Monday 28 April 2014

NLGN report findings – GDS are wonderful and local government is useless

Like all award-winning internationally popular rock combos, the Government Digital Service (GDS) has a fanzine – in this case Digital by Default News – and they've just published a collector's edition article, Local government is being left behind by the digital revolution.

It's the usual riff. GDS are great. Everyone else is an idiot – the US government, the UK government and all big IT companies (the "oligarchy") except Google, Amazon, eBay, Facebook and, natch, Apple.

Lead singer, Public Servant of the Year ex-Guardian man Mike Bracken MBE, takes GDS on tour all over the world, insulting people and patronising them, while manager Francis "JFDI" Maude entertains flocks of adulatory fans back at the band's Aviation House studios in Holborn with the same everyone-else-is-an-idiot message.

It's hard to remember in all the excitement that GDS have only released one track so far – Student Finance exemplar #6 (catchy, or what?) – with the other 24 they've been rehearsing still in the edit suite.

Which brings us to the DbyDNews article putting the boot into UK local government (hopeless losers all, apparently). They're covering a report produced by the New Local Government Network (NLGN), whom younger readers may not recognise.

Seven years ago NLGN were a vibrant young radical enquiring underground indie think tank-cum-fan club bravely supporting whatever policy the New Labour government came up with, including ID cards, please see Local Identity – the role of local entitlement cards in public service delivery:
Successfully undertaking such a project, however, requires collaboration between local government departments. In many cases, this is curbed by concerns over information exchange under the Data Protection Act. This requires a more sophisticated and less risk-averse attitude towards information management. (p.4)
Judging by the DbyDNews article, over the past seven years NLGN have got a lot better at sneering at local government for spinelessly obeying the law. Here's what you'll read, with notes:
Local government’s digital development has stalled [has it? in what way? prove it.]. After a period of innovation, councils lack the skills [stupid], organisational culture [uncouth] and leadership [useless, sheep] to exploit the potential [if any] for digital transformation of its services.

Those are the conclusions of Smart people, smart places, a study by the New Local Government Network [who's that, never heard of them]. But the problems it describes run deeper than just digital [hard to believe]. It is a window on wider local government weaknesses [draw the curtains, please].

It describes a world in which digital development is still peripheral [omigod], with councils failing [you can say that again] to exploit the potential of digital to deliver integrated and personalised services, engage and empower citizens and create greener, more economically vibrant places [they've missed out "agile" and "trusted"].

Perhaps the most damning criticism is that councils are failing [they've said it again] to create a culture where staff and councillors feel trusted [bingo!] to innovate with technology and have the confidence to invest in it and use it [old-fashioned as well as weak and out of their depth].

These barriers to exploiting the potential [that's three times we've had "potential", and never once an explanation or example] of digital are undoubtedly exacerbated by the dearth of young councillors – being 40 is youthful in many authorities [antediluvian] – and the lack of movement of staff between the public and private sectors.

But, as the report points out, there are other external resources councils can call upon. In the spirit of social media, citizens can ‘co-produce’ [what's that? sounds fun. is it legal?] digital solutions tailored to the needs of local people. An increasing number of councils have hosted hack days [so they're not all useless?], when local people bring their own ingenuity [sadly lacking among council staff] to bear on council issues, using the local authority’s data sets. Camden council’s hack day to find ways to use space in the borough more effectively [example, please] and support welfare claimants to thrive [what does "support to thrive" mean?], is just one example [looks more like two examples].

There is also a lack of sector-wide leadership [we know, you've said that]. The report calls for a local government digital programme to attract graduate talent [uneducated as well as well as old, eh – thought so] and encourage collaboration [shouldn't that be "co-production"?].

The NLGN report points out that local government is, unforgivably [immoral as well as old and uneducated], falling behind Whitehall [that's bad]. The government’s gov.uk single website has been a striking success [really? in what way?], greatly enhancing public access to government departments and services [name an access that has been greatly enhanced], while the Cabinet Office has been pursuing a vigorous strategy around digital procurement and skills [so vigorous that the OFT failed to mention it in their report on government IT procurement, according to ... DbyDNews].

It is ultimately attitude [slovenly, no doubt], not cost, which is holding back digital development in councils. Data from the Society of IT Management shows [warning – factoids coming up:] the average face to face contact in local government costs £8.62, compared with £2.83 for a phone call and just 15p for a web transaction [that proves something, probably]. Digital technology also offers substantial [how substantial?] efficiencies in time and money for services such as adult social care [15p is too much], with staff accessing and logging information on the move [the staff are meant to be providing social care, not logging and accessing information, or is that an old-fashioned way of thinking?]. Websites and apps do not have to be developed at great cost by blue-chip companies [no, anyone can do it]. Try going local.

This is dangerous [oooooh!] territory for councils. If digital does not become core to their work [the core of their work is meant to be the users, not technology – that's what GDS say. NLGN need re-educating already], they risk appearing increasingly irrelevant [only true if you first assume that IT makes you relevant, as well as green and vibrant] to the lives of a growing number of citizens. Local government needs to make a big cultural [you mean they have culture? all those old uneducated immoral local council people?] shift on digital.
You might think that writing this sort of stuff makes it hard to get on with local government, which must presumably be the point of the New Local Government Network.

Obviously it'll go down well with GDS who, like NLGN, think GDS are wonderful and who despise local government, see PSOTYE-GM Mike Bracken MBE's speech to the Code for America Summit 2013 starting about five minutes in.

But then GDS have their own problems co-operating with other branches of government. Sorry. Co-producing with other branches of government. Relations with DWP aren't warm. Nor with the Electoral Commission, for example.

Even a rock combo great like GDS needs to try to fit in with the rest of the industry a bit. Otherwise – no digital government. It's a funny way to go about winning people over. Start by accusing them of being ignorant and useless.

Let's see if GDS denounce NLGN's report.

NLGN report findings – GDS are wonderful and local government is useless

Like all award-winning internationally popular rock combos, the Government Digital Service (GDS) has a fanzine – in this case Digital by Default News – and they've just published a collector's edition article, Local government is being left behind by the digital revolution.

It's the usual riff. GDS are great. Everyone else is an idiot – the US government, the UK government and all big IT companies (the "oligarchy") except Google, Amazon, eBay, Facebook and, natch, Apple.

Lead singer, Public Servant of the Year ex-Guardian man Mike Bracken MBE, takes GDS on tour all over the world, insulting people and patronising them, while manager Francis "JFDI" Maude entertains flocks of adulatory fans back at the band's Aviation House studios in Holborn with the same everyone-else-is-an-idiot message.

It's hard to remember in all the excitement that GDS have only released one track so far – Student Finance exemplar #6 (catchy, or what?) – with the other 24 they've been rehearsing still in the edit suite.

Wednesday 23 April 2014

You are for sale 2



That's what it said in Friday's Guardian, 18 April 2014:
The personal financial data of millions of taxpayers could be sold to private firms under laws being drawn up by HM Revenue & Customs [HMRC] in a move branded "dangerous" by tax professionals and "borderline insane" by a senior Conservative MP.
Her Majesty's Treasury are quoted as saying:
"HMRC is committed to protecting its customers' information ..."
If they're committed to protecting their customers' information, isn't it a little odd to sell it?

Why would they want to sell it? This time the Treasury quote from an HMRC document:
"The government has decided to proceed with the proposal to remove the legal restrictions that currently limit HMRC's ability to share anonymised individual level data for the purpose of research and analysis and deliver public benefits wider than HMRC's own functions ..."
What research and analysis? What public benefits? No indication is given.

Who says this trade in our tax records is "dangerous"? Stephen Coleclough. What does he know about it? He's the President of the Chartered Institute of Taxation:
... any broadening of HMRC's powers of disclosure will inevitably lead to the identification of individuals, and a consequential breakdown in trust between HMRC and taxpayers ...
"Identification of individuals"? Surely HMRC are only talking about the "ability to share anonymised individual level data"? They are. But the Guardian quote Ross Anderson, professor of security engineering, as saying:
"Anonymisation is something about which they lied to us over medical data ..."
It's the old point, also made by Professor Martyn Thomas (para.4), that if the data really is anonymised, it's no use for research purposes and, contrarywise, if it is useful for research purposes, then it can't be anonymised. This anonymisation offered by the NHS in the case of care.data and now by HMRC is another unicorn, like the security of the websites operated by the UK's "identity providers".

"Borderline insane", according to David Davis, but at least HMRC can't start this trade until a new law is passed. Or can they? Yes, they can. We know that, because they've already started:
HMRC has quietly launched a pilot programme that has released data about VAT registration for research purposes to three private credit ratings agencies: Experian, Equifax and Dun & Bradstreet.
Isn't that against the law? Yes. Except that HMRC found a way round it:
... the private ratings agencies, which determine credit scores for millions of people and businesses, have been contracted to act on behalf of HMRC and are "therefore treated as part of the department" ...
"Cute", you may say, "obviously HMRC have learnt a trick or two from all the tax avoiders and evaders they have to deal with".

But maybe too cute. Usually it's better to be more straightforward.

On 16 June 2014, when the New Hampshire judge sentences Mr Hieu Minh Ngo, Experian are likely to come in for a bit of criticism. The trust we can place in them as an "identity provider" in the UK and as a data broker in the US is likely to be diminished. The same must apply to HMRC if Experian are "part of the department".

By the same token, when Senator Rockefeller next convenes his Committee on Commerce, Science, & Transportation, looking into the data broker business, he may want to examine HMRC as well as Experian. At which point HMRC may wish that Experian weren't "part of the department" after all.

And then there's NHS England, of course, as noted above, with their care.data plans.

The national director for patients and information at NHS England is Tim Kelsey. He's the one who, two months ago, had to delay the introduction of care.data for six months to give people more time to be re-educated:
NHS England exists for patients and we are determined to listen to what they tell us. We have been told very clearly that patients need more time to learn about the benefits of sharing information and their right to object to their information being shared. That is why we are extending the public awareness campaign by an extra six months.
Earlier, the Social Research Institute of Ipsos MORI, the polling organisation, conducted an interview with Tim Kelsey, possibly in July 2012 but it's not clear, during the course of which he said:
McKinsey published a paper in May 2011, called Big Data [Big data: The next frontier for innovation, competition, and productivity] which is worth looking at.

It forecasts the potential economic value of public data in the hands of enterprise being about €250 billion per annum in Europe as a whole. The EU subsequently did its own assessment coming up with figures of around €140 billion.

We've done an extrapolation that would imply an approximate market value of about £16 billion in the UK. There are other forecasts which have suggested it may be higher.

It is a lot of money, and when you think about the net effect of, for example, improving the profitability of all SMEs [small- and medium-sized enterprises] in this country by 5%, there is real potential value in these public data assets
It's a confused mish-mash of figures but the assumption is that selling "public data assets" such as our health records would boost the economy in general and the profitability of SMEs in particular.

That assumption may be wrong.

But seemingly nothing is going to stop NHS England, HMRC and other branches of the UK government from proceeding as though it is correct, even if they have to pretend that our records will be anonymised when they know perfectly well that they won't be.

After all that hard work Ipsos MORI must be cross that the job of creating a national data strategy went to their rival polling organisation, YouGov, proprietor – Stephan Shakespeare:
Forecasting future benefits is also hard to predict. How businesses and individuals might use datasets in the future to generate new products and services and by implication impact economic growth, is equally unknown.
It's a shame Mr Shakespeare said that. It conflicts with his other claim that:
It seems a straightforward decision to invest £143m to make Trading Fund data widely available is a relatively small price to pay to leverage wider economic benefits far exceeding this by orders of magnitude.
If you can't forecast the future benefits, your claim that they will exceed any figure "by orders of magnitude" is empty. That goes for Mr Shakespeare, Mr Kelsey and HMRC equally.

They all claim that there will be research benefits as well as economic benefits if the state sells – or even gives away – our personal records.

The world already funds a lot of research. And some of it is beneficial. The argument here is that today's research doesn't get its mitts on all of our personal data – if it did, then it would be even more beneficial.

Is that true?

We laymen need a guide here.

And luckily we have Tim Harford, who "explains – and sometimes debunks – the numbers and statistics used in political debate, the news and everyday life" on BBC Radio 4's More or Less programme and who also writes for the Financial Times, see for example Big data: are we making a big mistake?:
Consultants urge the data-naive to wise up to the potential of big data. A recent report from the McKinsey Global Institute [them again] reckoned that the US healthcare system could save $300bn a year – $1,000 per American – through better integration and analysis of the data produced by everything from clinical trials to health insurance transactions to smart running shoes.
Sounds good. It obviously convinces governments. But not Tim Harford. Or David Spiegelhalter:
Unfortunately, these four articles of faith [in big data] are at best optimistic oversimplifications. At worst, according to David Spiegelhalter, Winton Professor of the Public Understanding of Risk at Cambridge university, they can be “complete bollocks. Absolute nonsense.”

... while big data promise much to scientists, entrepreneurs and governments, they are doomed to disappoint us if we ignore some very familiar statistical lessons.

“There are a lot of small data problems that occur in big data,” says Spiegelhalter. “They don’t disappear because you’ve got lots of the stuff. They get worse.”
Stephan Shakespeare suggests that if you are against releasing your personal data for research, that means you want people to die of cancer and you want children to be unhappy.

"Complete bollocks", to coin a phrase.

His blackmail attempt assumes that big data research will deliver cures for cancer and guarantees of happy children more reliably than the carefully controlled research the world already conducts. Messrs Harford and Spiegelhalter say that that assumption is false.

So does practical experience.

Professor Sir Nigel Shadbolt is the chairman of both the Open Data Institute and the Department for Business Innovation and Skills's midata programme. He set up the midata Innovation Lab to see what innovation would be inspired in practice and what economic benefits would be gained by having access to a mixture of personal data and public sector information/open data.

The results were so disappointing that the lab has never been heard from again.

We can't be sure that we'll get economic growth or fundamental research breakthroughs in return – is there any other reason for giving up our privacy?

Tim Kelsey thinks he has one.

Writing in Prospect magazine, 29 July 2009, please see Long live the database state, he had this to say:
... our public services remain unsafe and inefficient ... Overcoming this problem means taking on the powerful civil liberties lobby, which is against data sharing of almost any kind.
Many people may disagree but, in Mr Kelsey's view, public services are unsafe and inefficient. Why are they unsafe and inefficient? Again in Mr Kelsey's view, because of civil liberties – civil liberties are the enemy.

He's quite hard-nosed about this:
If the next government, of whichever party, wants a better public sector it must encourage more use of personal data; not less. What should be done? Data sharing must be made easier, first by removing the legislative obstacles to sharing government databases.
Ignoring the expert evidence of two IT professors and one President of the Chartered Institute of Taxation, he remains determined that "anonymised research data" is not an oxymoron:
The government should also pledge to publish as much new anonymised data as possible ...
He will not countenance opt-outs:
... no one who uses a public service should be allowed to opt out of sharing their records.
And if promises of privacy or confidentiality need to be broken, so be it:
Nor can people rely on their record being anonymised ...
You know where you are with Tim Kelsey.

Which is in a strange position.

Mr Kelsey flourished under the 1997-2010 Labour government. His company, Dr Foster, provided management information on NHS hospitals and in 2006 the NHS paid £12 million for a 50 percent share in Dr Foster.

Despite all the data-sharing involved in which, according to him, the NHS remains unsafe and inefficient. Not just him. We all know something of what happened at Stafford Hospital between 2005 and 2008. The problems persist. Only yesterday the Daily Telegraph told us that:
At least 1,000 hospital patients are dying needlessly each month from dehydration and poor care by doctors and nurses, according to an NHS study.
These problems aren't caused by civil liberties, they're not prevented by the armies of administrators and regulators we already have and there's no reason to believe that they would be resolved by even more Dr Foster-style data-sharing.

Mr Kelsey's enemy isn't civil liberties. It's the law. It's laws that were passed for good reasons, as David Davis reminded the Guardian, "Our forefathers put these checks and balances in place ...".

As the May 2010 general election approached, Mr Kelsey presumably thought that Labour would lose and that his luck would turn. So he left and joined – one guess – McKinsey.

But he was wrong. He can't have spotted Francis "JFDI" Maude, destined to become the Cabinet Office minister, a man who holds the wisdom of the Constitution just as much in contempt as Mr Kelsey:
"This is not a question of increasing the volume of data-sharing that takes place across government", he said, "but ensuring an appropriate framework is in place so that government can deliver more effective, joined-up and personalised public services, through effective data-linking" ...

"I want to bust the myths around the complexities of data sharing ... we aim to find effective ways of using and sharing data for the good of everyone".
Massive data-sharing is exactly what the coalition government want, just like their predecessors, and by May 2011 Mr Kelsey was back in the fold, in Francis Maude's Cabinet Office, where he was appointed Executive Director of Transparency and Open Data.

And a year after that, he moved to the NHS, where he took up the cudgels for care.data. No opt-outs. No guarantee of anonymity. No upper limit on data-sharing.

Progress towards the new world was reported on by Francis Maude in the Daily Telegraph a couple of Mondays back, 14 April 2014, Britain needs to lead the digital world:
This Government is putting the digital revolution at the heart of our long-term economic plan ... We are transforming government itself, with our new digital-by-default approach. If something can be delivered online, it should ultimately be delivered only online ... why should anyone have to queue up in the Post Office to replace their passport?
"Why should anyone have to queue up in the Post Office to replace their passport?" They don't have to. Last year DMossEsq completed most of his passport renewal on-line. Just as he did 10 years before, in 2003. He didn't go anywhere near a post office. What is Mr Maude talking about? We had on-line passport renewal under the last government.
We are moving 25 of the most popular public services online ... You don't need to just take my word for it – check out what we are doing for yourself at gov.uk/transformation.
That's exactly what we did three weeks ago, please see Waterfall Wanderers 0 - 0 Agile Athletic. Mr Maude's Government Digital Service (GDS) has stalled. Of its 25 "exemplar" public services, one is live and 24 aren't. They seem to be stuck.

Why?

The problem is that these new digital-by-default public services need identity assurance (IDA) – service suppliers need to know who they're dealing with. And GDS can't make it work. There's no sign of IDA.

Just like ID cards and the previous government. It wasn't Mr Kelsey's "powerful civil liberties lobby" that brought down the ID cards scheme. The problem was that even with all the political support of the government and an unlimited budget, the Home Office simply couldn't make the scheme work.

GDS suffer from the same problem.

They're supposed to be the experts in designing on-line transactions and they're stuck. Meanwhile, HMRC continue to operate complex on-line transactions, as they have done for years, since long before GDS were born.

GDS were supposed to have delivered us to the market years ago, all trussed up in personal data stores, ready to sell. Not a sausage. Meanwhile, once again it's HMRC who've already got their business off the ground.

----------

Updated 17.6.14

NHS guilty of 'unacceptable' lapses in sale of patient information to private sector

Updated 1.7.14

The midata zombie groaned the other day. The Department for Business Innovation and Skills published their Conclusions to a review of consumer access to personal data held by companies. There's good news and there's bad news.

The good news in the associated report, Review of the midata voluntary programme (p.3), is that:
... we do not think that there is a strong objective case for using our powers under the [Enterprise and Regulatory Reform] Act to require companies to release data at this time ...
No new regulations. Yet.

The bad news, also on p.3, is that:
A recent commitment from the big banks about midata should ease switching in the personal current accounts market. In the energy sector all of the large energy companies now provide access to a data file in a consistent format to their customers and the Secretary of State for Energy and Climate Change and I have recently agreed with them and third party intermediaries that they will work together towards providing third parties with automated access to consumer’s data in a safe and secure way.
The Secretary of State for Energy and Climate Change is Ed Davey, the only begetter of midata. There is no telling who "I" is, the person who agreed that "third party intermediaries" should have "automated access to consumer's data".

Who are these third parties? What data will they have automated access to? Why? What are they going to do with it? What are the supposed benefits? Did anybody ask the consumers? How would Ed Davey and "I" know if the data was accessed in a "safe and secure way"?


Updated 10 August 2016

Two years after the last time, the midata zombie groaned again the other day:
Watchdog ‘missed golden opportunity’ to shake up banking

Measures to improve competition in high street banking by making it easier for customers to compare offers online have been attacked for not going far enough.

Rejecting radical measures such as breaking up big banks or ending free in-credit banking, the Competition and Markets Authority yesterday ordered banks to share customers’ information with third parties from 2018 to make it easier for them to find better deals.

Andrew Tyrie, chairman of the Commons Treasury select committee, said: “I’m not optimistic that the CMA’s remedies will get to the heart of the problem. The CMA is relying on the rolling out of new technology to do the heavy lifting on competition. But many customers will not have the tools or skills to do this.

“Customers are also understandably wary of the data-sharing required for this to be effective” ...
Somewhere out there, there are still children who believe in the magic of open data.


You are for sale 2



That's what it said in Friday's Guardian, 18 April 2014:
The personal financial data of millions of taxpayers could be sold to private firms under laws being drawn up by HM Revenue & Customs [HMRC] in a move branded "dangerous" by tax professionals and "borderline insane" by a senior Conservative MP.
Her Majesty's Treasury are quoted as saying:
"HMRC is committed to protecting its customers' information ..."
If they're committed to protecting their customers' information, isn't it a little odd to sell it?

Saturday 12 April 2014

Digital government, empowerment and the Estonian fallacy


Don't be fooled into believing that "digital government"
will automatically deliver empowerment


Last Sunday night/Monday morning DMossEsq started a post. It's a good thing he fell asleep before finishing it and you never had to read it. It wasn't getting anywhere:

The lesson today is taken from the Book of Onwurah and our text is:
Labour’s history, our roots, are in the empowerment of people. All too often government is something done to the people. Digital government must not be like that.
That is as it is recorded in the Guardian version of the Estonian Bible of Digital Government. In the Civil Service World version, it is written:
We see digital government as a way to empower citizens and enable the public sector to do more with less; the Tories see it as just another way to slim down the state and deliver a public sector which does less with less.
The "more with less" tag will be recognised of course from an earlier lesson, Less for more:
... Not so fast, said, Ian Watmore, Chief Operating Officer of ERG [the Efficiency and Reform Group], whose motto, devised by Lord Brown of Madingley, Chairman of ERG and previously Chairman of BP and the Gulf of Mexico, is "more for less" ...

Then in Thursday's Times David Aaronovitch re-kindled interest in the unfinished post. He was writing about the letter sent to the Guardian by 19 "members of the progressive community" about Labour's manifesto for the May 2015 general election here in the UK:
If it were to sell this vision, Labour required an election manifesto based on a list of principles including “prevention of the causes of our social, environmental, physical and mental health problems, which requires a holistic and long-term approach to governance”, and the “empowerment of everybody . . . to enable them to play a full role as active citizens”.

This “empowerment of everybody” would need much devolution of power, said the letter, before ending in a peroration that included the assertion that “the era of building the capacity and platforms for people to ‘do things for themselves, together’ is now upon us” ...

When you write this badly, when you are so unclear that even experts in your field cannot decipher your intention, there is a reason for it. It could, of course, simply be that you are an idiot. But two other explanations are more likely: either that you don’t really know what you mean yourself; or that you do know, but you’d rather not spell it out.
It's not just the Labour tribe hoping to win by banging on about empowerment, as Mr Aaronovitch would have known if he had only read the DMossEsq post that was never published:

The Conservative tribe – the "Tories" as the prophet Onwurah calls them – also invoke empowerment. The October 2002 Book of Carswell, for example, is actually called Direct Democracy – empowering people to make their lives better.

And the Lib-Dem tribe, too. Repeatedly.

Here is the Lib-Dem prophet Davey:
Government, business and consumer groups commit to midata vision of consumer empowerment
... Today’s announcement marks the first time globally there has been such a Government-backed initiative to empower individuals ...
And Davey's successor, the Lib-Dem Lamb:
The Government launched the consumer empowerment strategy, Better Choices Better Deals: Consumers Powering Growth, in April 2011. The strategy set out ways for Government and others to help give consumers more power in a rapidly changing and complex economy.
And Lamb's successor, the Lib-Dem Swinson, with her midata Innovation Lab. And her successor in turn, the Lib-Dem Willott, who detects "progress on the consumer empowerment strategy".

It's up to these politicians to explain clearly what they mean by "empowerment". If they can. We must be able to answer the question what is this power that our politicians are so graciously granting back to us. Only then can we the public judge their offering.

The one germane point to add here is this. Don't be fooled into believing that "digital government" will automatically deliver empowerment.

That's what many of these politicians are advocating. And they're wrong. It's the Estonian fallacy.

Once we all maintain personal data stores with total strangers (the Government Digital Service's spooky so-called "identity providers") and once all government applications are scudding around out of control in the cloud, digital government could just as easily tighten the grip of Westminster and Whitehall – or Amazon, Google and Facebook – and perpetuate the tradition of government as "something done to the people", as Ms Onwurah aptly puts it.

Digital government, empowerment and the Estonian fallacy


Don't be fooled into believing that "digital government"
will automatically deliver empowerment


Last Sunday night/Monday morning DMossEsq started a post. It's a good thing he fell asleep before finishing it and you never had to read it. It wasn't getting anywhere:

The lesson today is taken from the Book of Onwurah and our text is:
Labour’s history, our roots, are in the empowerment of people. All too often government is something done to the people. Digital government must not be like that.
That is as it is recorded in the Guardian version of the Estonian Bible of Digital Government. In the Civil Service World version, it is written:
We see digital government as a way to empower citizens and enable the public sector to do more with less; the Tories see it as just another way to slim down the state and deliver a public sector which does less with less.
The "more with less" tag will be recognised of course from an earlier lesson, Less for more:
... Not so fast, said, Ian Watmore, Chief Operating Officer of ERG [the Efficiency and Reform Group], whose motto, devised by Lord Brown of Madingley, Chairman of ERG and previously Chairman of BP and the Gulf of Mexico, is "more for less" ...

Then in Thursday's Times David Aaronovitch re-kindled interest in the unfinished post. He was writing about the letter sent to the Guardian by 19 "members of the progressive community" about Labour's manifesto for the May 2015 general election here in the UK:
If it were to sell this vision, Labour required an election manifesto based on a list of principles including “prevention of the causes of our social, environmental, physical and mental health problems, which requires a holistic and long-term approach to governance”, and the “empowerment of everybody . . . to enable them to play a full role as active citizens”.

This “empowerment of everybody” would need much devolution of power, said the letter, before ending in a peroration that included the assertion that “the era of building the capacity and platforms for people to ‘do things for themselves, together’ is now upon us” ...

When you write this badly, when you are so unclear that even experts in your field cannot decipher your intention, there is a reason for it. It could, of course, simply be that you are an idiot. But two other explanations are more likely: either that you don’t really know what you mean yourself; or that you do know, but you’d rather not spell it out.
It's not just the Labour tribe hoping to win by banging on about empowerment, as Mr Aaronovitch would have known if he had only read the DMossEsq post that was never published:

The Conservative tribe – the "Tories" as the prophet Onwurah calls them – also invoke empowerment. The October 2002 Book of Carswell, for example, is actually called Direct Democracy – empowering people to make their lives better.

And the Lib-Dem tribe, too. Repeatedly.

Here is the Lib-Dem prophet Davey:
Government, business and consumer groups commit to midata vision of consumer empowerment
... Today’s announcement marks the first time globally there has been such a Government-backed initiative to empower individuals ...
And Davey's successor, the Lib-Dem Lamb:
The Government launched the consumer empowerment strategy, Better Choices Better Deals: Consumers Powering Growth, in April 2011. The strategy set out ways for Government and others to help give consumers more power in a rapidly changing and complex economy.
And Lamb's successor, the Lib-Dem Swinson, with her midata Innovation Lab. And her successor in turn, the Lib-Dem Willott, who detects "progress on the consumer empowerment strategy".

It's up to these politicians to explain clearly what they mean by "empowerment". If they can. We must be able to answer the question what is this power that our politicians are so graciously granting back to us. Only then can we the public judge their offering.

The one germane point to add here is this. Don't be fooled into believing that "digital government" will automatically deliver empowerment.

That's what many of these politicians are advocating. And they're wrong. It's the Estonian fallacy.

Digital government – the customer is always wrong 2

We noted, a couple of months back, an open letter to the Government Digital Service (GDS) and the Government Procurement Service (now the Crown Commercial Service). The letter was orchestrated by Skyscape Cloud Services, please see G-Cloud – Animal Farm, and included this suggestion:
There is little, if any, transparency of forthcoming opportunity to the supplier, which can in turn lead to negative speculation about how long-lists and shortlists are compiled. We recommend that transparency principles are applied to all areas of G-Cloud transacting:
  • That an opportunity pipeline is published so that suppliers can see who is planning to buy and when (Contracts Finder would be the logical channel);
  • That suppliers are informed if they have been long-listed – and that reasons for failing to make the shortlist are communicated to the supplier. Suppliers can then improve their products and pricing which will in turn benefit the market as a whole.
Skyscape and their 14 fellow signatories want to force prospective customers to tell suppliers what new business is available and they want to force them to explain why they rejected all the other suppliers in favour of the lucky ones who were shortlisted.

"10 out of 10 for trying", you may say, "a bit pushy, unlikely to work – what sanction do suppliers have if customers simply refuse to explain themselves? – but, who knows, they might get away with it. Someone might fall for the it's-in-your-own-best-interests argument, prices will fall and quality will rise. There again, do Skyscape and their friends really want to get into a public shouting match about why they were rejected, how bad their products are and/or how stupid the customers are for rejecting them? The customer is always right, isn't he? ..."

Never mind all that.

How could suppliers be notified of new business opportunities? "Contracts Finder would be the logical channel", say the Skyscape 15, referring to the venerable Contracts Finder website on BusinessLink.gov.uk, a domain which isn't supposed to exist any more but does, like Direct.Gov.uk, don't tell GDS.

Someone has had a better idea.

We refer once again to GDS's Designing the Digital Marketplace, a blog post which includes this:
On commercial retail websites it’s common to favourite or bookmark things (like a house for sale on Rightmove, or a book on Amazon). Adding something to your shortlist on the Digital Marketplace is similar, except it would also allow you to record your reason for including it, for the purposes of an audit trail.

We’re currently testing Projects as a way to organise multiple shortlists. For example, if you’re working on creating a website you will need multiple things; including a CMS [content management system] and hosting. A Project page, which contains shortlists, is one means of organising choices and recording how decisions are made. Later we’ll be designing and testing what adding collaborators to a project (or a shortlist) might look like.
What looks like a facility to help customers manage the product selection process could easily be transformed into a way of giving prospective suppliers detailed information about new business opportunities and the prospective customers' innermost thoughts about them.

It may be advisable not to use this "Projects" facility. Unless you want Skyscape and 14 other suppliers ringing you up every day to badger you.

Digital government – the customer is always wrong 2

We noted, a couple of months back, an open letter to the Government Digital Service (GDS) and the Government Procurement Service (now the Crown Commercial Service). The letter was orchestrated by Skyscape Cloud Services, please see G-Cloud – Animal Farm, and included this suggestion:
There is little, if any, transparency of forthcoming opportunity to the supplier, which can in turn lead to negative speculation about how long-lists and shortlists are compiled. We recommend that transparency principles are applied to all areas of G-Cloud transacting:
  • That an opportunity pipeline is published so that suppliers can see who is planning to buy and when (Contracts Finder would be the logical channel);
  • That suppliers are informed if they have been long-listed – and that reasons for failing to make the shortlist are communicated to the supplier. Suppliers can then improve their products and pricing which will in turn benefit the market as a whole.
Skyscape and their 14 fellow signatories want to force prospective customers to tell suppliers what new business is available and they want to force them to explain why they rejected all the other suppliers in favour of the lucky ones who were shortlisted.

"10 out of 10 for trying", you may say, "a bit pushy, unlikely to work – what sanction do suppliers have if customers simply refuse to explain themselves? – but, who knows, they might get away with it. Someone might fall for the it's-in-your-own-best-interests argument, prices will fall and quality will rise. There again, do Skyscape and their friends really want to get into a public shouting match about why they were rejected, how bad their products are and/or how stupid the customers are for rejecting them? The customer is always right, isn't he? ..."

Never mind all that.

How could suppliers be notified of new business opportunities? "Contracts Finder would be the logical channel", say the Skyscape 15, referring to the venerable Contracts Finder website on BusinessLink.gov.uk, a domain which isn't supposed to exist any more but does, like Direct.Gov.uk, don't tell GDS.

Someone has had a better idea.

Friday 11 April 2014

Digital government – the market in contempt

Dotted around central government and local government there are thousands of experienced and responsible buyers, among them people who buy IT hardware, software and services. They've been doing it for decades. They know what they're doing. They're not idiots.

It is sensible to collect their experience together. That way standards can be raised and mistakes avoided. It is sensible to share their experience. That cuts out wasteful, repetitive work – there's not much point 100 branches of government assessing the same product 100 times. It is sensible to create centralised "digital marketplaces" like the Digital Services framework, where suppliers will be made to compete on price and quality openly, in full view of the buying public.

In connection with which, please see Designing the Digital Marketplace, which was posted a few days ago on the Government Digital Service's digital marketplace blog and which discusses "some of the exciting new features and improvements we’re bringing to the Digital Marketplace":
... a major design goal is to reassure buyers that they’re buying the right thing, and to make sure buyers are supported throughout the buying process ...

A problem with the current CloudStore is that it’s tricky to find the same search result twice, because the search results are randomised. We’re working on making it easier to find the service you need by improving browsing and searching.

One way we’re doing that is by looking at language. The acronyms SaaS, PaaS, and IaaS mean something to those who know, but to those who are new to cloud services they are confusing. To help users understand the phrasing and categorisation, we’re looking at including a full phrase, an explanation of what it means, and some examples (the most popular) of what these services actually are (see screenshot below). But even with the full phrase, do our users know what “software as a service” means? (For those interested, Ivanka’s written previously about the importance of language.) ...
"... a major design goal is to reassure buyers that they’re buying the right thing"? Do GDS really believe that their colleagues in government who are professional buyers would buy something when they're not sure what it is?

"The acronyms SaaS, PaaS, and IaaS mean something to those who know, but to those who are new to cloud services they are confusing"? Do GDS really believe that their colleagues in government who are professional buyers are out there buying acronyms without knowing what they stand for?

"... even with the full phrase, do our users know what “software as a service” means? (For those interested, Ivanka’s written previously about the importance of language.)"? If someone doesn't know what "software as a service" means, what on earth are they doing buying SaaS? And do we really need Ivanka to tell us that language is important?

It is the thoughts expressed by language which are important. GDS, whose own record is not unblemished, might do well to rein in this thought that they're dealing with idiots when it comes to government buyers. And to the rest of us.

Digital government – the market in contempt

Dotted around central government and local government there are thousands of experienced and responsible buyers, among them people who buy IT hardware, software and services. They've been doing it for decades. They know what they're doing. They're not idiots.

Tuesday 8 April 2014

RIP IDA – where is it?

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

The Government Digital Service (GDS) are trying to transform government by making it digital by default. They have chosen 25 public services as exemplars. Exemplar no.9 is a service for DVLA – the Driver and Vehicle Licensing Agency – and is described as follows:
If you are a driver you will be able to view information from your record, including what vehicles you can drive and any penalty points and disqualifications. Drivers' data will be made available via a new DVLA enquiry platform built to handle high-volume enquiries
That's point #1.

Point #2 – GDS have been trying for some time to get identity assurance working. On 11 February 2014 they told us that IDA was finally being tested behind the scenes, and that testing on exemplar no.9 would start to use IDA in public in March:
Initially we will be adding more services and users quite gradually, as we continue to get the service ready for wider use. Other services will begin to use identity assurance from March onwards, starting with DVLA’s view driving record service. The DVLA will start trialling identity assurance for some users, aiming to use it exclusively once the identity assurance service is in public beta.
Point #3, on 1 April 2014 DVLA announced that:
Yesterday, at just after midday, we launched the public beta of View Driving Record on GOV.UK.
"... after 15 months of hard work this was it", they said, "we had delivered the first part of what we had set out to achieve ...".

Can you now see "what vehicles you can drive and any penalty points and disqualifications" on-line? Yes.

And can you see IDA in action? No.


After 15 months of work, what we get is the screen form above with just four fields to fill in and when you press the button you get two database lookups – the vehicles you can drive and any points on your licence. Maybe it's harder than it looks but it doesn't look as though that should take 15 months. Not if you're using "agile" software engineering methods.

Leave a space in your National Insurance number or in your post code when you enter it, and GDS tell you "Sorry, due to a technical problem we can't display your details right now. Please try again later" – an obtuse way to tell users to remove the spaces, and a surprising approach for an organisation that prides itself on designing user interfaces.

Are you really the user of this service? The objective is to make life easier for DVLA and for the car hire companies – this service is one step along the path to dispensing with the paper counterpart driving licences we all lose. The objective is also to make it easier for car insurance companies to check that we're telling the truth on our proposals.

This heavy reliance on National Insurance numbers to identify us is likely, we are told, to underpin the individual electoral registration service due to be released in June 2014. Does it provide adequate assurance?

All of these matters and more we can debate. But, point #4, that debate is set against the background of the continued glaring absence of IDA. Where are the so-called "identity providers"? Where are the personal data stores? Where is the secure identity hub?

----------

Updated 7.10.14

"From today, [DVLA, the UK's Driver and Vehicle Licensing Agency] has launched a new digital service. Now you can view your driving licence information online." That's what the Government Digital Service (GDS) said today in a Tweet. And they provided a link to a post on the GDS blog, A new way to view your driving licence info online.

You might take that at face value.

If you were born yesterday.

But as the rest of us know, if only from the 8 April 2014 post above, the service was launched at least six months ago.

No-one knows why it was launched then.

It's of no use to drivers.

And no-one knows why it's being re-launched now. It's still of no use to drivers. And it still operates without the benefit of the long-promised identity assurance.


RIP IDA – where is it?

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

The Government Digital Service (GDS) are trying to transform government by making it digital by default. They have chosen 25 public services as exemplars. Exemplar no.9 is a service for DVLA – the Driver and Vehicle Licensing Agency – and is described as follows:
If you are a driver you will be able to view information from your record, including what vehicles you can drive and any penalty points and disqualifications. Drivers' data will be made available via a new DVLA enquiry platform built to handle high-volume enquiries
That's point #1.

Point #2 – GDS have been trying for some time to get identity assurance working. On 11 February 2014 they told us that IDA was finally being tested behind the scenes, and that testing on exemplar no.9 would start to use IDA in public in March:
Initially we will be adding more services and users quite gradually, as we continue to get the service ready for wider use. Other services will begin to use identity assurance from March onwards, starting with DVLA’s view driving record service. The DVLA will start trialling identity assurance for some users, aiming to use it exclusively once the identity assurance service is in public beta.
Point #3, on 1 April 2014 DVLA announced that:
Yesterday, at just after midday, we launched the public beta of View Driving Record on GOV.UK.
"... after 15 months of hard work this was it", they said, "we had delivered the first part of what we had set out to achieve ...".

Can you now see "what vehicles you can drive and any penalty points and disqualifications" on-line? Yes.

And can you see IDA in action? No.

Monday 7 April 2014

RIP IDA – long odds

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

Last Friday the Government Digital Service (GDS) announced that they would be issuing a new invitation to tender for identity assurance work (IDA), please see Identity assurance, procurement 2.

As noted, it looks as though enrolment into IDA would cost 35 times more than GDS previously told us. £30 million was meant to pay for 21 million putative registrations. In the event, it will cover only 600,000 putative registrations.

In a typically clear-headed assessment published in Computer Weekly magazine, Toby Stevens describes the difficulties GDS face with IDA. He also examines the position of suppliers considering a bid. Should they try to become "identity providers" (IDPs)? He has this to say:
... an IDP would need to run a population of 250,000 users in the first year just to have a chance of breaking even. That's going to be a problem for stretched Sales Directors who are evaluating bid risks and trying to determine where to focus their sales resources. Why bid the high-risk job with the deferred payback, when they could go for safer projects with up-front payment ...

I think I’d rather put my money on a 5-horse accumulator than an IDP bid team.
No board is going to sanction betting on the horses as a business development strategy. The equity analysts wouldn't wear it. Neither would the shareholders. The directors could kiss goodbye to their careers.

Nevertheless, the salesmen will probably turn up to the 28 April 2014 "event for interested organisations". That's what salesmen do. Quite rightly. It promises to be a re-run of the 20 September 2010 meeting, please see Identity assurance. Only the future is certain – doom 1.

GDS didn't exist then, back in September 2010. They do now. But it remains the case nevertheless that investing in IDA is akin to betting on the horses. Toby Stevens says: "GDS has a track record of delivering 'impossible' projects". He is a kinder man than DMossEsq. "Impossible" means impossible. RIP.

RIP IDA – long odds

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

Last Friday the Government Digital Service (GDS) announced that they would be issuing a new invitation to tender for identity assurance work (IDA), please see Identity assurance, procurement 2.

As noted, it looks as though enrolment into IDA would cost 35 times more than GDS previously told us. £30 million was meant to pay for 21 million putative registrations. In the event, it will cover only 600,000 putative registrations.

In a typically clear-headed assessment published in Computer Weekly magazine, Toby Stevens describes the difficulties GDS face with IDA. He also examines the position of suppliers considering a bid. Should they try to become "identity providers" (IDPs)? He has this to say:
... an IDP would need to run a population of 250,000 users in the first year just to have a chance of breaking even. That's going to be a problem for stretched Sales Directors who are evaluating bid risks and trying to determine where to focus their sales resources. Why bid the high-risk job with the deferred payback, when they could go for safer projects with up-front payment ...

I think I’d rather put my money on a 5-horse accumulator than an IDP bid team.
No board is going to sanction betting on the horses as a business development strategy. The equity analysts wouldn't wear it. Neither would the shareholders. The directors could kiss goodbye to their careers.

Friday 4 April 2014

RIP IDA – registration just became 35 times more expensive

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

It seems like only yesterday but actually it was 1 March 2012 when Public Servant of the year ex-Guardian man Mike Bracken MBE published Identity: One small step for all of Government.

At that stage, the Cabinet office had "built a new team and delivery plan and a working governance structure to implement Identity Assurance solutions strategically across government", he told us. The team was starting the "exciting challenge" – progress to date unknown – of "creating a trust infrastructure", whatever that is.

The Department for Work and Pensions (DWP) were going to be the "vehicle" for delivering identity assurance (IDA). Get it right for DWP and IDA could be "cut" (copied?) and pasted across the whole of Her Majesty's Government (HMG) to support its digital-by-default policy. That's what he said.

"In the first instance, IDA digital services will be used to support Universal Credit and the Personal Independence Payment, which from 2013 will replace DWP’s current benefit system". Some details were set out in a notice published in the Official Journal of the European Union (OJEU): "The initial DWP services will be required to provide identity assurance for approximately 21 000 000 claimants".

And how much was this all going to cost? Thanks to the Government Digital Service (GDS), the cost of IDA had been cut from DWP's £240 million estimate to just £30 million (= £25 million + VAT).

In the event, two years later, there is still effectively no Universal Credit and there are no "IDA digital services".

But there is a new post on the IDA blog written by Janet Hughes and David Rennie, and there's going to be a new OJEU notice, please see Identity assurance, procurement 2.

We are reminded that "last year we signed contracts with 5 identity providers. These are companies that will verify that users are who they say they are ...".

"Identity providers"? Have you grown accustomed yet to this 21st century science fiction in the British Constitution? Probably not. No-one in the UK has been provided with an identity yet by any of these five companies and there is no sign that anyone ever will be.

Today's IDA post goes on to say that "identity providers are paid each time a user registers with them. The initial contracts cover the first 600,000 registrations. We’re expecting to use all of these this year ...".

Just a minute.

The "initial contracts" were meant to cover 21 million DWP claimants. That's what the OJEU said. Where has this 600,000 figure come from? The goalposts have moved.

The DMossEsq slide rule suggests that value for money, IDAwise, has just plummeted by a factor of 35. At this rate, registering 21 million claimants would cost just over a billion pounds, making DWP's £240 million estimate seem modest by comparison.

GDS now have to plug an enormous hole in their "trust infrastructure". If there ever are any registrations in GDS's non-existent IDA programme, those registrations are going to cost 35 times more than we were first told. And in another two years' time? What will we be asked to believe then?

RIP IDA – registration just became 35 times more expensive

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

It seems like only yesterday but actually it was 1 March 2012 when Public Servant of the year ex-Guardian man Mike Bracken MBE published Identity: One small step for all of Government.

At that stage, the Cabinet office had "built a new team and delivery plan and a working governance structure to implement Identity Assurance solutions strategically across government", he told us. The team was starting the "exciting challenge" – progress to date unknown – of "creating a trust infrastructure", whatever that is.

Thursday 3 April 2014

Estonia – are we nearly there?

This morning's Computer Weekly headline speaks for itself: "Parliamentary computers crash 90 minutes after IT assurances".

There was a "major incident" nine days ago on 25 March 2014 when parliamentarians and their staff had trouble with email and internet access. Joan Miller, Director of Parliamentary IT, emailed her users at 12:28 to say that the problem had been fixed. 89 minutes later at 13:57 it happened all over again, major incident #2.

That's a resilience problem. Like the Government Digital Service's CloudStore being unavailable for several days. Twice. In October and November 2013.

Then there's the security problem. Even when Parliament's IT is up and running smoothly, you will remember, Ms Miller suffers from the Government Digital Service's problem – security isn't important, usability is what matters, please see The Tragedy of the Commons.

Parliament seems to be in danger of enjoying neither resilience nor security.

"Would that work here?", BBC Radio 4 asked last night. In Estonia they seem to have iDemocracy, as recommended by Douglas Carswell. How far along the road to Estonia is the UK? Without resilience, security and identity assurance, not very.

Estonia – are we nearly there?

This morning's Computer Weekly headline speaks for itself: "Parliamentary computers crash 90 minutes after IT assurances".

There was a "major incident" nine days ago on 25 March 2014 when parliamentarians and their staff had trouble with email and internet access. Joan Miller, Director of Parliamentary IT, emailed her users at 12:28 to say that the problem had been fixed. 89 minutes later at 13:57 it happened all over again, major incident #2.

That's a resilience problem. Like the Government Digital Service's CloudStore being unavailable for several days. Twice. In October and November 2013.

Then there's the security problem. Even when Parliament's IT is up and running smoothly, you will remember, Ms Miller suffers from the Government Digital Service's problem – security isn't important, usability is what matters, please see The Tragedy of the Commons.

Parliament seems to be in danger of enjoying neither resilience nor security.

"Would that work here?", BBC Radio 4 asked last night. In Estonia they seem to have iDemocracy, as recommended by Douglas Carswell. How far along the road to Estonia is the UK? Without resilience, security and identity assurance, not very.