Afterthoughts on the Digital Future

Afterthoughts on the Digital Future

by / April 15, 2002
Although the initial focus of the September 11 attack on the United States was justifiably limited to New York, Washington, D.C., and the federal government, no corner of the nation was left untouched by the unprecedented jolt to democracy. States discovered previously unrecognized vulnerabilities, including physical sites like monuments and public buildings, and systems that include the government's electronic infrastructure.

Some leaders in electronic government had already advocated some of the security applications that are now fully supported. Indeed, priorities in state and local government changed literally overnight. Amid the discourse about how these new requirements might affect government's ability to ensure the delivery of open democracy while providing necessary protections, life continued.

However, it is not life as we have known it over the past 50-plus years. Never before has America been forced to face its vulnerabilities. Never before has the link among the federal sector, state and local governments and citizens been so necessary. Public officials must grapple with questions that could not have existed prior to the Information Age. Specifically, how will technology be implemented and managed to ensure an open and democratic society in the shadow of that Tuesday in September?

Visions spoke with some of the nation's most ardent e-government supporters in October, prior to specific directives or guidelines from the federal government. These CIOs, legislators and IT administrators represent a variety of opinions on an uncertain future.

Linking a Nation
Richard Varn has been an e-government pioneer since he was appointed Iowa's CIO in 1999. He came to the position with a history of public service, having served as an assembly member and state senator. Varn's astute understanding of the political process has contributed to his ability to get executive support for some of the cutting-edge innovations that occurred under his watch. Varn's reflections on the post Sept. 11 world are a blend of focused concern for the integrity of his state's IT systems and consideration of the event in a historical context.

"We have been working for some time on an identity security project," he said. "We were doing it for more conventional reasons like knowing our customers and being able to do secure transactions with customers and being able to guard against identity theft. That was pretty pedestrian. All of a sudden, we have 19 stolen identities being used to crash planes as a contributing factor - it's a lot more serious now."

Varn expressed his frustration over the nation's current method of validating personal identity. "There are four factors that we are already doing. We just do them incompetently. We already do birth certificates. We require them to be presented to get a photo ID from the state. We take a photo of you, we affix that photo to a driver's license, and in some cases, law enforcement can look up that photo to verify that you are, in fact, the person that is standing in front of them. It's a four-point verification system - all four pieces of which don't work right now. I mean, they work, but for very limited purposes."

He added that databases for personal identity are not connected to each other. "It is possible for duplicates or multiple pieces of identification to be issued to a single individual in the current system."

"We are going to have to deal with security state by state like we already do. Identity is a creature of statehood. There is no national identity system. A Social Security number is based on a birth record. A birth record is a state record, or county or city. But all are creatures of the state. Identity is the state's responsibility and we are doing it badly.

"That has to change. To the extent that we want to be more secure and protect our liberties, why not build on the systems that we already have, which were not well done, and make them better, and raise the bar for identity theft? No system is fool proof but we can make it a lot harder [to abuse].

"In the broader context, what do we need to do that's different? There are several projects that we are already doing. The CJIS - criminal justice integration projects that many states are doing - needs to be accelerated and focus put on it."

Varn said this should be a priority for Homeland Security czar Tom Ridge, along with shoring up integrated emergency services. "The information systems that share emergency management data aren't adequate, and we all know that. Our level of preparedness for domestic terrorism is insufficient and we are going to see an enhanced role for state and local government."

The nation's response, Varn suggests, should be similar to that of the nuclear-threat era, when bomb shelters were built and Americans were on alert. "That kind of national effort, to prepare the state and local levels for this kind of domestic assault and terrorism is a major effort." He added it would be a multi-year, multi-billion dollar commitment to create a credible and effective defense system.

On a global perspective, Varn believes the eradication of terrorism will be a long-term battle with an elusive target. "Do you know the guy I think about these days? It isn't Norman Schwartzkopf. It isn't Colin Powell. It's Simon Wiesenthal, the Nazi hunter. We have horribly motivated people doing tremendous evil against others, repeatedly.

"We must set the time frame and not care how long it takes. It's been steady progress of tracking down every bit of information with patience that bends most politicians' minds.

"You can't put the technology genies back in the bottles with the stroke of a pen or a bomb. Having all of us at the government level take this longer view of what we are trying to accomplish keeps us from reacting in crazy ways and puts us in the right mode to handle the problem. The things that revolve around security, emergency management, criminal justice integration, identity security and databases that need to be related to each other has been our battle cry and now it's taken on more urgency."

Secure on All Sides
Texas was the first state to implement a statewide security assessment. The project covered the state's 200-plus agencies and looked at technology as well as policies and procedures. At the same time, state CIO Carolyn Purcell, always a strong advocate for e-government, was given increased authority with the passage of legislation that created the Department of Information Resources. Today she anticipates changes in the priorities of governments at all levels.

"State and local governments are now partners with the federal government in the protection of the information technology infrastructure," said Purcell. "All government is challenged by the performance of the financial industry to rise like Phoenix from the ashes and resume operations with minimal loss of information or momentum."

Because Texas had already completed some of the groundwork, Purcell said the state was able to respond rapidly to security and other concerns after the attacks. "It raised the level of awareness across-the-board - not only the technology awareness but awareness of policy issues regarding behavior as far as security is concerned."

In addition, the assessment earlier this year was impetus for interagency cooperation. "People at the big agencies have programs in place and are detecting problems. They could then alert the smaller agencies because we are all connected. This contributes to better preparedness on our part, certainly better than we would have been a year ago."

After the attacks, Texas Gov. Rick Perry created a Task Force on Homeland Security. The group will collaborate with the federal Office of Homeland Security and examine security measures related to the state's Mexican border, along with other issues. Purcell believes this focus is necessary in light of the potential for terrorist infiltration and attacks at almost any location. "This is a jurisdictional threat and there are many targets of opportunity. We have the issue of protection but we must also be able to respond anywhere, because this is universal. There is a need for good disaster recovery and business resumption planning. It becomes paramount."

Purcell recalled a recent visit to a World War II hangar at an abandoned base at a site euphemistically referred to as "rattlesnake" air base. There she saw wartime posters that told the story of another era, a different threat. One poster showed a beautiful young woman wearing a sailor-style dress. The caption warned, "Loose lips sink ships." The message, Purcell said, resonates in the 21st century. "On the policy side, security is everybody's job. It's something we all have to think about."

Maintaining Business as Usual
Very near the eye of the storm, emergency personnel from Fairfax County, Va., responded to the crisis in Washington, D.C., with people and resources. Under the leadership of CIO David Molchany, the county has repeatedly been cited as a model for good electronic government. Its Web site has 15,000 pages and gets more than one million visitors each month. That systems ran as planned throughout the disaster is not surprising, given Molchany's accomplishments and the fact the county lies in a technology hub.

Molchany was preparing to give a speech on electronic government at the National Press Club in Washington, D.C., when the Pentagon was attacked. Although disruption to business in the nation's capitol was to be expected, Molchany went home to a fine-tuned system.

"We already had security, but after [the attack], we had a more heightened sense of security. We also responded directly to the Pentagon with our fire fighters and police and urban search and rescue. We were down there for the duration. But we were different than many jurisdictions. More or less, business has continued as normal. We have tried to stress this throughout, that the government is working as usual.

"Our emergency operations opened almost immediately. That triggered coordinated work. Emergency operations use the telecoms, public safety and GIS - the whole communications system. Everything worked the way it was supposed to work."

The county had been developing collaborative plans with Virginia and other local jurisdictions. Molchany said these relationships were useful in a very critical area during the crisis: communications.

Fairfax County is a participant in the "Government without Boundaries" project, a federal, state and local Web collaboration, so Molchany is already aware of the value of interjurisdictional electronic communication. He supports the efforts of Mark Forman, the nation's new director of e-government, to develop applications that will deliver critical services without interruption and across state lines.

A Solid Constitution
A 25-year veteran elected official, Rep. Hunt Downer revolutionized the way the Louisiana State Assembly does business. Taking charge of an extensive renovation of the State Capitol in Baton Rouge, he seized the opportunity to place laptops throughout Assembly chambers, on the desks of every legislator. Consequently, Louisiana citizens have almost unprecedented access to legislative processes.

In addition, Downer is an honored veteran and a full colonel in the Army National Guard. It is in this capacity that he is currently serving his state and country, as special assistant to the adjunct general. He is a liaison to Louisiana Gov. Mike Foster and in charge of civil affairs and special projects. With this distinguished background, Downer brings a unique perspective to his observations about the future.

"Clearly, we now have to recognize that our country as we have known it in the past - with total openness - could be seen by some as a vulnerability. We now have to be security conscious without in any way closing government down to the public."

Downer is concerned about the lack of interoperability in law enforcement radio systems. He believes this is a problem that must, and can, be solved. Communications, along with heightened security will go a long way toward creating greater safety and confidence.

"Many of our state and local facilities have different security systems. In some cases, in one building, you can have multiple security systems in which you have multiple access cards instead of one with a central command center. What it's going to take is some cash expenditure and upgrades to systems that before were adequate to the needs."

Louisiana lawmakers, like people throughout the nation, have been forced to consider a new reality. "It has clearly refocused everyone's attention. To say that we were shocked would be an understatement. But if any one thing has come out of it, it's a heightened awareness of patriotism, a heightened awareness to serve, to engage in public service and of the many sacrifices of law enforcement and public service personnel. All of that is bringing together a sense of commitment to the goal of ensuring that the freedoms and the things we value endure."

Downer found it interesting that intelligence reports said Osama Bin Laden had ceased using electronic communication tools because correspondences can, in fact, be tracked. Downs credits the United States with the innovations that created the global Digital Age and brought government closer to the people.

"Many people may, for personal reasons, not want to go to public buildings with big gatherings of people. This makes it even more important that government be brought to them to ensure that the very principles of our government - openness and public input and participation - are kept at the forefront. There is actually going to be an increased need for continued use of electronic communications with government."

"I think the President said it best: If we succumb to fear, we have, in effect, allowed terrorism to take hold. At the same time, the challenges we face as we approach this war on terrorism and as we engage, is to make sure that the very foundation of our democracy - our Constitution - stands its test and we abide by it, that we don't use the exigency of this attack on our freedoms as an excuse to abuse or abridge the Constitution. As we heighten security and awareness, we have to do so within the confines of the Constitution and the meaning, spirit and intent that makes this country great. We can do it and we will do it."

Surprising Targets
As president of the National Association of State Chief Information Officers (NASCIO), Aldona Valicenti has a broad perspective on how technology leaders may respond to new demands for enhanced security. The Kentucky CIO also recognizes that, although few people think of Kentucky as a prime target for a terrorist attack, the state is on a short list of high-risk locations.

"It is definitely going to reset priorities. Security is on everybody's mind. Disaster recovery is on everybody's mind, which before seemed like a distant possibility. Even Kentucky, in the middle of the heartland, being very pastoral, we have Fort Knox and Fort Campbell, and we have an army depot around Lexington. We are a vital part of the defense environment and really, you don't think of Kentucky that way."

The annual NASCIO meeting scheduled for late September was cancelled. Valicenti said the organization hopes to convene a meeting of state CIOs to discuss the most critical issue, security. "Frankly, none of us need to reinvent. We need to share and to cooperate. The federal government wants to do this, too. There is a huge impact on how we are going to move forward.

"We also need to understand that what we had was a physical attack. This should also show us that we will probably continue to have cyber attacks which we have already experienced. Frankly, I think we will be experiencing them with greater frequency and vigor.

"Certain states are being asked to cooperate with law enforcement. A lot has changed dramatically in the last few weeks. When you look back at it, this is all non-productive. It is not helping us deliver services in a better way, it's not helping us to do things more rationally, or cheaper or to start something new, but it certainly brought the whole security issue to the forefront and it will spawn other issues that we haven't even begun to talk about."

Pushing a Unified Approach
During his tenure in the Virginia State Legislature, Rep. Joe May has led the charge to increase electronic government services for citizens. In a state distinguished by conservative politics, he has been a Digital Age mentor educating reluctant colleagues about the benefits of technology in governing. As a successful businessman, inventor and engineer, May was a pioneer in the electronic signature arena, patenting a multiple-signature technology more than 30 years ago. Based on his experience in the public and private sectors, he anticipates changes throughout government, business and society.

"We will definitely be looking at new priorities, such as resistance to cyber terrorism. Frankly, we had glanced at it but not paid sufficient attention. This is not a problem that happened on September 11 and then is gone. The Virginia Department of Motor Vehicles is where one group of terrorists got drivers' licenses. They found a loophole in the application, obtained the licenses fraudulently and established new identities. Not much attention had been paid to what was going on. With [Technology] Secretary [Don] Upson coming to his post, the emphasis on scrutiny has picked up. What happened on September 11 will also accelerate the process. Virginia never rushes into things. I enjoy our conservative image and approach."

Although May likes the conservative pace, he is frustrated by the lack of movement in creating intergovernmental systems that address national problems such as security.

"It has become apparent to me that the federal government rushes off in one direction without ever talking to the individual states. We have been trying to get the federal government to confer with the states that have taken an active role in trying to harness technology in government, and to develop a unified approach. There are good ideas on both sides and we need to commingle them. Admittedly, there's not a big precedent for doing that.

"We took our computers and privacy for granted. We've known that the bad guys are out there for years and yet we've practiced liaise faire. On Sept. 11 that changed. The days of saying goodbye to my daughter at the airline gate are gone. This is relatively minor in the scheme of things, but a portend of things to come."

A New Outlook on Safety
Steve Steinbrecher is known as an outspoken advocate for electronic government and, consequently, he's made Contra Costa County, Calif., a model for the smart use of technology. The county's CIO believes citizens own the systems; accountability is government's foremost responsibility; and it's good to share technology. Steinbrecher is keenly aware of the physical threats that accompany the nation's new military commitment and, as a CIO, he is vigilant about protecting the assets of the people he serves.

"With respect to the state of California, through the efforts of [CIO Elias] Cortez and his predecessor, I would be willing to bet that California's state CIO and county CIO's and city CIO's probably talk with one another more than most. So if there is a cogent policy [from the feds] that comes with a set of procedures that says, 'This is what we want to do,' we will be able to deal with that.

"The only technology challenge I can think of is maybe some change in our interfaces with the state; we don't do anything with the feds and probably won't. But the feds may pass something to the state that may then pass through to us.

"We are scared stiff, quite frankly. People have been walking around with the sense that we don't know how this will impact us down the road. There is more sensitivity to security issues. We have been trying to sell security in the county for almost five years and what happened on the 11th of September changes everybody's outlook on safety. Quite frankly, it makes my customer base - the citizens themselves - step back and ask, 'I wonder what my government can do to protect me.' It's a basic and fundamental issue. We are going to find out over the next six months."

Protecting a Nation
Over the coming months, decision makers will be grappling with essential concepts that fuel democracy. There will be an effort to reassure Americans that they are safe, that their government can and will protect them. What form these reassurances take will depend, in part, upon how much liberty citizens are willing to surrender in exchange for protection.

Can Americans adapt to the presence of armed guards, to being personally searched and questioned in high-risk arenas like airports or to having e-mail communications read by authorities? How will these affronts to our open society affect our collective agreement about democratic government as we have known it for more than 150 years?

Amid the unanswered questions are a few conclusions. There appears to be agreement that much better interjurisdictional communication is necessary. Government leaders may work on developing new standards for telecommunications that require a level of interoperability. There is consensus about the need for enhanced security in the physical sense and in electronic systems.

The full potential of cyber terrorism is not yet known. But, like the unimaginable attacks on America's physical symbols of freedom and democracy, a monumental electronic assault is a very real threat. Fueled by this awareness, digital leaders throughout the nation are crossing boundaries and borderlines to build a more secure digital future without sacrificing technology's promised benefits.