IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

When Policy Meets Practice: CIOs Juggle Tech Evolution, Legislation and Regulation

Legislation on the horizon could signal make-or-break issues for public CIOs. Here’s what you need to know about body-worn cameras, legalized marijuana and open data.

If it isn’t one thing, it’s another, and usually at the same time.

For public CIOs the challenges just keep coming. It’s often a juggling act. That’s all right: Most knew it when they signed on for the job — information technology is always a moving target. But the CIO has special responsibilities, tracking not just the technological evolutions, but also the legislation and regulations that must be woven into emerging IT.

And here come some more. What’s ahead for CIOs in this electric space where policy meets practice? Today we have police officers with cameras mounted to dashboards and body armor. Tomorrow, the coming wave of legalized marijuana. Then there’s the avalanche of public-facing open data and analytics within government. Each of these evolutions comes with a new set of technology questions and challenges, set against a developing regulatory framework.

Candid Camera

As of this spring, 34 states were considering 117 bills related to police body cameras, according to the National Conference of State Legislatures. With police use of force in the headlines, that should hardly come as a surprise. The University of Cambridge’s Institute of Criminology, for instance, reports that body-worn cameras reduced the use of force by about 50 percent, while complaints against police officers also fell 90 percent. Interest is high.

The federal government wants to help states adopt cameras for police officers. In late 2014, President Obama proposed a $75 million investment over three years to help law enforcement agencies purchase 50,000 body-worn cameras.

While lawmakers wrangle with privacy issues, public CIOs have their own concerns, chiefly: Where will they put all this video? “You are talking about massive amounts of data you have to dump into storage somewhere,” said Flint Waters, state CIO and director of the Wyoming Department of Enterprise Technology Services. “Most states are not well positioned to handle digital evidence of this scale.”

The answer likely lies in the cloud. Waters expects things to go in that direction, but it may take some time once people start talking seriously. In the long run, the discussion surrounding body cameras “helps force the conversation about leveraging cloud storage,” he said.

Cloud storage extends beyond the questions of capacity and into the realm of IT policy. “You have to think about your retention policies, which in turn brings in legal issues about how much you have to keep and for how long,” said Matina Koronis-Koester, president and CEO of systems integrator Digital Partners Inc.

Depending on the policies one writes, nearly any cloud system will need to be customized. “None of these systems really works right out of the box,” Koronis-Koester said.

Exactly how and where video data will be stored may not be up to the CIO entirely. Maryland, for example, recently enacted a law that would require the state’s Police Training Commission to develop and publish a policy for the issuance and use of body-worn cameras by law enforcement officers. Such regulatory efforts will almost certainly have IT implications, in so far as they will likely determine the duration of storage and other critical issues.

While those conversations play out, Waters will be wrangling with another issue. “Chain of evidence” may sound like a legal problem, but when it comes to body-worn video it is, at its heart, a technical issue.

Just as celebrity photos can be tweaked to erase cellulite, video can be modified to erase or alter a license plate number. “That can make a life or death difference in a trial,” Waters said. “So you need to capture the hash values [authenticity] of the images and be able to reproduce them at the time of extraction.” It isn’t technically difficult, but it’s a crucial element in the management of video evidence.

Rolling Right Along

Sometime in the past few years, the impossible happened and marijuana started to become legal, first in a medicinal context and then for recreational use. As of this spring, 23 states and the District of Columbia had laws legalizing marijuana in some form. For those of us of a certain age, this transcends the bizarre, but there it is, and now CIOs must figure out what to do about it.

What exactly is the IT challenge here? Let’s check with Washington state, which stands at the vanguard of legalization. The first recreational stores there opened in July 2014, and by the following spring the state had issued licenses to 153 stores, of which 138 were up and running, generating $1.2 million a day in revenues. A day.

That figure matters, since volume is in some ways at the heart of the IT scenario here. The state is charged with tracking every gram of cannabis from seed to consumption. “And that’s a business processes workload for us,” said Heidi Geathers, IT director for the Washington State Liquor Control Board. “We wanted to be sure product wasn’t slipping out of our supply chain, and we wanted to make sure product was not coming back in from the black market.”

This matter of traceability goes to the crux of marijuana’s IT challenge. “This is going to be the most heavily regulated product ever, and while it is not necessarily different from any other product, you will have people asking hard questions: How do I know this isn’t tainted? How do I know it isn’t getting to the kids? So there is the political situation that comes with a ton of additional scrutiny,” said T.J. Ferraro, chief technology officer at BioTrackTHC, a medical marijuana management tracking system.

These requirements make data collection for marijuana different from other regulated materials. “With alcohol, you don’t track all the way from the grape or the grain. You only start tracking when it becomes an ‘alcoholic substance,’ so there is a significant difference there,” said Amy Poinsett, co-founder and CEO of marijuana-related business technology company MJ Freeway.

Also unlike alcohol, which is tracked largely by the liquor board, marijuana tracking falls to several entities including law enforcement and the licensees themselves. Geathers has put together a cloud-based system for merging all that data, having found that the cloud offered the best scenario for streamlining connections between agencies. Her office also holds monthly meetings with all other stakeholders to ensure the data is flowing smoothly.

Washington already tracks a number of controlled items including Dutch flowers, Japanese fish and Washington state apples and cherries. But cannabis is different. “We felt like everybody was watching, from the number of media calls and questions we got,” Geathers said. “We spend a lot of time now talking to other states who want to know the pitfalls, what they can do that works well.”

That level of deep scrutiny demands an exceptional amount of transparency. “Every fraction of a gram of plant material needs to be tracked and accounted for,” Ferraro said.

From the CIO’s point of view, therefore, this is not a hardware problem and only barely a software problem. Legalized marijuana ultimately is a question of processes. To fulfill the technology burden, IT leaders will need to craft solid policies and procedures to ensure visibility and accurate tracking every step of the way.

More and More Data

The ability to collect, analyze, store and share mass amounts of data will eventually change everything. It will reshape the ways in which government interacts with citizens and dramatically overhaul the internal workings of public agencies.

It hasn’t happened yet. The Sunlight Foundation records only nine states and a handful of counties with open data policies on the books. Still, legislation is pending around the country to encourage states to share with greater transparency. Lawmakers also are looking at means to encourage greater use of data analytics within state government. They want to see rational decision-making and agency practices derived at the data-centric level. Fair enough.

In approaching the issues surrounding open data and analytics, public CIOs may find themselves with a new ally in the rapidly emerging chief data officer (CDO) position. Gartner predicts that by 2015, 25 percent of large global organizations will have appointed CDOs. The public sector is following suit: Colorado named a CDO in 2010 and New York City established the position in local government a year later. Such major cities as San Francisco, Chicago, Philadelphia and Baltimore all have CDOs.

This swelling of the CDO ranks will likely come as welcome relief to CIOs, who may find themselves at the center of policy and technology when it comes to the emerging data paradigm.

Utah provides a typical example of the present data landscape. With a variety of information-sharing projects underway across government, Utah CTO David Fletcher’s office is working closely with the governor to develop a formal business case for the management of big data. To that end, the state in January launched an open data portal (opendata.utah.gov) on the Socrata platform. Its 1,300 data sets reflect public safety, permits, education and a range of other civic functions. There are plans to add additional functions soon, including the departments of Health, Natural Resources and also Transportation, which already has a robust open data portal of its own.

That GIS-based portal, known as UPLAN, could serve as a model for public-facing data sharing. Researchers use it, regional planning councils tap into it, the economic development community refers to its holdings, and its data serves as a basis for environmental impact studies related to roads and construction.

When it comes to analytics, Fletcher is looking to big data tools. “We have a different way to deal with data, a way that enables quicker, more real-time solutions,” he said. “In the past it took months to analyze data before we could fully understand it. With Hadoop and other technologies, it is going to enable much more responsive government in the future.”

So far the state has mostly been able to grab what CIO Mark VanOrden calls the low-hanging fruit, the 800 or so data sets already available on agency websites. To move further, IT leaders will need to help agencies determine what other data is readily available (and most appropriate) to open up for public consumption. “That is going to be the biggest challenge,” he said.

Others see a potentially bigger hurdle still to be crossed. While policymakers are eager to see agencies dig deep into analysis — and while diverse advocates would like to see government data made more openly available — some caution that there may be a potential dark side to all this data-driven government.

“This is going to force us to go through quite a few iterations of soul searching. Sometimes in our zeal for technology, we release certain genies from the bottle and we can’t put them back again,” said Kon Leong, CEO of data management firm ZL Technologies. He likens open data to nuclear energy: It can be a positive force, but can it be contained? “All this knowledge can be used for good and also for not-so-good-reasons,” he said.

So add this to the list of CIO concerns. Open data and data analytics offer so much, but at what price? Privacy advocates in particular are going to be scrutinizing every newly opened database to ensure no one’s personal information is compromised.

Body cams, legal pot, open data: What do they all have in common? Each in its own way demonstrates the central role of the CIO and the state IT apparatus in general. With every evolution in society comes a monumental shift in policy and regulations, and the CIO’s office finds itself square in the center of the action each time, demonstrating every day the value of sound and thoughtful IT management.

For those who value a good night’s sleep, the glass is half empty. For those who find personal and professional satisfaction in the work of public service: definitely half full.