Federal CIOs should pay attention to European Commission’s investigation into Android
Karen Evans, former OMB administrator for e-government and IT, encourages federal executives to understand how this case could affect the public sector “Bring...
Recently, the European Commission (EC) announced two significant antitrust actions against Google. The first focused on formal charges being brought to address the company’s abuse of dominance in the online search marketplace; the second focused on a formal investigation being initiated around Android, Google’s ad-subsidized mobile platform.
As the announcement stated, “The [Android] investigation will focus on whether Google has entered into anti-competitive agreements or abused a possible dominant position in the field of operating systems, applications and services for smart mobile devices.”
The two announcements mark a critical moment, not only for the EC and customers in Europe, but for public sector and enterprise users globally. As we’ve seen in the headlines since the April 15 announcement, a great deal has already been written about the charges. My goal here is not to rehash what has already been stated, but instead focus on Android and the underlying, lesser-known issues at play for government users.
It is important to consider the implications this series of events has on public sector entities. Vendor practices are particularly important for federal CIOs while procuring goods and services, in particular as it relates to “bring-your-own-device” (BYOD) policies. Considering Android’s prevalence in the public sector, the EC’s decision to investigate raises serious concerns regarding the due diligence a government CIO should conduct prior to procuring IT services or deploying BYOD within a federal agency. It is easy to lose sight of the fact that all mobile devices, Android included, serve another purpose in addition to their use as phones, maps and Web browsers. They are data-gathering tools, capable of amassing volumes of information about their users.
Last year, I co-authored a white paper discussing different ways in which federal CIOs can strengthen their contracts with IT vendors via improved data security. The paper concluded that cloud vendors need to be more transparent with regard to how they store, use, and monetize public sector data – especially vendors whose business models depend on advertising and the monetization of user data.
Agencies must be more explicit in their contracts concerning data-mining practices and data use outside of the stated, intended purpose. This is the responsibility not only of the federal CIOs but of vendors as well. Given these recent announcements, the need for transparency could not be more appropriate and timely. Government entities need to ensure their contracts include the proper terms and conditions which can be validated and enforced to meet the federal policies and procedures regarding data management and data use. This is increasingly important as government employees more frequently use their own devices at work and the boundaries for security and privacy become blurred.
It is the federal CIOs’ job to ensure the procurement process protects agencies from entering into agreements that jeopardize both internal and public data. Moving forward, CIOs must take the lead on these issues and work with their colleagues, including inspectors general, to push Google and other vendors for more transparency across platforms, including Android, as their use becomes more common within the federal government.
Karen Evans worked for the government for 27 years, including her last six as the administrator in the Office of E-Government and IT in the Office of Management and Budget. She now is the national director of the U.S. Cyber Challenge.
Federal CIOs should pay attention to European Commission’s investigation into Android
Karen Evans, former OMB administrator for e-government and IT, encourages federal executives to understand how this case could affect the public sector “Bring...
Recently, the European Commission (EC) announced two significant antitrust actions against Google. The first focused on formal charges being brought to address the company’s abuse of dominance in the online search marketplace; the second focused on a formal investigation being initiated around Android, Google’s ad-subsidized mobile platform.
As the announcement stated, “The [Android] investigation will focus on whether Google has entered into anti-competitive agreements or abused a possible dominant position in the field of operating systems, applications and services for smart mobile devices.”
The two announcements mark a critical moment, not only for the EC and customers in Europe, but for public sector and enterprise users globally. As we’ve seen in the headlines since the April 15 announcement, a great deal has already been written about the charges. My goal here is not to rehash what has already been stated, but instead focus on Android and the underlying, lesser-known issues at play for government users.
It is important to consider the implications this series of events has on public sector entities. Vendor practices are particularly important for federal CIOs while procuring goods and services, in particular as it relates to “bring-your-own-device” (BYOD) policies. Considering Android’s prevalence in the public sector, the EC’s decision to investigate raises serious concerns regarding the due diligence a government CIO should conduct prior to procuring IT services or deploying BYOD within a federal agency. It is easy to lose sight of the fact that all mobile devices, Android included, serve another purpose in addition to their use as phones, maps and Web browsers. They are data-gathering tools, capable of amassing volumes of information about their users.
Get advice on using quantum-resistant encryption from experts at NSA, the Navy Research Lab, Ciena and Verizon in our new Executive Briefing. Download today!
Last year, I co-authored a white paper discussing different ways in which federal CIOs can strengthen their contracts with IT vendors via improved data security. The paper concluded that cloud vendors need to be more transparent with regard to how they store, use, and monetize public sector data – especially vendors whose business models depend on advertising and the monetization of user data.
Agencies must be more explicit in their contracts concerning data-mining practices and data use outside of the stated, intended purpose. This is the responsibility not only of the federal CIOs but of vendors as well. Given these recent announcements, the need for transparency could not be more appropriate and timely. Government entities need to ensure their contracts include the proper terms and conditions which can be validated and enforced to meet the federal policies and procedures regarding data management and data use. This is increasingly important as government employees more frequently use their own devices at work and the boundaries for security and privacy become blurred.
It is the federal CIOs’ job to ensure the procurement process protects agencies from entering into agreements that jeopardize both internal and public data. Moving forward, CIOs must take the lead on these issues and work with their colleagues, including inspectors general, to push Google and other vendors for more transparency across platforms, including Android, as their use becomes more common within the federal government.
Karen Evans worked for the government for 27 years, including her last six as the administrator in the Office of E-Government and IT in the Office of Management and Budget. She now is the national director of the U.S. Cyber Challenge.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Related Stories
Rethinking continuous risk metrics to fortify federal cybersecurity
AI emerging as a not-so-secret business development weapon for government contractors
Correction to connection: Making federal performance review season less spooky