Saturday, 6 May 2017

Half-baked, amateurish, technically-illiterate, misled, misinformed, …

Last Wednesday, 3 May 2017, Jerry Fishenden published a blog post, The canary that ceased to be, where he announced his resignation as co-chair of the Privacy and Consumer Advisory Group (PCAG):
The group has reviewed and commented upon a wide range of government initiatives, including predicting the disaster that become NHS care.data, the fraud risks of ill-considered “data-sharing” (under various guises), the troubled and late-running GOV.UK Verify identity assurance programme, the Office of National Statistics use of data, the “digital transformation” of the electoral roll, Home Office fraud issues, the Investigatory Powers Bill (now Act), and other proposals and ideas from across government.
PCAG is meant to be a safety device like a miner's canary, it's meant to detect officials attempting to "smuggle their often half-baked proposals past Ministers". That's what it's meant to do and that's what it does but ministers have stopped paying attention. Particularly Matt Hancock and Ben Gummer who haven't bothered even to acknowledge letters sent to them by PCAG.

The "disappointingly amateurish and technically-illiterate" Digital Economy Act was the last straw. Mr Fishenden had to resign. PCAG's advice was "repeatedly ignored by officials who should know better" and those officials "repeatedly misled and misinformed" PCAG.

No doubt honest and able people like Mr Fishenden resign all the time, infuriated by official mendacity and incompetence, but it's rare to see them speak out like this ...

... and rarer still to see them loose off another shot a day or two later, please see Gov.uk Verify and identity assurance - it's time for a rethink, in which Mr Fishenden confirms and amplifies DMossEsq's contention that GOV.UK Verify is dead, RIP.

Who knows but there may be yet more to come.

----------

Updated 7.5.17

Jerry Fishenden Comment
The canary that ceased to be Government Computing:
Independent privacy body co-chair resigns over Whitehall engagement
UKAuthority:
Cabinet Office privacy adviser resigns
Campaign4Change:
Some officials “smuggle their often half-baked proposals past ministers” says Cabinet Office adviser who quits
Diginomica:
How the canary fell off its perch down the privacy policy mine – and nobody cared
Civil Service World:
Government privacy advisor quits after officials ‘repeatedly ignored’ guidance
Gov.uk Verify and identity assurance - it's time for a rethink Computer Weekly:
Ex-government privacy advisor calls for 'fundamental review' of Gov.uk Verify identity scheme
Government Computing:
Privacy and identity expert Fishenden calls for Verify rethink
Alan Mather
The identity/data divide "Who knows but there may be yet more to come", we said above and on 23.5.17, lo, happily there was.


Updated 8.5.17

When Jerry Fishenden gave evidence last October, one member of the Digital Economy Bill Committee said: "Dr Fishenden, your exasperation with what is in the Bill is shared by other witnesses".

In fact, his exasperation was more with what was not in the Bill. Control over our personal information is due to be taken out of our hands and given to officials. This is in the interests of data-sharing. But "data-sharing" was not defined in the Bill. The management of our personal information will depend on codes of practice to be followed by officials. But these codes of practice were not included in the Bill.

The Digital Economy Bill has now been enacted and given royal assent. It is a dreadful piece of legislation and it seems to have been the final straw for Mr Fishenden.

"In Francis Maude’s day, the problems with Part 5 (PDF) of the Digital Economy Bill and its associated codes of practice would have been highlighted and fixed with the help of the [Privacy and Consumer Advisory Group], rather than causing Ministerial embarrassment and confusion when they were published in a disappointingly amateurish and technically-illiterate state", says Mr Fishenden in his canary article.

The same claim is repeated by Diginomica*: "Not for the first time, diginomica laments the loss of Lord Maude". And by Campaign4Change: "Fishenden’s departure is further confirmation that since Maude’s departure, the Cabinet Office – apart from the Government Digital Service – has settled back into the decades-old Whitehall culture of tinkering with the system while opposing radical change".

This is not what it looks like from the outside. Francis Maude is on record as saying: "I want to bust the myths around the complexities of data sharing ... we aim to find effective ways of using and sharing data for the good of everyone".

He wanted the government to "deliver more effective, joined-up and personalised public services, through effective data-linking", which he said was not the same as "data-sharing" but he never explained the difference ...

... reminiscent of the Dark Department's (the Home Office's) Paul Maltby, who tried to make the ethical problems of data-sharing go away by changing the name to "data access".

From the outside, to the public, it looks as though Mr-now-Lord Maude was part of the personal information problem, and not the solution.

In his Verify article, Mr Fishenden points out that the Government Digital Service's GOV.UK Verify (RIP) identity assurance scheme stands many of GDS's principles on their head. True, but don't forget, it was designed and developed while Lord Maude was GDS's political boss.

Mr Fishenden's suggestion that the problems of the Digital Economy Act and GOV.UK Verify (RIP) would have been solved if only Lord Maude was still Minister for the Cabinet Office is a baffling distraction from the main point, which is the "half-baked proposals" of "disappointingly amateurish and technically-illiterate" officials who "repeatedly misled and misinformed" the Privacy and Consumer Advisory Group.

Notes
* "The loss of Lord Maude"? It should be made clear that Diginomica are not suggesting that Lord Maude is dead, simply that he is no longer Cabinet Office Minister.


Updated 12.10.17

"Who knows", we said, back in May, please see above, "but there may be yet more to come".

And how.

Jerry Fishenden has published another long essay in Computer Weekly magazine, Will the review of Gov.uk Verify [RIP] fix the UK's digital identity problems?.

"What review?", you ask. The McKinsey review. Manzoni calls in McKinsey to conduct review of online identities for public services. That was David Bicknell's scoop, writing on the Government Computing website nine days ago: "The review ... is believed to have been instituted by Civil Service chief executive and Cabinet Office permanent secretary John Manzoni".

900 staff in the Government Digital Service (GDS), all supposed to advise the rest of the civil service how to be innovative and effective in public administration, and the CEO has to call in external consultants to advise on the central pillar of digital-by-default, GOV.UK Verify (RIP)? It's not a good look, is it.

As do we all, Mr Fishenden wants to help McKinsey with their review. Thus his excellent Computer Weekly article.

It's a long article. What it says is that GDS have been wasting our time and theirs with GOV.UK Verify for six years. RIP.

No comments:

Post a Comment