IT Compliance Advisor

Sep 17 2009   9:02PM GMT

3121 brings social networking and security challenges to Capitol Hill



Posted by: GuyPardon
Tags:
Social networking

By this point in 2009, most online users know about online social networking platforms like Facebook. Business users have seen many attempts to bring social networking and other Web 2.0 features within the enterprise, all of which are generally classified under the enterprise 2.0 label for social software.

This past weekend, I saw a preview of 3121, a social networking platform for Congressional staffers that can safely be termed “government 2.0,” applying the same technologies to link up the staffers roaming the halls of the House and Senate. For those unfamiliar, 3121 is the extension for the Capitol Hill switchboard.

3121 Profile page

As Andrew Nusca blogged yesterday, “Social media, digital directory collide on Capitol Hill with ‘3121’”. The launch of 3121, however, will now bring the same issues to government that exist in applying social software to businesses, given the compliance concerns that dog enterprise 2.0 collaboration platforms.

Chris Contakes, the chief technology officer (CTO) at National Journal Group, publisher of the National Journal, addressed a number of these concerns in an email interview yesterday, as 3121 launched. His interview follows, below. Here’s a look at the 3121 “dashboard:

What is the technological backbone for 3121? Is it just Jive, or is there more baked in?

The technological backbone is a combination of commercial software (Jive) and custom software developed by National Journal Group staff. Jive Software has developed software for numerous industries, including the intelligence community, where their solution was implemented for the building of A-Space.

What regulations or laws did you consider in building a commercial product for this particular audience?

Because 3121 is part of NationalJournal.com, we considered all the same laws and regulations we do for all of our editorial offerings that service the House, Senate and beyond. Additionally, we worked closely with the appropriate parties in the House and the Senate to address any potential product, security and ethics concerns in developing 3121.

How do they pertain to the terms of service you will pose to users?

Securely managing the data of our users has always been a focus of National Journal Group’s and, as an extension of NationalJournal.com, 3121 is no exception. For a complete copy of our Privacy Policy and Terms of Service, visit our privacy policy and terms of service.

What tracking technologies are part of 3121?

Tracking tools are limited to Google analytics for Web analytics. This information will be used to better understand how the community is using the application.

Will data from 3121 ever be offered or sold to third parties?

No.

How is privacy managed? Is encryption used? If so, where? Can administrators see all updates into accounts? Is the system configured to be audited or easily dumped for e-discovery?

Privacy is managed via many of the built-in privacy mechanisms that Jive offers. Encryption is used and all transactions and data are protected by SSL. Community managers have access to updates but have no reason or need to monitor. Access to this data is on a strictly need-to-know/need-to-see basis for system or community troubleshooting purposes only.

What safeguards are there for the input of personally identifiable information?

Accounts are tied to valid Hill email addresses only. For example, a forgotten password can only be retrieved by the holder of a valid Hill email address. Also, all data is encrypted over SSL.

Should legislation be discussed in the context of this network (a likelihood, given the people who will be using it), how will that fit in with the overall themes of openness and transparency set out by the new administration and its CIO and CTO?

3121 is about giving members of Congress and their staff the tools they need to be efficient and effective in their jobs, borrowing from the best practices of cloud collaboration, another theme important to the new administration and its CIO and CTO.

Discussions on 3121

I appreciate the time that 3121’s CTO spent offering my questions. Whether the provisions that have been made in designing the product are sufficient to prevent security issues or compliance headaches on Capitol Hill remains to be seen. The briefing I attended indicated that feeds from external Web services can be customized on Web pages. Given the acknowledged security risks of social networking platforms, there could be potential for malware or social engineering attacks, especially if shortened URLs enter the system. As Contakes pointed out, however, Jive has been responsible for a number of government enterprise 2.0 platforms, including A-Space, so these issues won’t be novel.

The larger issue here may rise above simple compliance or security concerns, however, to the existence of the platform. Staffers will have to decide whether the benefits of collaboration in the context makes more sense than the development of internal wikis, blogs or other alternatives, none of which are currently in much use around Congressional offices. There’s also a more philosophical question to consider: Should a commercial provider of news be the owner of a Congressional social network? The National Journal will have an opportunity to gain insight into both the legislative process and the information-sharing habits of staffers, although it won’t allow third-party access to such data. Contakes asserts that behavioral data will not ever be shared with a third party. The success of the platform may hinge on the National Journal sticking to its own policy — and to its administrators avoiding the urge to read the posts or messages designated “secret” by staffers.

On the Hill, after all, information represents power. That may turn out to be truer than ever as Congressional hallways become virtual.

3121 Profiles -- soon to be populated?

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: