The US E-Government Act of 2002: The dollars, the players, the hurdles, the future.
- The E-Government Act’s major provisions
- Why privacy concerns remain a big stumbling block
- How e-government is reform by another name
On December 17, 2002, President Bush signed the EGovernment Act into law. The signing was muffled amidst the drumbeat of war talk with Iraq, and with scant controversy behind its bipartisan passage, it was little more than a blip on the radar screen of the US media. Yet by the simple action of signing the act, the president had taken a giant step towards launching the federal government into the information age.
E-government is designed to make it easier for citizens and businesses to access government information and services by encouraging interagency IT initiatives that, while improving customer service, also consolidate redundant systems, decrease paperwork, increase productivity and save money. As Mark Forman, associate director for IT and e-government at the Office of Management and Budget, told a gathering last year of the Open Group — a standards body — e-government will enable “an order of magnitude improvement in the federal government’s value to the citizen; with decisions in minutes or hours, not weeks or months.” Ultimately, it’s about making government citizen-centric so that you can go to Web sites to get information about unemployment benefits, comment on proposed clean air rules or apply for an import licence. You save time. And the government gets more for its IT dollars.
That’s no small matter. The US federal government’s proposed IT budget for the 2004 fiscal year is a whopping $US59 billion. Yet that money has traditionally been appropriated and spent on an agency-by-agency basis, with little regard to how a system might fit into an overall federal architecture and with little focus on using IT to improve citizen services.
Money and budgets aside, the E-Government Act is a logical extension of President Bush’s management agenda, which cites e-government as one of the five key cornerstones of his efforts to run government more like a business. “The idea behind this law is for the federal government to take full advantage of the Internet and other information technologies to improve its efficiency and to secure its electronic information,” said US Senator Joe Lieberman (Democrat-Connecticut), author of the act, in a statement released last December.
The new legislation aims to further the inroads Forman and his staff at the OMB have been making; they have been using IT to help improve government efficiency and make services more responsive to citizens. The OMB’s 25 various e-government initiatives are a prime example (see “E-Government in Process”, page 56). One of the projects, the Department of Labour’s Govbenefits.gov site, aims to help citizens locate and determine their eligibility for benefits and services. Patrick Pizzella, CIO at the DoL, is justifiably proud of the new site. “In 30 to 60 days, we’ll have [close to] 300 government benefit programs on the site . . . It saves [citizens] a lot of time, and it’s available around the clock,” he says.
The act builds on the work already being done by the OMB and the federal CIO Council, and it pumps the power of law into the government’s IT fuel tank. To establish accountability, it has created a new office within the OMB devoted to e-government strategy and implementation. It establishes a separate, $US345 million E-Government Fund for interagency projects, requires basic standards for federal Web sites and privacy impact assessments for new systems, and calls for improved information security measures. (For major provisions of the act, see “E-Government Act of 2002 Highlights”, left.)
“The bill is probably the most extensive piece of legislation to date on e-government,” says Dave McClure, who worked on the legislation. McClure is vice president for egovernment at The Council for Excellence in Government in Washington, DC, a group that works to improve the government’s performance. For their part, federal CIOs say the new law and its E-Government Fund finally gives them the legal and financial backing needed to make egovernment happen. “The fund will support projects that try to find innovative ways to make it easier for the public to conduct business with the federal government,” says Woody Hall, CIO at the Customs Service. Rosita Parks, CIO at the Federal Emergency Management Agency, also is a fan of the fund. “Having had managing partner responsibility for two e-gov initiatives with broad application since last August, and understanding how difficult it has been to garner resources for both initiatives, I believe that one of the most beneficial elements of the act is that it authorises e-gov funds beyond the $US100 million originally targeted,” says Parks.
Although Congress and the administration are clearly paving the way to creating a 24/7 government, there are a number of hurdles ahead for the 60 or so federal CIOs who make up the CIO Council. Reformers are starting to chip away at the traditional stovepiped structure of the federal government — spurred by the integration of 22 agencies into the new Department of Homeland Security — yet the fact remains that an agency, not cross-agency, perspective is the norm. Until that changes, a functional framework for e-government will be nothing more than a tease and an empty promise. In addition, privacy and security issues will remain paramount as citizen information is increasingly gathered and exchanged among numerous agencies’ systems. And the $US345 million that the act authorised for the EGovernment Fund over four years is subject to the legislative whims of Congress. That became clear in January when Senate appropriators slashed $US40 million from the $US45 million that was earmarked for the 2003 fiscal year.
While the e-gov act promises major benefits in terms of service and efficiency, achieving true e-government won’t happen until the players involved overcome some significant challenges.
The Act’s Guiding PrinciplesMake it easier for citizens to interact with government.
Attempting to find out which agencies are responsible for regulating nursing homes or protecting local rivers or regulating the amount of animal by-products in the bratwurst you just consumed can be a frustrating trip through a byzantine collection of 22,000 agency Web sites. The act calls for improving the federal government’s portal, Firstgov.gov, so that citizens will have access to better organised information in fewer clicks, regardless of agency. According to McClure, the act mandates uniform access to the government’s functional services — paying taxes, applying for loans or getting disaster assistance, for example. “The goal is to do it simpler and faster, without navigating government bureaucracy,” McClure says.
Another provision calls for e-rule making that allows citizens to comment on proposed regulations online. “It’s a very democratising provision,” says Kevin Landy, a counsel on Lieberman’s staff on the Senate Governmental Affairs Committee who worked on the e-government legislation. In January, the Environmental Protection Agency launched a new Web site (www.regulations.gov) that gives citizens and businesses a one-stop portal to submit their opinions on government regulations from all departments. Previously, the public comment process was difficult to use; for example, citizens needed to know the agency responsible for a specific rule and often had to submit the comment in writing. “Erule making will allow citizens to participate actively by enabling them to be involved in federal rule making on their own terms at a location and time of their choice,” said EPA Deputy Administrator Linda Fisher in remarks delivered at the time of the site’s official launch. “This initiative will help assure the public that they have a role in making regulatory decisions, and that it can be done in a more timely and efficient manner.”
Another significant plus: The OMB estimates that creating a single system for rule making will save $US94 million.
Increase agency-to-agency cooperation.
Since the birth of the United States more than two centuries ago, the US federal government has grown up around an agency-centric structure. But today’s government managers realise that for e-government to succeed, cross-agency partnerships are critical, whether it’s the Department of Agriculture working with the Department of the Interior on geospatial mapping, or the Office of Personnel Management working with agencies to consolidate payroll systems. “We need to make choices based on citizens, as opposed to the specific department we come from,” says Ira Hobbs, deputy CIO in the Department of Agriculture. To develop security standards, create Web site guidelines or make any other provisions of the act succeed, government CIOs will need to continue formulating common strategies.
Commenced in late 2001, the OMB’s Quicksilver initiatives have already been actively breaking down barriers as agencies have worked side by side developing e-government projects. And the OMB’s IT team, led by Forman, has also been working with government CIOs on a number of other IT initiatives, including the development of a federal architecture. The act provides “additional momentum for what we’ve been doing in terms of using IT to improve the value and delivery of government services”, says Doug Bourgeois, CIO of the US Patent and Trademark Office.
Jim Flyzik, who recently left government after serving in the Department of Homeland Security and as CIO at the Treasury Department, strongly advocates looking at government from a functional, not a stovepiped, perspective. And he thinks the act, as well as DHS, can do just that. “The evolution of the Internet and tearing down of lines of demarcation across entities is part of that evolution [toward a more functional view of government]. It allows a physical restructuring and better services,” says Flyzik, who cofounded a Washington, DC-based government consulting firm, Guerra, Kiviat & Flyzik, last December.
Raise the profile of government IT leaders by creating a new Office of Electronic Government and writing the federal CIO Council into law.
The new office will be part of the OMB and led by a presidential-appointed administrator. That person will also head the federal CIO Council, an interagency group of CIOs and deputy CIOs. Those two provisions legislate two groups completely devoted to improving governmentwide management of IT. Flyzik, who was vice chairman of the council, says he’d been pushing to make the council law for some time. “We constantly tried to position the CIO Council to be a strategic force in setting the agenda for the administration,” Flyzik says, adding that, by making it law, the council gains a lot more emphasis and authority.
The act sets out specific responsibilities for the new administrator, including capital planning and investment control for IT, the development of enterprise architectures, ensuring dialogue between the federal, state and local sectors, and overseeing the distribution of the E-Government Fund. A logical choice to head the new office is Forman, the government’s top IT official.
Strengthen privacy protections by requiring privacy impact assessments for new systems.
Both the he US Congress and the administration understand that Americans are justifiably concerned about privacy in their digital interactions. The provision calls for assessments any time personal information is collected on 10 or more people. The assessments must address what information is to be collected and why, how it will be used and secured, with whom it will be shared, and requires notice of how consent is to be obtained from individuals. “By requiring agencies to go through the process of answering those questions, I think we move a long way toward protecting the privacy of the American public,” says Representative Jim Turner (Democrat-Texas), who introduced the legislation in the House.
McClure says that the importance of the provision is that assessments are now law. “In the past, there was guidance from OMB but nothing specifically in the law,” he says. “That’s a strengthening of privacy protections.” Another provision requires agencies to provide privacy notices outlining their policies on their Web sites.
Improve information security.
In 2000, Congress passed the Government Information Security Reform Act (GISRA), which required agencies to report on the security of their IT systems and build security into their business cases when making budget requests. Last year, Representative Tom Davis (Republican-Virginia), a key supporter of the E-Government Act in the House, introduced legislation to strengthen GISRA, which expired last November. That bill became the Federal Information Security Management Act (FISMA), which calls for security standards, annual independent audits and gives Congress more oversight over agency security matters. “Many have described it as GISRA with teeth,” says Shannon Kellogg, vice president of information security policy and programs at the Arlington-based Information Technology Association of America, an industry trade group. FISMA became law in the E-Government Act.
Agriculture CIO Hobbs is enthusiastic about the security mandate. “We clearly need to continue improving our cybersecurity posture across government. Having it [legislated] is good for all of us. It keeps our feet in the fire in the area where we need to spend time and resources,” he says. Kentucky CIO Aldona Valicenti thinks it’s one of the best things in the act, particularly because it makes it easier for states to interact securely with federal agencies. “You can imagine — I deal with Justice, Treasury, the EPA, [Health and Human Services]. If everyone has a different set of standards and a state wants to standardise on something else, we’re just nowhere,” she says. “The greater amount of coordination on the federal side is positive for states.”
Through many of its provisions, the E-Government Act gets the federal government out of the starting blocks, but managers and CIOs are going to be running 10-minute miles for a pretty long time. After all, one can’t expect a single piece of legislation to quickly transform Washington’s lumbering bureaucracy into a lean online machine.
Implementing e-governmentThere is no federal CIO.
It’s been seven years since passage of the Clinger-Cohen Act, which required US federal agencies to appoint CIOs. That act was a giant step in getting agencies to acknowledge the importance of IT to their mission. But, in the minds of many, a large hole exists at the apex of the federal government’s IT management structure, a hole that should be filled by someone with the federal CIO title. During a congressional committee hearing on the e-government legislation, Valicenti, testifying for the National Association of Chief Information Officers, urged the committee to create the position. “We wanted to provide a powerful position so that the federal government would adhere to standards and put more of their services online,” she says. The sponsors of the bill in Congress, including Senator Lieberman and Representative Turner, agreed, and the initial legislation called for the creation of a CIO position within the OMB that would require Senate confirmation.
But ultimately, the Bush administration nixed the proposal. “Any administration probably has a natural tendency to oppose the creation of additional positions that require Senate confirmation. That’s particularly true in an environment when the Senate is in control of one party [as it was at the time] and the administration in control of the other,” Turner says. “Secondly, there is a natural turf battle any time you’re trying to elevate a position within the administration because OMB always has the belief that the director of OMB should be the one in charge of all management and budget issues, which in their mind, includes IT.” Though Forman holds many of the responsibilities of the CIO position, his profile would likely be raised if he became the government’s CIO. A person holding that title statutorily might have an easier time consolidating IT management powers into one position and would be in a stronger position to elevate IT to a higher level, helping to ensure that technology strategy is part and parcel of the federal government’s management strategy.
The structure of the federal government makes successful e-government difficult.
As has been noted, the US government’s stovepiped structure has been institutionalised for more than two centuries. Even if cross-agency cooperation increases, the realities of the autonomous structure will make the process slow. Funding is one example. E-government requires that agencies offer services to citizens based on a functional perspective, “yet we program money on an agency perspective,” says McClure; that is, agencies develop their own budget. He says the same holds true for performance outcomes. “Congress is trying to instil a performance-based approach to government, but it’s been an agency focus, not a functional focus.”
Governance is another whole ball of e-wax. “E-government sort of blows up traditional organisational structures, processes and authority, and erases organisational lines pretty fast,” McClure notes. “Trying to agree on governance models on authority, control and responsibility will have to be worked out.”
“Bureaucrats guard their autonomy very carefully,” says Darrell West, director of the Taubman Centre for Public Policy at Brown University, “and e-government forces them to work together in ways they haven’t in the past.”
Agencies have a lot of work to do when it comes to security.
The good news is that agencies are prioritising information security more than ever, and the E-Government Act will reinforce that momentum. The less-than-good news is that some agencies are beginning their ascent to the security summit somewhere around sea level or worse. The latest Horn computer security report cards of federal agencies, announced by Representative Stephen Horn (Republican-California) last November, gave F’s to 14 of 24 agencies. (The Social Security Administration earned the highest grade, a B-.) “I think the federal government still has a ways to go to get its house in order,” says ITAA’s Kellogg.
The challenge is even more acute for government agencies because citizens set a higher security bar for government than they do for the private sector, according to McClure. “If a government entity was hacked and credit card numbers [were stolen], public trust in government would suffer tremendously,” he says. And, just as in the private sector, hacking government systems is a relatively common occurrence. “It’s been a serious problem,” says McClure, who previously worked as director of IT management issues at the General Accounting Office.
Privacy concerns remain a lightning-rod issue.
E-government, by its very definition, means more data is collected and shared among agencies, and that raises the level of concern among privacy advocates. The US Privacy Act of 1974, which put procedural safeguards in place to protect citizens’ data, has held up surprisingly well for its age, but there are exceptions to that act that have increased over time. A major one is the “routine use” exception, which allows agencies to share information on individuals for the routine business of government. (For example, the Department of Education can share student loan information with the Treasury Department.) The danger is that routine use could increase as e-government expands, resulting in more personal information in the hands of agencies without the knowledge of individuals. “[The exception] is overused today already,” says Ari Schwartz, associate director of the Centre for Democracy and Technology in Washington, DC. “In the e-gov world, the concern becomes more acute because the whole purpose is for agencies to share information when needed.”
Schwartz goes on to say that privacy protections have been weakened in the Bush administration, noting the failed Operation Tips (which encouraged citizens to report suspicious activity), new domestic surveillance rules passed last year that allow the FBI more liberty to gather information, and 2001’s USA Patriot Act (which also allows the government more powers of surveillance). “Law enforcement should be able to do its job and share information in a reasonable way as long as its not invading privacy. But there needs to be oversight. [The country has] a history of the misuse of information,” he says.
Of course, many of those developments have been a direct result of the events of 9/11. The tricky part for Americans is balancing the need for better information to prevent future terrorist attacks against the danger of losing their civil liberties.
Citizens still lack access to government information.
Does the act turn the country into an e-democracy overnight? Absolutely not. The digital divide isn’t going away. There’s no public catalogue of all the government information that exists online. Agencies aren’t required to post online who they do business with. “Why is it the public can’t come through Firstgov.gov and obtain information about who’s doing business with government?” says Gary Bass, executive director of OMB Watch in Washington, DC, a government accountability watchdog group. “I should be able to know if General Electric is doing business with the government and at the same time see if GE is violating any regulatory or legal requirements imposed upon it,” Switching gears from businesses to citizens, he adds, “I should be able to see how safe my drinking water is and [find] data that tells me the quality of the water. That’s the information the public is interested in.”
By virtue of the E-Government Act, the Bush administration and Congress have admirably put the pedal to the metal in their quest to make government operate more efficiently and cost-effectively, and to make government services more accessible and responsive to citizens. The act’s bipartisan support in both houses of the US Congress clearly demonstrates that the country’s elected officials recognise the importance of using IT to improve government. But transforming government won’t happen overnight; it will be a long and slow process, akin to watching a sapling grow to maturity. The E-Government Act injects the necessary fertiliser, but its roots will need plenty of time to take hold.
E-Government in ProcessTo understand the challenges ahead for implementers of the EGovernment Act, look no further than the hits and misses of the government’s 25 e-government initiatives.
In July 2001, the White House Office of Management and Budget launched an egovernment task force. Its purpose was to create an action plan for implementing President Bush’s Expanding E-Government initiative, the primary goals of which were to make it easier for citizens to interact with the federal government and to improve government efficiency and responsiveness to citizens.
The task force identified a number of performance problems, particularly due to overlapping and redundant agency processes. One example: A community trying to garner an economic development grant could potentially file more than 1000 forms at more than 250 federal bureaus.
In an attempt to improve customer service, the task force narrowed down an initial list of more than 350 e-government opportunities to 23 projects (two were added later); its prioritisation efforts were dubbed the Quicksilver Process. The final group of projects, approved by the president’s Management Council in October 2001, was chosen based on providing the most value to citizens, improving agency efficiency and deploying within 18 to 24 months.
The projects fall into five categories: government to citizen, government to business, government to government, internal efficiency and effectiveness, and cross-cutting (see “Some OMB Quicksilver Initiatives” below). A $US5 million fund was established for the 2002 fiscal year to support implementation.
Last year, Senator Joe Lieberman (Democrat-Connecticut), then the chairman of the Senate Governmental Affairs Committee and author of the E-Government Act, asked the General Accounting Office to review the completeness of the information used for choosing and overseeing the projects. Its report, released last December 19, drew some unwanted publicity to the initiatives. The GAO found that only nine of the business cases used to support the initiatives took customer needs into account, even though customer value was one of the OMB’s primary goals. Only eight of the business cases addressed collaboration among agencies.
The GAO also looked at whether the OMB had adequate data to monitor the progress of the projects. “While some was clearly there, other pieces were missing,” says Linda Koontz, director of information management issues at the GAO. The report cited a lack of accurate performance, schedule and cost information. A six-month follow-up with project managers late last year found that funding plans had changed more than 30 per cent for half of the initiatives.
Some OMB Quicksilver Initiatives
- GOVERNMENT TO CITIZEN
- IRS Free e-Filing
- Department of Treasury
- WHAT IT DOES Offers free online tax-filing to reduce costs to taxpayers
- PROGRESS REPORT Site launched January 2003
- GOVERNMENT TO BUSINESS
- One-Stop Business Compliance
- Small Business Administration
- WHAT IT DOES Creates portal site where small businesses can access legal and regulatory information
- PROGRESS REPORT Site launched December 2002
- GOVERNMENT TO GOVERNMENT
- Disaster Management
- Federal Emergency Management Agency
- WHAT IT DOES Enhances disaster management across agencies
- PROGRESS REPORT Pilot site launched November 2002
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.