Web 2.0 Triggers Government Security Challenges
Record keeping, privacy, and freedom of information are also concerns as agencies adopt new Internet technologies, says federal auditor.
Security, privacy, and records management are among the challenges federal agencies are facing in their deployment of Web 2.0 technologies, according to the government's auditing arm.
A report from the Government Accountability Office (GAO) -- Challenges in Federal Agencies' Use of Web 2.0 Technologies -- also cited freedom of information as another stumbling block to the government's use of Web-based services and social networking, which are becoming increasingly prevalent as the feds try to modernize systems to improve engagement and transparency.
More Government Insights
- Building a Hybrid Cloud in Government: It's not that Complicated
- Strengthening Security Protocols for Teleworking Employees
- Best Practices Guide for IT Governance & Compliance
- Mobile Data Center Brings the Mobile Cloud to Life: Portable, Mobile Data Centers Aligned with Army Operations
In terms of privacy, agencies must determine how a 36-year-old privacy act -- the Privacy Act of 1974 -- applies to information exchanged via Web 2.0 technologies like Facebook and Twitter, according to the report. The act, which protects certain personally identifiable information, could limit agencies' use of these sites to reach citizens.
The federal government also has some limitations of its own to consider, according to the report. It must determine how to appropriately limit collection and use of personal information as agencies use technologies "and how and when to extend privacy protections to information collected and used by third-party providers of Web 2.0 services," according to the report.
Further, security is a major concern. Personal information has to be protected, and agencies have to train employees about how to use social media sites properly so they don't put their own personal information in jeopardy, the GAO said.
Records management also becomes a primary consideration; indeed, it has been top of mind for agencies as they have started to adopt cloud-computing solutions in which information exists on the network and not in on-premises systems.
The GAO's report cited challenges in the assessment of whether information generated and received through social networks and other Web 2.0 technologies falls under the same jurisdiction of federal records. If it does, then agencies must come up with a way to keep records of it, which is difficult as web-based content changes at such a rapid speed, according to the report.
Agencies' obligation to appropriately respond to Freedom of Information Act (FOIA) requests also becomes more complicated in a Web 2.0 world, the GAO said. Agencies must determine whether the information generated in Web 2.0 content falls under FOIA regulations and if it does, find a way to respond to requests appropriately.
Agencies already are aware of challenges and are taking steps to meet them, according to the report. The Office of Management of Budget (OMB) recently issued guidance to clarify how the Paperwork Reduction Act of 1995 -- aimed at dealing with electronic information in the Internet age -- applies to federal use of social media and Web-based interactive technologies.
The OMB also issued guidance to help federal agencies protect privacy when using third-party websites and applications, according to the report.
From NASA to the CIA, CIOs are coming up with innovative approaches to long-standing challenges. Download the latest all-digital issue of InformationWeek Government for that story and more. (Free registration required.)