|
CENDI PRINCIPALS AND ALTERNATES MEETING |
Department of Commerce
Washington, D.C.
December 12, 1996
MINUTES
Ms. Buffum opened the meeting at 9:15 am.
OIRA Update on Issues and Activities
Bruce McConnell, Director, OMB Office of Information and Regulatory
Affairs (OIRA)
Mr. McConnell opened his remarks indicating that OIRA and CENDI share many of the same interests. He said that it has been a pleasure working with CENDI in the past, and he considers CENDI to be one of the best models for interagency collaboration.
Mr. McConnell's "white" board has three categories of issues that require OIRA attention,"out of control," "not quite under control" and "under control". He selected those items to discuss that might be of interest to CENDI. Mr. McConnell grouped these issues into legislative priorities, policy-related, and technology.
Printing. HR 4280, introduced by Rep. Thomas, proposed major changes in the current printing process. Agencies have been asked to comment on the latest revision. The STI programs should contact their legislative affairs offices to comment on the bill. Currently, OIRA is waiting for input from the Justice Department on the "separation of powers" issue. In any case, a comprehensive rewrite of Title 44 is expected. In the meantime, as indicated in the Panetta memo from last April and as a policy decision, agencies should continue to make maximum use of GPO. This is not mandatory under the Justice Department's legal interpretation.
Privacy. There is no particular privacy act under
review at this time. However, privacy is implicated in some legislation
that has passed and in other bills that are coming up for debate.
Many legislated activities have database requirements. These
databases, particularly those involved in benefits programs, raise
issues of privacy because they are created by statute. This proliferation
of databases and their maintenance could benefit by being integrated.
This whole area is rather worrisome and will likely receive increased
attention in 1997.
Electronic FOIA. Electronic FOIA, that passed in the last Congress, is somewhat of a misnomer and has little to do with electronic records. Rather, it codifies existing case law and current practice. It also has a GILS-like requirement for a directory. Documents likely to be frequently requested should be digitized prospectively. If the agencies work in a digitized (less paper-oriented) environment, the electronic FOIA issue becomes less intrusive on their workflow. The hope is to fulfill FOIA requests more quickly. OIRA is asking agencies to do draft procedures for incorporation of Electronic FOIA in their agencies. A model regulation should be forthcoming from the Justice Department in the Spring. It will include many procedural aspects such as how to deal with backlogs.
WWW Policy. This effort started with detailed guidelines that were not well accepted among the agency Webmasters who do not believe they need a top-down policy. However, OIRA believes that guidelines are necessary. For example, there are federal WWW pages that collect information from users with no evidence that privacy regulations are being followed. A number of Congressional inquiries have been received on the privacy issue. Currently, model guidelines are being worked out with the Federal Webmasters Consortium. There will be a two-page set of principles and references to the Webmasters Guidelines as best practices. The draft is expected to circulate for informal comment by the end of this month, and to be finalized by the end of January.
Morella Act (Rep. Constance Morella, R-Maryland).
Voluntary consensus standards must be used in purchasing and
in regulations under this act. A119 already requires this.
The Bill adds the requirement that a report must be written that
provides a justification when an agency decides not to use a voluntary
standard. Changes are being drafted to A-119 to interpret the
standards act, especially on the reporting requirements. OIRA
expects increased attention to standards, including the IETF Internet
standards. The drafted changes for A-119 should be ready for
a 90-day comment period by the end of the month. A joint meeting
with ANSI is being planned to address this area of federal standards.
Information Technology Management Reform Act (ITMRA). This act, sponsored by Klinger and Cohen, created the CIO Council and repealed the Brooke's Act. OMB now oversees the technology procurements through the budget process, treating technology like any other capital investment procurement. OMB won't provide detailed oversight; instead, the decisions are put in the hands of the agencies. This whole process is effective for the FY98 budget that is now in the appeals process. The details are being worked through this process.
Raines Rules. Raines was previously the Fannie Mae director and knows computing infrastructures. Raines Rules 97-02 provide eight criteria that should be met by any information systems investment. There is increased emphasis on determining the system architecture in advance of the purchase of individual hardware/software components. They found that agencies have limited experience in doing this kind of planning. Even the theoretical work in this field is not widely understood. However, the use of architectural models is becoming more prevalent within the private sector. DoD has some good architectures and models from which other agencies could learn. An architecture group will be formed under the CIO Council.
Year 2000. Mr. McConnell stated that he believes the risks and problems resulting from the date change are being underestimated. OIRA has declared this a high risk area, especially where data is exchanged between organizations. This is an issue that cannot be delayed. System changes should be in place by the end of 1998 so that testing can occur during 1999. A group, chaired by Kathleen Adams of the Social Security Administration, has already been established under the CIO Council.
Government Wide Agency Contracts (GWAC). Since the NIH GWAC was reported in federal computer magazines, NIH has been swamped with orders, but it doesn't have the infrastructure to do the contract administration. Policies will be needed with respect to when agencies enter into these agreements. In the Spring, guidance will be issued that identifies the CIO as the official agency with reform oversight responsibility, including management ability to limit outside orders based on the agency's ability to handle them. In general, the increased flexibility given agencies in procurement over the last two to three years has been good.
CIO Council. The ITMRA set up the CIO Council, establishing additional duties and elevating the position of the CIO. The actual outcome within the agencies needs to be reviewed to determine if the CIO is functioning in line with the Paperwork Reduction Act and other requirements, and if they report directly to the agency head. Some agencies have changed and others have not. Some CIOs are active and others are still being recruited.
The CIO Council meets monthly. It is still in the self-organizing phase. They are hoping for leadership roles for collaboration and cooperation. The affinity groups under the Council already include the Year 2000 Group mentioned above.
Information technology (IT) has been the focus of the group, but OIRA is trying to remind the Council of its information management (IM) duties as well. The Information Call for how much each agency will reduce paperwork next year will be handled through the CIO offices; OIRA is hoping that this IM-related task will lead to more emphasis on IM issues.
Several CENDI members voiced concern about the IT emphasis of the Council. Mr. McConnell indicated that, based on the dissemination function of the STI programs, the CIO Council should be interested in the STI functions because dissemination is part of the Paperwork Reduction Act for which they are responsible within their agencies. He encouraged CENDI to pursue content-oriented discussions with the CIO Council. Since they are currently getting organized, he suggested that contact should be made in about four to five months. Mr. McConnell expressed interest in looking at this issue again with CENDI at that time.
DTIC has received a FOIA request (as has NASA) for the server logs from the Internet access. This request is being raised to the DoD General Council because of concerns about privacy. A briefing paper was developed that will be provided for dissemination as part of the CENDI minutes. In the past, DTIC has refused to provide the logs based on the tradition of the privacy of circulation records within the library community.
Mel Ciment asked to what extent OMB is looking to fund pilot projects, particularly across agencies. There is a working group under the GITS Board. There is also money available in the IT innovation fund from FTS2000 (ten percent of revenues are set aside). This is approximately $10 million a year that can be used to fund pilot projects. The quality of proposals are improving and the process is being formalized by a letter from OMB. There is additional money in reserves to fund interagency efforts that could not be funded otherwise. Gail Gordon of the Bureau of Land Management is the chair of the grant committee. There will be a call for proposals for the Fall. Mr. McConnell indicated that this was a very useful effort. Resources for it may be increased two to three times the current level.
NTIS has experience using this seed money. Dr. Johnson indicated that the money must be repaid and the funding is established as a loan.
There was a question about the stability of A-130. Mr. McConnell replied that the April 1996 version is stable and includes changes to computer security. The IT changes are being overtaken by 97-02 which has a Capital Planning Guide. The Chief Financial Officer (CFO) is looking at this area. OMB is waiting to do additional revisions to A-130 in the IT area until it sees what else is needed beyond capital planning and until they can integrate various statutes into one consistent budget approach. All reporting really needs to be integrated at the execution side, including that required by FASA Title 5, ITMRA, and GPRA.
Mr. McConnell was asked about the administration's approach to the WIPO Treaty negotiations. OMB is intimately involved in discussions at the interagency level (Peter Weiss has the lead). He reiterated the position that the delegation is to hold back on the vote and not move forward until further domestic discussion can be held.
Overview of the Applications Council's Mission and Plans
Mel Ciment, Chairman, NSTC CCIC Applications Council
Mr. Ciment described the structure of the Committee on Computing, Information and Communication (CCIC). It is associated with the high performance computing area. There are five areas where R&D programs are funded under the NSTC CCIC. The Applications Council was recently created by Anita Jones, CCIC Chair, but it is rather a misnomer because the applications are actually developed in the R&D committees. "Application" in this instance means an activity that moves R&D out to non-R&D environments. The Applications Council is charged with building bridges and encouraging pilot projects, including those in the international domain. They see themselves as a technology transfer organization to industry, building cooperation across the various R&D bodies. The intent and the philosophy of the group is good, but, unfortunately, there are no dollars to support its work. Mr. Ciment is working on ways to fund the group's projects. They are also still in the process of selecting a co-Chair.
Under the Council, there are two applications groups working already,the Federal Information Services Group and the Next Generation Internet. The Council is just beginning to talk about Crisis Management. The list of interests also includes Education and Health.
The initial work of the WWW Consortium was a model for how R&D agencies and non-R&D agencies can work together successfully. The NSTC funded the initial Mosaic development that was then provided to non-R&D organizations. There was interest in extending Mosaic but NSF thought this was no longer R&D. Thus, the consortium was formed with voluntary funding from participating agencies.
To move the work of the Council forward, a workshop is being planned on the topic of R&D Opportunities in Federal Information. A preconference workshop was held December 2 4 and was hosted by the University of Southern California Information Sciences Institute. The preconference workshop was organized by a committee including Herbert Schorr (Chair), Director of the USC Information Sciences Institute; Thomas Kalil, Director for the National Economic Council, the White House; Colin Crook, Senior Technology Officer, Citibank, N.A.; Salvatore J. Stolfo, Department of Computer Science, Columbia University; Edward A. Fox, Professor, Department of Computer Science, VPI&SU, Virginia Tech; Jean Mayhew, Director of Information Services, United Technologies Research Center; Robert Musser, Project Director, Private Sector Council; Patricia Edfors, US Treasury Department; Constance McLindon, Corporation for National Research Initiatives; Stephen Squires, DARPA; and Joseph Hardin, Associate Director for Software Development, National Center for Supercomputing Applications at the University of Illinois, Urbana/Champaign. There will be a call for white papers for the Spring workshop. They are primarily looking for people to stimulate ideas. The goal of this workshop and related efforts is to convince the R&D community that there is good research going on. Funding for the preliminary activities has been from the NSF Directorate for Computer and Information Science and Engineering, the GITS Board, and NIH's National Center for Research Resources.
The Next Generation Internet will be coordinated by a large scale networking group. They will be writing a research agenda and then looking for funding. The plan is to connect 70 universities, agencies, and large contractors to a high speed bandwidth system. This will be funded on the order of $10-15 million a year.
Mr. Ciment's fundamental concern is the disconnect between R&D and IS. His goal is to address the cultural, educational and technological gaps between R&D and operations environments.
Discussion
A CODATA meeting is set for next year at NIH's Lister Hill Center. The topics will be to discuss where the exchange is now occurring, where it is needed, and how cooperation can be emphasized. The goal is to foster serious and significant cooperation among agencies.
At the bottom line, everyone at the policy level, including Nelson and Kalil, keep talking "bits" and "bytes." The Applications Council could help to put content in context.
NTIS Developments in Electronic Commerce
Mike Williams
NTIS is building on its core competencies to respond to its customers need for electronic commerce. NTIS customers, including other government agencies and commercial firms that do business with the government, are driving NTIS toward electronic commerce (EC). The customers are looking to NTIS to provide electronic commerce so they can comply with regulations, downsize their organizations, and otherwise see the benefits of a non-paper environment. These core competencies include existing products/services, experience and the infrastructure for computer systems and security, telecommunications networks, and electronic financial transactions.
Products/Services. Currently, NTIS provides technical data in the NTIS collection and the EC/EDI (electronic data interchange) and CALS Resource Locator through the CALS Information Center on the WWW, that provides access to over 150 different resources on electronic commerce. The market is now moving NTIS toward supplying DoD/DLA technical data packages via the WWW in support of electronic commerce. Technical data packages include military specifications, standards and drawings, industry standards, and commercial logistics data products and services and software.
Computer Systems and Security. NTIS currently operates the FedWorld Information Network for public access to a wide range of government databases. In addition, the ADSTAR Document Processing System provides electronic ordering of documents. The market is moving NTIS toward secure networks and systems.
As part of this effort, NTIS is working on proactive protection against hacking and acting as a physical firewall for other organizations. NTIS will also serve as a site for Federal Certification of Digital IDs which are used to authenticate transactions. By serving as a certification site, NTIS will ensure that its customers continue to get access to encrypted e-mail. They are working with the GITS group on Federal Key Recovery Management that allows recovery of public-private key pairs for encrypted data. NTIS is also working in the areas of digital cash, PC cards for purchases, and interagency electronic funds transfers.
Telecommunications. NTIS currently runs a BBS and an Internet node with ftp and WWW sites. The current bandwidth is 22MB. Gateways are also provided to networked information located outside NTIS. The market is moving toward increased gateway capabilities to value-added networks, Intranets, and virtual data repositories. Higher bandwidth via fiber optic cable networks will be needed to support a wider range of services, including interactive customer service using products such as VoiceView and Net Meeting, an electronic white board. Real-time updating and notification of transactions and relevant information via e-mail or pager are also in the future.
Financial Transactions. Financial transactions will also become more electronic. NTIS's Order Now system allows users to place orders online for the most recent 30-60 days' worth of new publications. Payment can be made through a variety of payment mechanisms, including credit cards. This service can be hooked into any NTIS product or service, or connected to any linked system to provide subscription management. While people are still concerned about the security of credit card transactions via the Internet, NTIS is experimenting with the Secure Electronic Transaction (SET) standard which should alleviate many of the current problems.
Electronic commerce at NTIS is bringing together all these core competencies. The aim is to provide integrated solutions for the customers by investing in new technology, forming partnerships with government and industry, and developing new products and services which will be marketed through NTIS and FedWorld.
A pilot EC project is now underway. The Tech Data Package Material Information System (TDPMIS) provides access to DoD Technical Data Packages (TDPs) related to supply item procurements or bid sets. Military, federal, industrial, and international specifications and standards; military and commercial vendor drawings of the item required; along with other procurement information such as contract history, are provided via TDPMIS. This project could reach an estimated 300,000 organizations that do business with the federal government.
The TDPMIS aims to reduce the burden of FOIA and TDP requests to speed up and reduce the cost of the federal procurement cycle. An estimated $35-70 million per year is spent fulfilling procurement requests. The agency can save money and redeploy resources if the information is retrieved and downloaded or printed locally by the requester.
TDPMIS is based on expressed user needs. The vendor requires speedy access and delivery of the technical data. Given the logistics and current infrastructures of many of the potential TDPMIS customers, the access must be via commercially available hardware and software, using existing open telecommunications channels. The TDPMIS system utilizes the previous agreement forged between Kinkos and NTIS for the remote use of Kinkos printing technologies to supply hard copies to requesters. In this case, the equipment may include color printers and plotters for the delivery of CAD/CAM drawings and graphics.
As part of the TDPMIS pilot project, the Naval Supply Depot in Philadelphia is providing access to its TDPs via the TDPMIS. Potential suppliers can locate the technical information they require, including graphics and drawings, and the Navy does not have the cost of responding to the requests. This saves several hundred thousand dollars per year at this single installation.
NTIS's approach to a project such as TDPMIS is to collaborate with private industry and DoD/DLA. They also look for the "best of breed" in COTS products for the infrastructure. NTIS is also working with commercial value-added networks and agents such as the ECRCs to support small business and the state-run PTACs. In this way, the technical research and development is performed by organizations other than NTIS.
Some aspects of the TDPMIS will actually be developed in parallel.
Western Telecommun-ication, Inc. (WTCI) was selected to provide
access to fiber optic cables. In addition, Scangraphics, Inc.
and SRC, Inc. have been funded to provide a competitive product
to that provided by WTCI.
NTIS acknowledges the customers' problems with legacy systems and, therefore, has built the front-end of the system into the client. The user simply installs a free plug-in for his machine when he first accesses the system.
NTIS has approximately 350,000 visits to its WWW sites per day. This increases during tax season when customers are accessing the tax forms online. They are working with a group that will bring together the technologies under Voice View where both voice and data can be communicated over the same line.
Discussion
The group discussed the need for real interactive analytical and modeling tools in addition to data for electronic commerce. Providing these tools online is problematic at the present time because these tools require more bandwidth than is currently available. Despite the apparent limitations at this time, NTIS is responding to user problems and asking whether its products meet the customer's needs. For example, in the procurement process addressed above, NTIS currently is dealing with the supply side of procurement, not the manufacturing side. To integrate with the manufacturing environment in the future will also require support for the financial aspects, and the standards for EDI are not yet well developed in this area.
NTIS receives no federal money for these additional efforts. They are developed and provided through business partnerships. NTIS sold about $1M of software last year to pay the way for these additional projects. $2M is expected next year. NTIS thinks this is sufficient revenue generation to grow this type of service over the long term. Once the system is beyond the prototype stage, there will be a cost associated with the use of the TDPMIS system, but the price has not yet been determined.