The Government Digital Service (GDS) is part of the Cabinet Office and has six projects on hand, including
Identity Assurance:
| The ID Assurance team are working on accrediting and approving third party identity to facilitate digital transactions between citizens and government. |
If "citizens" and the government are to transact business on-line, there must be a rock solid identity assurance service so that each party knows who it's dealing with.
Invitations to tender for the service were issued earlier this year.
GDS haven't so far publicly approved any third parties to provide identity assurance, but we shouldn't have long to wait – no more than
five days, in fact:
| The tendering process will run for several weeks and is expected to report successful bidders in September 2012. |
Delays are only to be expected. Identity assurance for the entire population of the UK is a big project.
But in this case there can't be any delays. The joint
GDS/DWP notice of the identity assurance project states that identity assurance is required to be ...
| ... fully operational from spring 2013. |
That's six months time if we measure to the start of next spring, or nine months if we measure to the end. Either way, DWP's
Universal Credit (UC) scheme has to be up and running by October 2013 and UC depends on identity assurance as Lord Freud, the welfare reform minister, has emphasised – no identity assurance, no UC.
Appearing before the House of Commons Work and Pensions Committee, Lord Freud was asked
what is the biggest risk facing UC. His answer – identity assurance.
Why did DWP allow this dependency/risk? Why didn't they write their own invitation to tender?
They did.
Then they withdrew it. Apparently at the command of the Cabinet Office. Because
next thing, GDS announced that:
| ... this approach ensures that, ultimately, HMG-wide Identity Assurance is supplied across central departments via a common procurement portal (to HMG agreed standards) and governed by the Cabinet Office. |
"Governed by the Cabinet Office" – GDS have put themselves on the spot. If UC fails now, is it Iain Duncan Smith's fault? Or
Francis Maude's?
GDS must approve several accredited suppliers of identity assurance services in the next 120 hours. Who's likely to be on the list?
GDS are only offering up to £30 million for the identity assurance service and they're only letting contracts for 18 months.
The Home Office tried for eight years to issue us all with ID cards. They failed.
Which companies can afford to assure the identities of everyone in the UK – or at least the identities of the 21 million expected claimants for UC – for only £30 million? Which companies can afford to take the risk of losing their contract to a competitor only 18 months later? Not many of them. It can only be a short list.
The banks/credit card companies/PayPal, the phone companies, the utility companies and IBM might be big and competent enough. But they have to think about the failure of the Home Office and about reputational risk.
They wouldn't be in control of the identity assurance service. GDS would be, and if anything went wrong, even if it wasn't the contractors' fault, the banks/phone companies/utility companies/IBM would see their brands destroyed.
Any chief executive of a bank/phone company/... who signs up for one of these GDS identity assurance contracts would be roasted by the equity analysts and by their shareholders. Which means they won't.
We can probably forget the insurance companies and the credit rating agencies. Who else does that leave?
Google and Facebook.
In no more than 118 hours now and counting,
ex-Guardian man Mike Bracken, executive director of the Government Digital Service and Senior Responsible
Officer Owner for the Identity Assurance programme, is going to have to host a press conference at which he announces that he thinks it's a good idea for Google and Facebook to provide the electronic identities of everyone in the UK.
If you get an invitation, don't miss it.
