Where digital gov falls short, Franken pushes on privacy, Stempfley honored and more

News and notes from around the federal IT community.

(Image: Shutterstock)

Government delivery of digital services better, but not up to private sector standards

More than 60 percent of Americans are satisfied with the digital services provided by the federal government, but the public sector comes up short when compared with its private-sector counterparts, a new report from Boston Consulting Group suggests.

Researchers Miguel Carrasco and Peter Goss explored how frequently citizens access online government services and what those experiences were like. The central conclusion of their report, “Digital Government: Turning the Rhetoric Into Reality,” is that things are OK, but could be better.

The Obama administration has launched several initiatives to improve government’s delivery of digital services, including 2012’s, Digital Government Strategy. Yet two years later, the BCG survey shows there is still room for improving customer experience.

Governments need more than a strategy, according to the report. Going digital requires leadership at the highest levels, investments in skills and human capital, and cultural and behavioral change.

People have a consistent set of expectations and priorities for their online interactions, the report found -- they know what good online customer service looks like by interacting with Amazon, Apple, Google and others, and expect the same level of performance from government.

Thirty-four percent of respondents said online government services were somewhat worse than the private sector, 16 percent said somewhat better and 8 percent said much worse.

Ports to CBP: Who pays for new IT?

American Association of Port Authorities President Kurt Nagle told the Homeland Security and Governmental Affairs Committee on June 5 that ports shouldn't have to pay to maintain or replace the Department of Homeland Security's radiation and truck-mounted X-ray systems used to screen cargo at the facilities.

In written testimony, Nagle said that Customs and Border Protection has reached out to ports and terminal operators asking them to pay for the systems.

GAO officials have said CBP, in coordination with the Domestic Nuclear Detection Office, has deployed more than 1,400 radiation portal monitors at U.S. ports of entry. The mobile Vehicle and Cargo Inspection System is used at seaports to screen truck-hauled cargo containers before they leave the port.

Nagle cited data collected by the DHS inspector general that shows CBP and DNDO don't have a plan for continuing maintenance, replacement or funding for the radiation monitors and VACIS.

Nagle said his organization wants DHS to conduct a study on how the agency intends to pay for the future use of scanning equipment, including changes due to port facility expansion or reconfiguration, and for contingency plans as scanning machines reach the end of their service lives.

Franken pushes location privacy bill

Sen. Al Franken (D-Minn.) is looking to establish opt-in requirements for applications that collect location data on users. His legislation is aimed at preventing the use of covert GPS data collection by apps that can be used as beacons for stalkers.

Specifically, the bill would require companies to obtain permission before collecting and sharing user location information, and require companies that collect location data from more than a thousand devices to share information on what they're collecting, how they're sharing it, and how users can opt out.

The stated purpose of the bill is to eliminate a technological channel used in the commission of violent crime, but many in industry are concerned that the measure would also limit innovation by apps that depend on collecting the anonymized location of users to provide data on traffic congestion or information on cellular signal strength. The legislation is not expected to become law, and even Senate passage looks like a heavy lift. But any such plan would likely necessitate significant changes to the way mobile operating systems structure notifications to users.

(ISC)2 honors DHS’s Stempfley

Roberta “Bobbie” Stempfley, deputy assistant secretary for cybersecurity and communications at the Department of Homeland Security’s National Protection and Programs Directorate, was named the recipient of the 2014 Lynn F. McNulty Tribute U.S. Government Information Security Leadership Award by (ISC)2.

The award was established in 2012 to honor the memory of McNulty, a pioneer in federal cybersecurity, by annually recognizing an individual whose vision and innovation have advanced the field of federal information security.

Stempfley was honored for her efforts to develop an organization “dedicated to preventing disruptions to our critical information infrastructure and to protecting the public, the economy, government services and the overall security of the United States,” said W. Hord Tipton, executive director of (ISC)2 and and former CIO of the Interior Department.

Before moving to DHS in 2010, Stempfley served as CIO of the Defense Information Systems Agency.

Welcome to the ‘Age of the Citizen’

Federal agencies working in what a new study by Forrester Research calls the "Age of the Citizen" must be able to hit four critical pressure points to be effective in the emerging big-data and application-driven universe.

They must transform the citizen experience by improving access to information and services; embrace and enable mobility through new engagement channels; turn data into insights and innovation to better address constituencies’ needs; and embrace and enable digital disruption through innovation.

The ability to not only gather big data but also shape it into something useful for ever-more-technically expectant citizens is the cornerstone of successful efforts, according to the study. However, only about half of government organizations use data to drive decision-making, as opposed to gut feeling or instinct, the study said. While agencies are working on developing those capabilities, fewer than half report having a mature data and business intelligence strategy in place.

Real world meets cyber world

Simson Garfinkel, a professor of computer science at the Naval Postgraduate School, suggests a solution to the errors that have allowed three computer bugs in the last year to potentially expose the information of billions of individuals. Garfinkel, writing for MIT Technology Review, posits that encounters with the OpenSSL Heartbleed bug, goto fail bug in Apple’s OS, and zero day exploit in Microsoft’s Internet Explorer can each trace their origin to a common mistake: Much of the Internet and software used by the public is coded in C, a language that becomes increasingly vulnerable when poorly executed code goes unnoticed.

Garfinkel’s solution is to apply the standards and policies of the physical world to the cyber world, citing building regulations that ensure the safety of new structures and the inspectors who scrutinize every step of their development. With the proper software development regulations in place and the assistance of automated inspection tools, he argues, the software development community can prevent future cybersecurity breaches from occurring, but “the most stringent checking will need to be enabled by default.”

Read the whole thing here.

NEXT STORY: Behind the scenes of big data