There are many issues surrounding the future of government information. FGI has identified the three core and overlapping issues of access to, preservation of, and privacy for users of government information. See the pages below for more information on each of these issues.
*Update October 21,2005: James R. Jacobs, Shinjoung Yeo, and Danial Cornwall were invited to speak at the Nevada Library Association Annual Conference. Here's Shinjoung's panel presentation about access and government information .
What do we mean when we say we want access to government information? What is government information? What is access? These are serious questions that can affect the debate on full public access to government information.
What we call "government information" is produced by many sources and in many formats; but in our view any information activity that is taxpayer funded is government information. That is, if government paid for the information to be collected and produced, it should be considered government information. This includes reports, journals, databases and other products a government has funded. People like to say that "It's the people's money." We say that "It's the people's information." Aside from very narrow exceptions for personal privacy and honest national security concerns, we believe the public is entitled to what it has paid for.
Having loosely defined "government information", let us turn to "access." Access can be defined as connecting a citizen with information produced by her government. This could mean the citizen finds a government publication or requests a public record.
In the old days before the Internet, access was easy to define. You had access to a publication if either it was deposited in a library, or if the issuing agency provided you with a copy of their publication. This was after you learned that the publication existed, either by consulting a library or seeing a publication announcement in local media. On the down side, relatively few people could actually use government information because only person could access a given item at a given library. On the plus side, government agencies found it next to impossible to alter or destroy every single copy of a publication it no longer wished to be public. Also, a disaster in one city or even in Washington DC itself wouldn't affect the country's access to the publication. There would likely be at least one library that still had the item.
The Internet changed everything for both good and bad. The good news was that now millions of people could access the same government document simultaneously. Also, people didn't have to wait for publications to be shipped out of Washington, DC. With some exceptions, people pretty much had equal access to the information.
The bad news is that in many cases we are left with one, or perhaps two, digital copies of documents under Federal control. This leaves government information with the following vulnerabilities:
There is more that can be said about access. Check this space for updates to this article.
If you would like to locate one of the items below in a library, just click on the title of the book or journal. If the item is not held by a library near you, ask your local library  to borrow it through Interlibrary Loan.
Please post suggestions for this bibliography in the comments section.
Who do you Trust? The Authentication Problem
How do we know when a digital document is "authentic"? While many in the library and academic communities hope that there will be a technological solution, the reality is that technology alone cannot solve the problem of authenticity. A report this week of research at a Chinese university illuminates one reason for this: technical tools are subject to failure, compromise, forgery, and hacking.
The article reports a flaw in an official federal standard that was originally devised by the National Security Agency and is widely used to create and verify digital signatures in e-mail and on the Web. In fact, it is embedded in every modern Web browser and operating system. The CNET article notes that, while the flaw that Chinese scientists discovered in the "Secure Hash Algorithm" is "theoretical," it will eventually make it easier to forge electronic signatures.
But authenticity requires more than secure software. Even if we had a tool that could never be hacked and that would last forever, we would still only have part of a solution: the technical part. The other part of the solution is social: it is the issue of Trust.
Software provides the technical part of the solution
The technology of authentication provides a way to verify that a document is what it purports to be and determine if it has been altered or not. Document-creators can use software to create special files (called "hashes" or "signatures" or "keys") based on the original document. These special files are typically stored with a "trusted third party" -- neither the document creator nor the recipient. Document-users can then use software to check the authenticity of the document in hand against that "hash." The software is able to determine only if the document in hand is identical to the original. Even the smallest change (e.g., the insertion or removal of a blank space) will result in a report that the documents are not identical.
Trust is the social part of the solution
But this technological check does not solve the authentication problem by itself. The check against the hash is only as reliable as the trusted third party. The software just gives us a technical means of shifting who we trust -- instead of trusting the party that delivered the document to us, for example, we trust a third party that tells us that the hash is correct and authentic. If the hash isn't authentic and unchanged, the check against the hash is worthless.
This concept of a trusted third party is, therefore, an essential component of the authentication chain. That should lead us to an important question: who will we choose as our trusted third parties? This is important because the tools only work if we can trust the third party to do its job. In the case of government information essential to our democracy, this trust has to last forever.
Who do you trust?
Ask yourself who in society is the most trusted third party in delivering information? The government? The press? Publishers? Technology companies like Microsoft and Verizon?
What about libraries?
Now ask yourself what we will do if we think that technological-verification is all we need to ensure authentication and we find one day that the tools have failed as described in the CNET article.
A Social Solution built on Trusted Institutions and Legal Deposit
Trust is a social phenomenon, not a technical one. What if, instead of putting all our faith in potential technological "solution" for ensuring authenticity of government documents, we instead relied on the existing infrastructure of depository libraries to ensure authenticity through their collective possession of multiple copies of digital government publications, distributed by GPO at the time of their publication under the legal-mandate of 44 USC?
This solution promises to be a sound, sustainable one because it relies on libraries as the trusted repository of information. Libraries have a long, well-established social role of providing information; people trust libraries because of it. Libraries have a vested interest in ensuring that the information they provide is authentic and people trust them to do so because it is their primary mission -- not a byproduct of publishing or making money or the various missions of government agencies.
The trust people place in libraries in general can be increased in the digital environment by relying, not on one or two libraries, but on many libraries with different funding streams and missions. Any unforeseen compromise in one institution becomes a single error in a large system of information-provision. (See Article outlines bottom-up standards for digital preservation systems .) Even in the paper and ink world, forgeries are possible -- though more difficult than in the digital world -- and one important way we determine authenticity is by comparing multiple copies.
A different approach
This approach is subtly different from the approach of hoping for a technological solution to authenticity. It recognizes that the social issue of trust (along with the existence of multiple copies controlled by different parties) is paramount and the role of technology is secondary. The role of technology is simply to provide tools to help implement that trust. Indeed, if we used this social-trust legal-digital-deposit approach, libraries would still use technical tools (e.g., LOCKSS, PKI, state of the art hash technologies) to validate the integrity of digital files. Combine these tools with trusted institutions, legal deposit, and multiple copies under multiple jurisdictions and you have fail-safe a recipe for ensuring authenticity.
The problem with hoping for a technological solution was clearly articulated back in 2000 by Abby Smith, Director of Programs at the Council on Library and Information Resources.
Interestingly, the scholar-participants suggested that technological solutions to the problem [of establishing the authenticity of a digital object] will probably emerge that would obviate the need for trusted third parties. Such solutions may include, for example, embedding texts, documents, images, and the like with various warrants (e.g., time stamps, encryption, digital signatures, and watermarks). The technologists replied with skepticism, saying that there is no technological solution that does not itself involve the transfer of trust to a third party. Encryption -- for example, public key infrastructure (PKI) -- and digital signatures are simply means of transferring risk to a trusted third party. Those technological solutions are as weak or as strong as the trusted third party. To devise technical solutions to what is, in their view, essentially a social challenge is to engender an "arms race" among hackers and their police.
-- Digital Authenticity in Perspective  in "Authenticity in a Digital Environment," Council on Library and Information Resources, Publication 92. (May 2000).
James A. Jacobs, November 3, 2005
*Update October 21,2005: James R. Jacobs, Shinjoung Yeo, and Danial Cornwall were invited to speak at the Nevada Library Association Annual Conference. Here's Daniel's panel presentation about preservation and government information .
Preserving government information is key to our survival as a nation. If we don't remember what we've done and why we've done it, repeating history may be the least of our worries.
In the analog world, preservation is a relative simple matter of caring for a physical object. Millions of people can visit the Declaration of Independence, the Constitution and the Bill of Rights because the National Archives has taken care of the paper these documents are written on. Since the words of these important documents are human readable, no machinery is needed to make the words understandable. Given the proper conditions, citizens celebrating our nation's 500th anniversary in 2276 will be able to read these core documents of history.
By contrast, digital publications and data are fragile. The main enemies of the successful preservation of digital materials are the media and the file format the data is in.
Currently there are two types of media for storing digital data - magnetic and optical. Magnetic encompasses audio and video tapes, floppy drives, removable hard drives, flash drives and magnetic tape. Optical media includes the various flavors of CDs and DVDs. Magnetic media has a proven poor track record as a durable storage format. Most magnetic media may last from 10-20 years . If material isn't copied onto new magnetic media, it can be lost . Optical media fares better in terms of holding data without decay. The National Institute of Standards and Technology estimates that CD-R's and DVD-Rs may last several tens of years . Some people estimate the lifetime of the highest quality of optical media to be close to a century. Still, this is only a fraction of the lifetime of quality paper or the estimated lifetime of microfilm .
However, length of media is really the least of our worries. A much greater problem is technological obsolescence. Have you tried to read a 5 1/4" disk or pull up a Wordstar document lately? There are many examples of lost data  because no equipment or software exists to read it. Data could be lost to technological obsolescence within ten years if it's not migrated into new formats.
So, how can we preserve digital information? Currently, no one knows how to best preserve digital information in a digital format, though there are some promising approaches . So far the safest approach is the "analog backup"; otherwise known as making tangible copies.
There are several groups studying the preservation of digital government information, including the Government Printing Office, the National Archives, the ALA Government Documents Roundtable and the LOCKSS group  at Stanford University.
Please post suggestions for this bibliography in the comments section.
*Update October 21,2005: James R. Jacobs, Shinjoung Yeo, and Danial Cornwall were invited to speak at the Nevada Library Association Annual Conference. Here's James' panel presentation about privacy and government information .
What you read about your government (or about anything) should be your business. But how well is your privacy protected? There is a great difference in privacy between the analog world of government publications and the Internet. In the analog world you decide the amount of privacy you have; in the digital world the servers of the information decide how much privacy they'll let you have.
The Physical Depository Library - You can usually walk right into a Federal Depository Library. There are a few that may ask for identification, but even these libraries do not track your browsing. Once you walk in, you can browse all you like without being tracked. You can take books off the shelves and look through them and if you put them back on the shelves, no one will know what titles you looked through. If you decide to check some reports out of the depository, you'll be protected by the confidentiality statutes  of the state where the library is. Since October 2001, it's been possible for your reading records to be turned over to federal authorities , but most libraries erase the record of any books you've checked out once you turn them in.
Viewing information on a library web site - Most libraries have websites these days. Many have explicit privacy policies  that limit the information that the library collects. Some of the information they could collect  include:
Does this mean we cannot have Internet access to government information without Uncle Sam looking over our shoulder? No. One solution would be to deposit electronic copies of government information with libraries and let the libraries serve the information on their own servers. That way, electronic government documents would be accessed from privacy minded librarians. Even if the government used its new powers under the PATRIOT act, it would have to make literally thousands of requests to find out who has handled a given document. This is unlike the current system, where the gov't can ask its own webmasters for as much data as they like without anyone knowing.
Please post suggestions for this bibliography in the comments section.