What's New in Civic Tech takes a look at highlights and recent happenings in the world of civic technology.

Federal Report: 18F Disregarded IT Security Requirements

The Office of Inspector General (OIG) for the U.S. General Services Administration has found that 18F, a federal digital consultancy that helps governmental agencies make better use of tech, had disregarded security rules and other procedures — choices that at times made sensitive information vulnerable to security breaches. 

The report, dubbed Evaluation of 18F’s Information Technology Security Compliance, was released Tuesday, Feb. 21, and the investigation was conducted by the OIG’s Office of Inspections and Forensic Auditing. Its genesis comes from another report in May 2016, which examined a data breach within the General Services Administration, where 18F is housed.

The key findings are as follows:

18F used IT that was not approved by General Services Administration IT. 18F failed to get proper authorizations to operate information systems. 18F circumvented General Services Administration IT assessment and authorization processes. 18F acquired new IT without the required CIO review and approval. 18F staff used unofficial email accounts to conduct GSA business. 18F’s leadership failed to ensure compliance. The report paints a picture of 18F as a young agency, filled with technologists, that has grown quickly, without always familiarizing its staff and leadership with procedural rules, all of which has led to standard security practices being ignored.

The report also offers six recommendations, which all come back to making sure that 18F is aware of and always following the General Services Administration IT regulations, rules and practices. Donna Garland, a spokesperson for the GSA, said in a statement that the organization fully accepts the report's recommendations.

Department of Defense Launches Open Source Initiative

The Department of Defense has launched Code.mil, an open source initiative aimed at encouraging technologists to use unclassified agency code in support of projects to bolster national security. 

The Code.mil URL redirects visitors to the department's GitHub page, an open source online repository of code for Defense Department projects, which programmers can then review before suggesting helpful changes.

In a statement, the program is described as “a direct avenue for the department to tap into a worldwide community of developers to collectively speed up and strengthen the software development process.” Any program code from the Department of Defense will now be hosted on GitHub, where it can be reused for other projects. Basically, the project is likely to serve both the government and the public, with the Defense Department being given access to a massive breadth of technical knowledge, while at the same time offering its governmental software tools for public use.

Currently, Code.mil stands as an experiment in open source collaboration, but has not yet been made official. The Defense Department will be taking public comments on its proposed open source strategy before it finalizes its team up with GitHub at the end of March.  

This is not the first time the Defense Department has looked outside its walls for help with technology. In August 2016, it turned to a team from Carnegie Mellon University to help build self-destructing drones. And in April 2016, the department began hosting “Hack the Pentagon,” an initiative designed to shore up cyberdefense by encouraging people to expose them.  

The Berkman Klein Center Releases Open Data Privacy Playbook

A new open data privacy playbook seeks to aid cities and other government agencies undergoing open data initiatives from releasing information that can violate individual privacies. 

The Berkman Klein Center for Internet and Society at Harvard University created the book, which is available for free download. In a statement, the center described the goal of the document as intended “to codify responsible privacy-protective approaches and processes that could be adopted by cities and other government organizations that are publicly releasing data.”

The relationship between open data and individual privacy has been a concern for many state and local agencies as they establish digital resources to make government more transparent. For some agencies it is still a new concept, while others have been grappling with finding a balance for years. In November 2014, Seattle launched a data privacy initiative to show the public how it collects and uses data. During that announcement, Michael Mattmiller, Seattle’s chief technology officer, emphasized the importance of collaborating with the public to ensure privacy in the open data era. 

“The trick that we really need to work on as part of our privacy efforts here in the city is to help the public trust in what we’re doing,” Mattmiller told Government Technology at the time. “There were some issues over the past couple years where the city made some decisions around technology, and we didn’t take that step of engaging the public to help them understand what we’re trying to achieve, and that’s created a bit of a gap at the moment.”

Los Angeles Dashboard Visualizes Homeless Shelter Demand

The Los Angeles Homeless Services Authority (LAHSA) has built an occupancy dashboard that tracks daily capacity at the city’s winter shelters in an effort to better visualize demand for such facilities in the city.

During Southern California’s winter season, the LAHSA’s Winter Shelters Program provides respite for those who are in need of shelter, expanding the city’s homeless shelter program in order to meet increased demand from late November through early March. The occupancy dashboard aims to increase civic understanding of the level of need for such shelters.

With this platform, users can customize the data sets that appear, with customizable options that include date, service planning area, L.A. County Supervisor District, L.A. City Council District, program and program bed capacity. The graphs this dashboard generates also display the mean temperature. 

This effort is powered by DataLA, the city’s effort to increase transparency, accountability and customer service through open data. Other efforts include Clean Streets Index, Street Wize and Road to 2400, among others.