Wednesday 30 January 2013

Skyscape loose ends – still loose

  • Skyscape are late submitting their first statutory accounts to Companies House
  • There are more reasons to believe that HMG will lose control of our data once it is hosted in the cloud on Skyscape's servers
  • It looks as if GOV.UK is still not being hosted by Skyscape
----------

Skyscape's non-existent track record
Source: Companies House, 30 January 2013
Skyscape Cloud Services Ltd were due to submit their first set of accounts to Companies House by 31 December 2012 and, so far, they're a month late.

How did the Government Procurement Service (GPS) and the G-Cloud team determine that it is safe to offer Skyscape's services on the Cloudstore?

What were the Government Digital Service (GDS) going on when they chose Skyscape to host GOV.UK, the soon-to-be-single face of government on the web?

How did HMRC decide to entrust its local office data to Skyscape?

No answers. It remains baffling that all this responsibility for public administration should be put on a one-man company.

And now it transpires that the MOD are relying on Skyscape, too.

Losing control of our data
Does the following snippet give you confidence in Skyscape?
ScienceLogic streamlines IT management for Skyscape Cloud Services
Date: 24 Jan 2013

Skyscape Cloud Services, “the easy to adopt, easy to use, and easy to leave” Assured Cloud Services Company, has selected and deployed the ScienceLogic™ Inc. IT infrastructure management platform to optimize IT operations and rapidly automate processes in their large-scale, Infrastructure as a Service (IaaS) offerings. Skyscape is a supplier to the UK government through the G-Cloud Framework initiative, helping deliver a highly-scalable, secure community cloud for the provision of public services. The innovative service provider is using the robust ScienceLogic platform to simplify the complexities of providing mission-critical cloud services to multiple government organizations including GOV.UK and the Ministry of Defence.

“We needed to take a more proactive, cost-effective approach to managing our government customer IT cloud resources,” said Peter Rossi, Head of Orchestration & Automation at Skyscape ...
It shouldn't.

ScienceLogic is a US company based in Reston, VA.

So what?

Once HMG put our data in the cloud, it passes beyond their jurisdiction. What happened to Megaupload.com could happen to us, too. The FBI impounded all the data on Megaupload's servers and no-one has been able to get their data back since.

According to Megaupload's lawyers, the prosecution's case amounts to saying that you lose your property rights if you store data in the cloud – if you'd wanted to retain those rights, so goes the argument, you wouldn't have used the cloud.

The FBI have the powers of the USA PATRIOT Act available to them and of the Foreign Intelligence and Surveillance Amendments Act (FISA).

The USA PATRIOT Act powers can be exercised wherever in the world the cloud data is stored and, as they say on the G-Cloud website, "public cloud is often non-geographically specific" – HMG often won't know where our data is. Location doesn't matter to the FBI. All that matters is that a US-registered company should be involved or any other company with a substantial business in the US.

Skyscape were already known to be involved with EMC, QinetiQ, VMware and Cisco. Then they emphasised the involvement of EMC with the release of a promotional film, Skyscape Cloud Services – Storage as a Service on EMC Atmos. EMC is a US company based in Hopkinton, MA. And now their Head of Orchestration has added ScienceLogic to the list.

FISA was recently "renewed", please see U.S. Spy Law Authorizes Mass Surveillance of European Citizens.

The reasons why the FBI might be interested to take a look at our data are manifold. It was suspected copyright infringement in the case of Megaupload. In our case, it might be that or anything else. Now that the Foreign Account Tax Compliance Act (FATCA) has come into force, they might for example just want to see if there are any US citizens or companies or trusts in the UK evading US tax.

And that's the US, the kindred country we know and trust. HMG will have even less control over our data in other jurisdictions.

Where is GOV.UK?
Back in October 2012, GDS announced that GOV.UK would be hosted on Skyscape.

30 January 2013
This came as news to its then current host, a cloud services company called Akamai. Has GOV.UK moved to Skyscape now? It doesn't look like it. It looks as though it's still hosted with Akamai.

What's going on? Was the GDS announcement about Skyscape nonsense? Who knows. GDS don't answer questions. Four months after Skyscape came into public view, we're none the wiser.

----------

Added 31.1.13:
US authorities can spy on the iCloud without a warrant

Skyscape loose ends – still loose

  • Skyscape are late submitting their first statutory accounts to Companies House
  • There are more reasons to believe that HMG will lose control of our data once it is hosted in the cloud on Skyscape's servers
  • It looks as if GOV.UK is still not being hosted by Skyscape
----------

Skyscape's non-existent track record
Source: Companies House, 30 January 2013
Skyscape Cloud Services Ltd were due to submit their first set of accounts to Companies House by 31 December 2012 and, so far, they're a month late.

How did the Government Procurement Service (GPS) and the G-Cloud team determine that it is safe to offer Skyscape's services on the Cloudstore?

What were the Government Digital Service (GDS) going on when they chose Skyscape to host GOV.UK, the soon-to-be-single face of government on the web?

How did HMRC decide to entrust its local office data to Skyscape?

Monday 28 January 2013

BIS – redundant situation vacant

Reprinted below is the job description of a post currently being advertised by the Department for Business Innovation and Skills (BIS).

Not a bad job really. You get between £40,000 and £55,000, you don't need a medical, there's no Criminal Records Bureau check and you start at Grade 7, the bottom rung of the senior civil service.

There is one issue you might bear in mind before sending in your application.

"We are a busy team of digital specialists responsible for managing the Department’s online presence, including our website and social media", says the job description, and "this will mean identifying our online influencers and forging relationships, creating digital content and opportunities for online engagement, and helping to develop the way BIS uses the web".

The issue is this. BIS don't have a website. Not any more. http://www.bis.gov.uk has been consigned to history, it is no more than a fond memory, time has been called, on the web at least, on the venerable Board of Trade, 1621.

BIS has now been swallowed up in GOV.UK, its identity erased, along with the Attorney General's Office and five other ministerial departments. The department no longer publishes its own information and no longer issues its own press releases. That is all handled now by the Government Digital Service, prop. ex-Guardian man Mike Bracken, under the Constitutional eye of Martha Lane Fox.

It's not a reason not to apply of course – if anything, this turn of events makes the job a lot easier. But you should be forewarned.
Head of Digital Outreach Communications Directorate
The Department for Business, Innovation and Skills (BIS) is making a difference by supporting sustained growth and higher skills across the economy.

Everything that BIS does – investing in skills, making markets more dynamic, promoting trade, boosting innovation and helping people start and grow a business – is about growth.

We are a busy team of digital specialists responsible for managing the Department’s online presence, including our website and social media. We create digital content: blog posts, video, audio and social reporting, but we want to go much, much further than that.

We want to listen to, and engage with, our audiences using the digital channels they prefer. And we want to work with the online communities who help our audiences.

We’re looking for a head of digital outreach to drive this work forward. This will mean identifying our online influencers and forging relationships, creating digital content and opportunities for online engagement, and helping to develop the way BIS uses the web.

You will have an online profile, be comfortable as the face of digital outreach for BIS and have useful online contacts and knowledge to draw upon.

You will have some really interesting examples of online communities that you have set up or helped to facilitate. We are looking for a practitioner: someone who is hands-on with digital and focused on delivering activity that helps our audiences. Experience within the science, business, skills or education communities is a definite bonus.

We like to contribute to digital communications across Government, so you will be expected to network with peers in other departments and help raise the bar for digital communications in the public sector.

If you have the experience and drive to help us deliver outstanding digital outreach, send a covering letter and CV to tim.lloyd@bis.gsi.gov.uk

Closing date: February 8, 2012
Reports to:
Head of Digital Communications

Responsible for:
SIO Digital News Editor
SIO Digital Engagement Manager

Main responsibilities:

• establish a strategic approach to digital outreach for departmental consultations, announcements and marketing campaigns – intervening early in projects where digital can add most value to policymaking or behaviour change

• ensure that we are using the most appropriate channels for our audiences

• build a body of evidence and best practice to support the digital tools and channels that we use

• commission and create effective digital content, working closely with the team’s Digital News Editor and Digital
Engagement Manager

• manage long-term relationships with online communities and influencers

• help moderate online discussion and answer questions

• evaluate the impact of digital
outreach projects

• build capability for digital outreach within the digital team and across BIS

• share in open innovation as part of the team: writing up tools and approaches, meeting colleagues from BIS family, OGDs and beyond, speaking at events etc.

• be a credible voice for digital within BIS

BIS – redundant situation vacant

Reprinted below is the job description of a post currently being advertised by the Department for Business Innovation and Skills (BIS).

Not a bad job really. You get between £40,000 and £55,000, you don't need a medical, there's no Criminal Records Bureau check and you start at Grade 7, the bottom rung of the senior civil service.

There is one issue you might bear in mind before sending in your application.

"We are a busy team of digital specialists responsible for managing the Department’s online presence, including our website and social media", says the job description, and "this will mean identifying our online influencers and forging relationships, creating digital content and opportunities for online engagement, and helping to develop the way BIS uses the web".

The issue is this. BIS don't have a website. Not any more. http://www.bis.gov.uk has been consigned to history, it is no more than a fond memory, time has been called, on the web at least, on the venerable Board of Trade, 1621.

Sunday 27 January 2013

Inspector Harry Callahan's advice to GDS

"What's that?", said the punk, pointing at the books in Harry's arms.

This ... punk ... is the UK tax code. The longest and most complicated tax code in the world.

Tolley's Yellow Tax Handbook 2012-13 alone ... you're lookin' at maybe 15,000 pages. This year's Finance Act, last year's and every year's before. Not just the legislation but the tax tribunal decisions and the case law. UK case law and international. And the double tax treaties.

The inspectors have to apply the tax code. To companies and trusts and partnerships and individuals. A good tax inspector knows his or her limitations. They use manuals, manuals to tell 'em what to do, manuals to explain what they've done, manuals those companies and trusts and partnerships and individuals can consult, too, if they wanna. If they're tough.

They're all on the web ... punk. The Beer Guidance Manual, the Gold Manual (VAT), all the way to the Youth Clubs Guidance Manual.

You won a award, punk, for pretty websites. That's good. You think you gotta contribution to make to these here web manuals. HMRC raise about £550 billion a year from them. You think you're gonna add to that? Or maybe bring down the whole house of cards if you mess up? Suits me.

You wanna change those manuals by even one comma when you incorporate them into GOV.UK? Do you feel lucky? Go ahead ... punk ... make my day.

----------


Inspector Harry Callahan's advice to GDS

"What's that?", said the punk, pointing at the books in Harry's arms.

This ... punk ... is the UK tax code. The longest and most complicated tax code in the world.

Thursday 24 January 2013

GDS and the new world

The previous post on this blog was written overnight, 22/23 January 2013, and published at 9:30 yesterday. The closing paragraphs read as follows:
GDS's new world
Martha Lane Fox describes her digital-by-default project as a revolution. Those of us who were born yesterday will have no trouble believing that we are living in a new world. First we believed that UC would be fully operational in 37 days time. Then seamlessly we believed that the target is 400 days.

And in 400 days time?

What will GDS have us believe then?
Later that same day, 16:02, Computer Weekly published Kathleen Hall's article Interview: Cabinet Office chief operating officer Stephen Kelly.  The closing paragraph reads as follows:
“This world won’t automatically switch to the new world, which is why I want to elevate the CTO [chief technology officer] role – to strengthen our core direction of travel. The new world is where we are going and we are putting a lot of resource and focus behind that.”
Spooky?

Yes.

If we live in a new world, then the old rules no longer apply. The Constitution has to be torn up and the Executive has carte blanche to write a new one. Indeed, the Executive has a duty to write a new Constitution. A new Constitution suitable for the new world. The post-revolutionary world.

It really is carte blanche. The historical constraints on the Executive – the old Constitution – have been removed. The new world starts with no memory. We may as well have been born yesterday.

If we the public once agree that this is a new world, then we grant unconstrained freedom to the Executive to make up the new rules. Which seems like a good reason not to agree. And a good reason to hold to the manifest truth that, actually, we still live in the same world we woke up in yesterday and the day before.

An engraving of Robespierre
guillotining the executioner
after having guillotined
everyone else in France
Martha Lane Fox is a historian. Most revolutions – if you remember – lead to Terrors. She must know that. It's surprising that she should call for a "revolution" in Whitehall and in the governance of the UK, isn't it?

Surprising or not, Terrors are not good for people. Any doctor will tell you. To avoid Terrors, avoid revolutions. And to avoid revolutions, beware of politicians and anyone else declaring new worlds.

"new worlds", incidentally, is deliberately plural. If the Executive don't like the way things are going in the first new world they have declared, they can always declare a second new world and start again. And a third and a fourth etc ... Another old Constitution unwritten. Another new Constitution promulgated. Everything is different again. Except for one thing – the unconstrained power of the Executive.

Do you notice a pattern here? The new-world argument is a tool to conjure the oldest trick in the book.

----------

Most revolutions can clothe themselves in high-minded rhetoric.

Cromwell is the obvious winner in those stakes. Assisted by a monarch who claimed to rule by divine right, Cromwell was able to counter-claim that the revolution was his interpretation of the will of God, no less.

From the sublime to the ridiculous, never before has a revolution been launched for so inane a purpose as the desire to implement government by the web.

That said, even if the stated purpose is feeble, a revolution is still a revolution and power is transferred. In the case of the UK and Martha Lane Fox's rallying cry of "digital-by-default" – not a patch on the Marseillaise – power would be transferred to Google and Facebook and Amazon and PayPal.

Is there really a revolution in prospect? In which case this is a timely blog post.

Or is Martha Lane Fox simply using the word "revolution" loosely? In which case it will look over-blown.

There are some signs of real revolution. In Martha Lane Fox's world:
  1. There are repeated calls to ignore or repeal the laws on data-sharing wherever they stand in the way of the brave new digital-by-default world. Francis Maude, the Cabinet Office Minister, describes these constraints as "muddled myths".
  2. There are repeated calls to locate all policy-making powers in the Government Digital Service (GDS).
  3. All government news is to be published by GDS only, and not by the separate departments of state.
  4. The identity of the separate departments of state is to be obliterated, on the web at least, so that the public will see just one face of government, GOV.UK.
  5. And then, of course, there's the casual lying:


  • GDS say repeatedly that they don't want to create a national identity register (a "national, central scheme") while at the same time scheming to create just that, via Individual Electoral Registration, in the consolidated national electoral roll to be stored with the credit referencing agencies.
  • They say that they understand the dangers of keeping personal data on the web and the importance of privacy while at the same time inveigling us all into using Personal Data Stores – on the web, in the cloud, with strangers – and inveigling us all into opening up our personal data so that we stupid people can have rational decisions made for us by apps.
  • On paper at least, GDS are still promising to deliver identity assurance to support Universal Credit "by March 2013", 35 days away, when they know that they can't.
  • And so routinely on.
It'll all peter out. Probably. This is England, after all. The mother of parliaments. In the end, even dear old Cromwell gave up trying to interpret the will of God, couldn't think of any alternative, and reinstated the monarchy.

But just in case the petering out looks like taking too long a time, remember – resist all appeals to the putative new world. There isn't one. And if you feel your spine weakening, take out the following text and re-read it – it's an edited version of Gordon Brown's October 2007 speech supposedly on liberty:
... a new chapter in our country's story of liberty ... new issues of terrorism and security ... new frontiers in both our lives and our liberties ... new challenges ... new rights for the public expression of dissent ... new freedoms that guarantee the independence of non-governmental organisations ... new rights to access public information ... new rights against arbitrary intrusion ... new technology ... new rights to protect your private information ... new provision for independent judicial scrutiny and open parliamentary oversight ... Renewing for our time our commitment to freedom ... a new British constitutional settlement for our generation ... the new tests of our time ... we meet these tests not by abandoning principles of liberty but by giving them new life ... a new generation ... new challenges ... new measures ... the new rules ... the new rules ... New rules ... What is new about 21st century ideas of privacy ... new powers of access to information ... new opportunities to use biometrics ... the opportunities of new technology ... a new and imaginative approach to accountability ... new laptop computers ... new powers ... the new information age ... new threats to our security ... a new British Bill of Rights and Duties ... a new chapter in the British story of liberty ...

GDS and the new world

The previous post on this blog was written overnight, 22/23 January 2013, and published at 9:30 yesterday. The closing paragraphs read as follows:
GDS's new world
Martha Lane Fox describes her digital-by-default project as a revolution. Those of us who were born yesterday will have no trouble believing that we are living in a new world. First we believed that UC would be fully operational in 37 days time. Then seamlessly we believed that the target is 400 days.

And in 400 days time?

What will GDS have us believe then?
Later that same day, 16:02, Computer Weekly published Kathleen Hall's article Interview: Cabinet Office chief operating officer Stephen Kelly.  The closing paragraph reads as follows:
“This world won’t automatically switch to the new world, which is why I want to elevate the CTO [chief technology officer] role – to strengthen our core direction of travel. The new world is where we are going and we are putting a lot of resource and focus behind that.”
Spooky?

Wednesday 23 January 2013

21 million prospective Universal Credit claimants, 40,000+ ex-public servants, 400 days and GDS

From spring 2013
It is the Government Digital Service's dream to make all public services digital by default. To make that happy dream come true they need identity assurance – each UK parishioner needs his or her own electronic ID.

20 April 2011:
... To someone's dyspeptic eye, IDA looks like a non-starter, another elaborate and expensive plan which turns out to be fantasy, doomed to failure when it confronts reality. The timetable for IDA was presented and described as not over-ambitious. That is perfectly accurate. The timetable is not over-ambitious. It looks more like the psychedelic product of a prolonged session on hallucinogenic drugs. Far from being merely over-ambitious, it is quite simply impossible.

22 September 2012Universal Credit and the December putsch:
... The revised notice was published on 1 March 2012 and the service has to be operational from the Spring of 2013? Barely a year later? Only six months after the contracts are awarded? 21 million claimants? Millions of whom have never used the web? Operational? Countrywide? ... It's a tall order.

25 September 2012Identity assurance – the clock is ticking, ex-Guardian man Mike Bracken's chickens are coming home to roost:
... That's six months time if we measure to the start of next spring, or nine months if we measure to the end. Either way, DWP's Universal Credit (UC) scheme has to be up and running by October 2013 and UC depends on identity assurance as Lord Freud, the welfare reform minister, has emphasised – no identity assurance, no UC.

6 November 2012Identity assurance – shall we vote on it?:
... That's what it says in the draft legislation. Ex-Guardian man Mike Bracken was meant to announce who would be the UK's so-called "identity providers" by 30 September 2012. We're still waiting ... He'd better hurry up. He's promised to have an identity assurance service "operational" for 21 million Universal Credit claimants by Spring 2013.

26 November 2012Identity assurance – one under the eight:
More to the point, there are 21 million prospective claimants for Universal Credit in the UK. Identity assurance is meant to be operational by the Spring of 2013 for all 21 million of them. The chances of that happening are now nil. GDS's failure is extending the imprisonment in the poverty trap of millions of claimants who could be released by Universal Credit. Putting the wrong people in charge of identity assurance has miserable social consequences.

10 December 2012Universal Credit – GDS's part in its downfall:
... That wouldn't be feasible, not now, December 2012, not even if the details of IDAP had all been worked out but they haven't been ("we now have a group of suppliers with whom we can work out the practical issues"). Why hasn't it already been done? How much longer will it take?

11 December 2012, GDS's identity assurance story continues to unravel:
... GDS went on in their blog post of last March to refer to the procurement of identity assurance services, needed by DWP for their Universal Credit initiative: "The initial DWP services will be required to provide identity assurance for approximately 21 000 000 claimants ... To support the rollout of universal credit and personal independence payments, identity assurance suppliers will be selected in summer 2012 and systems will need to be fully operational from spring 2013" ... Question – how did GDS come up with that timetable?

18 January 2013#2 of many lessons about GDS and the external digital thought-leaders:
... it's impossible. Would you trust an organisation that promises the impossible?
And so was born GDS's Identity Assurance Programme (IDAP) [29.12.17: currently known as "GOV.UK Verify (RIP)"] which they have repeatedly promised would be "fully operational from spring 2013".

In the first instance, GDS need to provide identity assurance for the new Universal Credit (UC) system which is designed to rescue people from welfare dependency by making work pay. It's UC that needs identity assurance to be fully operational from spring 2013 and that's what GDS have promised.

From March 2013
Eight so-called "identity providers" have been appointed to turn IDAP into reality. The documentation on the IDAP contracts was published the other day, 16 January 2013, and includes this:
To support the rollout of universal credit and personal independence payments providers will be selected by June 2012 and systems will need to be fully operational from March 2013.
"... fully operational from March 2013" – 37 days away.

That deadline has seemed impossible for years, since at least 20 April 2011 (please see opposite), before GDS existed, but they (GDS) have never sought in public to change it and, even now with only 37 days to go, there may be up to 21 million prospective universal credit claimants out there who assume that the deadline will be met.

It won't. It can't be.

April 2014
In his 22 January 2013 Computer Weekly blog the engaging Toby Stevens reports on the current state of IDAP and says:
And when does all this happen? We would expect to see the first pilots in October this year, with more widespread use kicking off in April 2014.
Fully operational from March 2013? No. October 2013. But that's just "trials". So not fully operational. Maybe more like April 2014. And maybe not.

Has anyone told Iain Duncan Smith that GDS have delayed his beacon policy by at least a year? Presumably not as he keeps telling Parliament that UC's going swimmingly. Has anyone told the press? Or the prospective claimants of UC?

No.

GDS have kept quiet about it.

Cui bono?
Instead, they have diverted us with scores of blog posts about how important the users are – excluding benefit claimants, presumably – and how the users' needs are GDS's only guide and only concern.

They trumpet the success of their single government domain project – "This website replaces Directgov [and] Business Link", it says on the home page of GOV.UK. Manifestly false. The IDAP documentation quoted from above, for example, is on businesslink.gov.uk.

They proudly announce that they will make a minimum of 40,000 public servants redundant thereby saving the government – but not the public – up to £1.8 billion p.a.

Cheekily, in view of UC, GDS claim to believe that they are dedicated to "delivery".

And on 21 January 2013, they held a jamboree, The future is here, attended by 300 civil servants to celebrate themselves and to announce vaingloriously that they would transform government in 400 days.

Who is this all for?

It's clearly not for the users. It's not for the 21 million prospective UC claimants. And it's not for the 40,000+ ex-public servants.

That's alright then
The executive director of GDS and senior responsible officer owner for IDAP is ex-Guardian man Mike Bracken. And on his website he modestly quotes these words of Martha Lane Fox's:
It is a rare individual that can take a bunch of ideas and turn them into a reality in any environment but particularly in government. Mike is doing just that for me and it has been a privilege to watch.
Ms Lane Fox was interviewed at the heady, revivalist, the-future-is-here jamboree by a Computer Weekly journalist, Kathleen Hall, who finishes her article with this:
Although Lane Fox has been digital champion for four years, she has no immediate plans to step down. “I think you have to be constantly appraising yourself as to whether yours is the best voice – or whether you are becoming a bit like white noise, and not doing a good as job as you could be. But at the minute I’m still having a great time,” she said.
GDS's new world
Martha Lane Fox describes her digital-by-default project as a revolution. Those of us who were born yesterday will have no trouble believing that we are living in a new world. First we believed that UC would be fully operational in 37 days time. Then seamlessly we believed that the target is 400 days.

And in 400 days time?

What will GDS have us believe then?

21 million prospective Universal Credit claimants, 40,000+ ex-public servants, 400 days and GDS

From spring 2013
It is the Government Digital Service's dream to make all public services digital by default. To make that happy dream come true they need identity assurance – each UK parishioner needs his or her own electronic ID.

20 April 2011:
... To someone's dyspeptic eye, IDA looks like a non-starter, another elaborate and expensive plan which turns out to be fantasy, doomed to failure when it confronts reality. The timetable for IDA was presented and described as not over-ambitious. That is perfectly accurate. The timetable is not over-ambitious. It looks more like the psychedelic product of a prolonged session on hallucinogenic drugs. Far from being merely over-ambitious, it is quite simply impossible.

22 September 2012Universal Credit and the December putsch:
... The revised notice was published on 1 March 2012 and the service has to be operational from the Spring of 2013? Barely a year later? Only six months after the contracts are awarded? 21 million claimants? Millions of whom have never used the web? Operational? Countrywide? ... It's a tall order.

25 September 2012Identity assurance – the clock is ticking, ex-Guardian man Mike Bracken's chickens are coming home to roost:
... That's six months time if we measure to the start of next spring, or nine months if we measure to the end. Either way, DWP's Universal Credit (UC) scheme has to be up and running by October 2013 and UC depends on identity assurance as Lord Freud, the welfare reform minister, has emphasised – no identity assurance, no UC.

6 November 2012Identity assurance – shall we vote on it?:
... That's what it says in the draft legislation. Ex-Guardian man Mike Bracken was meant to announce who would be the UK's so-called "identity providers" by 30 September 2012. We're still waiting ... He'd better hurry up. He's promised to have an identity assurance service "operational" for 21 million Universal Credit claimants by Spring 2013.

26 November 2012Identity assurance – one under the eight:
More to the point, there are 21 million prospective claimants for Universal Credit in the UK. Identity assurance is meant to be operational by the Spring of 2013 for all 21 million of them. The chances of that happening are now nil. GDS's failure is extending the imprisonment in the poverty trap of millions of claimants who could be released by Universal Credit. Putting the wrong people in charge of identity assurance has miserable social consequences.

10 December 2012Universal Credit – GDS's part in its downfall:
... That wouldn't be feasible, not now, December 2012, not even if the details of IDAP had all been worked out but they haven't been ("we now have a group of suppliers with whom we can work out the practical issues"). Why hasn't it already been done? How much longer will it take?

11 December 2012, GDS's identity assurance story continues to unravel:
... GDS went on in their blog post of last March to refer to the procurement of identity assurance services, needed by DWP for their Universal Credit initiative: "The initial DWP services will be required to provide identity assurance for approximately 21 000 000 claimants ... To support the rollout of universal credit and personal independence payments, identity assurance suppliers will be selected in summer 2012 and systems will need to be fully operational from spring 2013" ... Question – how did GDS come up with that timetable?

18 January 2013#2 of many lessons about GDS and the external digital thought-leaders:
... it's impossible. Would you trust an organisation that promises the impossible?
And so was born GDS's Identity Assurance Programme (IDAP) [29.12.17: currently known as "GOV.UK Verify (RIP)"] which they have repeatedly promised would be "fully operational from spring 2013".

In the first instance, GDS need to provide identity assurance for the new Universal Credit (UC) system which is designed to rescue people from welfare dependency by making work pay. It's UC that needs identity assurance to be fully operational from spring 2013 and that's what GDS have promised.

From March 2013
Eight so-called "identity providers" have been appointed to turn IDAP into reality. The documentation on the IDAP contracts was published the other day, 16 January 2013, and includes this:
To support the rollout of universal credit and personal independence payments providers will be selected by June 2012 and systems will need to be fully operational from March 2013.
"... fully operational from March 2013" – 37 days away.

That deadline has seemed impossible for years, since at least 20 April 2011 (please see opposite), before GDS existed, but they (GDS) have never sought in public to change it and, even now with only 37 days to go, there may be up to 21 million prospective universal credit claimants out there who assume that the deadline will be met.

It won't. It can't be.

April 2014
In his 22 January 2013 Computer Weekly blog the engaging Toby Stevens reports on the current state of IDAP and says:
And when does all this happen? We would expect to see the first pilots in October this year, with more widespread use kicking off in April 2014.
Fully operational from March 2013? No. October 2013. But that's just "trials". So not fully operational. Maybe more like April 2014. And maybe not.

Has anyone told Iain Duncan Smith that GDS have delayed his beacon policy by at least a year? Presumably not as he keeps telling Parliament that UC's going swimmingly. Has anyone told the press? Or the prospective claimants of UC?

No.

GDS have kept quiet about it.

Cui bono?
Instead, they have diverted us with scores of blog posts about how important the users are – excluding benefit claimants, presumably – and how the users' needs are GDS's only guide and only concern.

They trumpet the success of their single government domain project – "This website replaces Directgov [and] Business Link", it says on the home page of GOV.UK. Manifestly false. The IDAP documentation quoted from above, for example, is on businesslink.gov.uk.

They proudly announce that they will make a minimum of 40,000 public servants redundant thereby saving the government – but not the public – up to £1.8 billion p.a.

Cheekily, in view of UC, GDS claim to believe that they are dedicated to "delivery".

And on 21 January 2013, they held a jamboree, The future is here, attended by 300 civil servants to celebrate themselves and to announce vaingloriously that they would transform government in 400 days.

Who is this all for?

It's clearly not for the users. It's not for the 21 million prospective UC claimants. And it's not for the 40,000+ ex-public servants.

That's alright then
The executive director of GDS and senior responsible officer owner for IDAP is ex-Guardian man Mike Bracken. And on his website he modestly quotes these words of Martha Lane Fox's:
It is a rare individual that can take a bunch of ideas and turn them into a reality in any environment but particularly in government. Mike is doing just that for me and it has been a privilege to watch.
Ms Lane Fox was interviewed at the heady, revivalist, the-future-is-here jamboree by a Computer Weekly journalist, Kathleen Hall, who finishes her article with this:
Although Lane Fox has been digital champion for four years, she has no immediate plans to step down. “I think you have to be constantly appraising yourself as to whether yours is the best voice – or whether you are becoming a bit like white noise, and not doing a good as job as you could be. But at the minute I’m still having a great time,” she said.
GDS's new world
Martha Lane Fox describes her digital-by-default project as a revolution. Those of us who were born yesterday will have no trouble believing that we are living in a new world. First we believed that UC would be fully operational in 37 days time. Then seamlessly we believed that the target is 400 days.

And in 400 days time?

What will GDS have us believe then?

Monday 21 January 2013

Skyscape Cloud Services push the boat out

Time was, when you went to the cinema, there was always an advert for the local curry house.

These short promotional films followed rules from which no deviation was permitted.

The cameraman had to have the shakes. The soundtrack had to be just as unsteady, as though it was hanging on, rather listlessly, and didn't much care if it lost its grip.

The first grainy shot would have the proprietor, off-centre, trying to smile naturally and failing. All expense spared, the film would cut to a close-up of congealed entrails in a cracked bowl and then pull back to show a lot of worryingly pasty-faced people with no make-up sitting round a table and looking as though they might try eating the entrails. Or not.

Finally, without warning, it would stop being daylight and while the sound recordist replaced the sitar music with something more Hawaiian a voice-over would explain to us that the restaurant was just three doorways from this very venue, as though we didn't know, next to the betting shop.

It's always been a mystery. What happened to the professionals who made these gems? Where are they now? Let's face it, we miss them, it's part of our heritage.

Mystery solved. Take a look at this. Five-and-a-half minutes of Skyscape Cloud Services – Storage as a Service on EMC Atmos.

Let the whole thing waft over you and then try to answer a few questions:
  • How much training was the graphic designer given? Any?
  • Why didn't they just re-record the voice-over instead of editing it, apparently with a trowel?
  • Who is being advertised? Skyscape? Or EMC?
  • What are they selling and why should you buy it?
  • How far are they from the betting shop?
  • Can you remember anything about the film you've just seen?
It's a hugely nostalgic five-and-a-half minutes. Especially when you realise that HMRC have contracted with this company, probably Skyscape but maybe EMC, to store a lot of our data currently kept at HMRC local offices. And that GDS, the Government Digital Service, have contracted with them to host GOV.UK, the website on which all public services are supposed soon to depend.

Does this little film inspire you with the confidence to host your website and store your data with Skyscape/EMC? Or would you rather eat the congealed entrails after all?

Skyscape Cloud Services push the boat out

Time was, when you went to the cinema, there was always an advert for the local curry house.

These short promotional films followed rules from which no deviation was permitted.

The cameraman had to have the shakes. The soundtrack had to be just as unsteady, as though it was hanging on, rather listlessly, and didn't much care if it lost its grip.

The first grainy shot would have the proprietor, off-centre, trying to smile naturally and failing. All expense spared, the film would cut to a close-up of congealed entrails in a cracked bowl and then pull back to show a lot of worryingly pasty-faced people with no make-up sitting round a table and looking as though they might try eating the entrails. Or not.

Finally, without warning, it would stop being daylight and while the sound recordist replaced the sitar music with something more Hawaiian a voice-over would explain to us that the restaurant was just three doorways from this very venue, as though we didn't know, next to the betting shop.

It's always been a mystery. What happened to the professionals who made these gems? Where are they now? Let's face it, we miss them, it's part of our heritage.

Sunday 20 January 2013

#3 of many lessons about GDS and the external digital thought leaders

Each week, ex-Guardian man Mike Bracken, executive director of the Government Digital Service (GDS) and senior responsible officer owner for the government-wide Identity Assurance Programme (IDAP), writes up his diary for the previous seven days and publishes it. And on 11 January 2013, it was published in the form of a video. Tune in and learn, as he explains that:
Martha gave us our publishing mandate. And we've now got our transaction mandate [now that there are digital strategies for each government department].
"Martha", of course, is Martha Lane Fox DBE, the UK Machiavelli de nos jours, the Prime Minister's digital champion and chairman of the GDS advisory board (and now also a member of Richard Branson's/Virgin Media's 'Our Digital Future' campaign). It is thanks to her 14 October 2010 letter to Francis Maude – Directgov 2010 and beyond: revolution not evolution – that GDS exists.

Actually, that's not true.

None of it.

Ms Lane Fox's letter asserted that GDS should be responsible for publishing all central government information. It also asserted that GDS should be in charge of all on-line transactions between government and the public. You can hardly miss it. That was recommendation #1 in her letter:
Recommendation 1

Make Directgov [= GOV.UK] the government front end for all departments' transactional online services to citizens and businesses, with the teeth to mandate cross Government solutions, set standards and force departments to improve citizens' experience of key transactions.
Ex-Guardian man Mike Bracken's neat little distinction between his publishing mandate and his transaction mandate is false.

Doubly so. Because the mandate doesn't come from Ms Lane Fox. How could it? She's in no position to tell Whitehall how to organise itself. The mandate can only have come from very senior civil servants and from politicians. It's thanks to them that GDS exists, not Ms Lane Fox.

Ms Lane Fox is a salesman. An exceptionally good one but nevertheless that's all. A salesman. She has no experience of running an enormous organisation like DWP, for example, and no experience of supplying life-supporting services to millions of members of the public.

You may disagree.

Who's right? DMossEsq or you? How can we tell?

You can settle the matter easily thanks to ex-Guardian man Mike Bracken's having organised Sprint 13, the must-be-there party at the Queen Elizabeth II Conference Centre tomorrow Monday 21 January 2013 from 08:45 to 13:00 (GMT).

300 of Whitehall's best + "Government and Agency Board Members, Officials, Policy Makers, Ministers, Press and External Digital Thought-Leaders", all assembled in one place and Martha Lane Fox is due to make a speech. DMossEsq won't be there. But you will. You can just ask her.

Remember, according to Ms Lane Fox you don't have a strong grasp of government policy. And your woodentopped insistence on obeying the law is merely obstructive:
It seems to me that the time is now to use the Internet to shift the lead in the design of services from the policy and legal teams to the end users ...

Directgov [=GDS] SWAT teams ... should be given a remit to support and challenge departments and agencies ... We must give these SWAT teams the necessary support to challenge any policy and legal barriers which stop services being designed around user needs ...

This person [in the event, ex-Guardian man Mike Bracken] should have the controls and powers to gain absolute authority over the user experience across all government online services ... and the power to direct all government online spend.

The CEO for Digital should also have the controls and powers to direct set and enforce standards across government departments ...
While you're at it, you may as well take advantage of his presence to ask ex-Guardian man Mike Bracken a few questions, too.

Sprint 13, after all, is the event at which he explains that those 300 of Whitehall's best have been doing their job wrong for the past several decades and insists that they now do it his way. The Estonian way.

#3 of many lessons about GDS and the external digital thought leaders

Each week, ex-Guardian man Mike Bracken, executive director of the Government Digital Service (GDS) and senior responsible officer owner for the government-wide Identity Assurance Programme (IDAP), writes up his diary for the previous seven days and publishes it. And on 11 January 2013, it was published in the form of a video. Tune in and learn, as he explains that:
Martha gave us our publishing mandate. And we've now got our transaction mandate [now that there are digital strategies for each government department].
"Martha", of course, is Martha Lane Fox DBE, the UK Machiavelli de nos jours, the Prime Minister's digital champion and chairman of the GDS advisory board (and now also a member of Richard Branson's/Virgin Media's 'Our Digital Future' campaign). It is thanks to her 14 October 2010 letter to Francis Maude – Directgov 2010 and beyond: revolution not evolution – that GDS exists.

Actually, that's not true.

Friday 18 January 2013

#2 of many lessons about GDS and the external digital thought-leaders

Would you trust an organisation that promises the impossible?

It's a week now since ex-Guardian man Mike Bracken, executive director of the Government Digital Service (GDS) and senior responsible officer owner for the government-wide Identity Assurance Programme (IDAP), issued his invitation to Sprint 13, The Future is Here.

What a party it promises to be. Come and meet "Government and Agency Board Members, Officials, Policy Makers, Ministers, Press and External Digital Thought-Leaders" in uptown SW1 at the Queen Elizabeth II Conference Centre on Monday 21 January 2013 from 08:45 to 13:00 (GMT) – "jealousy" hardly begins to describe the state of those of us who have been uninvited.

Still, at least the uninvited don't face the invidious choice of the select band of party-goers – which workshop to attend:

• AGILE working methods? Why do we need digital delivery? Electoral Registration Transformation?
Assuring identity in a digital environment? Going digital? ‘You be the judge’?
Aid information platform? Digital policy engagement? Open changes everything?
The use of social media? Open policymaking? ...

Very tempting to try Electoral Registration Transformation. So many questions:
  • Can the law be changed to allow the data-sharing which its advocates believe would facilitate a complete and accurate electoral roll?
  • Would data-sharing help?
  • How do you reconcile Whitehall's claim that they don't want to create a single national identity register with the plan to store the complete electoral roll with the credit referencing agencies?
  • Would that complete electoral roll provide the basis for a new way to conduct the national census?
  • ...
But in the end the choice surely must be Assuring identity in a digital environment:
  • If there's no on-line identity assurance, then GDS have been wasting their time.
  • If we can't transact with the government on the web, then digital-by-default collapses.
What are the chances of GDS delivering on-line identity assurance? Slim-to-nil.

We have the lesson of the National Identity Scheme to go by. After eight years of unstinting political support and taxpayers' money, it collapsed, with nothing to show for it, except the nervous breakdown from which the Identity & Passport Service still haven't recovered.

It would be a hard job in any circumstances to get digital-by-default off the ground. The news every day carries stories of security breaches on even the most exalted websites. And even whole countries – including ex-Guardian man Mike Bracken's favourite Estonia.

After years of security failures, GDS start with no trust. Which means they can't start.

No-one believes any more that there is any such thing as a secure website. The belief in secure websites is right up there with the belief in unicorns.

It would be hard enough, to recap, to make digital-by-default work in any circumstances, but GDS have made it even harder for themselves than it need be.

With the quasi-religious light of web zealots in their eye, GDS want to make access to public services just as easy as access to Facebook and Google and Twitter. That means abandoning the clunky old Government Gateway. The Gateway is relatively secure. Precisely because it's so clunky. Having separate user IDs and passwords for each person/company for each public service is precisely what makes it relatively secure. Get rid of the clunkiness and you lose the relative security.

GDS have appointed eight national so-called "identity providers" (IDPs). The name is either laughable or sinister. Neither quality promotes trust.

They were late naming seven of the IDPs, please see Identity assurance – one under the eight. And the name of the eighth – PayPal – only came to light about 48 hours ago, by such a devious route that their appointment looks suspicious, please see The identity of the UK's eighth identity provider has now been provided, reluctantly.

Why are GDS so embarrassed about PayPal? Or why are PayPal so embarrassed about GDS? Either way, it does nothing for trust.

Last March, 2012, GDS told us that IDAP would be "fully operational from spring 2013", please see Universal Credit and the December putsch. Now we learn that "systems will need to be fully operational from March 2013". The beginning of March? 41 days away. Or the end? 72 days. Either way, it's impossible. Would you trust an organisation that promises the impossible?

All that, and GDS want to put public services in the cloud, acknowledged as the single most efficacious way to lose control of your data. In this case of course, our data. Another own goal by GDS.

It promises to be a lively congregation on Monday and it's an infuriating shame to miss it.

----------

Updated 23.11.14

It was January 2013 when we wrote the following, please see above – all but two years ago:
GDS have appointed eight national so-called "identity providers" (IDPs). The name is either laughable or sinister. Neither quality promotes trust.
It's all change now. The Identity Assurance scheme (IDA) is now known as "GOV.UK Verify" and as GDS were telling us the other day in How does a certified company establish that it’s really you? ...
When you want to access a service using GOV.UK Verify for the first time, you’ll be asked to choose from a list of certified companies (also known as ‘identity providers’ – they can actually be any type of organisation that is certified).
... they're not called "identified providers" any more. Now they're called "certified companies". Stuck in their own terrarium, it's taken GDS two years and more to notice how ridiculous the idea of an "identity provider" is.

That's not all that's changed.

Three of the original "identity providers" have pulled out – Cassidian, Ingeus and PayPal want nothing to do with IDA/GOV.UK Verify.

And of the remaining five, only one is certified – Experian. The other four – Digidentity, Mydex, the Post Office and Verizon – have yet to be certified trustworthy by tScheme, an organisation no-one has heard of and no-one has any reason to trust.

#2 of many lessons about GDS and the external digital thought-leaders

Would you trust an organisation that promises the impossible?

It's a week now since ex-Guardian man Mike Bracken, executive director of the Government Digital Service (GDS) and senior responsible officer owner for the government-wide Identity Assurance Programme (IDAP), issued his invitation to Sprint 13, The Future is Here.

What a party it promises to be. Come and meet "Government and Agency Board Members, Officials, Policy Makers, Ministers, Press and External Digital Thought-Leaders" in uptown SW1 at the Queen Elizabeth II Conference Centre on Monday 21 January 2013 from 08:45 to 13:00 (GMT) – "jealousy" hardly begins to describe the state of those of us who have been uninvited.

midata – the simple question posed by Which?

BIS – abandon midata as a bad job. Now.

Is it safe? Yes or no?
In their 3 November 2011 press release Government, business and consumer groups commit to midata vision of consumer empowerment, the Department for Business Innovation and Skills (BIS) said:
The following consumer groups and regulators are working with midata to represent consumers' interests and concerns. As well as working towards potential benefits, their input plays an important role in identifying potential risks and helping determine how these can be addressed:

- Citizens Advice
- Communications Consumer Panel
- Consumer Focus
- Information Commissioner’s Office (ICO)
- OFCOM
- Office of Fair Trading (OFT)
- Which?
Now, 14 months later, we are still none the wiser how midata would "empower" consumers.

If the regulators in the list above had succeeded in their task, then no-one would be considering midata. We are still none the wiser how midata could succeed where the regulators have failed.

Jo Swinson MP is the Minister responsible for midata and she posted an article on the Which? blog last month, What if companies gave me control of my data?. What indeed. We are still none the wiser how midata could give consumers control of their data. That control depends on changes in the law worldwide and those changes are not in BIS's gift.

What about Which? themselves? The Consumers' Association. Where do they stand on midata?

The Which? response to BIS's midata consultation opens by saying that midata is a good idea and then spends several pages describing the dangers of identity theft which would be exacerbated by midata. So which is it? Are they in favour, or not?

As you would expect from the most respected consumer group in the country, with 56 years of worthy service behind them, Which? run a commendably open blog. And in one of the comments on the Jo Swinson article Which?'s in-house lawyer, Georgina Nelson, highlights the risks associated with midata and says (17 January 2013 at 11:40 am):
Our position has always been that our support for the midata programme is contingent upon addressing these issues.
The title of BIS's 3 November 2011 press release is misleading. Which?, at least, are not "committed to the midata vision". Their support is, quite rightly, contingent.

It's up to BIS to demonstrate that midata would be safe. Failing that, Which? can't support it.

It's hard to imagine that anyone else could support it either.

So – question: can BIS demonstrate that midata would be safe for consumers? Yes or no? They can't tell us how it would empower us or how it would give us control over our data but can they at least convince us that midata would be safe?

If not, perhaps BIS would like to abandon midata as a bad job now and promote consumer empowerment in some effective way.

Which? could no doubt make several suggestions how BIS could spend their time and our money better.

midata – the simple question posed by Which?

BIS – abandon midata as a bad job. Now.

Is it safe? Yes or no?
In their 3 November 2011 press release Government, business and consumer groups commit to midata vision of consumer empowerment, the Department for Business Innovation and Skills (BIS) said:
The following consumer groups and regulators are working with midata to represent consumers' interests and concerns. As well as working towards potential benefits, their input plays an important role in identifying potential risks and helping determine how these can be addressed:

- Citizens Advice
- Communications Consumer Panel
- Consumer Focus
- Information Commissioner’s Office (ICO)
- OFCOM
- Office of Fair Trading (OFT)
- Which?
Now, 14 months later, we are still none the wiser how midata would "empower" consumers.

If the regulators in the list above had succeeded in their task, then no-one would be considering midata. We are still none the wiser how midata could succeed where the regulators have failed.

Thursday 17 January 2013

GDS, data-sharing, privacy and dignity

In February 2007 a man called Chris Lightfoot committed suicide. Many people paid tribute to him including Phil Booth, the National Coordinator of NO2ID, who wrote in memoriam Chris Lightfoot, 1978 – 2007:
Chris, more than most, understood how important it is that we should all have the choice of what about ourselves we share with others. His intellectual honesty and keen appreciation of human dignity informed all that he did ...
Now another man has committed suicide, Aaron Swartz, and again there are many tributes including one from Sir Tim Berners-Lee ...


... and one from ex-Guardian man Mike Bracken, executive director of the Government Digital Service (GDS) and senior responsible officer owner for the UK's pan-government Identity Assurance Programme (IDAP), please see Standing on the shoulders of giants:
We are shocked and saddened by the death of Aaron Swartz. Some of us at GDS were fortunate to have met him ...

Here in the UK, it inevitably brings back the pain six years ago of losing Chris Lightfoot ...

We should also mourn as citizens, because Aaron and Chris embodied an unbridled eagerness to apply the toolkit of the internet age in the service of civil society ...

Much of the work we do, and the way we do it, drew inspiration from the work of Aaron and Chris ...

>> About this post:
Many people contributed to this short post. We are in their debt. I wasn’t entirely sure that this was an appropriate post for our blog, so I’ve also published this at mikebracken.com. I understand this may seem the wrong place for these sentiments but we also believe in openness and we think that government departments should behave as though there are humans in them. This is from our human side. I apologise in advance if anyone thinks I made the wrong call. That decision was all mine.
It is Sir Isaac Newton who described himself as standing on the shoulders of giants.

Sir Tim believes that the web can know more about us than we do.

GDS with their IDAP hat on want us all to use personal data stores (PDSs). They want those PDSs to be maintained on the web, in the cloud. And they want the existing laws prohibiting data-sharing between government departments to be repealed or ignored, using as an excuse individual electoral registration, the national census and putative cuts in public administration costs.

This looks like the opposite of Chris Lightfoot's appeal to human dignity.

GDS, data-sharing, privacy and dignity

In February 2007 a man called Chris Lightfoot committed suicide. Many people paid tribute to him including Phil Booth, the National Coordinator of NO2ID, who wrote in memoriam Chris Lightfoot, 1978 – 2007:
Chris, more than most, understood how important it is that we should all have the choice of what about ourselves we share with others. His intellectual honesty and keen appreciation of human dignity informed all that he did ...
Now another man has committed suicide, Aaron Swartz, and again there are many tributes including one from Sir Tim Berners-Lee ...