The Federal Government Is Rushing Toward AI. Our Reporting Offers Three Cautionary Tales.

The plan worked: One former Microsoft salesperson told me “it was successful beyond what any of us could have imagined.” In response to questions about the commitment, Microsoft has said its “sole goal during this period was to support an urgent request by the Administration to enhance the security posture of federal agencies who were continuously being targeted by sophisticated nation-state threat actors.”

Agencies looking to buy AI tools at discounted rates today must consider how the costs might balloon down the road. The General Services Administration warns that AI “usage costs can grow quickly without proper monitoring and management controls” and advises agencies to “set usage limits and regularly review consumption reports.”

Lesson 2: Oversight Programs Are Only as Effective as Their Resources
Then: In the Obama era, the federal government shifted its sensitive information and computing needs to data centers owned and operated by private companies. Acknowledging the potential risks, the administration created the Federal Risk and Authorization Management Program, or FedRAMP, in 2011 to help ensure the security of the cloud computing services that it was encouraging U.S. agencies to use.

But in my recent investigation of the program, I found it was no match for Microsoft, which effectively wore down the FedRAMP team over five years as the company sought the program’s seal of approval for a major cloud offering known as GCC High. Despite serious reservations about its cybersecurity, FedRAMP ultimately authorized the product, in part because it lacked the resources to keep going. In response to questions, Microsoft told me: “We stand by our products and the comprehensive steps we’ve taken to ensure all FedRAMP-authorized products meet the security and compliance requirements necessary.”

Now: Today, this tiny outpost within the General Services Administration has even fewer resources to oversee the cloud technology on which the government relies — including AI. FedRAMP says it now operates “with an absolute minimum of support staff” and “limited customer service.” The program was an early target of the Trump administration’s Department of Government Efficiency. 

The takeaway: FedRAMP, which a 2024 White House memo said “must be an expert program that can analyze and validate the security claims” of cloud providers, is now little more than a rubber stamp for the tech industry, former employees told me. As federal agencies adopt AI tools that draw upon reams of sensitive information, the implications of this downsizing for federal cybersecurity are far-reaching. A GSA spokesperson defended the program and said FedRAMP now “operates with strengthened oversight and accountability mechanisms.”

Lesson 3: “Independent” Reviews Are Only So Independent
Then: The government has long relied on so-called third-party assessors to verify the security claims made by cloud service providers like Microsoft and Google. In theory, these firms are supposed to be independent experts that offer a recommendation to FedRAMP on whether a product meets federal standards. But in practice, their independence has an asterisk: They are paid by the companies they are evaluating.

My recent investigation found that this setup creates an inherent conflict of interest. In the case of Microsoft’s GCC High, two assessors recommended the product despite being unable to fully vet it, according to a former FedRAMP reviewer. One of those firms did not respond to my questions and the other denied this account.

FedRAMP, we found, is well aware of how the financial arrangement between the cloud companies and their assessors can distort official findings about cybersecurity problems. The program even created a “back channel” to encourage assessors to share concerns they might not otherwise raise in their official reports for fear of angering their tech clients and losing business.

Now: With FedRAMP reduced to being a “paper pusher,” as one former GSA official put it, these third-party assessment firms have taken on even more importance in the vetting process. In response to questions from ProPublica, the GSA said that FedRAMP’s system “does not create an inherent conflict of interest for professional auditors who meet ethical and contractual performance expectations.” It did not respond to questions about the program’s back channel.

The takeaway: The pendulum has essentially swung back to the pre-FedRAMP era, when each federal agency was individually responsible for vetting the products it used. The GSA told me that FedRAMP’s job is “to ensure agencies have sufficient information to make these risk decisions.” The problem is that agencies often lack the staff and resources to do thorough reviews, which means the whole system is leaning on the claims of the cloud companies and the assessments of the third-party firms they pay to evaluate them.

Renee Dudley is a ProPublica reporter focused on technology, cybersecurity and business. This storywas originally published by ProPublica. ProPublica is a nonprofit newsroom that investigates abuses of power. Sign up to receive ProPublica’s biggest stories as soon as they’re published.