Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Friday - 6/25/2010, 4:16pm EDT
Federal News Radio
Seeking to bring the federal government's websites to parity with those in the private sector, the Office of Management and Budget today issued new guidelines on the use of widely-used web management and customization technologies.
OMB also issued guidance on privacy policies concerning government use of third-party websites and applications.
The new guidelines had been long-sought by federal web managers who wanted to use more modern web management techniques to improve the operation of their websites.
Michael Fitzpatrick, associate administrator with OMB's Office of Information and Regulatory Affairs, said during a conference call that the new guidelines update policies set up ten years ago when things like social networking sites, wikis, etc. had not yet even been imagined.
"We revisited this issue through public comment which began last summer," he said, "We received thousands of helpful comments from the public, through a series of one-on-ones, and outreach meetings with key stakeholders."
He adds that a request for comment was also issued through the White House Office of Science and Technology Policy.
As outlined by the OMB memorandum, the new guidelines cover two areas:
- Personally identifiable information can only be collected from the use of such technologies through opt in, voluntary consent of the user. Before such consent can be given, however, agencies must undergo a 30-day notice and comment period on their proposed use of the information.
- As additional protection, the new policy makes clear that under no circumstances can agencies use web measurement and customization technologies: to track a user's online activity on other websites outside the government; to share the data gathered through the use of such technologies with other departments or agencies unless the user has consented; to cross-reference, without the user's explicit consent, any information gathered from such technologies against personally identifiable information to determine an individual's online activity; to collect, in any fashion, personally identifiable information without the user's explicit consent.
- Lastly, agencies will need to conduct an annual review of their compliance with the new policy and post the results of this review online.
- Examining the third party's privacy policies to evaluate the risks and determine whether the website or application is appropriate for the agency's use. The third party's policies should be monitored for changes and the risks should be periodically reassessed.
- Performing a Privacy Impact Assessment to evaluate the privacy implications, to identify appropriate safeguards, and to ensure that such safeguards are in place. Generally, these assessments should be posted on the agency's website.
- To the extent practicable, providing a Privacy Notice on the specific website or application that the agency is using. The notice should give people an opportunity to understand the agency's practices before engaging with the agency.
The new guidelines replace previous OMB guidance on the use of these technologies, says Fitzpatrick, who adds that agencies now have the ability to use them to improve the delivery of services to citizens, while at the same time providing certain privacy protection.
The web guidelines, he says, will help agencies update websites to enbable the use of so-called "persistent cookies", which private sector sites use to create more personalized user experiences.
(Copyright 2010 by FederalNewsRadio.com. All Rights Reserved.)