White House to host “social media summit” to advance conspiracy theory about ideological bias

In May 2019, a new White House campaign to collect data on social media bias is raising free speech and privacy alarms – and the Trump administration has been far less than transparent about the project’s purpose or the policies … Continue reading

Continued use of personal email and encrypted messaging in White House exposes accountability hole in public records laws

In 2019, journalists, politicians and pundits shouldn’t be asking whether White House officials should using WhatsApp. If a given encrypted or ephemeral app does not have archiving built in, public servants should not use it for public business, much less … Continue reading

Open Government Partnership IRM finds backsliding in the USA

This White House’s decision to continue U.S. government participation in the Open Government Partnership was far from certain, given the demonstrated distaste of the Trump administration for international agreements and institutions. In that context, The Trump administration’s commitment to participating … Continue reading

After years of delays and democratic regression, USA releases weak open government plan

If the American public wants to see meaningful progress on transparency, accountability or ethics in U.S. government, it should call on Congress to act, not the Trump White House. With little fanfare or notice, the United States of America has … Continue reading

U.S. Civil Society Groups release model National Open Government Action Plan

This is the week for seeking feedback on open government in the United States. 4 days ago, the White House published a collaborative online document that digitized the notes from an open government workshop held during Sunshine Week in March. Today, Abby Paulson from OpenTheGovernment.org uploaded a final draft of a Model National Action Plan to the Internet, as a .doc. I’ve uploaded it to Scribd and embedded it below for easy browsing.

Nelson shared the document over email with people who contributed to the online draft.

Thank you so much for contributing to the civil society model National Action Plan. The Plan has made its way from Google Site to Word doc (attached)! We will share these recommendations with the White House, and I encourage you to share your commitments with any government contacts you have. If you notice any errors made in the transition from web to document, please let me know. If there are any other organizations that should be named as contributors, we will certainly add them as well. The White House’s consultation for their plan will continue throughout the summer, so there are still opportunities to weigh in. Additional recommendations on surveillance transparency and beneficial ownership are in development. We will work to secure meetings with the relevant agencies and officials to discuss these recommendations and make a push for their inclusion in the official government plan. So, expect to hear from us in the coming weeks!

From Stickies to Wikis: White House seeks online feedback on open government

In a followup post, the White House shared a link to a collaborative online document where the notes from an open government workshop held during Sunlight Week were posted online for comment. In doing so, they moves from sticky notes to a wiki.

What will come of asking the broader public for feedback on the ideas that a workshop of advocates and policy wonks in DC suggested? Stay tuned.

Obama names top Facebook engineer director of White House IT, creates Presidential IT Committee

Davidrecordon

In its search for technology talent, the White House has been recruiting heavily from Google of late, including U.S. chief technology officer Megan Smith. Today, President Barack Obama showed that his administration also likes Facebook, announcing that engineer David Recordon would upgrade the White House’s technology infrastructure. The news was first reported by Yahoo.

“In our continued efforts to serve our citizens better, we’re bringing in top tech leaders to support our teams across the federal government,” said President Obama, in a statement. “Today, I’m pleased to welcome David Recordon as the Director of White House Information Technology. His considerable private sector experience and ability to deploy the latest collaborative and communication technologies will be a great asset to our work on behalf of the American people.”

On the one hand, it’s terrific to see The White House attract top tech talent. Getting David Recordon into public service should be a win for the American people. Based upon a somewhat cryptic hint he posted on Facebook last August, it appeared that he was involved in helping to fix Heathcare.gov and another unnamed important project. The blog post that went up at WhiteHouse.gov confirmed that Recordon was “one of those engineers.” Bringing the best engineers the administration can find into the U.S. Digital Service will help the nation avoid more IT catastrophes, and Recordon, a notable open standard advocate who helped develop OpenID, is clearly one of them.  That’s good news.

On the other hand, while being the first “Director of White House Information Technology” is clearly great copy for the tech press, working to “ensure that the technology utilized by the White House is efficient, effective, and secure” sounds more or less what the White House chief information officer should be — and has been – doing for years.

Just look at the responsibilities for the Office of the CIOPer Federal News Radio, the White House CIO for the past two years, Karen Britton, stepped down in January 2015, without any announced replacement since. Michael Hornsby, the director of engineering and operations within OCIO, served as acting CIO. This all leads me to hypothesize that Recordon has effectively been named the new White House CIO but doesn’t have that title.

Regardless, here’s hoping Recordon’s considerable expertise leads to improvements in an information technology infrastructure that has come a long way since 2009 (read this) but still lags the private sector.

President Obama signed an official presidential memorandum today creating the role and establishing an “Executive Committee for Presidential Information Technology” made up of the “Assistant to the president for Management and Administration, the Executive Secretary of the National Security Council, the Director of the Office of Administration, the Director of the United States Secret Service, and the Director of the White House Military Office.”

According to the memorandum, which is embedded beneath and reproduced in plaintext below (it’s not online at WhiteHouse.gov yet), this committee will “shall advise and make policy recommendations to the Deputy Chief of Staff for Operations and the Director with respect to operational and procurement decisions necessary to achieve secure, seamless, reliable, and integrated information resources and information systems for the President, Vice President, and EOP.”

In other words, these folks will advise the director on how to by, build and run tech for the White House.

Presidential Memorandum White House IT:

https://www.scribd.com/embeds/259313174/content?start_page=1&view_mode=scroll&show_recommendations=true

[Photo Credit: Brian Solis]

THE WHITE HOUSE
Office of the Press Secretary

For Immediate Release March 19, 2015
March 19, 2015
MEMORANDUM FOR THE SECRETARY OF DEFENSE
THE SECRETARY OF HOMELAND SECURITY
THE DIRECTOR OF THE OFFICE OF MANAGEMENT AND
BUDGET
THE NATIONAL SECURITY ADVISOR
THE DIRECTOR OF THE OFFICE OF ADMINISTRATION
SUBJECT: Establishing the Director of White House
Information Technology and the Executive
Committee for Presidential Information Technology
By the authority vested in me as President by the Constitution
and the laws of the United States of America, and in order to
improve the information resources and information systems
provided to the President, Vice President, and Executive Office
of the President (EOP), I hereby direct the following:
Section 1. Policy. The purposes of this memorandum are to
ensure that the information resources and information systems
provided to the President, Vice President, and EOP are
efficient, secure, and resilient; establish a model for
Government information technology management efforts; reduce
operating costs through the elimination of duplication and
overlapping services; and accomplish the goal of converging
disparate information resources and information systems for the
EOP.
This memorandum is intended to maintain the President’s
exclusive control of the information resources and information
systems provided to the President, Vice President, and EOP.
High-quality, efficient, interoperable, and safe information
systems and information resources are required in order for the
President to discharge the duties of his office with the support
of those who advise and assist him, and with the additional
assistance of all EOP components. The responsibilities that
this memorandum vests in the Director of White House Information
Technology, as described below, have been performed historically
within the EOP, and it is the intent of this memorandum to
continue this practice.
The Director of White House Information Technology, on
behalf of the President, shall have the primary authority to
establish and coordinate the necessary policies and procedures
for operating and maintaining the information resources and
information systems provided to the President, Vice President,
and EOP. Nothing in this memorandum may be construed to
delegate the ownership, or any rights associated with ownership, 2
of any information resources or information systems, nor of any
record, to any entity outside of the EOP.
Sec. 2. Director of White House Information Technology.
(a) There is hereby established the Director of White House
Information Technology (Director). The Director shall be the
senior officer responsible for the information resources and
information systems provided to the President, Vice President,
and EOP by the Presidential Information Technology Community
(Community). The Director shall:
(i) be designated by the President;
(ii) have the rank and status of a commissioned
officer in the White House Office; and
(iii) have sufficient seniority, education, training,
and expertise to provide the necessary advice,
coordination, and guidance to the Community.
(b) The Deputy Chief of Staff for Operations shall provide
the Director with necessary direction and supervision.
(c) The Director shall ensure the effective use of
information resources and information systems provided to the
President, Vice President, and EOP in order to improve mission
performance, and shall have the appropriate authority to
promulgate all necessary procedures and rules governing these
resources and systems. The Director shall provide policy
coordination and guidance for, and periodically review, all
activities relating to the information resources and information
systems provided to the President, Vice President, and EOP by
the Community, including expenditures for, and procurement of,
information resources and information systems by the Community.
Such activities shall be subject to the Director’s coordination,
guidance, and review in order to ensure consistency with the
Director’s strategy and to strengthen the quality of the
Community’s decisions through integrated analysis, planning,
budgeting, and evaluation processes.
(d) The Director may advise and confer with appropriate
executive departments and agencies, individuals, and other
entities as necessary to perform the Director’s duties under
this memorandum.
Sec. 3. Executive Committee for Presidential Information
Technology. There is hereby established an Executive Committee
for Presidential Information Technology (Committee). The
Committee consists of the following officials or their
designees: the Assistant to the President for Management and
Administration; the Executive Secretary of the National Security
Council; the Director of the Office of Administration; the
Director of the United States Secret Service; and the Director
of the White House Military Office.
Sec. 4. Administration. (a) The President or the Deputy
Chief of Staff for Operations may assign the Director and the
Committee any additional functions necessary to advance the
mission set forth in this memorandum.
(b) The Committee shall advise and make policy
recommendations to the Deputy Chief of Staff for Operations and
the Director with respect to operational and procurement 3
decisions necessary to achieve secure, seamless, reliable, and
integrated information resources and information systems for the
President, Vice President, and EOP. The Director shall update
the Committee on both strategy and execution, as requested,
including collaboration efforts with the Federal Chief
Information Officer, with other government agencies, and by
participating in the Chief Information Officers Council.
(c) The Secretary of Defense shall designate or appoint a
White House Technology Liaison for the White House
Communications Agency and the Secretary of Homeland Security
shall designate or appoint a White House Technology Liaison for
the United States Secret Service. Any entity that becomes a
part of the Community after the issuance of this memorandum
shall designate or appoint a White House Technology Liaison for
that entity. The designation or appointment of a White House
Technology Liaison is subject to the review of, and shall be
made in consultation with, the President or his designee. The
Chief Information Officer of the Office of Administration and
the Chief Information Officer of the National Security Council,
and their successors in function, are designated as White House
Technology Liaisons for their respective components. In
coordination with the Director, the White House Technology
Liaisons shall ensure that the day-to-day operation of and
long-term strategy for information resources and information
systems provided to the President, Vice President, and EOP are
interoperable and effectively function as a single, modern, and
high-quality enterprise that reduces duplication, inefficiency,
and waste.
(d) The President or his designee shall retain the
authority to specify the application of operating policies and
procedures, including security measures, which are used in the
construction, operation, and maintenance of any information
resources or information system provided to the President, Vice
President, and EOP.
(e) Presidential Information Technology Community entities
shall:
(i) assist and provide information to the Deputy
Chief of Staff for Operations and the Director,
consistent with applicable law, as may be necessary to
implement this memorandum; and
(ii) as soon as practicable after the issuance of
this memorandum, enter into any memoranda of
understanding as necessary to give effect to the
provisions of this memorandum.
(f) As soon as practicable after the issuance of this
memorandum, EOP components shall take all necessary steps,
either individually or collectively, to ensure the proper
creation, storage, and transmission of EOP information on any
information systems and information resources provided to the
President, Vice President, and EOP.
Sec. 5. Definitions. As used in this memorandum:
(a) “Information resources,” “information systems,”
and “information technology” have the meanings assigned by
section 3502 of title 44, United States Code.4
(b) “Presidential Information Technology Community” means
the entities that provide information resources and information
systems to the President, Vice President, and EOP, including:
(i) the National Security Council;
(ii) the Office of Administration;
(iii) the United States Secret Service;
(iv) the White House Military Office; and
(v) the White House Communications Agency.
(c) “Executive Office of the President” means:
(i) each component of the EOP as is or may
hereafter be established;
(ii) any successor in function to an EOP component
that has been abolished and of which the function is
retained in the EOP; and
(iii) the President’s Commission on White House
Fellowships, the President’s Intelligence Advisory
Board, the Residence of the Vice President, and such
other entities as the President from time to time may
determine.
Sec. 6. General Provisions. (a) Nothing in this
memorandum shall be construed to impair or otherwise affect:
(i) the authority granted by law to an executive
department, agency, entity, office, or the head
thereof; or
(ii) the functions of the Director of the Office of
Management and Budget relating to budgetary,
administrative, or legislative proposals.
(b) This memorandum shall be implemented consistent with
applicable law and appropriate protections for privacy and civil
liberties, and subject to the availability of appropriations.
(c) This memorandum is not intended to, and does not,
create any right or benefit, substantive or procedural,
enforceable at law or in equity by any party against the
United States, its departments, agencies, or entities, its
officers, employees, or agents, or any other person.
BARACK OBAMA
# # #

White House moves WhiteHouse.gov to HTTPS by default, tying privacy to security

The_White_House-https

A .gov website that uses HTTPS encryption by default for its visitors is a superb example of “privacy by design.” On March 6th, the Federal Trade Commission enabled encryption for FTC.gov. When I visited whitehouse.gov tonight, I found that the White House digital team had flipped the site for what’s likely the most prominent government website in the world. The White House Web team confirmed the change just after midnight.

According to Leigh Heyman, director of new media technologies at the White House, over the next few days, the team be migrating other domains, like the bare domain name, whitehouse.gov, and m.whitehouse.gov, over to HTTPS as well, joining http://www.whitehouse.gov.

“Americans care about their privacy, and that’s what the White House’s move to HTTPS by default is about,” said Eric Mill, an open government software engineer at 18F. “The White House’s use of HTTPS protects visitors’ personal information and browsing activity when they connect to whitehouse.gov across the vast, unpredictable network of computers that is the internet.”

If you’re unfamiliar with HTTPS, it’s a way of encrypting the way you connect to a Web server online. Specifically, HTTPS refers to layering the Hypertext Transfer Protocol (HTTP) on top of the Secure Sockets Layer (SSL) or Transport Layer Security (TLS). What that means in practice is that your requests to the Web server and the pages results from it are encrypted and decrypted. Why does that matter? Consider, for instance, if someone is looking up sensitive health information online and visits a government website without HTTPS that also has data collection.

“Use of https is generally considered to be good practice, however, as opposed to unencrypted, regular http, although it adds a small amount of extra processing and delay to do the encryption,” commented Eugene Spafford, a Purdue University computer science professor and founder and executive director of the Center for Education and Research in Information Assurance and Security.

“HTTPS primarily provides three things: greater authentication, stream privacy, and message integrity. A quick look at the site doesn’t reveal (to me) anything that would likely require privacy or heightened message integrity. The most immediate consequence is that parties connecting to the website can have increased confidence of the site’s authenticity because a signed certificate will be employed. Of course, most people don’t actually verify certificates and their roots (cf. Superfish), so this isn’t an ironclad identification.”

Why does this matter?

“This immediately creates a strong baseline of privacy and security for anyone in the world, American or otherwise, who visits the White House website — whether to read their blog, learn more about the President, download official policies, or anything else inside whitehouse.gov,” said Mill.

“At a basic level, what a person sees and does on whitehouse.gov should be between them and the White House. When someone reads official policies published on whitehouse.gov, they should be confident that policy is real and authentic. The White House’s use of HTTPS by default means those promises just got a lot stronger.”

Ashkan Soltani, the FTC’s chief technologist, explained why that federal agency shifted at the Tech@FTC blog:

As a quick primer, HTTPS encryption secures your communications while in transit with websites so that only you and the website are able to view the content. The lock icon now appearing in your browser represents that the communication is encrypted and eavesdroppers are unable to look in. At this time, secure browsing is generally not a requirement for federal websites, but it is considered an industry best practice. Transit encryption is an important safeguard against eavesdroppers and has been the subject of previous investigations where we alleged companies failed to live up to their security promises when collecting personal information. It’s an important step when websites or apps collect personal information, and is a great best practice even if they don’t.

What broader trends does this tap into?

The White House moving to HTTPS is part of a larger move to lead by example in promoting privacy and security best practices, related Soltani, over email.

“I believe we’ll see a slow shift over the next few years of websites and services moving to HTTPS by default,” he said, “something a number of standards bodies including ISOC, IETF, and IAB have also called for.”

Along with FTC.gov, Mill highlighted the Privacy and Civil Liberties Oversight Board (PCLOB), the independent agency charged with balancing the rights of American citizens against the security steps taken in the wake of the terrorist attacks of 9/11, to HTTPS.

They’re far from alone: “Last month, 18F worked with 19 other .gov domains to go the distance to ensure browsers would always connect to them over HTTPS,” said Mill.

“Tt’s important to understand that what’s happening now in the federal government is what the broader internet has been working on for a while: making privacy the default.

The standards bodies that guide the internet’s development are recommending that the internet be encrypted by default, instructing their working groups to prioritize encryption in new protocol development, and declaring a more secure future for the web. The fastest versions of HTTP today already require encryption in major browsers, and it’s becoming easier to imagine a future where web browsers proactively warn users about unencrypted websites.

This is also why every .gov that 18F builds with its partner agencies uses HTTPS, full stop. We work hard to demonstrate that HTTPS can be fast, inexpensive, and easy. It’s a better future, and a practical one.”

The kind of privacy and security the White House is offering its visitors is what we should come to expect from the entire web, not just websites someone thinks are “sensitive”. All Web browsing is sensitive, and the White House’s leadership here reinforces that.”

It looks like Chris Soghoian, the principal technologist at the Speech, Privacy and Technology Project in the American Civil Liberties Union, is going to have a good day tomorrow.

While the Obama administration has taken its lumps on digital privacy after revelations of bulk surveillance of the Internet backbone by the National Security Agency, this is undeniably an important step towards securing the traffic of millions of people who visit whitehouse.gov every month.

Now that the White House is leading by example, hopefully other federal, state and local government entities will also adopt the standard.

“Everyone should want a simple feeling of privacy as they use the web, and confidence that they’re at the real and exact website they meant to visit,” said Mill. “While not everyone is highly attuned to watching for that padlock in their browser, the more websites that add it — especially high profile ones like the White House — the more that people can depend on that promise being met.”

President Obama announces forthcoming action on immigration using Facebook

President Barack Obama shared the news that he would address the nation tomorrow night regarding an executive actions he would take on immigration on Facebook before embedding the video on The White House blog and tweeting a link to it.

Even in late 2014, when the use of social media has become part of the warp and weft of American society and political discourse, seeing the president “go direct” to the people online, not through media, on an issue of this magnitude is worth noting. Over the past year, the Committee to Protect Journalists have hammered the Obama administration on transparency and White House photographers have criticized restrictions on access. Even tough critics of the administration’s record on access for photos or transparency, however, acknowledge the role social media and the Internet has now taken on in getting the words of the president out to the people he serves.

On that count, the fact that the “big four” broadcast TV networks in the U.S., CBS, Fox, NBC and ABC, are not airing the speech is noteworthy, as is that fact that Telemundo and Univision will carry it live.

People that want to listen over the Internet will be able to do so at whitehouse.gov/live or radio.

For more on the news, read the Washington Post’s report on the context that surrounds the executive action and a short history from the past 70 years of actions other presidents have taken on immigration, all of which should be considered in the context of the time, Congress and their longterm efficacy.