On Dec. 17, 2002, President Bush signed the E-Government Act into law. The signing was muffled amidst the drumbeat of war talk with Iraq, and with scant controversy behind its bipartisan passage, it was little more than a blip on the radar screen of the nation\u2019s media. Yet by the simple action of signing the act, the president had taken a giant step toward launching the federal government into the information age. E-government is designed to make it easier for citizens and businesses to access government information and services by encouraging interagency IT initiatives that, while improving customer service, also consolidate redundant systems, decrease paperwork, increase productivity and save money. As Mark Forman, associate director for IT and e-government at the Office of Management and Budget, told a gathering last year of the Open Group?a standards body?e-government will enable "an order of magnitude improvement in the federal government\u2019s value to the citizen; with decisions in minutes or hours, not weeks or months." Ultimately, it\u2019s about making government citizen-centric so that you can go to websites to get information about unemployment benefits, comment on proposed clean air rules or apply for an import license. You save time. And the government gets more for its IT dollars.That\u2019s no small matter. The federal government\u2019s proposed IT budget for the 2004 fiscal year is a whopping $59 billion. Yet that money has traditionally been appropriated and spent on an agency-by-agency basis, with little regard to how a system might fit into an overall federal architecture and with little focus on using IT to improve citizen services.Money and budgets aside, the E-Government Act is a logical extension of President Bush\u2019s management agenda, which cites e-government as one of the five key cornerstones of his efforts to run government more like a business. "The idea behind this law is for the federal government to take full advantage of the Internet and other information technologies to improve its efficiency and to secure its electronic information," said Sen. Joe Lieberman (D-Conn.), author of the act, in a statement released last December. The new legislation aims to further the inroads Forman and his staff at the OMB have been making; they have been using IT to help improve government efficiency and make services more responsive to citizens. The OMB\u2019s 25 various e-government initiatives are a prime example (see "Emphasizing Business Value," Page 48). One of the projects, the Department of Labor\u2019s Govbenefits.gov site, aims to help citizens locate and determine their eligibility for benefits and services. Patrick Pizzella, CIO at the DoL, is justifiably proud of the new site. "In 30 to 60 days, we\u2019ll have [close to] 300 government benefit programs on the site.... It saves [citizens] a lot of time, and it\u2019s available around the clock," he says. The act builds on the work already being done by the OMB and the federal CIO Council, and it pumps the power of law into the government\u2019s IT fuel tank. To establish accountability, it has created a new office within the OMB devoted to e-government strategy and implementation. It establishes a separate, $345 million E-Government Fund for interagency projects, requires basic standards for federal websites and privacy impact assessments for new systems, and calls for improved information security measures. (For major provisions of the act, see "E-Government Act of 2002 Highlights," opposite page.) "The bill is probably the most extensive piece of legislation to date on e-government," says Dave McClure, who worked on the legislation. McClure is vice president for e-government at The Council for Excellence in Government in Washington, D.C., a group that works to improve the government\u2019s performance. For their part, federal CIOs say the new law and its E-Government Fund finally gives them the legal and financial backing needed to make e-government happen. "The fund will support projects that try to find innovative ways to make it easier for the public to conduct business with the federal government," says Woody Hall, CIO at the Customs Service. Rosita Parks, CIO at the Federal Emergency Management Agency, also is a fan of the fund. "Having had managing partner responsibility for two e-gov initiatives with broad application since last August, and understanding how difficult it has been to garner resources for both initiatives, I believe that one of the most beneficial elements of the act is that it authorizes e-gov funds beyond the $100 million originally targeted," says Parks.Although Congress and the administration are clearly paving the way to creating a 24\/7 government, there are a number of hurdles ahead for the 60 or so federal CIOs who make up the CIO Council. Reformers are starting to chip away at the traditional stovepiped structure of the federal government?spurred by the integration of 22 agencies into the new Department of Homeland Security?yet the fact remains that an agency, not cross-agency, perspective is the norm. Until that changes, a functional framework for e-government will be nothing more than a tease and an empty promise. In addition, privacy and security issues will remain paramount as citizen information is increasingly gathered and exchanged among numerous agencies\u2019 systems. And the $345 million that the act authorized for the E-Government Fund over four years is subject to the legislative whims of Congress. That became clear in January when Senate appropriators slashed $40 million from the $45 million that was earmarked for the 2003 fiscal year. While the e-gov act promises major benefits in terms of service and efficiency, achieving true e-government won\u2019t happen until the players involved overcome some significant challenges.The Act\u2019s Guiding Principles\n\n\nMake it easier for citizens to interact with government. \n \n\nAttempting to find out which agencies are responsible for regulating nursing homes or protecting local rivers or regulating the amount of animal byproducts in the bratwurst you just consumed can be a frustrating trip through a byzantine collection of 22,000 agency websites. The act calls for improving the federal government\u2019s portal, Firstgov.gov, so that citizens will have access to better organized information in fewer clicks, regardless of agency. According to McClure, the act mandates uniform access to the government\u2019s functional services?paying taxes, applying for loans or getting disaster assistance, for example. "The goal is to do it simpler and faster, without navigating government bureaucracy," McClure says.\nAnother provision calls for e-rule making that allows citizens to comment on proposed regulations online. "It\u2019s a very democratizing provision," says Kevin Landy, a counsel on Lieberman\u2019s staff on the Senate Governmental Affairs Committee who worked on the e-government legislation. In January, the Environmental Protection Agency launched a new website (www.regulations.gov) that gives citizens and businesses a one-stop portal to submit their opinions on government regulations from all departments. Previously, the public comment process was difficult to use; for example, citizens needed to know the agency responsible for a specific rule and often had to submit the comment in writing. "E-rule making will allow citizens to participate actively by enabling them to be involved in federal rule making on their own terms at a location and time of their choice," said EPA Deputy Administrator Linda Fisher in remarks delivered at the time of the site\u2019s official launch. "This initiative will help assure the public that they have a role in making regulatory decisions, and that it can be done in a more timely and efficient manner."\nAnother significant plus: The OMB estimates that creating a single system for rule making will save $94 million.\n\n \n\n\n\n\nIncrease agency-to-agency cooperation.\n \n\nSince the birth of the nation more than two centuries ago, the federal government has grown up around an agency-centric structure. But today\u2019s government managers realize that for e-government to succeed, cross-agency partnerships are critical, whether it\u2019s the Department of Agriculture working with the Department of the Interior on geospatial mapping, or the Office of Personnel Management working with agencies to consolidate payroll systems. "We need to make choices based on citizens, as opposed to the specific department we come from," says Ira Hobbs, deputy CIO in the Department of Agriculture. To develop security standards, create website guidelines or make any other provisions of the act succeed, government CIOs will need to continue formulating common strategies.\nCommenced in late 2001, the OMB\u2019s Quicksilver initiatives have already been actively breaking down barriers as agencies have worked side by side developing e-government projects. And the OMB\u2019s IT team, led by Forman, has also been working with government CIOs on a number of other IT initiatives, including the development of a federal architecture. The act provides "additional momentum for what we\u2019ve been doing in terms of using IT to improve the value and delivery of government services," says Doug Bourgeois, CIO of the U.S. Patent and Trademark Office.\nJim Flyzik, who recently left government after serving in the Department of Homeland Security and as CIO at the Treasury Department, strongly advocates looking at government from a functional, not a stovepiped, perspective. And he thinks the act, as well as DHS, can do just that. "The evolution of the Internet and tearing down of lines of demarcation across entities is part of that evolution [toward a more functional view of government]. It allows a physical restructuring and better services," says Flyzik, who cofounded a Washington, D.C.-based government consulting firm, Guerra, Kiviat & Flyzik, last December. \n\n \n\n\n\n\nRaise the profile of government IT leaders by creating a new Office of Electronic Government and writing the federal CIO Council into law.\n \n\nThe new office will be part of the OMB and led by a presidential-appointed administrator. That person will also head the federal CIO Council, an interagency group of CIOs and deputy CIOs. Those two provisions legislate two groups completely devoted to improving governmentwide management of IT. Flyzik, who was vice chairman of the council, says he\u2019d been pushing to make the council law for some time. "We constantly tried to position the CIO Council to be a strategic force in setting the agenda for the administration," Flyzik says, adding that, by making it law, the council gains a lot more emphasis and authority.\nThe act sets out specific responsibilities for the new administrator, including capital planning and investment control for IT, the development of enterprise architectures, ensuring dialogue between the federal, state and local sectors, and overseeing the distribution of the E-Government Fund. A logical choice to head the new office is Forman, the government\u2019s top IT official. \n\n \n\n\n\n\nStrengthen privacy protections by requiring privacy impact assessments for new systems.\n \n\nCongress and the administration understand that Americans are justifiably concerned about privacy in their digital interactions. The provision calls for assessments any time personal information is collected on 10 or more people. The assessments must address what information is to be collected and why, how it will be used and secured, with whom it will be shared, and requires notice of how consent is to be obtained from individuals. "By requiring agencies to go through the process of answering those questions, I think we move a long way toward protecting the privacy of the American public," says Rep. Jim Turner (D-Texas), who introduced the legislation in the House. \nMcClure says that the importance of the provision is that assessments are now law. "In the past, there was guidance from OMB but nothing specifically in the law," he says. "That\u2019s a strengthening of privacy protections." Another provision requires agencies to provide privacy notices outlining their policies on their websites.\n\n \n\n\n\n\nImprove information security.\n \n\nIn 2000, Congress passed the Government Information Security Reform Act (GISRA), which required agencies to report on the security of their IT systems and build security into their business cases when making budget requests. Last year, Rep. Tom Davis (R-Va.), a key supporter of the E-Government Act in the House, introduced legislation to strengthen GISRA, which expired last November. That bill became the Federal Information Security Management Act (FISMA), which calls for security standards, annual independent audits and gives Congress more oversight over agency security matters. "Many have described it as GISRA with teeth," says Shannon Kellogg, vice president of information security policy and programs at the Arlington, Va.-based Information Technology Association of America, an industry trade group. FISMA became law in the E-Government Act.\nAgriculture CIO Hobbs is enthusiastic about the security mandate. "We clearly need to continue improving our cybersecurity posture across government. Having it [legislated] is good for all of us. It keeps our feet in the fire in the area where we need to spend time and resources," he says. Kentucky CIO Aldona Valicenti thinks it\u2019s one of the best things in the act, particularly because it makes it easier for states to interact securely with federal agencies. "You can imagine?I deal with Justice, Treasury, the EPA, [Health and Human Services]. If everyone has a different set of standards and a state wants to standardize on something else, we\u2019re just nowhere," she says. "The greater amount of coordination on the federal side is positive for states."Through many of its provisions, the E-Government Act gets the federal government out of the starting blocks, but managers and CIOs are going to be running 10-minute miles for a pretty long time. After all, one can\u2019t expect a single piece of legislation to quickly transform Washington\u2019s lumbering bureaucracy into a lean online machine. Implementing e-government\n\n\nThere is no federal CIO.\n \n\nIt\u2019s been seven years since passage of the Clinger-Cohen Act, which required federal agencies to appoint CIOs. That act was a giant step in getting agencies to acknowledge the importance of IT to their mission. But, in the minds of many, a large hole exists at the apex of the federal government\u2019s IT management structure, a hole that should be filled by someone with the federal CIO title. During a congressional committee hearing on the e-government legislation, Valicenti, testifying for the National Association of Chief Information Officers, urged the committee to create the position. "We wanted to provide a powerful position so that the federal government would adhere to standards and put more of their services online," she says. The sponsors of the bill in Congress, including Sen. Lieberman and Rep. Turner, agreed, and the initial legislation called for the creation of a CIO position within the OMB that would require Senate confirmation. \nBut ultimately, the Bush administration nixed the proposal. "Any administration probably has a natural tendency to oppose the creation of additional positions that require Senate confirmation. That\u2019s particularly true in an environment when the Senate is in control of one party [as it was at the time] and the administration in control of the other," Turner opines. "Secondly, there is a natural turf battle any time you\u2019re trying to elevate a position within the administration because OMB always has the belief that the director of OMB should be the one in charge of all management and budget issues, which in their mind, includes IT." Though Forman holds many of the responsibilities of the CIO position, his profile would likely be raised if he became the government\u2019s CIO. A person holding that title statutorially might have an easier time consolidating IT management powers into one position and would be in a stronger position to elevate IT to a higher level, helping to ensure that technology strategy is part and parcel of the federal government\u2019s management strategy.\n\n \n\n\n\n\nThe structure of the federal government makes successful e-government difficult.\n \n\nAs has been noted, the government\u2019s stovepiped structure has been institutionalized for more than two centuries. Even if cross-agency cooperation increases, the realities of the autonomous structure will make the process slow. Funding is one example. E-government requires that agencies offer services to citizens based on a functional perspective, "yet we program money on an agency perspective," says McClure; that is, agencies develop their own budget. He says the same holds true for performance outcomes. "Congress is trying to instill a performance-based approach to government, but it\u2019s been an agency focus, not a functional focus." \nGovernance is another whole ball of e-wax. "E-government sort of blows up traditional organizational structures, processes and authority, and erases organizational lines pretty fast," McClure notes. "Trying to agree on governance models on authority, control and responsibility will have to be worked out." \n"Bureaucrats guard their autonomy very carefully," says Darrell West, director of the Taubman Center for Public Policy at Brown University in Providence, R.I., "and e-government forces them to work together in ways they haven\u2019t in the past." \n\n \n\n\n\n\nAgencies have a lot of work to do when it comes to security.\n \n\nThe good news is that agencies are prioritizing information security more than ever, and the E-Government Act will reinforce that momentum. The less-than-good news is that some agencies are beginning their ascent to the security summit somewhere around sea level or worse. The latest Horn computer security report cards of federal agencies, announced by Rep. Stephen Horn (R-Calif.) last November, gave F\u2019s to 14 of 24 agencies. (The Social Security Administration earned the highest grade, a B-.) "I think the federal government still has a ways to go to get its house in order," says ITAA\u2019s Kellogg.\nThe challenge is even more acute for government agencies because citizens set a higher security bar for government than they do for the private sector, according to McClure. "If a government entity was hacked and credit card numbers [were stolen], public trust in government would suffer tremendously," he says. And, just as in the private sector, hacking government systems is a relatively common occurrence. "It\u2019s been a serious problem," says McClure, who previously worked as director of IT management issues at the General Accounting Office.\n\n \n\n\n\n\nPrivacy concerns remain a lightning-rod issue.\n \n\nE-government, by its very definition, means more data is collected and shared among agencies, and that raises the level of concern among privacy advocates. The Privacy Act of 1974, which put procedural safeguards in place to protect citizens\u2019 data, has held up surprisingly well for its age, but there are exceptions to that act that have increased over time. A major one is the "routine use" exception, which allows agencies to share information on individuals for the routine business of government. (For example, the Department of Education can share student loan information with the Treasury Department.) The danger is that routine use could increase as e-government expands, resulting in more personal information in the hands of agencies without the knowledge of individuals. "[The exception] is overused today already," says Ari Schwartz, associate director of the Center for Democracy and Technology in Washington, D.C. "In the e-gov world, the concern becomes more acute because the whole purpose is for agencies to share information when needed." \nSchwartz goes on to say that privacy protections have been weakened in the Bush administration, noting the failed Operation Tips (which encouraged citizens to report suspicious activity), new domestic surveillance rules passed last year that allow the FBI more liberty to gather information, and 2001\u2019s USA Patriot Act (which also allows the government more powers of surveillance). "Law enforcement should be able to do its job and share information in a reasonable way as long as its not invading privacy. But there needs to be oversight. [The country has] a history of the misuse of information," he says.\nOf course, many of those developments have been a direct result of the events of 9\/11. The tricky part for Americans is balancing the need for better information to prevent future terrorist attacks against the danger of losing their civil liberties.\n\n \n\n\n\n\nCitizens still lack access to government information.\n \n\nDoes the act turn the country into an e-democracy overnight? Absolutely not. The digital divide isn\u2019t going away. There\u2019s no public catalog of all the government information that exists online. Agencies aren\u2019t required to post online who they do business with. "Why is it the public can\u2019t come through Firstgov.gov and obtain information about who\u2019s doing business with government?" says Gary Bass, executive director of OMB Watch in Washington, D.C., a government accountability watchdog group. "I should be able to know if General Electric is doing business with the government and at the same time see if GE is violating any regulatory or legal requirements imposed upon it," Switching gears from businesses to citizens, he adds, "I should be able to see how safe my drinking water is and [find] data that tells me the quality of the water. That\u2019s the information the public is interested in." \nBy virtue of the E-Government Act, the Bush administration and Congress have admirably put the pedal to the metal in their quest to make government operate more efficiently and cost-effectively, and to make government services more accessible and responsive to citizens. The act\u2019s bipartisan support in both houses of Congress clearly demonstrates that our elected officials recognize the importance of using IT to improve government. But transforming government won\u2019t happen overnight; it will be a long and slow process, akin to watching a sapling grow to maturity. The E-Government Act injects the necessary fertilizer, but its roots will need plenty of time to take hold.