§ 3601. Definitions

§ 3601. Definitions

(1) “Administrator” means the Administrator of the Office of Electronic Government established under section 3602;

(2) “Council” means the Chief Information Officers Council established under section 3603;

(3) “electronic Government” means the use by the Government of web-based Internet applications and other information technologies, combined with processes that implement these technologies, to—

(A) enhance the access to and delivery of Government information and services to the public, other agencies, and other Government entities; or

(B) bring about improvements in Government operations that may include effectiveness, efficiency, service quality, or transformation;

(4) “enterprise architecture”—

(A) means—

(i) a strategic information asset base, which defines the mission;

(ii) the information necessary to perform the mission;

(iii) the technologies necessary to perform the mission; and

(iv) the transitional processes for implementing new technologies in response to changing mission needs; and

(B) includes—

(i) a baseline architecture;

(ii) a target architecture; and

(iii) a sequencing plan;

(5) “Fund” means the E-Government Fund established under section 3604;

(6) “interoperability” means the ability of different operating and software systems, applications, and services to communicate and exchange data in an accurate, effective, and consistent manner;

(7) “integrated service delivery” means the provision of Internet-based Federal Government information or services integrated according to function or topic rather than separated according to the boundaries of agency jurisdiction; and

(8) “tribal government” means—

(A) the governing body of any Indian tribe, band, nation, or other organized group or community located in the continental United States (excluding the State of Alaska) that is recognized as eligible for the special programs and services provided by the United States to Indians because of their status as Indians, and

(B) any Alaska Native regional or village corporation established pursuant to the Alaska Native Claims Settlement Act (43 U.S.C. 1601 et seq.).

(Added Pub. L. 107–347, title I, § 101(a), Dec. 17, 2002, 116 Stat. 2901.)

Editorial Notes

References in Text

The Alaska Native Claims Settlement Act, referred to in par. (8)(B), is Pub. L. 92–203, Dec. 18, 1971, 85 Stat. 688, which is classified generally to chapter 33 (§ 1601 et seq.) of Title 43, Public Lands. For complete classification of this Act to the Code, see Short Title note set out under section 1601 of Title 43 and Tables.

Statutory Notes and Related Subsidiaries

Effective Date

Pub. L. 107–347, title IV, § 402(a), Dec. 17, 2002, 116 Stat. 2961, provided that: “(1) In general.—Except as provided under paragraph (2), titles I [enacting this chapter, section 507 of Title 31, Money and Finance, and section 305 of Title 40, Public Buildings, Property, and Works, and amending section 503 of Title 31] and II [enacting chapter 37 of Title 5, Government Organization and Employees, section 2332 of Title 10, Armed Forces, and section 266a of Title 41, Public Contracts, amending sections 3111, 4108, and 7353 of Title 5, sections 207, 209, and 1905 of Title 18, Crimes and Criminal Procedure, sections 502, 11501 to 11505 of Title 40, and section 423 of Title 41, repealing section 11521 of Title 40, directing the renumbering of section 11522 of Title 40 as section 11521, enacting provisions set out as notes under section 3501 of this title, and amending provisions set out as notes under section 8432 of Title 5 and section 1913 of Title 28, Judiciary and Judicial Procedure] and the amendments made by such titles shall take effect 120 days after the date of enactment of this Act [Dec. 17, 2002]. “(2) Immediate enactment.—Sections 207, 214, and 215 [set out in a note under section 3501 of this title] shall take effect on the date of enactment of this Act [Dec. 17, 2002].”

Federal Data Center Consolidation Initiative

Pub. L. 118–31, div. E, title LIII, § 5302(a), Dec. 22, 2023, 137 Stat. 940, provided that: “(a) Findings.—Congress finds the following:“(1) The statutory authorization for the Federal Data Center Optimization Initiative under section 834 of the Carl Levin and Howard P. ‘Buck’ McKeon National Defense Authorization Act for Fiscal Year 2015 (44 U.S.C. 3601 note; Public Law 113–291) [set out below] expired at the end of fiscal year 2022. “(2) The expiration of the authorization described in paragraph (1) presents Congress with an opportunity to review the objectives of the Federal Data Center Optimization Initiative to ensure that the initiative is meeting the current needs of the Federal Government. “(3) The initial focus of the Federal Data Center Optimization Initiative, which was to consolidate data centers and create new efficiencies, has resulted in, since 2010—“(A) the consolidation of more than 6,000 Federal data centers; and “(B) cost savings and avoidance of $5,800,000,000. “(4) The need of the Federal Government for access to data and data processing systems has evolved since the date of enactment in 2014 of subtitle D of title VIII of the Carl Levin and Howard P. ‘Buck’ McKeon National Defense Authorization Act for Fiscal Year 2015 [Pub. L. 113–291, approved Dec. 19, 2014]. “(5) Federal agencies and employees involved in mission critical functions increasingly need reliable access to secure, reliable, and protected facilities to house mission critical data and data operations to meet the immediate needs of the people of the United States. “(6) As of the date of enactment of this title [Dec. 22, 2023], there is a growing need for Federal agencies to use data centers and cloud applications that meet high standards for cybersecurity, resiliency, and availability.”

Pub. L. 118–31, div. E, title LIII, § 5302(d), Dec. 22, 2023, 137 Stat. 943, provided that: “Not later than 1 year after the date of the enactment of this title [Dec. 22, 2023], and annually thereafter, the Comptroller General of the United States shall review, verify, and audit the compliance of covered agencies with the minimum requirements established pursuant to section 834(b)(1) of the Carl Levin and Howard P. ‘Buck’ McKeon National Defense Authorization Act for Fiscal Year 2015 (44 U.S.C. 3601 note; Public Law 113–291) [set out below] for new data centers and subsection (b)(3) of that section for existing data centers, as appropriate.”

Pub. L. 113–291, div. A, title VIII, § 834, Dec. 19, 2014, 128 Stat. 3444, as amended by Pub. L. 115–88, § 4, Nov. 21, 2017, 131 Stat. 1278; Pub. L. 115–91, div. A, § 819(c), Dec. 12, 2017, 131 Stat. 1464; Pub. L. 116–92, div. A, title VIII, § 824, Dec. 20, 2019, 133 Stat. 1491; Pub. L. 118–31, div. E, title LIII, § 5302(b), (c), Dec. 22, 2023, 137 Stat. 941, 943, provided that: “(a) Definitions.—In this section:“(1) Administrator.—The term ‘Administrator’ means the Administrator of the Office of Electronic Government established under section 3602 of title 44, United States Code (and also known as the Office of E-Government and Information Technology), within the Office of Management and Budget. “(2) Covered agency.—The term ‘covered agency’ means the following (including all associated components of the agency):“(A) Department of Agriculture. “(B) Department of Commerce. “(C) Department of Defense. “(D) Department of Education. “(E) Department of Energy. “(F) Department of Health and Human Services. “(G) Department of Homeland Security. “(H) Department of Housing and Urban Development. “(I) Department of the Interior. “(J) Department of Justice. “(K) Department of Labor. “(L) Department of State. “(M) Department of Transportation. “(N) Department of Treasury. “(O) Department of Veterans Affairs. “(P) Environmental Protection Agency. “(Q) General Services Administration. “(R) National Aeronautics and Space Administration. “(S) National Science Foundation. “(T) Nuclear Regulatory Commission. “(U) Office of Personnel Management. “(V) Small Business Administration. “(W) Social Security Administration. “(X) United States Agency for International Development. “(3) New data center.—The term ‘new data center’ means—“(A)(i) a data center or a portion thereof that is owned, operated, or maintained by a covered agency; or “(ii) to the extent practicable, a data center or portion thereof—“(I) that is owned, operated, or maintained by a contractor on behalf of a covered agency on the date on which the contract between the covered agency and the contractor expires; and “(II) with respect to which the covered agency extends the contract, or enters into a new contract, with the contractor; and “(B) on or after the date that is 180 days after the date of enactment of the Federal Data Center Enhancement Act of 2023 [title LIII of div. E of Pub. L. 118–31, approved Dec. 22, 2023], a data center or portion thereof that is—“(i) established; or “(ii) substantially upgraded or expanded. “(b) Minimum Requirements for New Data Centers.—“(1) In general.—Not later than 180 days after the date of enactment of the Federal Data Center Enhancement Act of 2023 [title LIII of div. E of Pub. L. 118–31, approved Dec. 22, 2023], the Administrator shall establish minimum requirements for new data centers in consultation with the Administrator of General Services and the Federal Chief Information Officers Council. “(2) Contents.—“(A) In general.—The minimum requirements established under paragraph (1) shall include requirements relating to—“(i) the availability of new data centers; “(ii) the use of new data centers, including costs related to the facility, energy consumption, and related infrastructure; “(iii) uptime percentage; “(iv) protections against power failures, including on-site energy generation and access to multiple transmission paths; “(v) protections against physical intrusions and natural disasters; “(vi) information security protections required by subchapter II of chapter 35 of title 44, United States Code, and other applicable law and policy; and “(vii) any other requirements the Administrator determines appropriate. “(B) Consultation.—In establishing the requirements described in subparagraph (A)(vi), the Administrator shall consult with the Director of the Cybersecurity and Infrastructure Security Agency and the National Cyber Director. “(3) Incorporation of minimum requirements into current data centers.—As soon as practicable, and in any case not later than 90 days after the Administrator establishes the minimum requirements pursuant to paragraph (1), the Administrator shall issue guidance to ensure, as appropriate, that covered agencies incorporate the minimum requirements established under that paragraph into the operations of any data center of a covered agency existing as of the date of enactment of the Federal Data Center Enhancement Act of 2023. “(4) Review of requirements.—The Administrator, in consultation with the Administrator of General Services and the Federal Chief Information Officers Council, shall review, update, and modify the minimum requirements established under paragraph (1), as necessary. “(5) Report on new data centers.—During the development and planning lifecycle of a new data center, if the head of a covered agency determines that the covered agency is likely to make a management or financial decision relating to any data center, the head of the covered agency shall—“(A) notify—“(i) the Administrator; “(ii) [the] Committee on Homeland Security and Governmental Affairs of the Senate; and “(iii) [the] Committee on Oversight and Accountability of the House of Representatives; and “(B) describe in the notification with sufficient detail how the covered agency intends to comply with the minimum requirements established under paragraph (1). “(6) Use of technology.—In determining whether to establish or continue to operate an existing data center, the head of a covered agency shall—“(A) regularly assess the application portfolio of the covered agency and ensure that each at-risk legacy application is updated, replaced, or modernized, as appropriate, to take advantage of modern technologies; and “(B) prioritize and, to the greatest extent possible, leverage commercial data center solutions, including hybrid cloud, multi-cloud, co-location, interconnection, or cloud computing (as defined in section 3607 of this Chapter [probably means chapter 36 of Title 44, United States Code]) rather than acquiring, overseeing, or managing custom data center infrastructure. “(7) Public website.—“(A) In general.—The Administrator shall maintain a public-facing website that includes information, data, and explanatory statements relating to the compliance of covered agencies with the requirements of this section. “(B) Processes and procedures.—In maintaining the website described in subparagraph (A), the Administrator shall—“(i) ensure covered agencies regularly, and not less frequently than biannually, update the information, data, and explanatory statements posed on the website, pursuant to guidance issued by the Administrator, relating to any new data centers and, as appropriate, each existing data center of the covered agency; and “(ii) ensure that all information, data, and explanatory statements on the website are maintained as open Government data assets. “(c) Ensuring Cybersecurity Standards for Data Center Consolidation and Cloud Computing.—“(1) In general.—The head of a covered agency shall oversee and manage the data center portfolio and the information technology strategy of the covered agency in accordance with Federal cybersecurity guidelines and directives, including—“(A) information security standards and guidelines promulgated by the Director of the National Institute of Standards and Technology; “(B) applicable requirements and guidance issued by the Director of the Office of Management and Budget pursuant to section 3614 of title 44, United States Code; and “(C) directives issued by the Secretary of Homeland Security under section 3553 of title 44, United States Code. “(2) Rule of construction.—Nothing in this section shall be construed to limit the ability of the Director of the Office of Management and Budget to update or modify the Federal guidelines on cloud computing security. “(d) Waiver of Requirements.—The Director of National Intelligence and the Secretary of Defense, or their respective designee, may waive the applicability to any national security system, as defined in [former] section 3542 of title 44, United States Code, [see 44 U.S.C. 3552] of any provision of this section if the Director of National Intelligence or the Secretary of Defense, or their respective designee, determines that such waiver is in the interest of national security. Not later than 30 days after making a waiver under this subsection, the Director of National Intelligence or the Secretary of Defense, or their respective designee, shall submit to the Committee on Homeland Security and Governmental Affairs and the Select Committee on Intelligence of the Senate and the Committee on Oversight and Government Reform [now Committee on Oversight and Accountability] and the Permanent Select Committee on Intelligence of the House of Representatives a statement describing the waiver and the reasons for the waiver. “(e) Sunset.—This section is repealed effective on October 1, 2026.”

[Amendment by section 5302(c) of Pub. L. 118–31, which substituted “2026” for “2022” in the date of repeal in section 834(e) of Pub. L. 113–291, set out above, was executed as directed to reflect the probable intent of Congress, even though the amendment was enacted on Dec. 22, 2023, after the repeal had taken effect.]

[Pub. L. 115–88 and Pub. L. 115–91 amended section 834(e) of Pub. L. 113–291, set out above, identically by striking “2018” and inserting “2020”.]

E-Government Initiatives Funding