No risk, no gain
What if they had a procurement and nobody came?
To some extent, that is what is happening at the General Services Administration. It is
trying to launch a national digital certificate project, Access Certificates for
Electronic Services. No vendors are clamoring to bid on ACES even though GSA has made many
revisions to its request for proposals. The haggling dates back nearly a year. The need
for a uniform approach to digital signatures in the government dates back far longer than
Vendors consider ACES risky for many reasons. Would-be bidders said they would prefer
signing on as subcontractors rather than leading a team.
In uncharted waters, such as a national digital certificate service, its easy to
see why vendors dont want to lead with their chins. With ACES, the usual financial
risks, as GSA has acknowledged, are compounded by the liability exposure of vendors
holding citizens digital keys.
The result? GSA has had to stall ACES again as it tries to craft an RFP someone will
Worse, though, is that vital services agencies want to do online also are on hold.
Notable among these is the Personal Earnings and Benefits Estimates Statements program.
The Social Security Administration urgently wants to issue PEBES online. SSAs last
attempt fell victim to privacy concernssome say hysteriaeven though the
authentication factors required of a citizen to get a PEBES online matched those of
getting one conventionally. For political, if not technical, acceptance, online services
require encryption such as ACES would supply.
ACES is what the government needs, but vendors have valid objections. Lets hope
the companies forcing GSA officials to jump through hoops to get the RFP right will reward
the agency with bids.
Thomas R. Temin