National Academies Press: OpenBook

Social Security Administration Electronic Service Provision: A Strategic Assessment (2007)

Chapter: Appendix D Overview of Selected Legislation Pertaining to E-Government

« Previous: Appendix C Social Security Administration Major Office Missions
Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×

D
Overview of Selected Legislation Pertaining to E-Government

The highest level of federal e-government policymaking is public law. Although some of the public law reviewed below predates the concept of e-government, these pieces of legislation are nonetheless still in place. The overview proceeds generally from broader to more specific information policy and, where possible, links public law to government-wide policy.

THE PAPERWORK REDUCTION ACT OF 1995

The Paperwork Reduction Act (PRA; Public Law 96-511) was originally enacted 1980 as an outgrowth of the 1977 report of the U.S. Commission on Federal Paperwork. The original act recognized the economic cost of the federal government’s imposing of paperwork burdens on the public and laid the groundwork for the creation of the Office of Information and Regulatory Affairs (OIRA) in the Office of Management and Budget (OMB) to manage federal information policy centrally. Over time, the PRA has been amended (i.e., in 1986 and 1995) and has resulted in related updates to OMB Circular A-130.1 It is the PRA that compels federal agencies to get an OMB clearance number on information collections (including such things as forms, surveys, and regulations that require

1

See Executive Office of the President, Office of Management and Budget (OMB), OMB Circular No. A-130 Revised, available at http://www.whitehouse.gov/omb/circulars/a130/a130trans4.html, accessed June 9, 2006. OMB Circular A-130’s subject is management of federal information resources.

Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×

reporting) and for OMB to aggregate the amount of burden that federal agencies impose on the public annually through the Information Collection Budget. This landmark legislation also had practical implications for agencies, as it forced them to manage information collection as a resource much like they did financial and human resources.

THE INFORMATION TECHNOLOGY REFORM ACT

In many ways, the Information Technology Reform Act (Public Law 104-106; also known as the Clinger-Cohen Act)2 provided some of the early underpinnings for the e-government movement by requiring agencies to elevate the position of “Senior Official for Information Resources Management” to that of “Chief Information Officer” (CIO). This law recognized the strategic importance of technology in meeting agency objectives, giving the CIO in a federal agency a prominent position that is supposed to report directly to the head of the agency. Consistent with this view, the act created the expectation that agency investments in IT would be evaluated on the basis of the attainment of goals and objectives laid out in agency strategic and tactical plans.

THE PRIVACY ACT OF 1974

Although it is likely the oldest piece of federal information policy that shapes e-government implementation, the Privacy Act of 1974 (Public Law 93-579, as amended)3 remains quite influential. The Privacy Act is built on the fair information principles outlined by the then-Department of Health, Education and Welfare’s policy4 to provide citizens with insight into their government’s stewardship of what the act defines as “sensitive information.”5 Sensitive information includes “information, the loss, misuse, or unauthorized access to or modification of, which could adversely affect the national interest or the conduct of federal programs, or the privacy to which individuals are entitled under … the Privacy Act.”6 To

2

See http://www.cio.gov/Documents/it_management_reform_act_Feb_1996.html, accessed June 20, 2007. See also S.H. Holden and P. Hernon, “An Executive Branch Perspective on Managing Information Resources,” pp. 83-104 in P. Hernon, C.R. McClure, and H.C. Relyea, Eds., Federal Information Policies in the 1990’s: Views and Perspectives, Norwood, N.J.: Ablex Publishing, 1996.

3

See http://www.usdoj.gov/foia/privstat.htm, accessed June 20, 2007.

4

See Department of Health, Education, and Welfare Secretary’s Advisory Committee on Automated Personal Data Systems, Records, Computers and the Rights of Citizens, Cambridge, Mass.: MIT Press, 1973.

5

P.M. Regan, Legislating Privacy: Technology, Social Values, and Public Policy, Chapel Hill, N.C.: University of North Carolina Press, 1995.

6

See http://www.atis.org/tg2k/_sensitive_information.html, accessed June 20, 2007.

Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×

the extent that federal agencies maintain “systems of records” in which it is possible to organize, index, or retrieve the information about a citizen by unique identifier (typically a Social Security number), an agency must post public notice of how the data will be used through a “routine use notice.” If any agency wishes to disclose such sensitive data to a third party, the subject of the information must provide consent to such disclosure. For agencies that are receiving or exchanging sensitive information about an individual, which is typical for most e-government transactions, they must take steps to comply with the Privacy Act. Appendix I of OMB Circular A-130 provides the more detailed requirements for agencies to follow when complying with the Privacy Act.

OMB has issued some privacy-related policy pertaining to the use of “cookies” on federal Web sites that grows, in part, out of some of the philosophies of the Privacy Act. OMB issued Memorandum 00-13,7 which sought to severely limit (and some believe prevent) agencies from using “persistent cookies” that track “the activities of users over time and across different web sites.” The memorandum stipulates that federal Web sites should not use persistent cookies unless agencies can meet the following four conditions:

  • The site gives clear and conspicuous notice;

  • There is a compelling need to gather the data on the site;

  • There are appropriate and publicly disclosed privacy safeguards for handling any information derived from the cookies; and

  • The agency head gives personal approval for the use.8

THE FEDERAL INFORMATION SECURITY MANAGEMENT ACT OF 2002

The Federal Information Security Management Act of 2002 (FISMA; Title III of Public Law 107-347) has superseded the Computer Security Act of 1987. FISMA provides the analytical framework for agencies to assess risk and then to mitigate identified risks for “sensitive information” in federal information systems. In this context, FISMA includes systems that are not national security systems but that contain sensitive information. The following quote from FISMA provides the high-level risk-based security guide for agency decision making in this area. The act states

7

OMB Memorandum 00-13’s subject is privacy policies and data collection on federal Web sites. It is available at http://www.whitehouse.gov/omb/memoranda/m00-13.html, accessed April 14, 2007.

8

OMB Memorandum 00-13, available at http://www.whitehouse.gov/omb/memoranda/m00-13.html, accessed April 14, 2007.

Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×

that agencies shall “identify and provide information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disclosure, disruption, modification, or destruction of …” information or information systems maintained by federal agencies or by organizations on behalf of federal agencies. Explicitly in the law, agencies are expected to pursue the goals of the legislation with a cost-effectiveness standard in mind by “implementing policies and procedures to cost-effectively reduce risks to an acceptable level….”9 Appendix III of OMB Circular A-130 provides the more detailed requirements for agency compliance with FISMA.

THE GOVERNMENT PAPERWORK ELIMINATION ACT OF 1998

The law likely to have provided the most impetus to federal agency e-government efforts was the Government Paperwork Elimination Act of 1998 (Title XVII of Public Law 105-277). It required that individuals or entities that deal with the agencies have the option of submitting information or transacting with the agency electronically by October 2003. It was intended to serve as a transition point from traditional paper-based government and governance at the federal level to the emerging ideals of e-government.10 Besides setting this target date for agencies to enable electronic information and transactions, it also defined and established the legal sufficiency of electronic signatures necessary for agencies to move away from “wet” signatures on paper. What the law did not do was to specify particular technologies to implement electronic signatures. Instead, the law and subsequent OMB policy11 was technology neutral, giving agencies wide discretion to match the needs of their technical solutions to the capabilities of their user base and risk mitigation that agency desired.12

9

See http://csrc.nist.gov/policies/FISMA-final.pdf, accessed June 20, 2007.

10

Office of Management and Budget, “Implementation of the Government Paperwork Elimination Act,” available at http://www.whitehouse.gov/omb/fedreg/gpea2.html, accessed April 14, 2007.

11

Office of Management and Budget, Dec. 16, 2003, “E-Authentication Guidance for Federal Agencies,” available at http://www.whitehouse.gov/omb/memoranda/fy04/m04-04.pdf, accessed April 14, 2007.

12

S.H. Holden, “Electronic Authentication Initiatives in the IRS E-File Program: Enabling E-Government Through Electronic Signatures,” pp. 984-985 in M. Khosrowpour, Ed., Issues and Trends of Information Technology Management in Contemporary Organizations, Hershey, Pa.: Idea Group, 2002.

Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×

THE E-GOVERNMENT ACT OF 2002

The E-Government Act of 2002 (Public Law 107-347) and the federal government’s strategic plan for e-government provide further impetus for e-government initiatives. The law reaffirmed the federal mandate for e-government by codifying the creation of the associate director for IT and e-government in OMB. It also imposed new annual reporting requirements for OMB to inform Congress of progress toward meeting the goals of the act. Recognizing the need to address public concerns about privacy and e-government adoption, the law required agencies to conduct Privacy Impact Assessments to make privacy considerations more explicit in the development of e-government systems.13

13

S.H. Holden and L.I. Millett, “Authentication, Privacy, and the Federal E-Government,” The Information Society 21(5):367-377.

Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×
Page 144
Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×
Page 145
Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×
Page 146
Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×
Page 147
Suggested Citation:"Appendix D Overview of Selected Legislation Pertaining to E-Government." National Research Council. 2007. Social Security Administration Electronic Service Provision: A Strategic Assessment. Washington, DC: The National Academies Press. doi: 10.17226/11920.
×
Page 148
Next: Appendix E A Short History of E-Government »
Social Security Administration Electronic Service Provision: A Strategic Assessment Get This Book
×
Buy Paperback | $55.00 Buy Ebook | $43.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Social Security Administration Electronic Service Provision examines the Social Security Administration's (SSA's) proposed e-government strategy and provides advice on how the SSA can best deliver services to its constituencies in the future. The assessment by the Committee on the Social Security Administration's E-Government Strategy and Planning for the Future was based on (1) its examination of the SSA's current e-government strategy, including technological assumptions, performance measures and targets, planned operational capabilities, strategic requirements, and future goals; (2) its consideration of strategies, assumptions, and technical and operational requirements in comparable public- and private-sector institutions; and (3) its consideration of the larger organizational, societal, and technological context in which the SSA operates.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!