Thursday, 28 March 2013

GDS, the NAO, the BBC, parliament and DWP – five questions

The National Audit Office (NAO) have released a new report, Digital Britain 2: Putting users at the heart of government’s digital services, examining the Government Digital Service (GDS) plans for digital-by-default. The report's conclusions concentrate on the problems faced by people who can't or won't use on-line public services.

The same problem was examined the day before yesterday by Mark Easton, the BBC's home affairs editor.

And 52 members of parliament have put their name to an early day motion to debate the problem.

Meanwhile the Department for Work and Pensions (DWP), who were depending on digital-by-default for the introduction of Universal Credit, have published not one but two documents confirming that benefits will continue to rely on face-to-face meetings, telephone calls and letters in the post – the very opposite of digital-by-default – please see Local Support Services Framework and Universal Credit – Your claim journey.

GDS have responded to the NAO report with a post on their blog today:
Overall, this report is a really positive sign we’re moving in the right direction. But it’s also a helpful reminder of the work we still need to do to support those who are less able to use online services.

Monday, 25 March 2013

GDS and the doom-by-default Wednesday summit

As usual, it's interesting what ex-Guardian man Mike Bracken doesn't talk about in his weekly diary:
  • 48 members of parliament have now signed an early day motion to debate the Government Digital Service's plans for digital-by-default. Or rather, the lack of plans for how to cope with the millions of people in the UK who have never used the web and will be excluded by default.
  • The repeated promise was that GDS would have an identity assurance service "fully operational" for 21 million DWP claimants "by March 2013". Today is Monday 25 March 2013 and there's no sign of it.
There is no reference in the 22 March 2013 issue of the diary to either of these matters but we do learn that this week's meeting of Whitehall's permanent secretaries will take place at GDS Towers and will be concerned with the state of digital-by-default.

Oh, to be a fly on the wall there.

Friday, 22 March 2013

Parliament questions digital-by-default

For some time now the Government Digital Service have behaved as though it is realistic to nudge everyone onto the web even though they know perfectly well that that will make public services inaccessible to millions of people in the UK.

Now reality is catching up with them.

Thursday, 21 March 2013

Potemkin power in Whitehall

Then ...

Potemkin village
The phrase Potemkin villages ... was originally used to describe a fake village, built only to impress. The phrase is now used, typically in politics and economics, to describe any construction (literal or figurative) built solely to deceive others into thinking that some situation is better than it really is. It is unclear whether the origin of the phrase is factual, an exaggeration, or a myth.

According to the story, Russian minister Grigory Potemkin who led the Crimean military campaign erected fake settlements along the banks of the Dnieper River in order to fool Empress Catherine II during her visit to Crimea in 1787.

Historical debate
Modern historians are divided on the degree of truth behind the Potemkin village story.

While tales of the fake villages are generally considered exaggerations, some historians dismiss them as malicious rumors spread by Potemkin's opponents. These historians argue that Potemkin did mount efforts to develop the Crimea and probably directed peasants to spruce up the riverfront in advance of the Empress' arrival.

According to Simon Sebag-Montefiore, Potemkin's most comprehensive English-language biographer, the tale of elaborate, fake settlements with glowing fires designed to comfort the monarch and her entourage as they surveyed the barren territory at night, is largely fictional.

Aleksandr Panchenko, an established specialist on 19th century Russia, used original correspondence and memoirs to conclude that the Potemkin villages are a myth. He writes: "Based on the above said we must conclude that the myth of "Potemkin villages" is exactly a myth, and not an established fact."

Panchenko writes that "Potyomkin indeed decorated cities and villages, but made no secret that this was a decoration."

Also, the close relationship between Potemkin and the Empress would make it difficult for him to deceive her. Thus, the deception would have been mainly directed towards the foreign ambassadors accompanying the imperial party.

Regardless, Potemkin had in fact supervised the building of fortresses, ships of the line, and thriving settlements, and the tour – which saw real and significant accomplishments – solidified his power.

So, even though "Potemkin village" has come to mean, especially in a political context, any hollow or false construct, physical or figurative, meant to hide an undesirable or potentially damaging situation, it's possible that the phrase cannot be applied accurately to its own original historical inspiration.

According to a legend, in 1787, when Catherine passed through Tula on her way back from the trip, the local governor Mikhail Krechetnikov indeed attempted a deception of that kind in order to hide the effects of a bad harvest.
... and now

Potemkin website
The phrase Potemkin website was originally used to describe folders in GOV.UK, the single government domain which was meant to replace all the separate departmental and other central government websites. It is unclear how re-writing a lot of websites that already existed was deemed to be a sensible use of money and unknown how the departments of state put up with this interference.

According to the story, ex-Guardian man Mike Bracken, executive director of the Government Digital Service, created these folders all over GOV.UK acting under the instructions of Lady (Martha) Lane Fox of Soho.

Future debate
Future historians will be divided on the exact nature of these Potemkin websites of GDS's.

While GDS claimed to have replaced the Department for Transport website, for example, it was clearly still there all the time behind the façade. Ditto the HMRC website, still there for all to see. These little deceptions cannot have escaped Lady Lane Fox but she described it nevertheless as a "privilege" to watch GDS crafting GOV.UK.

For over a year Bracken claimed that he would make an elaborate system of identity assurance available to all 21 million DWP claimants. It was due to be unveiled in March 2013 but in the event, a dark night for all concerned, the service turned out unfortunately to be entirely fictional.

Scrutiny of contemporary source documents reveals the claim that GDS would replace the Government Gateway with a new means for people to transact with the government. Future historians may conclude that this service, too, proved to be "exactly a myth, and not an established fact".

It is in the nature of the web, of course, in its very openness to inspection, that these lacunae could not be concealed.

And yet the promises were repeated, budgets were agreed, frameworks were discussed and conferences were addressed. The people who remained in the dark would have been mainly the public and visiting dignitaries from Estonia.

Despite which, GDS's Potemkin power over the other departments of state continued to grow and it took on more and more responsibilities, its qualifications for which were rarely questioned.

At a time when virtual gurus plaited virtual trading with virtual businesses into a virtual reality, perhaps digital-by-default was no more a "hollow or false construct" than many another Whitehall initiative. Let that be a historical warning about the difference between modish wishful thinking and evidence-based policy.

It is said that Francis Maude looked to GDS to change the way the census was conducted. And that Nick Clegg relied on GDS to bring individual electoral registration to pass. Healthy fruit both of them, but neither was harvested.

Sunday, 17 March 2013

GDS falls at the first fence (Software Engineering 101)

Like any religion, digital-by-default needs manuals for its adherents to follow and the lead story in the Government Digital Service (GDS) broadcast on 15 March 2013 is the publication of one such manual, the Digital by Default Service Standard:

To embrace digital-by-default is to see government as the design of so many services and the question is what makes a service a good service, what is the definition here of "excellence"? This is the question to which ex-Guardian man Mike Bracken addresses himself in the clip above and the gospel answer is given in the service standard manual.

Thursday, 14 March 2013

GDS's misplaced faith and the governance of Whitehall

Today we announced some small but important changes in governance. The detail is here but the upshot is: we won’t have a cross-government Chief Information Officer (CIO) any more, nor a Head of Profession for Information and Communications Technology (ICT). We are moving responsibility for these capabilities to the Government Digital Service and we are closing some cross-government boards in various technology areas and reviewing the rest in order to make sure we are set up as efficiently as possible.
Thus ex-Guardian man Mike Bracken writing today in a post on the Government Digital Service (GDS) blog, Of the web, not on the web. He's the executive director of GDS and the senior responsible officer owner for the pan-government identity assurance programme (IDAP, failed).

GDS's Identity Assurance Programme goes up in smoke

Computer Weekly, 14 March 2013:
IDA services put on ice for Universal Credit delivery
Only the other day there we were, weren't we, asking if the Government Digital Service's pan-government Identity Assurance service is up and running yet. They had promised that it would be "fully operational" for 21 million Department for Work and Pensions claimants "by March 2013".

Well now, thanks to Computer Weekly, we know the answer.
No mention was made of the use of IDA in the DWP’s Local Support Services Framework ... Instead, the paper referenced the issuing of PIN numbers to users for their online accounts ...
GDS talked a good game once. Is there any hope now for IDA?

No. Judging by this 12 March 2013 post on their blog, Identity Alphas, GDS are innocents abroad in the world of identity management.

"Where did it all go wrong?" You may well ask.

Tuesday, 12 March 2013

The Identity & Passport Service, biometrics and your money

Roll up, roll up
and watch a collection of goldfish
set light to a £15 million pile of notes
and reduce it to ashes.

The Identity & Passport Service (IPS) is an executive agency of the Home Office.

IPS were meant to issue us all with ID cards.

ID cards were meant to solve all our problems. Terrorism, crime, border control, you name it, think of a problem, ID cards would solve it.

And they were meant to make our lives easier. With ID cards, so it was said, it would be easier to open a bank account, easier to get a job, easier to prove your right to state benefits, easier to travel domestically and abroad, you name it, think of any transaction, ID cards would make it easier.

The UK ID card scheme had unstinting political support from July 2002 onwards from two prime ministers (Blair and Brown), five home secretaries (Blunkett, Clarke, Reid, Smith, Johnson) and the whole of Whitehall. The scheme had unstinting assistance from the best management consultants and contractors. Asked at one stage whether the budget had been exceeded, the Home Office said no, it couldn't be, there wasn't a budget. The media were largely in favour and, to start with, so were the public.

And yet it failed. By December 2010 when the Identity Cards Act 2006 was repealed, IPS had to admit that there was nothing to show for £292 million of public expenditure. Nothing. Absolutely nothing.

Universal Credit – a tricky confinement

Monday, 11 March 2013

Full marks to midata

You have zero privacy anyway.
Get over it.
Scott McNealy, CEO Sun Microsystems
January 1999
25 years he's been a privacy campaigner. Simon Davies knows what he's talking about.

In August 2012 he issued a questionnaire to find out what practitioners around the world were talking about.

And in January this year he published his findings, Predictions for Privacy, based on 181 responses.
It looks as though 13 issues will be on the agenda in 2013. They are all explained concisely on pp.11-14 of Mr Davies's report :
  1. Mobile apps
  2. Mobile geo-location
  3. Data aggregation
  4. Online advertising
  5. Data protection reform
  6. Big Data
  7. Face recognition systems
  8. Government surveillance systems
  9. Health data for private sector us
  10. Compulsory website ownership registration and verification
  11. Ambient intelligence and the “Internet of Things”
  12. Identity architectures
  13. Export of surveillance technologies to non-democratic regimes
His report rejects the McNealy doctrine, the defeatist belief that it's all over for privacy in the modern world.


Monday, 4 March 2013

GDS, HMRC and IDAP – where did it all go wrong?

You wouldn't guess it from the jocular little video diary they published but St David's Day 2013 was a terrible day of failure for the Government Digital Service(GDS).

(For new readers: IDAP = the Identity Assurance Programme.)

Friday, 1 March 2013

G-Cloud Death LATEST: was it an inside job?

PRESS RELEASE: Is identity assurance fully operational in the UK today?

The following press release has been issued:-


Is identity assurance fully operational in the UK today?

1 March 2013

Six weeks ago, 16 January 2013, the Department for Work and Pensions (DWP) published the details of a contract they had awarded in connection with Universal Credit.

There are 21 million claimants on DWP's services, they all have to be identified and the contract appoints eight official so-called "identity providers" for the UK. The description of the contract includes this:
In supporting the digital by default policy in general and the Government’s welfare reform agenda in particular, cabinet office have produced guidance for all major public service provider departments relating to the need for identity assurance of members of the public when accessing government services ...

To support the rollout of universal credit and personal independence payments providers will be selected by June 2012 and systems will need to be fully operational from March 2013 [emphasis added].
That's today, 1 March 2013, and the question is, are these UK identity assurance systems now fully operational as stipulated?

If so, we live in something of a new world.

If not, we need to know if the identity assurance programme, like the ID cards scheme before it, is going to linger on for years and then be cancelled with nothing to show for the hundreds of millions of pounds of taxpayers' money spent on it.


Notes to editors
1. Although it's nominally a DWP contract the organisation really in charge of UK identity assurance is the Government Digital Service (GDS), part of the Cabinet Office, please see Universal Credit and the December putsch: "The revised DWP OJEU notice is effectively an HMG-wide framework being delivered initially using DWP as the vehicle ... This approach ensures that, ultimately, HMG-wide Identity Assurance is supplied across central departments via a common procurement portal ... and governed by the Cabinet Office".

2. The UK's eight official so-called "identity providers" are: The Post Office, Cassidian, Digidentity, Experian, Ingeus, Mydex, PayPal and Verizon. C.f. The identity of the UK's eighth identity provider has now been provided, reluctantly.

3. Digital-by-default is normally described as the Whitehall policy to make all transactions with the government take place over the web, please see Amazon, Google, Facebook et al – the latter-day pied pipers of Hamelin. GDS's model for the UK is Estonia, please see Francis Maude seeks future in Estonia.

4. What digital-by-default involves is re-constructing Whitehall with power centralised in GDS, please see Martha Lane Fox – and OBITUARY: Whitehall 1947-2012 and A Whitehall death foretold – soul control and Whitehall governance, and GDS's fantasy strategy.

5. Identity assurance is not limited to Universal Credit. Its proposed scope includes all transactions with the government ...

6. ... and the compilation of the electoral register, please see Identity assurance – shall we vote on it?.

7. ... and the compilation of the census, please see Alan Travis – Whitehall, the Guardian newspaper and Lord Leveson.

8. The Department for Business Innovation and Skills claim that consumers will be "empowered" if we adopt their midata plan and use Personal Data Stores, which are virtual ID cards stored on the web, in the cloud, please see Identity assurance. Only the future is certain – doom 4 and last (William Heath, Mydex, midata, BIS, GDS and ID cards) – which takes us into areas of transactions supposedly not involving the government.

9. According to its Whitehall advocates, digital-by-default is modern, fit for the 21st century, inevitable and energy-efficient, and will result in high quality, trusted public services. In fact it is a re-hash of Tony Blair's call in 2005 for joined up government which led to Whitehall's failed Transformational Government initiative. Transformational Government depended on ID cards (please see para.39(7), p.13) and digital-by-default depends on identity assurance.

10. According to its advocates, digital-by-default will save money. Given the history of Whitehall IT projects, that claim must evoke a certain scepticism, please see It's all John's fault.

11. If it does save money, GDS say that it will be by making public servants redundant, please see The savings to be expected from digital-by-default – a clarification. They promise a minimum of 40,000 redundancies, and many more if the constraints on data-sharing can be lifted. They propose in their Digital Efficiency Report that Whitehall should keep the savings rather than pass them back to the public.

It is important to discover whether identity assurance is, as promised, fully operational in the UK today.

"Fully operational" is defined in DWP's description of the contract and involves identity verification, credential management, identity correction services, identity authentication, the use of a standardised data description of identity, the inclusion of attributes like bank account details, the implementation of secure organisational procedures, support for a proper privacy model and a proper consent model, multi-channel delivery, geographical reach and demographic reach.

Tick all those boxes and perhaps we have fully operational identity assurance in the UK today. Otherwise, we haven't.

About David Moss
David Moss has worked as an IT consultant since 1981. The past 9 years have been spent campaigning against the Home Office's plans to introduce government ID cards into the UK. It must now be admitted that the Home Office are much better at convincing people that these plans are a bad idea than anyone else, including David Moss.

Press contacts: David Moss,