2020 in review: Tech policy adjusts to new norm of telework in pandemic
The year 2020 will be remembered as one when federal policymakers swung from being telework-hesitant to all-in on allowing personnel to perform their jobs remotely to keep them safe.
Amid the Trump administration‘s normal rhythm of IT and tech-related policy updates in 2020, the COVID-19 pandemic hit, forcing the federal government to issue rapid guidance to keep federal agencies and operations running smoothly during mandates for social distancing.
While some agencies had telework policies in place prior to the arrival of the coronavirus stateside, many didn’t — and almost none had put them into action at the scale they would during the pandemic. But in a matter of days, that would all change, as administration leaders issued new policies that guided how the government operated in a remote and virtual way for the remainder of 2020, and perhaps longer.
On March 15, as most of the nation was still sizing up the gravity of the crisis, the federal government took unprecedented action to offer maximum telework flexibilities to agencies across the capital region. While not an IT policy per se, Office of Management and Budget Memo M-20-15 set the government on the course to send employees home and test the limits of a full-scale federal remote workforce.
Within days, OMB issued another memo, M-20-16, with more specific actions agencies would have to take to slow the spread of COVID-19. “[T]he Government must immediately adjust operations and services to minimize face-to-face interactions, especially at those offices or sites where people may be gathering in close proximity or where highly vulnerable populations obtain services,” the memo said. OMB would look to put its money where its mouth was, too, by requesting billions of dollars for telework and IT needs to ensure continuity of operations during the most challenging early days of the pandemic.
Then, on March 22, OMB’s Margaret Weichert digitally signed M-20-19, guidance on “Harnessing Technology to Support Mission Continuity,” perhaps the most important IT guidance issued in 2020. While none of the memo’s guidance introduced anything new necessarily, it directed agencies to “utilize technology to the greatest extent practicable to support mission continuity” and heavily emphasized existing capabilities like digital signatures, virtual private networks, identity and access management policies, and virtual collaboration tools.
“In response to the national emergency for COVID-19, agencies are directed to use the breadth of available technology capabilities to fulfill service gaps and deliver mission outcomes,” the memo reads. It also came with a set of frequently asked questions and resources for agencies to make decisions during the early days of their pandemic response.
The same day, Weichert signed another memo urging contracting officers to extend teleworking opportunities to government contractors. Prior to that, contractors had been left in limbo over whether they were still required to report to government buildings or could access their work remotely.
Though these guidance memos on how agencies should operate in a remote environment were introduced just days into the pandemic response, they are still just as relevant as 2020 comes to a close, with a large portion of the federal workforce continuing to work from home as COVID-19 rages on more than nine months later.
If anything, 2020 will serve as a starting point for discussions in 2021 on technology’s capacity to support remote work in the future — and the government’s inclination to break free of dated requirements that dictate in-office time for the workforce.
TIC 3.0 and AI
On top of the policy related to telework and COVID-19, the Trump administration issued new guidance related to the government’s evolving use of technology. In particular, 2020 saw new policy on Trusted Internet Connections (TIC) and the use of artificial intelligence both in and out of government.
Just last week, the Cybersecurity and Infrastructure Security Agency introduced network security guidance for remote work under TIC 3.0. The new use case further illuminates the cloud-enabled flexibilities agencies have under TIC 3.0 to support secure telework as personnel connect to agency networks externally.
Before this, CISA issued finalized versions of initial TIC 3.0 core guidance — the Program Guidebook, Reference Architecture: Volume 1 and Security Capabilities Catalog — in July. The first two documents will be fairly static and the latter a living document that adds capabilities and controls into use cases as they’re announced.
Now, the CISA team is working to issue finalized guidance under TIC 3.0, which will likely include a use case for zero-trust security.
Additionally, the Trump administration made a strong push in 2020 to set a foundation for AI in the government.
As early as last January, the White House began issuing guidance on how agencies should govern the development of artificial intelligence in the private sector. In a set of binding principles, the administration hoped to set a consistent global standard for how AI is developed that every country in the world can adopt.
The White House’s regulatory focus on AI continued in November, issuing more guidance for agencies on how to regulate artificial intelligence applications produced for the U.S. market.
“While narrowly tailored and evidence-based regulations that address specific and identifiable risks could provide an enabling environment for U.S. companies to maintain global competitiveness, agencies must avoid a precautionary approach that holds AI systems to an impossibly high standard such that society cannot enjoy their benefits and that could undermine America’s position as the global leader in AI innovation,” the memo states.
But the most meaningful AI policy for agencies came in early December through an executive order with nine principles and a policy process for agencies to implement AI the public can trust. The order borrows heavily from principles already established by the defense and intelligence communities, extending them to civilian agencies outside the national security space.
“Artificial intelligence can be an important tool to help modernize government and ensure federal agencies are effectively and efficiently delivering on their missions on behalf of the American people,” said Michael Kratsios, U.S. chief technology officer, in the announcement. “This executive order will foster public trust in the technology, drive government modernization and further demonstrate America’s leadership in artificial intelligence.”
Other policy highlights
- OMB issued guidance for agencies to move to more secure Internet Protocol version 6 (IPv6) systems and services completely by 2023.
- In June, President Trump signed an executive order allowing federal agencies to prioritize skills-based hiring in addition to traditional educational-based requirements.
- The White House and the Pentagon agreed on a plan in August for the fastest transfer of federal spectrum for commercial 5G wireless use in history, without affecting military operations.