Notices - Social Media Policy
Table of Contents
Section 1: Social Media and Social Networking Policy
Overview of Policy
Official Use of Social Media and Social Networking at DOI
Non-Official/Personal Use of Social Media and Social Networking
Section 2: Applicable Laws, Regulations, and Policies
Records Management, Retention, and Archiving
Availability to Persons with Limited English Proficiency
Availability of Information and Access to Persons Without Internet Access
Usability of Data
Copyright Law of the United States of America
Federal Advisory Committee Act
Information Collection & Paperwork Reduction Act
Freedom Of Information Act
SECTION 1: Social Media and Social Networking Policy
The following policy regarding the official and non-official/personal use of social media and social networking services and tools is effective Nov. 18, 2010. This policy describes the official use of social media and social networking tools in the establishment and use by DOI or a DOI bureau of a third-party social networking or social media account or service as an official means of communication or public engagement. This policy does not govern the visiting of third-party social media or social networking websites in one's official capacity for research or informational purposes.
At the time of this policy's publication, only four social media tools are approved (Facebook, Twitter, Flickr, and YouTube). Other examples in this policy are provided for illustrative purposes only.
The types of content and examples of services to which this policy applies include, but are not limited to:
- Media Sharing - Examples: YouTube, Flickr, iTunes
- Blogging/Microblogging - Examples: WordPress, Blogger, Twitter
- Social Networking - Examples: Facebook, MySpace, LinkedIn, Ning
- Document and Data Sharing Repositories - Examples: Scribd, SlideShare, Socrata
- Social Bookmarking - Delicious, Digg, Reddit
- Widgets - Examples: Google Maps, AddThis, Facebook "Like"
President Obama's memo on Open and Transparent Government encourages Federal agencies to use technology to communicate and engage with the public. Social media services and tools (often referred to collectively as "Web 2.0") are powerful and effective means to communicate quickly and broadly, share information, and interact with colleagues and the public. DOI is taking advantage of these third-party tools and services in order for to reach a wider audience and to facilitate and enhance professional communication and collaboration.
It is critical that social media tools be accessed and used in a responsible manner. As with e-mail and other electronic means of communication, official use of these applications to communicate and engage with the public must be in accordance with all the applicable Federal policies related, including but not limited to the Section 508 (Accessibility), Records Management, Retention, and Archiving, Information Quality, and Intellectual Property. (See Section 2.).
Under the auspices of Departmental Manual Part 110, 5.3.A, the DOI Social Media Handbook provides additional information and best practices about the use of social media and social networking at DOI.
DOI encourages its bureaus to use social media tools to communicate their missions and messages with the public when there is a legitimate business case to do so. Bureaus are encouraged to carefully weigh their options when deciding whether to use social media. The DOI Social Media Handbook provides guidance on specific types of social media tools and services.
Before beginning any social media project, employees must first be granted approval to use social media, social networking, or other Web 2.0 services or tools to directly support or enhance activities being undertaken in an official Department of the Interior capacity. Contact persons for each Bureau and office are listed in Appendix A. Each bureau and office will maintain a catalog of all official social media presences; this catalog will be periodically reported to the DOI Office of Communications and Office of the Chief Information Officer.
The need for this approval is threefold: (1) There may already be bureau- or Department-level social media efforts that accomplish the same or similar goals. It is necessary for the bureaus and the Department to keep track of social media efforts to ensure there is no undue overlap or duplication. (2) Bureau-level coordination and participation helps ensure that information is, when appropriate, delivered to our constituents and the public in the context of unified themes or messages. (3) A social media account must be covered under a special terms of service agreement (TOS), privacy impact assessment (PIA) and possibly a system of records notice (SORN) approved by the Department of the Interior. In order for a new social media account to be covered under a DOI TOS agreement, it must be approved by the bureau point of contact in Appendix A and reported to the Department Office of Communications.
Any social networking profiles or social media presences that have not been approved via your bureau's point of contact may be terminated.
Bureaus will periodically report on all social media presences to the DOI Office of Communications and Office of the Chief Information Officer. DOI will keep a running list of all official presences on third-party social media Web sites so the public may know which communications channels are DOI approved. Only approved social media presences will be included on this list.
The use of social media services is further dependent on those services that have approved DOI TOS agreements. If there are third-party services that a bureau has identified as appropriate for use, the bureau office of communications or public affairs officer should contact the DOI Office of Communications for review of the TOS and confirm PIA and SORN compliance.
The following principles should be employed when using public-facing social media services in an official capacity within DOI.
- Do not discuss any agency or bureau related information that is not considered public information. The discussion of sensitive, proprietary, or classified information is strictly prohibited. This rule applies even in circumstances where password or other privacy controls are implemented. Failure to comply may result in fines and/or disciplinary action.
- Third-party social media Web sites should never be the only place in which the public can view DOI or bureau information. Any information posted to a third-party social media Web site must also be provided in another publicly available format such as the DOI or bureau Web site.
- When you are representing DOI or a bureau in an official capacity, DOI or the bureau is responsible for the content you publish on blogs, wikis, social networking Web sites, or other forms of social media. Assume that any content you post may be considered in the public domain, will be available for a long period of time, and can be published or discussed in the media -- likely beyond your or DOI's influence.
- Remain focused on your mission. If using social media tools to communicate with the public isn't one of your primary duties, don't let it interfere with those duties.
- Know and follow DOI and Executive Branch conduct guidelines, such as the Appropriate Use of the Internet, Limited Personal Use of Government Equipment, and Standards of Ethical Conduct for Employees of the Executive Branch.
- Do not engage in vulgar or abusive language, personal attacks of any kind, or offensive terms targeting individuals or groups.
- Do not endorse commercial products, services, or entities.
- Do not endorse political parties, candidates, or groups.
DOI employees, or those working on behalf of DOI, who use social media and social networking services and tools for strictly personal use outside of the workplace do not require approval to do so. However, DOI recognizes that these types of tools can sometimes blur the line between professional and personal lives and interactions. Therefore, employees are reminded that, as representatives of DOI, their office, or their bureau, the above rules and guidelines must be taken into consideration when participating in these services at any time, but particularly when identifying themselves as employees of DOI or when context might lead to that conclusion. Any activity using Government equipment (including access to the Internet) is governed by Department of the Interior guidelines on the Personal Use of Government Office Equipment.
By exercising discretion and common sense when employing social media for professional or personal purposes, you will help assure that their great potential is fully realized without inadvertently compromising our professional, legal, or ethical standards.
Employees should remember that standards of ethical behavior and other ethics policies are applicable. (See Section 2.)
The following principles should be employed when using social media services in an non-official/personal capacity within DOI.
- Be aware of your DOI association in online social networks. If you identify yourself as a DOI employee or have a public facing position for which your DOI association is known to the general public, ensure your profile and related content (even if it is of a personal and not an official nature) is consistent with how you wish to present yourself as a DOI professional, appropriate with the public trust associated with your position, and conform to existing standards, such as Standards of Ethical Conduct for Employees of the Executive Branch. Employees should have no expectation of privacy when using social media tools.
- When in doubt, stop. Don't post until you're free of doubt. Be certain that your post would be considered protected speech for First Amendment purposes. Also, add a disclaimer to your social networking profile, personal blog, or other online presences that clearly states that the opinions or views expressed are yours alone and do not represent the views of the Department of the Interior or your bureau.
- In a publicly accessible forum, do not discuss any agency or bureau related information that is not already considered public information. The discussion of sensitive, proprietary, or classified information is strictly prohibited. This rule applies even in circumstances where password or other privacy controls are implemented. Failure to comply may result in fines and/or disciplinary action.
SECTION 2: Federal Policies Applicable to the Use of Social Media
Including, but not limited to, Section 508, Records Management/Retention/Archiving, Privacy and the Freedom of Information Act
Section 508 (Accessibility)
Section 508 of the Rehabilitation Act of 1973, (as amended), requires that electronic and information technologies purchased, maintained, or used by the Federal Government meet certain accessibility standards. These standards are designed to make online information and services fully available to the 54 million Americans who have disabilities, many of whom cannot possibly access information that does not comply with the Section 508 standards. Agencies are already required by Federal Acquisition Regulations to modify acquisition planning procedures to ensure that the 508 Standards are properly considered and to include the standards in requirements documents. OMB reminds agencies to disseminate information to the public on a timely and equitable basis, specifically mentioning meeting the Section 508 requirements in OMB Memorandum M-06-02. Agencies employing non-Federal Web 2.0 services are required to ensure that persons with disabilities have equal access to those services as defined in the Accessibility Standards. However, equivalent access to the information disseminated on those services must be displayed on the agency's Web site with a clear link back to accessible content.
All content displayed on DOI and bureau Web sites must adhere to 508 standards regardless of whether or not the content is created and hosted by DOI or bureaus. Content created and hosted by a third party and displayed on DOI or bureau Web sites via a widget is subject to 508 compliance standards.
At the time of this writing, changes are being considered to official implementation of Section 508 standards. These changes would essentially require that federal websites be Level AA conformant to WCAG 2.0 standards. In anticipation of such revisions, DOI requires that Interior websites conform to WCAG 2.0 Level AA standards whever possible.
Resources: Section 508 of the Rehabilitation Act, OMB Memo M-06-02, Draft Information and Communication Technology (ICT) Standards and Guidelines (http://www.access-board.gov/sec508/refresh/draft-rule.htm)
Records Management, Retention, and Archiving
When using electronic media, whether it is a blog, a Web site, a wiki, e-mail, or any other type of electronic communication, the regulations that govern proper management and archival of records still apply. DOI users, working with the Records Management Officer, determine the most appropriate methods to capture and retain records on both government servers and technologies hosted on non-Federal hosts. The National Archives and Records Administration offers resources and guidance to agencies to ensure proper records management.
DOI and bureaus will need to work with the Records Management Officers to determine the proper records maintenance schedules and dispositions for content posted on third-party Web sites.
The public places a high degree of trust in government content and considers it an authoritative source. Under the Information Quality Act and associated guidelines, agencies are required to maximize the quality, objectivity, utility, and integrity of information and services provided to the public. With regard to social media information-dissemination products, agencies must reasonably ensure suitable information and service quality consistent with the level of importance of the information. Reasonable steps include 1) clearly identifying the benefits and limitations inherent in the information dissemination product (e.g., possibility of errors, degree of reliability, and validity), and 2) taking reasonable steps to remove the limitations inherent in the product or information produced. Agency management must ensure that the agency position is reflected in all communications rather than one person's opinion.
DOI and bureaus should include a disclaimer when posting content on third-party Web sites that explains that DOI is only responsible for quality of the information posted by the official DOI account and not for the quality of the information posted by other users.
Executive Order 13166 requires that agencies provide appropriate access to persons with limited English proficiency. The scope of this requirement encompasses all "Federally conducted programs and activities." Anything an agency does, including using social media technologies to communicate and collaborate with citizens, falls under the reach of the mandate. Under this Executive Order, agencies must determine how much information they need to provide in other languages based on an assessment of customer needs. The requirements for social media implementations are no different than those for other electronic formats.
DOI and the bureaus are responsible for satisfying all policy requirements related to content that they provide to a third-party site; however, they cannot control and are thus not responsible for other content on that site. If the failure of the third-party site to satisfy the requirements of Executive Order 13166 or any other law or regulation discussed here presents an obstacle for the site user to the DOI or bureau content, that content must be offered on the DOI or bureau primary website in a fully compliant manner.
Agencies are required to provide members of the public who do not have internet connectivity with timely and equitable access to information, for example, by providing hard copies of reports and forms. For the most part, using social media technologies as an exclusive channel for information distribution would prevent users without internet access from receiving such information. In addition, some social media services require high speed internet access and high bandwidth to be effectively used, which may not be available in rural areas or may be unaffordable. In general, this requirement is no different for social media implementations than it is for other electronic service offerings. Programs must simply make alternative, non-electronic forms of information dissemination available upon request.
Many social media technologies allow users to take data from one Web site and combine it with data from another, commonly referred to as "mashups." Agency public Web sites are required, to the extent practicable and necessary to achieve intended purposes, to provide all data in an open, industry standard format that permits users to aggregate, disaggregate, or otherwise manipulate and analyze the data to meet their needs. Agencies need to ensure that these open industry standard formats are followed to maximize the utility of their data.
Images, text, video, audio files used in blogs or on third party social media Web sites must comply with Copyright Law of the United States of America and Related Laws Contained in Title 17 of the United States Code and other Federal policies and directives.
Generally, U.S. Government works are not protected by intellectual property law. However, that does not mean that most Government works are in the public domain. In addition, if an employee prepares a work and gives that work to a contractor pursuant to a contract, the rights to the final product may be subject to the contractor's intellectual property interest. Employees should be careful about the nature of the work they produce. Resources: Cendi, Copyright.gov, U.S. Trademark Law
Federal public Web sites are required to conduct privacy impact assessments (PIAs) if they collect personally identifiable information, post a "Privacy Act Statement" that describes the agency's legal authority for collecting personal data and how the data will be used, and post privacy policies on each Web site in a standardized, machine readable format such as Platform for Privacy Preferences Project, or P3P.
The Department of the Interior requires a preliminary PIA for all systems. The preliminary PIA determines if the system contains PII, and is kept as a record by the Department.
Two-way blogs (including any system by which the public may post comments) must protect the privacy of citizens who contribute comments to the blog. Blog software must not require blog visitors to log in before leaving comments. Blogs requiring contributors to provide personally identifiable information (PII) such as an e-mail address, in order to participate must follow all guidelines for protection of that information under the Privacy Act. Bureaus are encouraged to allow the actual public-facing comments to be anonymous to promote a freer exchange of ideas.
Bureaus and offices are permitted to collect IP addresses, browser information, and similar data as part of their regular server logs and Web site visitation analyses provided that they use such information only in aggregate and cannot link it to specific blog content over time.
Although some social computing Web sites are exempt from the prior requirements since they are not Federal Web sites, DOI is always bound to protect personally identifiable information on internal Web sites or pages on external social media Web sites. The Privacy Act of 1974 (as amended) may also apply to the activities undertaken on social media platforms, and individuals should consult with the DOI Privacy Office and Solicitor's office to ensure they are in compliance with all privacy protection requirements.
Resource: Privacy Act of 1974
Since many social computing technologies excel at enabling information-sharing across the Internet, government programs may use them to share ideas regarding current and future plans, to gather opinions about a wide variety of issues, and to strengthen the relationship between citizens and their government. Depending on circumstances (such as targeting specific experts for an online discussion of proposed policy), some of these efforts, depending on how they are structured, may meet the functional definition of a virtual or electronic advisory group and therefore fall under the purview of the Federal Advisory Committee Act (FACA). Just because an advisory committee meeting is held in virtual space instead of office space, it is not exempt from the Government's rules on such activities.
Any advisory group, with limited exceptions, that is established or used by a Federal agency and that has at least one member who is not a Federal employee, must comply with the FACA. In general, when Government agencies seek input and suggestions from the general public on various issues, FACA likely would not apply. However, if the Government is managing and controlling the group in any way, such as selecting members, setting an agenda, or consolidating results generated by the group of participants, the group would fall within the bounds of FACA. To find out if a group comes under the FACA, any individual may contact the sponsoring agency's Committee Management Officer or the GSA Committee Management Secretariat.
Agencies are required, when possible, to use electronic forms and filing to conduct official business with the public, and social computing technologies can be used in many cases to meet this need. Federal public Web sites must ensure that information collected from the public minimizes burden and maximizes public utility. The Paperwork Reduction Act (PRA) covers the collection of data from the public. The PRA requires OMB approval of all surveys given to ten (10) or more participants. This includes any sort of survey where identical questions are given to ten or more participants, regardless of the format. The exception to the survey rule is an anonymous submission form where users can provide open ended comments or suggestions without any sort of Government guidance on the content. Questions about the applicability of the PRA should be directed to the DOI or bureau privacy officers or the Office of the Solicitor.
See Privacy, above.
Freedom Of Information Act
Government-sourced content posted via third-party social media Web sites or on public Government Web servers becomes part of the public domain upon posting. With limited exceptions, such content is therefore not exempt from FOIA requests.
Any DOI-sponsored social media service or application not hosted on a DOI-controlled server must be evaluated by the Office of the Chief Information Officer according to DOI Security Categorization instructions to assess the ramifications of a potential security breach of that service. Non-DOI servers hosting DOI social media services may be required to attain certification and authentication to verify that content is adequately protected. DOI is required to host services and applications on ". (dot)gov" domains whenever possible. In order to protect IT resources, applications must not allow the insertion of malicious code through attachments of any kind. Two-way blogs must incorporate a character limit for comment forms to prevent text-dumping, and other security safeguards must be active to prevent activities that might threaten bureau IT resources.
As an additional safety measure, members of the public are not allowed to attach or upload files of any kind to DOI-hosted services; however, they may be allowed to attach or upload files to externally hosted services. For example, a commenter to a DOI-hosted blog would not be allowed to attach a video file; but a commenter to a YouTube posting might be allowed to post a video response.
All Government-wide and Department of Interior standards and codes of ethical behavior for employees apply to employees'use of social networking and social media tools for both official and personal use including:
- Appropriate Use of the Internet
- Limited Use of Government Equipment for Personal Purposes
- Standards of Ethical Behavior for Employees of the Executive Branch
- Non-Official Expression
DOI and bureaus are responsible for satisfying all policy requirements related to content that they provide to a third-party site; however, because they cannot control and are thus not responsible for other content on that site, they should determine whether or not DOI's presence on the site reflects favorably upon the Department and does not diminish its reputation or integrity. DOI and bureaus should note that they are not responsible for, nor can they control other content on the site on the part of the site which the bureau does control, as well as on its website. If the third-party site does not meet the requirements of Executive Order 13166 or any other law or regulation discussed here in such a way as to present an obstacle for the site user to the DOI or bureau content, that content must be offered on the DOI or bureau primary Web site in a fully compliant manner.
Office of Communications
U.S. Department of the Interior
By: Matt Lee-Ashley, Director -- Nov. 18, 2010