[Federal Register Volume 87, Number 142 (Tuesday, July 26, 2022)]
[Rules and Regulations]
[Pages 44279-44280]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-15670]


=======================================================================
-----------------------------------------------------------------------

GENERAL SERVICES ADMINISTRATION

41 CFR Part 102-173

[FMR Case 2021-02; Docket No. GSA-FMR-2021-0022; Sequence 01]
RIN 3090-AK52


Federal Management Regulation (FMR); Internet GOV Domain

AGENCY: Office of Information Integrity and Access, Office of 
Government-wide Policy (OGP), General Services Administration (GSA).

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: This final rule adopts without changes the interim rule 
published January 10, 2022, which implemented provisions of the DOTGOV 
Online Trust in Government Act of 2020 (``DOTGOV'') applicable to GSA 
that transfer ownership, management and operation of the DotGov Domain 
Program from the General Services Administration (GSA) to the 
Department of Homeland Security (DHS) Cybersecurity and Infrastructure 
Security Agency (CISA). In the interim rule, GSA removed provisions to 
the existing jurisdiction of the DotGov domain program that had been 
delegated to the General Services Administration in 1997.

DATES: 
    Effective: July 26, 2022.
    Applicability Date: As of July 26, 2022, this final rule applies to 
all newly issued, already in operation, and/or renewed domains.

FOR FURTHER INFORMATION CONTACT: For clarification of content, contact 
Ms. Marina Fox, Office of Government-wide Policy, Office of 
Information, Integrity, and Access, at 202-253-6448, or by email at 
[email protected]. For information pertaining to the status or 
publication schedules, contact the Regulatory Secretariat Division at 
202-501-4755 or [email protected]. Please cite FMR Case 2021-02.

SUPPLEMENTARY INFORMATION:

I. Background

    For more than 20 years, GSA supported government organizations and 
worked to make the DotGov domain a trusted space. The DotGov domain 
exists so that the online services of bona fide U.S.-based government 
organizations are easy to identify on the internet. Increasing the use 
of the DotGov domain helps the public know where to find official 
government information. DotGov is critical infrastructure: it is 
central to the availability and integrity of thousands of online 
services relied upon by millions of users. Since the DotGov domain 
underpins communication with and within these institutions, 
cybersecurity significance of all aspects of DotGov's administration 
has been increasing rapidly. To provide additional cybersecurity 
support and expand DotGov domain usage among public entities, the 
DOTGOV was introduced in the U.S. Senate on October 30, 2019, directing 
GSA to transfer the DotGov program to CISA.
    On December 27, 2020, the DOTGOV was signed into law and enacted as 
part of the Consolidated Appropriations Act, 2021 (Pub. L. 116-260). 
The Act transfers the DotGov internet domain program, as operated by 
the General Services Administration under title 41, Code of Federal 
Regulations, to DHS CISA. The Act also orders that on the date CISA 
begins operational administration of the DotGov internet domain 
program, the GSA Administrator shall rescind the requirements in part 
102-173 of title 41, Code of Federal Regulations applicable to any 
Federal, State, local, or territorial government entity, or other 
publicly controlled entity, including any Tribal government recognized 
by the Federal Government or a State government that is registering or 
operating a DotGov internet domain. Finally, the DOTGOV orders that in 
place of the requirements in part 102-173 of title 41, Code of Federal 
Regulations, CISA, in consultation with the Director of Management and 
Budget (OMB), shall establish and publish a new set of requirements for 
the registration and operation of DotGov domains.
    On April 26, 2021, GSA transferred ownership, management and 
operation of DotGov Domain Program to the Department of Homeland 
Security (DHS), CISA, and CISA published new DotGov domain issuance 
guidance for government entities in place of the existing INTERNET GOV 
DOMAIN requirements in part 102-173 of title 41, Code of Federal 
Regulations.
    Beginning on January 10, 2022, GSA sought public comments on these 
actions for a period of 60 days through publication of an interim rule 
in the Federal Register (FMR Case 2021-02) at 87 FR 1080. GSA received 
one general comment, which was in support of the FMR Case 2021-02.
    This final rule removes provisions to the existing jurisdiction of 
the DotGov domain that had been delegated to GSA in 1997 and implements 
provisions of the DOTGOV applicable to GSA that transfer ownership, 
management and operation of the DotGov domain program from the GSA to 
DHS CISA.

DotGov Program History

    The DotGov program was created in 1997, and GSA OGP became the 
designated authority for the top level Domain ``DOT GOV'' registry and 
registrar and the subdomain registrar for FED.US by a delegation of the 
National Science Foundation through consensus of the Federal Networking 
Council and Department of Commerce on October 1, 1997. To provide 
additional support, GSA entered into an agreement with the Department 
of the Interior's Bureau of Indian Affairs to facilitate the 
registration of Native Sovereign Nations (NSNs) in the DotGov domain. 
In 2003, GSA began using the Intergovernmental Cooperation Act (IGCA) 
as the authority to provide services to U.S. state and

[[Page 44280]]

local governments, and began issuing DotGov domains to state and local 
government entities.
    Under GSA's DotGov program management and operations, domain 
registrations were approved based on established criteria, detailed in 
Federal Networking Council request for comments (RFC) 2146, May 1997 
and in the Code of Federal Regulations--41 CFR part 102-173. GSA's 
management of the DotGov program also included DotGov DNS Security 
(DNSSEC), which gives DNS queries origin authenticity and data 
integrity. This was accomplished by the inclusion of public keys and 
the use of digital signatures to DNS information. DNSSEC was deployed 
on the top level Gov domain root zone in January 2008 in accordance 
with OMB Memorandum M-08-23.

II. Discussion of the Final Rule

A. Summary of Significant Changes

    No significant changes.

B. Analysis of Public Comments

    The interim rule was published in the Federal Register on January 
10, 2022 at 87 FR 1080. One comment was received and was in support of 
the interim rule.

C. Expected Cost Impact to the Public

    There is no expected cost to the public from this rule.

III. Executive Orders 12866 and 13563

    Executive Orders (E.O.s) 12866 and 13563 direct agencies to assess 
all costs and benefits of available regulatory alternatives and, if 
regulation is necessary, to select regulatory approaches that maximize 
net benefits (including potential economic, environmental, public 
health and safety effects, distributive impacts, and equity). E.O. 
13563 emphasizes the importance of quantifying both costs and benefits, 
of reducing costs, of harmonizing rules, and of promoting flexibility. 
This is not a significant regulatory action and, therefore, was not 
subject to review under section 6(b) of E.O. 12866, Regulatory Planning 
and Review, dated September 30, 1993.

III. Congressional Review Act

    This rule is not a major rule under 5 U.S.C. 804(2). Subtitle E of 
the Small Business Regulatory Enforcement Fairness Act of 1996 
(codified at 5 U.S.C. 801-808), also known as the Congressional Review 
Act or CRA, generally provides that before a rule may take effect, the 
agency promulgating the rule must submit a rule report, which includes 
a copy of the rule, to each House of the Congress and to the 
Comptroller General of the United States. GSA will submit a report 
containing this rule and other required information to the U.S. Senate, 
the U.S. House of Representatives, and the Comptroller General of the 
United States.

IV. Regulatory Flexibility Act

    This final rule will not have a significant economic impact on a 
substantial number of small entities within the meaning of the 
Regulatory Flexibility Act, 5 U.S.C. 601, et seq., because it applies 
to agency management or personnel. Therefore, an Initial Regulatory 
Flexibility Analysis has not been performed.

V. Paperwork Reduction Act

    The Paperwork Reduction Act does not apply because the changes to 
the FMR do not impose recordkeeping or information collection 
requirements, or the collection of information from offerors, 
contractors, or members of the public that require the approval of the 
Office of Management and Budget (OMB) under 44 U.S.C. 3501, et seq.

List of Subjects in 41 CFR Part 102-173

    Government property management internet Gov Domain.

Robin Carnahan,
Administrator.

PART 102-173--[REMOVED]

0
For the reasons set forth in the preamble, and under the authority of 
the DOTGOV Online Trust in Government Act of 2020 (Title IX, Division 
U, H.R. 133, Consolidated Appropriations Act, 2021), GSA adopts the 
interim rule removing 41 CFR part 102-173, which published at 87 FR 
1080 on January 10, 2022, as final without changes.

[FR Doc. 2022-15670 Filed 7-25-22; 8:45 am]
BILLING CODE 6820-14-P