Federal Times Blogs
The Senate Homeland Security and Governmental Affairs Committee voted May 21 to limit the federal dollars spent on oil paintings of government officials – and restrict who gets to have themselves painted.
The aptly named Responsible Use of Taxpayer Dollars for Portraits Act of 2013, co-sponsored by Senators Jeanne Shaheen, D-N.H., and Tom Coburn, R-Okla., would permanently cap the amount of each painting to $20,000 and would limit those eligible to those in line for presidential succession.
While the government is currently prohibited from spending money on oil paintings of government officials the ban lasts only through this fiscal year, while the current legislation would be permanent. Federal officials could still use non-federal sources of money for any cost overruns.
Reports from the New York Times and other organizations have said the government spends upwards of $800,000 on oil paintings of officials and each one could cost $50,000.
Sen. Mary Landrieu, D-La., voted against the bill saying during the vote amount is still excessive, and will instead work to renew the ban through the annual spending bills.
Coburn said while he doesn’t believe the government should spend any money on oil paintings, the legislation is a compromise that has a chance of passing before the ban expires at the end of September.
On May 8, the House Armed Services Committee voted on the National Defense Authorization Act of 2015 – about 15 minutes after midnight. The committee voted on hundreds of amendments and debated the legislation for more than 12 hours before finally passing it.
You have probably heard some of the highlights of whats in the bill, but here is a longer list of stuff that made it in that you might not have heard about.
Now remember, the bill still needs to be voted on by the full House and then by the Senate, so there are still changes that can happen. But as of right now, these items are in the legislation.
1. An extension of a spending cap on contract services through fiscal 2015 – which prevents the Defense Department from cutting civilian employees and transferring the work to contractors, according to amendment sponsor Rep. Colleen Hanabusa, R-Hawaii. The NDAA caps spending on contract services at fiscal 2010 levels.
2. Another provision forces DoD to eliminate any unauthorized personal services and contracts for any inherently governmental functions and reduce the spending on contractors for work close to being inherently governmental to “the maximum extent practicable.”
3. A prohibition on DoD changing what can be sold in base exchanges and commissaries. Many lawmakers have proposed cuts to the commissary budget while others have pushed to limit sales of various items.
4 A rule requiring DoD to determine which of its workforces – military, civilian or contractor – would be most cost-effective when determining work assignments for non-critical mission areas.
5. The extension of a pilot program that allows whistleblowers to appeal cases from the Merit Systems Protection Board to any circuit court – instead of being restricted to the federal circuit court – for three more years.
6. The Defense Department would be exempt from energy efficiency measures and metering efforts identified in the Energy Independence and Security Act of 2007. Currently DoD must reduce energy use in its domestic facilities and encourage energy efficiency efforts.
7. DoD cannot build a biofuel facility without Congressional approval. Some lawmakers are concerned DoD plans to purchase or refurbish a biofuel facility.
8. DoD must report on how much it costs to transport members of Congress on trips outside the United States.
9. A prohibition for DoD against purchasing biofuels except for testing purposes until the price per gallon is the same as traditional fuel. The Navy has been pushing biofuels as an environmentally friendly alternative to traditional fuel.
10. The NDAA reduces the number of enlisted aides that support general officers. Right now they are limited to 300, but the bill would reduce that number to 244.
11. The NDAA was actually renamed the “Howard P. ‘Buck’ McKeon National Defense Authorization Act for Fiscal year 2015″ after the chairman of the House Armed Services Committee, who is stepping down at the end of the year.
On April 2, 2012 a General Services Administration Inspector General report detailed wasteful practices at an $823,000, 2010 regional conference in Las Vegas, leading to the ouster of GSA’s top leadership and reforming government conference spending.
A music-video parody of Travie McCoy’s music video for ‘Billionaire‘ featuring Bruno Mars by then GSA employee Hank Terlaje titled “The Commissioner Project” and shown at the conference quickly became one of the most famous – or infamous – parts of the ongoing scandal.
It’s also quite catchy. (Full disclosure: Terlaje says in the song that every time he closes his eyes he sees his name on Federal Times.)
But recently Terlaje received a copyright for the work and one key lawmaker is saying it is ineligible.
Rep. Darrell Issa, the chairman of the House Oversight and Government Reform Committee, sent a letter to GSA administrator Dan Tangherlini Feb. 4 and said the video was created using government resources – including employees and facilities – for a government event and is there ineligible for a copyright.
“As the video appears to have been filmed at federal government facilities, with GSA personnel, and for the express purpose of use at an official event, the committee is concerned that securing a private copyright on such work is inappropriate. Any such copyright would appear to rightfully belong to the federal government,” Issa said in the letter.
Issa is requesting all agency documents and communications regarding the production and creation of the work and any and all communications regarding Terlaje and the video.
The video shows Terlaje in a cubicle and other office spaces as well as on the beach and in parks.
I have reached out to Terlaje for comment and will update if I receive any response. Or if he reads it here he can always email me at email@example.com.
Good morning! Today we launch a new–and presumably temporary–feature on FedLine: A regular (as events warrant) rundown of all the noteworthy shutdown-related news that we can find.
Given what happened over the weekend, we’re playing catch-up today. As always, would appreciate your help in keeping federal employees informed on what’s happening across government. You can email tips at any time to firstname.lastname@example.org. Feel free to offer suggestions on how to make this feature useful. We’ll start by calling it “Shutdown Watch,” but are definitely open to something more original.
So, we start Day 7 of the partial shutdown with what is probably old news to most readers, but for the record, there were two major developments Saturday. That morning, the House of Representatives voted 407-0 to ensure furloughed feds get back pay once the partial shutdown ends. The bill is now with the Senate, which could vote to send it to President Obama early this week.
Then, that afternoon, the Defense Department, citing newly granted authority under the Pay Our Military Act, announced that it is recalling most of the approximately 350,000 civilian employees who had been furloughed without pay. For anyone who hasn’t seen it, here’s the official memo from Defense Secretary Chuck Hagel, along with the transcript of a call that DoD Comptroller Robert Hale held with reporters that provides a lot of useful detail. At least some civilian employees who work for the Coast Guard (a part of the Department of Homeland Security that’s nonetheless considered part of the armed forces) could also be going back to work.
On the heels of that step, United Technologies Corp. announced the cancellation of plans to furlough almost 2,000 aerospace workers. The reason, according to the Connecticut-based contractor: DoD is recalling Defense Contract Management Agency inspectors needed to oversee the manufacturing process. But Lockheed Martin is sending home some 2,400 workers (although that’s fewer than the 3,000 initially forecast), and BAE Systems has “excused from work” about 1,000 employees with the company’s intelligence and security division.
In other news, the Federal Aviation Administration is asking creditors to extend “flexibility” to some 45,000 FAA employees who may not be collecting paychecks for a while. And we couldn’t let the occasion pass without posting this much-circulated coded plea from some National Weather Service forecasters in Alaska. As your mother probably told you, it never hurts to use humor to make a point.
At least one federal conference is being postponed this week because of a potential government shutdown.
The National Institute of Standards and Technology is postponing its Cloud Computing and Mobility Forum this week “because we could not guarantee NIST’s facility would be open on the first day of the meeting, Oct. 1,” according to an agency spokeswoman. “The meeting has not been rescheduled.”
More than 500 people had registered for the conference, including about 130 federal employees. Many federal employees would be forced to stay home without pay if Congress doesn’t strike a budget deal by midnight.
Just at DoD, some 400,000 employees — or about half of the civilian workforce — will be sent home on unpaid furloughs if a partial shutdown begins Tuesday, Comptroller Robert Hale said late last week. During a Sept. 27 news briefing, Hale said a shutdown would halt travel and training plans for activities not deemed excepted.
“As of today, no other conferences have been postponed,” according to NIST. “Some scheduled conferences could be affected by a shutdown, depending on the duration of the shutdown and how much lead time each conference requires.”
House lawmakers will consider a bill Wednesday that would allow companies and federal agencies to voluntarily share and receive cyber threat information with each other.
The Cyber Information Sharing and Protection Act (CISPA) passed the House Permanent Select Committee on Intelligence April 10 and will be introduced on the House floor Wednesday. A vote is expected by Thursday.
An earlier version of the bill passed the House last April but lacked additional privacy controls included in the revised bill. Still, that has not satisfied the White House and civil liberties groups who say the bill’s current provisions are insufficient.
CISPA requires the director of national intelligence to enable intelligence agencies to share threat data with the private sector in real time. This includes information about vulnerabilities of federal and industry systems and networks and efforts to destroy or disrupt these systems. Companies that share information under the bill’s provisions would be granted legal protections if they are subject to a cyber attack.
The White House threatened to veto an earlier version of the bill that passed the House last April. Critics of the bill warned that it did little to protect citizens’ personal information and said it would not hold companies accountable for responding to threat information provided by the government.
Despite several amendments to the original bill, CISPA has not met White House expectations.
“We continue to believe that information sharing improvements are essential to effective legislation, but they must include privacy and civil liberties protections, reinforce the roles of civilian and intelligence agencies, and include targeted liability protections,” Caitlin Hayden, spokeswoman for the White House’s National Security Council, said in a statement.
“Further we believe the adopted committee amendments reflect a good faith-effort to incorporate some of the administration’s important substantive concerns, but we do not believe these changes have addressed some outstanding fundamental priorities,” Hayden said. She said the administration will continue working with the bill’s co-authors, House Intelligence Committee Chairman Rep. Mike Rogers, R-Mich., and Dutch Ruppersberger, D-Md., the committee’s ranking member.
In an effort to appease privacy and civil liberties groups, several amendments were added to the bill, including one that restricts how the government can use cyber information it receives from the private sector. The bill requires that the government only use shared information for cybersecurity, investigation and prosecution of cybersecurity crimes and protection of individuals and minors. A provision that would have allowed the information to be used for national security purposes was removed.
Several companies and trade groups, including Facebook, the U.S. Chamber of Commerce and industry group TechAmerica, have expressed support for the bill. But groups such as the American Civil Liberties Union are not satisfied.
“The changes to the bill don’t address the major privacy problems we have been raising about CISPA for almost a year and a half,” Michelle Richardson, legislative counsel at the ACLU’s Washington Legislative Office, said in a statement. “CISPA still permits companies to share sensitive and personal customer information with the government and allows the National Security Agency to collect the internet records of everyday Americans.”
The Senate on Wednesday failed to pass cybersecurity legislation that would set voluntary security standards for owners of critical infrastructure, such as dams, energy and water systems.
Senators voted 51-47 in favor of the bill, S 3414, but fell short of the 60 votes needed to move forward with final passage.
“Cybersecurity is dead for this Congress,” Senate Majority Leader Harry Reid, D-Nev., said following the vote. “What an unfortunate thing.”
Sen. Susan Collins, R-Maine, a co-sponsor of the Cybersecurity Act, expressed similar disappointment. “In all my years on the Homeland Security Committee, I cannot think of another issue where the vulnerability is greater and we’ve done less,” Collins said in a statement.
Senators were at a similar crossroad in August, but some were hopeful that Sen. John McCain, R-Ariz., and other Republicans who strongly opposed the bill would at least vote to move forward and introduce relevant amendments. McCain, who on Wednesday initially expressed a willingness to move forward with the bill if at least five amendments could be introduced, ultimately voted against the bill.
Under the bipartisan bill, critical infrastructure owners would become eligible for certain benefits if they voluntarily certify through a third party that they meet cybersecurity standards. Those benefits would include liability protections in the event of a cyber attack on their systems.
Republicans argued that implementing the bill would be a financial burden to industry. They also opposed the Department of Homeland Security’s role in approving and overseeing cybersecurity standards.
Retiring Sen. Kay Bailey Hutchison, R-Texas, who voted against the bill, suggested that the Senate start over and allow all committees with jurisdiction over cyber to provide their input.
Absent cybersecurity legislation, administration leaders have said the president would move forward with an executive order to improve cybersecurity of the nation’s most critical infrastructure.
Senators said that a draft of the executive order is being circulated. The order is said to include provisions that will establish cybersecurity standards for the 18 critical infrastructure sectors in areas where regulators have existing authority to enforce those standards. The order, however, could not provide liability protections for companies that follow those standards but are attacked.
The Washington Post reported that President Obama signed a secret directive in mid-October, Presidential Directive 20, that explicitly defines how the military will respond to a cyber attack using both offensive and defensive capabilities.
While the Transportation Security Administration has made headway in defending against insider attacks, the agency lacks specific policies and procedures to mitigate those threats, according to a recent inspector general audit.
The September audit, released this week, found that TSA has not implemented insider threat policies and procedures that clearly explain its employees’ role in defending against insider threats. TSA also lacks a risk mitigation plan that ensures all employees address the risks of insider threats in a consistent way.
TSA defines insider threat as “one or more individuals with access or insider knowledge that allows them to exploit the vulnerabilities of the nation’s transportation systems with the intent to cause harm,” according to the Department of Homeland Security IG audit. Threats can include spying, release of information, sabotage, corruption, impersonation, theft, smuggling, and terrorist attacks. Insider threats can include current and former employees and contractors.
The report noted that TSA doesn’t have a mandatory insider threat training and awareness program for employees, and it lacks protective measures to ensure unauthorized employees can’t, for instance, dump massive amounts of sensitive data onto a portable storage device.
The IG recommends that TSA’s assistant administrator for information technology:
- Further develop TSA’s insider threat program by including policies, procedures and a risk management plan.
- Require insider threat awareness training for employees.
- Direct systems administrators to disable USB ports on computers and laptops if there is not a legitimate need for them.
- Limit the size of email file attachments until the proper measures are in place to detect or prevent unauthorized exfiltration of sensitive information.
However, TSA said it has developed a directive, currently awaiting approval, that identifies polices and procedures for its insider threat program. The agency stood up a toll free hotline and email address for reporting insider threats and also plans to roll out an insider threat training and awareness program.
The agency said disabling USB ports isn’t feasible but, instead, has an application in place to alert the agency when data is transferred outside DHS networks. TSA also disagreed with any restrictions on email file sizes.
Further discussions between the agency and the IG are required to hash out differing opinions.
In June, Reps. Bennie Thompson, D-Miss, and Sheila Jackson Lee, D-Texas, questioned TSA’s plans to purchase software that monitors employees’ keystrokes, emails and other online activities as part of a larger effort to defend against internal attacks.
In a response letter, TSA Administrator John Pistole said the software would provide TSA with forensic evidence for investigations should an employee ever be identified as a potential insider threat to TSA’s mission.
In an Oct. 3 response letter to the IG audit, the lawmakers requested a detailed description of TSA’s current spending related to the insider threat, an estimate of the anticipated lifecycle cost of the monitoring software the agency plans to buy, when TSA will have policies, procedures and a risk management plan and other information by Oct. 17.
A coalition of businesses pushing for the privatization of government work ranked Congress this week on votes that would have invited more competition between the public and private sector.
“We are seeing an unprecedented level of government expansion into numerous activities that should be left to the private sector,” John Palatiello, president of the Business Coalition for Fair Competition, said at a news conference at the National Press Club on Thursday. “In our free enterprise system, government should be the umpire, not the opposing team.”
The coalition’s report lists how each member of the U.S. House and Senate voted on legislation, amendments and procedural actions — 10 in each house — that would have allowed private companies to compete with government workers or impeded companies’ competition for federal contracts.
Among the Senate actions members were scored on were amendments that would have repealed the previously enacted government-run healthcare law and allowed private companies to compete with the Postal Service. Key House votes included amendments that prevented the executive branch from requiring companies to disclose their political contributions as a condition of winning government contracts and that would have removed restrictions on agencies’ use of OMB Circular A-76 public-private cost competitions.
Not surprisingly, Republican leaders, such as Senate Minority Leader Mitch McConnell and Rep. Paul Ryan, who is presidential candidate Mitt Romney’s running mate, agreed with the coalition’s position on key votes. On the other hand, Democratic leaders, such as Senate Majority Leader Harry Reid and House Minority Leader Nancy Pelosi, received goose eggs.
A top Democratic senator is calling on the president to use executive branch authorities to better secure critical systems against cyber attacks.
In a letter to President Obama on Monday, Sen. John Rockefellar, (D-W.Va.), urged the president to “explore and employ every lever of executive power that you possess to protect this country from the cyber threat.”
Rockefeller co-sponsored the Cybersecurity Act, S. 3414, which failed passage in the Senate this month. The bill would have set voluntary standards for companies operating critical infrastructure, such as the electric grid, water treatment facilities and transportation systems.
Rockefeller said that many portions of the bill could be implemented via executive order, regulatory processes or under the authorities of the Homeland Security Act.
Obama’s assistant for homeland security and counterterrorism, John Brennan, told the Council on Foreign Relations last week that the administration is considering the use of executive branch authorities. White House officials are determining what cybersecurity guidelines or policies can be enforced through executive order to enhance cybersecurity of critical infrastructure, most of which are controlled by the private sector.