Supporting Statement
OMB Control No: 3090-XXXX; MyUSA
A. Justification.
1. Administrative requirements.
The purpose of the E-Government Act of 2002 (Pub.L. 107-347, 116 Stat. 2899, 44 U.S.C. § 101, H.R. 2458/S. 803) is to improve the management and promotion of electronic government services and processes by establishing a framework of measures that require using Internet-based information technology to improve citizen access to government information and services, and for other purposes.
In support of the E-Government Act, the U.S. General Services Administration (GSA) operates MyUSA (https://my.usa.gov and https://myusa.gov). MyUSA is:
An easier way for Americans to sign in to and register with federal websites
A way for Americans to manage their interactions with the Federal government; and
A way for Americans to store the work they have ongoing with various government websites for later use.
To achieve this vision, MyUSA is implemented as a reusable platform for agencies to rapidly build government services. MyUSA has the following characteristics:
MyUSA capabilities can be embedded in Federal websites, similar to how search functionality is embedded from search.digitalgov.gov into over 1,500+ Federal websites
Technically, MyUSA provides a set of online services to participating Federal agencies through an “API”, or application programming interface -- which is a standard way for websites, applications, and software to interact with each other.
In addition to embedded functionality, MyUSA also has a website (https://my.usa.gov and https://myusa.gov) where Americans can go directly to manage their preferences.
MyUSA enables individual users to create accounts, which can make it easier for people to interact with multiple federal websites and applications. Users have the option of creating a MyUSA Account with a personal profile that can be used to personalize online interactions and streamline common tasks -- such as filling out forms.
The approach of creating a shared service for online identity is not new; the private sector has adopted “social logins” such as Google+ Sign In and Facebook Connect. Other governments have also implemented common sign in and online identity services, such as the United Kingdom’s Government Digital Service (GDS), Canada’s GCKey, Australia’s “myGov” service, India’s “e-Pramaan” digital identity, the Philippines’ “iGov” Single Sign On, and Dubai’s “MyID”. Many of these services have been operational for many years and proven significant value to the public. One such example, Australia’s myGov, was established in 2006.
When creating a MyUSA Account, the user has the option to provide limited personal profile information. Creating a MyUSA Account is completely voluntary. Individuals can create a MyUSA account through two mechanisms:
Registering with your email address.
Logging in with an approved external identity provider (EIP) that has passed a GSA privacy and risk assessment, such as Google. EIP sign ins are provided purely as a convenience mechanism for quicker registration. Users can recover an account created through an EIP at any time using their email address.
Information about EIPs
MyUSA, for ease of use and convenience, allows people to sign up using a third-party provider (called an “External Identity Provider” or EIP, detailed in the existing Supporting Statement).
MyUSA’s use of EIPs is compliant with the policies set for by the National Strategy for Trusted Identities in Cyberspace (NSTIC, available at http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf). In particular, MyUSA acts a “double blind” proxy. EIPs are prevented from knowing which government services a user is accessing because MyUSA acts as a broker. Users sign in with the EIP at MyUSA, but the EIP does not know which users are using which MyUSA applications. Similarly, the agency application does not know if the user signed into MyUSA using an EIP or their email address. This “double blind” proxy implementation protects the user’s privacy when accessing government services.
In contrast, if an agency were to use an EIP directly, the EIP would know which government service the user is accessing. The EIP could then use this login information in their business, such as for marketing or advertising. MyUSA prevents this behavior.
MyUSA asks users before sharing their information with applications
The user’s information stored by MyUSA cannot be accessed by any website or application without the explicit consent of the user, each time the user’s information is accessed. Information is not shared between applications, except when the user gives explicit consent to share his or her information, or as detailed in the routine uses of the MyUSA System of Records Notice (http://www.gpo.gov/fdsys/pkg/FR-2013-07-05/pdf/2013-16124.pdf).
MyUSA account and optional profile
To create a MyUSA account, a user must provide an email address, which is the only required field. The sign up process is shown in Figure 1. After signing up for a MyUSA account, optional profile information can be provided (Figure 2) which includes:
full name
home address
home phone number
mobile phone number
gender
date of birth
marital status
A user may also provide basic demographic information such as whether the individual is:
a parent
a veteran
a student
a small business owner
retired
All profile fields are optional and each user can provide information for none, some, or all of the fields in the profile.
Figure 1: Signing up for a MyUSA account
Using an External Identity Provider (EIP):
Using your email address:
Figure 2a: Editing your MyUSA profile: providing personal information
Figure 2b: Editing your MyUSA profile: providing additional information
The MyUSA Account gives individuals control over how they interact with government websites and applications that integrate with the MyUSA website. The information provided in the user’s profile can be used to personalize online interactions and streamline common tasks such as filling out forms. Federal government websites and applications can create personalized user experiences by accessing information stored in a user’s MyUSA account -- but only with their explicit consent.
MyUSA User Experience
When an individual first visits MyUSA, either by clicking “Log in with MyUSA” at a federal website or directly at the MyUSA website, they are presented the option to sign up for a MyUSA account (Figure 1). After signing up for a MyUSA account, an individual may optionally complete their MyUSA profile (Figure 2) in order to streamline their interaction with other government services. With a MyUSA account, the individual can authenticate with other government services, hereafter called the originating application. (An example of an originating application is Unclaimed Money at https://unclaimedmoney.usa.gov (Figure 5)). MyUSA asks the individual for permission to provide requested profile information to the originating application (Figure 6). The individual is then automatically redirected back to the originating application. The application may request the information approved by the individual using the MyUSA Application Programming Interface (API). By using their MyUSA account and approving the application, the originating application can use the approved profile information to pre-fill forms or streamline the user experience (for example, use the individual’s name to search for Unclaimed Money that matches their name). The application’s API access can be revoked by the individual (Figure 7).
This process is summarized in the enclosed Figures 3 and 4.
Figure 3: This user flow shows how someone logs in with MyUSA on a government partner site.
The user chooses to sign up for MyUSA with an “EIP” (External Identity Provider, such as Google) (1).
After signing up, the user approves the app and the information that it is requesting (3A).
Note that EIP’s behave in a similar manner to MyUSA: they require the user’s explicit permission (2A & 2B)
Figure 4: This user flow shows how someone logs in with MyUSA on a government partner site.
The user chooses to sign up for MyUSA with their email address (1). They receive a verification email (4A), and then proceed with registration (4B & 4C).
After signing up, the user approves the app and the information that it is requesting (3A & 3B)
Figure 5: An originating application provides an option for individuals to log in with MyUSA
Figure 6: MyUSA asks for explicit approval from the individual to share their profile information with the originating application.
Figure 7: List of authorized applications, their permission, and ability to revoke access to your MyUSA account
MyUSA profiles and privacy controls
The MyUSA profile for an individual is stored by the General Services Administration (GSA). Profiles are secured and stored pursuant to the MyUSA Privacy Impact Assessment (http://www.gsa.gov/portal/getMediaData?mediaId=180583).
To ensure that users know where their data is stored, MyUSA profiles can only be updated through the MyUSA website. When a user wants to sign in with MyUSA from another government service, they are redirected to MyUSA. Any profile information they provide is stored within MyUSA and clearly marked as such. Users are then prompted provide permission to share their profile information with the application where they are signing in (shown in Figure 6). The approval screen empowers the user to select which profile fields to approve and deny when authorizing an application. This functionality is also in line with private industry trends, such as Facebook Permissions v2.0 (https://developers.facebook.com/docs/facebook-login/permissions/v2.0).
When a user approves an application, MyUSA and the application exchange a “token”. The token is unique to that user and that application. When that application would like to read information explicitly approved by the user, the application cryptographically signs its token and sends it to MyUSA with its request. MyUSA verifies that the token is valid (ensuring that the user has not revoked access to the information), that the token is signed by the correct application, and that the token has come from the correct digital service. This process is compliant with an open Internet standard called OAuth 2.0 (http://oauth.net/2/). OAuth 2.0 is the technology used in OpenID (http://openid.net/), a common platform for online accounts.
Individuals control which aspects of their profile information is shared with applications. Applications must explicitly ask for permission to access individuals’ profile information. If the originating applications store any information that includes the MyUSA profile information, it is the responsibility of federal agencies using the MyUSA service to comply with federal policies regarding the collection and storage of that information (and is specified in the MyUSA Terms of Service).
MyUSA and the GSA have enacted safeguards to ensure that profiles and other user data are stored and managed securely. Details are provided in the MyUSA Privacy Impact Assessment (http://www.gsa.gov/portal/getMediaData?mediaId=180583). Note that originating applications from other government agencies do not need to store data provided by MyUSA, but instead can request the data as needed using their “token”, which is issued when the individual approves data access.
Individuals can delete their MyUSA account at any time, and all information associated with the user’s account is removed from all IT systems associated with MyUSA. MyUSA only retains non-identifiable records for the purpose of complying with FISMA audit requirements.
Requirements for federal agencies using MyUSA
The MyUSA Terms of Service also make it the responsibility of agencies to ensure that information exchanged with MyUSA is compliant with their Privacy Impact Assessments (PIAs) and System of Record Notices (SORNs). The MyUSA Terms of Service and Privacy Policy are detailed on the MyUSA website (https://myusa.18f.us/legal#terms-of-service and https://myusa.18f.us/legal#privacy-policy)
Any government agency can use MyUSA by agreeing to MyUSA’s Terms of Service. To agree to the Terms of Service, a representative of the federal agency must sign up for an account with MyUSA which then prompts the representative to agree with the MyUSA Terms of Service.
MyUSA initial federal agency partners
At this time, MyUSA has partnered with the following initial applications:
Benefits Finder at Benefits.gov (Department of Labor)
Business.USA.gov (Small Business Administration)
Unclaimed Money (General Services Administration)
Federal agency representatives have confirmed that their use of MyUSA and exchange of information with MyUSA is consistent with their Privacy Impact Assessment (PIA) and System of Records Notice (SORN).
For Benefits.gov (Department of Labor):
From Eric Ignacio, OASAM Benefits.Gov CTR:
“Our security analyst/ISSO just updated our PIA as part of reauthorization activities and the PIA reflects that Benefits.gov does not collect/store PII data. Because BG does not collect PII, a SORN is not included. The PIA update considers the integration with MyUSA and because the systems do not exchange PII, it does not impact our PIA. Per requirements/design, only non PII data from the user profile is being sent from MyUSA to BG.”
For Business.USA.gov (Small Business Administration):
From Amin Mehr, Program Manager, Technology & Innovation, BusinessUSA:
“Integration provided by the user to Business.USA.gov from MyUSA, or any other system that prompts the user for approval to disclose personal information, is covered by our System of Records Notice (SORN). Our PIA is current and also in place.”
For USA.gov:
From Russell O'Neill, Acting Program Manager of USA.gov:
“USA.gov, and specifically Unclaimed Money, does not retain nor collect any data. It uses MyUSA to simplify how someone claims abandoned financial assets by administering a ‘task checklist’ in your MyUSA account. It is covered by the existing MyUSA SORN and PIA, as well as the USA.gov PIA.”
http://www.gsa.gov/graphics/staffoffices/Final_PIA_USAgov_070212.docx
A MyUSA user can choose to store information from another application to their MyUSA account in order to continue their work later or manage their interaction. As an example, an individual can explicitly ask Unclaimed Money to store information to their MyUSA account, such as a checklist of tasks to apply for a government service (see Figure 8). The user can then manage their checklist from the originating application or through the MyUSA interface (see Figure 9 and Figure 10).
Figure 8: An originating application (Unclaimed Money) offers individuals the opportunity to save a task to their MyUSA account.
Figure 9: Viewing your stored information (in this case, tasks) at MyUSA.
Figure 10: Managing your tasks at MyUSA.
3. Consideration of information technology.
MyUSA uses an Internet web application (https://my.usa.gov and https://myusa.gov) to interface with individuals. Users may optionally fill out their profile using the web site. MyUSA then stores this information in a secured database for use by the individual or other government applications when requested and approved by the individual.
4. Efforts to identify duplication.
There is no duplication. We are not aware of any other profiles created by another federal agency that would enable re-use in multiple federal websites by the general public in the same manner as MyUSA.
Research has been conducted to identify alternative systems. None provide the public with the opportunity to store and retrieve their information across government services.
5. If the collection of information impacts small businesses or other entities, describe methods used to minimize burden.
There is no significant impact on small businesses or other small entities. Furthermore, this service reduces the burden.
6. Describe consequence to Federal program or policy activities if the collection is not conducted or is conducted less frequently.
If the collection is not conducted, Federal programs would be deprived of the potential for reducing the burden on individual users who interact with multiple Federal sites.
7. Special circumstances for collection.
Collection is consistent with guidelines in 5 CFR 1320.6.
8. Efforts to consult with person outside the agency.
Under this heading the Federal Register publications will be cited, comments received, if any, and the responses to the comments.
Pursuant to the Paperwork Reduction Act of 1995 (PRA) implementing regulations at 5 C.F.R. § 1320.8(d), the Department published a notice in the Federal Register on August 13, 2013 (Vol. 78 FR 49270) announcing its intent to seek approval under the PRA. GSA received no comments in response to the notices referenced herein above.
9. Explanation of any decision to provide any payment or gift to respondents, other than remuneration of awardees.
Not applicable.
10. Describe assurance of confidentiality provided to respondents.
The MyUSA system is operated in accordance to the Federal Information Security Management Act of 2002 (FISMA). Privacy of user data is protected by the measures described in the MyUSA Privacy Impact Assessment (http://www.gsa.gov/portal/getMediaData?mediaId=180583).
11. Additional justification for questions of a sensitive nature.
MyUSA asks optional self-identifying questions when requested by an application. Answering these questions enhances the person’s experience with the agency’s application, such as customizing the content displayed by the application based on the person’s eligibility. The requested information was chosen because it is broadly useful to many services across government.
Responding to these questions is always optional, and the responses to these questions are not validated or verified to be accurate. This information includes the fields:
marital status
date of birth
parent status
veteran status
small business owner status
student status
retiree status
For example, a MyUSA user that opens the Benefits.gov Benefit Finder will be able to more quickly find benefits that apply to them based on the marital status, age, veteran status, or retiree status. Upon connecting to Benefits.gov and authorizing access to profile information, Benefits.gov automatically applies filters for these criteria to save people time and simplify their experience.
In another example, an entrepreneur using MyUSA with BusinessUSA will be first presented with opportunities that match her gender (for woman-owned businesses) or veteran status. Examples of these opportunities include small business workshops, networking events, small business loans, or federal contract solicitations.
12 & 13. Estimated total annual public hours and cost burden.
We estimate that we will have 10,000 respondents in the first year. The time to complete the information collection for the MyUSA profile is approximately 3 minutes, so the overall burden hours for the information collection would be 500 hours. This collection does not impose a known cost burden to the respondents. These estimates do not include the burden associated with individual applications that use MyUSA; approval for and estimates of that burden are the responsibility of the sponsoring agency.
MyUSA will use automated IT tools to monitor the time spent by collection and the number of respondents. MyUSA will provide burden information to the public in accordance with The White House Open Data Policy (M-13-13).
14. Estimated annual cost to the Government.
The information is collected by an automated IT system and does not require any human intervention or review. The cost of completing the information collection is the cost incurred by the development and maintenance of the MyUSA system. The expected cost to develop and operate MyUSA during fiscal year 2015 is approximately $828,000.
There may be additional costs associated with the applications that integrate with MyUSA; however, those costs are covered by the sponsoring agency.
15. Explain reasons for program changes or adjustments reported in Item 13 or 14.
This submission is a request for a new information collection.
16. Outline plans for published results of information collections.
Results will not be tabulated or published.
17. Approval not to display expiration date.
Not applicable.
18. Explanation of exception to certification statement.
Not applicable.
B. Collections of Information Employing Statistical Methods.
Statistical methods are not used in this information collection.
Page
File Type | application/zip |
File Title | MyUSA supporting statement draft -- revised.docx |
File Modified | 0000-00-00 |
File Created | 2021-01-23 |