Canceled procurement, gaps in VOIP, virtual currencies and the future of the Net

GAO cancels CMS procurement

The Government Accountability Office is putting the brakes on plans for a collaborative content management system to support the production of the hundreds of reports it issues every year.

Plans for the system, dubbed New Blue, have been in the works since July 2012. GAO posted a draft request for proposals in February 2014 and hosted an industry day for vendors. Officials had sought a commercial system that could be configured for the agency's data-driven reports on the performance of government agencies and programs.

According to contract documents, GAO used open-source tools to create the current system, and collaboration is accomplished via revision notes in documents -- an unwieldy approach for documents with multiple authors and editors. The ability for multiple users to collaborate on fact-checking was deemed critical for the new system. The tool was envisioned as a way to produce structured and tagged content and to publish that content to the Web and the agency's various social media feeds.

"It will also move us away from the PDF toward producing content in ways that are fully formatted for various platforms, be it Web, mobile or print," said GAO spokesman Chuck Young.

Officials planned to fund a competitive prototyping phase to test the proposals. However, a notice posted to FedBizOpps.gov on July 2 announced the cancellation of the New Blue procurement, citing the need for substantial revisions to the technical requirements, changes to the contract type and the elimination of the prototype competition.

"The initial responses did not meet our needs, so in the future we hope to gain more insights to properly move forward," Young told FCW.

DOE VOIP deployment left potential security gaps

The Energy Department's implementation of voice-over-IP telecommunications networks could have been smoother, according to a new report issued by the agency.

VOIP offers substantial consolidation of resources, but implementing the capability across more than a dozen locations left some potential security gaps, the July 1 DOE report states.

According to the report, DOE initiated or completed VOIP networks at a cost of more than $56 million. The review identified opportunities to improve the efficiency and enhance cybersecurity of the department's VOIP networks but also found that upgrades of aging telecom facilities, programs and sites were uneven, leaving behind some duplicative capabilities.

Officials said some VOIP implementations did not always apply required cybersecurity controls, increasing the risk of compromise. They blamed the uneven upgrades on a lack of a developed, coordinated approach to implementing VOIP capabilities.

For example, four sites at the Oak Ridge Reservation independently implemented VOIP networks or performed pilot projects to deploy new networks. The report also notes planning and coordination weaknesses at the agency's headquarters, the Hanford Site and the Pacific Northwest National Laboratory. The lab spent approximately $1 million to implement a system without adequately considering alternatives -- a decision that ultimately resulted in additional spending.

Contrary to federal requirements, seven of the nine sites officials reviewed had conducted limited or no vulnerability scanning and penetration testing on installed VOIP systems. The report also identifies weaknesses related to incomplete and/or untested contingency plans and failure to conduct or document the completion of periodic security control assessments.

The report states that DOE officials concurred with the findings and have taken corrective action in ongoing VOIP implementation efforts.

Report: Get CFPB more involved in virtual currency regulation

The Government Accountability Office wants the Consumer Financial Protection Bureau to be more involved in efforts to monitor virtual currencies such as bitcoin.

A GAO report cites the work of the FBI and other agencies in shutting down illicit markets for virtual currencies but says tougher government action is required and that CFPB could play a crucial role.

"Fundamental questions remain about what a virtual currency actually is, how it should be treated and what the future holds," said Sen. Tom Carper (D-Del.), chairman of the Homeland Security and Governmental Affairs Committee, in a statement. "That said, we do know that there appears to be growing global interest in these technologies, and that warrants a thoughtful and timely response here in the United States and around the world."

In the past, virtual currency issues have been addressed through interagency discussions and work groups focused on preventing "money laundering and other law enforcement matters," the report states. By adding CFPB to interagency efforts, as GAO suggests, emerging consumer protection issues could be more readily addressed.

Will the Internet be free in 2025?

When the Pew Research Center's Internet and American Life Project asked experts about the future of the Web, two-thirds predicted more openness, despite threats from government control and commercial encroachment.

Of the 1,400 computer and Internet experts, researchers and forecasters who responded, 65 percent said the Internet of the future would be more open while 35 percent said it would be less open, according to the report by researchers Janna Anderson and Lee Rainie.

Both groups agree that increased government surveillance and regulation and pressures from commercialization threaten the freedom of the Internet. A theme throughout the responses was that recent revelations about government and corporate surveillance will result in reduced online information sharing.

"Privacy issues are the most serious threat to accessing and sharing Internet content in 2014, and there is little reason to expect that to change by 2025, particularly given the cyber-terror threats confronting the Internet users and worldwide businesses," said Peter Vogel, an Internet law expert at Gardere Wynne Sewell, in the report.

But the notion that innovation would be stifled was not the majority opinion.

"If anything, it is privacy that will have to give way to openness, not the other way around.... Repressive governments will be working hard to stop the spread of information," said Jim Hendler, a computer science professor at Rensselaer Polytechnic Institute. "As today, there will be both good and bad news continually in that area, but over time, more integration, access and sharing will be a driving force."