5 FAM 700
INTERNET AND INTRANET USE
5 FAM 710
GENERAL
(CT:IM-324; 06-28-2024)
(Office of Origin: DT/E-CISO)
5 FAM 711 SCOPE
(CT:IM-316; 04-23-2024)
This chapter contains the policies and guidance related to e-mail, cookies, the internet, intranets, and the World Wide Web (www) site hosting.
5 FAM 712 AUTHORITIES
(CT:IM-316; 04-23-2024)
This chapter is based on the following authorities:
(1) Public Law 96-465 (Foreign Service Act), Section 206(b), and 22 U.S.C. 2651a;
(2) Public Law 99-399 (Omnibus Diplomatic Security Act), Section 401(f);
(3) Public Law 115-336, 21st Century Integrated Digital Experience Act (IDEA) or the 21st Century IDEA.
(4) 5 CFR 2635.704(b)(1) Government Property Use;
(5) 5 CFR 2635.101 Public Service is a Public Trust;
(6) DOTGOV Online Trust in Government Act of 2020
(7) Executive Order 13526—Classified National Security Information;
(8) Privacy Act of 1974, 5 U.S.C. 552a, 552a note; and Electronic Communications Privacy Act of 1986, 18 U.S.C. 2701;
(9) Americans with Disabilities Act of 1990, 42 U.S.C. 12101 note;
(10) Freedom of Information Act, 5 U.S.C. 552;
(11) OMB Circular A-130, “Managing Information as a Strategic Resource,” 81 FR 49689;
(12) Federal Information Technology Acquisition Reform (FITARA) is Title VIII Subtitle D Sections 831-837 of Public Law 113-291 - Carl Levin and Howard P. "Buck" McKeon National Defense Authorization Act for Fiscal Year 2015;
(13) OMB Memorandum (M-15-14); Management and Oversight of Federal Information Technology;
(14) Public Law 100-235, Computer Security Act of 1987;
(15) United States Information and Educational Exchange Act of 1948 (Smith-Mundt), as amended, 22 U.S.C. 1461;
(16) Section 508 of the Rehabilitation Act of 1973, 29 U.S.C. 794d, as amended;
(17) Children's Online Privacy Protection Act, 15 U.S.C. 6501;
(18) Government Paperwork Elimination Act, 44 U.S.C. 3504;
(19) Public Law 104-106, Information Technology Management Reform Act of 1996 (Clinger-Cohen Act);
(20) Government Information Security Reform Act of 2000, 44 U.S.C. 3531; and
(21) OMB Memorandum M-99-18, Privacy Policies on Federal websites.
(22) OMB M-17-06, Policies for Federal Agency Public Websites and Digital Services
(23) OMB Memorandum M-17-06, Policies for Federal Agency Public Websites and Digital Services.
(24) OMB Memorandum 00-13, Privacy Policies and Data Collection on Federal Websites.
(25) OMB M-23-10, The Registration and Use of .gov Domains in the Federal Government
(26) OMB Memorandum M–13–10, Anti-deficiency Act Implications of Certain Online Terms of Service Agreements
(27) Public Law 107-347, 113-283, Federal Information Security Modernization Act (FISMA), December 2014.
(28) National AI Initiative Act of 2020 (Division E, Sec. 5001)
(29) M-23-03: FY23 FISMA Guidance
(30) The State and Local Government Cybersecurity Act of 2021
5 FAM 713 DEFINITIONS
(CT:IM-316; 04-23-2024)
The following definitions apply to the material in this chapter:
Accessibility--An accessible information and communication technology product or service is one which can be used by all its intended users, taking into account their differing capabilities. A person's ability to use technology may be impaired due to various physical, sensory, emotional or cognitive disabilities.
BLOG—A shortened term for "Web log,” a blog is a website designed for online discussions and ongoing update of content. Blogs typically include journal-style entries, commentaries that may form a conversational thread, and links to other websites or documents. Like other Web pages, blogs are administered by one or more persons who have overall responsibility for content and format. Visitors to the sites are encouraged to leave responsible comments on the entries. Blogs often serve as the basis for self-forming online communities involved in a wide range of subjects, including countries, regions, issues, or professional fields.
Bulletin Board—A computer or an application dedicated to the sharing or exchange of messages or other files on a network that are usually related to a common subject.
Client—A client is the user in the client/server relationship that receives information, files, Web pages, and other services from a server on a network. The word "client" refers to the computer hardware and to the software application that makes the client function.
Cookie—Cookies are small data files written to your hard drive by a website when you view it in your browser. Cookies can contain information the site can use to track such things as your website username at that website, your password to access the features of the website, lists of pages you've visited, and the date when you last looked at a certain page. There are two types of cookies: session cookies and persistent cookies. Session cookies are temporary, created to maintain active status with an application such as a database during the application session, and expire when the session ends. Persistent cookies are not temporary. They may last indefinitely, or they may be set to expire at a fixed interval following the last time they are used. Persistent cookies are used by a website to maintain visitor preferences and parameters when using a particular site. See 5 FAM 741 for the Department’s Cookie Policy.
HTTPS—HTTPS is a combination of HTTP and Transport Layer Security (TLS). TLS is a network protocol that establishes an encrypted connection to an authenticated peer over an untrusted network. Browsers and other HTTPS clients are configured to trust a set of certificate authorities [2] that can issue cryptographically signed certificates on behalf of web service owners. These certificates communicate to the client that the web service host demonstrated ownership of the domain to the certificate authority at the time of certificate issuance. This prevents unknown or untrusted websites from masquerading as a Federal website or service.
Information—Data of any type capable of being posted or transmitted on or through the Internet or a Department intranet, including data in print, graphic or pictorial, and audible form.
Internet—A worldwide system of computer networks. The Internet is a collection of large, medium, and small networks interconnected to form a robust, self-sustaining digital communications facility.
Intranet—A restricted-access network that operates in the same manner as the Internet. The purpose of an intranet is to share information and computing resources within the organization without privileged information being made available to everyone with Internet access.
The Department of State maintains several intranets including OpenNet and ClassNet. These provide Internet-like services to Department employees, designated cleared contractors, and designated cleared Foreign Service nationals. OpenNet provides e-mail access to the Internet through a firewall. Because ClassNet is used for transmission of National Security Information, there is no connection to the Internet.
Intelink-U—Formerly known as the Open Source Information System (OSIS), Intelink-U is an interagency service provider which is used for information up to the Sensitive But Unclassified (SBU) level.
Section 508— A law that must be followed by Federal agencies when they purchase, develop, maintain or use information communication technology (ICT). Section 508 provides a set of technical and functional standards that must be met to enable access by people with disabilities. Compliance with Section 508 standards allows people with disabilities to have access and use of information and data. This includes information which enables people to be informed, perform work, receive Government benefits, and conduct business.
Server—A computer that provides the information, files, Web pages, and other services to the client computers on a network. The word "server" refers to the computer hardware and to the software applications that make the server operate.
SIPRNET—The Secret Internet Protocol Router Network (SIPRNet) is a worldwide, Department of Defense (DoD), Internet Protocol (IP) router-based network that serves as a backbone for interagency classified data traffic.
Unclassified—For purposes of 5 FAM 700 the term “unclassified” refers to all information that does not meet the national security information classification guidelines as set forth in E.O. 13526 as amended. This includes Sensitive But Unclassified (SBU) information.
Wiki—A term of Hawaiian origin meaning "fast," a wiki is a website that enables users to write and edit articles, add commentary, and track changes in documents through detailed version changes. A wiki can be used both as an online encyclopedia and as a document management tool. In a wiki, users may contribute information they consider valuable, and anyone can edit any contribution. Wikis managed by a non-U.S. Government entity should be considered informative, but not authoritative.
5 FAM 714 THROUGH 719 UNASSIGNED