20 FAM 101.4
Authorities (Introduction to 20 FAM)
(CT:DATA-7; 10-15-2024)
(Office of Origin: M/SS/CFA)
20 FAM 101.4-1 Statutory Authorities (Data and AI)
(CT:DATA-7; 10-15-2024)
(1) Department of State Enterprise Data Strategy (2021) outlines four goals (with underlying objectives) that address the most critical data needs of the Department: Cultivating a Data Culture, Accelerating Decisions through Analytics, Establishing Mission-Driven Data Management, and Enhancing Enterprise Data Governance.
(2) Department of State Information Quality Guidelines (2002) identifies the policies and procedures for ensuring and maximizing the quality, objectivity, utility, and integrity of information disseminated by the Department.
(3) E-Government Act of 2002 (P.L. 107-347) enhances the management and promotion of electronic Government services and processes by establishing a framework of measures that require using Internet-based information technology to enhance citizen access to Government information and services, and for other purposes.
(4) Executive Order 13642 on Making Open and Machine-Readable the New Default for Government Information (2013) requires the default state of new and modernized Government information resources to be open and machine readable.
(5) Executive Order 13960 on Promoting the Use of Trustworthy Artificial Intelligence in the Federal Government (2020) provides guidelines for developing ethical, trustworthy Artificial Intelligence use cases in the Federal government.
(6) Federal Data Strategy and 2021 Action Plan (2021) guides the Federal Government in practicing ethical governance, conscious design, and a learning culture.
(7) Foundations for Evidence-Based Policymaking Act of 2018 (P.L. 115-435) requires federal agencies to modernize its data management practices. It includes the following Open, Public, Electronic, and Necessary (OPEN) Government Data Act (Title II) provisions that are of interest to the Department:
(a) 44 U.S. Code 3520: Chief Data Officer’s Role and Responsibilities
(b) 44 U.S. Code 3605 (b)–(d), (f), and (i): Agencies’ Responsibilities
(c) 44 U.S. Code 3607: Public Information Collection Guidelines
(d) 44 U.S. Code 3611: Data Inventory and Federal Data Catalogue
(8) Freedom of Information Act of 1966 (FOIA), as amended; privacy exemptions (5 U.S.C. 552(c)(6) and (c)(7)(C)) defines public access to all federal agency records except for those records (or portions of those records) that are protected from disclosure by any of the nine exemptions or three exclusions (reasons for which an agency may withhold records from a requester).
(9) Government Paperwork Elimination Act of 1998 (GPEA) (P.L. 105-277, Title XVII) requires federal agencies to allow individuals or entities that deal with the agencies the option to submit information or transact with the agency electronically, when practicable, and to maintain records electronically, when practicable.
(10) Guidance for Agency Use of Third-Party Websites and Applications, M-10-23 (2010) calls for transparent privacy policies, individual notice, and a careful analysis of the privacy implications whenever Federal agencies choose to use third-party technologies to engage with the public.
(11) Implementation Guidance for Title V of the E-Government Act Confidential Information Protection and Statistical Efficiency Act of 2002 (CIPSEA) informs agencies about the requirements for using CIPSEA and clarifies the circumstances under which CIPSEA can be used.
(12) Instructions on Complying with President’s Memorandum of May 14, 1998, “Privacy and Personal Information in Federal Records,” M-99-05 (1999) provides instructions to agencies on how to comply with the President's Memorandum of May 14, 1998 on “Privacy and Personal Information in Federal Records.”
(13) Management of Federal Information Resources, Circular No. A-130, Transmittal Memorandum No. 4 (2000) establishes policy for the management of Federal information resources.
(14) Memorandum on Restoring Trust in Government Through Scientific Integrity and Evidence-Based Policymaking (2021) stresses the importance of data integrity with respect to scientific analysis and findings.
(15) OMB Circular A-130, Managing Information as a Strategic Resource (2016) establishes general policy for information governance, acquisitions, records management, open data, workforce, security, and privacy.
(16) OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002 provides information to agencies on implementing the privacy provisions of the E-Government Act of 2002.
(17) OMB Memorandum M-10-06, Open Government Directive (2010) directs executive departments and agencies to take specific actions to implement the principles of transparency, participation, and collaboration set forth in the President’s Memorandum on Transparency and Open Government, issued on January 21, 2009.
(18) OMB Memorandum M-13-13, Open Data Policy – Managing Information as an Asset (2013) establishes a framework to help institutionalize the principles of effective information management at each stage of the information’s life cycle.
(19) OMB Memorandum M-19-23, Phase 1 Implementation of the Foundations for Evidence-Based Policymaking Act of 2018: Learning Agendas, Personnel, and Planning Guidance (2019) establishes expectations for how and when agencies are to implement Evidence Act requirements.
(20) OMB Privacy Act Implementation: Guidelines and Responsibilities, published in the Federal Register, 40 FR 28948 (July 9, 1975) defines responsibilities for implementing the Privacy Act of 1974.
(21) OMB Section 515 Information Quality Guidelines (67 FR 8451-8460) (2002) provides policy and procedural guidance to Federal agencies for ensuring and maximizing the quality, objectivity, utility, and integrity of information disseminated by Federal agencies.
(22) Privacy Act of 1974, as amended (5 U.S.C. 552a) establishes requirements that govern the collection, maintenance, use, and dissemination of information about individuals that is maintained in systems of records by federal agencies.
(23) Public Diplomacy Modernization Act of 2021 (2021) modernizes and streamlines the public diplomacy capabilities of the Department of State, increases evaluation of public diplomacy programming, and enhances strategic planning for the Department’s public diplomacy physical presence abroad.
(24) OMB Memorandum Recommendations for Identity Theft Related Data Breach Notification (2006) provides recommendations for planning and responding to data breaches which could result in identify theft.
(25) Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments, M-06-19 (2006) provides guidance on the reporting of security incidents involving personally identifiable information.
(26) Safeguarding Against and Responding to the Breach of Personally Identifiable Information, M-07-16 (2007) requires agencies to develop and implement a breach notification policy.
(27) Safeguarding Personally Identifiable Information, M-06-15 (2006) reemphasizes responsibilities under law and policy to appropriately safeguard sensitive personally identifiable information and train employees on their responsibilities in the area.
(29) Social Security Number Fraud Prevention Act of 2017 (P.L. 115-59) clarifies and updates the language of procedural requirements pertaining to the inclusion of Social Security account numbers on documents that the Department sends by mail.
20 FAM 101.4-2 Regulatory Authorities (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-3 Supreme Court Decisions (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-4 Appellate and District Court Decisions (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-5 Certain Other Authorities (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-5(A) Delegations of Authorities (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-5(B) Executive Orders (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-5(C) Treaties and Conventions (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-5(D) Jointly Executed Memoranda of Understanding (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.
20 FAM 101.4-5(E) Other Opinions (Data and AI)
(CT:DATA-7; 10-15-2024)
Reserved.