DMossEsq: IPS

Showing posts with label IPS. Show all posts

Saturday, 12 January 2019

RIP IDA – 12 years after promising a way for employers to check the right of a prospective recruit to work in the UK, the Home Office introduces a partial service based on unproven technology

No need to say it, it goes without saying, it should be obvious to all but,

just in case it isn't obvious to all,

IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",

is the Cabinet Office Identity Assurance programme.

And it's dead.

"If Verify is the answer, what was the question?"

The Law Commission: "Verify does not currently ensure that the person entering the information
is in fact the person he or she is purporting to be;
rather it focuses on verifying that the person exists" (para.6.67/p.119)

Online right to work checks – that's a press release, by the Home Office, 14 December 2018: "Employers will be able to rely on an online Right to Work Checking Service to demonstrate compliance with illegal working legislation".

Pretty good, you may say, well done the Home Office, very 21st century, faced with a prospective recruit how does an employer establish their right to work in the UK? Answer, on-line.

Modern. Quick. Efficient. Definitive.

Or is it?

Cast your mind back. Cast it back before yesterday. And even before 14 December 2018. Cast it back exactly 12 years, all the way back to 14 December 2006, when the Home Office published their first so-called Strategic Action Plan for the National Identity Scheme.

Turn to Annex 1 on p.25 and you'll see that the Home Office planned strategically for the Immigration and Nationality Directorate to have an "enhanced employee checking service available for employers" six months later, in June 2007.

In the event it took 12 years. Not six months. 12 years.

It's 11 years since DMossEsq wrote about this matter, Not working in the UK. "Why hasn't this strategic action been performed by IPS [the Identity and Passport Service as was, now Her Majesty's Passport Office]?", he asked in January 2008, and "Is there perhaps a problem with the biometrics?".

The Home Office have given us no reason in the interim to believe that the biometrics their employee checking service depends on are reliable ...

... but rely on them they do, as they told us in last month's press release: "The online Right to Work Checking Service can be used by non-EEA nationals who hold biometric residence permits or biometric residence cards ...".

Even after 12 years that little matter remains outstanding, we're not quite there yet, there's an on-line service but we can't be sure that it identifies prospective employees reliably.

And the service isn't universal.

It doesn't handle any non-EEA nationals who don't have these cards, it doesn't handle all EEA nationals and UK nationals without a passport can supposedly demonstrate their right to work by producing "short birth or adoption certificates, which they can get for free, instead of the long versions".

Surely GOV.UK Verify (RIP) could help to assure employers that the person in front of them is who the birth certificate or plastic card says they are and has the right to work in the UK?

Apparently not.

Maybe in another 12 years.

Good job (sic) there's no hurry.

RIP IDA – 12 years after promising an on-line way for employers to check the right of a prospective recruit to work in the UK, the Home Office introduces a partial service based on unproven technology

No need to say it, it goes without saying, it should be obvious to all but,

just in case it isn't obvious to all,

IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",

is the Cabinet Office Identity Assurance programme.

more ►

Tuesday, 16 July 2013

IPS temporarily Rapsonless

The Identity & Passport Service (IPS) doesn't exist any more, of course, it's now HM Passport Office (HMPO) and the Home Office is IPSless.

The executive director of IPS between about June 2010 and March 2013 was Sarah Rapson. Her predecessor, James Hall, presided over the British public being over-charged for passports by about £300 million a year. He also presided over the disaster of Whitehall's attempted introduction of state-produced ID cards.

Ms Rapson has delivered a £5 reduction in the cost of a 10-year adult passport since then, from £77.50 to £72.50. Otherwise her tenure seems to have been without incident.

She is perhaps lucky that IPS/HMPO were banned from having anything to do with Whitehall's latest attempt to re-enact the ID cards massacre – that honour goes to the Cabinet Office (individual electoral registration and the Identity Assurance Programme) and the Department for Business Innovation and Skills (midata). If you hold futures in either organisation, sell, sell, sell.

Now her luck has broken.

Home Office press release, 16 April 2013:

New interim Directors General appointed

Two interim Directors General have been appointed to lead the new immigration commands in the Home Office that were announced by the Home Secretary on 26 March.

Sarah Rapson will lead UK Visas and Immigration, bringing her experience of managing a successful customer-focused organisation as Chief Executive of the Identity and Passport Service.

David Wood will lead Immigration Enforcement, drawing on his background with the Metropolitan Police and as Director of Operations for UKBA ...

The history of the UK Border Agency (UKBA) is spectacular and its demise under Rob Whiteman even more so. The Home Office is now UKBAless. It's shattered into three pieces – the UK Border Force, Immigration Enforcement (ambiguous name) and the piece Ms Rapson has picked up, UK Visas and Immigration (UKV&I).

Interim Director General Sarah Rapson gave evidence in front of the Home Affairs Committee on 11 June 2013:

Next day, the Times newspaper reported the session and found themselves with an over-abundance or superfluity or excess or nimiety of scoops. Too many to handle. They settled for Visa system might never be up to job, admits chief.

A month later, the Home Affairs Committee published their report, and they went with Backlogs hit half a million at immigration service. This followed Ms Rapson's revelation that there are 190,000 unresolved immigration cases that her predecessors unfortunately forgot to tell the Committee about.

The Times and the Committee and the BBC could equally well have led with Ms Rapson's management approach – she wants her staff to discover for themselves how to do the job, she doesn't intend to issue "decrees" (16:34:40 to 16:35:44), instead, she's holding "workshops". She has 7,400 staff in 150 countries and an annual budget of £450 million. There's something missing from the concept of leadership there or "command" as Ms Rapson keeps calling it.

Or they could have led with Ms Rapson's repeated claim to have only just started in the job – e.g. "I'm 54 days in" (16:59:43). According to the DMossEsq slide rule, that's nearly eight weeks. Eight weeks in, and she still doesn't know how many categories there are for the cases UKV&I deal with and didn't realise that the category with 190,000 cases in it was new to the Committee. Clearly it takes some time for a new boss to get their feet under the table, but surely eight weeks is long enough to get to grips with some of the basic metrics of the business. If eight weeks isn't long enough, is it ever going to happen?

IPS temporarily Rapsonless

more ►

Thursday, 11 July 2013

2½ marks out of 4 for IPS

Open letter to Alastair Bridges, Executive Director Finance, Identity & Passport Service (IPS), 21 October 2010:

You seem to have left Globe House. That’s a good first step on the road to recovery. Time now for a name change, get rid of the word “identity”. Make a clean breast of all the biometrics nonsense. Your Chief Executive has an MBA from the London Business School. She must know that GMAC tested flat print fingerprinting for two years and then dropped it, it’s not reliable enough. GMAC didn’t even bother to test facial geometry, everyone knows it doesn’t work and it must drive you mad at IPS having to pretend that it does. Give yourselves a break, for goodness sake, the nightmare of pretence is over ...

Why does a passport cost £77.50 and not £23? If there’s no good reason, then, as part of your re-launch, along with your new name and address, the renunciation of biometrics and the defenestration of PA, how about putting the price down? Demand would go up and, who knows, IPS might be welcomed once again into communion with your fellow human beings.

Home Office press release, 13 May 2013:

The agency for renewing passports is changing its name to reflect its changing role and official status.

A new name has been given to the agency which produces all UK passports – HM Passport Office ...

Departure from Identity cards

The inclusion of ‘Her Majesty’s’ in the title recognises that passports are the property of the Crown, bear the Royal Coat of Arms and are issued under the Royal Prerogative.

It also marks a watershed moment in the agency’s departure from its association with the National Identity Service and ID cards.

Name change? Yes.

Price reduction? Yes, although not to £23, only to £72.50, a lot further to go.

PA Consulting defenestrated? Yes, for the moment.

Renunciation of biometrics? No. The charade continues.

And what, you ask, of Sarah Rapson, Chief Executive of IPS as was and Registrar General for England and Wales? Another day ...

----------

Updated 16.9.14

The campaign to reduce the price of UK adult passports began on 21 October 2010, please see above. At the time, they cost £77.50, instead of their natural price of £23. From 3 September 2012, the price fell to £72.50. Not enough.

Now the Home Affairs Select Committee wants a further reduction of £15 – Passport office ‘should cut prices, not make a profit’: "The government should stop exploiting the public by making almost £15 profit on every standard passport it issues, a parlimentary committee recommends in a report published today".

That would get the price down to £57.50. Another £34.50 to go before contact is once again made with Planet Earth.

2½ marks out of 4 for IPS

Open letter to Alastair Bridges, Executive Director Finance, Identity & Passport Service (IPS), 21 October 2010:

You seem to have left Globe House. That’s a good first step on the road to recovery. Time now for a name change, get rid of the word “identity”. Make a clean breast of all the biometrics nonsense. Your Chief Executive has an MBA from the London Business School. She must know that GMAC tested flat print fingerprinting for two years and then dropped it, it’s not reliable enough. GMAC didn’t even bother to test facial geometry, everyone knows it doesn’t work and it must drive you mad at IPS having to pretend that it does. Give yourselves a break, for goodness sake, the nightmare of pretence is over ...

Why does a passport cost £77.50 and not £23? If there’s no good reason, then, as part of your re-launch, along with your new name and address, the renunciation of biometrics and the defenestration of PA, how about putting the price down? Demand would go up and, who knows, IPS might be welcomed once again into communion with your fellow human beings.

Home Office press release, 13 May 2013:

The agency for renewing passports is changing its name to reflect its changing role and official status.

A new name has been given to the agency which produces all UK passports – HM Passport Office ...

Departure from Identity cards

The inclusion of ‘Her Majesty’s’ in the title recognises that passports are the property of the Crown, bear the Royal Coat of Arms and are issued under the Royal Prerogative.

It also marks a watershed moment in the agency’s departure from its association with the National Identity Service and ID cards.

Tuesday, 12 March 2013

The Identity & Passport Service, biometrics and your money

Roll up, roll up

and watch a collection of goldfish

set light to a £15 million pile of notes

and reduce it to ashes.

The Identity & Passport Service (IPS) is an executive agency of the Home Office.

IPS were meant to issue us all with ID cards.

ID cards were meant to solve all our problems. Terrorism, crime, border control, you name it, think of a problem, ID cards would solve it.

And they were meant to make our lives easier. With ID cards, so it was said, it would be easier to open a bank account, easier to get a job, easier to prove your right to state benefits, easier to travel domestically and abroad, you name it, think of any transaction, ID cards would make it easier.

The UK ID card scheme had unstinting political support from July 2002 onwards from two prime ministers (Blair and Brown), five home secretaries (Blunkett, Clarke, Reid, Smith, Johnson) and the whole of Whitehall. The scheme had unstinting assistance from the best management consultants and contractors. Asked at one stage whether the budget had been exceeded, the Home Office said no, it couldn't be, there wasn't a budget. The media were largely in favour and, to start with, so were the public.

And yet it failed. By December 2010 when the Identity Cards Act 2006 was repealed, IPS had to admit that there was nothing to show for £292 million of public expenditure. Nothing. Absolutely nothing.

The effect of complete failure on IPS was traumatic:

Their chief executive retired and four other members of the board were dispensed with.
IPS departed its smart new offices at Globe House and moved back home to Marsham St.
When the Cabinet Office launched its new identity assurance programme, contractors went out of their way to say explicitly that they couldn't be associated with it if IPS were seen to be involved.
And not just the contractors. The Department for Work and Pensions, IPS's own peers, denounced them.
Asked why IPS – the Identity & Passport Service – were excluded from the identity assurance programme, the Cabinet Office said simply that they were "still reeling".

When a laboratory rat presses button B and gets an electric shock, he stops pressing button B. Not so the goldfish of IPS. Each time they swim round the bowl it comes as a surprise to them, oh look, there's a castle.

The distinguishing feature of IPS's ID card scheme was biometrics. Biometrics would allow people to be identified uniquely. Biometrics would allow people to have their identity verified. The scheme depended on biometrics being reliable. They're not. That's one reason why it failed.

You'd think they'd learn. But no. Here they come round the bowl again and what's this? A castle? No. Face recognition biometrics. Just what we need.

Hat tip to Toby Stevens, IPS today issued an invitation to tender (ITT) for a face recognition system:

II.1.5) Short description of the contract or purchase(s)
The Identity and Passport Service (IPS) requires a Facial Recognition System (FRS) to help determine an applicants entitlement to and eligibility for a British Passport.
The Authority intends to deliver capability to undertake Biometric Verification and Biometric Identification (including searching against a second instance referred to as a watchlist (WL)) checks on all passport
applications.
The architecture will comprise a Facial Recognition Engine, and a Facial Recognition Workflow capability which includes business rules, management information, audit and a data interface from an existing application system.
The solution will use existing IPS biographic and biometric information as part of the FR checks, with appropriate data stored with each check ...

They're offering a five-year contract worth between £6 million and £15 million to the lucky winners. Excluding VAT.

The ITT stipulates a number of throughput conditions that have to be met, e.g. the face recognition system has to be able to:

o Return a result from a Biometric Verification in under 10 seconds on 99.5% of searches.
o Return a result from a Biometric Identification search under 60 seconds on 99.5% of searches.
o Return a result from a Biometric Verification (WL) search in under 20 seconds on 99.5% of searches.

but there is no stated requirement for the system to be reliable. Which is lucky for the contractors. Because all the published tests of mass consumer face recognition suggest that IPS would be better off tossing a coin than using this flaky technology.

What IPS do insist on in the ITT is:

the capability to adjust the threshold for matching based on business drivers e.g. demand levels.

If IPS have a lot of staff on one day, then they might turn the dial up and make it a bit harder for your face to match the photograph stored on their register. If on the other hand there's a bit of a staff shortage, then they can turn the dial down and just let everyone match. Which rather gives the lie, doesn't it, to the suggestion that this charade has got anything to do with your identity, which doesn't vary with demand levels.

Most likely, IPS will lay off a lot of staff and then, like the UK Border Agency, re-recruit them when they re-discover that the technology that was meant to replace them doesn't work.

Lessons learnt? None. Roll up, roll up and watch a collection of goldfish set light to a £15 million pile of notes and reduce it to ashes.

The Identity & Passport Service, biometrics and your money

Roll up, roll up

and watch a collection of goldfish

set light to a £15 million pile of notes

and reduce it to ashes.

more ►

Friday, 18 January 2013

#2 of many lessons about GDS and the external digital thought-leaders

Would you trust an organisation that promises the impossible?

It's a week now since ex-Guardian man Mike Bracken, executive director of the Government Digital Service (GDS) and senior responsible ~~officer~~ owner for the government-wide Identity Assurance Programme (IDAP), issued his invitation to Sprint 13, The Future is Here.

What a party it promises to be. Come and meet "Government and Agency Board Members, Officials, Policy Makers, Ministers, Press and External Digital Thought-Leaders" in uptown SW1 at the Queen Elizabeth II Conference Centre on Monday 21 January 2013 from 08:45 to 13:00 (GMT) – "jealousy" hardly begins to describe the state of those of us who have been uninvited.

Still, at least the uninvited don't face the invidious choice of the select band of party-goers – which workshop to attend:

• AGILE working methods?	• Why do we need digital delivery?	• Electoral Registration Transformation?
• Assuring identity in a digital environment?	• Going digital?	• ‘You be the judge’?
• Aid information platform?	• Digital policy engagement?	• Open changes everything?
• The use of social media?	• Open policymaking?	...

Very tempting to try Electoral Registration Transformation. So many questions:

Can the law be changed to allow the data-sharing which its advocates believe would facilitate a complete and accurate electoral roll?
Would data-sharing help?
How do you reconcile Whitehall's claim that they don't want to create a single national identity register with the plan to store the complete electoral roll with the credit referencing agencies?
Would that complete electoral roll provide the basis for a new way to conduct the national census?
...

But in the end the choice surely must be Assuring identity in a digital environment:

If there's no on-line identity assurance, then GDS have been wasting their time.
If we can't transact with the government on the web, then digital-by-default collapses.

What are the chances of GDS delivering on-line identity assurance? Slim-to-nil.

We have the lesson of the National Identity Scheme to go by. After eight years of unstinting political support and taxpayers' money, it collapsed, with nothing to show for it, except the nervous breakdown from which the Identity & Passport Service still haven't recovered.

It would be a hard job in any circumstances to get digital-by-default off the ground. The news every day carries stories of security breaches on even the most exalted websites. And even whole countries – including ex-Guardian man Mike Bracken's favourite Estonia.

After years of security failures, GDS start with no trust. Which means they can't start.

No-one believes any more that there is any such thing as a secure website. The belief in secure websites is right up there with the belief in unicorns.

It would be hard enough, to recap, to make digital-by-default work in any circumstances, but GDS have made it even harder for themselves than it need be.

With the quasi-religious light of web zealots in their eye, GDS want to make access to public services just as easy as access to Facebook and Google and Twitter. That means abandoning the clunky old Government Gateway. The Gateway is relatively secure. Precisely because it's so clunky. Having separate user IDs and passwords for each person/company for each public service is precisely what makes it relatively secure. Get rid of the clunkiness and you lose the relative security.

GDS have appointed eight national so-called "identity providers" (IDPs). The name is either laughable or sinister. Neither quality promotes trust.

They were late naming seven of the IDPs, please see Identity assurance – one under the eight. And the name of the eighth – PayPal – only came to light about 48 hours ago, by such a devious route that their appointment looks suspicious, please see The identity of the UK's eighth identity provider has now been provided, reluctantly.

Why are GDS so embarrassed about PayPal? Or why are PayPal so embarrassed about GDS? Either way, it does nothing for trust.

Last March, 2012, GDS told us that IDAP would be "fully operational from spring 2013", please see Universal Credit and the December putsch. Now we learn that "systems will need to be fully operational from March 2013". The beginning of March? 41 days away. Or the end? 72 days. Either way, it's impossible. Would you trust an organisation that promises the impossible?

All that, and GDS want to put public services in the cloud, acknowledged as the single most efficacious way to lose control of your data. In this case of course, our data. Another own goal by GDS.

It promises to be a lively congregation on Monday and it's an infuriating shame to miss it.

----------

Updated 23.11.14

It was January 2013 when we wrote the following, please see above – all but two years ago:

GDS have appointed eight national so-called "identity providers" (IDPs). The name is either laughable or sinister. Neither quality promotes trust.

It's all change now. The Identity Assurance scheme (IDA) is now known as "GOV.UK Verify" and as GDS were telling us the other day in How does a certified company establish that it’s really you? ...

When you want to access a service using GOV.UK Verify for the first time, you’ll be asked to choose from a list of certified companies (also known as ‘identity providers’ – they can actually be any type of organisation that is certified).

... they're not called "identified providers" any more. Now they're called "certified companies". Stuck in their own terrarium, it's taken GDS two years and more to notice how ridiculous the idea of an "identity provider" is.

That's not all that's changed.

Three of the original "identity providers" have pulled out – Cassidian, Ingeus and PayPal want nothing to do with IDA/GOV.UK Verify.

And of the remaining five, only one is certified – Experian. The other four – Digidentity, Mydex, the Post Office and Verizon – have yet to be certified trustworthy by tScheme, an organisation no-one has heard of and no-one has any reason to trust.

#2 of many lessons about GDS and the external digital thought-leaders

Would you trust an organisation that promises the impossible?

more ►

Thursday, 5 July 2012

It's the way he tells 'em

Woody Allen: "This guy goes to a psychiatrist and says, Doc, my brother’s crazy. He thinks he’s a chicken. The doctor says, Well, why don’t you turn him in? And the guy says, I would but I need the eggs".

DMossEsq: "This permanent secretary goes to a politician and says, Minister, biometrics don't work. But we keep spending money on them. The politician says, Well, why don’t you lock up the cheque book? And the permanent secretary says, I would but I need an identity assurance system".

It's the way he tells 'em

Friday, 29 June 2012

Francis Maude, the UK government's major IT suppliers and the empty chair

Hat tip: Tony Collins, Poor IT suppliers to face ban from contracts?

The Cabinet Office minister Francis Maude is due to meet representatives of suppliers today [28 June 2012], including Accenture[,] BT, Capgemini, Capita, HP, IBM, Interserve, Logica, Serco, and Steria.

They will be warned that suppliers with poor performance may find it more difficult to secure new work with the Government ...

The suggestion is that up to now "suppliers with poor performance" haven't found it hard as a result to "secure new work with the government".

Apart from Atos, DMossEsq and Fujitsu, who's missing from that list?

CSC. Computer Sciences Corporation, share price today $23.76 compared with $37.96 a year ago, nearly 40% off, DMossEsq is not licensed to give investment advice and is not giving investment advice.

Last heard in these parts, CSC were picking up a fortune from the UK taxpayer for collecting useless biometrics on UK visa applicants, upgrading the UK passport system expensively and unnecessarily and failing to deploy the UK National Health Service National Programme for IT scheme, NPfIT. That's the good news.

We also heard that they were facing a class action brought by the Ontario Teachers' Pension Plan, they'd been docked $250 million by the US Armed Services Board and they had failed to install their Lorenzo software at Pennine Care NHS Health Trust.

Some of that news is six months old. How are they doing now?

Another hat tip: Mark Ballard, Soldiers nail data for agile offensive on $6bn cock-up:

Supplier Computer Sciences Corporation finished the US Army's 1999 Logistics Modernization Programme [LMP] last year, six years behind schedule [good job the US wasn't fighting any wars at the time].

LMP went on the record as being done on budget after the Army accepted an offer on a $2bn compensation claim it had against the supplier. After seven years of contract arbitration in which CSC filed $861m of counter claims against the Army, CSC settled the matter with a $269m payment last year. The settlement also cleared another $1.2bn of outstanding contract complaints, said the Army spokeswoman.

Six years late and $269 million down the tubes seems a fair summary.

And that's not all, as Mr Ballard tells us in CSC finance director exits as fraud probe hits UK. Their 10-K, filed with the SEC, makes absorbing reading:

On May 2, 2011, the Audit Committee commenced its investigation into certain accounting errors and irregularities, primarily in our Nordic region and in our operations in Australia. This investigation is also reviewing certain aspects of our accounting practices within our Americas Outsourcing operation and certain of our contracts that involve the percentage of completion accounting method, including our contract with the U.K. National Health Service (NHS). As a result of this investigation, we have recorded certain out of period adjustments to our historical financial statements and taken certain remedial measures. The SEC is conducting its own investigation into the foregoing areas as well as certain related disclosure matters ...

As noted above, during fiscal 2011, the Company commenced an investigation into accounting irregularities in the Nordic Region. Based upon the Company's investigation, review of the underlying documentation for certain transactions and balances, review of contract documentation and discussions with Nordic personnel, the Company attributes the majority of the $92 million pre-tax adjustments recorded in the Nordic region in fiscal 2011 to accounting irregularities arising from suspected intentional misconduct by certain former employees in our Danish subsidiaries. The Company attributes the $13 million in pre-tax adjustments recorded in the Nordic region in fiscal 2012 to miscellaneous errors and not to any accounting irregularities or intentional misconduct other than a $1 million operating lease adjustment noted in the first quarter of fiscal 2012 which was a refinement of an error previously corrected and reported in fiscal 2011 ...

In the course of the Australia investigation initiated in fiscal 2012, accounting errors and irregularities have been identified. As a result, certain personnel in Australia have been reprimanded, suspended, terminated and/or resigned. Based upon the information developed to date, and the Company’s assessment of the same, the Company has identified and recorded during fiscal 2012, $23 million of adjustments reducing income from continuing operations before taxes relating to its operations in Australia. Such adjustments have been categorized as either intentional accounting irregularities (“intentional irregularities”) or other accounting errors (“Other Errors”). Other accounting errors include both unintentional errors and errors for which the categorization is unclear ...

Between June 3, 2011, and July 21, 2011, four putative class action complaints were filed in the United States District Court for the Eastern District of Virginia, entitled City of Roseville Employee's Retirement System v. Computer Sciences Corporation, et al. (No. 1:11-cv-00610-TSE-IDD), Murphy v. Computer Sciences Corporation, et al. (No. 1:11-cv-00636-TSE-IDD), Kramer v. Computer Sciences Corporation, et al. (No. 1:11-cv-00751-TSE-IDD) and Goldman v. Computer Sciences Corporation, et al. (No. 1:11-cv-777-TSE-IDD). On August 29, 2011, the four actions were consolidated as In re Computer Sciences Corporation Securities Litigation (No. 1:11-cv-610-TSE-IDD) and Ontario Teachers' Pension Plan Board was appointed lead plaintiff ...

On September 13, 2011, a shareholder derivative action entitled Che Wu Hung v. Michael W. Laphen, et al. (CL 20110013376) was filed in Circuit Court of Fairfax County, Virginia, against Michael W. Laphen, Michael J. Mancuso, the members of the Audit Committee and the Company as a nominal defendant asserting claims for breach of fiduciary duty and contribution and indemnification relating to alleged failure by the defendants to disclose accounting and financial irregularities in the MSS segment, primarily in the Nordic region, and the Company's performance under the NHS agreement and alleged failure to maintain effective internal controls ...

CSC was informally advised by the Danish Justice Department on February 3, 2012 that the project known as POLSAG, a document and records management modernization program for the Danish police, will be abandoned, which affects CSC's contract with the Justice Department ...

In addition to the matters noted above, the Company is currently party to a number of disputes which involve or may involve litigation ...

Bit mean of Mr Maude not to invite CSC along for tea and biscuits with the other suppliers.

Francis Maude, the UK government's major IT suppliers and the empty chair

Hat tip: Tony Collins, Poor IT suppliers to face ban from contracts?

The Cabinet Office minister Francis Maude is due to meet representatives of suppliers today [28 June 2012], including Accenture[,] BT, Capgemini, Capita, HP, IBM, Interserve, Logica, Serco, and Steria.

They will be warned that suppliers with poor performance may find it more difficult to secure new work with the Government ...

more ►

Thursday, 14 June 2012

HMG's cloud computing strategy – there isn't one – and the Edgbaston Test

On 20 October 2011 Chris Chant listed 23 symptoms of the illness which Government IT suffers from. He carried on energetically repeating his diagnosis, unchallenged, and promoting cloud computing as the effective prescription. There he was, at it again, six months later on 11 April 2012, in a blog post on the G-Cloud website, #Unacceptable IT is pervasive. Two days later his resignation was announced.

The man in charge of G-Cloud is Andy Nelson, the Government's Chief Information Officer (CIO). That's only a part-time job. He is more fully occupied as CIO at the Ministry of Justice, where he's got his work cut out with Libra among other things. Libra is the £467 million Fujitsu system which is meant to produce the accounts for HM Courts and Tribunals Service. When the National Audit Office saw the 2010-11 accounts they were in such a mess that the NAO couldn't even qualify their opinion, they had to disclaim an opinion.

Under Mr Nelson, Denise McDonagh is also responsible for G-Cloud. Again, it's only a part-time job. Her day job is CIO at the Home Office. And again, there are quite a few distractions there:

There's the £385 million CSC contract with Sarah Rapson's Identity & Passport Service which is one of the reasons UK passport-holders are currently being over-charged by £300 million a year.
There's the £265 million IBM contract with the UK Border Agency to provide IABS, Jackie Keane's Immigration and Asylum Biometric System. IABS is meant to keep the UK border secure and make the 2012 Olympics safe but there's a problem – the biometrics don't work.
The same problem applies to the National Policing Improvement Agency's promotion of MobileID, a system to allow policemen on patrol to check suspects' fingerprints on the spot using mobile equipment. The idea is for MobileID to save police time. Which it will because, with a 20% failure rate, this flaky technology will cause 20% fewer criminals to be arrested.

Those distractions and others will no doubt explain her lacklustre post on 26 April 2012, Cloud Cynicism (or Dispelling the Dark Clouds) and why she hasn't been heard from since.

Not so, Eleanor Stewart. She's a trouper. She's the Assistant Director of G-Cloud and she's always good for a lively post. On 27 April 2012 she produced Crowdsourcing and a response., in which she took up some of the many questions posed in the 20 responses to Chris Chant's last post.

What the heck can we do to resolve some of the scary and largely unknown legal and policy issues that people are nervous about in a globalised world?, she asked. Good question. No answer.

And What ‘worked examples’ might we be able to provide to ... sceptics? That's in response to the simple question how cloud computing is supposed to obviate the need for long contracts to produce systems like Libra, for example, or IABS or DWP's Universal Credit. Chris Chant says it will. How? No answer.

Ms Stewart threw the post open to the crowd. And published one comment. One. The limiting case of a crowd. (I wandered lonely as a cloud?)

"Scary and largely unknown"? Hmm. Quite clearly, no-one in HMG knows the answers to some very basic questions about its cloud computing strategy. Which is odd. They keep talking about it. Andy Nelson, for example, was holding forth at the Cloud Computing World Forum only the other day. And they've been advocating it for years – the G-Cloud Overview was being touted in August 2010. But still no-one can answer the questions.

Is it all hot air? A cloud of hot air? A cloud which, when it hits some of the colder patches of reality, results in heavy precipitation and the wettest drought ever seen, which washed out the Edgbaston Test? That's certainly what it looks like at this end of the wicket.

----------

A version of this post has been kindly published by the estimable PublicTechnology.net

HMG's cloud computing strategy – there isn't one – and the Edgbaston Test

more ►

Friday, 16 December 2011

The on the spot answer

This is the (draft and subject to change) answer to a comment posted by one Mr Reader:

Dear Mr Reader

Thank you for trying to put me on the spot. I’ve been trying to put myself on the spot for years. And failing.

Assuming that that continues, when the final enquiry report is in at the end of next month, the most likely outcome is that everyone’s reputation will be tarnished – Brodie Clark, Theresa May and Helen Ghosh – but the daily round will revert to its pre-4 November 2011 pattern, the usual dismal calm will prevail in the Dark Department, there will be no more sense of sudden explosions, nasty surprises and unexpected eruptions.

That’s the 98%+ likely scenario. A dirty taste in the mouth, business as usual re-established.

The outcome with the 2%- probability of happening?

Consider the following Economist article, Friday 11 May 2012:

Brodie Clark speaks quietly and at first no-one heard him say that fingerprint verification is the ninth and lowest priority security/identity check at the border, the least reliable check and the most sensible check to suspend when the disorderly queues in Arrivals begin to threaten safety.

Well everyone’s heard him now, thanks to the alliance between Theresa May, the UK’s Home Secretary, and Helen Ghosh, Permanent Secretary at the Home Office. Their careers both shipped a lot of water in the days following 4 November 2011 and they were determined to find out why.

Clark was supposed to have endangered UK border security by suspending fingerprint checks. But May and Ghosh could find no evidence that fingerprint checks promote border security. There is none. So he hadn’t endangered anything.

True, he had arguably disobeyed his minister. She had specifically instructed that fingerprint checks were not to be relaxed for non-EEA nationals. But did that instruction refer exclusively to the new intelligence-led border security scheme being piloted? Was the suspension of fingerprint checks covered by the 2007 HOWI procedures?

Pure noise. The real question was: why did the Home Secretary instruct that fingerprint checks should not be suspended, given that they’re no use? Answer, because she had been told by her officials that the technology is reliable. Who told her that? And why?

As May and Ghosh looked deeper and deeper into the affair, the tangled web of today’s mass consumer biometrics industry began to unravel. First in the UK Border Agency, where IBM’s National Identity Assurance Service contract was cancelled. That took out Morpho at the same time. (Morpho is a subsidiary of France’s Safran Group, their answer to our BAE Systems.) And Computer Sciences Corporation and VFS Global.

The damage spread to the National Policing Improvement Agency, where they were using Morpho’s products for mobile fingerprinting by police patrols – not any more they’re not. And to the Identity & Passport Service, where they use Morpho for biometrics in ePassports. For the moment. And to DWP, who were going to use voice biometrics for their Universal Credit system, but can only be described now as tight-lipped about their plans.

Who advised the Home office on biometrics? They got internal advice from the Home Office Scientific Development Branch and external consultancy advice from PA Consulting. Not any more they don’t.

How did this fiasco persist, the Prime Minister wants to know, under the leadership of Lord O'Donnell, until last years head of the home civil service, and Sir David Normington, Dame Helen's predecessor? We await the answer with interest.

Projects that depend on these biometrics being reliable were being cancelled all over Whitehall. The taxpayer didn’t know whether to be furious about being deceived for so long by the Home Office or deliriously happy when the savings from all these cancelled projects over the next 10 years topped £20 billion.

This sort of news doesn’t respect borders. Safran Group were relying on Morpho for 20% of their turnover. Once the news had rowed across the channel, their turnover was down by 20%. Former President Sarkozy tried to blame the Anglo-Saxons but then turned on the European Commission, blaming their 2003 OSCIE specification for a pan-European biometric ID card. The European Commission blamed the US Department of Homeland Security and the DHS blamed NIST, the US National Institute of Standards and Technology.

Which was too much for Prime Minister Manmohan Singh in India, where they’re spending billions on Aadhaar, a biometrics-based identity management scheme for 1.2 billion people. At least they were.

And so the truth rolls on, bowling around the world, knocking over civil servants like ninepins wherever it fetches up. In China, one day Dr Tieniu Tan was a research professor with dozens of successful spin-off companies and, next day, he wasn’t. In Pakistan, first Brigadier Saleem Ahmed Moeen (Retd) was Chairman of NADRA, then there was no NADRA and now the Brigadier really is retired.

And all because of a quietly-spoken Glaswegian, speaking quietly on 15 November 2011, giving evidence to the Home Affairs Committee. Listen to him here. The good bit starts at 12:18.

The on the spot answer

more ►

Tuesday, 15 November 2011

Whitehall waste – official statistics

From today's BBC News website:

Home Office drug seizure figures were 'highly selective'
The UK Border Agency has been "highly selective" in its use of drugs seizure figures, the chair of the UK Statistics Authority has said.

Sir Michael Scholar has written to the Home Office to seek reassurances that figures were not released to generate positive news coverage.

He said if this was the case it would be "highly corrosive and damaging" ...

Sir Michael is Chairman of the UK Statistics Authority. He is a Good Thing.

This isn't the first time he's taken the Home Office to task over its tendentious use of statistics. Public Servant magazine carried this article back in March 2009:

Statistics show this watchdog is prepared to bare its teeth
...
Government departments – notably the Home Office – are having to learn some painful lessons on the use and misuse of statistics. The Home Office has found itself in hot water a couple of times – for its fact sheet on knife crime statistics in December, and for tacking a press release on "tough border controls" onto ONS data on population figures last August.

From the same article:

Concern about declining public trust in government in general – and official statistics in particular – led ministers, with all-party support, to set up an independent watchdog in the UK Statistics Authority [chaired by Sir Michael Scholar], with a tough new code of practice for all public bodies producing any kind of official figures ...

“One of the reasons I took this job is that having good statistics is like having clean water and clean air. It’s the fundamental material that we depend on for an honest political debate”, [says Sir Michael] ...

One innovation is a national statistics publication hub website, on which all the new statistical releases are posted every day. “For the first time it completely separates the statistics from comment on them ...

The new rule that data cannot be released to the media or ministers more than 24 hours before publication is also having an effect ...

Does what is perceived as the selective release of the most favourable figures into friendly ears contribute to public distrust?

“I think it does,” Sir Michael replies. “I personally think it’s a form of corruption” ...

“… what should happen is that political debate takes place on the basis of a clean set of statistics, produced without political interference by professionals who have a clear set of values as regards the integrity, objectivity and impartiality of what they are doing” ...

Someone approached the UK Statistics Authority a few years ago and asked if they could take a look at the statistics associated with the Home Office's ID cards scheme. These statistics are so unimpressive that the project should not be allowed to proceed, said someone.

No, said the UK Statistics Authority, we can only intervene where there are official statistics. The statistics the Home Office are relying on are not official. So we can't comment.

That is one of the many problems with project management in Whitehall. That is one reason why so much public money is wasted by Whitehall. That is why someone suggested to the Home Office that they should submit themselves to the discipline of the UK Statistics Authority, see below. And that is very possibly why the Home Office have never answered that point:

I suggest that the way to overcome that scepticism is to place the matter in the hands of the Office of National Statistics. The use of mass consumer biometrics in public services, I suggest, should be based on official statistics. If rigorous academic evaluation suggests that mass consumer biometrics have a part to play, well and good. If not, then don't let's waste our time and money on them.

----------
22 November 2011 – one week later, the Guardian catch up: In praise of … Sir Michael Scholar

Whitehall waste – official statistics

From today's BBC News website:

Home Office drug seizure figures were 'highly selective'
The UK Border Agency has been "highly selective" in its use of drugs seizure figures, the chair of the UK Statistics Authority has said.

Sir Michael Scholar has written to the Home Office to seek reassurances that figures were not released to generate positive news coverage.

He said if this was the case it would be "highly corrosive and damaging" ...

Sir Michael is Chairman of the UK Statistics Authority. He is a Good Thing.

more ►