Friday, 28 July 2017

RIP IDA – the last blip on the life support system monitor

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

"If Verify is the answer, what was the question?"

The Law Commission: "Verify does not currently ensure that the person entering the information
is in fact the person he or she is purporting to be;
rather it focuses on verifying that the person exists" (para.6.67/p.119)

The signs of life are petering out:
  • GOV.UK Verify (RIP) blog posts are now collectors' pieces. Like the Cabinet Secretary's once loud expressions of support for GOV.UK Verify (RIP).
  • The GOV.UK Verify (RIP) team hardly ever tweet.
  • They never go live on a new central government service. The big departments of state look like sorting out identity assurance themselves.
  • Local government is deserting GOV.UK Verify (RIP) even before joining it.
  • The Open Identity Exchange (OIX) publishes one report after another explaining why GOV.UK Verify (RIP) has nothing much to offer the private sector in general and nothing whatever to offer the financial services sector in particular.
  • Cabinet Office ministers come, they are made to say something ridiculous about the importance of GOV.UK Verify (RIP) and then they go.
  • Two executive directors of GDS have left, there weren't even any ripples on the departure of the second one and his replacement, a director general, didn't take the opportunity of his appointment to abandon their apology for a strategy – 25 million GOV.UK Verify (RIP) users by 2013 2020.
There is still the occasional blip on the GOV.UK Verify (RIP) life support system monitor. techUK hosted an encounter between GDS and the UK's technology suppliers earlier this week, a market briefing on GDS's government transformation strategy.

Wednesday, 12 July 2017

RIP IDA – OIX to the rescue 2

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.

14 June 2012, we discovered that the Government Digital Service (GDS) had joined the Open Identity Exchange (OIX) in order to help with their moribund identity assurance programme now known as "GOV.UK Verify (RIP)".

16 June 2017, OIX published Achieving frictionless customer onboarding, which "looks at the commercial business case for financial service providers to accept digital identities that meet Government standards".

Does that report help GDS?

Wednesday, 5 July 2017

The zombie stirs, the UK Home Office is on manoeuvres again …

… ID cards are back on the agenda …

… and The Sunday Times couldn't find room to publish the following letter:
From: David Moss
Sent: 25 June 2017 23:42
To: 'letters@thetimes.co.uk'
Subject: ID cards and border control

‘Bad border controls are worse than none at all’
Dominic Lawson
June 25 2017

Sir

The regularly excellent Dominic Lawson suggests that the Labour government’s proposed biometric ID card scheme would have worked and that the subsequent 2010 coalition government was wrong to terminate it [1].

Uncharacteristically wrong, he ignores the fact that the biometric technology on which that scheme relied was and remains hopelessly unreliable at the scale required [2,3]. That is why the Home Office gave up on their National Identity Scheme (RIP) long before May 2010. It was not going to help with border control [4] nor with any of the other objectives it was vaguely hoped that it might achieve.

The baton was passed from the Home Office to the Cabinet Office and their GOV.UK Verify scheme (RIP) which, after more than five years of development, currently has a failure rate of 65% according to the Government Digital Service’s own performance statistics [5,6].

Mr Lawson and the rest of us will have to find some other suppliers of identity assurance than Whitehall. The mobile phone network operators [7], for example, and the banks are the preferable ports of call. The awful alternatives are the Pied Pipers – Google, Facebook, Amazon, Apple, Microsoft, … [8].

Yours
David Moss



Exclusive to The Sunday Times.

Refs.

1. https://www.thetimes.co.uk/edition/comment/bad-uk-border-controls-are-worse-than-none-at-all-rmdcvrnpk
2. http://www.dmossesq.com/2015/09/so-where-are-we-on-astrology-13-years.html
3. https://www.theregister.co.uk/2009/08/14/biometric_id_delusion/
4. http://www.dematerialisedid.com/BCSL/eOdyssey.html
5. https://www.gov.uk/performance/govuk-verify
6. http://www.dmossesq.com/2016/09/rip-ida-govuk-verify-is-no-more-it-has.html
7. http://www.dematerialisedid.com/Mobiles.html
8. http://www.dmossesq.com/2012/04/amazon-google-facebook-et-al-latter-day.html
Nonsense on stilts, five days after Dominic Lawson's article, The Times carried Why I’ve come round to the idea of ID cards by Philip Collins: "Fears about illegal immigration which drove many to vote for Brexit would be answered by a national identity scheme".

Tuesday, 23 May 2017

RIP IDA – a ridiculous manifesto promise

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.

The Conservative Party's 2017 manifesto includes this at p.81:
... we must use common platforms across government and the wider public sector. That must start with the way we identify ourselves online, so that people have one single, common and safe way of verifying themselves to all parts of government. That is why we shall roll out Verify, so that people can identify themselves on all government online services by 2020, using their own secure data that is not held by government. We will also make this platform more widely available, so that people can safely verify their identify to access non-government services such as banking.
As DMossEsq readers know, it may be convenient for people to have "one single, common ... way of verifying themselves to all parts of government" but it isn't "safe".

Saturday, 6 May 2017

Half-baked, amateurish, technically-illiterate, misled, misinformed, …

Last Wednesday, 3 May 2017, Jerry Fishenden published a blog post, The canary that ceased to be, where he announced his resignation as co-chair of the Privacy and Consumer Advisory Group (PCAG):
The group has reviewed and commented upon a wide range of government initiatives, including predicting the disaster that become NHS care.data, the fraud risks of ill-considered “data-sharing” (under various guises), the troubled and late-running GOV.UK Verify identity assurance programme, the Office of National Statistics use of data, the “digital transformation” of the electoral roll, Home Office fraud issues, the Investigatory Powers Bill (now Act), and other proposals and ideas from across government.
PCAG is meant to be a safety device like a miner's canary, it's meant to detect officials attempting to "smuggle their often half-baked proposals past Ministers". That's what it's meant to do and that's what it does but ministers have stopped paying attention. Particularly Matt Hancock and Ben Gummer who haven't bothered even to acknowledge letters sent to them by PCAG.

Tuesday, 14 March 2017

GDS's commitment to user control of personal information

Public administration in the UK has problems which could be solved if public services became digital by default. That is the raison d'être of the Government Digital Service (GDS).

Digital by default? What does "digital" mean? According to Tom Loosemore, ex-Deputy Director of GDS, "digital means applying the culture, practices, processes and technologies of the internet era to respond to people’s raised expectations".

The reactionaries in Whitehall have hobbled GDS. That's what Jerry Fishenden and Cassian Young say: "It is convenient for institutionally conservative managers to watch the energy behind transformation dissipate harmlessly in the sandbox where the agile insurgents are left to play with their websites", please see Escaping waterfall government and the myth of ‘digital transformation’.

Monday, 6 March 2017

The Smart Essex Digital Summit to explore digital future

That's what Essex TV are excited about: "Leading technology partners are teaming up with Essex County Council to define how a digital strategy should be at the heart of a council to improve people’s lives, reshape public services and drive prosperity".

A major event, to be held at the BT Tower on 27 February 2017. So you've missed it. So did DMossEsq. "The Smart Essex Digital Summit is by invitation only", and our invitation was lost in the post.

Monday, 30 January 2017

RIP IDA – OIX to the rescue 1

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.

14 June 2012, we discovered that the Government Digital Service (GDS) had joined the Open Identity Exchange (OIX) in order to help with their moribund identity assurance programme now known as "GOV.UK Verify (RIP)".

23 December 2016, OIX published The value of digital identity to the financial service sector, which explores "the reuse of a GOV.UK Verify [RIP] digital identity in a financial service application process".

Does that report help GDS?

Friday, 30 December 2016

@gdsteam & HMG's digital transformation strategy


Sir Jeremy Heywood is the Cabinet Secretary and the Head of the UK's Home Civil Service ... He published his review of calendar 2015 in a series of 54 tweets between 23 December 2015 and 3 January 2016 ...
That's what we wrote on 24 January 2016.

No such review of 2016 is being tweeted at the moment by Sir Jeremy.

Perhaps nothing much has happened this year.

Friday, 16 December 2016

RIP IDA – 119 years? Not many people know that.

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.


GDS, the Government Digital Service, were meant to have an identity assurance service "fully operational" by March 2013.

That didn't happen but they have been testing GOV.UK Verify (RIP) since February 2014 ...

... and the system was declared to be live on 24 May 2016.

Between 23 May 2016 and 11 December 2016 237,850 GOV.UK Verify (RIP) accounts were created. That's an average of 1,172 per day.

The Office for National Statistics estimate that there were 50,908,702 people in the UK aged 18 or over in mid-2014.

At the rate of 1,177 1,172 per day, it would take 43,450 days to create 50,908,702 GOV.UK Verify (RIP) accounts. That's more than 119 years.

----------

Updated 10:43