The US Senate has proposed a new bill requiring UC and collaboration platforms used by the US federal government to be more secure and interoperable, including Zoom and Microsoft Teams.
As first shared by The Verge, the Secure and Interoperable Government Collaboration Technology Act, brought forward by US Senator for Oregon Ron Wyden, would require government tools to communicate with each other, even if made by competitors. It would likewise establish high standards of cybersecurity, including end-to-end encryption protocols.
Wyden commented on the bill in a statement:
The Secure and Interoperable Government Collaboration Technology Act would ensure the federal government is procuring and using collaboration technology that is based on interoperable, secure standards – meaning an employee from an agency using Teams could call someone from an agency using Zoom, or send a message to another agency that uses Slack.”
Wyden stressed that the bill establishes the adoption of end-to-end encryption technology to safeguard government communications from foreign surveillance. However, Wyden says this technology has not been consistently integrated across major video-calling platforms leveraged by government agencies.
The bill also stipulates that collaboration software used by the government must enforce compliance with federal record-keeping regulations, addressing the emerging importance of maintaining official records within constantly changing collaboration platforms.
“Collaboration technology providers who sell to the government should not be locking users into their walled product gardens using proprietary data standards,” Wyden added. “Government agencies, including the National Security Agency, Marines, and Navy, have endorsed the use of standards-based technology and security practices like end-to-end encryption – it’s time for these principles to be reflected in the collaboration technology the federal government procures and uses.”
The bill’s supporters include groups lobbying for stricter regulation of Big Tech, including Accountable Tech, Demand Progress, Fight for the Future, and encrypted email and cloud storage provider Proton.
How The Bill Would Be Practically Enforced
The bill mandates the General Services Administration (GSA) to curate a comprehensive list of UC and collaboration technology tools and capabilities employed by the US federal government, encompassing videoconferencing, text-based messaging, file sharing, scheduling, and live document editing.
Subsequently, the National Institute of Standards and Technology (NIST) would establish interoperability standards for these tools and capabilities, incorporating end-to-end encryption where feasible to safeguard government communications against foreign surveillance. Concurrently, government compliance with federal record-keeping regulations would be closely monitored.
Following the NIST’s outlining of interoperability standards, UC&C businesses would have a four-year grace period to align their tools with compliance requirements for federal government procurement.
Every two years, a joint working group comprising the GSA and the Office of Management and Budget evaluates federal government technology usage, suggesting revisions to the standards as necessary. Additionally, the Department of Homeland Security conducts cybersecurity assessments of commonly utilised collaboration tools within the federal government.
How Significant An Impact Would This Have on the UC&C Space?
A significant one. While the bill only pertains to the UC and collaboration tools leveraged by the US federal government, that encompasses at least Teams, Zoom, Slack and Google Docs — the platforms and features explicitly cited by Wyden in his statement and which count among the most popular UC&C tools worldwide.
There is also the fundamental fact that if the companies behind the tools must implement the required changes for the federal government, they must do so with everyone else. Meanwhile, it could encourage the industry to greater interoperability and encryption standards across the board.
The bill would likely galvanise innovation as businesses rush to develop compliant solutions over the subsequent four years, culminating in a more robust and competitive market. Additionally, it would elevate security standards across the board, prompting UC providers to prioritise encryption and data protection and bolster user trust and privacy.
However, if there are short-term challenges, an example might be rising compliance costs, which might potentially limit market entry for smaller players. Nevertheless, this move could set a precedent for other sectors and governments globally, driving widespread adoption of secure communication standards.
Ultimately, while the bill may initially pose challenges for some providers, its long-term consequences could result in a more secure, efficient, and interconnected digital workspace for government agencies and every organisation that utilises the technologies.
Governing Bodies Across The World Mandating Interoperability
This isn’t the first example in 2024 of an institution mandating greater interoperability, however.
Earlier this year, the European Union introduced its Digital Markets Act (DMA) for stricter regulation of designated messaging services, or “digital gatekeepers”.
The EU’s new rules came into force last month, meaning that companies, such as Meta with its WhatsApp arm, had to “be ready to enable interoperability with other services within three months of receiving a request”, as dictated by the DMA.
The DMA’s requirements mandate support for one-on-one chats and file sharing, including images, videos, or voice messages, in the first year of the new regulation. These requirements will gradually extend to include group chats and calls over time.
Last month, in response to the DMA, Meta explained how WhatsApp will preserve its end-to-end encrypted messaging while remaining interoperable with third-party messaging services.
Third-party providers must sign an agreement to interoperate with Messenger and WhatsApp before it can be implemented. While the company encourages using WhatsApp’s Signal protocol for encryption, it will accept other protocols if they meet the same security standards.
Last month, WhatsApp also launched an in-app indicator informing users which chats are encrypted.
This feature is intended to provide users with transparency about which chats are end-to-end encrypted. The Signal protocol offers peace of mind and confidence that their chats are securely encrypted.
