Today, CDT and 28 other organizations sent a letter to the White House asking that the Privacy and Civil Liberties Oversight Board (PCLOB) be reconstituted. The 9/11 Commission recommended the creation of PCLOB in order to oversee the protections to civil liberties and privacy within the federal government, but the board has not been active since early last year. The board has a vital role as an independent advisor to the President and executive branch agencies in policy matters around privacy and civil liberties and providing oversight. However, the board has not been active since early 2008.

PCLOB was established in 2004 and had one term, starting in 2006 – but the terms of the members of the board expired in January of last year, and President Obama has not nominated new members to the board. This letter asks President Obama to nominate members to the board quickly. Once members to the board are nominated, they must be confirmed by the Senate, and the office will need to be set up and staff must be hired. All in all, it will take months to reconstitute the board before it can begin advising the President and agencies.

Currently, the federal government lacks independent privacy oversight. Reconstituting PCLOB is one of the ways that privacy and civil liberties can be better protected by the federal government. In fact, the Cybersecurity Policy Review specifically called for PCLOB to be reconstituted, and possibly to expand its purview to include more cybersecurity topics, as an important oversight body. As an existing mechanism to protect privacy and civil liberties, it is an important and relatively simple way to provide oversight and advice for the government.

CDT and other advocates sent a letter to President Obama today once again urging greater transparency as the US negotiates a new Anti-Counterfeiting Trade Agreement (ACTA). While the administration has permitted some advocates (including my colleague David Sohn) to review the US-authored Internet portion of the current draft under strict non-disclosure rules, such limited access does not allow for full analyses of the agreement and its implications (even by other CDT staff members, much less the broader public interest community). Some leaks have surfaced which suggest that ACTA could require DMCA-style notice-and-takedown and anti-circumvention laws, or even graduated-response obligations on ISPs (see coverage here and here). The fact remains, though, that we don’t know what we don’t know, and a full discussion of whatever obligations ACTA would impose is impossible unless the Obama administration draws back the curtain on the drafting and negotiations. Any proposal that could lead to the denial of people’s Internet access—even if they have violated copyright law—would raise very serious constitutional problems under our First Amendment, and should not be even considered without a broad and open public discussion.

Recently, CDT was asked to testify about the ways that technology can be used to improve financial oversight during a 2009 congressional session that saw “bank bailouts,” “housing markets” and “economic stability” become commonly used buzzwords. While TARP and mortgages aren’t our usual area of expertise, we have a lot to say on how Congress can ensure that the databases supporting these endeavors can help the government be more transparent and protect privacy at the same time.

The Troubled Asset Relief Program – or TARP – has been in the news a lot lately, as the program designed to strengthen the financial sector comes under scrutiny from the media and the public to figure out whether or not the program is actually working. Unfortunately, there hasn’t been an effective way to track TARP funding, in part because so many agencies are involved in distributing the money. One of the bills we discussed, H.R. 1242 (and companion bill S. 910), would create a centralized database for TARP information. It’s surprising that a program of this size doesn’t already have a way to consolidate the information around it’s expenditures, but not even the oversight committee has an easy time tracking the dollars. TARP funds are distributed by 25 agencies, using incompatible and outdated systems to track spending. The H.R. 1242 database would not only centralize this information for easy access, but would require almost real-time updates to the information.

We believe that the database needs to be made public in order to allow the media, watchdogs, and citizens to see how TARP money is being spent. A good example to follow is the Recovery.gov website, which pulls together information from the 28 agencies distributing Recovery Act funds. The site allows users to sift through stimulus contracts in useful ways and, though not perfect, it is an incredibly important step in keeping the public in-the-know. The lack of a similar site for TARP has made it difficult for the public to understand the program – so it’s a perfect opportunity to make a government database public.

Another bill we talked about in our testimony, H.R. 932 looks to improve technology for oversight on housing issues by linking location information to mortgage information, making it easier to track foreclosures, abusive lending practices, and vacancies. Currently, land parcel information is kept by counties, but centralizing them would allow regional analyses of the housing crisis and regional responses. Of course, if regional geo-databases are created, they may not fall under the privacy protections imposed on the federal government. In that case, it will be vital to ensure that the databases are subject to privacy and security protections. The financial information that can be correlated to land parcels is both personally identifiable and sensitive, as financial information is defined as sensitive by almost all definitions.
(more…)

In a much-hyped launch this afternoon, Apps.gov was introduced as a centralized service for federal agencies to obtain cloud-based IT services. These services range from productivity and management applications for internal use to free social media plugins for agency websites. US CIO Vivek Kundra has often noted that taking the government into the cloud was a priority for him for many reasons, among them cost saving and increased security among agencies, as well as furthering interagency collaboration.

Apps.gov is billed as a storefront for cloud services for government agencies. Many of these are apps for internal use only, and the website notes that internal agency users have no expectation of privacy. However, there are some external facing social media tools that are listed within the Apps.gov catalog, and I hope that they make it clear as they work with these social media sites that user privacy is important. While amended terms of service for the social media tools are included on the site, we’d also like to see the contracts that GSA has entered into with third party vendors. Of particular interest are details about what types of social media tools will be available to interact with citizens. Apps.gov’s social media section would be an excellent place to put a repository of tips and best practices for user privacy, for example- an example Privacy Impact Assessment for agency use of Facebook could be one of the resources at Apps.gov.

We are excited to see government begin to harness the cloud, and begin to take advantage of centralized services within agencies. Hopefully we’ll see Apps.gov turn into a repository of information on how to use cloud tools internally and with the public as well as serving as a storefront for agencies.

Last week, the federal government announced a pilot project to develop digital identity solutions for federal websites, working with OpenID and Information Cards technologies. This will allow government agencies authenticate the public (for low and no security uses) and provide personalization and services. Online industry leaders have signed up as identity providers, and will allow citizens to use their existing identity online to interact with the government. Even six years ago, one third of online users logged in to government sites. The proliferation of online services and websites surely means that the identity program is something that agencies will be quick to take advantage of. Using a federated identity solution will allow agencies to stop developing and investing in independent solutions and instead use a plug-and-play system for identity. However, linking identities across the .gov web – let alone with the commercial web – carries new issues to be addressed.

There are 300 million Americans, any number of whom may want to do business with government at any time of the day or night. Often, this may just be looking up an address or printing forms, but many interactions will require some way to identify the citizen who is asking for services from the website.

Last week at the Gov 2.0 Summit, federal CIO Vivek Kundra noted that identity is crucial if government websites are to move beyond ‘brochureware” and provide services to and interact with the public. Making government websites more interactive and useful is a key component to the Open Government Initiative, and identity is a step towards that goal.
(more…)

Yesterday, the New York Times published an editorial on the revising the tracking policy on federal government web sites. This piece aligns closely with recommendations CDT and EFF made recently about updating the “cookie” policy to provide both transparency and privacy protection.

As mentioned in a blog post from EFF’s Tim Jones, this piece really nails it in terms of what the administration needs to do to ensure that citizen privacy is taken into account in web site measurement and tracking. It is important to note from the CDT and EFF recommendations that this type of notice does not need to be legalistic to be useful. We recommend that agencies have regular for users on each page that users can find more information about.

While we often concentrate on the Executive and Legislative branches when we talk about government transparency, the federal court system lags behind them both. The Public Access to Court Electronic Records (PACER) system – the only online source for “public” court documents – is hardly a modern system for openness. Sure, it was when it launched several years ago, but it has fallen far behind the times. In order to access court records, users must use a confusing and outdated system to pay eight cents per page for PDFs of court documents.

A new project from Princeton University’s Center for Information Technology Policy aims to “turn PACER around” with a Firefox extension called RECAP. This extension is crowd-sourcing the task of making documents available, letting users know when a document can be had for free at the RECAP archive and letting users donate documents they purchase to the free collection.

As I noted in February, these opinions and documents often form the basis for our understanding of legislation and law. They are currently locked behind a pay wall. RECAP is working with Public.Resource.Org and Justia to build on their existing free court documents, consolidating them with user submissions at the Internet Archive. This is exactly the kind of project that we need in order to show that the courts shouldn’t rely on high user fees to make information public – in fact, the information can and should be shared easily.

Transparency advocates are not the only people pushing PACER to modernize it’s system; Senator Lieberman continues to question the fees levied on users. He’s right- the courts are not making documents “freely available to the greatest extent possibleâ€? as mandated in 2002 as part of the E-Government Act. When the government won’t free information, third parties stepping in to compile and share information is the next best thing.

RECAP will be presenting on their new extension as well as the policy context of their work at the O’Reilly Gov 2.0 Expo next month, and I’m looking forward to hearing more about it.

Earlier this week, CDT co-hosted an appearance by the nation’s new Chief Technology Officer, Aneesh Chopra. Speaking at the Computer History Museum in Silicon Valley, Chopra outlined how he wants to use technology to address the critical issues facing the nation and how he thinks the federal government can best support innovation. The video of Chopra’s remarks is up courtesy of our co-host, the Churchill Club.

Tim O’Reilly explained at length earlier this year why Chopra was such a good choice to shape technology policy in Washington, and it was impossible not to agree after hearing Chopra speak this week. Chopra is an opportunist in the best sense of the word. He has a grand vision of how technology can contribute to issues ranging from health care to education to the environment, but he also understands the value of incremental steps and short-term results. His talk was peppered with examples from his tenure as Virginia’s Secretary of Technology and his first months in the White House, where he is already in charge of an overhaul of the case status system for the US Citizenship and Immigration Services, among other projects promising immediate pay-out.

CDT is working on many of the issues Chopra mentioned, including health IT, cyber-security, broadband deployment, and, of course, government transparency. At times, we will be pushing the Administration to go further that it might otherwise be inclined to go in terms of openness and privacy, and we will criticize the Administration when it falls short, but we couldn’t want a smarter, more receptive official to engage with than Aneesh Chopra.

If I had one criticism of Chopra’s remarks, it would be his repeated emphasis on accomplishing things without changing the underlying laws. On the one hand, working within existing frameworks is consistent with his attractive opportunism. However, it is clear that some laws need to be updated to ensure deep, government-wide change. One example is the Privacy Act, which applies to federal databases; CDT has a major project underway to bring this 1974 law into the 21st century. Getting legislation passed will require White House leadership, and we hope that Chopra, while developing practical tools to make government more transparent and participatory, will also lend his credibility to improving the legislative framework for privacy in government systems.

Update: Here are the slides Aneesh Chopra used in his August 4, 2009 presentation in Silicon Valley. [pdf]

The Congressional Research Service is a $100 million a year think tank that researches and writes informative and non-partisan reports on topics suggested by members of Congress. The catch–and the reason you might not have read their work–is that CRS reports are only made easily available to members of Congress. Citizens can request these reports from lawmakers, but without a public index, they can’t request something they don’t know exists. The CRS Reports currently rank first on CDT’s Most Wanted Government Documents. In an ongoing effort liberate these documents, CDT runs Open CRS, an online repository of public CRS Reports. To spotlight these reports, I will be writing “CRS Report of the Week” posts and feature a relevant report each week. These reports are informative in both that they serve as excellent primers to political issues and that they offer a degree of insight into what information is circulating around Congress.

Access to Broadband Networks: The Net Neutrality Debate
R40616
June 1, 2009

July 21st has passed, which means just one thing: Reply Comments to the Federal Communications Commission (FCC) Broadband Plan are in! Anyone interested in digging in and reading the Reply Comments can do so by searching the FCC’s website using the parameters Proceeding 09-51 and Document Type RC (CDT’s Reply Comments can be found here). This CRS Report on the Net Neutrality Debate might come in handy before you dive in. It was written very recently, which makes it even more useful.
(more…)

The Congressional Research Service is a $100 million a year think tank that researches and writes informative and non-partisan reports on topics suggested by members of Congress. The catch–and the reason you might not have read their work–is that CRS reports are only made easily available to members of Congress. Citizens can request these reports from lawmakers, but without a public index, they can’t request something they don’t know exists. The CRS Reports currently rank first on CDT’s Most Wanted Government Documents. In an ongoing effort liberate these documents, CDT runs Open CRS, an online repository of public CRS Reports. To spotlight these reports, I will be writing “CRS Report of the Week” posts and feature a relevant report each week. These reports are informative in both that they serve as excellent primers to political issues and that they offer a degree of insight into what information is circulating around Congress.

The REAL ID Act of 2005: Legal, Regulatory, and Implementation Issues
RL34430
April 1, 2008

REAL ID is an issue that, if you have not been following from the beginning, can be daunting to understand. With the introduction of the PASS ID Act, the debate becomes even more confusing to a newcomer. This CRS Report provides an overview of REAL ID, covering its history, a few provisions, relevant constitutional questions, debates, and selected regulatory requirements. However, the Report does not highlight many of the implications on the privacy and security side, so take a look at CDT’s REAL ID Primer to get filled in on that. However, this Report’s analysis of the potential constitutional objections (pgs 6 – 14) to REAL ID are worth a look and the cases mentioned read like a greatest hits list of important Supreme Court cases. The section explaining selected regulatory requirements of REAL ID (pgs 20-28) is also informative.
(more…)