70 databases from all three branches of the federal government, including the Congressional Record, the Federal Register, the Code of Federal Regulations, the U.S. Code, Supreme Court decisions, and Commerce Business Daily. In addition to these official databases, the service provides access to the Federal Bulletin Board, several locator tools for accessing federal electronic information, and GPO's Sales Product Catalog, which enables users to locate and purchase government information products for sale by the Superintendent of Documents. GPO Access processes approximately 4 million requests for information monthly. The GPO Access Gateways program expands "accessibility to the information available through the GPO Access system, with interpretive and instructional content developed by Gateway partners for their specific clienteles; a variety of alternatives for structuring searches and viewing results; and local low- or no-cost connections for dial-up users. In addition, Gateways assist GPO by providing input in development and refinement of electronic products and services." In addition to Federal Depository Libraries, academic and public libraries participate in the Gateways program.
Web Links
http://thomas.loc.gov/cgi-bin/bdquery/z?d103:SN00564:
|TOM:/bss/d103query.html|
Policy
Establishment of a Government Information Locator Service (GILS)
Guidance on the Government Information Locator Service
Identifying
NumberOMB Bulletin 95-01
OMB Memorandum 98-05
Date of Action-
Status1994 (expired in 1997)
1998
Description/
SummaryEstablished by the Paperwork Reduction Act, which mandated the establishment of a system to assist in locating government information. Now known as "Global Information Locator Service." Identifies public information resources throughout the federal government, describes information available in those resources (and why the information was created), and provides assistance in retrieving the information. Requires agencies to compile, and electronically publish, an inventory of their: (1) automated information systems; (2) Privacy Act systems of records; and (3) locators that together cover all information dissemination products. Established GILS Board, responsible for "preparing and disseminating publicly an annual report that evaluates and recommends enhancements to GILS to meet user information needs, including factors such as accessibility, ease of use, suitability of descriptive language, as well as the accuracy, consistency, timeliness and completeness of coverage." The Board met once and failed to issue a formal report. Bulletin 95-01 expired on December 7, 1997, and has not been reissued. OMB Memorandum 98-05 (1998) reaffirms the responsibility of agencies to meet GILS requirements, and directs agencies to "routinely solicit feedback on their GILS performance, results, and plans from significant public stakeholders and user communities." However, OMB has provided little oversight, and has not enforced compliance. Many agency GILS are up and running, although agency compliance is erratic.
Notes that OMB Bulletin 95-01, "Establishment of Government Information Locator Service," which guided the initial startup of GILS, has expired; nonetheless the agency responsibilities outlined above continue. Identifies agencies such as the Department of Defense, the Department of Treasury, the Environmental Protection Agency, and the Government Printing Office as having already demonstrated outstanding initiative and leadership. States that all agencies will now be describing GILS progress in their annual reportingunder the Paperwork Reduction Act of 1995. (See OMB Bulletin No. 98-03, November 18, 1997). Also notes that agencies should also routinely solicit feedback on their GILS performance, results, and plans from significant public stakeholders and user communities. States that agencies should implement their parts of GILS on the Internet as described in FIPS 192-1, and should link their GILS records to the underlying information resources to the extent that they are accessible on the Internet and its World Wide Web. Asks that the CIO Council work with the Government Information Technology Services Board to focus on training agencies in GILS best practices; further developing the U.S. Federal GILS guidelines, search standards and subject keywords; coordinating "one stop" access to multi-agency government services; and coordinating with intergovernmental and other related initiatives.
Web Links
http://www.gils.net/omb98-05.html
http://www.whitehouse.gov/OMB/
bulletins/95-01.htmlhttp://www.whitehouse.gov/OMB/
memoranda/m9805.html
http://www.whitehouse.gov/OMB/
bulletins/98-03.html
Policy
Privacy Policies on Federal Web Sites
Uniform Administrative Requirements for Grants and Agreements With Institutions of Higher Education, Hospitals, and Other Non-Profit Organizations
Identifying
NumberOMB M-99-18
SECTION 646, PROTECTION OF CITIZENS PRIVACY ON FEDERAL WEB SITES, TREASURY AND GENERAL GOVERNMENT APPROPRIATIONS ACT
OMB Circular A-110
Date of Action-
Status2001 (P.L. 106-554, DECEMBER 21, 2000)
11/19/93 Amended 9/30/99
Description/
SummaryRequires agencies to post clear privacy policies on their principle web sites and other major points of Internet entry, that "clearly and concisely inform visitors to the site what information the agency collects about individuals, why the agency collects it, and how the agency will use it."
Includes provisions on the administration of federal grants with institutions of higher education, hospitals, and other nonprofit organizations. The 1999 amendment addresses public access to federally funded research data. (It does not cover federal awards of contracts to for-profit firms.) The amendment directs the Office of Management and Budget (OMB) to require federal awarding agencies to "ensure that all data produced under an award will be made available to the public through the procedures established under the Freedom of Information Act" (FOIA). Although well-meaning in its intent to promote public access, it raised questions among researchers and their institutions about its implementation. Among other concerns, the library, research, and scientific communities focused on: (1) the definition of "data" (e.g., whether data would include informal notes, e-mail, confidential material, trade secrets, incomplete information, misleading research results, etc.); (2) costs of compliance to grantee organizations; (3) confidentiality of human subjects research data; (4) intellectual property rights of those producing the data; (5) and administrative impacts to the funded organizations; and (6) appropriateness of FOIA as an access tool to non-governmental entities. OMB addressed most of the concerns in the final version of the amendment-clarifying the definition of "research data" (and providing a list of exclusions from the definition), and stating that recipients of federal funding are not required to submit information that they consider "trade secrets, commercial information," or "personnel and medical files, and similar files the disclosure of which would constitute a clearly unwarranted invasion of personal privacy."
Web Links
Policies
E-Government Act of 2002
Government Paperwork Elimination Act
Identifying
NumberPublic Law 107-347
P.L. 105-277 - Title XVII [44 USC 3504]
Date of Action-
StatusDecember 17, 2002
1998
Description/
SummaryProvides the means for achieving information technology (IT) leadership, improving coordination and deployment of IT across the Federal Government, helping agencies achieve the IT management reforms required under the 1996 Clinger-Cohen Act, including the private sector in E-Government solutions, and ensuring greater citizen access to the Federal Government through the improved use of IT. The E-Government Act defines Electronic Government as "...the use by the Government of web-based Internet applications and other information technologies, combined with processes that implement these technologies, to – (A) enhance the access to and delivery of Government information and services to the public, other agencies, and other Government entities; or (B) bring about improvements in Government operations that may include effectiveness, efficiency, service quality, or transformation." The E-Government Act among other things establishes an Office of Electronic Government within OMB and an E-Government Fund at $345 million over fiscal years 2003 through 2006.
Allows citizens to use electronic technologies when filing information with, or retrieving it from the federal government. Directs federal agencies to provide public access to government services and documents by 2003 and give the public the option of submitting government forms electronically.
Provides the legal framework for agencies to accept electronically submitted forms and documents. Under GPEA, agencies will develop information systems that enable online submissions of forms, reports and other data. Agencies will be required to guard privacy and protect documents from being altered. Electronic signatures and other measures will be used to authenticate citizens as they transact business with the Government.
The Office of Management and Budget (OMB) has issued guidelines to assist agencies with complying with the provisions of GPEA. OMB calls upon agencies to perform business case analyses, cost/benefit analyses, technology assessments, and risk assessments to determine which technologies, systems and procedures best support compliance with GPEA, and ensures maximum security related to authentication and privacy. Agencies must submit a copy of their GPEA implementation plan to OMB by October 2000.Web Links
http://frwebgate.access.gpo.gov/cgi-bin/
getdoc.cgi?dbname=107_cong_
public_laws&docid=f:publ347.107.pdfhttp://www.whitehouse.gov/omb
/inforeg/GPEAmemo.pdfhttp://www.whitehouse.gov/OMB
http://www4.law.cornell.edu/uscode
/fedreg/gpea2.html
/44/3504.html