DMossEsq: BIS

Showing posts with label BIS. Show all posts

Tuesday, 8 September 2015

Assisted dying the digital way with a core consent delegation management repository

Guess what this is:

Transaction Date	Transaction Type	Merchant/Description	Debit/Credit	Balance
31-12-2014	GDS	***********************************************	-224.76	2,524.32
30-12-2014	BIS	********************************	-1,614.68	2,749.08
01-12-2014	GDS	***********************************************	-185.57	4,363.75
01-12-2014	GDS	******************************	-1,269.42	4,549.33
31-10-2014	GDS	**********	-1,066.21	5,818.75
30-10-2014	BIS	************************	826.43	6,884.96
30-09-2014	GDS	***************************	2,440.86	6,058.53
30-09-2014	GDS	************************	2,953.17	3,617.67
08-09-2014	BIS	***********************************************	-206.86	664.50
04-09-2014	BIS	***********************************************	-311.02	871.36

Give up?

Here's a clue:
In 1621, King James I directed the Privy Council to establish a temporary committee to investigate the causes of a decline in trade and consequent financial difficulties. 394 years later, the temporary committee is still with us, currently known as the Department for Business Innovation and Skills (BIS).

In November 2011, nearly four years ago, BIS promised us midata, an initiative which was supposed to empower us consumers by giving us control over our own data.

"midata is about giving the public more control and access to their personal data. There are potentially endless possibilities", BIS told us and proceeded to list 10 of them starting with "midata could help you manage your returns and warranties".

It's not just returns and warranties. "midata also creates opportunities for new markets to develop where businesses help consumers use their data to make better consumption decisions and lifestyle choices". If only we consumers would agree to keep all our data up to date in a personal data store (PDS), then apps created by entrepreneurs in these burgeoning markets could process it and tell us what to do. Say goodbye to illogical decisions.

It's arrant nonsense of course. Not even Narcissus has the time or the inclination to "curate" himself, as they call it, by keeping his PDS up to date. There's no-one left on the planet stupid enough to hand over their personal data to an on-line stranger – think Ashley Madison. And this control BIS were talking about. Control over your personal data. Once you've handed the data over, you've got no control. You've lost it and it's not in BIS's gift to give it back to you.

A number of major suppliers including DMossEsq's bank had to humour BIS. No point upsetting a central government department. Play along. But there are limits. These suppliers have to make sure that their customers aren't harmed by midata. That's a practical matter of reputational survival. Any customer who suffers from midata is going to blame the bank, not James I.

And so they came up with the useless data shown in the opening table above*. DMossEsq clicked midata on his on-line banking service and, after reams of warnings not to show the data to anyone, the bank served up the last year's transactions on one of his little-used accounts.

You will note that DMossEsq received £2,953.17 from ************************ on 30 September last year and that he spent £185.57 with *********************************************** on 1 December. Whether he got a warranty isn't clear. Try making a logical decision based on that.

You can probably forget about the midata initiative now.

But the desire to get people to fill up a PDS with all their personal data and then pay a stranger to use it lives on.

In gradually more and more perverse ways.

The latest of which is exemplified by our old friends Mydex, who now advocate PDSs as an aid to considerate death, Personal empowerment means addressing the consent challenges we all face: "If transaction-based consent persists, what's needed is the ability to take a feed from each site's transactional processes that automatically drops every ticked consent box into the individual's core consent delegation management repository, part of their personal data store".

----------

* Dozens of transactions are not shown in the table, it's just an extract from DMossEsq's midata report. The transaction dates have been changed. So have the transaction types and the debit/credit amounts, with the balances updated accordingly. The merchant/description details have not been changed – that's exactly how they appear, as a variable number of asterisks.

Assisted dying the digital way with a core consent delegation management repository

Guess what this is:

Transaction Date	Transaction Type	Merchant/Description	Debit/Credit	Balance
31-12-2014	GDS	***********************************************	-224.76	2,524.32
30-12-2014	BIS	********************************	-1,614.68	2,749.08
01-12-2014	GDS	***********************************************	-185.57	4,363.75
01-12-2014	GDS	******************************	-1,269.42	4,549.33
31-10-2014	GDS	**********	-1,066.21	5,818.75
30-10-2014	BIS	************************	826.43	6,884.96
30-09-2014	GDS	***************************	2,440.86	6,058.53
30-09-2014	GDS	************************	2,953.17	3,617.67
08-09-2014	BIS	***********************************************	-206.86	664.50
04-09-2014	BIS	***********************************************	-311.02	871.36

Give up?

more ►

Thursday, 13 June 2013

Nothing better to do on Monday?

Highly recommended:

SCIENCE AND TECHNOLOGY COMMITTEE
Select Committee Announcement

No. 10 (13-14): 13 June 2013

ORAL EVIDENCE SESSION ANNOUNCED
Digital by Default

The Science and Technology Committee will hold the following oral evidence session into ‘Digital by Default’:

Monday 17 June 2013
Thatcher Room, Portcullis House
At 4.15 pm

· Rt Hon Francis Maude MP, Minister for the Cabinet Office and Paymaster General

Follow the Committee's business on Twitter @CommonsSTC

FURTHER INFORMATION

Committee Membership:
Andrew Miller (Labour, Ellesmere Port and Neston) (Chair)
Jim Dowd (Labour, Lewisham West and Penge)
Stephen Metcalfe (Conservative, South Basildon and East Thurrock)
David Morris (Conservative, Morecambe and Lunesdale)
Stephen Mosley (Conservative, City of Chester)
Pamela Nash (Labour, Airdrie and Shotts)
Sarah Newton (Conservative, Truro and Falmouth)
Graham Stringer (Labour, Blackley and Broughton)
David Tredinnick (Conservative, Bosworth)
Hywel Williams (Plaid Cymru, Arfon)
Roger Williams (Liberal Democrat, Brecon and Radnorshire)

The session is open to the public on a first come, first served basis. Portcullis House is the building directly above Westminster Station, entrance to which is via Victoria Embankment. There is no system for the prior reservation of seats in Committee Rooms. It is advisable to allow about 30 minutes to pass through security checks. Committee rooms and the timing of meetings are subject to change.

Specific Committee information: scitechcom@parliament.uk / 020 7219 2793
Media information: Nick Davies daviesnick@parliament.uk / 020 7219 3297
Committee website: www.parliament.uk/science
Watch committees and parliamentary debates online: www.parliamentlive.tv
Publications / Reports / Reference Material: Copies of all select committee reports are available from the Parliamentary Bookshop (12 Bridge St, Westminster, 020 7219 3890) or the Stationery Office (0845 7023474). Committee reports, press releases, evidence transcripts, Bills; research papers, a directory of MPs, plus Hansard (from 8am daily) and much more, can be found on www.parliament.uk.

Nothing better to do on Monday?

Highly recommended:

SCIENCE AND TECHNOLOGY COMMITTEE

Select Committee Announcement

No. 10 (13-14): 13 June 2013

ORAL EVIDENCE SESSION ANNOUNCED

Digital by Default

The Science and Technology Committee will hold the following oral evidence session into ‘Digital by Default’:

Monday 17 June 2013
Thatcher Room, Portcullis House

At 4.15 pm

· Rt Hon Francis Maude MP, Minister for the Cabinet Office and Paymaster General

Follow the Committee's business on Twitter @CommonsSTC

FURTHER INFORMATION

Committee Membership:

Andrew Miller (Labour, Ellesmere Port and Neston) (Chair)

Jim Dowd (Labour, Lewisham West and Penge)

Stephen Metcalfe (Conservative, South Basildon and East Thurrock)

David Morris (Conservative, Morecambe and Lunesdale)

Stephen Mosley (Conservative, City of Chester)

Pamela Nash (Labour, Airdrie and Shotts)

Sarah Newton (Conservative, Truro and Falmouth)

Graham Stringer (Labour, Blackley and Broughton)

David Tredinnick (Conservative, Bosworth)

Hywel Williams (Plaid Cymru, Arfon)

Roger Williams (Liberal Democrat, Brecon and Radnorshire)

The session is open to the public on a first come, first served basis. Portcullis House is the building directly above Westminster Station, entrance to which is via Victoria Embankment. There is no system for the prior reservation of seats in Committee Rooms. It is advisable to allow about 30 minutes to pass through security checks. Committee rooms and the timing of meetings are subject to change.

Specific Committee information: scitechcom@parliament.uk / 020 7219 2793

Media information: Nick Davies daviesnick@parliament.uk / 020 7219 3297

Committee website: www.parliament.uk/science

Watch committees and parliamentary debates online: www.parliamentlive.tv
Publications / Reports / Reference Material: Copies of all select committee reports are available from the Parliamentary Bookshop (12 Bridge St, Westminster, 020 7219 3890) or the Stationery Office (0845 7023474). Committee reports, press releases, evidence transcripts, Bills; research papers, a directory of MPs, plus Hansard (from 8am daily) and much more, can be found on www.parliament.uk.

Monday, 10 June 2013

Digital-by-default, an open letter to the House of Commons Science and Technology Committee (updated)

Open letter

By email

10 June 2013

Dr Stephen McGinness

Committee Clerk

Science and Technology Committee

6th Floor
14 Tothill Street
House of Commons
London SW1H 9NB

Dear Dr McGinness

Digital by default

I refer to the Committee’s oral evidence session held on 5 June 2013.

1. May I bring to the Committee’s attention in case they haven’t seen it the draft report written by Professors Brown, McDermid, Sommerville and Witty. In A Perspective on the Government Digital Strategy (GDS): Balancing agility and efficiency inUK Government IT delivery the four professors cast serious doubt on the prospects for digital-by-default being delivered. The Major Projects Authority (MPA) use a red-amber-green traffic light scoring method to represent their verdicts on major projects. The Committee will note that the professors’ verdict on digital-by-default looks like an amber/red or possibly a simple red. Selected quotations from the report are included at the end of this letter.

2. Digital-by-default is a major project. The MPA haven’t published their verdict on it. May I suggest that if they haven’t done so already the Committee seek out the MPA’s verdict in addition to that of the four professors.

3. By 18 April 2013 56 MPs had signed an early day motion to debate the fate, under digital-by-default, of people who can’t use the web. Testimony was given at the evidence session suggesting that there are about 16 million such people who risk being excluded by default. Digital-by-default is the responsibility of the Government Digital Service (GDS). On 28 July 2011 GDS launched their assisted digital project to try to resolve this problem: “It is about taking a more proactive approach to getting people online and thereby sharing the benefits available from being online”. 665 days later on 23 May 2013 GDS published Starting the conversation about providing assisted digital support. The Committee may be expected by at least 56 MPs to investigate just how long this proactive conversation is likely to take and what happens to 16 million excluded people in the meantime.

4. Dr Martyn Thomas gave it as his opinion that the phrase “anonymised research data” is an oxymoron: if data about a person is released and there is enough of that data to be useful, then the person can be identified; if the person can’t be identified, then the data won’t be any use. Mr William Heath gave it as his opinion that users of Mydex could release their data in such a way as to prove some entitlement of theirs without giving away their identity. They can’t both be right. Which of them, if either, is right? May I draw this question to the Committee’s attention.

5. Dr Thomas gave it as his opinion that the danger of using so-called “identity providers” is that users lose control of their data. Mr Heath gave it as his opinion that the purpose of Mydex (one of the UK’s appointed “identity providers”) is precisely to allow users to keep control of their data. Again, they can’t both be right. May I draw the Committee’s attention to the question which of them is right, if either.

6. Dr Thomas gave it as his opinion that the way to maintain standards in digital-by-default is to make the “identity providers” and others pay compensation when the system fails. Mr Heath gave it as his opinion that Mydex’s liability is mitigated as the users hold the keys to their Mydex personal data stores themselves. That argument is specious. Lockheed Martin and QinetiQ hold the keys to their data stores but that hasn’t stopped allegedly Chinese hackers from stealing their intellectual property including the designs for fighter jets and remote-controlled bomb disposal robots. Google, Facebook and Yahoo! accountholders hold their own keys but that hasn’t stopped the US National Security Agency (NSA) from obtaining their personal details, allegedly, if the Guardianare to be believed. The Committee took the point that liability causes the retail banks to maintain standards. May I draw the Committee’s attention to the question whether Dr Thomas or Mr Heath is right about the connection between compensation and standards, or neither of them.

7. When the Committee asked the witnesses why eight “identity providers” are being proposed for the UK instead of the government doing their job Mr Heath gave an answer referring to the rich panoply of data which people use to run their personal lives. The remit of digital-by-default is set out in Martha Lane Fox’s 14 October 2010 letter to Francis Maude, Cabinet Office Minister. Directgov 2010 and beyond: revolution not evolution concerns improvements to the way that public services are delivered. May I draw the Committee’s attention to the question whether advising people how they should run their lives is beyond the scope of digital-by-default. If it isn’t beyond the scope of digital-by-default then the Committee’s enquiry may have to include Dr Stephan Shakespeare’s national data strategyas well, including the work of Professor Nigel Shadbolt at the Open Data Institute (ODI). Professor Shadbolt is not only the chairman of the ODI but also the chairman of the midata programme (para.21) – the distinction between open public sector data (“big data”) and personal information is in danger of being of being lost.

8. Dr Thomas gave it as his opinion that the Committee could not be told in open session how effective the UK’s cybersecurity measures are. May I draw the Committee’s attention to the question how responsible it is in that case for the administration to lure people into recording every detail about their lives in personal data stores held on the web, in the cloud. That is the idea behind Mydex, and behind the Department for Business Innovation and Skills (BIS) initiative, midata.

9. Mydex and the Post Office are two of the UK’s eight appointed “identity providers” and were both represented at the evidence session. The other six include Verizon, which allegedly makes the “metadata” of millions of its customers’ mobile phone calls available to the NSA. The Committee may consider it important to take evidence from Verizon at a subsequent session.

10. Deploying digital-by-default, as noted, is the job of GDS. They intend to use the single government domain, GOV.UK, to register everyone who uses public services and to manage their cases. GOV.UK is to be hosted in the cloud by a £1,000 company, Skyscape Cloud Services Ltd, under the control of one man, Mr Jeremy Robin Sanders, via another company, Virtual Infrastructure Group Ltd. Skyscape is accredited by the government cloud programme (G-Cloud) to sell its products to central and local government through its on-line shop, CloudStore. Skyscape barely existed a year ago. It now has contracts with GDS, HMRC, the MODand the Home Office. Which means that long-established SMEs with a measurable track record don’t have those contracts. May I draw the Committee’s attention to the question how scientific it is for digital-by-default to be entrusted to an organisation with no track record.

11. The OECDhave warned against cloud computing: “cloud computing creates security problems in the form of loss of confidentiality if authentication is not robust and loss of service if internet connectivity is unavailable or the supplier is in financial difficulties ...”. So have ENISA, the EU’s Network and Information Security Agency: “[re cloud computing] its adoption should be limited to non-sensitive or non-critical applications and in the context of a defined strategy for cloud adoption which should include a clear exit strategy ...”. Cloud computing is a special case of outsourcing. Any organisation risks losing control of its business when it is outsourced. Are the staff of the contractor and its sub-contractors properly vetted before recruitment? Are proper procedures in place and are they enforced? With cloud computing, the dangers of loss of control are magnified. Data can quickly move to any country in the world, beyond the jurisdiction of English law. May I draw the Committee’s attention to the question how responsible it is of the administration to entrust digital-by-default or any other important national asset to the cloud, where it will be out of control by the authorities and liable to cyberattack and/or to unwarranted scrutiny by foreign strangers via the NSA, the Chinese and others.

12. GDS have taken on the responsibility for G-Cloud since 1 June 2013. Long before that, 1 March 2012, they claimed responsibility for the Identity Assurance Programme (IDAP). A notice was placed in the Official Journal of the European Union (OJEU) specifying that identity assurance services would be “fully operational” from “spring 2013” for the 21 million claimants who rely on the Department for Work and Pensions (DWP). On 16 January 2013 the IDAP contract was published, repeating the point, this time saying that the service would be “fully operational” by “March 2013”. It wasn’t fully operational then and it still isn’t. IDAP still doesn’t exist. The witnesses at the evidence session were unanimous about identity assurance being essential to digital-by-default. May I draw the Committee’s attention to the question whether there is something wrong with GDS’s software engineering processes which allows an important deadline for 21 million people to be missed without apology or explanation or even acknowledgement.

13. Dr Thomas gave it as his opinion that it is impossible to measure the quality of most computerised systems and that that will remain the case until systems developers use formalised languages. For background, each statement in a formalised language is a theorem which gives rise to a proof obligation, that obligation is disbursed if a valid argument can be logically constructed to prove the truth of the theorem, in which case development of the system can continue, otherwise it can’t. Martha Lane Fox called for “revolution”. (This emotive language may be forgivable in a salesman but innocent people get injured in revolutions and it is preferable to use the term “innovative”.) Far from being innovative, GDS are using the same so-called “agile” systems development methods as millions of others – methods which require what Dr Thomas called “heroic” amounts of testing and yet you still don’t know at the end whether the system works. May I draw the Committee’s attention to the question whether, instead of conforming to fashion, GDS should be genuinely innovative and start to use formalised languages.

14. The Committee didn’t elicit much information from the witnesses about the Government Gateway. For over ten years now the Government Gateway has allowed people and businesses to communicate with the government on-line, submitting VAT returns, and so on. It seems to work. It seems to be adequately secure. Users need a different ID for each Gateway service they subscribe to and they may have a different password for each service, too. That is inconvenient. “Identity providers”, according to a DWP press release, “will be required to offer a simplified registration process, minimise the number of usernames and passwords a customer will need to remember and reduce the costs incurred across Government for the management of Identity Assurance”. It is arguable that the adequate security of the Government Gateway is earned by its being inconvenient and that if you take away the inconvenience, then you lose the security, too. May I draw the Committee’s attention to the question whether, if GDS’s replacement for the Government Gateway is made more convenient in this way, it will at the same time lose its adequate security, it will block on-line communication between people, businesses and the government, and it will threaten the administration’s ability to raise revenue and to control state pension payments and welfare.

15. Also on the subject of the Government Gateway, it has been reportedthat “In the [IDAP] model, the government provides a number of ‘federation hubs’, which provide the data-matching, anonymisation and audit services to support interaction between a market of identity providers (IDPs) and the government departments that will consume identity information”. May I draw the Committee’s attention to the question whether, if the hubs support anonymous use, transactions really can be audited. Contrarywise, if the hubs can be audited, how can users remain anonymous?

16. The scope of digital-by-default extends to the compilation of the new electoral register which will be used for the 2015 general election. GOV.UKtells us that: “The Electoral Registration and Administration Act has received Royal Assent. The Act allows Individual Electoral Registration to be introduced in 2014 to help tackle electoral fraud and paves the way for online registration from 2014, which will make it more easier [sic] and more convenient for individuals to ensure they are registered to vote”. It is intended that that register should in turn form the basis in future for the national census. GDS have undertaken some of the cross-referencing (para.2.3) between the electoral register and other databases such as the National Insurance Number database designed to ensure that the register is complete and accurate. May I draw the Committee’s attention to the question what connection there is between the new electoral register and IDAP.

Most of these questions have been raised with the Cabinet Office, GDS, the G-Cloud team, BIS, Mydex and others over the past 18 months (e.g. GOV.UK/digital by default – 17 questions for Mr Maude) and remain for the most part unanswered. (HMRC is an honourable exception.) The House of Commons Science and Technology Committee will surely fare better in holding the administration to account.

Extracts from the four professors’ report on the Government Digital Strategy:

... it is not clear how realistic this ideal is ... brevity cannot be an excuse for lack of detail, explanation, and precision ... It is impossible with the detail provided to form any reasonable view of how this key activity will be performed ... there is an urgent need for standards to be developed and agreed ... he had no practical understanding of how to use this strategy to have positive impact on his team’s work; We suspect he is not alone in this view ... The GDS shows no evidence that it is aware or has taken account of the impact of such thinking ... The GDS must avoid falling into the trap of an overly-simplistic response ... Open source solutions are neither free to administer and support, nor are they the most cost-effective answer in all situations ... rapidly changing services will deter the takeup of digital services, not encourage it ... The GDS is remarkably (perhaps alarmingly) silent on the issue of how to coordinate SMEs in project delivery ... We see little discussion of a concrete and practical change management process to support the “digital by default” strategy in the current GDS. We view this as a potentially fatal omission ... the principles on which the current GDS is based centre on too narrow a view of how to attain those benefits, and lack focus on the major adjustment in culture, processes, and technologies that must underpin ... this view is much too simplistic and highly risky ... there is very little detail about how such goals will be achieved, or the broader cultural impact those changes represent ... a lack of consistency in interpretation of how to enact the GDS ... It is not clearly stated in the GDS who is managing the execution process across the 18 UK Government departments to coordinate and assess progress.

Yours sincerely

David Moss

----------

Updated 16:38
Para.7, "Dr Stephan Shakespeare" should be "Mr Stephan Shakespeare", see He's all heart, Shakespeare.

Digital-by-default, an open letter to the House of Commons Science and Technology Committee (updated)

Open letter

By email

10 June 2013

Dr Stephen McGinness

Committee Clerk

Science and Technology Committee

6th Floor
14 Tothill Street
House of Commons
London SW1H 9NB

Dear Dr McGinness

Digital by default

I refer to the Committee’s oral evidence session held on 5 June 2013.

more ►

Tuesday, 14 May 2013

midata is an attempt to get us all to embrace PDSs (personal data stores)

Comment submitted to Craig Belsham's midata blog:

Mr Belsham

My objections to midata are set out in my response to last year's BIS consultation and I shan't repeat them all here.

None of midata's claims to empower the consumer and to expand the economy is even remotely convincing. Which leaves me asking, like Paul Clarke, why?

One hypothetical answer is that midata's sole purpose is to encourage people to maintain PDSs (personal data stores).

That hypothesis is consistent with William Heath being a member of the midata strategy board and the chairman of Mydex – a PDS company – which is, in turn, one of the UK's eight appointed identity providers. It makes midata part of the Government Digital Service's Identity Assurance Programme (IDAP).

It doesn't excuse the mendacious marketing. But at least it explains why Whitehall takes the trouble to promote this otherwise fatuous initiative.

What do you think, Mr Belsham?

midata is an attempt to get us all to embrace PDSs (personal data stores)

Comment submitted to Craig Belsham's midata blog:

Mr Belsham

My objections to midata are set out in my response to last year's BIS consultation and I shan't repeat them all here.

None of midata's claims to empower the consumer and to expand the economy is even remotely convincing. Which leaves me asking, like Paul Clarke, why?

One hypothetical answer is that midata's sole purpose is to encourage people to maintain PDSs (personal data stores).

That hypothesis is consistent with William Heath being a member of the midata strategy board and the chairman of Mydex – a PDS company – which is, in turn, one of the UK's eight appointed identity providers. It makes midata part of the Government Digital Service's Identity Assurance Programme (IDAP).

It doesn't excuse the mendacious marketing. But at least it explains why Whitehall takes the trouble to promote this otherwise fatuous initiative.

What do you think, Mr Belsham?

The historically inevitable triumph of midata

Many of us find the Department for Business Innovation and Skills's initiative, midata, perplexing. With the passing of the Enterprise and Regulatory Reform Act 2013, midata now has the statutory powers needed. But why?

An explanation is available.

It nestles in one of the comments on Craig Belsham's first post on his new midata blog.

The midwife to our understanding is one William, who opens his comment (May 8, 2013 at 9:47 am) with a dazzling and surely incontrovertible exposition of the economic benefits of midata and then adds:

It’s a rational thing for businesses to accept and make a virtue of going along with the inevitable. But inertia tales a lot of overcoming, and it’s understandable to see the element of regulation in Midata ...

Thank goodness, you may say, that there are all-powerful, benevolent scholars out there who understand economics and who will help us to overcome our miserable inertia.

The historically inevitable triumph of midata

more ►

Tuesday, 7 May 2013

The war of independence

Here in the UK, the Disability Living Allowance (DLA) state benefit is in the process of being replaced by the Personal Independence Payment (PIP), worth between £21 and £134.40 per week. "PIP helps with some of the extra costs caused by long-term ill-health or a disability", which is good, but the whole point is that many claimants will be dependent on this benefit which makes it very odd to call it a "Personal Independence Payment". Something odd is happening to the concept of independence here.

The same odd thing is happening to the concept of control. Mr Andrew Dilnot, chairman of the UK Statistics Authority, argues that there should be a limit of £35,000 on the amount old people pay for their social care. That limit should apply even if an old person owns a house, say, worth £2 million, say. They shouldn't have to sell the house to pay for their care.

Why not?

So that they can leave the house to their children? No, says Mr Dilnot, that's not the point. The point is, he says, that with the state paying for all their care after the first £35,000, old people will have "control over their lives at a time when they're vulnerable and need that control".

No.

Far from granting control, Mr Dilnot's proposal will take it away. If someone else is paying for your care home, they have control and you don't. Yield that control, and your independence goes with it.

That's not the case just for care homes, of course. You don't pay to use Google or Facebook, do you. You don't have any control over what they do with all the personal information about you that they collect. You're in no position to complain. You take what you get. Because you're dependent on them.

Google, by contrast, dispose of considerable power. Just ask Interflora UK. They displeased Google by trying to "game" the search engine's PageRanking system. So Google just omitted them from any search results. With its on-line sales threatened, a contrite Interflora UK swore obedience and was subsequently readmitted to the fold.

That's real power. Power that some web evangelists ignore. Douglas Carswell, for example, and his curate's egg of a book, The End of Politics and the Birth of iDemocracy. Our politicians and our civil servants here in the UK might be ever so useless, yes, but to believe that we could be returned to some prelapsarian iDemocratic idyll if only the government were replaced by the web is to ignore the power of the Googles of this world.

Taking a holiday some years ago from their normal diet of heavy-handed legislation and irritating regulation, so much of it ineffectual, look at the banking world, our politicians got the idea that perhaps they could exert power using the wily tricks of the marketing world. Thus was born Whitehall's Behavioural Insights Team, who were meant to "nudge" us into doing certain things, no legislation required, just clever psychology.

Fat chance.

The Behavioural Insights Team worked with the Department for Business Innovation and Skills (BIS) on the midata project. The idea was to nudge retailers into releasing data back to consumers so that we would all be "empowered". Result? No cigar, so BIS asked parliament for statutory powers to underpin midata. And with that resounding failure to nudge, the Behavioural Insights team have been kicked out of Whitehall and adopted by Capita. Good luck, Capita.

BIS got their statutory powers the other day, with the passing of the Enterprise and Regulatory Reform Act 2013. "Regulatory reform" in the UK is supposed to imply the reduction of government regulation. midata is dealt with at clauses 85-87 of the Act and what do we find at 86(1)?

Regulations may make provision for the enforcement of regulations under section 85 (“customer data regulations”) by the Information Commissioner or any other person specified in the regulations (and, in this section, “enforcer” means a person on whom functions of enforcement are conferred by the regulations).

Far from reducing regulation, the Act will increase it.

We should have known.

In the midata consultation document last year BIS and the Behavioural Insights Team said, para.4, p.11:

Increased data transparency and greater consumer choice will help promote innovation and competition and could also have a deregulatory effect. By giving people access to their data in a format which is machine readable it may be possible to avoid the need for some types of regulation, for example, specifying product characteristics.

In what sense can this new regulation have a deregulatory effect? Grant us this power to regulate data access by consumers, BIS answered, otherwise we'll make your life hell with a lot of other regulations about product specification – the logic of the protection racket.

Responses to that consultation had to be returned to a Mr Craig Belsham at BIS by 10 September 2012. He popped up again the other day:

Welcome to my new blog about midata

2 May 2013 Craig Belsham

I’m Craig Belsham from BIS, where I head up the midata programme. This blog is designed to give some insight into that programme, help people and business understand it and hopefully encourage both to start to get involved.

It's not really a blog. You can't submit comments. And there's no feed – you can't add http://blogs.bis.gov.uk/midata/ to a blogroll.

The Government Digital Service heaped praise on themselves last month for completing the project to bring all central government departmental websites into one single government domain, the award-winning GOV.UK. http://blogs.bis.gov.uk/midata/ shouldn't exist. But it does, and there's Mr Belsham to prove it.

And does Mr Belsham really "head up" the midata programme?

What's happened to Kirstin Green, the deputy director at BIS who led the open forums on midata?
What's happened to Professor Nigel Shadbolt, chair of the midata programme?
And what's happened to William Heath, member of the midata strategy board and chairman of Mydex, the only system ever mentioned in connection with the personal data stores BIS want us all to maintain?

As to the last question, Mr Heath continues to promise that "Mydex gives individuals back control over their personal data" although when asked to explain how, in public, he doesn't.

It's not in Mydex's power to grant that control. It's an odd view of control anyway. You get control of your data back, so goes the Mydex argument, by storing it all with them, complete strangers, in a personal data store, out of your control, on the web, in the cloud, the Wild West where – so Symantec tell us – 250,000 cyber-attacks take place every year.

Normally that wouldn't make sense.

But if you're surrounded

by people who call a personal dependence payment a "personal independence payment"
and who argue that you stay in control of your personal care by giving up control of it
and who write that politics has ended when clearly it hasn't
and who conclude that the way to nudge people is to legislate
and who claim that regulation can have a deregulatory effect
and who operate a blog that isn't a blog on a website that doesn't exist
and who represent themselves as the head of a programme when perhaps they're not
and who congratulate themselves on the completion of a project which is manifestly incomplete

then perhaps it does make some sort of sense

to take back control of your personal data by giving it away.

You might fall for it. But Google won't. They'll win the war. Because they still understand what power and regulation and control and independence are.

The war of independence

more ►

Wednesday, 27 February 2013

midata – a machine for turning personal data into open data

This is the story of a debate about midata hosted on Twitter by BIS, the Department for Business Innovation and Skills. Their version on the right. Another version on the left. One event. Two stories.

Professor Nigel Shadbolt is the chairman of BIS's midata programme, a story of personal/private data. He is also a director of the Open Data Institute, a story of open/public data.

Some people talk about the advisability of midata. Professor Shadbolt talks about how midata would work. Parallel tracks. Which will be a long time meeting.

midata – a machine for turning personal data into open data

more ►

Monday, 4 February 2013

Douglas Carswell – where will power end up?

Douglas Carswell's latest book, The End of Politics and the Birth of iDemocracy, diagnoses several problems with the way we are governed in the UK and prescribes a single remedy – the web.

Mr Carswell is talking about politics. Which means he's talking about power.

Politics will end at about the time the sun burns out.

Mr Carswell foresees not the end of politics but the transfer of power, from today's government, to the public, via the web.

There are already several powerful forces fighting for domination of the web. The public are not among them.

It is at least possible that power will be transferred to some cocktail of these rival forces and that we the public will simply find ourselves with different rulers, and not necessarily better off.

Mr Carswell does not explain how the transfer of power from today's government to the public could take place.

Everyone recognises that there is something exceptional about the web. Everyone, including Whitehall.

And unlike Mr Carswell, Whitehall do have a plan.

Martha 'digital by default' Lane Fox CBE, 14 October 2010:

Revolution not Evolution

Make Directgov [= the Transformation cluster/GOV.UK] the government front end for all departments' transactional online services to citizens and businesses, with the teeth to mandate cross government solutions, set standards and force departments to improve citizens' experience of key transactions.

Change the model of government online publishing, by putting a new central team in Cabinet Office in absolute control of the overall user experience across all digital channels ...

Appoint a new CEO for Digital in the Cabinet Office with absolute authority over the user experience across all government online services (websites and APls) and the power to direct all government online spending.

I strongly suggest that the core Directgov team concentrates on service quality and that it should be the "citizens' champion with sharp teeth" for transactional service delivery.

Directgov should own the citizen experience of digital public services and be tasked with driving a 'service culture' across government which could, for example, challenge any policy and practice that undermines good service design.

It seems to me that the time is now to use the Internet to shift the lead in the design of services from the policy and legal teams to the end users.

Directgov SWAT teams ... should be given a remit to support and challenge departments and agencies ... We must give these SWAT teams the necessary support to challenge any policy and legal barriers which stop services being designed around user needs.

A new central commissioning team should take responsibility for the overall user experience on the government web estate, and should commission content from departmental experts. This content should then be published to a single Government website with a consistently excellent user experience.

Ultimately, departments should stop publishing to their own websites, and instead produce only content commissioned by this central commissioning team.

Ultimately it makes sense to the user for all Government digital services to reside under a single brand ...

... leadership on the digital communications and services agenda in the centre is too fragmented. I recommend that all digital teams in the Cabinet Office - including Digital Delivery, Digital Engagement and Directgov - are brought together under a new CEO for Digital.

This person should have the controls and powers to gain absolute authority over the user experience across all government online services ... and the power to direct all government online spend.

The CEO for Digital should also have the controls and powers to direct set and enforce standards across government departments ...

They want to make public services digital by default. That is, they want public services to be delivered over the web and, to the greatest extent possible, only over the web.

They have set up the Government Digital Service (GDS). The chairman of the GDS advisory board is Martha Lane Fox, the Prime Minister's digital champion. She wrote the terms of reference for GDS and, in theory:

GDS is to have control of all government spending on IT. Central government departments and their agencies are meant to yield that financial control to GDS.

All public services will be delivered through one website, https://www.gov.uk (GOV.UK for short). This process has started. The Ministry of Defence, for example, no longer has its own website – the old http://www.mod.uk has been replaced by https://www.gov.uk/government/organisations/ ministry-of-defence, part of GOV.UK. By the end of 2013, there will be no departmental websites left, they will all have given up their distinctive identity and been subsumed by GOV.UK.

Central government departments will only be able to publish through GOV.UK. Among other things that means that GDS will be responsible for publishing all government news.

GDS is to have a veto over departmental policy. If GDS feel that a particular policy would impair the user experience of GOV.UK, then that policy will be sent back to the department, who will have to think again. (So far, "user experience" is undefined.)

GDS's Government Digital Strategy provides for a network of so-called "digital leaders", individuals installed in each of the departments to advise on and enforce GDS's will.

GDS's Digital Efficiency Report estimates savings of about £1.8 billion a year thanks to digital-by-default. These savings will be gained by making about 40,000 public servants redundant. There is no question of handing these savings back to the public – the money is to be retained by Whitehall.

In aid of the Individual Electoral Registration Bill (IER), the idea is to cross-reference the records of several departments of state to try to create a complete and accurate electoral roll. That cross-referencing (or "data-sharing") is currently illegal according to the IER impact assessment. But GDS is to have a veto over legal constraints just as much as policy of which it disapproves and Francis Maude, the Cabinet Office Minister and GDS's political boss, describes these constraints as nothing more than "muddled myths". Once these muddled myths are removed, GDS estimate that "savings" and redundancies among public servants will be much higher.

In order to provide public services over the web, the public must be identified – Whitehall need to know they are paying benefits, for example, to the right people. GDS are responsible for the pan-government Identity Assurance programme (IDAP), which will see us all furnished with electronic IDs. GDS have appointed eight contractors to be the UK's so-called "identity providers". If you want to claim the department for Work and Pensions's Universal Credit, by default you will need one or more electronic IDs from these identity providers. Without that, you run the risk of being excluded by default. The same applies to any individual – or company – who needs to transact with government for any purpose.

Supposedly in order to make the economy grow, the Department for Business Innovation and Skills (BIS), with the assistance of the Behavioural Insights Team, are promoting an initiative called "midata". The idea is that we should all use a personal data store (PDS) which records our identity and our transaction data (purchases, health records, employment records, educational attainment, travel history, ...). The PDS would be maintained on the web, in the cloud, with a so-called "trusted third party". Only one "trusted" third party is ever named, and that is Mydex, one of GDS's eight identity providers.

Individuals and companies have had a fairly secure way to do business with the government for the past ten years or so – the UK Government Gateway. GDS propose to dispense with the Gateway and replace it with some sort of hub system, linking the public, the identity providers and the public service providers and using protocols designed by or approved by an organisation no-one in the UK has ever heard of, the Open Identity Exchange (OIX). The Gateway is hard to use. The idea is that the OIX hub should be as easy to use as Facebook, say, or Google or Amazon or Twitter or PayPal or ... It seems likely that the difficulty of using the Gateway is precisely what lends it its relative security. And that Facebook, Google, etc ... are easy to use precisely because their security is weak.

GDS propose to host GOV.UK "in the cloud". That is, the website will be stored on a third party's servers at a third party's data centre and operated by a third party's staff. Cloud computing is a recipe for losing control of your data. (In this case, our data.)

...

Mr Carswell has no plan for how power could be transferred from the government to the public via the web. Whitehall does have a plan. But it's a plan that will ensure that control remains with the Executive at the centre. Same tool, but the opposite result from Mr Carswell's preferred reintroduction of localism and the city-state.

GDS ignore the risk of identity theft posed by storing our personal data on the web. They ignore the human need for privacy. They have no experience of public administration. All they have is a reverence for the web.

The web is a powerful and virtuous tool in the right hands. In the wrong hands, it remains powerful.

It is a mistake to revere the web. If you need any further confirmation, read Al Gore: US democracy has been hacked in the Guardian yesterday. Al Gore? The prosecution rests its case.