AGENCY:

Federal Aviation Administration (FAA), DOT.

ACTION:

Notice of Proposed Policy for distribution of FAA data & Information; request for comment.

SUMMARY:

This document is the FAA's proposal and the FAA's invitation to the public to comment on its data and information distribution policy. This notice is in accordance with the presidential directive for Open Government issued on January 21, 2009; this directive instructed agencies to make information available in open formats, and presume openness to the extent permitted by law and subject to valid privacy, confidentiality, security, and other restrictions. The scope of this policy does not include requests for historical FAA data or information whose availability will continue to be determined under the existing Freedom of Information Act process. FAA data and information published via FAA Web sites is not within the scope of this policy.

DATES:

Any written information that responds to the FAA's proposes procedures must be submitted by May 31, 2013.

ADDRESSES:

You may submit written information, identified by docket number FAA-2013-0392, by any of the following methods:

• Mail: send comments by mail to Docket Operations, U.S. Department of Transportation, M-30, Room W12-140, 1200 New Jersey Avenue SE., Washington, DC 20590-0001. Persons wishing to receive confirmation of receipt of their written submission should include a self-addressed stamped postcard.
• Hand Deliver: Deliver comments to Docket Operations in Room W12-140 on the ground floor of the West Building at 1200 New Jersey Avenue SE., Washington DC, between 9:00 a.m. and 5:00 p.m., Monday through Friday, except Federal holidays.
• Facsimile: Fax comments to the docket operations personnel at 202-493-2251.

Privacy: We will post all comments that we receive at http://www.regulations.gov,, including any personal information that you provide. Using the search function of the docket Web site, anyone can find and read the electronic form of all comments in any of our dockets, including the name of the individual sending the comment or signing the comment or signing the comment on behalf of an association, business, labor union, or other entity or organization. You may review the DOT's complete Privacy Act Statement in the Federal Register at 65 FR 19477-78 (April 11, 2000), or you may find at http://docketsinfo.dot.gov. Reviewing Start Printed Page 25522the docket: To read background documents or comments received, go to http://www.regulations.gov at any time and follow the online instructions for accessing the docket, or go to Docket Operations in Room W12-140 on the ground floor of the West building at 1200 New Jersey Avenue SE., Washington DC, between 9:00 a.m., and 5:00 p.m., Monday through Friday, except Federal holidays.

FOR FURTHER INFORMATION CONTACT:

You may direct any questions on data/information policy to the NAS Data Management staff by telephone at (202) 385-8022 or by electronic mail at mojdeh.supola@faa.gov.

SUPPLEMENTARY INFORMATION:

E-Government & Information Technology Act of 2002 (Pub. L. 107-347, 116 stat, 2899, 44 U.S.C. &101, H.R. 2458/S. 803).

Open Government Directive, OMB Memorandum for the Heads of Executive Departments and Agencies, M-10-06, issued December 8, 2009.

Delivering an Efficient, Effective, and Accountable Government, Executive Order 13576, issued July 13, 2011.

Streamlining Service Delivery and Improving Customer Service, Executive Order 13571, issued April 27, 2011.

Digital Government Strategy, Building A 21st Century Platform to Better Serve the American People, issued May 23, 2012.

Management of Federal Information Resources, Office of Management and Budget Circular A-130, issued November 28, 2000.

Background: The FAA has enacted policy to ensure that the majority of data from its systems is exchanged through approved external protected boundaries. This transition away from multiple direct connections to FAA systems will provide for the security and operational effectiveness of FAA systems and reduce the cost of developing and maintaining multiple interfaces needed to distribute data and information. To provide for the security and operational effectiveness of FAA systems and to reduce the cost of developing and maintaining multiple interfaces needed to distribute data and information, FAA is moving away from direct connections to systems for external users to an approved external protected boundary such as NAS Enterprise Secure Gateway (NESG). This transition will help FAA protect the confidentiality, integrity, and availability of data/information, services, and to manage the cost of maintaining data and information services in the future. This policy supports the streamlining of the approval process for distribution of data/information to external entities and gives the FAA the ability to manage and secure its data and information assets more effectively.

Proposed Policy: To conform to current U.S. Government practices and policies and enhance information security, FAA is proposing to establish a policy for the distribution of data and information to external entities including the FAA's contractors and other governmental entities. The FAA will:

1. Not allow external users to connect (physically/logically) to authoritative sources of data/information. FAA data/information distribution will only be distributed externally from FAA approved replicated sources.

2. Make electronic data/information available on a non-exclusive basis to external users, subject to the limits imposed by the need to protect national/homeland security, individual privacy, safety, confidentiality, and other government requirements.

3. Limit distribution to only that data/information products created for FAA purposes.

4. Distribute readily available data/information without intentional delay, subject only to the limits imposed by resources (both current and prospective), contracts, technology, authority, regulation and data quality while protecting security, privacy, and confidentiality.

5. Provide access to data/information over secure and controlled connections (logical) and in accordance with the most recent federal systems security standards including those issued by the National Security Agency, Department of Defense, and the National Institute of Standard and Technology (NIST) standards.

6. Consider cost and cost recovery in making FAA data/information available to external users.

7. Consider requests for data and information that is not readily available if external users can and do bear the full cost of development, connection, transmission, processing, and maintenance.

8. Not be responsible for the quality, accuracy or continued availability of the data and information once released. While the data distributed is accurate and timely for use by the FAA, we are not responsible for quality, continuity, or intended use of data for third parties.

9. Define the extent to which FAA contractors can reuse FAA data in their custody or control.

10. Apply this proposed policy requirement consistently and transparently.

Glossary of Terms

Data: A representation of fact, concept, or instruction represented in a formalized form suitable for communication, interpretation or processing either by human and/or by automated systems. This is the lowest level of abstraction, compared to information.

Information: Data in context. The meaning given to data or the interpretation of data based on its context. The finished product as a result of the interpretation of data. Data processed in such a way that it can increase the knowledge of the person who receives it. Data that:

(1) Is specific and organized for a purpose,

(2) is presented within a context that gives it meaning and relevance, and which

(3) leads to an increase in understanding and decrease in uncertainty. The value of information lies solely in its ability to affect a behavior, decision, or outcome.

Information Steward: A person or organization delegated with the responsibility for managing the creation and maintenance of a specific information resource. These stewards have the statutory or operational authority for specified information products and are responsible for defining metadata associated with the information.

Approved Replicated Source: A duplicated set of information, fulfilling a specific business requirement provided by the Information Steward to be an approved source for that information service. This information source may be the functional combination of multiple, separate authoritative sources. (e.g. Aircraft Situation Display to Industry (ASDI), National Airspace System Status Information (NASSI))

Authoritative Source: The origin or creation of data or information that is recognized by an FAA Lines Of Business/Staff Offices or by members of a Community of Interest (COI) or Community of Practice (COP) to be of high quality and being highest precedence of source because it is considered to be highly reliable or accurate, or is from an official publication or reference. (e.g. En Route Automation Modernization (ERAM) for active Flight data)