OMB Memo M-13-13 — Open Data Policy: Managing Information as an Asset

OMB Memorandum M-13-13 ("Open Data Policy — Managing Information as an Asset," May 9, 2013) directed all executive branch agencies to treat government-generated data as a public asset — making it machine-readable, openly licensed, and discoverable through a common catalog — rather than publishing data only in human-readable documents or providing it only on request. Issued by OMB Director Sylvia Burwell alongside a companion White House Executive Order on Government Information ("Making Open and Machine Readable the New Default"), M-13-13 fundamentally reoriented how federal agencies think about information: not as output produced to fulfill a specific need, but as a resource with ongoing public value that should be accessible to researchers, developers, journalists, businesses, and anyone else who can use it.

The memo emerged from the Obama administration's Open Government Initiative and reflected a view that federal data — scientific research, economic statistics, geographic information, health outcomes, spending records, regulatory filings — was being underutilized because agencies locked it in PDFs, proprietary databases, and siloed systems. By requiring agencies to publish data in open, machine-readable formats with standardized metadata, M-13-13 aimed to enable the kind of large-scale analysis, application development, and oversight that requires programmatic access. The DATA Act (2014), the Foundations for Evidence-Based Policymaking Act (2018), and subsequent open data requirements all build on M-13-13's foundational framework.

Legal Authority

• 44 U.S.C. § 3501 — Paperwork Reduction Act; grants OMB authority over federal information policy including standards for information collection, dissemination, and use; M-13-13 implements PRA's information dissemination authorities
• 44 U.S.C. § 3506 — PRA agency information management responsibilities; requires agencies to develop policies for the management and dissemination of information; the statutory basis for OMB's direction to make data open and machine-readable
• 5 U.S.C. § 552 — Freedom of Information Act; the baseline public access law that M-13-13 builds on; proactive disclosure requirements under FOIA (§ 552(a)(2)) are expanded by M-13-13's open data requirements
• OMB Memorandum M-13-13 (May 9, 2013) — Establishes open data as the default for federal government information; requires machine-readable formats, open licensing, metadata standards, and a common data catalog (data.gov)

Key Mechanics

M-13-13 established four requirements that became the operational baseline for federal open data. (1) Machine-readable by default: new federal datasets must be published in open, non-proprietary, machine-readable formats (JSON, XML, CSV) rather than PDFs or proprietary formats; existing datasets must be converted on a prioritized schedule. (2) Open licensing: datasets must be released with open licenses (Creative Commons CC0 or equivalent) that do not restrict reuse, allowing developers, researchers, and businesses to incorporate federal data into products without legal barriers. (3) Metadata standards: agencies must publish metadata using the Project Open Data metadata schema so datasets are discoverable and comparable; metadata must include data format, update frequency, data quality information, and contact information. (4) Data catalog: agencies must maintain a public data catalog (agency.gov/data.json) listing all publicly available datasets; entries feed into the governmentwide data.gov catalog. M-13-13 established a Data Management team at each agency and a Chief Data Officer role (later formalized by the Foundations for Evidence-Based Policymaking Act of 2018). Privacy and security exceptions apply: data subject to FOIA exemptions, personally identifiable information, law enforcement sensitive data, and national security information are excluded from open data requirements.

Overview

The Open Data Framework

Machine-Readable as the Default

M-13-13's central principle is that data should be machine-readable by default — meaning that when agencies publish information, it should be in a format that software can parse and process without human intervention. The memo explicitly contrasts machine-readable data with:

• PDFs and scanned documents: Text locked in image-based formats that cannot be reliably extracted
• HTML tables: Data embedded in web pages in formats not designed for bulk processing
• Proprietary spreadsheet formats: Data in formats requiring licensed software to open
• Static files without APIs: Data published as one-time downloads that cannot be queried or kept current

The required alternative: data in open, non-proprietary formats — JSON, CSV, XML, and similar standards — with documented schemas that allow third parties to understand the data structure, machine-readable metadata following Project Open Data standards, and ideally an API enabling programmatic queries rather than bulk-only downloads.

This was not merely a technical preference. The memo identified machine-readability as essential for the core policy goals: a PDF of federal contracting data cannot be analyzed at scale; a structured, queryable API of the same data enables oversight organizations, researchers, and watchdog groups to identify patterns, anomalies, and relationships that would be invisible in document-only publication.

Project Open Data and Common Metadata

M-13-13 established Project Open Data (later hosted at project-open-data.cio.gov) as the shared platform for technical standards and implementation guidance. The most consequential Project Open Data deliverable: a common metadata schema for describing federal datasets, ensuring that dataset descriptions across all agencies use consistent terminology, enabling the data.gov catalog to aggregate and search across agency-specific data portals.

The schema specifies mandatory and optional fields:

• Required: Title, description, keyword tags, modified date, publisher, contact point, identifier (a globally unique ID for the dataset), access level (public / restricted public / non-public)
• Required if public: Distribution (links to actual download files or API endpoints), license (open license URI)
• Recommended: Temporal coverage, spatial coverage, data quality statement, references to related datasets, accrual periodicity (how often the dataset is updated)

Agencies must publish a data.json file — a machine-readable inventory of all their public datasets following this schema — at [agency].gov/data.json. The data.gov catalog harvests these files automatically, meaning the public catalog is built from agency-published inventories rather than requiring manual submission. As of 2026, data.gov aggregates hundreds of thousands of datasets from dozens of federal agencies through this harvesting mechanism.

Data Inventories and Governance

M-13-13 required each agency to:

1. Create an enterprise data inventory — a comprehensive catalog of all datasets the agency holds, not just those currently published. The inventory includes data that cannot be made public (classified, privacy-protected, law enforcement-sensitive) so agencies can track what they have and assess what could be released.

2. Create a public data listing (the data.json file) — the public subset of the enterprise inventory, listing all datasets that are or could be made publicly available.

3. Publish a data publication process — the internal workflow for how agency staff can request that a new dataset be added to the public listing, who reviews it, and how long the process takes. This was aimed at reducing internal friction: agencies that had informal "ask someone in IT" processes needed to formalize them.

4. Designate a point of contact for open data coordination — in practice, this was often the agency's Chief Data Officer (CDO) role, which M-13-13 helped catalyze before the Evidence Act formally required CDO designation in 2018.

Open Licensing

M-13-13 requires that public federal datasets be released under open licenses — licenses that permit anyone to use, redistribute, and modify the data without restriction. For data created entirely by the federal government (as opposed to data incorporating third-party content), the applicable standard is straightforward: U.S. government works are in the public domain under 17 U.S.C. § 105 and carry no copyright. M-13-13 directed agencies to explicitly label datasets as public domain (using Creative Commons CC0 or equivalent) rather than leaving their reuse status ambiguous.

For datasets incorporating third-party data or created in partnership with contractors, the licensing question is more complex. M-13-13 required agencies to proactively negotiate open data rights in data collection contracts rather than defaulting to proprietary contractor ownership.

Privacy and Security Review

Open data is not unconditional. M-13-13 requires agencies to conduct privacy and security reviews before publishing any dataset. Privacy review must assess:

• Whether the dataset contains PII directly or indirectly (through combination with other publicly available data)
• Whether re-identification is a risk even after suppression of direct identifiers
• Whether publication is consistent with the system of records notice (SORN) under which the data was collected
• Whether applicable privacy laws (Privacy Act, HIPAA for health data, FERPA for education data) permit the release

For sensitive datasets where full public release is not possible, M-13-13 encouraged tiered access — making de-identified or aggregated versions public while providing restricted access to qualified researchers for the more sensitive underlying data. The Federal Statistical Research Data Centers, run by the Census Bureau, exemplify this model for economic and demographic microdata.

Key Requirements

• Machine-readable by default: All new datasets published in open, non-proprietary formats (JSON, CSV, XML); no PDF-only publication for structured data
• data.json inventory: Agencies must maintain a machine-readable catalog of public datasets at [agency].gov/data.json, harvested by data.gov
• Common metadata schema: All dataset descriptions must follow Project Open Data metadata standards (title, description, keywords, access level, distribution, license)
• Enterprise data inventory: Comprehensive internal catalog of all agency datasets, including non-public data
• Open licensing: Public federal datasets must carry explicit open licenses (CC0 or public domain dedication)
• Privacy and security review: All datasets must be reviewed for PII, re-identification risk, and applicable privacy law compliance before publication
• API access: Where feasible, datasets should be accessible via API in addition to bulk download
• Annual progress reporting: Agencies report progress on open data implementation to OMB; CDO Council tracks cross-agency metrics

How It Affects You

If you work at a federal agency (CDO, data steward, IT staff): M-13-13's data.json requirement is the operational core. Maintain your data.json file and ensure it accurately reflects your agency's public datasets — data.gov harvests it automatically, so stale entries mislead the public and complicate oversight. When launching new data collection programs, negotiate open data rights upfront in contracts: it's far harder to open data after the fact if a contractor holds the IP. For existing sensitive datasets, conduct a structured de-identification assessment rather than defaulting to "can't release" — tiered access models can make research-grade data available without full public release. Your Chief Data Officer (required by the Evidence Act) is the point of contact for open data governance questions; if you don't have a CDO, the CIO's office typically owns this.

If you are a developer or researcher building on federal data: data.gov is the starting point, but many agencies also maintain domain-specific data portals with better interfaces than the central catalog (Census Bureau's data.census.gov, BLS's data APIs, USGS's National Map). For programmatic access, look for the agency's API documentation — many agencies built REST APIs in response to M-13-13's encouragement. When you find a federal dataset that should be open but isn't (still a PDF, no schema documentation, or the data.json entry is dead), the agency's CDO is the right contact, and OMB's Office of the Federal CIO tracks open data compliance. The Foundations for Evidence-Based Policymaking Act (2018) strengthened the legal basis for open data access and created the CDO Council; citing the Evidence Act alongside M-13-13 in a data request to an agency carries more legal weight.

If you are a business using federal data: M-13-13 created commercial opportunities by making previously inaccessible government data freely available. Federal data underlies a significant share of weather forecasting, real estate valuation, financial analysis, navigation, and agricultural commodity markets — industries built on free access to NOAA, FHFA, SEC, USDA, and GPS data. Open licensing means you can incorporate federal data into commercial products without licensing fees or legal uncertainty. Watch for the difference between datasets generated entirely by the government (unambiguously public domain) and datasets where the government paid a contractor to generate the data — the latter may carry residual IP claims if open data rights weren't negotiated in the contract.

If you are a journalist, researcher, or oversight professional: M-13-13 and its successors created a legal expectation that federal agencies will proactively publish structured data — which strengthens FOIA arguments for electronic records in machine-readable format rather than PDFs. FOIA requests for data held in structured databases should specifically invoke 5 U.S.C. § 552(a)(2) (records routinely available) and request the data in a machine-readable format. When agencies deny data requests or produce unusable formats, the agency's CDO and the OMB OFCIO are escalation points. GAO periodically reviews federal open data compliance; these reports identify which agencies are publishing comprehensive data.json inventories and which are not.

Relationship to the Evidence Act and Later Policy

M-13-13 established the open data foundation; the Foundations for Evidence-Based Policymaking Act of 2018 (the "Evidence Act," P.L. 115-435) built on it with statutory force:

• Chief Data Officer requirement: Each CFO Act agency must designate a CDO with specific responsibilities for data governance, quality, and access — formalizing the open data coordination role M-13-13 identified
• CDO Council: Cross-agency body for data governance best practices
• Open Government Data Act (Title II of the Evidence Act): Codified M-13-13's open data requirements into statute, making machine-readable-by-default a legal requirement rather than an OMB directive
• Federal Data Strategy: OMB's 2019-2020 ten-year data vision for federal enterprise data management, directly descended from M-13-13

The DATA Act (2014) applied M-13-13's principles specifically to federal spending: all grants, contracts, loans, and other federal awards must be reported in machine-readable format through USAspending.gov, enabling public transparency into how the federal government spends money.

Relationship to Broader Policy

• E-Government Act: M-13-13 extends the E-Gov Act's vision of government information availability into a machine-readable-by-default framework; data.gov is the E-Gov Act's concept of one-stop information access operationalized
• DATA Act: Applies M-13-13's open data framework specifically to federal spending; USAspending.gov is the spending data implementation of data.gov's model
• Federal Records Management: Open data datasets are federal records subject to retention schedules; M-13-13's enterprise data inventory intersects with NARA's records inventory requirements
• FOIA: M-13-13's proactive disclosure approach reduces FOIA burden; FOIA's Section 508 requirements and the Evidence Act's machine-readable default align
• Privacy Act: Open data publication must be consistent with the SORN under which data was collected; Privacy Act compliance is a prerequisite for open data release of any PII-adjacent dataset
• FITARA: Data infrastructure investments required by M-13-13 (APIs, catalogs, metadata systems) are IT investments subject to FITARA's CIO review and portfolio management requirements

Recent Developments

• May 2013 — M-13-13 issued alongside companion Executive Order; Project Open Data launched
• 2014 — DATA Act enacted, extending M-13-13 framework to federal spending transparency; data.json adoption begins scaling across agencies
• 2016-2018 — Agency data.json inventories grow but quality varies; GAO reports find inconsistent metadata, broken links, and non-public datasets mistakenly listed as public
• December 2018 — Foundations for Evidence-Based Policymaking Act enacted; Open Government Data Act (Title II) codifies M-13-13's machine-readable default into statute; CDO designation becomes mandatory
• 2019 — Federal Data Strategy issued; CDO Council established
• 2020-2023 — CDO Council publishes data governance playbooks; data.gov continues to grow; agency CDOs vary widely in authority and resources
• Ongoing — data.gov now aggregates hundreds of thousands of datasets; federal open data is widely used commercially and in research, though publication quality and API availability remain uneven across agencies