Federal agencies should share the code for specific online functions such as identity verification or payment processing instead of constantly re-building them for each government site, according to a council of government chief information officers.
Promoting application programming interfaces, or APIs, could help agencies cut costs, and government developers should reuse those same building blocks across government projects, a recent report from the CIO Council argues.
APIs, which could also be used to install analytics and data storage functionalities into federal sites, could be cobbled together with other open-source software.
“A team of two [software developers] can implement what formerly took a team of twenty,” the report said.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
For instance, the General Services Administration’s digital consultancy 18F has been working on one such functionality: Login.gov, which aims to create a consistent identity verification system for anyone using federal sites.
But there are a handful of obstacles before APIs can be widely used, the report warned. For instance, developers need to understand how the Privacy Act—which states agencies can only keep information about a person as long as it's "relevant and necessary to accomplish a purpose of the agency”—would apply to certain APIs if they're shared between agencies.
A new protocol might involve “potentially executing a computer matching agreement (CMA) with any other agencies who may exchange records with the new system of records," the report said.
Broadly, the CIO Council encouraged agencies to promote “developer-focused” services.
This report follows a White House policy that requires federal agencies to share their source code with each other, part of an effort to reduce redundant software contracts. That policy also established a pilot in which federal agencies are directed to share 20 percent of their custom-developed source code with the public.
The CIO Council modeled its approach after foreign governments including Estonia and the United Kingdom. The U.K.'s Government Digital Service team, similar to 18F, has created a "government-as-a-platform approach” in which systems including “payments, user authentication, analytics and workflow management [are] distinct components that can be built once, offered as developer-focused services, and shared between organizations across the government.”
The U.K.’s Gov.UK Verify program, similar to 18F’s nascent Login.gov project, lets government sites share the functionality for online identity verification, the report noted.