Subject: Reengineering Through Information Technology NEW 08/22/94 ******************************************** Reengineering Through Information Technology ******************************************** Accompanying Report of the National Performance Review Office of the Vice President September 1993 Contents ******** Executive Summary....................................................1 Strengthen Leadership in Information Technology IT01: Provide Clear, Strong Leadership to Integrate Information Technology into the Business of Government..............................................9 Implement Electronic Government IT02: Implement Nationwide, Integrated Electronic Benefit Transfer..........................................17 IT03: Develop Integrated Electronic Access to Government Information and Services..................................23 IT04: Establish a National Law Enforcement/Public Safety Network............................................29 IT05: Provide Intergovernmental Tax Filing, Reporting, and Payments Processing...................................33 IT06: Establish an International Trade Data System..............37 IT07: Create a National Environmental Data Index................41 IT08: Plan, Demonstrate, and Provide Governmentwide Electronic Mail...........................................43 Establish Support Mechanisms for Electronic Government IT09: Improve Government's Information Infrastructure...........51 IT10: Develop Systems and Mechanisms to Ensure Privacy and Security......................................57 IT11: Improve Methods of Information Technology Acquisition.....65 IT12: Provide Incentives for Innovation.........................71 IT13: Provide Training and Technical Assistance in Information Technology to Federal Employees...........................77 Appendices A. Summary of Actions by Implementation Category................83 B. Methodology..................................................85 C. Glossary.....................................................87 D. Accompanying Reports of the National Performance Review......91 Implementation Categories Each action is followed by a number in parentheses that indicates the necessary avenue for effective implementation. Appendix A organizes all actions according to these categories. (1) Agency heads can do themselves (2) President, Executive Office of the President, or Office of Management and Budgetcan do (3) Requires legislative action (4) Good idea, but will require additional work, or may be better suited for future action Abbreviations ACS Automated Commercial System AFDC Aid to Families With Dependent Children Arpanet Advanced Research Projects Agency Network ATM Automated Teller Machine BBS Bulletin Board System CD-ROM Compact Disk-Read Only Memory CSIT Customer Service Improvement Team DOC Department of Commerce DOD Department of Defense DOE Department of Energy DSS Digital Signature Standard EBT Electronic Benefit Transfer EDI Electronic Data Interchange EDP Executive Development Program EFT Electronic Funds Transfer EPA Environmental Protection Agency FACET Future Automated Commercial Environment Team FAR Federal Acquisition Regulations FCC Federal Communications Commission FCCSET Federal Coordinating Council on Science, Engineering, and Technology FEMA Federal Emergency Management Agency FIC Federal Information Center FIRMPoC Federal Information Resources Management Policy Council FMS Financial Management Service FNC Federal Networking Council FNS Food and Nutrition Service FOIA Freedom of Information Act FRA Federal Records Act GAO General Accounting Office GITS Government Information Technology Services GSA General Services Administration HHS Department of Health and Human Services HUD Department of Housing and Urban Development IBIS Interagency Border Inspection System ICN Iowa Communications Network IITF Information Infrastructure Task Force INS Immigration and Naturalization Service IRM Information Resources Management IRS Internal Revenue Service ISOO Information Security Oversight Office IT Information Technology MOU Memorandum of Understanding NARA National Archives and Records Administration NASA National Aeronautics and Space Administration NII National Information Infrastructure NISP National Industrial Security Program NIST National Institute of Standards and Technology NOAA National Oceanic and Atmospheric Administration NSA National Security Agency NSF National Science Foundation NSTAC National Security Telecommunications Advisory Committee NTIA National Telecommunications and Information Administration NTIS National Technical Information Service OIRA Office of Information and Regulatory Affairs OMB Office of Management and Budget ONDCP Office of National Drug Control Policy OPM Office of Personnel Management OSTP Office of Science and Technology Policy PC Personal Computer PDD Presidential Decision Directive PIN Personal Identification Number POS Point of Sale PRD Presidential Review Directive PSN Public Switched Network R&D Research and Development SES Senior Executive Service SSA United States Code USDA United States Department of Agriculture USPS United States Postal Service VA Department of Veterans Affairs WCF Working Capital Fund WIC Women, Infants, and Children Executive Summary ***************** When it comes to information technology, horror stories abound in both the public and private sectors. In some cases, the federal government is woefully behind the times, unable to use even the most basic technology to conduct its business. At one point, for instance, three Agriculture Department bureaus were supposed to share a computer system toimprove the management of food and subsidy programs. Five years later, they still could not resolve differences over testing, installation, and maintenance. In society at large, the widespread use of new technology has caused problems that include threats to personal privacy and safety. In Brooklyn not long ago, crooks used a hidden video camera to watch people withdrawing money at ATM machines. By recording personal identification numbers, the cameras helped the crooks later make unauthorized withdrawals. Nevertheless, information technology has brought the convenience of revolutionary change to everyday life, from ATM machines at banks to global transfers of funds, from 800 telephone services to personal home computers, "e-mail", and the worldwide Internet computer telecommunications system. Whatever its problems, the information technology revolution is upon us. One author calls such technology the most powerful tool for change in the modern era.[1] American businesses, particularly the smarter ones, are taking notice. As the cover text of a recent book proclaims, "Computers and telecommunications are reshaping the basic structure of American enterprise, and any competitive business must realize the new technology either to improve its products and services or to create entirely new ones.[2] The private sector is employing information technology to reengineer the way it does business, using human and material resources more efficiently and competing more effectively. -Lagging Behind- For various reasons--some regulatory, some legislative, some cultural--the federal government lacks appropriate access to the most efficient, costeffective information technology products and services. The government has lacked not only strong leadership in this area, but also a coherent plan on how to most effectively tap information technology 's potential. This report provides Washington with a road map to the future. The government must not apply information technology haphazardly or sporadically. It also should not simply automate existing practices. Instead, public officials should view information technology as the essential infrastructure for government of the 21st Century, a modernized "electronic government" to give citizens broader, more timely access to information and services through efficient, customer- responsive processes. For practically everyone, dealing with the government is complicated. Americans complain that government is too slow or confusing in delivering its services or that they have too many places to call or go. Government employees complain even more about trying to deal with other parts of government. A big reason is the incredible volume of information that government processes and files. Information technology, with its ability to electronically store and rapidly sort, transmit, and access information, is the key to solving this problem. If MasterCard can resolve a credit card issue at 1 a.m. and Federal Express can find the location of a package anywhere in the world, then, theoretically at least, government can do as well. But while technology solutions exist, government is falling dangerously behind the private sector in using technology to deliver services. -Catching Up- President Clinton and Vice President Gore want to use information technology to improve Americans' quality of life and reinvigorate the economy. The administration has identified technology as the "engine of economic growth." [3] Among its top priorities is accelerating the development of a National Information Infrastructure of high-speed telecommunications networks, advanced computer systems, and software. Today, information technology can create the government of the future, the electronic government. Electronic government overcomes the barriers of time and distance to perform the business of government and give people public information and services when and where they want them. It can swiftly transfer funds, answer questions, collect and validate data, and keep information flowing smoothly within and outside government. But making electronic government a reality requires two things: (1) leadership to place information technology at the center of the business of governing, and (2) commitment to the necessary support mechanisms. This report outlines a three-part agenda for spreading information technology's benefits to the federal government: (1) Strengthen Leadership in Information Technology, (2) Implement Electronic Government, and (3) Establish Support Mechanisms for Electronic Government. -Strengthen Leadership in Information Technology-. The recently created Information Infrastructure Task Force (IITF) can provide leadership in integrating information technology into systems that support government's operation.[4] Chaired by the Secretary of Commerce, this task force is responsible for articulating and implementing the President's vision for advanced telecommunications and computing technology. It is uniquely positioned to help develop the governmental aspects of America's information infrastructure. The President should expand the task force's work to include a Government Information Technology Services (GITS) Working Group which, in turn, would collaborate with state and local governments as well as the private sector. The GITS Working Group should work with the IITF to develop a strategic vision and an implementation plan for using government information resources across and within agencies, and develop steps to improve how government provides information and services to the public. The working group should also develop strategies to empower information technology management in federal agencies and set priorities for sharing information among agencies. In addition, GITS should be the focal point for implementing the actions of this report. -Implement Electronic Government- Electronic government extends the idea first seen in electronic banking. Just as ATMs, plastic access cards, and nationwide networks have made banking more convenient, electronic government will make communicating with government easier and faster. Obviously, as in electronic banking, privacy and security issues must be addressed here as well. We propose seven initiatives to inaugurate the electronic government. They provide dynamic opportunities to improve the efficiency and easy use of government services. Their implementation will provide substantial return on investment through increases in productivity. -Integrated Electronic Benefit Transfer- Electronic benefit transfer will use information technology present in the financial industry to deliver, nationwide, fast and efficient government assistance--including Food Stamps, Social Security benefits, and veterans' benefits. -Integrated Electronic Access to Government Information and Services- Access to government is a right of Americans. Existing technology makes possible the integrated electronic access to government information and services. The use of a single nationwide 800 telephone number would simplify access to government agencies. Electronic government kiosks that use technology similar to that in ATMs can provide "one-stop shopping" for both government information and services. Personal computers may also be used to access electronic bulletin board systems, databases, and agency directory services. -National Law Enforcement/Public Safety Network- A National Law Enforcement/Public Safety Wireless Network will improve coordination and communication among federal, state, and local law enforcement and public safety agencies, and will save money. It must first focus on establishing standards for sharing information and implementing appropriate privacy and security measures. -Intergovernmental Tax Filing, Reporting, and Payments Processing- The IRS already has on file all the tax information needed to calculate the taxes due for about 60 million taxpayers because financial institutions and employers are required to report this information. Yet IRS and state tax agencies still require taxpayers to compute what IRS already knows. If IRS computed taxes and sent a statement, and if electronic filing were used for all others, IRS and state agencies could forgo the mailing of 75 boxcars of forms to taxpayers--and certain classes of taxpayers could ultimately not need to file. For others, they will need to file only once. Enormous administrative savings would accrue to government and the burden on taxpayers would be reduced. -International Trade Data System- To help ensure the nation's competitiveness inglobal markets, the Treasury Department should create an all-inclusive database for disseminating international trade data, for use by the government and the trade community. -National Environmental Data Index- The National Oceanic and Atmospheric Administration should create a National Environmental Data Index to coordinate the development and use of environmental data gathered by various government agencies. Its goal- -to give government, the private sector, academia, and citizens easy access to environmental information. -Governmentwide Electronic Mail- In the private sector, e-mail and messaging systems are becoming as common as the desktop computer. Governmentwide electronic mail is a natural progression from paper-based government to an electronic govern- ment. E-mail allows rapid communication among employees across agency boundaries. The administration should work with Congress to resolve issues regarding what constitutes a government record created by e-mail, and how to ensure appropriate security in using e-mail. -Establish Support Mechanisms for Electronic Government- The administration isworking with the private sector to more quickly develop a broad, privately operated national information infrastructure (NII). The NII "will revolutionize the way we work, learn, shop, and live, and will provide Americans the information they need, when they need it, and where they need it--whether in the form of text, images, sound, or video."[5] This capability will "enhance the productivity of work and lead to dramatic improvements in social services, education, and entertainment."[6] Nevertheless, this bright future can only become a reality if we adopt "forward-looking policies that promote the development of new technologies and if we invest in the information infrastructure for the 21st Century." The public and private sectors both must help improve the nation's information infrastructure. Federal officials have a special responsibility since the government produces information resources, uses them and makes policy for their use, acts as a catalyst for their development, and delivers services through them.[7] The government should extensively use the emerging national information infrastructure that American industry is creating and refining. In a recent report, the President of the National Academy of Public Administration writes, Information is pivotal to the vitality and productivity of government services and the nation's economic competitiveness. At issue is whether we can use information technology effectively to empower government, the private sector, and citizens alike. The complexity of today's world demands that the public and private sectors not only learn to master this tool, but also work cooperatively to maximize the national benefits.[8] The infrastructure will allow the government to consolidate and modernize its data processing centers and standardize some of government's basic administrative functions, such as payroll, personnel record-keeping, management information systems, and financial and general ledger accounting. The GITS Working Group should develop an implementation plan for consolidating data processing installations and reengineering common application systems. The administration recognizes that initiatives to bring electronic government to the public require strategic relationships between government and the private sector. These relationships must include necessary incentives for innovation. Agencies should be able to retain a portion of savings produced through information technology for reinvestment, and use multi- year funding for information technology projects. The government should promote performance-based contracting for information technology products, allowing the private sector to increase its profits if it can find ways to make government run more efficiently and cost-effectively. It should create a governmentwide venture capital fund to finance innovative information technology projects within agencies. Success in implementing electronic government also depends on public confidence. Electronic government must protect the information it processes and ensure individual privacy. It also must protect national security interests, permit legitimate law enforcement activities, enhance global competitiveness and productivity for American business and industry, and ensure civil liberties. The government must define uniform privacy protection practices and generally accepted principles for information security. It also must adopt a digital signature standard, and it must promulgate encryption standards for sensitive information. The government also must expedite and simplify how it acquires information technology.The market for computer hardware and software involves products for which the shelf life can be as short as a few months. In this environment, the government needs aggressive, innovative purchasing methods. The General Services Administration's (GSA's) current schedules should be replaced with a real-time, on-line electronic marketplace. Dollar limits on agency delegations of procurement authority and on credit card purchases for commercial information technology items should be raised significantly. Federal employees must get training and technical assistance in information technology. The government should create a program to train nontechnical senior executives and political appointees. Moreover, the Office of Personnel Management and GSA should establish information resources management (IRM) competencies for federal employees pursuing appointments to IRM management positions. Finally, because the new technology allows a physical restructuring of the organization, making it less hierarchical, employees at all levels should be able to interact electronically, sharing ideas and helping one another with on- line resolution of information technology problems.[9] The quicker the federal workforce embraces the possibilities of information technology, the sooner the initiatives of electronic government can become a reality benefiting the public. By reengineering through information technology, the Clinton administration will provide the leadership, vision, and commitment to bring government into the Information Age. Endnotes 1. Davenport, Thomas H., Process Innovation: Re-engineering Work through Information Technology (Boston: Ernst & Young, 1993), p. 1. 2. Davis, Stan, and Bill Davidson, 2020 Vision (New York: Simon and Schuster, 1991), front cover. 3. President William J. Clinton and Vice President Albert Gore, Jr., Technology for America's Growth, A New Direction to Build Economic Strength (Washington, D.C.: U.S. Government Printing Office (GPO), 1993), p. 7. 4. The Information Infrastructure Task Force was formed by the National EconomicCouncil and the Office of Science and Technology Policy in May 1993. It is a federal government interagency task force consisting of representatives from federal agencies involved in telecommunications and information policy. The task force addresses issues that promote the application of the National Information Infrastructure. 5. See Federal Coordinating Council for Science, Engineering, and Technology, High Performance Computing and Communications: Toward a National Information Structure (Washington, D.C.: Office of Science and Technology Policy, 1993). 6. Council for Competitiveness, "Vision for a 21st Century Information Infrastructure," Washington, D.C., May 1993. 7. U.S. Office of Management and Budget, Information Resources Management Plan of the Federal Government (Washington, D.C.: GPO, 1992), p. III-8. 8. National Academy of Public Administration, The Information Government: National Agenda for Improving Government through Information Technology (Washington, D.C., 1993), p. iii. 9. Morgan, Gareth, Riding the Waves of Change (San Francisco: Jossey- Bass, 1990), p. 102. Strengthen Leadership in Information Technology ****************************************************** IT01: Provide Clear, Strong Leadership to Integrate Information Technology Into the Business of Government ****************************************************** Making the Vision a Reality Reinventing government is an enormous, complex undertaking that begins with leadership, not technology. Yet information technology (IT)- -because it can help break down bureau and agency boundaries--can be a powerful tool for reinvention. Its use requires both a clear vision of how government can benefit from technology to change the way it does business, and a commitment to making the vision a reality. Only good leadership, which combines vision and commitment, can ensure sound investments in IT to support the redesign of federal business practices. The Clinton administration has made expanded use of IT a national goal; its efforts in achieving this goal are two- pronged. -Creating a National Vision- To accelerate the development of the National Information Infrastructure, the National Economic Council and the Office of Science and Technology Policy have created a committee--the Information Infrastructure Task Force--to coordinate the administration's efforts to formulate forward-looking telecommunications and information policies. This task force, chaired by the Secretary of Commerce and consisting of deputy- level representatives of relevant federal departments, will articulate and implement the President's vision of a nationwide system in which all Americans can exchange and receive information when and where they need it at a reasonable cost. -Improving Federal IT Practices- The Paperwork Reduction Act of 1980 gives the Office of Management and Budget's (OMB's) Office of Information and Regulatory Affairs (OIRA) governmentwide responsibility for providing leadership in information management. The act also charges a senior official within each agency--reporting directly to the agency head--to provide agency- level leadership in this area. With proper vision and direction, these officials could fulfill their potential as agents of change, using information technology to help reinvent their agencies' approach to their mission. Need for Change The federal government's attempt to integrate information technology into the systems supporting its operations have produced some successes- -and some costly failures. Despite spending an estimated $25 billion in fiscal year 1993 on information technology, the federal government has lacked the strong and effective leadership required to ensure that government makes the most of these resources.[1] We have operated without any overall, enterprisewide strategic plan or vision of the role of information systems in government, and with little or no regard for connections among various federal agencies, or with state and local governments. Many agency heads and federal executives continue to overlook IT's strategic role in reengineering business practices. Agency information resource managers typically lack the tools or the opportunity to be effective partners with top executives in developing strategies to use technology effectively. Too often, agency information resource management (IRM) plans and agency strategic plans are not integrated. Without clear direction and support from the top, modernization programs tend to degenerate into loose collections of independent systems solving unique problems and automating--rather than improving upon--the existing ways of doing business. For example, three bureaus in the Department of Agriculture were to share a computer system to improve the management of food acquisition and price support programs. However, 5 years after work on the system had begun, no mechanism had been established to resolve disagreements that arose in testing, installation, and maintenance.[2] The oversight community--OMB, the General Services Administration (GSA), congressional committees, the Inspectors General, and the General Accounting Office (GAO)--often aggravates this situation by overemphasizing specific details such as the acquisition costs of individual IT projects rather than assessing the overall impact on productivity. Instead, effective oversight should foster the analysis of work processes and formulation of strategic plans that integrate information technology with agency missions. Oversight agencies are in an excellent position, given their independent status, to identify and promote opportunities for cross-agency sharing of capabilities. In particular, OIRA is charged under the Paperwork Reduction Act to provide leadership and oversight for the information resources management activities of federal agencies. Historically, OIRA has placed more emphasis on regulatory and paperwork review responsibilities than on leadership and information policy. The Administrator of OIRA is committed to improving OIRA's performance in the information area.[3] The seeds of change have been sown. Nurturing them will require resources and expertise from the central agencies, and a new partnership between OIRA, GSA, and the agencies. In a few cases where oversight agencies have attempted coordination, the results have been positive. For example, in 1988, OMB analyzed the use of information technology by the Customs Service, the Immigration and Naturalization Service (INS), and the State Department to check the names of persons entering the United States against a master list. Finding duplication of effort and little sharing of information, OMB worked with the agencies to create the Interagency Border Inspection System (IBIS), jointly funded and operated by the three agencies. IBIS allowed Customs and INS to redesign their work processes. INS agents now conduct all name checks, freeing Customs agents to inspect baggage--thereby improving enforcement and speeding the processing of legitimate transfers. An even more powerful example of successful coordination has been the work of the High Performance Computing, Communications, and Information Technology Subcommittee which coordinates the multi-agency High Performance Computing and Communications Initiative. By coordinating and sharing resources and expertise among 12 federal agencies, this interagency working group, under the leadership of the White House Office of Science and Technology Policy, has created a $784 million program that is expanding the nation's computing capabilities.[4] This, and other programs, should be models for the type of coordination across government to realize IT's full potential in reinventing government. Actions ******* 1. Plan for effective use of information technology throughout government.(2) By January 1994, the Information Infrastructure Task Force (IITF) should expand its workto include a Government Information Technology Services (GITS) Working Group. At a minimum, the working group will be composed of representatives from OMB and agencies directly affected by the recommendations made in this report, e.g., the Departments of the Treasury, Justice, Defense, Energy, Agriculture, Commerce, Health and Human Services, Housing and Urban Development, and the General Services Administration. The GITS Working Group will assist the IITF in performing the following: ---Developing a strategic vision for using information resources within thefederal government. This vision will define an overall program and plan for IRM in the federal government and should include specific models of operation, goals for improving government use of IT in mission performance--both across and within agencies--and measures for improving service to the public. ---Developing strategies to improve leadership and authority within federalagencies, and to include information resources management in agencies' mission strategic planning. ---Setting priorities for federal information resources management and assessing the adequacy of resources to support and facilitate important goals. In addition, the GITS Working Group should perform the following: ---Develop an implementation plan for the recommendations made in this report. ---Work with state and local governments and private sector advisers to promotecooperation and information sharing. ---Establish a continuous improvement plan and process to design, develop, and implement technology-enabled, governmentwide business initiatives--the electronic government as described in this report. ---Identify additional opportunities and oversee follow-up on those opportunities for sharing information resources across agencies to improve program performance. ---Use existing interagency groups such as the Federal IRM Policy Council (FIRMPoC) for assistance where applicable. ---Serve as the focal point for implementing the recommended actions of this accompanying report. 2. Coordinate and oversee implementations of information technology plans.(2) Beginning November 1993, OMB should: ---In coordination with the GITS Working Group and GSA, convene (or useexisting) interagency teams, chaired by an appropriate program agency, to share information, solve common problems, and represent the government to the public on specific cross- cutting information technology matters. ---Revise OMB Circular A-130 to encourage the integration of agency IRM plans with agency strategic plans and budgets via the creation of strategic IT plans and performance measures. ---Ensure adequate OMB staff expertise to exercise effective leadership offederal information and IT activities. This function should combine technical expertise in information computing and communications, government operations, and service sector innovation. This function must be integrated with--not isolated from--OMB's other management and budget oversight functions. This integration will ensure that OMB speaks with one voice on information and IT issues, and that agencies can rely on consistent guidance. Endnotes 1. U.S. Office of Management and Budget, Information Resources Management Plan of the Federal Government (Washington, D.C.: U.S. Government Printing Office [GPO], 1992), p. 3. 2. U.S. Congress, House, Committee on Government Operations, Subcommittee on Government Information, Justice, and Agriculture, hearing on"Agricultural Stabilization and Conservation Service Computer Systems: Building Another Hubble?," September 18, 1990. 3. Katzen, Sally, Administrator of OMB/OIRA, confirmation testimony before the Senate Governmental Affairs Committee, May 14, 1993. 4 President William J. Clinton and Vice President Albert Gore, Jr., A Vision of Change for America (Washington, D.C.: U.S. GPO, 1993), p. 54. ******************************* Implement Electronic Government ******************************* Introduction Citizens and government workers contend with an increasingly complicated array of federal agencies, organizations, processes, and forms. The existing service delivery system is largely based on hierarchical design structures developed in the 1930s. The result is slow, inefficient service that may not satisfy actual customer needs. The information needed for sound decisionmaking and high-quality customer service is not coordinated across government agencies, thus increasing cost and time to provide services. In short, today's government structures, processes, and business practices, which were designed for a different era, cannot keep up with the existing types and volumes of customer demands. Information technology will be the key to providing more cost- effective and user-friendly government services. Industry examples illustrate how exploiting technology can provide superior customer service, significantly decrease costs, increase quality, and improve overall effectiveness and competitiveness. Successful applications of information technology also can be found in federal, state, and local government. Moreover, the Office of Management and Budget estimates that by the year 2000, approximately 75 percent of public transactions will be processed electronically.[1] The requirement to address ever-more-constrained operating budgets makes integration of information technology into all phases of the federal workforce vital to meeting service demands of the American public. Information technology must not be applied haphazardly or sporadically. It also must not be used simply to automate existing practices. Instead, information technology must be seen as the essential infrastructure for the government of the 21st century--a modernized electronic government. Electronic government will allow citizens broader and more timely access to information and services through efficient, customer- responsive processes--thereby creating a fundamental revision in the relationship between the federal government and everyone served by it. Electronic government will enable the creation of "virtual agencies" that will give citizens access to integrated program information and services organized around service "themes" (e.g., unemployment assistance), rather than bureaucratic--and often idiosyncratic-- structures. In a virtual agency, several interconnected federal organizations will be able to provide information and services in a seamless manner. In electronic government, high-speed telecommunications links (information highways) will carry the data necessary to support governmental operations. These information highways will connect federal, state, and local governments, and help form a National Information Infrastructure (NII) made up of public and private transmission circuits and information services. Existing components of the NII include the nation's telecommunications carriers; Internet, which serves both government and private sector as a pathway for electronic mail and data; public libraries; and the electronic settlement services that support the automated teller machines and credit cards that facilitate the flow of funds nationwide. A conceptual subset of the NII is the government's information infrastructure, the portion of the NII used exclusively by the government. It is composed of all the electronic services and paths that support government operations, such as the computer systems that facilitate the payment of monthly Social Security benefits, the FTS2000 telecommunications systemthe federal government uses for voice and data communications, internal networks run by individual government agencies, and the wealth of data and information that the government makes available. The following seven initiatives, which NPR proposes implementing on a fully operational or pilot basis, would facilitate and expand government's use of the NII. These initiatives are highlighted because work is already in progress on their development and they offer significant payback opportunities: ---integrated electronic benefit transfer, ---integrated electronic access to government information and services, ---National Law Enforcement/Public Safety Network, ---intergovernmental tax filing, reporting, and payments processing, ---International Trade Data System, ---National Environmental Data Index, and ---governmentwide electronic mail. Endnote 1. U.S. General Accounting Office, Comptroller General's 1989 Annual Report: Facing Facts (Washington, D.C.: U.S. General Accounting Office, 1990), p. 28. ***************************************************************** ** IT02: Implement Nationwide, Integrated Electronic Benefit Transfer ***************************************************************** ** Convenient, Secure Funds Receipt at the Press of a Button Each year, tens of millions of citizens receive government services, either directly from the federal government or indirectly through state and local governments or third parties. The number of recipients of government benefits is large--and is projected to grow. ---In the U.S. Department of Agriculture (USDA) Food Stamp Program,enrollment averaged 25.4 million persons per month in 1992 and had increased to 27.4 million persons by March 1993.[1] ---Approximately 31.4 million low-income people receive monthly authorization for medical assistance through Medicaid.[2] ---Monthly disability insurance benefits are drawn by more than 4.3 millionformer workers and their dependents. ---The Social Security Administration is expected to distribute more than $450billion annually to 44.3 million beneficiaries by 2000.[3] Provision of these benefits relies primarily on paper-based systems--such as checks, vouchers, or coupons--that are not always customer-friendly, are inefficient and expensive to operate, and are subject to fraud and abuse. The USDA Food Stamp Program provides an excellent example. It is perhaps the most paper-intensive of all federal benefits programs. Over 3 billion food stamps are printed yearly and distributed monthly in the form of coupon booklets to over 10 million households. Each month, 210,000 authorized food retailers receive the coupons in exchange for eligible food items. The retailers carry stacks of food stamps to 10,000 participating financial institutions, which credit the store accounts for their value. The banks send the redeemed food stamps to a Federal Reserve Bank which again counts the coupons, credits the banks' account, bills the U.S. Treasury for the value of the coupons, and destroys them. Food stamps cost federal and state governments approximately $400 million per year in administrative expenses to print, ship, store, distribute, reconcile, and destroy.[4] The paper aspect of food stamps also creates management control vulnerabilities and ample opportunities for fraud and abuse. The Food Stamp Program, together with similar inefficient, outmoded, paper-based systems, can be replaced by proven, cost- effective technology. Electronic benefit transfer (EBT) is already successfully, and cost-effectively, used by the federal government. EBT adopts commercial electronic payment practices to the delivery of government assistance services, enabling benefits to be transferred electronically. Presently, direct federal payment programs such as Social Security, Supplemental Security Income, federal pensions, and veterans benefits are a mixture of electronic direct deposit and paper check issuance. The savings entailed by converting to EBT are significant. For example, the roughly 450 million paper check payments made per year cost taxpayers up to six times more to deliver than those electronically deposited. Making the transition to electronic transactions, which cost 6 cents per transaction compared to 36 cents per physical paper transaction, would significantly reduce benefits delivery cost.[5] Recent pilot projects to replace paper-based benefits systems with EBT also confirm that electronic benefit delivery can reduce costs. The Secretary of USDA reported that usingEBT for government issuance of food stamps saved 24 percent in operating costs in pilot projects in New Mexico and 3 percent in Minnesota. Retailers also benefit: the study showed that cost to retailers dropped by an average of $3.98 per $1,000 in food stamp product sales in New Mexico, and by $9.09 in Minnesota. EBT issuance of food stamps also benefits banks that participated in the pilot; their cost fell by $3.17 and $5.48 per $1,000 of benefits redeemed in New Mexico and Minnesota, respectively.[6] The estimated loss due to fraud related to food stamp benefits dropped by 75 percent in New Mexico and 81 percent in Minnesota.[7] Need for Change A major expansion of electronic delivery of federal benefits has not been possible in the past for several reasons, including ---lack of banking service accessibility; ---lack of availability of a low-cost alternative to receiving and cashing a government check; ---legislative restrictions limiting flexibility to select a particular method of payment; and ---people's natural resistance to change, e.g., trusting electronic direct deposit. These reasons are no longer impediments to nationwide electronic benefit delivery. EBT can provide basic bank-like services in neighborhoods where no physical banks exist. Paper check processing has become more expensive than electronic direct deposit. Congress and the public are more receptive to alternative delivery methods. This receptivity is evidenced by recent congressional action permitting EBT as an operational alternative to issuing food coupons and by the overwhelming recipient preference of EBT over food coupons in all EBT demonstration sites. Compatibility with commercial electronic transaction networks is a critical requirement for retail merchants and financial institutions. EBT could be processed concurrently with commercial electronic transactions by adopting the specific standards and rules promoted by the American Bankers Association and used by the major commercial direct debit point-of-sale and automated teller machine (ATM) networks. This compatibility would allow government transactions to be processed along with existing commercial financial transactions, exploiting previously defined nationally and internationally accepted standards. Industry's support is vital to successful implementation of EBT, especially for federal-state administered programs such as Food Stamps; Special Supplemental Food Program forWomen, Infants, and Children (WIC); Aid to Families With Dependent Children (AFDC); and child support. The most effective implementation of EBT would be nationwide delivery of multiple, integrated benefits using the existing commercial infrastructure--e.g., electronic funds transfer network, commercial banking, credit/debit card authorization and settlement/interchange networks, and the Federal Reserve's Automated Clearing House system. Benefits that could be delivered over this network include food stamps, veterans benefits, student aid, medical assistance, housing programs including assistance payments to families and individuals, unemployment insurance, Social Security, Supplemental Security Income, AFDC assistance, child support, and WIC assistance. The nationwide EBT system would use direct deposit of benefits and plastic access cards to replace food stamp coupons, AFDC checks, WIC vouchers, Medicaid authorization cards,state general assistance checks, housing assistance checks, etc. This approach would dramatically improve recipient services, combat fraud and abuse, and save millions in yearly operating costs for federal and state governments. Federal payments would be deposited directly into recipients' bank accounts. For recipients without bank accounts, or those who prefer not to involve their banks, a federally sponsored electronic account accessible by an EBT card could be established. For recipients without a bank account who are at or below the poverty level, a free electronic service (e.g., a fixed number of free ATM or point-of-sale transactions per month) could be provided. Funding for this service could come from savings achieved by the federal government through conversion to direct deposit. For public assistance programs jointly administered by federal and state governments, EBT could dramatically simplify the delivery of separate program benefits to eligible recipients. Ultimately, a single government services plastic benefits card could be issued instead of separate cards for each program. By using one comprehensive EBT infrastructure, federal and state agencies can share both start-up and ongoing operating costs associated with the delivery of government benefits to the public. As a result, all stakeholders should experience lower operating costs and provide measurably improved customer service. Although much benefit is gained by leveraging the existing infrastructure, there are several liability and policy issues to be considered. ---The Federal Reserve Board in February 1993 proposed making Regulation Eof the Electronic Funds Transfer Act applicable to EBT. Regulation E governs electronic transaction liability in the private sector; it would make federal and state governments liable for the replacement of recipient benefits reported lost or stolen, without regard to recipient responsibilities. The cost of this regulation could effectively deter or even halt EBT expansion. ---To avoid the development of incompatible systems and to realize substantial operating cost reductions through volume (economies-of- scale) pricing, EBT efforts will need to be coordinated nationally while these systems are still in their infancy. Actions ******* 1. Design an integrated EBT implementation plan. (2) An existing interagency team, the Electronic Benefit Transfer Task Force, chaired by OMB, is defining the roles, responsibilities, and changes required to implement EBT nationwide. This task force should periodically report on its progress to the GITS Working Group and the Vice President and should complete the implementation plan by June 1994. The most effective implementation of EBT is nationwide delivery of multiple, integrated benefits, which leverages the existing commercial infrastructure. Ongoing benefits delivery improvement efforts should be accelerated. These efforts include implementing electronic delivery of food stamps by USDA's Food and Nutrition Service and direct benefit delivery by the Department of the Treasury's Financial Management Service, the Social Security Administration, the Office of Personnel Management, and the Railroad Retirement Board. The initiative should press for (1) integrating a package of benefit programs for electronic payment, including Food Stamps, Social Security benefits, and AFDC; and (2) sequencing their implementation to ensure that each new benefit program added builds on prior successes. The initiative should use government and local EBT experiences to pilot and implement integrated benefits delivery nationwide. The implementation plan should include recommendations on various resource issues, such as cross-agency administrative cost pooling, funding strategies, organization, and staff support; and should establish a calendar with key milestones for progress measurement and review. 2. Legislation should be proposed to facilitate nationwide implementation of EBT. (3) OMB should direct the Electronic Benefit Transfer Task Force to perform the following policy and legislatively oriented tasks. The team should draft a report of its activities by July 1994. ---Review existing legislation and regulations for each program that may affect nationwide implementation of EBT and draft appropriate changes. For example, one key issue concerns the applicability of Regulation E to EBT. Examine the comments submitted in response to the Regulation E proposal making it applicable to EBT, and determine a governmentwide position on recipient liability in EBT processing. ---Adopt a uniform EBT services pricing structure and attendant funding agreements. Identify standard categories and construct an EBT processing pricing structure to include capture and financial settlement of transactions by and among processing centers and networks, including industry and federal and state operations. Within the pricing structure, address cross-program cost effectiveness. This should maximize the benefits of economies of scale, leverage the commercial direct debit infrastructure, and ensure that cost-effective criteria are used to facilitate and expedite the migration to EBT. ---Define a settlement process that is the financial reconciliation of all debit and credit transactions on a daily basis. High-volume/same-day settlement processing is required to support EBT. This processing closely aligns with and can leverage the financial services industry's current settlement exchange system. The Treasury's Financial Management Service and the Richmond Federal Reserve Bank are in the process of assessing implementation approaches. ---Develop integrated EBT program and operating rules. For example, recipient responsibilities presently vary among different benefit programs. Obtain agreement across programs on how to combine program requirements into a uniform set of EBT rules and responsibilities. Review and modify ongoing efforts to adapt industry's electronic transfer operating procedures and rules. Coordinate with private sector entities to define the government EBT system: this includes technical considerations such as standards and type of equipment deployed, security and privacy protection, and operating rules (e.g., roles and responsibilities of all parties, liabilities, indemnifications, and settlement timing). ---Define benefits delivery options. The presumed method of payment for all new enrollees in direct federal programs would be direct deposit or EBT service. While total conversion from paper checks to electronic payments is the goal, it probably is best to start with a highly publicized voluntary direct deposit program and phase in EBT service over a 3-year period. However, a voluntary dual paper-based and EBT system is not the preferred method for the federal-state administered programs, especially for the Food Stamp Program. An objective shared by the Food and Nutrition Service, food retailers, and financial institutions is to eliminate paper coupons, not create a dual- delivery system. A dual system would be too costly to manage, hinder the interstate flow of transactions, cripple efforts to obtain economies-of- scale pricing, and defeat efforts to combat fraud and abuse in the trafficking of coupons. Consumer and recipient advocacy groups will need reassurance that strong recipient preference exists for EBT and that adequate privacy safeguards are in place. Cross References to Other NPR Accompanying Reports: Improving Financial Management, FM04: Increase the Use of Technology to Streamline Financial Services. Department of Agriculture, USDA07: Deliver Food Stamp Benefits Via Electronic enefits Transfer to Improve Service to Customers While Remaining Cost Effective. Endnotes 1. See Burke, Vee, Welfare (Washington, D.C.; Library of Congress, Congressional Research Service [CRS], January 6, 1993), p. 1; DeParle, Jason, "Food Stamp Users Up Sharply in Sign of Weak Recovery," The New York Times (March 2, 1993), p. A1; and "27.4 Million Receiving Food Stamps--Record High Reported for March Enrollments," Washington Post (May 29, 1993), p. A18. 2. Ford, Melvina, Medicaid: FY 1994 Budget, (Washington, D.C.: CRS, June 30, 1993), p. ii. 3. Gould, Stephen B., "Computing and Telecommunications in the Federal Government," CRS Review (July-August 1990), p. 4. 4. Conversation with Joe Leo, Food and Drug Administration, July 29, 1993. 5. See U.S. Department of the Treasury, Financial Management Service, EFT Cost Savings for FY1992 (undated). (Working paper.) 6. U.S. Department of Agriculture, Food and Nutrition Service, Summary of The Impacts of State-Initiated EBT Demonstrations on the Food Stamp Program (Washington, D.C., July 1993), pp. 1-2. 7. U. S. Department of Agriculture, Office of Public Affairs, "Espy Encourages Electronic Issuance Of Food Stamps by All States, " news release No. 0588.93, Washington, D.C., July 19, 1993, p. 1. ***************************************************************** ******* IT03: Develop Integrated Electronic Access to Government Information and Services ***************************************************************** ******* Quick Response, Complete Information, and a Happy Ending to Telephone Tag Imagine this: A recent retiree goes to a government services kiosk, located at his local post office. He wants information about his retirement benefits. After requesting his Social Security Number and other personal ID information, the kiosk prints a summary of his Social Security contributions, as well as the benefits to which he is entitled as a veteran. His annuity distribution options are included on the printout, as are all of the rules governing earning income while collecting retirement benefits. The kiosk then asks him if he wants related information on retirement, information on senior citizens groups--and brochures on collecting stamps as a hobby. The government's primary mission is to provide quality services to the public in a timely manner. However, access to government services is cumbersome, uncoordinated, and not customer-friendly. If more than one agency is involved, a customer must go through two or more rounds of inquiries, with frequent routings from one government employee to another. Several recent government initiatives involving various information access methods are improving service to citizens by making information more readily available. Several of these initiatives are described below. Telephone Access. Industry pioneered the use of the telephone to provide services to customers. Toll-free numbers and guided questions by either a human or computer speed callers to needed services. Call receipt is logged and automatically distributed, and responsiveness to customers can be measured. The government has begun to incorporate telephone-based techniques to improve access to its services. For example, 70 percent of taxpayer contacts with the Internal Revenue Service (IRS) are now conducted by telephone. The IRS has made major improvements in theaccuracy of its telephone service information and is able to resolve many taxpayer problems in a single phone call--including accepting verbal statements over the phone. The Social Security Administration (SSA) now receives over 55 million calls a year requesting information and services over its national 800 number. On a cross-agency basis, the Federal Information Center (FIC), operated by the General Services Administration (GSA), provides 800-number telephone service in major metropolitan areas. The public may call FIC with any question or problem related to the federal government. Information specialists then research the question and either provide an answer or the telephone number of the specific federal office that should be contacted. Kiosk Access. Federal and state governments are developing approaches to providing information and services through interactive, customer- activated terminals called kiosks, which are modeled after automated teller machines (ATMs). The use of kiosks can create savings and generate revenues, as well as provide information and services. For example, the Info/California kiosk, a customer-activated terminal implemented by the State of California, has generated major benefits, including lower costs for customers of state information. For example, the kiosk offers a job match service in which customers preregister to determine relevant statewide employment openings. Previously, the job match service cost $150 per applicant. With preregistration at the kiosk, the cost is now $40 per applicant. Additionally, a California Department of Motor Vehicle address change costs $5 in person, $2 if received in the mail, and $1 if the transaction is received via the kiosk.[1) The State of Iowa estimates that its kiosk technology saves the state $6 per birth certificate issued ($7 manually versus $1 by kiosk technology).[2) SSA is developing a new customer service initiative using kiosk technology to provide a wide range of services. This pilot program, to begin in late 1993, will provide information (retirement and disability benefits information, Supplemental Security Income eligibility requirements, etc.) and direct services (processing of entitlements, status of pending claims, etc.).[3) The pilot program should result in: ---reduction in claims processing time, ---reduction in paper flow and file retention, ---enhanced customer service through a one-stop shopping concept, and ---increased productivity.[4] In conjunction with this initiative, SSA, the U.S. Postal Service (USPS), and the Department of Veterans Affairs (VA) are developing a combined government services kiosk.[5] This kiosk will be a single access point to services provided by the three agencies. Since these three agencies represent a significant share of the federal government "s contact with the public, this partnership will have a dramatic effect on decreasing costs by reducing duplicate efforts and improving service by providing public access from more locations. Additional Access Methods Many of the recent initiatives to provide electronic access have included the use of personal computers. For example, the Library of Congress has placed a searchable version of its catalog on Internet.[6] For computational scientists, the Department of Energy, the National Aeronautics and Space Administration, and the National Science Foundation (NSF) research centers have established Internet-accessible libraries of government- sponsored software. NSF and the National Institutes of Health routinely place their program announcements and various other documents in an easily searchable and retrievable form on Internet. NSF's Science and Technology Information Service is accessed many thousands of times each week for information about NSF activities, funding opportunities, abstracts about research grants, and various reports on science and technology. Access is easy, and is provided at no charge. The National Technical Information Service (NTIS) operates a publicly accessible dial-up electronic bulletin board system (BBS). This BBS, called FedWorld, provides access to over 100 federal government databases and bulletin board systems. Planning is under way to place this collection on Internet. A study has been completed recently to examine the feasibility of expanding FedWorld into a locator service that is a "comprehensive inventory and authoritative register of information products and services disseminated by the federal government," that can "assist agencies and the public in locating federal government information."[7] The Clinton administration has established Internet mailboxes for the President and the Vice President (e.g., president@whitehouse.gov) for direct electronic mail access by the public. The House of Representatives has a pilot project under way to provide public e-mail to seven congresspersons, and the Senate is expected to announce a similar program shortly. If successful, all members of Congress will eventually be accessible through Internet. Most new information technology initiatives have their roots in the private sector, since it is the private sector-- not government--that is usually first to adapt new information technologies to improve customer service. One example of government and industry working cooperatively to provide services is France's Minitel system. In the early 1980s, the French Government opened its telephone network to provide a wide range of services.[8] Minitel service is routinely used in homes and businesses. It includes on-line retrieval services, credit reporting services, airline reservations, telephone directories, and government information. U.S. telecommunication and information services companies have begun to offer similar services. The federal government, as a potential customer and a provider of information that could be made available electronically, could stimulate development of these services. Need for Change Citizen access to federal government information and services is uncoordinated and not customer-friendly. Individuals must frequently contend with several different organizations and processes in order to complete a single transaction. In turn, the federal government expends an inordinate amount of resources to complete actions. To receive service, a customer must know whom to contact and how to contact that organization: Government has not made public access easy. Information technologies may be employed to reduce the complexities that citizens face and consolidate actions required for providing services. Several organizations have recommended (to different government entities) ideas for employing information technology governmentwide to improve services. ---The Service to the Citizen Intergovernmental Task Force requests one-stop, easy citizen access to information.[9] ---The National Academy of Public Administration asks for electronic access to government services.[10] ---The Program on Strategic Computing and Telecommunications in the Public Sector suggests replacing face-to-face services with teleservice and self-service.[11] These organizations are but three of many that are organized and committed to improving government. They advocate the increased use of information technology as a key to improving customer service. However, as similar as their recommendations may be, their suggested implementations are quite dissimilar, pointing to a problem needing action. Further, there is no lead agency or organization that can coordinate the implementation of customer service initiatives. An authoritative charter is needed to trigger progress. A true nationwide one-stop 800-number government service does not exist. Access to FIC is limited and not well- publicized. FIC primarily serves customers in certain key metropolitan areas representing approximately 50 percent of the U.S. population. For individuals who live outside these metropolitan areas, FIC's telephone number is not listed in many of their local telephone company directories and may not be available through directory assistance. In the future, government information collection and distribution could be accomplished directly by the public using electronic kiosks, personal computers, interactive telephone voice response equipment, or other electronic off-the-shelf devices. Interactive computers or electronic kiosks could deliver a wide variety of government services, such as the following. ---Governmentwide service directories--access directories of government services, addresses (postal and electronic), and telephone numbers. ---Change of address service--automatically transmit, through a single transaction, a new address to all service agencies selected by a customer. ---Forms and publications--locate and request copies of government forms and publications; these could be delivered and filled out electronically, printed at the kiosk, or delivered by the post office. ---Tax filing--electronically input necessary financial data to allow the IRS to perform tax computations for federal, state, and local governments. ---Governmentwide information locator service--perform searches on selected topics, list locations for the information, and provide electronic links to the information. ---Multimedia and multilingual service delivery--provide information to meet special needs of clients using video, audio, or multiple languages. ---Public messaging entry station--allow entry of messages to government agencies and officials. Government should form partnerships with the private sector to develop and implement ideas on how to use information technology to provide new and better services. Using the French Minitel model, both government and business services would be accessible. These partnerships will allow the federal government to provide additional services at less cost and will take advantage of lessons learned by industry. Actions ******* 1. Coordinate, recommend, and implement information technology initiatives to improve customer service. (2) The Government Information Technology Services (GITS) Working Group should charter an interagency team by May 1994 to coordinate, recommend, and implement information technology initiatives to improve customer service. The progress of this team should periodically be reported to the Vice President. OMB should work with this Customer Service Improvement Team (CSIT) to develop funding strategies. An existing interagency team, the Service to the Citizen Intergovernmental Task Force, may be appropriate for this role. CSIT should work closely with GITS to ensure complementary strategies exist toward common goals. Membership of this team, as a minimum, should include representation from the following: the GITS Working Group, the Service to the Citizen Intergovernmental Task Force, the FIC, the SSA-USPS-VA kiosk implementation organization, FedWorld, and the National Academy of Public Administration. As one of its first tasks, this team should develop and test an integrated governmentwide "one-stop service shop." This would consist of simple "Yellow Pages"-style databases of federal programs and automated links to the information and service providers. This one-stop shop should include access not only to information (e.g., how to apply for a program) but also the capability to process information (e.g., ability to accept an application electronically from the user). Customer access to this one-stop shop should be available through a variety of means. Access methods should include the telephone, information kiosk, and personal computer. Building blocks for the one-stop shop include the Federal Information Center, government services kiosks, and FedWorld (see actions 2, 3, and 4). Links between these services should be established where feasible, so that these efforts complement one another and are not duplicative, e.g., government services kiosks should be able to link to FedWorld's locator service. A draft strategic plan for development and implementation of the one-stop service shop should be completed by November 1994. Significant customer service-related applications developed by individual agencies or organizations should be directed to this team. The team will then determine whether those initiatives may be appropriate for governmentwide application. Recommendations from private and public sector organizations should also be considered by this team. 2. Implement an integrated governmentwide national one-stop 800- number calling service. (1) The Administrator of GSA should develop, by July 1994, an implementation plan for expanding to a national 800-number service to begin by December 1994. Under this plan, a customer should be able to call a single number and have the call routed by FIC to an individual in the appropriate agency who can respond. (Presently, callers are given agency phone numbers to dial themselves.) FIC's national 800 number should be listed in all local telephone company directories and be available from directory assistance nationwide. This national 800-number service should be supplemented by a telephone network of individual agency 800 numbers. Customers who do not know what agency (or number) to call may call this federal government information specialist. Otherwise, they can contact the agency directly. Agencies that do not now offer 800-number calling services should develop implementation plans by July 1994, to provide this service by December 1994. 3. Implement an integrated one-stop government services kiosk. (2) The Customer Service Improvement Team should coordinate the development and implementation of a one-stop government services kiosk. The SSA-USPS-VA initiative should be used as a model, and as a likely candidate for further development and expansion by additional agencies. It should develop a preliminary implementation plan by November 1994. This plan should identify appropriate agencies and customer services to be included, and timetables for nationwide expansion. The locations of kiosk- based access points to federal government services must be numerous and nationwide in order to facilitate customer access to information and services. Existing agency kiosk systems will need to be examined for the feasibility of upgrading them to include the services of the one-stop government services kiosk. The kiosk concept is proving itself viable in delivering fast and efficient government services to the public. However, before it is used to collect and deliver sensitive information such as financial data, critical issues including user authorization, privacy, and network security must be addressed.[12] Access to services through the electronic kiosk could be controlled in the same manner as access to ATMs. A kiosk access card could be used to access personal information in government files, including Social Security account balances and security background information reports. More general access could be provided without restriction for information on federal programs and to government yellow and white pages directories. The functionality of a kiosk access card could also be expanded through smart card technology. Smart cards could be used for additional purposes such as storing and distributing data. This card could then be used for electronic transfer of funds or to allow the user to receive federal, state, and local benefits. 4. Implement an integrated governmentwide one-stop electronic bulletin board system. (2) The Customer Service Improvement Team should develop an integrated one-stop electronic BBS by upgrading NTIS' FedWorld. A preliminary implementation plan should be developed by November 1994. This system should enable customer access, from a personal computer, to government information, services, and databases via easy-to-use interfaces. The upgraded FedWorld should not only be a locator service to federal information, but be capable of "closing the deal" and providing the information. Customers must be able to retrieve information from the databases, order copies of reports, and connect, via links, to other government information and services providers. 5. Work with private industry to advance the implementation of technologies that provide citizen access to government information and services. (2) The Customer Service Improvement Team should begin to implement a program, by December 1994, that actively encourages private sector investment in technologies that will enhance public access to the government. Partnerships with industry should be developed that encourage and provide incentives for industry to assist government in improving customer service. A strategic plan for this program should be developed by November 1995. Cross References to Other NPR Accompanying Reports Improving Customer Service, ICS01: Create Customer-Driven Programs in All Departments and Agencies That Provide Services Directly to the Public. Reinventing Support Services, SUP02: Ensure Public Access to Federal Information. Transforming Organizational Structures, ORG05: Sponsor Three or More Cross-Departmental Initiatives Addressing Common Issues or Customers. Endnotes 1. Marshall, Shirley, Public Sector Industry Marketing, IBM Corporation, June 1, 1993. 2. Stanek, Edward, Commissioner, Iowa Lottery Commission. "Iowa State Briefing to the Interagency Information Resources Management Infrastructure Task Group (IIITG), " Washington, D.C., November 9, 1992. 3. Interview with Dulaney, Phillip, Office of Telecommunications, Social Security Administration, July 21, 1993. See also U.S. Department of Health and Human Services, Social Security Administration, "SSA Strategic Priority Tactical Plan, Fiscal Year 1993 Smart Machines - (Other User Friendly Machines) - KIOSK, " 1992, p. 6. 4. Ibid., pp. 3-13. 5. Chamberlain, Charles, U.S. Postal Service, "Service-To-The- Citizen (S-2-C) Kiosk, " Washington, D.C., August 10, 1993. 6. Internet is a global "network of networks" providing communications among over one million computers and 10 million users. 7. See American Technology Preeminence Act of 1991, and U.S. Department of Commerce, National Technical Information Service, "FEDLINE: A feasibility study of the establishment and operation of FedWorld, a governmentwide information locator service at NTIS, " Washington, D.C., April 28, 1993, p. 1. 8. Conhaim, Wallys W., "Maturing French Videotext Becomes Key International Business Tool, " Information Today, vol. 9, no. 1 (January 1992), p. 28. 9. Service to the Citizen Intergovernmental Task Force, Report of the First Service to the Citizen Conference, Richmond, Virginia, June 1993 (Washington, D.C., July 1993), p. 4. (Draft.) 10. National Academy of Public Administration, The Information Government: National Agenda for Improving Government through Information Technology (Washington, D.C.,1993), p. 14. 11. John F. Kennedy School of Government, Program on Strategic Computing and Telecommunications in the Public Sector, "Service to the Citizen: Information technology and customer service excellence in government," Harvard University, May 1993, p. v. (Draft.) 12. See IT-10: Develop Systems and Mechanisms to Ensure Privacy and Security. **************************************************************** IT04:Establish a National Law Enforcement/ Public Safety Network **************************************************************** Integrated Communications Simplify Emergency Response Imagine this: A fire following an earthquake is devastating a large urban area in northern California. Several local, state, and federal agencies--including fire and police units, state highway units, and national guard and defense units--are rushing to the scene. Even though they come from different jurisdictions, the units coordinate easily because they share a common communications system. The fire is contained quickly, emergency services are dispatched where needed, lives are saved, and property loss is reduced as a result. Whether they are responding to a natural or technological disaster or performing search-and-rescue or interdiction activities, federal, state, and local law enforcement and public safety workers must be able to communicate with each other effectively, efficiently, and securely. Most of this communication occurs over tactical land mobile radio systems. However, interoperability across these different radio systems is difficult to achieve. Federal, state, and local law enforcement agencies operate in different parts of the radio spectrum. Complicating this problem is the lack of security on most systems, leaving them open to interception and monitoring. When security is applied to the radio systems--as isdone with many federal radio systems--interoperability depends on having the correct encryption key to communicate. Moreover, every federal, state, and local law enforcement agency operates separate tactical networks in every metropolitan area in the country. Often, there are several independent network control centers operating within the same federal building with no interoperation. This expensive duplication of effort prevents the use of spectrally efficient equipment and results in less-than-optimum coverage for many agencies. In addition, technical and administrative support is duplicated throughout the federal government. Need for Change Recently, the National Telecommunications and Information Administration, a part of the Department of Commerce, mandated that federal radio users begin the transition to more spectrally efficient (digital narrowband) radio systems beginning in 1995. The Federal Communications Commission is currently addressing this same issue applicable to state and local law enforcement and public safety. The Associated Public Safety Communications Officers, Inc., is sponsoring a federal, state, local, and industry effort to develop technical standards for the next generation narrowband digital radio systems. Over the next 10 to 15 years, all federal government radio systems will be replaced with digital technology. If this is done on an agency- by-agency basis--as was done in the past--the cost will be enormous and the same problems with interoperability will occur, resulting in costly redundancies of equipment and staffing. Current budget conditions make it critical that the federal law enforcement, public safety, and disaster response agencies coordinate the transition to digital narrowband systems. Only through a coordinated approach will cost savings be realized and the serious interoperability problems of the past be overcome. An excellent mechanism for addressing these complex issues- -and saving considerable dollars--is a shared infrastructure: a National Law Enforcement/Public Safety Wireless Network. Development of this network can be based on the efforts of two ongoing interagency initiatives. ---The Federal Law Enforcement Wireless Users Group, a joint Treasury- Justice Department initiative, was formed to plan and coordinate future shared-use wireless telecommunications systems and resources. ---The Communications Interoperability Working Group, which consists of representatives from the Department of Defense, Coast Guard, and federal law enforcement agencies, under the auspices of the Office of National Drug Control Policy, has been defining minimum baseline requirements for current, secure, interoperable federal radio systems. These new technological advances will permit the deployment of intelligent radio systems that are feature enhanced, spectrally efficient, and secure. Interoperability will be accomplished, and the radio system can be connected to other fixed networks to improve the flow of information--e.g., fingerprints, mug shots, or criminal records to the uniformed officer or special agent on the street. A consolidated approach will result in numerous advantages in cost and quality of service. Actions ******* 1. Formalize the Federal Law Enforcement Wireless Users Group. (1) The Secretary of the Treasury and the Attorney General will co-sign a memorandum of understanding (MOU) to formalize the Federal Law Enforcement Wireless Users Group byApril 1994. The MOU should define the charter and membership of the group, which should include--at a minimum- -representation from all Justice and Treasury law enforcement agencies and bureaus, with participation from other federal, state, and local law enforcement and public safety stakeholders. 2. Establish a National Law Enforcement/ Public Safety Wireless Network for use by federal, state, and local governments. (2) The Government Information Technology Services Working Group should issue a memorandum by July 1994 directing the Federal Law Enforcement Wireless Users Group to coordinate establishment of an intergovernmental wireless network. The users group should work with the Office of Management and Budget, the National Telecommunications and Information Administration, the Communications Interoperability Working Group, the Federal Emergency Management Agency, and state and local entities to: ---further define costs and benefits, and develop budget strategies; and ---develop an implementation plan for the National Law Enforcement/Public Safety Network to cover the next 10 years. Responsibilities must be clearly defined, since the issue of which agency or activity funds and controls the network will be a point of contention. Establishment and use of the network must be handled at the highest level to avoid turf conflicts and to focus on goals, roles, methods, and relationships. Cross References to Other NPR Accompanying Reports: Transforming Organizational Structures, ORG05: Sponsor Three or More Cross-Departmental Initiatives Addressing Common Issues or Customers. Department of the Treasury, TRE01: Improve the Coordination and Structure of Federal Law Enforcement Agencies. ***************************************************************** *** IT05: Provide Intergovernmental Tax Filing, Reporting, and Payments Processing ***************************************************************** *** How to Get to Bed Early on April 14 Imagine this: On April 15, a citizen receives a notice in the mail from her state tax office. It contains a bill for her annual state and federal taxes, and was calculated from records submitted electronically by her employer and her bank. She verifies the bill, dials an 800 number, and pays her taxes by credit card. Her state and federal taxes have now been completed in a matter of moments--with no annoying forms to fill out. U.S. taxpayers use and prepare financial data separately in reporting tax information to federal, state, and local governments. Although in some cases, the base level information required by the Internal Revenue Service (IRS) is used by the states, the filing form or information input follow separate and distinct paths. Efficient business practices require that a framework for a "single information flow" be developed based on the premise that once data is entered, it serves the needs of the entire enterprise. This enterprise could be defined as all federal, state, and local government agencies that require the same data from a reporting source. For example, corporations or small businesses would report employee wages and withholdings to a single government access point. Upon receipt by the agency, the data could be used to update appropriate records held by the IRS, Social Security Administration, Department of Labor, Department of Veterans Affairs, state agencies, etc. This approach is but one of a series of steps toward a virtual agency and one-stop access for intergovernment transactions. There are enormous costs associated with tax data processing. The IRS annual operating budget for fiscal year 1992 was $6.7 billion to collect $1.12 trillion in revenues. To collect these revenues, the IRS processed 1 billion tax information documents and 204 million tax returns.1 The federal, state, and local aggregated collection costs are unknown due to the many types of taxes levied and the circuitous filing paths for the various sales, real estate, property, income, and payroll taxes. Innovative approaches to tax collection could lower overhead costs significantly and simultaneously improve customer service by reducing the burdensome, redundant filing techniques used today. Need for Change Federal, state, and local government policies need to foster close, cooperative intergovernmental and interagency relationships that eliminate unnecessary duplication of effort and promote enhanced citizen access to information and services. Joint electronic filing of wage and tax data is perhaps one of the best examples of an application that embodies these policies. The IRS, Social Security Administration (with support from the Office of Management and Budget), and Department of Labor are conducting a Wage Reporting Simplification Project (WRSP). Cross-agency approaches like WRSP should help ensure that "reporting once" pilot programs will be in place in less than 2 years. Reporting once should include providing financial data required to other agencies such as the Department of Health and Human Services for entitlement purposes and the Department of Labor for unemployment considerations. The phase 1 feasibility study for WRSP identifies potential life cycle savings of $1.7 billion to participating government agencies and $13.5 billion in reduced burden to private sector employers.2 An intergovernmental, single information flow concept for tax filings, reporting, and payments processing will provide a seamless government for the benefit of the taxpayer. Technology is present that will enable this to happen. The IRS is embarking on a comprehensive Tax Systems Modernization program. Although the IRS automation effort will significantly lower the cost of filing, auditing, and processing annual income tax data, reengineering must be a vital part of the overall modernization strategy. This reengineering should include a broader intergovernmental perspective and address new ways to conduct business with taxpayers, business, financial institutions, and state and local governments. For example, tax information for a large number of taxpayers is already available to the IRS prior to taxpayers" annual filing. Financial institutions, employers, and others report comprehensive financial information about individuals to the IRS electronically or on paper. Reported information includes wages, earnings on investments, and certain financial transactions. The IRS thus has in hand all the information it needs to compute taxes for 60 million filers. Yet it still sends out enough forms to fill over five boxcars and requires taxpayers to compute what the agency already knows. This practice continues because, in most cases, these data are not converted to electronic format for easy use until after taxpayers have filed their tax returns. IRS could calculate returns and send a statement. So could a state government, based on the same file. If IRS did this and if electronic filing were used for all other individual income tax filings, the IRS and state agencies would no longer need to mail the equivalent of over 75 boxcars of forms. Actions ******* 1. Integrate government financial filings, reporting, and payments processing. (2) The Secretary of the Treasury should implement integrated financial filings, reporting, and payments processing by January 1997. This integration should address such areas as individual tax filing and account settlement; business reporting, including wage and withholding information; data from financial institutions; and other employer and employee financial data required by federal, state, and local government agencies. The integrated filing, reporting, and payment processing program should be piloted by the IRS to prove the concepts and quantify the benefits--not only to citizens in terms of enhanced governmental services, but to the governmental process at large. A network such as the Treasury 's Consolidated Data Network and its successor, the Treasury Communications System, could provide an evolutionary migration path to full implementation minimizing the incremental costs. To fully implement joint electronic filing of federal, state, and local tax returns, all states and localities that levy income taxes should agree on an uniform wage code that would enable the use of electronic data interchange. Separate federal and state tax filings defeat the purpose of trying to eliminate duplication and make government more efficient. State and local information would similarly flow to a federal access point for data interchange of financial and employment information when required by any federal agency. In order to make electronic filing more efficient, a digital signature standard that can stand on its technical merits in a judicial court challenge must be adopted.3 Presently, when citizens file returns electronically, they are typically required to sign and mail a paper certificate to the IRS to be matched with the electronic return. To protect the privacy and confidentiality of individuals and corporations, a method of electronic verification, coupled with a privacy system that has the public's trust, must be employed. Without these safeguards, public fears concerning disclosure of information and governmental concern for data integrity would remain a problem.4 One possible scenario might be that a citizen uses an electronic government services kiosk or home personal computer to file tax return information with the IRS, including appropriate data the state and local governments may require. The data would be transmitted to an IRS service center to be processed, verified for accuracy, and then forwarded to the state, thus meeting the filing requirements of both entities in one step. This approach could be expanded to include the joint auditing of financial data and the joint collection of taxes-- the genesis of a virtual tax financial data agency for business and individuals. Both small and large business alike could benefit from the reduction in the number of reports that have to be submitted to numerous federal agencies and state and local governments. Simplified filing of business financial and employment data could benefit small business operators as desktop computers with communications capabilities are now in widespread use. Until the infrastructure is in place, state and local governments (or the Postal Service) could provide access service for small business reporting and taxpayer financial information filing. 2. Determine ways to eliminate the need for filing routine income tax returns. (2) The Secretary of the Treasury should eliminate or reduce the need for filing routine income tax returns by January 1998. The entire IRS filing process must be reengineered to be less paper-intensive. Most of the required financial information is already reported by business and financial institutions to the IRS. The IRS, not the taxpayer, should prepare or process the tax information. Taxpayers should only be required to file exceptions to the norm, e.g., unreported income or transactions, unusual deductions, etc. An annual closing statement could then be prepared and provided electronically to the taxpayer for review, validation, and acceptance or reconciliation. The primary emphasis would be on reconciliation before the fact rather than enforcement and penalties after the fact. Taxpayers could access the IRS data files by kiosk or by home personal computer to confirm that tax computations are accurate. They could then settle their accounts electronically by either paying taxes due by a credit card or automated teller machine card or by directing the refund to a designated account using electronic funds transfer.[5] At any time during the year, the taxpayer would have the ability to determine if withholdings track with projected year-end tax obligations. Cross References to Other NPR Accompanying Reports Department of the Treasury, TRE04: Foster Federal-State Cooperative Initiatives by the IRS; TRE05: Simplify Employer Wage Reporting; and TRE09: Modernize the IRS. Endnotes 1. U.S. Department of the Treasury, Internal Revenue Service, Internal Revenue Service 1992 Annual Report (Washington, D.C., 1993), pp. 3-4, 12. 2. See The Mitre Corporation, Wage Reporting Simplification Project: Overview of the Phase I Feasibility Study (Washington, D.C., May 1993). 3. For further information see IT10: Develop Systems and Mechanisms to Ensure Privacy and Security. 4. Ibid. 5. Enabling legislation for federal agencies to accept electronic payments via credit or debit cards is included in H.R. 13, which was introduced January 5, 1993. ************************************************** IT06: Establish an International Trade Data System ************************************************** We've Got Fresh Tropical Fruit Imagine this: A local businessman operates a specialized market in selling fresh tropical fruits and vegetables that have an extremely short shelf life. His business was made possible thanks to the new international trade data system that eliminates duplicate import forms and allows speedy preclearance of international exports and imports. The United States is competing in a global economy. The volume of goods traversing international borders continues to grow. Over 40 federal agencies collect, process, analyze, and disseminate vast amounts of international trade data to accomplish various trade-related governmental functions, which include the collection of duties and the enforcement of trade and contraband statutes. To accomplish its mission, the U.S. Customs Service developed and operates the Automated Commercial System (ACS). Today, this computer system collects complete trade data on 95 percent of all U.S. import transactions, facilitates the movement of goods by means of electronic releases, and interacts with more than 1,500 trade participants.[1] Using ACS, Customs has established information-sharing capabilities with several agencies including the Fish and Wildlife Service, Food and Drug Administration, Internal Revenue Service, and Department of Transportation. Work is in process to develop data exchange capabilities with the Food Safety Inspection Service; Environmental Protection Agency; and Bureau of Alcohol, Tobacco, and Firearms. Additionally, data exchange capability exists with some foreign governments, such as Canada and Singapore, for trade statistics and visa verification. Canada, Mexico, and the United States are developing ways to develop uniform trade documentation and procedures among the three countries. Trade data information requirements are growing. For example, in 1986, one ocean carrier began receiving bill of lading and manifest data electronically. In 1993, 76 carriers electronically supply ocean bills of lading for 80 percent of all ocean import tonnage. In 1984, brokers and importers represented 8 percent of all Customs data entries. In 1993, 1,324 brokers and importers provide 93 percent of the data entered into ACS. They use the system to obtain release of cargo, pay duties, update importer data, and carry out many more functions. ACS maintains 855 million trade records. On a daily basis, there are over 350 million requests for information, and 600,000 transactions are processed.[2] The Office of the United States Trade Representative, Department of Commerce, International Trade Commission, and other agencies have access to a number of other trade databases to support the development of trade policy and the conduct of international trade negotiations. These have been maintained on computer facilities operated by the National Institutes of Health (NIH). However, NIH has advised these agencies that new computer facilities need to be located to support these databases. This presents an opportunity to revise and integrate these databases for governmentwide access. The U.S. Customs Service and other trade agencies have implemented electronic systems to interface with the private sector for business transactions. However, two different information-sharing standards are now in use--the American National Standards Institute Accredited Standards Committee X.12 and the United Nations Electronic Data Interchange for Administration, Commerce, and Transport (UN/EDIFACT). The UN/EDIFACT standard is a compromise between the U.S. standard and the European Transportation standard.[3] In late 1992, the American National Standards Institute voted to migrate to the EDIFACT standard by 1997.[4] Close coordination of this migration effort among federal agencies is needed to facilitate electronic commerce and the development of interoperable computer systems. Need for Change A basic problem in today's trade environment is that various government agencies tend to develop costly systems and procedures on the basis of their individual needs for trade information. In many cases, individual agencies require duplicative reporting, resulting in enormous and unnecessary costs to those U.S. interests involved in international trade. In addition, the approach to system standards within the government is fragmented. Federal trade agencies and the private sector must have access to trade data rapidly and accurately not only to enforce compliance with existing laws and to account for revenues, but also to support U.S. efforts effectively in a global marketplace. The executive branch uses trade data in determining duty ratios, and Congress uses trade data to make trade policy determinations. Although ACS maintains 95 percent of current import data, there is not a similar reliable source of export information. The Office of the U.S. Trade Representative, for example, may have to go to 11 sources other than the U.S. Customs for necessary trade information. There is no single source of reliable, accessible trade data. Without a single source, the same information is often entered on many different forms during many different processes. For example, one customs broker estimates that there are 14 different processes now required for an import transaction. The number of required processes depends on the type of goods coming into the United States.[5] For some goods, multiple agencies must be notified and provide approval. Paperwork related to export shipments is also very costly to the private sector. It is estimated that for a single export shipment as many as 40 different paper documents may be required. The total cost of these documents is estimated at between $150 and $200 per transaction, or higher.[6] A customs broker is responsible for the import transaction declaration on goods, which may be likened to a tax return being filed for all imports. In addition to Customs documentation, other government agency regulations require the submission of forms for foreign trade transactions. The Fish and Wildlife Service, the Environmental Protection Agency, and the Department of Transportation, for example, require large volumes of forms. At one time it was estimated that in excess of 4 million trade- related documents are submitted annually to government agencies other than Customs.[7] Since the import and/or export data must be entered on each form, often manually, delays are frequent. The result can be missed delivery, spoiled goods, and lost windows of opportunity (especially when trading with other countries). These actions result in lost revenue both to U.S. businesses and the government. Federal agencies must provide or make available selected trade information to partners of the United States. These partners include the trade community (brokers, importers, exporters), the transportation community (carriers, freight forwarders, couriers, the Bureau of Transportation Statistics), and foreign governments. Other major users of comprehensive trade data are the Trade Policy Committee and various congressional oversight committees. Existing agency databases and computer systems are limited in their ability to integrate and disseminate trade data since none were designed to support such a broad community of interest. For example, limitations to ACS include difficulty in retrieving information, costly hardware expansion, and 10-year- old software programs that are difficult and expensive to maintain. Customs has established a Future Automated Commercial Environment Team (FACET) to address these shortcomings and chart a course for a future system. An International Trade Data System, an expansion of the current U.S. Customs Service ACS, is needed to provide the following enhancements: ---more accurate and complete trade statistics and data, ---standardization of both import and export data collection, ---reduction of government and trade community processing time and costs, ---knowledge to promote informed compliance with trade statutes, ---elimination of duplication and unnecessary reporting, ---enhanced fraud detection capabilities, ---improved financial controls, and ---immediate access to trade data. The existence of a reliable and easily accessible source of both import and export trade information would streamline the trading process, eliminate duplication and unnecessary reporting, and enhance American competitiveness in the international marketplace. All the trade data users will benefit from such a system; examples of its applications include the following. ---ACS is accessible via Treasury's Consolidated Data Network, which offers the potential of a single communications network to link the various law enforcement agencies responsible for guarding against money laundering, the export of controlled high technology, and the importation of narcotics, hazardous waste, and other contraband. ---With an electronic means of using export data in one country as import data to another and the corresponding rapid access of information, a Customs official could evaluate a shipment before its arrival at the border. Additionally, the system could provide information to analyze and reject risky cargo and accept non-risky cargo.[8] Action Develop and implement a U.S. Government International Trade Data System. (2) By April 1994, the Secretary of the Treasury should begin developing an International Trade Data System. The Treasury should seek technical support for the project from the United States Trade Representative; the International Trade Commission; the Departments of State, Labor, Agriculture, and Commerce; and other stakeholders. An implementation plan should be completed by January 1995, and submitted to the Government Information Technology Services Working Group for approval. This project would be accomplished by establishing an integrated database for the collection and dissemination of all international trade data through the expansion and redesign of the U.S. Customs Service Automated Commercial System. To implement the recommendation, Customs should expand FACET and make the team responsible for developing a system design for a commercial environment that will reflect the future needs of the U.S. government and the trade community. The federal government must provide leadership to develop and pursue a coordinated national electronic data interchange (EDI) policy for interacting with domestic and international organizations. To date, there has been no U.S. effort to assess the political and business requirements for developing a comprehensive approach for the use of EDI. Migration to EDIFACT as a standard is now endorsed, although questions still exist regarding its management and use--particularly its relationship to other standards and responsiveness to regional and national concerns. As a part of its trade data system infrastructure, the federal government should provide proactive leadership in supporting worldwide EDI policy and standards. Specifically, it should designate a single government entity as the EDI policy and coordinating body. Cross References to Other NPR Accompanying Reports Department of the Treasury, TRE10: Modernize the U.S. Customs Service. Endnotes 1. U.S. Department of the Treasury, Customs Service, "Automated Commercial System Fact Sheet," February 1993, p. 1. 2. Ibid., p. 3. 3. UN/EDIFACT, Introduction to UN/EDIFACT (April 1991.) 4. See ASC X12 EDIFACT Alignment Task Group, "EDIFACT Alignment Ballot Results," June 29, 1993. 5. Telephone interview with the Chief Executive Officer of the Fritz Company, New York, July 1993. 6. Lavery, Hank, "Crossing the Ocean of Paperwork," Global Trade and Transportation, vol. 113, no. 4 (April 1993), pp. 31-32. 7. Telephone interview with FACET Study Group, U.S. Customs Service, Washington, D.C., August 25, 1993. 8. Ibid. ************************************************* IT07: Create a National Environmental Data Index ************************************************* Finding Out Which Way the Wind Blows (and the Rain Falls, and the Earth Quakes) Imagine this: A prospective homebuyer is looking for a location for her home. She goes to an information kiosk at her library, where she gets a printout of statistical probabilities of floods, earthquakes, and major storms in various geographic areas. She is particularly pleased to note the information provided about relative heat, humidity, and pollen counts, since she suffers from various allergies. Environmental data and related information are created by several federal agencies. For example, the Department of the Interior has databases developed from biological surveys; the Environmental Protection Agency collects information through the Environmental Monitoring and Assessment Program; the National Aeronautics and Space Administration collects satellite data; and the National Oceanic and Atmospheric Administration (NOAA) collects vast quantities of oceanographic, atmospheric, and geophysical data. The data collected from these various systems are usually acquired for a particular purpose, but frequently have multiple uses, such as the use of weather data to investigate global climate change. Innovative use of these available environmental data through integrated data analysis and interpretation can be facilitated by knowing what information is available and the source. There are many potential government and nongovernment users of these databases in addition to the agency collecting the data. Among these users are the general public, the business community, the international scientific community, and researchers and government policymakers concerned about the global environment. The nation's investment in environmental data collection is very high. For example, NOAA spends approximately $350 million a year to support its satellite observing systems.[1] Similar high-dollar amounts are invested in the satellite observing systems of other agencies, as well as those on the ground and at sea. Need for Change In spite of the amount of dollars invested in the observing systems, it is difficult for a user to find out what data exist, where they are located, and how to gain access. For example, ocean temperature data are critical to the study of climate, but there is no central focal point where researchers can determine where the primary data are located and where related data reside for correlation. At least 4 agencies and 10 data centers are involved in holding and archiving environmental data.[2] One report concluded: "Scientists face major obstacles in finding out what data are available."[3] Additionally, most data have been collected without the benefit of data standards and existing data may be of poor or unknown quality.[4] NOAA is the major holder of federal environmental data. Its weather satellites, for example, have collected over 150 terabytes (150,000,000,000,000) of data.[5] Since most agencies are currently developing separate indexes of their data holdings, integrating the information into a common index of systems should avoid duplication and not be difficult. This common index would provide a comprehensive mechanism to integrate the individual agency data holdings into a cohesive system in the future. By using electronic data interchange, users requiring the data would benefit from easy location and access to the data. The index would allow citizens, industry, and academia to locate and access needed information. The creation of a unified environmental data index--an environmental data "yellow pages"--will result in substantial progress toward making environmental data acquired by the government available to the many users that require or desire the data. Action Organize the implementation of a National Environmental Data Index. (2) By July 1994, the Government Information Technology Services Working Group should direct NOAA to organize the implementation of a National Environmental Data Index. An implementation plan, including the establishment of data standards, should be completed by November 1994. This plan should recognize environmental data as a public resource to be shared and not treated restrictively as the property of the scientific community. The plan should address the frequency and method of updating the data index. NOAA should coordinate closely with the Environmental Protection Agency, NASA, and the Departments of Energy, Defense, Interior, and Agriculture to ensure unity of purpose. To implement the index, these agencies should provide descriptions of their databases to NOAA. These descriptions should include items such as type of data held, geographical area, data elements available, and access arrangements including methods for automating access. The first phase in implementing this index is to coordinate the development and use of environmental data gathered by government agencies. The second phase will be to coordinate the indexing of non- federal and international environmental data. Endnotes 1. Telephone interview with T. McGunigall, Program Manager, Geostationary Operational Environmental Satellite and Polar Satellite Systems, NOAA Systems Program, August 17, 1993. 2. Telephone interview with W. Turnbull, Executive Officer, Environmental Information Services, National Environmental Satellite Data Information Service, NOAA, August 17, 1993. 3. National Research Council, Committee on Geophysical Data and Committee on Geosciences, Environment and Resources, Solving the Global Change Puzzle: A U.S. Strategy for Managing Data and Information (Washington, D.C.: National Academy Press, 1991), p. 24. 4. Ibid., p. 4. 5. Telephone interview with W. Turnbull. ***************************************************************** *** IT08: Plan, Demonstrate, and Provide Governmentwide Electronic Mail ***************************************************************** *** Faster Than a Speeding Bullet(in) Imagine this: A citizen walks into a government office for job counseling and information on training programs. Unfortunately, the local counselor is not familiar with her particular job category. He sends an e-mail message to an expert at the regional office. A few minutes later, the counselor is sharing a detailed reply from this expert with the jobseeker. In fact, he gives her an e-mail address she can use to continue to communicate with the expert from her home computer. In 1969, the Advanced Research Projects Agency Network (Arpanet) was created so that researchers at universities and other facilities might share data and computational resources.[1] Soon these scientists developed ways to use the network to transmit messages, known today as electronic mail or "e-mail." Universities and regional networks then connected their own systems to Arpanet, creating Internet. Today, this cooperative network of networks links millions of computers throughout the world. Moreover, e-mail on Internet and other networks has become an important tool for industry and a growing market driver for commercial networks and software suppliers. E-mail has many applications. It provides rapid communications among individuals or groups. Workers in an organization, within a building or throughout the world, can use e-mail over local area networks, telephone lines, or specialized data networks such as Internet for easy, rapid interaction. The delays and frustrations of "telephone tag" disappear, and many people can simultaneously interact. In effect, workers can assemble and interact as teams without concern for location. E-mail permits easy access across agencies and bureaucratic boundaries. As such, it breaks down barriers to information sharing. This can be as important within an agency as across agency boundaries. Barriers to vertical communications are lowered by removing hierarchical controls to communications. E-mail can also minimize the need for personnel transfers or expensive temporary assignments. For example, 53 engineers at Digital Equipment Corporation (DEC)--spread across Massachusetts, Arizona, Colorado, Singapore, and Germany-- collaborated on a design project but had never met and had talked on the phone rarely. DEC estimates that this group finished its project one year sooner, and needed 40 percent fewer people, than a team assembled in one building.[2] E-mail is also cost-effective. According to Hewlett-Packard's calculations, a two-page electronic mail message between any two HP employees worldwide cost on average $0.22; a letter $0.51, and a fax $1.66.[3] And e-mail is faster than all other methods, especially when more than one addressee is included. The infrastructure needed for supporting e-mail is widely in place in universities and research establishments; most agencies that do business with universities--notably those supporting research and education--are major users. Agencies with e-mail capability use it for rapid interaction with the public. Some have incorporated e-mail into processes for grant and contract proposal reviews, saving the time and expense of conventional mail for receipt of comments from expert reviewers of proposals. Using e-mail, agencies working jointly on national research initiatives, such as the High Performance Computing and Communications Program and the U.S. Global Change Research Program, "meet" and exchange information needed to manage complex cooperative programs. As the infrastructure, personal computers, user-friendly software, and telephone-based access have grown, some agencies have opened facilities for general interaction with the public. Need for Change Presently, over a dozen agencies, and (experimentally) the White House and parts of both Houses of Congress are "on-line." Ultimately, most federal employees should be reachable by e- mail. However, much work needs to be done before this can happen. Issues of standards and compatibility must be resolved. Additionally, many agencies desire applications that are still not fully developed, such as file transfers and multimedia mail. Many agencies have electronic mail, but few make it available throughout an agency or use it to maximum advantage. The federal government as a whole has an often incompatible mix of systems. As the utility of linking internal systems together to conduct agency business became apparent (and linking agency internal systems with more global systems), several ad hoc interagency groups were formed to examine various problems related to implementation. However, none of these groups has the authoritative charters to accomplish the myriad tasks that must be completed to optimize e-mail use. In addition, several potential barriers of "traditional practice" must be dealt with. The most difficult is a lack of understanding about the various potential uses of e-mail. In addition, messages created in the e-mail environment are treated by senders and receivers in much the same way as telephone conversations--privileged personal communications. But messages, unlike telephone calls, are inherently archival, which introduces records management, security, and privacy concerns. The Federal Records Act (FRA) requires that agencies document work that is used to transact official business-- regardless of the medium. Because official agency business will be conducted over electronic mail systems, agencies must take steps to ensure that the recordkeeping requirements of the FRA are met. Guidance for agencies in meeting this requirement is not adequate and should be strengthened and extended to reflect changes in records management, privacy, and computer security. Actions ******* 1. Improve electronic mail and messaging among federal agencies. (2) An existing interagency task force established by the Office of Management and Budget's Office of Information and Regulatory Affairs (OIRA) should be charged to report by April 1994. The Department of Health and Human Services presently chairs this interagency working group, the E-mail Task Force, supported by the General Services Administration. As authorized by the Paperwork Reduction Act, OIRA is overseeing the task force's work and coordinating it with other initiatives. The task force is drawing expertise from existing interagency information technology groups such as the Federal Information Resources Management Policy Council, the FTS2000 Interagency Management Council, and the High Performance Computing, Communications, and Information Technology Subcommittee of the Federal Coordinating Council for Science, Engineering, and Technology. Four goals for this group include: ---Identify support for, provide advice to, and evaluate the results of e-mail pilot programs currently underway. These pilot programs should establish electronic mail capabilities among departmental science and technology advisors and the White House Office of Science and Technology Policy; departmental legislative affairs offices and the Legislative Liaison Office and parties in the alternative dispute resolution process of the Administrative Conference of the United States. ---Develop and issue a Request for Information to the private sector. The Request for Information will outline the challenges faced by the federal government in its progress toward electronic mail interconnection and solicit possible technical solutions. The task force will evaluate industry responses and use this information to fulfill its other goals. ---Analyze the current use of Internet by federal agencies and its potential contribution to both near and long-term e-mail requirements. Coordinate proposals for improving mail interoperation with the High Performance Computing and Communications Initiative via the High Performance Computing, Communications, and Information Technology Subcommittee of the Federal Coordinating Council for Science, Engineering, and Technology. ---Develop a near-term program plan, including financial and technical resource requirements, to assist agencies in improving their capabilities for electronic mail. 2. Issue a governmentwide e-mail records management policy. (1) In consultation with OMB, agencies, and the National Archives and Records Administration (NARA) should issue a governmentwide e-mail records management policy by April 1994. Some issues that NARA should consider in revising its policy should include records management, privacy, security, and permissible use. Endnotes 1. Arpanet was established by the Advanced Research Projects Agency of the Department of Defense. 2. Perry, Tekla S., and John A. Adam, "E-mail: Pervasive and Persuasive," IEEE Spectrum (October 1992), p. 24. 3. Ibid., p. 26. ****************************************************** Establish Support Mechanisms for Electronic Government ****************************************************** Introduction Electronic government requires an information infrastructure. This infrastructure consists of the technologies needed to allow information to flow smoothly, as well as the operational policies, procedures, and standards that support electronic government applications. An effective government information infrastructure will lead to complementary and cooperative interagency programs and an integration of databases among these programs. Therefore, privacy and security issues have the greatest priority. The public requires assurance that controls exist to guarantee the integrity, security, and privacy of the information the government maintains. The government needs to improve the way it buys information technology (IT). Additional Accompanying Reports of the National Performance Review, titled Reinventing Federal Procurement and Reinventing Support Services, contain specific recommendations on improving IT acquisition. The initiatives in this section of the report require the support and backing of federal, state, and local government as well as industry. Incentives are needed to reward federal managers and private sector contractors for innovations that result in successful reengineering programs. Although the recommended actions in this report offer potential savings in the billions of dollars, there will be some initial start-up costs for innovative interagency projects. Certain measures can be taken to finance pilot programs. These include creating a governmentwide venture capital fund, initially seeded by taking a small percentage from existing agency IT budgets to avoid the need for new spending appropriations; multi-year funding of IT programs; and retaining savings from IT projects for reinvestment in new IT initiatives. A key element in realizing the vision of an electronic government is government's approach to improving human resources for IT management and use. Keeping pace with the service demands of citizens and the advances in technology requires a full-scale shift from minimal training to continual strategic learning. ****************************************************** IT09: Improve Government's Information Infrastructure ****************************************************** Riding on the Information Highways The vision of an electronic government requires computer hardware, software, and telecommunications equipment to make data flow smoothly across the nation's information highways. It also requires policies, procedures, and standards to support the development and operations of services that use the physical technology components. Practices and standards, for example, ensure that newly acquired hardware and software are compatible with existing equipment and interoperable with other systems to which they must be linked. Privacy and security practices, methods, and standards ensure adequate user protection and systems integrity. An effective information infrastructure requires high levels of interoperation and integration among diverse users. For example, a large enterprise might require high-capacity, high-performance, and expensive technology, such as a fiber optic line leased from the phone company at a cost of several thousand dollars per month. An individual, on the other hand, could link to the same information infrastructure--at lower capacity, lower performance, and lower cost--via a residential telephone and a modem for a minimum access charge. Technical requirements are based on the amount of information transmitted. The computer and communications industry is in a period of rapid technological innovation producing a continuous revolution in information processing capabilities and products. Notable among these are (1) vast improvements in the ratio of price to performance in integrated circuit design and manufacturing; (2) improvements in user- friendliness and the automation of complex procedures; (3) enhanced interoperability among multi-vendor systems; and (4) universal access to computer networks by both wireless and land-line connections. At the same time, the telecommunications industry is creating new integrated voice and data communications networks. These networks will provide the critical underlying structure for rapidly accessing and receiving information from assorted sources, rapidly coordinating actions, and sharing resources across diverse, geographically distributed organizations. Elements of a nationwide information infrastructure are already being incorporated into baseline federal, state, and local government operations, based on capabilities provided by the private sector. The federal government has contracts in place to take advantage of existing telecommunications infrastructure for voice, video, and some data communications services. The standard vehicles for agencies to acquire these services are the FTS2000 contracts awarded to AT&T and Sprint by the General Services Administration (GSA) in 1988. FTS2000 provides the basic intercity telecommunications infrastructure for the federal government. The various services available under the present contract make it possible for a given agency to craft its own network services based on its own requirements. In addition, Internet is a basic data communications infrastructure for (computer-based) communications for some federal agencies and much of the rest of the nation and the world. Today, this cooperative "network of networks" links millions of computers throughout the world providing the framework for an information highway. Over 17,000 networks are linked in 102 countries, and many of these networks contain thousands of computers.1 Internet makes possible collaboration and resource sharing among millions of government workers, academics, educators, and researchers, and a growing list of commercial organizations and services. Nearly half of the presently attached networks are nonacademic in nature. It is a rapidly evolving testbed for new information-based services. Private citizens and business can gain access to Internet for a monthly fee. The Internet is a common ground for linking governmental, academic, and commercial networks for electronic mail. Most of the major commercial on-line information and electronic mail services (Prodigy, CompuServe, MCI, and AT&T) provide gateways to Internet. Major segments of the U.S. component of Internet are funded by the Department of Defense (DOD), National Science Foundation (NSF), Department of Energy (DOE), National Aeronautics and Space Administration (NASA), and other agencies that are involved with research and development programs. Federal agencies such as DOD, DOE, Department of Commerce (DOC), and NASA are in the process of shifting their scientific and technical information (STI) programs from paper-based operations to electronic digital libraries. These electronic digital libraries will contain vast quantities of agency- generated STI which can be accessed over the National Information Infrastructure (NII). Test-bed electronic libraries of STI are currently being developed using wide area information servers, graphical user interfaces, and Internet connections. Common policies and standards regarding federal STI will be essential in simplifying the use of these databases and in providing one-stop shopping for NII users. Recent federal initiatives improving access to government information in electronic form--e.g., Office of Management and Budget (OMB) Circular A-130 and the GovernmentPrinting Office Electronic Information Access Enhancement Act of 1993--will accelerate the need for electronic connections to the outside world for most agencies and Congress. A wide variety of access methods will need to be supported, including connection to publicly available communications networks, such as Internet, Prodigy, and CompuServe, as well as dial-up access to government-sponsored bulletin boards. Agencies must ensure that their formats for information storage and linkages for interconnection are compatible with these access methods. Telecommuting is a potentially important application of the infrastructure. Concepts include working from home or from facilities located at the outer edge of large metropolitan areas, dividing time between a regular office and a remote workplace, and combinations that involve using remote or roving workplaces.[2] Recent action by Congress directs GSA to facilitate the development of three pilot federal telecommuting centers in Maryland and Virginia.[3] Telecommunications to the base office will require high-speed data links for workflow and videoconferencing to promote office interactions, training, and business meetings. These inter-workplace telecommunications facilities will merge with government's evolving information infrastructure and the more widespread NII, thus blurring the workplace/home distinction. State and local governments are moving forward on their own plans to use advanced telecommunication systems. An example of one approach is the Iowa Communications Network. It is envisioned as an advanced information network providing voice, data, and video information services to state and local agencies, libraries, local schools, community colleges, and universities within Iowa. The state has been coordinating its efforts with GSA, the Department of the Treasury, the Department of Veterans Affairs, and the U.S. Postal Service to investigate how such a comprehensive network could be used to integrate the delivery of federal and state government services.[4] California, North Carolina, and Texas all have major initiatives underway with local telecommunications carriers. The government's strategy for using information technology will be refined and improved in the future as the national strategy, vision, policies, and technology for the NII emerges. The government needs to take action to ensure the compatibility of intergovernmental systems with this evolving infrastructure. Need for Change The underlying technologies for the information infrastructure are evolving rapidly, and no one can accurately predict the technology of choice for the year 2000. The government must develop a coherent information infrastructure to evolve with technology and support electronic government. A cross-government coordinated plan for infrastructure deployment is needed to reduce duplication, system redundancy, and costs.[5] Significant opportunities exist for sharing existing data and computing resources, reengineering delivery of government services, improving the quality of service, and decreasing costs. No single data center or single communications network can serve all government information needs. The flexibility afforded by high- capability networking and new computing technologies can, however, offer significant opportunities for cost savings by facility sharing and "rightsizing" of local systems. The government must position itself to take advantage of the evolving infrastructure by taking steps today to coordinate its existing "components" of infrastructure--e.g., data processing centers and basic function applications. Actions ******* 1. Develop government's information infrastructure to effectively use government information resources and support electronic government applications. (2) The Government Information Technology Services (GITS) Working Group should coordinate the development of the government's information infrustructure in order to help implement the strategic vision and policy directions of the Information Infrastructure Task Force.[6] This infrastructure should be developed as a joint partnership between government, national laboratories, and universities on the one hand, and the nation's information technology industry on the other; and in coordination with the nation's broader research and development initiatives (e.g., the NII initiative and the federal High Performance Computing and Communications Program). The Interagency Management Council--chaired by the Associate Administrator of the GSA for FTS2000 with membership including senior information resources managers of various government agencies--is currently planning for the future replacement of the FTS2000 contracts. This planning effort should include the transport requirements for the government's information infrastructure and ensure the replacement to FTS2000 supports the development of the NII. A key role that government can play is to require greater interoperability among government systems. This can be facilitated by focusing the FTS2000 replacement and individual agency procurement requirements on systems that can interoperate, by working with industry to explore partnering opportunities, by promoting standards, and by identifying and removing regulatory barriers that may hinder development of the NII. 2. Consolidate and modernize government data processing centers. (2) The GITS Working Group should develop a governmentwide data processing modernization plan by December 1994. The plan should complement the working group's strategic information technology vision for government resources and provide a road map for reducing the number of data processing centers within two years of the plan's approval. OMB should review the plan to ensure that these targets are met, and should require special justification of new requirements for stand-alone data processing installations. OMB, in cooperation with the GITS Working Group, should update and review the plan annually from a cross-government perspective in conjunction with agency budget submissions. Additional opportunities for consolidation and downsizing should be proposed by the working group and incorporated into annual government data processing modernization plans. For example, DOD developed a consolidation and modernization plan-- now being executed--that will consolidate over 100 data processing installations into 16 efficient centers. 3. Reengineer basic systems for improved delivery of government services. (2) The GITS Working Group, by July 1995, in cooperation with OMB, should develop a governmentwide plan addressing basic functions and services to be reengineered, both within and across agencies.[7] The plan should also include plans for interoperability among basic administrative functions such as payroll, personnel recordkeeping, management information systems, and financial and general ledger accounting. An example of reengineering would be to have current agencies continue to set policies for specific benefits programs, with one agency handling administration and coordination of integrated benefits delivery. Another example of reengineering that will reduce cycle time, steps, and pieces of paper handled is incorporating use of automation- based geographic information systems (GIS) data--such as streets, property boundaries, parks, and police reporting districts--into revised workflows and processes. The City of Minneapolis saved approximately $40 million in street design costs through integration of GIS into its design process.[8] The City of Phoenix is extending its GIS-based access to property records data from one department, where savings of over $100,000 in recurring costs are expected, to all departments and customers.[9] These revised process flows will yield increased service, additional savings, and opportunities for cost recovery. Reengineering will also allow many government administrative support services to be streamlined. These services presently include systems for payroll, personnel recordkeeping, grants, loans, procurement, project management, management information, budgeting, and financial accounting. Smaller administrative systems, such as correspondence control, audit tracking, and legislative information systems, should also be addressed. OMB should prioritize the phased consolidation and standardization of selected integrated systems for governmentwide use. OMB, in cooperation with the GITS Working Group, should update and review the plan annually from a cross-government perspective in conjunction with agency budget submissions. 4. Consolidate and integrate federal government private networks. (2) The GITS Working Group should compile an inventory of private telecommunications networks currently in use within the federal government by December 1994. The working group should evaluate this inventory to identify opportunities for consolidating, sharing, and interconnecting network resources among government agencies. Cross References to Other NPR Accompanying Reports Department of the Interior, DOI03: Establish a National Spatial Data Infrastructure. Reinventing Human Resources Management, HRM07: Enhance Programs to Provide Family-Friendly Workplaces. Department of Transportation, DOT13: Create and Evaluate Telecommuting Programs; and DOT14: Improve DOT Information Technology Management. Endnotes 1. Broad, William J., "Doing Science on the Network: A Long Way from Gutenburg," The New York Times (May 18, 1993), p. C1. 2. U.S. Department of Transportation, "Transportation Implications of Telecommuting," April 1993. 3. Public Law 102-393. 4. Interagency Information Resources Management Infrastructure Task Group, "Iowa Communications Network Study," April 1, 1993, pp. 1-2. 5. A recommendation for securing this plan was described in the Leadership section of this report. 6. See IT01: Provide Clear, Strong Leadership to Integrate Information Technology Into the Business of Government. 7. For additional information on this subject see Thomas A. Stewart, "Reengineering: The Hot New Management Tool," Fortune, vol. 128, no. 4 (August 23, 1993), pp. 41-48. 8. Telephone interview with Brad Henry, Engineer, City of Minneapolis, August 17, 1993. 9. City of Phoenix, "Geographic Information System Implementation Plan" October 26,1992. ***************************************************************** *** IT10: Develop Systems and Mechanisms to Ensure Privacy and Security ***************************************************************** *** Business Relies on Secure Communications Imagine this: A businesswoman walks into a post office, presents a picture ID, and is given a "public key." Using this key card, she electronically signs a federal contract and transmits it over the National Information Infrastructure to a contracting agency. The transaction is valid, secure, and paperless. Automated teller machines (ATMs) are one of the most successful examples of using information technology to improve service. Viewed with skepticism at their introduction, they are now the principal means used to conduct routine banking transactions.Fundamental to their success is public confidence in the trustworthiness of the electronic banking system. Indeed, people's chief anxiety about using ATMs is the fear of being robbed while making a withdrawal. A new type of crime is the "high-tech mugging," in which ATM access information is stolen and used to make unauthorized withdrawals. In a recent Brooklyn, N.Y., case, crooks used a hidden video camera to look over the shoulders of people withdrawing money at ATMs. The camera recorded their personal identification numbers (PINs); later the thieves matched these with discarded receipts to withdraw money illegally. In another ATM caper, crooks placed a bogus ATM machine in a Connecticut mall. The bogus machine not only recorded hundreds of PINs, but also read the private account information stored on each ATM card. The bogus ATM machine returned cards to the unsuspecting owner and displayed a message indicating that the transaction could not be completed. These criminals later used the information to withdraw money. In both of these crimes, the crooks succeeded in stealing over $100,000. These cases illustrate real money loss by exploiting system security vulnerabilities. However, they also illustrate the real potential for a loss of public confidence in electronic government.[1] Unless the information systems and electronic services delivery systems protect the information being processed and the privacy of the individuals using them, electronic government will not work. Government is beginning to use the recent advances in information technology to lower costs; increase efficiency and productivity; and collect, use, and analyze far more information, much of it personal. As government use of electronic services and information systems grows more extensive and widespread, government and citizens will demand continued confidentiality and integrity in the information processed. Also, as government, businesses, and other organizations rely more on electronic records and information, they will also demand more access to diverse, interconnected databases. Information technology can provide tremendous benefits in improved service and, used properly, enhanced privacy and security. But without proper attention, it can also permit inappropriate, unauthorized, or illegal access to information. Furthermore, new electronic government applications-- particularly those focused on service-to-the-citizen programs-- present nontraditional challenges and vulnerabilities regarding accuracy, authentication, privacy, and security. These challenges and vulnerabilities are both technical and policy- related.[2] Although overcoming the technical challenges is straightforward, a tradeoff must be made between cost and risk. Information technology- based solutions and prototypes (cryptography, digital signatures, security protocols) for protecting distributed internetworked systems will soon be available. The implementation of these solutions should be weighed against all identifiable risks. Overcoming the political and policy challenges, however, is not straightforward. Prominent among these today is the appropriate role of the federal government in privacy and security. Examples of particularly challenging policy issues include balancing national security interests with private sector business interests, and maintaining a balance between individual privacy and governmental efficiency. The American people want trustworthy, readily available information, and computer systems that are user-friendly, secure, and protective of individual privacy. These systems must: ---safeguard information, facilities, information systems, and networks against illegal or unauthorized access, modification, or disclosure; ---balance access to agency information and records with appropriate privacy controls; ---respect private ownership of information and be subject to policies and disclosure procedures for government use of individual information; and ---incorporate privacy and security safeguards early in the design of the system. Finally, as the nation develops information highways and expands the national information infrastructure, systems should be designed and used within a framework that ---protects national security interests, ---permits legitimate law enforcement activities, ---enhances global competitiveness and productivity for U.S. business and industry, and ---ensures the privacy and civil liberties of all citizens. Need for Change Public acceptance and reliance on electronic information and data requires ---striking the proper balance between an individual's personal privacy and the government's need for information, ---providing a high degree of security against unauthorized access or use, and ---maintaining the accuracy of the information stored or processed. Need for Privacy. Americans are becoming increasingly concerned about threats to their personal privacy resulting from wider use of information technology to collect, maintain, and manipulate personal information. A poll conducted in 1970 showed that only 33 percent of respondents were concerned about personal privacy.[3] By 1990 polls, that proportion had risen to 79 percent.[4]. Although advancing technology can create new opportunities for misuse, the real problem lies in the lack of adequate management controls over those with access to personal records. For example, in a recent well-publicized case, the U.S. Attorneys announced the arrest of over two dozen individuals who engaged in schemes to buy and sell information from Social Security Administration (SSA) computer files.[5] Most of those arrested were current or former employees of the SSA or the Department of Health and Human Services' Office of Inspector General. This case brought to the public's attention the fact that SSA employees in over 1,300 offices all across the country have unrestricted access to over 130 million records on working Americans. In another case, HHS's Inspector General found social security number fraud: An SSA employee had used social security numbers taken from the SSA records to obtain and establish credit.[6] Giving increased attention to personal privacy policies and procedures would allow the federal government to better represent American business interests abroad, particularly in Europe, where privacy protection approaches differ from U.S. approaches.[7] Information, and the records associated with this information, is a global commodity, which readily flows across international borders. Trade conflicts and issues may arise for U.S. businesses when dealing with the privacy laws of other countries, such as the recent privacy laws advocated within the European Community for transborder flow of information. Need for Security. As society becomes more dependent on computers and computer communications systems for the conduct of business, government, and personal matters, it relies more on the availability, confidentiality, and integrity of the information these systems rocess. Information security has become especially important for applications such as electronic transactions where accuracy, authentication, or secrecy are essential. OMB estimates that by 2000 approximately 75 percent of public transactions will be processed electronically.[8] The private sector already uses electronic transactions widely. One trillion dollars in worldwide banking and financial transactions occur each day.[9] Yet the best security systems in use today lose money, credit and financial reports, and private and proprietary data due to electronically perpetrated theft and unauthorized browsing. For example, in the United States, computer crime losses alone total $15 billion per year.[10] These losses are minor when compared to potential losses from harmful and illegal acts such as service disruption, terrorism, and industrial espionage. The cost could be billions for a single debilitating disruption of service or criminal act. More than dollar losses are at stake. In distributed, electronically based information systems, if access controls and security concerns are not addressed as government proceeds with reinvention, vulnerabilities to U.S. national security may be inadvertently created by making information readily available to foreign governments, competitors, or criminals.[11] Finally, large-scale service disruptions could adversely affect recipients of federal benefits and information-based services of all kinds. Actions ******* A division between sensitive unclassified and classified information is statutorily mandated by the 1987 Computer Security Act. The following actions use existing privacy and security boards, councils, and groups. Exceptions are two near-term task forces to develop high priority, essential standards or generally acceptable principles needed for rapid progress in creating an electronic government. 1. Establish a Privacy Organization. (3) The President should direct the Information Infrastructure Task Force to advise on the establishment of a Privacy Organization within the executive branch to serve as a focal point for both public and private sector privacy issues. Such an organization would advise the President on privacy issues and concerns affecting Federal agencies; assist Federal agencies in identifying and resolving privacy issues related to the implementation of their programs; coordinate U.S. privacy policy with international organizations and foreign governments; and assist and advise State, local, tribal governments and private sector organizations with privacy issues and concerns. The IITF should provide the President with specific recommendations about the placement, membership, authority, powers, duties, (including budget and legislative relationships), and staff size of such an organization. If establishment of such an organization can be accomplished by executive order, the IITF should create a draft executive order for presidential approval. If specific legislation is needed, the IITF should provide a draft of such proposed legislation. In developing either/or both methods of establishing such an organization, the IITF should seek comment from experts in both the public and private sectors. 2. Establish uniform privacy protection practices and generally acceptable implementation methods for these practices. (2) The IITF by July 1994 should direct the creation of an interagency task force to create uniform privacy protection practices for information systems and generally acceptable implementation methods for these practices. The task force should include membership from the Departments of Justice, Treasury, Commerce, Defense, Energy, Health and Human Services, Education, and State, OMB, and the Office of Science and Technology Policy and should solicit participation and input from groups such as business, consumer, computer science, telecommunications, civil liberties, and state and local governments. OMB should have a coordination and advisory role, and the chair should be selected from the participating federal agencies. The task force should be directed to prepare a report within 12 months following its creation that details uniform privacy protection practices and provides generally acceptable implementation methods for these practices. Methods for implementing the uniform privacy protection practices may differ by sector, e.g., health care, personnel, or law enforcement. These practices and methods should be viewed as the recommended privacy standards federal agencies will follow and the private sector will consider. The direction to the task force should require that the generally acceptable implementation methods aggressively use information technology--including the use of distributed interconnected systems--and should effectively use technology to balance government's responsibility to provide individuals a reasonable degree of control of information about themselves and appropriate confidentiality with government's desire for efficient and high-quality recordkeeping; detection and prevention of fraud, waste, and abuse; and effective law enforcement investigations. OMB should issue new guidance (e.g., a circular), within six months of receiving the task force's final report. This guidance will adopt, for use governmentwide, uniform privacy protection standards and generally acceptable implementation methods as set forth in that report. 3. Develop standard encryption capabilities and digital signatures for sensitive unclassified data. (2) The National Institute of Standards and Technology (NIST), in coordination with OMB and with technical assistance from the National Security Agency (NSA), should issue a final digital signature standard by December 1994. NIST, in coordination with OMB and with technical assistance from NSA, should also create opportunities for industry to develop the encryption capabilities required for protection of networked distributed systems. NIST should then make that information available to federal managers. A high priority should also be given to finalizing and promulgating digital encryption standards and security protocol standards. 4. Develop generally accepted principles and practices for information security. (2) NIST, in coordination with OMB and with technical assistance from NSA, should plan and coordinate the development of generally accepted principles and practices for information security which are to be applied in the use, protection, and design of government information and data systems, particularly front-line systems for electronically delivering service to citizens. Draft guidance should be issued by September 1994. More than one set of generally accepted principles and practices may be required for the affected communities. 5. Develop a national crisis response clearinghouse. (2) By September 1994, NIST, in coordination with OMB and with technical assistance from NSA, should promulgate better security information to the existing group of agency crisis response teams. This clearinghouse should address security problems including collection, analysis, and technical vulnerability assessment. It would also disseminate information about incidents governmentwide. The mission of this clearinghouse would be to serve as a broker of computer security crisis information and of computer security resources. This can be accomplished by expanding the role of the NIST program and by formalizing Memoranda of Agreement that facilitate networking and coordination among various existing independent crisis response bodies. 6. Emphasize the need for information security in sensitive unclassified systems. (2) OMB and NIST, with technical assistance from NSA, should (1) improve planning capabilities for security by requiring an information security plan to be part of each agency's strategic IT plan; (2) identify computer security as a material weakness in the Federal Managers Financial Integrity Act report if it does not meet established thresholds; (3) require employees and contractors to complete awareness and training; (4) improve planning for contingencies; and (5) establish and employ formal contingency response capabilities. These requirements should be included in future revisions to OMB Circular No. A-130, Management of Federal Information Resources, to be issued no later than December 1994. 7. Reevaluate security practices related to national security data. (2) By December 1994, the PRD Task Force--chaired by the Information Security Oversight Office, in cooperation with the Joint Security Commission, and the National Advisory Group for Security Countermeasures--should aggressively pursue a reevaluation of information security and information systems security practices. These groups should also examine classification and safeguard practices for the purposes of improving security within rapidly changing technological and threat environments. This reevaluation should be accomplished within the context of the Presidential Review Directives on national security information and advanced telecommunications and encryption, as well as the Presidential Decision Directive on public encryption management. 8. Foster the industry-government partnership for improving services and security in public telecommunications.[12] (2) Since government relies heavily on public telecommunications systems (e.g., about 90 percent of DOD's telecommunications are provided by public carriers), improved security, integrity, and assurance of services is crucial. Electronic government will rely even more heavily on public carrier telecommunications for services. Fostering this relationship includes the following: ---The voluntary and cooperative development of a unified concept of operational security for new technological developments such as universal personal telecommunications. The universal personal telecommunications concept provides personal telecommunications services regardless of location, terminal or network access point. For example, individuals are assigned a unique personal network number so that services may reach them anytime and anywhere in the network. Within this context, the standards community needs to address the issues of national security, emergency preparedness, priority, access, fraud, and information privacy. The National Communica-tions System should work through the National Security Telecommunications Advisory Committee, with technical assistance from NSA and NIST, to foster government and industry liaison for developing security for Universal Personal Telecommunications capabilities and ensure National Security/ Emergency Preparedness. ---The development and issuance of appropriate technical information bulletins for shared industry use that address security assessments of wireless access to commercial systems. The National Communications System and the Federal Communications Commission, working with public telecommunications services providers, should ensure information bulletins address all telecommunications threats. ---Working with industry to cooperatively improve security, integrity, and availability of the public switched network (PSN) provided by the telecommunications industry. The National Communications System and industry, through the National Security Telecommunications Advisory Committee and its supporting groups, should foster conducting vulnerability assessments, sharing lessons learned, identifying improvements in legislation to protect PSNs, reporting on vulnerability incidents, and research on telecommunications security areas. 9. Implement the National Industrial Security Program. (2) The Information Security Oversight Office, currently in GSA, should aggressively continue to work with industrial organizations under contract with the government to ensure the protection of classified information while reducing costs and redundant requirements and improving efficiency as described in Executive Order 12829, January 8, 1993, National Industrial Security Program (NISP).[13] This office, along with the Secretary of Defense, Secretary of Energy, and Director of Central Intelligence, should continue to work cooperatively with industry to implement the NISP. The following should be considered as a minimum: publication of a NISP operating manual; development of cost collection and tracking mechanisms; development of governmentwide standardized background investigation forms and processes, as appropriate; standardized policy on reciprocity of investigations and inspections; portability of security clearances across agencies; development of uniform, standardized training and education requirements for industry and associated curricula and competency evaluation for government industrial security representatives; and the implementation and enforcement of NISP standards. 10. Develop a comprehensive Internet security plan. (2) The existing interagency team, the Federal Networking Council, chaired by the National Science Foundation (NSF), should, in consultation with NIST and OMB, develop and promulgate a Federal Internet Umbrella Security Plan, by November 1994, for interconnecting the federal IT community with appropriate state, local, commercial, public and private, and foreign government activities. Such a global architecture should allow for security differences between networks. Use of layered protocol standards and techniques can be employed with a range or set of security service standards with appropriate gateway protection devices so that small restricted communities and large open communities can safely interoperate. The security architecture should identify, as a minimum, the grades of services offered, how each is implemented and assured, how interconnections between networks should be made, and what can be done for those users not adequately served by any of the agreed-upon standard grades of service. 11. Coordinate security research and development. (2) The GITS Working Group should direct NIST, in coordination with OMB and with technical assistance from NSA, and the Office of Science and Technology Policy's Federal Coordinating Council on Science, Engineering, and Technology, to coordinate the development of a governmentwide plan for security research and development (R&D). The plan should be completed by December 1995. It should provide a baseline assessment of the current R&D investment in privacy and security. The plan should address development and prototyping of the next generation of information systems within the context of appropriate, adequate security and individual privacy features. The plan should also describe a process for continuous technology improvement or advancement, which includes evolving basic research into technology development and prototyping initiatives followed by the introduction of mature features into operational systems. Finally, the plan should recommend prototyping experiments to accelerate use of new technologies in trusted systems and systems having individual privacy protection features. Endnotes 1. "On PINs and Needles Over ATMs, "Washington Post (May 21, 1993), pp. G1, G8, and "ATM Scams; High-Tech Caper Prompts Banks to Step Up Security," The Hartford Courant (July 11, 1993), p. D1. 2. U.S. Congress, Office of Technology Assessment (OTA), Federal Government Information Technology: Electronic Record Systems and Individual Privacy, OTA-CIT-296 (Washington, D.C.,June 1986); The Report of the Privacy Protection Study Commission, Personal Privacy in an Information Society (Washington, D.C.: U.S. Government Pr