Tuesday, 14 March 2017

GDS's commitment to user control of personal information

Public administration in the UK has problems which could be solved if public services became digital by default. That is the raison d'être of the Government Digital Service (GDS).

Digital by default? What does "digital" mean? According to Tom Loosemore, ex-Deputy Director of GDS, "digital means applying the culture, practices, processes and technologies of the internet era to respond to people’s raised expectations".

The reactionaries in Whitehall have hobbled GDS. That's what Jerry Fishenden and Cassian Young say: "It is convenient for institutionally conservative managers to watch the energy behind transformation dissipate harmlessly in the sandbox where the agile insurgents are left to play with their websites", please see Escaping waterfall government and the myth of ‘digital transformation’.

Messrs Fishenden and Young accept Mr Loosemore's questionable prescription. They think GDS have failed to deliver. But they still think it's the right objective – the model for public administration should be changed radically just as "Netflix, Flickr and Airbnb" have changed the dynamics of their markets.

Are they right?

Sir Tim Berners-Lee, inventor of the web, has serious reservations, please see Tim Berners-Lee says privacy needs fixing – and calls for 'algorithmic transparency'. The culture of the internet era has blemishes: "over the past 12 months, I’ve become increasingly worried about three new trends, which I believe we must tackle in order for the web to fulfill its true potential as a tool which serves all of humanity":
The first is control of personal data. Berners-Lee thinks we don't have it any more and that's a bad thing because “As our data is then held in proprietary silos, out of sight to us, we lose out on the benefits we could realise if we had direct control over this data, and chose when and with whom to share it.”

“What’s more,” he says, “we often do not have any way of feeding back to companies what data we’d rather not share – especially with third parties – the T&Cs are all or nothing.”

He also worries that government surveillance is “increasingly watching our every move online, and passing extreme laws that trample on our rights to privacy”. Repressive regimes use that surveillance to harass opponents, but even benevolent governments have “a chilling effect on free speech and stops the web from being used as a space to explore important topics, like sensitive health issues, sexuality or religion ...”
Embrace the culture of the internet era – as Messrs Loosemore, Fishenden and Young want you to – and as things stand, Sir Tim warns you, you lose control of your personal information. That's how Facebook came to report $27.6 billion of revenue for 2016. That's how Google (Alphabet) came to report revenue of $27.1 billion, not for the whole of 2016, just for the fourth quarter.

Sir Tim is working on a project called Solid to try to "decouple data from web applications (and by extension social networks) so that users can decide where their data resides and how it can be accessed". It might work. We'll see in five years.

In the meantime, any promises to put you in control of your own personal information are false. The Privacy and Consumer Advisory Group (PCAG) is co-chaired by Jerry Fishenden. PCAG insist that any identity assurance scheme should put the user in control. GDS promise that their GOV.UK Verify (RIP) identity assurance scheme complies with PCAG's principles. That promise is false. The inventor of the web says so and he should know.

While claiming to put the user in control, GDS like us to spray our personal information all over the world when we register with GOV.UK Verify (RIP). Their heart really isn't in this privacy lark, is it. They use Eventbrite to organise events. They use Zendesk for user support. They use StatusPage for network monitoring. They use Survey Monkey for user feedback. All the personal information involved is stored and used beyond your control and now GDS want you to upload your CV to Jobvite.

Who?

Take a step back.

GDS have got a lot of situations vacant. For example, they were tweeting yesterday, saying: "We have a fantastic opportunity for a Lead Product Manager to work across the @GOVUKverify product teams https://jobs.jobvite.com/gds/job/oksV4fwv":

https://jobs.jobvite.com/gds/job/oksV4fwv/apply

GDS warn prospective recruits: "If you do not wish for your data to be transferred outside the UK, please click the back button below and check the job description for an email address to send your application to". Click that back button and there is no sign of an email address for prospective recruits to use. Welcome to the culture of the internet era GDS-style.

The Jobvite privacy policy is worth a read. Any problems and you can just write to them at:
Jobvite, Inc.
Attn: Privacy Policy
1300 S El Camino Real, Ste 400
San Mateo, CA 94402

No comments:

Post a Comment