When President Barack Obama delivers his annual State of the Union address on January 28, he is unlikely to mention an array of information governance policy priorities that continue to pose a challenge for both Congress and government agencies. The one notable exception is the National Security Agency’s (NSA) surveillance programs; the president is expected to announce a number of new proposals to impose safeguards and limits on a variety of intelligence programs, some of which require approval from Congress.
However, lawmakers will continue to debate the need for legislative or regulatory action on a number of issues that impact information governance. These include consumer privacy protections, data breach notification standards, and cybersecurity, although the enactment of comprehensive legislation in any of these areas is considered unlikely.
In the wake of the NSA surveillance controversy, for example, civil liberties, civil rights, and technology organizations from across the political spectrum are continuing to urge Congress to pass reforms to the Electronic Communications Privacy Act to require the government to obtain a search warrant, based upon probable cause, before obtaining the content of personal e-mails and other electronic communications.
Also reacting to the NSA controversy, European Commission leaders want stronger data privacy protections from the United States, and they have proposed changes to the Commission’s safe harbor agreement, which enables U.S. companies to satisfy European Union privacy regulations in exchange for self-certifying that they abide by certain rules.
Multiple congressional committees continue to list cybersecurity legislation as a top priority in 2014, including cyber intelligence sharing and encouraging the private and public sectors to collaborate on standards, guidelines, and best practices. And as reported in more detail below, lawmakers are calling for government investigations into how companies can improve their defenses against data breaches following a massive breach at Target Corp.
At the agencies, the National Archives and Records Administration (NARA) will be seeking to step up implementation of the Managing Government Records Directive, which outlines reforms to agencies’ records management policies and practices. As reported in more detail below, the Office of Personnel Management met a deadline established in the directive to establish a formal records management occupational series to elevate records management roles, responsibilities, and skill sets for agency records officers and other records professionals.
In addition, the directive calls on NARA to produce by December 31, 2013, a comprehensive plan to describe suitable approaches for the automated management of e-mail, social media, and other types of digital record content, including advanced search techniques. ARMA’s December Washington Policy Brief noted that NARA is in the process of developing an automated electronic records management plan, a draft of which is anticipated to be available for public comment in late January. ARMA and its members will be encouraged to provide comments. Look for more information in next month’s Washington Policy Brief, and keep up with the latest via ARMA’s Twitter and LinkedIn social media accounts.