DMossEsq: identity assurance

Showing posts with label identity assurance. Show all posts

Wednesday, 20 November 2013

RIP IDA

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

Updated 18 December 2013:

Identity assurance team to expand for 2014 launch

The pan-government identity assurance programme is hoping to hire up to five people in January in preparation for the launch of its first live services early next year ...

An official working on the programme recently explained that they are hoping for new providers to join next year, in particular to support level three assurance for more sensitive data.

Bit late – IDA was due to go live in the autumn of 2012.

Over a year later and they still haven't got the right staff.

And now they've discovered they've got the wrong suppliers (that is, the wrong so-called "identity providers").

Dead.

RIP IDA

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

more ►

Friday, 25 October 2013

Next week's news

Just to remind you, some time over the next 168 hours, as promised, we shall see the first ever fruits of the Government Digital Service's identity assurance programme. We shall all be able to amend our tax codes through an on-line connection to HMRC.

Extraordinary, but they won't have the field to themselves.

Remember midata, the latter-day South Sea Bubble being blown by the Department for Business Innovation and Skills? They've been "fanning the flames of innovation" round at the midata Innovation Lab and some time over the next 168 hours we are promised a glimpse of the fruits of their labours, too.

At last, new apps to empower us and improve our lifestyles and make the economy grow.

There's not a single mooncalf left in the world who believes that these apps will be free, is there?

Suppose, just for the sake of argument, that the DMossEsq blog is right and that there is no such thing as a secure website.

Then it would be a mistake for any supplier to try to sell you a service on that basis – the secure website sales pitch undermines trust in any supplier using it. At least two of GDS's "identity providers" do just that. Mydex and Verizon both promise you security. That's a mistake. There are no unicorns for them to deliver.

Better, surely, to say that every effort will be made to keep your personal data secure, but security can't be guaranteed.

We have a sad new example of the problem. Experian Sold Consumer Data to ID Theft Service. It should be made clear that Experian didn't mean to sell consumer data to ID thieves and that they're co-operating fully with the police investigations. But it happened.

Experian, like Mydex and Verizon, are UK "identity providers", on whom GDS's identity assurance programme depends.

The best you can hope for is that security breaches will be kept to an affordable minimum. How do you achieve that? Answer, you make the supplier of the on-line service responsible for losses.

How have the UK retail banks managed so well to maintain public trust in on-line banking? By paying – when you are defrauded, the banks have to compensate you.

That works (para.6).

Next week's news

more ►

Thursday, 20 June 2013

Digital-by-default – an eternal mystery?

In connection with the enquiry into digital-by-default, Rt Hon Francis Maude MP, Cabinet Office minister and Postmaster General, gave evidence to the House of Commons Science and Technology Committee on Monday 17 June 2013:

There were many questions about digital-by-default before he gave his evidence – please see for example Digital-by-default, an open letter to the House of Commons Science and Technology Committee.

And having given his evidence now?

They remain unanswered.

Digital-by-default – an eternal mystery?

more ►

Sunday, 16 June 2013

Tomorrow – the distributed self

After the collapse in 2010 of the Home Office's ID cards scheme, the NIS (National Identity Service), Whitehall claimed to have learned the lesson.

The 20 September 2010 meeting for Whitehall and its suppliers made it clear that the whole idea of the NIS is now anathema and the Home Office are outcasts, whose contagious touch must be kept away from the new idea – identity assurance.

At the centre of the old NIS lay the National Identity Register, the NIR, a single database with one record per person enrolled into the scheme. At least, that was the plan. It never happened.

Talking to the Information Commissioner's Conference on 6 March 2012 about the new scheme, IDAP, the Identity Assurance Programme, Francis Maude, Cabinet Officer minister, said: "at no point does information need be held on the same server to be correlated".

No NIR. IDAP in the clear?

No.

It's a conjuring trick.

More fully, what Mr Maude said was:

... the technology has moved on and so can we. There is now an option to share data momentarily allowing us to check for matches – with no Big Brother database in sight ... In a world of dispersed data sets, we can bring fragments together instantaneously and momentarily to corroborate – without ever creating a central database ... It’s about bringing together the data at a point in time - to provide the necessary confidence - and then disaggregating it again. At no point does information need be held on the same server to be correlated ...

The NIS was meant to rely on a single, central database. It's not clear but Mr Maude's plan for IDAP may be to use several distributed databases. There is nothing new about distributed databases, the technology for which "moved on" 30 years ago, in the 1980s.

Distributed databases may be geographically and physically separate. But they constitute one logical database, supporting data-matching just as well as the centralised model.

Or perhaps Mr Maude's plan is to use a Google-type program in the middle of IDAP to search far-flung, disparate databases. Again, nothing new about that.

Either way, distributed databases or Google, same effect. Same problem. There's still an NIR. Lesson not learned.

Mr Maude likes to use the term "data-linking" to distinguish IDAP from the "data-sharing" planned for the NIS. There is no distinction. IDAP threatens the same loss of privacy as the NIS.

IDAP is subject to the same law enunciated by Neil Fisher of Unisys back on 31 October 2011:

Any project with "identity" in the name is doomed to failure.

You know that's true. IDAP was meant to be "fully operational" by March 2013. It wasn't and it still isn't – despite what the Guardian call the "elite" team responsible for it at GDS, the Government Digital Service.

Keep your ears open tomorrow for Mr Maude the Conjuror's announcement about the new design principles for identity assurance.

When you hear him promise secure storage of your data in the cloud, remember, there is no such thing.

When he asserts that the suppliers are trusted third parties, ask yourself, who says they're trusted? Trust has to be earned. That takes years. It can't be granted by fiat.

When he claims that there is an "ecosystem" of private sector "identity providers" competing for your custom, just check, how many of them really are private sector companies. The Post Office? Mydex? They rely largely on central and local government contracts and on their influence over government policy.

These "identity providers" haven't adapted slowly, generation by generation, and survived a hostile nature that kills off all but the fittest. They don't exist in an ecosystem. IDAP is more like intelligent design. Or even creationism:

It's not an ecosystem.
The "identity providers" aren't all competitive private sector companies.
It's up to you to judge whether the suppliers are to be trusted and it could take years before you have enough evidence to reach a verdict.
As the media tell us every day, there's no such thing as a secure website. There are hackers out there against whom even the US military seem to be defenceless.
And then there's the NSA, the US National Security Agency, with PRISM and Boundless Informant, not to mention access to your mobile phone usage.

There will be three upturned cups on the table. Identity. Efficiency. And trust. Mr Maude will pop privacy under one cup and dextrously swirl them all around. After the beguiling patter and the colourful handkerchiefs, which cup contains privacy?

You know the answer to that one.

Tomorrow – the distributed self

more ►

Friday, 14 June 2013

GDS PR blitz

10 June 2013, the BBC Radio 4 world news programme World At One (WATO) carries a 5-minute report (27'32"-32'55") by Jon Manel on GDS, the Government Digital Service.

11 June 2013, WATO carries another 8 minutes (24'58"-32'55") of Mr Manel's report on GDS.

12 June 2013, Mr Manel publishes Inside the UK Government Digital Service on the BBC website.

13 June 2013, the Guardian publish a 6'50" video by Jemima Kiss, Gov.uk: how geeks opened up government featuring ex-Guardian man Mike Bracken (executive director, GDS), ex-BBC man Tom Loosemore (deputy director, GDS) and ex-Morgan Stanley man Francis Maude, their political boss (Cabinet Office minister).

What are GDS trying to tell us?

Listen, read, watch and what you learn is that GDS's staff are young, everyone dresses informally and each team has a fluffy mascot:

There is an inflatable guitar - a red one. You cannot fail to miss [notice?] the bunting. And then there are the mascots.

"For us, the Platform Team, it's an otter. His name is Jerry," one woman explains pointing to a brown and white soft toy with a rather sad expression on its face ...

As for the young civil servants in the GDS headquarters, some of them seem to have an almost evangelical spirit about them.

Some people will find the evangelical spirit which moves GDS charming. Others won't.

The idea is to model public administration on successful web companies, as ex-Guardian man Mike Bracken tells us in the Guardian video. But do Google and Facebook, for example, provide the right model?

The idea is to promote openness in government. GDS's single government domain project, GOV.UK, and their Identity Assurance Programme (IDAP) are major projects. But the Major Projects Authority verdicts on GOV.UK and IDAP have not been published.

An elite team of digital experts has sparked a radical shake-up in the way the government does its business. Some of the UK's best designers and developers are working on building a new single website for all government departments – gov.uk – but their influence has gone much further.

That's the rubric under the 13 June video on the Guardian website.

Pace Jemima Kiss, at least four professors are unconvinced that the team – or at least the Government Digital Strategy – is elite. And Dr Martyn Thomas, visiting professor at the universities of Oxford and Bristol, makes a fifth unconvinced professor – he told the House of Commons Science and Technology Committee that it's impossible to measure the quality of software systems developed with GDS's so-called "agile" methods.

The idea is to avoid the spectacularly poor value for money of some government IT contracts. An unimpeachable objective.

But how will GDS achieve it?

To be told, as we are in the Guardian video, that GDS are trying to improve the search algorithm on GOV.UK is no answer.

So-called "open systems" aren't the answer either, according to the four professors.

Will the "oligopoly" – as Jon Manel calls them – of government contractors fall in with GDS's plans for shorter contracts? Why should they? There's no need to while the big departments of state continue, as they do, to sign long contracts.

Is it the case that GDS's "influence has gone much further", as the Guardian claim? Francis Maude ends the Guardian video saying that there is enormous demand in Whitehall for GDS's services. Is there?

The Department for Work and Pensions (DWP) spend about £200 billion a year. When Jon Manel asks about DWP's Universal Credit (UC) initiative in the 11 June WATO report, the otherwise jocular ex-Guardian man Mike Bracken becomes guarded, "not that close to it", he says (31'29"), a response which Mr Manel glosses as "not our fault, guv".

GDS hijacked IDAP from DWP and then promised to have it "fully operational" for UC by March 2013. It wasn't and it still isn't. Leaving UC high and dry.

"Not that close to it"? Ex-Guardian man Mike Bracken is the senior responsible ~~officer~~ owner for government-wide identity assurance and there's no getting away from it.

The Department of Health spend about £120 billion a year. What are GDS doing about their computer systems? Or the systems at the Department for Education? And what are we to make of BBC money man Paul Lewis's warning on Twitter yesterday:

"We're moving http://t.co/JRcgtJ5eR5 specialist content on to GOV.UK." And 'repurposing' it. Be afraid, lawyers, be v afraid
— Paul Lewis (@paullewismoney) June 13, 2013

Apart from GDS, the only government body we hear from in this PR campaign is HMRC, in the 11 June WATO report. The clamorous demand is muted – Lin Homer, chief executive, describes GDS as "bumptious" but adds that there's nothing wrong with that.

She can afford to be kind. GDS haven't laid a glove on her £8 billion ASPIRE contract. Or on her website, www.hmrc.gov.uk, which GDS falsely claim to have incorporated into GOV.UK.

Meanwhile, GDS have some involvement with the plan to make us all enrol on-line on the new electoral register to be used for the 2015 general election. Why don't the BBC and the Guardian tell us anything about that major project?

What about GDS's involvement with the Department for Business Innovation and Skills midata project? And the related Shakespeare Review? What about their new-found responsibility for G-Cloud? What are GDS's plans for the Government Gateway? And what do GDS have to say about cybersecurity?

MPs are worried about digital-by-default – something else the BBC and the Guardian don't mention. Something like 16 million people in the UK will not be able to use the proposed web-based, digital-by-default public services which GDS are meant to deliver. They launched the assisted digital project on 28 July 2011 to try to solve the problem. And in today's weekly GDS diary, 14 June 2013, what does ex-Guardian man Mike Bracken tell us?

Also this week GOV.UK won two D&AD awards for our content design and the Assisted Digital team had their first market engagement event with suppliers.

Nearly two years after the starting pistol was fired, they had their first meeting with suppliers?

It's early days, you may say, GDS can't be expected to have achieved much yet. Maybe. But in that case the PR is premature. Francis Maude is up in front of the House of Commons Science and Technology Committee on Monday to give evidence on digital-by-default. Let's see what that adds to the campaign.

----------

Update 17.11.13:

15 November 2013: Government Digital Service: the best startup in Europe we can't invest in

So what is it that GDS knows that every chairman and chief executive of a FTSE100 should know?

And what is it that every chairman and chief executive of a FTSE100 knows that GDS should know?

GDS PR blitz

more ►

Thursday, 6 June 2013

3 questions about GDS's bailiwick

The Major Projects Authority (MPA) has, as noted, delivered its public verdict on G-Cloud – amber/red.

G-Cloud is the major project designed to reduce government IT costs by outsourcing to cloud service suppliers (Skyscape et al) who currently charge less than the usual suspects, the systems integrators (CapGemini et al).

It's a worrying verdict. This is the MPA's definition of amber/red:

Successful delivery of the project is in doubt, with major risks or issues apparent in a number of key areas. Urgent action is needed to ensure these are addressed, and whether resolution is feasible.

G-Cloud was until 1 June 2013 the responsibility of the G-Cloud team, half a dozen individuals or less, plus the Government Procurement Service.

"Urgent action" was needed, according to the MPA, and urgent action was taken – from that date onwards, responsibility for G-Cloud has moved to the Government Digital Service (GDS).

GDS is responsible for several other major projects, which come under the general heading "digital by default".

We know the verdict of four professors on the chances of digital-by-default being delivered – it is beyond GDS's competence. Amber/red. Or just plain red. When they write "GDS" in the following quotations, the professors mean "government digital strategy", which is written by the Government Digital Service:

... it is not clear how realistic this ideal is ... brevity cannot be an excuse for lack of detail, explanation, and precision ... It is impossible with the detail provided to form any reasonable view of how this key activity will be performed ... there is an urgent need for standards to be developed and agreed ... he had no practical understanding of how to use this strategy to have positive impact on his team’s work; We suspect he is not alone in this view ... The GDS shows no evidence that it is aware or has taken account of the impact of such thinking ... The GDS must avoid falling into the trap of an overly-simplistic response ... Open source solutions are neither free to administer and support, nor are they the most cost-effective answer in all situations ... rapidly changing services will deter the takeup of digital services, not encourage it ... The GDS is remarkably (perhaps alarmingly) silent on the issue of how to coordinate SMEs in project delivery ... We see little discussion of a concrete and practical change management process to support the “digital by default” strategy in the current GDS. We view this as a potentially fatal omission ... the principles on which the current GDS is based centre on too narrow a view of how to attain those benefits, and lack focus on the major adjustment in culture, processes, and technologies that must underpin ... this view is much too simplistic and highly risky ... there is very little detail about how such goals will be achieved, or the broader cultural impact those changes represent ... a lack of consistency in interpretation of how to enact the GDS ... It is not clearly stated in the GDS who is managing the execution process across the 18 UK Government departments to coordinate and assess progress.

But what is the MPA's verdict? Again as noted, we don't know – it hasn't been published.

Which is odd. GDS is part of the Cabinet Office and the Cabinet Office is the custodian of the Coalition government's transparency programme, please see clause 16 in the Coalition programme for government:

16. GOVERNMENT TRANSPARENCY
The Government believes that we need to throw open the doors of public bodies, to enable the public to hold politicians and public bodies to account. We also recognise that this will help to deliver better value for money in public spending, and help us achieve our aim of cutting the record deficit.

GDS's doors remain locked shut.

It doesn't help that the MPA was plucked from the Treasury (where it used to be the Office for Government Commerce) and re-sited in the Cabinet Office.

Three questions:

Now that G-Cloud is in GDS's ever-expanding bailiwick, will that be used as an excuse to stop publishing MPA verdicts on it?
Would that be an unintended consequence of G-Cloud's move to GDS?
Or is it the unstated purpose of the move?

3 questions about GDS's bailiwick

Successful delivery of the project is in doubt, with major risks or issues apparent in a number of key areas. Urgent action is needed to ensure these are addressed, and whether resolution is feasible.

more ►

Thursday, 28 March 2013

GDS, the NAO, the BBC, parliament and DWP – five questions

The National Audit Office (NAO) have released a new report, Digital Britain 2: Putting users at the heart of government’s digital services, examining the Government Digital Service (GDS) plans for digital-by-default. The report's conclusions concentrate on the problems faced by people who can't or won't use on-line public services.

The same problem was examined the day before yesterday by Mark Easton, the BBC's home affairs editor.

And 52 members of parliament have put their name to an early day motion to debate the problem.

Meanwhile the Department for Work and Pensions (DWP), who were depending on digital-by-default for the introduction of Universal Credit, have published not one but two documents confirming that benefits will continue to rely on face-to-face meetings, telephone calls and letters in the post – the very opposite of digital-by-default – please see Local Support Services Framework and Universal Credit – Your claim journey.

GDS have responded to the NAO report with a post on their blog today:

Overall, this report is a really positive sign we’re moving in the right direction. But it’s also a helpful reminder of the work we still need to do to support those who are less able to use online services.

The NAO report has some ("really positive"?) comments to make on the putative savings we can look forward to from digital-by-default:

1.5 The GDS has also highlighted the possible savings from switching to digital channels. As the strategy states, central government provides more than 650 public services – which cost between £6 billion and £9 billion in 2011-12, according to GDS. The GDS has estimated total potential annual savings of £1.7 billion to £1.8 billion if all these services were operated through digital channels. More than 300 of these services have no digital channel. The savings estimate does not include the costs that may be required to create or redesign digital services. However, it also does not take into account the government’s new approach to becoming digital, set out in its strategy, which could lead to greater savings being achieved more quickly. The GDS states that the average cost of a central government digital transaction can be almost 20 times lower than by phone and 50 times lower than face-to-face.

1.6 We have not audited the estimated savings in the Government Digital Strategy, nor have we audited how government will redesign and develop its new digital services. Our future audits will evaluate the value for money of digital services as the GDS and departments work together to move more than 650 services online.

The report also mentions (without being "really positive") the need for identity assurance. Someone posted a comment on the GDS blog:
28/03/2013

dmossesq #

Please Note: Your comment is awaiting moderation.

The NAO report is available at http://www.nao.org.uk/wp-content/uploads/2013/03/10123-001-Digital-Britain-2-Book.pdf

Under the heading “Trust”, the report includes the following:

QUOTE

4.9 To use online public services people need to be able to trust the government with the information they provide online. The Government Digital Strategy recognises that users of public services often find it hard to register for online services, and that it needs to offer a more straightforward, secure way to allow users to identify themselves online while preserving their privacy. Therefore there is an Identity Assurance Programme [IDAP] under way in GDS and we were told that this is to develop a framework to enable federated identity assurance to be adopted across government services.

4.10 The government also told us that this will involve creating a simple, trusted and secure new way for people and businesses to access government services, which will provide assurance to government that the right person is accessing their own personal information.

UNQUOTE

Without IDAP, there is no digital-by-default.

DWP were led to believe that IDAP would be “fully operational” for up to 21 million claimants of Universal Credit “from March 2013″, https://online.contractsfinder.businesslink.gov.uk/Common/View%20Notice.aspx?NoticeId=797279

Here we are in March 2013. And the question the NAO almost ask is, where is IDAP?

28/03/2013

That comment has now been moderated. Has it been published? No. It's been deleted.

Tomorrow should see the publication of ex-Guardian man Mike Bracken's video diary, This week at GDS.

He's the executive director of GDS and the senior responsible ~~officer~~ owner for the pan-government identity assurance programme. Will he comment on:

the NAO report?
the BBC report?
the early day motion in parliament?
DWP being stranded without IDAP?
the deliberations of the permanent secretaries who met at GDS's offices yesterday to consider digital-by-default?

----------

Added 16:48:

Following publication of the post above, DMossEsq brought it to the attention of GDS. The comment which had previously been deleted from their blog has now been published by GDS. Also, this week's edition of This week at GDS has been published, a day early, perhaps because of the bank holiday. No response to questions 2., 3. and 4. above. A passing mention of 5. and a promise to consider 1. in next week's edition.

GDS, the NAO, the BBC, parliament and DWP – five questions

Overall, this report is a really positive sign we’re moving in the right direction. But it’s also a helpful reminder of the work we still need to do to support those who are less able to use online services.

more ►

Sunday, 17 March 2013

GDS falls at the first fence (Software Engineering 101)

Like any religion, digital-by-default needs manuals for its adherents to follow and the lead story in the Government Digital Service (GDS) broadcast on 15 March 2013 is the publication of one such manual, the Digital by Default Service Standard:

To embrace digital-by-default is to see government as the design of so many services and the question is what makes a service a good service, what is the definition here of "excellence"? This is the question to which ex-Guardian man Mike Bracken addresses himself in the clip above and the gospel answer is given in the service standard manual.

There are four stages apparently through which you must progress in the development of a digital-by-default service:

"The discovery phase is your chance to gain an understanding of what the users of the service need ...", it says in the manual ...

which reveals further that "This information is found through: workshops ... simple mock ups ... paper prototypes ... [and] plenty of whiteboard diagrams" ...

and that "A small team will be required, consisting of your stakeholders and any core team members that have been identified, including the service manager. The phase should not take longer than a week. At the end of the phase a decision should be made whether to proceed to the alpha phase".

Click on the "small team" link above and a message is displayed saying "This web page is not available". For the moment, we can't be sure just how small a team is required. No religion is complete without its mysteries.

Still, if you click on the other links, you can follow the steps yourself from the discovery phase all the way through to the fully operational live phase, when a service is released to the users that is so excellent that they will immediately want to use it in preference to any rival – "Build services so good that people prefer to use them", as they say at GDS, that's their motto.

As we know, for GDS, "the people and organisations with which we work must be imbued by the culture and ethos of the web generation ... we are not just on the web, but of the web. And our culture and governance must reflect that". That is the central article of the digital-by-default faith.

And who better to lead in its practice than GDS themselves? Who better to exemplify its efficacy?

Exemplify?

Consider for example the identity and assurance programme (IDAP, or sometimes just plain IDA), a service which was promised to be "fully operational" for 21 million DWP claimants "by March 2013".

Ex-Guardian man Mike Bracken, chief executive of GDS, is the senior responsible ~~officer~~ owner for this pan-government digital-by-default service (a fact which he modestly fails to mention in his weekly broadcasts). We may safely assume that a small team spent a week discovering the users' requirements and then proceeded to the alpha phase.

Actually we don't have to assume that, we know it – Identity Alphas was published on the GDS blog on 12 March 2013. A bit late, perhaps, given that IDAP was meant to be fully operational already, but remember, digital-by-default is ... agile.

And the acid test, do "people prefer to use" GDS's IDAP?

No. They don't:

IDA services put on ice for Universal Credit delivery

No mention was made of the use of IDA in the DWP's Local Support Services Framework ... Instead, the paper referenced the issuing of PIN numbers to users for their online accounts ...

Oh God.

#Fail.

Back to the whiteboard.

GDS falls at the first fence (Software Engineering 101)

more ►

Thursday, 14 March 2013

GDS's misplaced faith and the governance of Whitehall

Today we announced some small but important changes in governance. The detail is here but the upshot is: we won’t have a cross-government Chief Information Officer (CIO) any more, nor a Head of Profession for Information and Communications Technology (ICT). We are moving responsibility for these capabilities to the Government Digital Service and we are closing some cross-government boards in various technology areas and reviewing the rest in order to make sure we are set up as efficiently as possible.

Thus ex-Guardian man Mike Bracken writing today in a post on the Government Digital Service (GDS) blog, Of the web, not on the web. He's the executive director of GDS and the senior responsible ~~officer~~ owner for the pan-government identity assurance programme (IDAP, failed).

Take a look at the quotation above:

We won't have either a cross-government CIO or a head of the ICT profession any more, he says. False, because he goes on to say that responsibility for these capabilities is moving to GDS. So we will have a cross-government CIO and a head of the ICT profession and they will both be GDS.
Some cross-government technology boards are already being closed down, he says, and the future of others is being reviewed. GDS looks like having more and more of the field to itself, the competition is being wiped out.
These changes in governance are described by the ex-Guardian man as small. Clearly false. Healthy plurality is dwindling. More and more power is being centralised in GDS. That is a big change.

It's unfortunate timing, given that the death of IDAP was announced on the same day, RIP – "the challenge now is not about information technology, but about designing, developing and delivering great, user-centred digital services", a challenge which GDS could not rise to.

Alarm bells may ring. Is GDS the right place to centralise power?

They may ring even harder when you read this:

... the people and organisations with which we work must be imbued by the culture and ethos of the web generation.

... we have to put digital leaders and Chief Operating Officers (COOs) in the driving seat across government.

... we are not just on the web, but of the web. And our culture and governance must reflect that.

This quasi-religious worship of the web is a recurring theme. Think back to 17 October 2012 when the ex-Guardian man published Why GOV.UK matters: A platform for a digital Government including his meaningless bon mot:

GOV.UK is not Government on the Internet, but of the Internet.

GOV.UK is neither government on the internet nor government of the internet. GOV.UK is a website. And nothing more.

This GDS religion/culture/ethos with its digital leader apostles and its veneration of Lady Lane Fox has already failed. Despite the blessing given by Tim O'Reilly, it has failed to provide the identity assurance service that was needed to support digital by default.

Since that was its only job we had better look elsewhere for salvation.

GDS's misplaced faith and the governance of Whitehall

Today we announced some small but important changes in governance. The detail is here but the upshot is: we won’t have a cross-government Chief Information Officer (CIO) any more, nor a Head of Profession for Information and Communications Technology (ICT). We are moving responsibility for these capabilities to the Government Digital Service and we are closing some cross-government boards in various technology areas and reviewing the rest in order to make sure we are set up as efficiently as possible.

more ►

GDS's Identity Assurance Programme goes up in smoke

Computer Weekly, 14 March 2013:

IDA services put on ice for Universal Credit delivery

Only the other day there we were, weren't we, asking if the Government Digital Service's pan-government Identity Assurance service is up and running yet. They had promised that it would be "fully operational" for 21 million Department for Work and Pensions claimants "by March 2013".

Well now, thanks to Computer Weekly, we know the answer.

No mention was made of the use of IDA in the DWP’s Local Support Services Framework ... Instead, the paper referenced the issuing of PIN numbers to users for their online accounts ...

GDS talked a good game once. Is there any hope now for IDA?

No. Judging by this 12 March 2013 post on their blog, Identity Alphas, GDS are innocents abroad in the world of identity management.

"Where did it all go wrong?" You may well ask.

GDS's Identity Assurance Programme goes up in smoke

Computer Weekly, 14 March 2013:

IDA services put on ice for Universal Credit delivery

No mention was made of the use of IDA in the DWP’s Local Support Services Framework ... Instead, the paper referenced the issuing of PIN numbers to users for their online accounts ...