Creating a National Infrastructure for Digital Mental Health Services

Summary

The COVID-19 pandemic is exacerbating an existing mental health crisis to such a degree that many fear it will overwhelm the fragmented mental health delivery system in the United States. Rates of mental health problems—including depression, trauma- and stressor-related disorders, substance abuse, suicidal ideation, and suicide attempts—have increased during the COVID-19 pandemic. Scarce access to mental health services compounds the problem. Nearly 25 million Americans with mental health needs go untreated each year, and half of U.S. counties have no access to mental health care whatsoever. However, the current moment presents an opportunity. Even as the pandemic increased needs for mental health services, so too did pandemic-related shifts reveal the broad utility of and interest in digital solutions such as mobile apps, digital therapeutics, and digital therapy.

In the absence of regulation, however, ineffective and potentially harmful digital mental health products may make their way into consumer hands. Estimates suggest that over 20,000 digital mental health products exist, yet only five have received Food and Drug Administration (FDA) clearance. The FDA temporarily reduced their enforcement and review of these products due to COVID-19. But moving forward, addressing the largely unregulated space of digital mental health products is critical to mitigate harm of unverified digital mental health solutions. As examples of potential harms, companies have used digital products to offer services but from unlicensed providers, withheld client information from providers, or made data available to various third parties without following stated terms of services. Developing an infrastructure to regulate these products while also helping provide and reimburse effective and safe digital mental health solutions is essential to meet the overwhelming need for mental health services and ensure quality and equity in mental health care.

Federal Accessibility Standards for Fully Autonomous Vehicles

Summary

Self-driving technology is uniquely positioned to benefit people who cannot drive, including people with travel-limiting disabilities and many older adults. However, the lack of federal policy guiding the development of this technology has led to piecemeal recommendations that largely fail to guarantee accessible use in both public and private implementation scenarios. To leverage the full potential of self-driving technology, the Department of Transportation (DOT) should adopt accessibility standards to support autonomous transportation for people with disabilities and older adults. The Biden-Harris Administration has an important opportunity to reimagine accessible transit, capitalize on ongoing federal research programs such as the Inclusive Design Challenge, and extend the benefits of self-driving technology to those who need it most. If enacted, these recommendations will lead to increased independence, workforce participation, and mobility in the future of transportation.

Mitigating and Preventing the Existing Harms of Digital Surveillance Technology

Summary

The rapid adoption of Digital Surveillance Technology (DST) by state and local agencies is taking place in an under-regulated environment that is causing tangible harm to the communities and individuals these same agencies are tasked to protect. DST itself is plagued by fundamental flaws and vulnerabilities, issues compounded by a lack of safeguards in the environments where DST is deployed. The four biggest problems with government use of DST today are:

  1. Governments falling prey to predatory or negligently marketed DST that fails to consistently achieve stated functionalities or meet reasonable standards.
  2. Governments deploying DST in a way that does or could falsely implicate innocent individuals in criminal matters.
  3. A lack of systematic oversight that fails to ensure accountability, equity, transparency, or cybersecurity.
  4. Governments utilizing DST in a manner inconsistent with existing laws, ordinances, and regulations.

While these issues affect everyone, they disproportionately affect those who are falsely implicated in criminal matters as a result of DST, as well as the working poor (who have been historically over-surveilled). In addition to such human costs, overuse or misuse of DST exposes cash-strapped jurisdictions to multimillion-dollar lawsuits for violation of privacy and civil rights.

This proposal offers a set of actions that the Biden-Harris Administration could take to limit the harms of DST. Specifically, we recommend that the administration:

These actions would together begin to rein in the unchecked power of the surveillance complex that has attached itself to our nation’s law-enforcement systems. Doing so would advance racial and community equity across the United States while also helping restore public trust in law-enforcement institutions.

Section 230 Is Essential to the Internet’s Future

Summary

Section 230 is not a gift to Big Tech, and eliminating it will not solve the problems that Big Tech is causing. Those problems stem from a severe lack of competition. Repealing Section 230 will exacerbate those problems.

Section 230 is critical to the proper functioning of the Internet. To rein in Big Tech, the law should be supported, not weakened or repealed. The Trump Administration’s executive order on Section 230 should be repealed. Further, action to limit the power of large tech companies should be taken on three fronts: antitrust, privacy, and interoperability.

A Strategy to Blend Domestic and Foreign Policy on Responsible Digital Surveillance Reform

Summary

Modern data surveillance has been used to systematically silence free expression, destroy political dissidents, and track ethnic minorities before placement in concentration camps. China’s surveillance-export system is providing a model of authoritarian stability and security to the 80+ countries using its technology, a number that will grow in the aftermath of COVID-19 as the technology spreads to the half of the world still to come online. This technology is shifting the balance of power between democratic and autocratic governance. Meanwhile, the purported US model is un-democratic at best: a Wild West absent of accountability and full of black box, NDA-protected public-private partnerships between law enforcement and surveillance companies. Our system continues to oppress marginalized communities in the US, muddying our moral claims abroad with hypocrisy. Surveillance undermines the privacy of everyone, but not equally. Most citizens remain unaware of, unaffected by, or disinterested in the daily violence propagated by the unregulated acquisition and use of surveillance. The lack of coordination between state and local agencies and the federal government around surveillance has created a deeply unregulated surveillance-tech environment and a discordant international agenda. Digital surveillance policy reform must coordinate both domestic and foreign imperatives. At home, it must be oriented toward solving a racial equity issue which produces daily harm. Abroad, it must be motivated by preserving 21st century democracy and human rights.

Digitizing State Courts, Expanding Access to Justice

To overcome the unprecedented backlog of court cases created by the pandemic, courts must be reimagined. Rather than strictly brick-and-mortar operations, court must consider themselves digital platforms. To accomplish this, the U.S. Department of Justice (DOJ) – with support from 18F, U.S. Digital Service, the Legal Services Corporation, and the State Justice Institute – must build and fund professional and technical capacity at the state level to develop and adopt standardized digital infrastructure for courts and other justice agencies. Due to the replicable nature of this solution across states, the federal government is perfectly positioned to lead this effort, which will be more cost effective than if each court system attempted this work on their own. The estimated cost is $1 billion. 

This once-in-a-generation investment will allow courts to collect granular, raw data, which can help overcome the current backlog, increase access to the justice system, inform policies that drive down mass incarceration, improve transparency, and seed a public and private revolution in justice technology that improves access to justice for all Americans.

Challenge and Opportunity

The COVID-19 pandemic brought physical shutdowns to American courts and an unprecedented backlog of cases. In Connecticut, pending civil and criminal cases jumped 200 percent, and many trials are not scheduled to start until 2021. As of June, New York City had 39,200 criminal cases in backlog. Meanwhile, San Diego, California has 20,000 criminal cases waiting to be heard. These are just a small sample of a widespread national trend.

In an attempt to manage this moment, courts rapidly moved online and opened Slack channels and Zoom accounts. Quick action like this should be applauded. However, these solutions are undercut by the justice system’s long-term lack of investment in digital infrastructure.

Across the country, courts fail at data collection, publication, and use. States like California, Colorado, and Florida passed laws in recent years to collect more data created by the justice system, but they are in the minority. Many states still operate on paper and have little-to-no digital data. In Massachusetts, a state that spent over $75 million to digitize court infrastructure, courts still don’t electronically track judges’ decisions, bail rates, or even a party’s gender. Nationally, a 2015 study found that 26 state court systems could not provide “an accurate report on how many cases were filed and disposed in any given year” — the most basic of court data. Meanwhile, public trust in the courts recently fell by double digits and the U.S. ranks 36th globally on access to civil justice— behind Rwanda and on par with Kazakhstan.

This lack of reusable data puts a ceiling on our understanding of individual courts and what courts can do with technology. Without data, software solutions like those that help analyze a court’s caseload, automate court processes, or provide assistance to people representing themselves without an attorney, are out of reach. While the relationship between data and improved court understanding and efficiency has been well-known for at least 30 years, the existing failures of the justice system compounded by the pandemic demand sweeping action.

Plan of Action

To fix this systemic problem at its foundation, the DOJ should support state courts in the adoption of open data standards, modern data collection methods, and application programming interfaces (APIs). Collectively, this is the digital infrastructure needed to help courts manage the tens of thousands of cases that have piled up, become more efficient, and increase access to justice.

This approach is different from how justice system actors currently conceptualize managing information. Currently, agencies generally think about data only in its finished form: a court order, a pamphlet, or a website. Thinking as a digital platform requires justice system leaders to consider data not only in its end form, but as raw data that is accurate, publicly available, secure, and reusable.

To make this a reality, the reconstituted Office of Access to Justice in the DOJ, with support from 18F, U.S. Digital Service, the Legal Services Corp., and the State Justice Institute, needs to offer grant and technical support so local court systems can digitize court data and services. To do this, three layers must be created: information, platform, and presentation. This proposal supports the creation of the first two layers, setting the foundation for the development of the third.

The information layer encompasses all of a justice system’s structured and unstructured data, including case filing and case outcome data. Creating this layer means collecting and cleaning the standardized data that exists across court systems, but also turning unstructured data – like court rules and orders that are usually housed in PDFs or on paper – into structured data. Creating this layer is time-consuming and painstaking, but the process is replicable across jurisdictions, which is why funding and technical support from the federal government is important and more cost effective than relying on each state to recreate this process. The National Center for State Courts published open data standards for courts in 2019. By using these standards across the country, court-to-court and state-to-state comparisons become possible, which can better inform local need and complementary federal support.

The platform layer gives the data utility. This includes the adoption of data management processes and software and APIs. This creates a multitude of benefits. Most significantly, it allows courts to quantify and manage the case backlog by giving them ready access to usable information about what types of cases are pending, for how long, and why. Having readily useable data will also increase transparency by allowing administrators, policymakers, and researchers to dig into how courts function.

Publicly available, structured data also lowers the barrier to entry for entrepreneurs and researchers building solutions to mass incarceration and the access-to-justice gap, thus creating the presentation layer. We’ve already seen this in other markets: data from weather.gov informs weather forecasts on our devices and local government transit data populates real-time information on map applications. For courts, this layer may include a court data portal where the public can see, in real time, what’s happening at the court. The presentation layer could come in the form of a text message reminder system that helps people appear for their court date, which would decrease bench warrants and pre-trial detention. This data will also assist the adoption of online dispute resolution software, which allows courts to quickly resolve high-volume, low-stakes cases without requiring in-court hearings, saving time, money, and trouble.

Conclusion

By focusing on data infrastructure, localities will have the information to uncover and tackle the most pressing issues that they face. However, if the justice system continues on its current path, fewer people will have access to the courts, people will continue to languish in prison, and faith in the justice system will continue to erode.

Compliance as Code and Improving the ATO Process

A wide-scale cyber-attack in 2020 impacted a staggering number of federal agencies, including the agency that oversees the United States nuclear weapons arsenal. Government officials are still determining what information the hackers may have accessed, and what they might do with it.

The fundamental failure of federal technology security is the costly expenditure of time and resources on processes that do not make our systems more secure. Our muddled compliance activities allow insecure legacy systems to operate longer, increasing the risk of cyber intrusions and other system meltdowns. The vulnerabilities introduced by these lengthy processes have grave consequences for the nation at large.

In federal technology, the approval to launch a new Information Technology (IT) system is known as an Authority to Operate (ATO). In its current state, the process of obtaining an ATO is resource-intensive, time-consuming, and highly cumbersome. The Administration should kick-start a series of immediate, action-oriented initiatives to incentivize and operationalize the automation of ATO processes (also known as “compliance as code”) and position agencies to modernize technology risk management as a whole.

Challenge and Opportunity

While the compliance methodologies that currently comprise the ATO process contribute to managing security and risk, the process itself causes delays to the release of new systems. This perpetuates risk by extending the use of legacy—but often less secure—systems and mires agencies with outdated, inefficient workflows. 

To receive an ATO, government product owners across different agencies are required to demonstrate compliance with similar standards and controls, but the process of providing statements of compliance or “System Security Plans” (SSPs) is redundant and siloed. In addition, SSPs are often hundreds of pages long and oriented toward one-time generation of compliance paperwork over an outdated, three-year life cycle. There are few examples of IT system reciprocity or authorization partnerships between federal agencies, and many are reluctant to share their SSPs with sister organizations that are pushing similar or even identical IT systems through their respective ATO processes. This siloed approach results in duplicative assessments and redundancies that further delay progress. 

The next administration should shift from static compliance to agile security risk management that meets the challenges of the ever-changing threat landscape. The following Plan of Action advances that goal through specific directives for the Office of Management and Budget (OMB) Office of the Federal CIO (OFCIO), General Services Administration (GSA), Technology Transformation Service (TTS), and other agencies.

Plan of Action

The Office of Federal Chief Information Officer (OFCIO) should serve as the catalyst of several of activities aimed at addressing inefficiencies in the ATO attainment process. 

OFCIO should draft an OMB Compliance as Code Memorandum that initiates two major activities. 

First, the Memorandum will direct GSA to create a Center of Excellence within the Technology Transformation Service (TTS). The goals and actions of the Center of Excellence are detailed under “Action Two” below. Second, the Memorandum should require Cabinet-level agencies to draft brief “exploration and implementation plans” that describe how the agency or agencies might explore and adopt compliance as code to create efficiencies and reduce burden.1

OFCIO should offer guidance for the types of explorations that agencies might consider. These might include:

During the plan review process, the OFCIO should collaborate with the Resource Management Offices (RMOs) at OMB to identify agencies that offer the most effective plans and innovations.3 Finally, OFCIO should consider releasing a portion of the agency plans publicly with the goal of spurring research and collaboration with industry.

The General Services Administration should create a Cybersecurity Compliance Center of Excellence. 

OMB should commission the creation of a Cybersecurity Compliance Center of Excellence at the General Services Administration (GSA). Joining the six other Centers of Excellence, the Cybersecurity Compliance Center of Excellence (CCCE) would serve to accelerate the adoption of compliance as code solutions, analyze current compliance processes and artifacts, and facilitate cross-agency knowledge-sharing of cybersecurity compliance best practices. In addition, OMB should direct GSA to establish a Steering Committee representative of the Federal Government that leverages the expertise of agency Chief Information Security Officers (CISOs), Deputy CISOs, and Chief Data Officers (CDOs) as well as representatives from the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). 

The CCCE Steering Committee will research potential paths to propagate compliance as code that are not overly burdensome to agencies, deliberate on these initiatives, and guide and oversee agency innovations. The ultimate goal for the Steering Committee will be to devise a strategy and series of practices to increase compliance as code adoption via the Cybersecurity Compliance Center of Excellence and OMB oversight. 

The following sections detail potential opportunities for CCCE Steering Committee investigation and evaluation:

Study IT System Acquisition Rules for Vendor Compliance Information. The Steering Committee should review existing acquisition guidance and consider drafting a new acquisition rule that would require software vendors to provide ATO-relevant, machine-readable compliance information to customer agencies. The data package could include control implementation statements, attestation data and evidence guidance for the relevant NIST controls.4 In addition, the new system and process improvements should be agile enough to allow the incorporation of controls unique to a particular application or service.

Shifting the responsibility of managing compliance information from agencies to vendors
saves time and taxpayer dollars spent in the duplicative discovery, creation, and maintenance
of control implementation guidance for common software. The rule would be doubly
effective in time saved if the vendor’s compliance data package has common reciprocity
between agencies, allowing for faster adoption of software government wide.5 Finally, the
format of the data package should be open sourced, fungible and accessible.

Examine and Improve the Utility of System Security Plans (SSPs). System Security Plans are the baseline validator of a system’s security compliance and a comprehensive summary of an IT system’s security details.6 OMB and the CCCE Steering Committee should direct agencies to investigate the reusability and transmutability of System Security Plans (SSPs) across the Federal Government. A research-focused task force, composed of federal data scientists, compliance subject matter experts, auditors, and CISOs, should research how SSPs are utilized and draft recommendations on how best to improve their utility. The research task force would collect a percentage of agency SSPs, compare time-to-ATOs for various government organizations, and develop a common taxonomy that will allow for reciprocity between government agencies.

Create a Federal Compliance Library. The Steering Committee should investigate the creation of an inter-agency Federal Compliance Library. The library, most likely hosted by NIST, would support cross-agency compliance efforts by offering vetted pre-sets, templates, and baselines for various IT systems. A Federal Compliance Library accelerates the creation and sharing of compliance documentation and allows for historical knowledge and best practices to have impact beyond one agency. These common resources would free up agency compliance resources to focus on authorization materials that require novel documentation.

Explore Open Security Controls Assessment Language (OSCAL). The Steering Committee should explore the value added by mandating the conversion of agency SSP components to machine readable code such as Open Security Controls Assessment Language (OSCAL).7 OSCAL allows for the automated monitoring of control implementation effectiveness while making documentation updates easier and more efficient.

Conclusion

Federal compliance processes are ripe for innovation. The current system is costly and perpetuates risk while trying to control for it. The Plan of Action detailed above creates a crossagency collaborative environment that will spur localized innovations which can be tested and perfected before scaling government wide.

Frequently Asked Questions
Why is this recommendation important?
Current compliance processes are slow, costly and ineffective. They result in bureaucratic inertia that stalls the adoption of new technologies and exacerbates risk. The compliance-as-code recommendations outlined in this text dovetail with conclusions drawn from the Federal Cybersecurity Risk Determination Report and Action Plan to the President of the United States (2018). Compliance-as-code solutions match core actions that are necessary to address cybersecurity risks across the federal enterprise.
Why are OFCIO and TTS best positioned to lead these efforts?
OFCIO and TTS have been successful in guiding and monitoring agencies through a number of technology transformation initiatives including Data Center Consolidation Initiative, the HTTPSOnly Standard, and the FITARA Scorecard among many others. OMB OFCIO has the ability to direct agencies to develop exploration plans, as described above, and GSA TTS is well situated to stand up a new Center of Excellence to facilitate pilot initiatives and cross-agency collaboration. In addition, a Steering Committee for the Cybersecurity Compliance Center of Excellence (CCCE) that leverages the expertise of CISOs, Deputy CISOs, and CDOs as well as representatives from NIST and DHS CISA can ensure that GSA and OMB are developing guidance based on the actual situations within agencies. Greater participation and representation from agencies will ensure greater transparency, collaboration and adoption of new innovations.
How will these proposals make the ATO compliance process more efficient?
ATO processes have been a known encumbrance for some time. A handful of agencies have begun to explore automation and compliance as code, including, but not limited to, the Defense Digital Service Rapid ATO12 and the Centers for Medicare and Medicaid “Simplified and Guided Authorization for Rapid ATO” pilot. While many agencies recognize the need, most lack the resources to explore innovations and automate processes. These proposals aim to elevate the issue and proposed solutions to the White House level and align the most promising innovations with support and funding. Once solutions are identified and tested, they can be scaled for government-wide adoption.
Are there risks to centralizing all IT compliance in one library? Are there security concerns?
Published data formats provide greater security than proprietary counterparts. While the reference implementations and data formats must be open, the data collection and analysis of an operational system is fully protected by encryption. If required, certain SSPs can be delivered to new agencies on a by-request basis instead of being made publicly available.
Is it overly burdensome to ask agencies to convert their SSPs to OSCAL?
OSCAL integration across the Federal Government should be evaluated for burden and agencies’ current technical capacity to support OSCAL integration must be considered. Agencies should consider smaller-scale integrations of OSCAL as a starting point. Research should also be focused on potential time saved from automating compliance checks, streamlining the review process, and increasing the speed of adopting new technologies.
Are there any legal requirements or obstacles for agencies that may prevent them from participating in these reforms?
The request that software vendors provide machine-readable security documentation is to their own benefit. It is currently cumbersome and repetitive for a software vendor to provide information to support the ATO process on an individual basis every time their software is evaluated or implemented. Vendors already decide what information to share and are likely careful about what they choose to provide. A shared SSP library or reciprocity of SSP statements across agencies should not introduce any new legal obstacles or concerns into the process. Vendors should be made aware that any information they share is eligible for a cross-agency shared repository.
What exactly is the scope of the term “compliance as code”? in technical terms?
‘Compliance as Code’ is the automated implementation, verification, remediation, monitoring and reporting of compliance information and status. In technical terms, compliance as code can be facilitated by migrating the static SSP from Microsoft Word to OSCAL, including front matter, control implementation statements, and appendices. Additional examples of compliance as code include: evidence gathering and verification code, commit and pull-request automated testing, and DevOps context aware notifications and documentation. Developer tools such as an RMF and OSCAL-Aware GRC plugin for VS Code and continuous monitoring plugins can also be included.

Eliminating Cookie Click-Thrus: A Strategy for Enhancing Digital Privacy

Summary

Everyone hates cookie notifications, click-thrus, and pop-ups. While cookies give the web more functionality, their excessive use and attendant consent system can interfere with user experience and raises serious privacy concerns. The next administration should commit to finally resolving these and related issues by creating a digital privacy task force within the White House Office of Science and Technology Policy (OSTP). The task force would coordinate relevant agencies—including the Federal Trade Commission, Federal Communications Commission, and Department of Commerce—in working with Congress, state actors, and European Union partners to develop meaningful data-privacy protections.

Elevating Patients as Partners in Management of Their Health Data and Tissue Samples

Summary

From HIPAA to doctor-patient confidentiality, the U.S. healthcare system is replete with provisions designed to ensure patient privacy. Most people are surprised, then, to hear that patients in the United States do not legally own nearly any of their health data: data as diverse as health and medical records, labs, x-rays, genetic information, and even physical specimens such as tissue and blood removed during a procedure.

Providing patients with agency over their health data is necessary for elevating patients as partners in their own health management—as individuals capable of making genuinely informed and even lifesaving decisions regarding treatment options.

The next administration should pursue a two-pronged approach to help do just that. First, the administration should launch a coordinated and comprehensive patient-education and public- awareness campaign. This campaign should designate patient data and tissue rights as a national public-health priority. Second, the administration should expand provisions in the Cures 2.0 Act to ensure that healthcare providers are equally invested in and educated about these critical patient issues. These steps will accelerate a needed shift within the U.S. healthcare system towards a culture that embraces patients as active participants in their own care, improve health- data literacy across diverse patient populations, and build momentum for broader legislative change and around complex and challenging issues of health information and privacy.

The Digital Corps

The next administration should create a “Digital Corps” — a two-year early-career fellowship designed for the country’s top young technology talent to serve in the Federal Government. Such a program could compete for college graduates in technical fields and for other early- career technical professionals, potentially recruiting thousands per year. In an increasingly digital age, a transition accelerated by the COVID pandemic, a Digital Corps would improve government service delivery in critical areas, rebuilding trust in government, and create a broad talent funnel for the Federal Government to build the diverse, inclusive, and digital native workforce it needs in the 21st century.

Challenge and Opportunity

The Federal Government faces a massive talent problem, especially in technology. Approximately one-fifth of the federal IT workforce is under 40 years old, and in the Department of Veterans Affairs, in particular, less than 1% of the 8,000 IT workers are under 30 years old, while almost 17% are over 60 years old.1 As in other industries, software and technology are changing government for the better—if we can keep up. If a new generation of IT professionals is offered a chance to serve in meaningful roles, they can help us refashion a simpler and better government.

Technology talent is core to ensuring that government can better meet the needs of its constituents. Whether it has involved modernizing Medicare, improving access to VA services, or responding to the pandemic, the U.S. Digital Service, the General Services Administration’s 18F, and the Presidential Innovation Fellows have already demonstrated that design and technology are key to delivering better services to the American people.

There are approximately 65,000 computer science and 331,000 STEM college graduates each year.2 However, there is a gap in existing programs to hire early-career technologists. The Federal Government has created well-regarded programs for technology talent to serve, but none have focused on young technologists.

Generation Z wants to serve. Successful service programs—Teach For America, AmeriCorps, and others—demonstrate that college graduates are eager to contribute to public service. Technically-skilled college graduates, with many career options, are similarly interested in public service. The non-profit Coding it Forward runs the Civic Digital Fellowship, a cohort-based internship in federal agencies for college-aged technologists; in less than five years, they have placed over 200 young technologists from across the United States at eleven federal agencies, selected from over 3,000 applicants (with an acceptance rate under 10%). Recruiting even a small subset of computer science and STEM graduates for the Digital Corps could be extremely important for the Federal Government’s long-term IT workforce; in Coding it Forward’s summer 2020 cohort, over 34% of students stayed on with their agencies at the end of their fellowship, in either a full-time or part-time capacity, demonstrating the value of early-career opportunities. Federal agencies’ experiences with the Civic Digital Fellowship have shown that junior-level technology talent, when paired with mentors and staffed on high-potential projects, is capable of making a substantial, immediate impact in government.

Plan of Action

A Digital Corps would generate a diverse talent infusion of highly-skilled college graduates and other early-career technologists in the Federal Government, matching them with high-stakes work impacting government service delivery—including in information technology, cybersecurity, product management, design, program management, and acquisition. The fellowship would be designed to give Digital Corps Fellows a cross-agency cohort experience, senior federal mentorship, modern skills development, and the ability to rotate at least once in their fellowship. Digital Corps Fellows would also qualify for substantial federal loan forgiveness. Fellows would be placed across several agencies, rotating among placements and agencies to gain experience and broaden their skill set. After two years of high-intensity service, fellows would be able to compete for accelerated entry into conventional federal service and would be well-prepared for professional jobs or graduate school. Whether remaining in government or pursuing other opportunities, Digital Corps alumni will build the brand for federal service among early-career technologists and will serve as critical allies and advocates for the work of the Federal Government.

A small group of White House senior staff members—for example, Office of Management and Budget’s Deputy Director of Management, U.S. Chief Information Officer, U.S. Digital Service Administrator, and U.S. Chief Technology Officer—would serve as executive sponsors and champions.

The next administration should begin exploring the formation of a program office with dedicated staff, at the General Services Administration (GSA), where the Presidential Innovation Fellows program is housed, or the Office of Personnel Management (OPM), where the Presidential Management Fellows program is housed. Over the next 12 months, the goals of the program office would be three-fold:

1. Develop the core components of the fellowship. This would include:

2. Launch a recruiting funnel for the first cohort of Fellows to start in Fall 2021. Focus on building a pipeline of exceptional candidates by:

3. Build a path for the program to grow. If the first set of placements (e.g., 20-50 fellows) show strong reviews, design a scaling strategy that includes:

Top students have many options, but many want to serve. Important criteria to attract the next generation of technology talent to government include:

Conclusion

Given the challenges presented by the COVID-19 pandemic, the economy, systemic racism, and climate change, we need the most talented young people to serve in government. Talented law school graduates’ clerk for federal judges for a year or two before embarking on the rest of their careers; we should provide a pathway for talented technologists to similarly serve in the Federal Government.

A Digital Corps will also help taxpayers. Digital Corps Fellows would be less expensive, comparatively, than retiring federal IT employees. Moreover, as other federal digital programs like U.S. Digital Service and Presidential Innovation Fellows have shown, high-impact technologists help the government to be more effective and efficient, ultimately generating a strong return on investment.

Promoting Entrepreneurship and Innovation Through Business-to-Business (B2B) Data Sharing

Summary

To bolster competition, entrepreneurship, and innovation, the next administration should facilitate business-to-business (B2B) data sharing between startups and data-rich, established companies. Asymmetry in the digital economy is an existing market failure that, if left unchecked will continue to intensify to the detriment of consumer choice and our collective security.

Leveling the playing field requires policy to remove barriers to entry created by data advantages and to promote market competition through increased access to big data. Specifically, we propose that the Small Business Administration’s Office of Investment and Innovation establish a data-sharing program that gives entrepreneurs access to the data they need to improve algorithms underpinning their products and services. This would support a thriving and diverse ecosystem of startups that could in time yield valuable new markets and products.

Strengthening the Integrity of Government Payments Using Artificial Intelligence

Summary

Tens of billions of taxpayer dollars are lost every year due to improper payments to the federal government. These improper payments arise from agency and claimant errors as well as outright fraud. Data analytics can help identify errors and fraud, but often only identify improper payments after they have already been issued.

Artificial intelligence (AI) in general—and machine learning (ML) in particular (AI/ML)—could substantially improve the accuracy of federal payment systems. The next administration should launch an initiative to integrate AI/ML into federal agencies’ payment processes. As part of this initiative, the federal government should work extensively with non-federal entities—including commercial firms, nonprofits, and academic institutions—to address major enablers and barriers pertaining to applications of AI/ML in federal payment systems. These include the incidence of false positives and negatives, perceived and actual fairness and bias issues, privacy and security concerns, and the use of ML for predicting the likelihood of future errors and fraud.