EIA CIPSEA Survey Protocol

EIA_CIPSEA _Protocol_FINAL.docx

EIA-882T: Generic Clearance of Questionnaire Testing, Evaluating, and Research

EIA CIPSEA Survey Protocol

OMB: 1905-0186

Document [docx]
Download: docx | pdf

Business Knowledge/Perceptions of EIA Efforts to Protect Confidentiality

Protocol Questions


June 2016


Research Goals:

  • To understand how respondents of surveys protected by CIPSEA perceive the Government’s, and in particular EIA’s, ability to keep data confidential;

  • To determine if respondents of surveys protected under CIPSEA view confidentiality different from those respondents whose survey are not protected under CIPSEA; and

  • To test new text for revising the CIPSEA pledge.


Purpose of call

Let me start by explaining what we will be doing today.


  • The U.S. Energy Information Administration (EIA) is part of the U.S. Department of Energy. It is responsible for collecting, analyzing and disseminating energy information to the public, policy makers, and markets to better understand the interaction of energy with the economy and the environment.


  • Today, we are researching the perceptions that you have regarding the effectiveness of EIA’s data confidentiality policies and your feedback and reactions to some proposed changes we are considering.


  • There are no right or wrong answers to the questions I will be asking. I’d just like to hear what you think. Also, if something doesn’t make sense to you, or you have any questions, please ask.


  • Before we get started, I'd like to audio record this session so I don't have to later rely on my memory? This session is confidential, which means only persons directly related to this project can listen to the audio files, and the recordings are erased once our report is written. The report will combine information from multiple interviews and sessions and will not contain information that personally identifies you or the facility you work at.


  • Our discussion will last less than one hour. To ensure that I cover all the questions I have in this guide, I may have to interrupt our discussion from time to time and move us along.


  • Do you have any questions before we get started?


(I would list generic probes here you might use throughout

General ad-hoc probes:

(When silent or pondering) What are you feeling/thinking?

You used (term) in your answer. What does (term) mean to you in this context?

I’m not sure I got that right. You said (repeat their answer/paraphrase). Is that right?

How important is that to you? Why is that?

Protocol Questions


General attitudes about confidentiality


  1. The term “confidentiality” means different things in different contexts.


    1. What does “confidentiality” mean to you with regard to the information you report for your company to EIA?



    1. What kinds of information about your business is important to keep “confidential”?


      1. Why do you want to keep this information confidential?


Federal and EIA promises of confidentiality

  1. In general, how much do you trust the Federal Government when it comes to the privacy and confidentiality of the data that you report to the Federal Government?



  1. Are you familiar with any steps EIA takes to protect your company’s survey responses?



  1. Previously you said [XXXX about how much they trust the Federal Government]. In comparison to the Federal Government, how much do you trust EIA when it comes to protecting your company’s survey responses?



  1. How satisfied are you with the data security steps that EIA applies to protect your data from unauthorized access?

    1. Why do you feel that?


    1. How concerned are you with your company’s survey responses being accessed by data hackers or intruders?



    1. Are there any other kinds of unauthorized access you would be concerned about?

      1. If needed, how satisfied are you with the data security steps EIA takes to protect against that?


Specific data security procedures taken by EIA

  1. The data collected on many EIA surveys are protected by “statistical disclosure limitation methodologies”?


    1. Had you ever heard of this term?


    1. Can you tell me in your own words what ‘statistical disclosure limitation’ means to you?



    1. How confident are you that your data will be protected by EIA applying a “disclosure limitation methodology”? Why is that?




  1. The confidentiality of the data collected from the EIA survey you report on is protected by a U.S. law called the Confidential Information Protection and Statistical Efficiency Act, commonly referred to as CIPSEA.

    1. Have you ever heard of CIPSEA?


    1. Do you recall receiving any information from EIA about this CIPSEA law?


    1. If yes, how did you first hear about CIPSEA?

If needed, Telephone? Email? Survey instructions? Website?

    1. Are you familiar with what protection CIPSEA provides?



  1. Current CIPSEA language:


    1. Here is the way we currently explain how we protect your data (read out loud)

    2. Standard CIPSEA pledge (Uranium, Natural Gas surveys)

The information you provide will be used for statistical purposes only. In accordance with the Confidential Information Protection provisions of Title V, Subtitle A of Public Law 107-347 and other applicable Federal laws, your responses will be kept confidential and will not be disclosed in identifiable form to anyone other than employees or agents without your consent. By law, every EIA employee, as well as every agent, is subject to a jail term, a fine of up to $250,000, or both if he or she discloses ANY identifiable information about you.


CIPSEA Pledge – If it is a telephone survey (Petroleum surveys)

The information you provide will be used for statistical purposes only. In accordance with the Confidential Information Protection provisions in Public Law 107-347, your responses will be kept confidential and will not be disclosed in identifiable form. By law, everyone working on this EIA survey is subject to a jail term, a fine, or both if he or she discloses ANY information that could identify any confidential survey response.

    1. When you hear this pledge, what does it mean to you?


    1. Does this pledge increase or decrease your trust in EIA’s ability to protect your company’s survey responses?


    1. What would increase your trust in EIA’s ability to keep your company’s survey responses protected?



    1. What would decrease your trust?


  1. I want to ask you some questions about what the language covers and doesn’t cover. Please make your best guess, even if you’re not sure of the answer. If you gave EIA data and were assured confidentiality using this language, who do you think would be able to see this information?


    1. What would they be able to do with your information?

    2. I’m going to read a list of groups, tell me if they would be able to see the information you provided:

      1. EIA staff

      2. EIA contractors

      3. Department of Energy staff

      4. Staff from any other government agency

      5. IRS staff

      6. A US congressman or senator

      7. Staff from the White House



  1. As mentioned, under CIPSEA, data can only be used for “statistical purposes”.


    1. What does “for statistical purposes” mean to you?


    1. On a scale of 1-5, 5 being full trust and 1 being no trust, how much do you trust that your data remains protected when EIA uses it for statistical purposes?


  1. As I mentioned earlier, EIA is considering changing the language in the CIPSEA pledge based on changes in other federal laws. Here is a new version of the CIPSEA pledge that EIA is considering to use, (the only change is the one bolded sentence that has been added to the pledge):


CIPSEA PLEDGE VERSION 1


The information you provide will be used for statistical only. In accordance with the Confidential Information Protection and Statistical Efficiency Act and other applicable Federal laws, your responses will be kept confidential and will not be disclosed in identifiable form to anyone other than employees, or agents without your consent. EIA information systems are further protected by Federal employees and contractors through security monitoring of the systems that transmit your data. By law, every EIA employee, as well as every agent, is subject to a jail term, a fine of up to $250,000, or both if he or she discloses ANY identifiable information about you.


    1. What does this (bolded) additional sentence mean to you?


    1. Do you have any concerns with how your information would be accessed or used after hearing this revised pledge?


    1. What does the term “information systems” mean to you?



    1. What does the term “security monitoring” mean to you?



    1. What does the phrase “the systems that transmit your data” mean to you?


    1. Do you think anyone outside of EIA is in the term “security monitoring”?



    1. Do you think that the Department of Homeland Security would be included in “security monitoring” of your reported information?



CIPSEA PLEDGE VERSION 2 – Add one sentence to the current pledge.

  1. If you were told that “Your data are further protected by Department of Homeland Security cybersecurity employees and contractors through security monitoring of the systems that transmit your data


    1. This sentence mentions the “Department of Homeland Security.” Are you familiar with that agency?

      1. If yes, what do you know about them?


    1. What does that mean to you?


    1. What is your general reaction to it?



    1. Do you have any concerns with how your information would be treated after hearing this?


    1. Do you think this second version means the same thing as the first version I read to you, or is it different? How is it different (or in the alternative, how is it the same)?


  1. Of these two versions of the pledge that you heard, which CIPSEA pledge do you prefer? Why?



  1. Revision Goals.

    1. What we’re trying to communicate is that the Department of Homeland Security will be monitoring the electronic systems where survey data is transmitted and stored. They won’t be looking at individual survey answers, instead they will be monitoring the systems to look for viruses, mal-wear and other threats. Is that consistent or inconsistent with the revisions to the pledge that I showed you? (show both versions)

    2. Do you think that one version does a better job at communicating that than the other?

    3. Do you have any suggestions on how we might better communicate that?

    4. Data security is a top priority for EIA, but we also don’t want to unnecessarily scare people in telling them how their data is monitored. Do you have any suggestions of language that could help us achieve that balance?’


  1. Conclusions

    1. We’re almost done, thanks for your feedback so far. In general, do you have any concerns about how the government uses and protects the data you provide for surveys?

    2. Do you have any suggestions or other feedback?




Please don’t hesitate to contact me later if later you think of any other questions or concerns. Thank you.

9


File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorMcDonough, Matthew D. (CONTR)
File Modified0000-00-00
File Created2021-01-24
© 2025 OMB.report | Privacy Policy