GAO Calls for Rules to Govern Fed Use of Web 2.0

22 Major Agencies Have Presence on Facebook, Twitter, YouTube

July 23, 2010.
GAO Calls for Rules to Govern Fed Use of Web 2.0

T

See Also: Risk Based Approaches to Data Protection

wenty-two of 24 major federal agencies have a presence on Facebook, Twitter and YouTube. And though such Web 2.0 technologies can transform how federal agencies engage the public by allowing citizens to be more involved in the governing process, government use of such technologies presents security and privacy challenges, the Government Accountability Office told Congress on Thursday.

"As the popularity of social media has grown, they have increasingly been targeted as well," said Gregory Wilshusen, the GAO's information security issues director, in testimony delivered to the House Oversight and Reform Subcommittee on Information Policy, Census and National Archives. "Thus, as agencies make use of Web 2.0 technologies, they face persistent, sophisticated threats targeting their own information as well as the personal information of individuals interacting with them. The rapid development of Web 2.0 technologies makes it challenging to keep up with the constantly evolving threats deployed against them and raises the risks associated with government participation in such technologies."

Wilshusen pointed out that the Federal Information Security Management Act holds agencies responsible for the security of information collected or maintained and for information systems used or operated on their behalf. "The extent to which FISMA makes federal agencies responsible for the security of third-party social media websites may depend on whether such sites are operating their systems or collecting information on behalf of the federal government, which may not be clear," he said.

Federal law limits the government's collection of information about citizens, yet it's ambiguous as it relates to social networking sites where members post details about their lives and express opinions on a wide range of matters. Wilshusen suggested that the government might need to adopt rules to address what information it can collect and disclose in the Web 2.0 arena. "Unless rules to guide their decisions are clear, agencies could handle information inconsistently," Wilshusen said. "Individual privacy could be affected, depending upon whether and how government agencies collect or use personal information disclosed by individuals in interactive settings."

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Texas Drops Xerox Breach Lawsuit

Texas has dropped a lawsuit that it filed last year against Xerox related to a dispute over access...

Latest Tweets and Mentions

ARTICLE Texas Drops Xerox Breach Lawsuit

Texas has dropped a lawsuit that it filed last year against Xerox related to a dispute over access...

The ISMG Network