Eye on Policy

Walmart: The next model for digital government?

Presuming they will return to some semblance of normal operations, federal agency programs and IT staff will once again think earnestly about modernization. When they do, I wonder if the topic of user experience or service to the citizen will once again rank top-of-mind.

If it does, managers might look at Walmart. The giant retailer is among the first companies to try and apply the most recent revolutionary computing force, namely generative artificial intelligence. Specifically, Walmart has partnered with OpenAI. Its goal is for shoppers to purchase items in Walmart inventory directly from within ChatGPT.

In its announcement, Walmart stated this arrangement will result in technology that “learns, plans and predicts, helping customers anticipate their needs before they do.” The company also said it will launch a program to train employees in the tools and techniques of AI.

Tying AI queries to transactions—that, folks, is the next wave in digital interaction, and it will inevitably come to government. Just as online agency presence gave way to online transactions, so too will digital government as now understood give way to integration of search, AI, and transactions.

One analysis of the Walmart development noted that OpenAI would have data on customers and their individual and collected buying trends—information that Walmart would ordinarily consider both vital to and solely proprietary. In the federal context, sequestering citizen data from generative IT platforms would require carefully crafted negotiations, terms, and conditions on the government’s part. On the other hand, the government could also work out the receipt of analytical products from aggregated and anonymized data in the hands of industry AI partners.

Ready or not, CMMC takes to the field

While about everyone, government-connected or not, has stood transfixed by the latest shutdown, something entirely predictable has maintained its march towards reality. The Cybersecurity Maturity Model Certification program takes effect this month. Conceived during the first Trump administration, the purpose of CMMC is simply to ensure defense contractors operate their information systems securely.

The heavy lifting in some sense has not started. On November 10, contractors will need to have their self-certifications available, the so-called Level 1s and Level 2s. Companies have another year before solicitations will require third-party certifications, and another two years before the rigorous Level 3 certification requirement kicks in.

Abundant sources of expert advice exist on how to comply. Cherry Bakaert attorneys, for example, recently published a blog detailing the requirements, to whom they apply and the timelines. One detail they point out is that CMMC extends to subcontractors. In fact, primes “can enforce CMMC requirements on their subcontractors ahead of the DoD’s implementation phases,” the attorneys wrote.

But the program and supporting Federal Acquisition Regulation (FAR) clauses should not take anyone by surprise at this point. Better than treating CMMC as a compliance exercise, companies should take pains to make their systems safe, using the National Institute of Standards and Technology’s extensive guidance. Then CMMC compliance will be more of a natural result than a fire drill when bidding on a solicitation.

GSA is still leaderless after July nomination

In late October, the Senate held a hearing on six Trump administration nominees, including Edward Forst for administrator of the General Services Administration. As one in the cavalcade of nominees, Forst got just a few questions.

Sen. Jim Lankford (R-Oklahoma) questioned Forst about federal property and removing excess inventory. Forst had done his homework on facts and figures, noting among other things that 25% of GSA’s own building has been “deemed uninhabitable.” That, he noted, is part of a governmentwide deferred maintenance tab of $24 billion.

Sen. Gary Peters (D-Michigan) probed Forst about the GSA’s acquisition of the Grok chatbot from Elon Musk’s xAI. The chatbot had reportedly produced sexually explicit and bigoted results. Forst promised that, if confirmed, he would investigate the acquisition process by which GSA chose Grok.

Florida Republican Ashley Moody wanted to know about how Forst would oversee Smart Pay, the GSA-administered credit card system for small buys. Forst said alleged misuse of cards—including, as Moody said, reports of people leaving the government but taking their cards with them and continuing to use them—should be subject to a risk management approach.

This is because GSA was continuing to furlough people because of the lapse in appropriations.

Forst seemed informed and articulate. He is a former Goldman Sachs executive, fired during a second stint there. He worked briefly as the CEO of real estate services firm Cushman & Wakefield before he engineered its acquisition. A Wharton MBA, Forst is no slouch. In his prepared testimony, he stressed GSA’s digital transformation role in addition to real estate and fleet matters.

Forst stated, “Technology modernization is not a luxury; it is a necessity for a government that intends to meet 21st-century challenges head-on. GSA will play an important leadership role in helping advance the Trump White House’s AI Action Plan.”

He also wrote that he wanted GSA to function as “as a multiplier for efficiency and modernization,” a better metaphor than, say, the “membrane” of the Martha Johnson years.