recommended reading

IT officials push rewrite of outdated paperwork reduction policies

"The emergence of social media tools has called attention to the need for more updated language in the PRA," Linda Travers, acting CIO at the EPA, said.Sean McCormick

Some federal information technology officials say it is time to overhaul policy on the pre-social media 1995 Paperwork Reduction Act that -- contrary to its original purpose -- is increasing the burden of information-sharing on citizens.

"The emergence of social media tools has called attention to the need for more updated language in the PRA," said Linda Travers, acting chief information officer at the Environmental Protection Agency. "There needs to be a federalwide process to identify the issues and make recommendations so ultimately the PRA can either be amended, or revisions made to its interpretive guidance."

Under federal rules that implemented the legislation, agencies lack adequate authority to increase transparency, said federal consultants versed in information management. To collect public feedback through online polls and surveys, for instance, agencies must endure a lengthy process of getting permission from the Office of Management and Budget. The lag time between submitting proposals to collect information and obtaining approval could stifle the president's goal of using the Internet to seek input from citizens, some consultants said.

To date, the Obama administration has not issued guidance that outlines exceptions to the rules, such as waivers for posting online questionnaires about federal Web sites.

"The existing process of using OMB-approved surveys to gather stakeholder feedback is time-consuming, expensive and laborious," said Joyce Bounds, acting chairwoman of the Veterans Affairs Web governance board and director of Veterans Health Administration Web communications. "The process does not permit a quick feedback mechanism nor allow us to collect meaningful data or input and opinions."

The board will examine the approval process and make a recommendation to VA's strategic communications council, she added. Bounds, also a member of the Federal Web Managers Council, said VA could seek changes to the policy through that council, which could then make recommendations to OMB.

In December 2008, Bounds and other members of the council, including Bev Godwin, director of online resources and interagency development with the White House new media team, wrote a paper offering some solutions to the barrier that the paperwork policy poses to social media.

"The national [chief technology officer] or OMB should issue immediate guidance that outlines exceptions to the PRA, such as using online surveys to solicit public opinion about federal Web sites, using social media to have online discussion forums with the public, etc." the report stated.

OMB officials said they have not examined whether the guidance should be revised. Aneesh Chopra, nominated for the CTO position on Saturday, has not taken office yet.

OMB is the appropriate office to address the issue, since the law puts it in charge of administering the program governmentwide, Travers said.

Kenneth A. Megill, who consulted the Air Force on digital information services from 1997 to 2001 and served as records manager for the comptroller of the currency from 1987 to 1992, said a rewrite of the rules is long overdue. "The document promotes one-way government because at the time it was created, with government as provider and citizen as consumer, that was beneficial," he said

Now, in the world of the interactive Web, the relationship works both ways.

The law's definitions of "burden" and "collection" present particular problems by prohibiting agencies from collecting responses from the same population of citizens, said Megill, who currently is president of Knowledge Application Services, a Washington-based company that provides knowledge management services to the federal government.

Burden is defined as "time, effort, or financial resources expended" to provide information for a federal agency, including the resources expended for "completing and reviewing the collection of information" and "transmitting" the information.

A collection of information is "the obtaining, causing to be obtained, soliciting, or requiring the disclosure to third parties or the public, of facts or opinions by or for an agency, regardless of form or format."

Under the rules and the law, contributing multiple responses is a burden on the citizen, as is sharing those responses with other agencies.

The advent of mash-ups -- or Web sites that combine data from multiple government, nonprofit or commercial sites to illustrate trends -- has made some agencies wary of changing the guidance, Megill added.

The OMB-sanctioned purpose of a collection can morph into something that is not approved in a mash-up. For example, by using Google's maps, a terrorist could turn a list of the country's best schools into a list of targets.

"Agencies don't want to be indirectly responsible for horrible things happening," so they are reluctant to make it available or available in a format that users can modify it, Megill said.

The law started out with good intentions, but has "turned into a way for bureaucrats to keep things from happening. . . .It's still a very important act and its basic thrust is correct," he said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.