Congress

No, GPO doesn't have to print your secure IDs

ID card

Is it a tale of government helping government or one of private innovation getting crowded out by bureaucratic confusion?

On Oct. 21, the House Oversight and Government Reform Committee heard from Davita Vance-Cooks, director of the Government Publishing Office; GPO's inspector general; and representatives from the private sector who said GPO's work threatens to kill their business and weaken the security of feds' identification cards.

Kathleen Carroll, HID Global's vice president of corporate affairs, and James Albers, MorphoTrust USA's senior vice president of government operations, told lawmakers that agencies have been citing Title 44 of the U.S. Code as the reason they not only can but must skip competitive sourcing and give secure credential projects to GPO.

Agencies are misreading the law, perhaps willfully, witnesses said.

Vance-Cooks said, "We are a choice, and agencies are not required to use us" for secure credential work.

In response to a State Department letter alleging that Title 44 forced it to direct work to GPO, she said, "I think that if you look at the evidence, the State Department doesn't even believe what it wrote."

On the other hand, Vance-Cooks noted that "by law, the GPO can only cover its costs," which means it can potentially save agencies money.

In the course of the hearing, specific numbers were thrown out, and at each turn, private-sector representatives quoted lower costs and better electronic read rates than GPO (though the quotes were for a variety of card types).

Carroll made the case that secure cards are part of a bigger technological ecosystem that includes readers and connected infrastructure -- an ecosystem the private sector might be better equipped to handle.

Several lawmakers berated Vance-Cooks for delays in releasing GPO-dependent equipment, including card readers for the Transportation Worker Identification Credential, to the appropriate locations.

"I've never seen a more screwed-up program in my entire life," said Rep. John Mica (R-Fla.), who also criticized a GPO-printed ID for lacking certain components and looking "like it came out of a Cracker Jack box."

Vance-Cooks said GPO takes advantage of "the best of the best innovation" but admitted to employing fewer than five people for research and development into secure credentials.

Committee Chairman Jason Chaffetz (R-Utah) praised the private sector's ability to innovate on the basis of competition, though by the end of the hearing, he also praised Vance-Cooks for restoring his confidence in GPO with her testimony.

GPO IG Michael Raponi noted that audits had turned up a few compliance issues, but most of those issues were being rapidly addressed.

Chaffetz said he might be interested in amending Title 44 to clarify that agencies are not obligated to use GPO for secure credentials but can and perhaps should look to the private sector for solutions.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.