Thursday, July 22, 2010
The Government Accountability Office testified today on federal agencies’ use of Web 2.0 and the key challenges associated with their use, in meeting existing federal requirements related to privacy, security, records management, and freedom of informatio
In its testimony, GAO found that 22 of the 24 major federal agencies have a presence on Facebook, Twitter, and YouTube. “However, agency use of these technologies also may present risks associated with properly managing and protecting government records and sensitive information, including personally identifiable information.”  Key challenges include:
Privacy and Security Challenges
  • Determining how the Privacy Act of 1974 applies to government use of social media. . . .key officials we interviewed said they are unsure about the extent to which personal information that is exchanged in such forums is protected by the provisions of the Privacy Act.”
  • Ensuring that agencies are taking appropriate steps to limit the collection and use of personal information through social media. “Privacy could be compromised if clear limits are not set on how the government uses personal information to which it has access in social networking environments.”
  • Extending privacy protections to the collection and use of personal information by third party providers. . . “Uncertainty about who has access to personal information provided through agency social networking sites could diminish individuals’ willingness to express their views and otherwise interact with the government.”
  • Safeguarding personal information from security threats that target Web 2.0 technologies. . . “The extent to which FISMA makes federal agencies responsible for the security of third-party social media Web sites may depend. . . “
  • Training government participants on the proper use of social networking tools. “Use of Web 2.0 technologies can result in a blending of professional and persona use by government employees, which can pose risks to their agencies.”
Records Management and Freedom of Information Challenges
  • Determining requirements for preserving Web 2.0 information as federal records. . . there is “the question of whether information exchanged through these technologies constitute federal records pursuant to the Federal Records Act.”
  • Establishing mechanisms for preserving Web 2.0 information as records. . . “the types of records involved when information is collected via Web 2.0 technoligies may not be clear.”
  • Ensuring proper adherence to the requirements of the Federal of Information Act.. . “Determining whether Web 2.0 records qualify as ‘agency records’ under FOIA’s definition is a complex question.”
Agencies Have Taken Steps. GAO noted that the Executive Branch has taken a number of steps to address these issues. For example:
The key take-away? GAO did not say “stop!”