The IT Law Wiki


E-Government Act of 2002, Pub. L. No. 107-347, 116 Stat. 2899 (Dec. 17, 2002), codified at 5 U.S.C. Chapter 37, 44 U.S.C. §3501 nt., 44 U.S.C. Chapter 35, Subchapter 2, and Chapter 36 (full-text).


The law was enacted with the general purpose of promoting better use of the Internet and information technology (IT) to improve government services for citizens, internal government operations, and opportunities for citizen participation in government. Among other things, the act established the E-Gov Fund,[1] which is to be used to support projects that enable the federal government to expand its ability to conduct activities electronically.

The Act:

Title I[]

Title I outlined leadership and organizational responsibilities for OMB. Specifically, it expanded OMB's leadership role in the management of information and information technology by establishing the Office of Electronic Government headed by a presidentially appointed Administrator (which replaced the position of Associate Director for Information Technology and E-Government). The E-Gov Administrator is responsible for assisting the Director and Deputy Director of OMB, and for working with the OIRA Administrator, in setting strategic direction for e-government, overseeing the implementation of e-government consistent with related laws, and performing e-government functions, including:

  • advising the OMB Director on the resources and strategies needed for e-government,
  • providing overall leadership and direction on e-government, and
  • preparing an annual E-Gov Status Report for Congress.

Title I also codified the CIO Council, with the OMB Deputy Director for Management as the chair, and detailed its organizational structure and responsibilities. As required by the Act, membership of the council includes CIOs from federal executive agencies, OMB's Deputy Director for Management, the E-Government Administrator, and the OIRA Administrator. The E-Government Administrator is to lead the council on behalf of OMB's Deputy Director for Management, who serves as the Council Chair. In addition, Title I established the E-Government Fund for interagency projects. The Fund is to be administrated by the GSA Administrator, with the assistance of the OMB E-Gov Administrator.

Title II[]

Title II of the Act assigned responsibilities for the management and promotion of electronic government activities. These include the following responsibilities:

The stated purpose of Section 203 of the Act is to ensure an appropriate level of security for Federal electronic transactions. OMB issued guidance on how Section 203 should be implemented in OMB Memorandum M-04-04, "E-Authentication Guidance for Federal Agencies."

Section 207 of the Act requires each Federal agency to develop priorities and schedules for making government information available and accessible to the public, in accordance with public comment, and to post this information on the agency's website. Section 207 also requires each Federal agency to report to OMB, as part of the agency's annual E-Government Act report, the final determinations of inventories, priorities, and schedules that agency has made.

The Act, inter alia, sets requirements on government agencies as to how they assure the privacy of personal information in government information systems and establishes guidelines for privacy policies for federal websites.

Section 208 of the Act ensures that agencies maintain proper privacy protections, regarding the use of IT to collect new information or the procurement of new IT that processes personally identifiable information. OMB has issued OMB Memorandum M-03-22, "Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002."

The Act strives to enhance protection for personal information in government information systems or information collections by requiring that agencies conduct Privacy Impact Assessments (PIA). Agencies must conduct PIAs (1) before developing or procuring information technology that collects, maintains, or disseminates information that is in a personally identifiable form or (2) before initiating any new data collections involving personal information that will be collected, maintained, or disseminated using information technology if the same questions are asked of ten or more people. To the extent that PIAs are made publicly available, they provide explanations to the public about such things as the information that will be collected, why it is being collected, how it is to be used, and how the system and data will be maintained and protected.

Title III[]

The Act recognizes the importance of information security to the economic and national security interests of the United States. Title III of the E-Government Act, entitled the Federal Information Security Management Act (FISMA), emphasizes the need for organizations to develop, document, and implement an organization-wide program to provide security for the information systems that support its operations and assets.


  1. Pub. L. No. 107-347, §101(a); 44 U.S.C. §3604.

See also[]