Wednesday, 12 July 2017

RIP IDA – OIX to the rescue 2

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.

14 June 2012, we discovered that the Government Digital Service (GDS) had joined the Open Identity Exchange (OIX) in order to help with their moribund identity assurance programme now known as "GOV.UK Verify (RIP)".

16 June 2017, OIX published Achieving frictionless customer onboarding, which "looks at the commercial business case for financial service providers to accept digital identities that meet Government standards".

Does that report help GDS?

Wednesday, 5 July 2017

The zombie stirs, the UK Home Office is on manoeuvres again …

… ID cards are back on the agenda …

… and The Sunday Times couldn't find room to publish the following letter:
From: David Moss
Sent: 25 June 2017 23:42
To: 'letters@thetimes.co.uk'
Subject: ID cards and border control

‘Bad border controls are worse than none at all’
Dominic Lawson
June 25 2017

Sir

The regularly excellent Dominic Lawson suggests that the Labour government’s proposed biometric ID card scheme would have worked and that the subsequent 2010 coalition government was wrong to terminate it [1].

Uncharacteristically wrong, he ignores the fact that the biometric technology on which that scheme relied was and remains hopelessly unreliable at the scale required [2,3]. That is why the Home Office gave up on their National Identity Scheme (RIP) long before May 2010. It was not going to help with border control [4] nor with any of the other objectives it was vaguely hoped that it might achieve.

The baton was passed from the Home Office to the Cabinet Office and their GOV.UK Verify scheme (RIP) which, after more than five years of development, currently has a failure rate of 65% according to the Government Digital Service’s own performance statistics [5,6].

Mr Lawson and the rest of us will have to find some other suppliers of identity assurance than Whitehall. The mobile phone network operators [7], for example, and the banks are the preferable ports of call. The awful alternatives are the Pied Pipers – Google, Facebook, Amazon, Apple, Microsoft, … [8].

Yours
David Moss



Exclusive to The Sunday Times.

Refs.

1. https://www.thetimes.co.uk/edition/comment/bad-uk-border-controls-are-worse-than-none-at-all-rmdcvrnpk
2. http://www.dmossesq.com/2015/09/so-where-are-we-on-astrology-13-years.html
3. https://www.theregister.co.uk/2009/08/14/biometric_id_delusion/
4. http://www.dematerialisedid.com/BCSL/eOdyssey.html
5. https://www.gov.uk/performance/govuk-verify
6. http://www.dmossesq.com/2016/09/rip-ida-govuk-verify-is-no-more-it-has.html
7. http://www.dematerialisedid.com/Mobiles.html
8. http://www.dmossesq.com/2012/04/amazon-google-facebook-et-al-latter-day.html
Nonsense on stilts, five days after Dominic Lawson's article, The Times carried Why I’ve come round to the idea of ID cards by Philip Collins: "Fears about illegal immigration which drove many to vote for Brexit would be answered by a national identity scheme".

Tuesday, 23 May 2017

RIP IDA – a ridiculous manifesto promise

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.

The Conservative Party's 2017 manifesto includes this at p.81:
... we must use common platforms across government and the wider public sector. That must start with the way we identify ourselves online, so that people have one single, common and safe way of verifying themselves to all parts of government. That is why we shall roll out Verify, so that people can identify themselves on all government online services by 2020, using their own secure data that is not held by government. We will also make this platform more widely available, so that people can safely verify their identify to access non-government services such as banking.
As DMossEsq readers know, it may be convenient for people to have "one single, common ... way of verifying themselves to all parts of government" but it isn't "safe".

Saturday, 6 May 2017

Half-baked, amateurish, technically-illiterate, misled, misinformed, …

Last Wednesday, 3 May 2017, Jerry Fishenden published a blog post, The canary that ceased to be, where he announced his resignation as co-chair of the Privacy and Consumer Advisory Group (PCAG):
The group has reviewed and commented upon a wide range of government initiatives, including predicting the disaster that become NHS care.data, the fraud risks of ill-considered “data-sharing” (under various guises), the troubled and late-running GOV.UK Verify identity assurance programme, the Office of National Statistics use of data, the “digital transformation” of the electoral roll, Home Office fraud issues, the Investigatory Powers Bill (now Act), and other proposals and ideas from across government.
PCAG is meant to be a safety device like a miner's canary, it's meant to detect officials attempting to "smuggle their often half-baked proposals past Ministers". That's what it's meant to do and that's what it does but ministers have stopped paying attention. Particularly Matt Hancock and Ben Gummer who haven't bothered even to acknowledge letters sent to them by PCAG.

Tuesday, 14 March 2017

GDS's commitment to user control of personal information

Public administration in the UK has problems which could be solved if public services became digital by default. That is the raison d'être of the Government Digital Service (GDS).

Digital by default? What does "digital" mean? According to Tom Loosemore, ex-Deputy Director of GDS, "digital means applying the culture, practices, processes and technologies of the internet era to respond to people’s raised expectations".

The reactionaries in Whitehall have hobbled GDS. That's what Jerry Fishenden and Cassian Young say: "It is convenient for institutionally conservative managers to watch the energy behind transformation dissipate harmlessly in the sandbox where the agile insurgents are left to play with their websites", please see Escaping waterfall government and the myth of ‘digital transformation’.

Monday, 6 March 2017

The Smart Essex Digital Summit to explore digital future

That's what Essex TV are excited about: "Leading technology partners are teaming up with Essex County Council to define how a digital strategy should be at the heart of a council to improve people’s lives, reshape public services and drive prosperity".

A major event, to be held at the BT Tower on 27 February 2017. So you've missed it. So did DMossEsq. "The Smart Essex Digital Summit is by invitation only", and our invitation was lost in the post.

Monday, 30 January 2017

RIP IDA – OIX to the rescue 1

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.

14 June 2012, we discovered that the Government Digital Service (GDS) had joined the Open Identity Exchange (OIX) in order to help with their moribund identity assurance programme now known as "GOV.UK Verify (RIP)".

23 December 2016, OIX published The value of digital identity to the financial service sector, which explores "the reuse of a GOV.UK Verify [RIP] digital identity in a financial service application process".

Does that report help GDS?

Friday, 30 December 2016

@gdsteam & HMG's digital transformation strategy


Sir Jeremy Heywood is the Cabinet Secretary and the Head of the UK's Home Civil Service ... He published his review of calendar 2015 in a series of 54 tweets between 23 December 2015 and 3 January 2016 ...
That's what we wrote on 24 January 2016.

No such review of 2016 is being tweeted at the moment by Sir Jeremy.

Perhaps nothing much has happened this year.

Friday, 16 December 2016

RIP IDA – 119 years? Not many people know that.

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.


GDS, the Government Digital Service, were meant to have an identity assurance service "fully operational" by March 2013.

That didn't happen but they have been testing GOV.UK Verify (RIP) since February 2014 ...

... and the system was declared to be live on 24 May 2016.

Between 23 May 2016 and 11 December 2016 237,850 GOV.UK Verify (RIP) accounts were created. That's an average of 1,172 per day.

The Office for National Statistics estimate that there were 50,908,702 people in the UK aged 18 or over in mid-2014.

At the rate of 1,177 1,172 per day, it would take 43,450 days to create 50,908,702 GOV.UK Verify (RIP) accounts. That's more than 119 years.

----------

Updated 10:43

Sunday, 20 November 2016

The odd couple

81.6% of people are satisfied or very satisfied with how easy it is to use GOV.UK Verify (RIP). 84.5% of people feel secure registering with the system and 80.5% are comfortable with "identity providers"/certified companies.

These user satisfaction figures are taken from the GOV.UK Verify (RIP) dashboard on the Government Digital Service's GOV.UK performance platform. They are based on 11,687 responses to the ease of use question, 11,623 to the security question and 11,552 on "identity providers".

DMossEsq and other critics can carp all they like. They're wrong, GDS may say. Just look at those user satisfaction ratings. Over 80% of people are satisfied with GOV.UK Verify (RIP) or very satisfied with it. That's what counts. And "counts" is the right word. We're dealing with numbers here. And you can't argue with numbers ...

... or can you?