Monday, 29 July 2013

John Naughton, welcome to the club

(Hat tip: Philip Virgo)

John Naughton is professor of the public understanding of technology at the Open University. Writing in yesterday's Observer, 28 July 2013, he says:
... no US-based internet company can be trusted to protect our privacy or data. The fact is that Google, Facebook, Yahoo, Amazon, Apple and Microsoft are all integral components of the US cyber-surveillance system. Nothing, but nothing, that is stored in their "cloud" services can be guaranteed to be safe from surveillance or from illicit downloading by employees of the consultancies employed by the NSA. That means that if you're thinking of outsourcing your troublesome IT operations to, say, Google or Microsoft, then think again.

... when your chief information officer proposes to use the Amazon or Google cloud as a data-store for your company's confidential documents, tell him where to file the proposal. In the shredder.

Friday, 26 July 2013

Instrumenting the kettle

Exclusive: sometimes there is a difference between fiction and reality.

Steve Hewlett is presenting a report at the moment on BBC Radio 4, Privacy Under Pressure. Three episodes, Episode 2 was on Monday 22 July 2013, final episode next Monday, don't miss it, 9 a.m.

Everyone remembers Minority Report, the Tom Cruise film where the murder rate has dropped to zero because the "Precrime" unit intervenes before anyone commits a felony.

What is the use of the internet of things? That's what Steve Hewlett.wanted to know. And there was our very own Professor Sir Nigel Shadbolt to tell him.

You remember Sir Nigel. He's head of the Open Data Institute. And midata. He's the one who thinks that the economy will grow if we give all our public and personal data to innovative app-designers. Him and Stephan Shakespeare. Although neither of them can usually think what these apps might do to be useful and profitable.

And you remember the internet of things.That's when you connect every device in the world to the internet and then monitor them.

Worked a treat for the US Chamber of Commerce. They thought they were controlling the central heating in one of their flats remotely. In fact, the thermostat was busy sending stolen data to the Chinese: "months later, the chamber discovered that Internet-connected devices — a thermostat in one of its corporate apartments and a printer in its offices — were still communicating with computers in China".

Biometrics – Hollywood v. Kingston upon Thames

Exclusive: sometimes there is a difference between fiction and reality.

Steve Hewlett is presenting a report at the moment on BBC Radio 4, Privacy Under Pressure. Three episodes, Episode 2 was on Monday 22 July 2013, last episode next Monday, don't miss it, 9 a.m.

Everyone remembers Minority Report, the Tom Cruise film where people are identified by the patterns of their irises. As they walk around the shopping mall, personally tailored advertisements invite them to enjoy special offers in the shop they're just passing.

Politicians may believe that this technology already works and is available today. It isn't. Senior civil servants and journalists may believe it but they're wrong, too.

Thursday, 25 July 2013

"Identity providers" – GDS issue the black spot

One UK citizen said:”I pay the government to identify and verify me when I am born (birth certificate), when I marry (marriage certificate), when I die (death certificate) and when I travel (passport and driving licence). Why should I then have to pay an outside private organisation to verify who I am when I transact with the government online, when I've already paid the government? Let the government – possibly the passport service that is also the national records office – be my identity provider of choice.”
The UK is the proud possessor of not just one "identity provider", not two, but no less than eight of them. Digidentity and Verizon. The Post Office and Experian. Mydex and Ingeus. Cassidian and PayPal.

It's been hard for them. Initially, the Department for Work and Pensions (DWP) offered the "identity providers" £240 million to get the Identity Assurance Programme (IDAP) up and running in the UK. Then ex-Guardian man Mike Bracken stepped in and cut the offer to £30 million. By the time contracts were awarded, that figure was down to £25 million.

The idea was to have IDAP "fully operational" for DWP by March 2013. Four months ago. It wasn't operational then, and it still isn't.

Has IDAP been shelved? Or cancelled? No. Digital by Default News tell us that HMRC will be the first public body to use IDAP.

(It may help to explain that Digital by Default News "is one of a new portfolio of Contentive websites providing critical, real-time intelligence in a wide range of niche industry verticals".)

Wednesday, 24 July 2013

The rise of the captive cloud

• PASC should rescue the good idea of SME competition
from the clutches of G-Cloud

• PASC should look carefully at the way competition is being operated
in G-Cloud

Whitehall misfeasance
The Public Administration Select Committee (PASC) published its report on Government Procurement on 16 July 2013:
The public sector spends £227 billion each year buying a range of goods, services and works, £45 billion of which is spent by Whitehall Departments. The Ministry of Defence alone spends £20 billion a year. By improving the efficiency and effectiveness of procurement, the Government has an opportunity not only to save the taxpayer significant sums of money, but also to drive economic growth. (p.1)
 PASC say that the public is getting poor value for money and that:
There are clear shortcomings in the ability of the Civil Service to run effective and efficient procurement. The Civil Service shows a consistent lack of understanding about how to gather requirements, evaluate supplier capabilities, develop relationships or specify outcomes. (p.3)
This record of misfeasance in public office goes back at least 30 years and shows few signs of improvement:
Whilst we welcome the Government’s initiatives to centralise procurement, we note that progress so far has been painfully slow and sporadic. It is clear from our evidence that this is because, despite the centralising mandate given to the Cabinet Office by a Cabinet Committee, inter-departmental cooperation is poor. (p.4)
At worst, this soap opera is about suppliers charging the biggest number they can think of for poor quality service and about incompetent satraps paying them.

Sunday, 21 July 2013

The old concept of HMRC is worn out

You see Trade's plan is for every person in Ruritania to maintain a personal data store, managed by state-appointed trusted identity providers. That includes both types of person, natural persons and legal persons, i.e. corporations, trusts, and so on. Once these personal data stores are populated, where is the need for the Revenue? A tax farmer app can simply calculate the amount of tax due and make life more convenient for everyone by filing their tax returns for them and direct debiting the money from their bank accounts. It would be naïve of anyone not to see that that is the purpose of a personal data store and that that is also why the Revenue as currently constituted serves no purpose in the digital-by-default new world.
That's what DMossEsq said in his China Syndrome play. Ridiculous of course.

Except that the excellent Dave Birch promptly reported a meeting hosted by Intellect to discuss the possibility of a mobile phone app to make charitable donations and account for Gift Aid at the same time, please see You can take a gift horse to water, but you can’t make it fill out an HMRC declaration.

Certain people are looking for a knockdown argument in favour of personal data stores (PDSs).

"Holding out against PDSs condemns African children to starvation" sounds like a good candidate. Until you examine it.

Is gravity old-fashioned now?

Many people are saying the same thing but none, perhaps, as eminent as Professor Sir John Beddington CMG, FRS, Chief Scientific Adviser to HM Government and Head of the Government Office for Science:
Blurring of public and private identities:
People are now more willing to place personal information into public domains, such as on the internet, and attitudes towards privacy are changing, especially among younger people. These changes are blurring the boundaries between social and work identities. The advent of widespread mobile technology and email enables more people to remain connected to their work out of hours. At the same time, posting mobile phone photographs and videos online has led to a cultural shift where many people broadcast their daily lives and experiences, ceding control over some aspects of identity to others with potentially serious consequences for later life. (p.2)
Sir John doesn't say that the concept of privacy itself is changing.

But other people do, see for example The changing definition of privacy'Like' it or not, privacy has changed in the Facebook agePrivacy in a changing societyFacebook's Mark Zuckerberg says privacy is no longer a 'social norm' and The concept of privacy is now impossible to sustain.

Which is odd because, think about it, when first balloons and then aeroplanes started to fly, no-one said that the concept of gravity had changed.

Saturday, 20 July 2013

UC and the missing £300 million

Hat tip: @Welfare__Reform

The things they say on Twitter!

Universal Credit dead? Surely not.

£300 million down the drain? No. No public administration could waste that much money. Could they?

C.f. 10 December 2012: Universal Credit – GDS's part in its downfall

Friday, 19 July 2013

GDS – an open and shut case

The case
Ex-Guardian man Mike Bracken's Government Digital Service (GDS) is "pivoting", he says.

First GDS pioneered the concept of governments publishing data by creating the award-winning GOV.UK website. Now GDS is "pivoting", which means that it's moving on from mere publishing and it's going to pioneer two-way communication with the mob, the mobile vulgus, who are going to be allowed to undertake on-line transactions in the digital-by-default new world.

Tuesday, 16 July 2013

IPS temporarily Rapsonless

The Identity & Passport Service (IPS) doesn't exist any more, of course, it's now HM Passport Office (HMPO) and the Home Office is IPSless.

The executive director of IPS between about June 2010 and March 2013 was Sarah Rapson. Her predecessor, James Hall, presided over the British public being over-charged for passports by about £300 million a year. He also presided over the disaster of Whitehall's attempted introduction of state-produced ID cards.

Ms Rapson has delivered a £5 reduction in the cost of a 10-year adult passport since then, from £77.50 to £72.50. Otherwise her tenure seems to have been without incident.

She is perhaps lucky that IPS/HMPO were banned from having anything to do with Whitehall's latest attempt to re-enact the ID cards massacre – that honour goes to the Cabinet Office (individual electoral registration and the Identity Assurance Programme) and the Department for Business Innovation and Skills (midata). If you hold futures in either organisation, sell, sell, sell.

Now her luck has broken.

UKBA soon to be Whitemanless

Home Office press release, 27 June 2013:
Rob Whiteman leaves Home Office for new Chief Executive role

Rob Whiteman, Director General of Operational Systems Transformation, is leaving the Home Office to become Chief Executive of the Chartered Institute of Public Finance and Accountancy.

Rob Whiteman, Director General of Operational Systems Transformation, is to leave his role at the Home Office to join the Chartered Institute of Public Finance and Accountancy (CIPFA) as its new Chief Executive.
When he joined in July 2011, Mr Whiteman was chief executive of the UK Border Agency (UKBA). Eight months later in March 2012 he lost the UK Border Force, which was but is no longer part of UKBA. And a year after that in March 2013, the remainder of UKBA was split in two. Leaving Mr Whiteman with nothing to be chief executive of, any more, at least at the Home Office.

Good luck CIPFA.

How many pieces will CIPFA be broken into by March 2015?

mirelationship with midata

"Today’s most successful businesses are the ones that are creative about building customer relationships". That's what Jo Swinson says. It's not obviously true. But she's the Department for Business Innovation and Skills (BIS) minister in charge of consumer affairs and that's how BIS have chosen to try to sell midata.

Saturday, 13 July 2013

Economics made simple

The Department for Business Innovation and Skills (BIS) belatedly issued a press release about the midata Innovation Lab which includes this:
Consumer Affairs Minister Jo Swinson said:

"Today’s most successful businesses are the ones that are creative about building customer relationships. The new ’midata’ Lab is an exciting opportunity to put this to the test and explore how businesses could help customers use the data around their spending habits to make better choices.

"There is a lot to be gained from being open and using the information gathered on customers with their knowledge. Developing new and innovative ways to see data also helps improve customer service which will in turn promote growth. I would encourage businesses and developers alike to take advantage of this opportunity and establish themselves as a market leader in the digital market."
Is that true? Do you have a "customer relationship" with Unilever? If not, it doesn't seem to have stopped Unilever from becoming a pretty successful business. What is Ms Swinson talking about? What does she know about economics? Very possibly, nothing, but it doesn't stop her claiming that midata will "promote growth". Utterly unconvincing, where does this idea come from?

Thursday, 11 July 2013

2½ marks out of 4 for IPS

Open letter to Alastair Bridges, Executive Director Finance, Identity & Passport Service (IPS), 21 October 2010:
You seem to have left Globe House. That’s a good first step on the road to recovery. Time now for a name change, get rid of the word “identity”. Make a clean breast of all the biometrics nonsense. Your Chief Executive has an MBA from the London Business School. She must know that GMAC tested flat print fingerprinting for two years and then dropped it, it’s not reliable enough. GMAC didn’t even bother to test facial geometry, everyone knows it doesn’t work and it must drive you mad at IPS having to pretend that it does. Give yourselves a break, for goodness sake, the nightmare of pretence is over ...

Why does a passport cost £77.50 and not £23? If there’s no good reason, then, as part of your re-launch, along with your new name and address, the renunciation of biometrics and the defenestration of PA, how about putting the price down? Demand would go up and, who knows, IPS might be welcomed once again into communion with your fellow human beings.
Home Office press release, 13 May 2013:
The agency for renewing passports is changing its name to reflect its changing role and official status.

A new name has been given to the agency which produces all UK passports – HM Passport Office ...

Departure from Identity cards

The inclusion of ‘Her Majesty’s’ in the title recognises that passports are the property of the Crown, bear the Royal Coat of Arms and are issued under the Royal Prerogative.

It also marks a watershed moment in the agency’s departure from its association with the National Identity Service and ID cards.
Name change? Yes.

Price reduction? Yes, although not to £23, only to £72.50, a lot further to go.

PA Consulting defenestrated? Yes, for the moment.

Renunciation of biometrics? No. The charade continues.

And what, you ask, of Sarah Rapson, Chief Executive of IPS as was and Registrar General for England and Wales? Another day ...


Updated 16.9.14

The campaign to reduce the price of UK adult passports began on 21 October 2010, please see above. At the time, they cost £77.50, instead of their natural price of £23. From 3 September 2012, the price fell to £72.50. Not enough.

Now the Home Affairs Select Committee wants a further reduction of £15 – Passport office ‘should cut prices, not make a profit’: "The government should stop exploiting the public by making almost £15 profit on every standard passport it issues, a parlimentary committee recommends in a report published today".

That would get the price down to £57.50. Another £34.50 to go before contact is once again made with Planet Earth.

Wednesday, 10 July 2013

Dialogue of the deaf

In accordance with the Justice and Security Act 2013, the Intelligence and Security Committee of Parliament (ISC) has today laid before Parliament its 2012-2013 Annual Report:
... The threat the UK is facing from cyber attacks is disturbing in its scale and complexity: we have been told this year that the threat is at its highest level ever. The theft of intellectual property, personal details, and classified information causes significant harm, both financial and non-financial. It is incumbent on everyone – individuals, companies and the Government – to take responsibility for their own cyber security. We support the Government‟s efforts to raise awareness and, more importantly, to strengthen our nation's defences ...
That's what the ISC say.

Meanwhile, parliament is putting its data in the cloud – so is the Government Digital Service (GDS), HMRC, the MOD and the Home Office – the Cabinet Office is compiling an on-line electoral roll, GDS has appointed eight "identity providers" to make public services digital by default and the Department for Business Innovation and Skills wants us to store all our personal data on the web, in personal data stores.

That makes it hard, to say the least, for "everyone ... to take responsibility for their own cyber security".

Is anyone listening to the ISC?

Smiley's people

Writing in today's Guardian, Simon Jenkins makes the case that reality comprises the bits John le Carré cuts out of his novels.

Tuesday, 9 July 2013

The Shakespeare poll

As noted, Stephan Shakespeare, the founder of YouGov, the political polling organisation, has been asked to devise a national data strategy. He has produced an independent review of public sector information (PSI) in which he says that PSI should be given to innovative data scientists because some good may come of it but it's hard to say what that good might be.

"MPs express concern about the digital by default strategy"

C.f. Digital-by-default, an open letter to the House of Commons Science and Technology Committee and Digital-by-default – an eternal mystery? and Four professors review the Government Digital Strategy and IDAP: the stories our MPs are told and Shakespeare's take on property and ...
From: Science & Technology Committee []
Sent: 09 July 2013 00:01
Subject: Science and Technology Committee Press Release No.18: Embargoed until 00.01am Tuesday 9 July 2013
Attachments: 130617 Chair to Francis Maude.pdf 

Select Committee Announcement

No. 18 (13-14): 8 July 2013


**EMBARGOED until 00.01am Tuesday 9 July 2013**

The Science and Technology Committee has today written to Cabinet Office Minister Francis Maude MP raising a number of concerns about the Government’s Digital by Default strategy – including questions about the potential savings promised by the strategy and its implications for personal data security.

The Committee urges the Government to be clearer about the savings being made as services become Digital by Default, including the costs of designing, or redesigning, online services.

Andrew Miller MP, Chair of the Select Committee said:

“A key justification of the Digital by Default strategy is savings to the taxpayer. Yet it is not evident that the Government is even able to measure these savings.” 

In addition, the Committee is concerned that as public services go online, the Government may not keep up with advances in technology and that inadequacies in Government software may lead to security vulnerabilities. There is a risk that third party suppliers providing identity assurance could pass on their security vulnerabilities.

Andrew Miller MP, said:

“Public trust is absolutely essential. The Government must ensure the integrity and security of data and give people sufficient control over their stored personal information otherwise, the Digital by Default strategy will not succeed. We will continue to monitor the implementation of the strategy.” 

The Committee considered the recently published draft identity assurance principles and suggests that the Government includes a ninth principle stating that (i) if a dispute arises concerning a citizen’s online dataset, that the citizen should be initially presumed correct; and (ii) if a mistake has been made, the citizen’s data should be instantly corrected.

Digital by Default evidence sessions
Science and Technology Committee

Follow the Committee's business on Twitter @CommonsSTC


Committee Membership:
Andrew Miller (Labour, Ellesmere Port and Neston) (Chair)
Jim Dowd (Labour, Lewisham West and Penge)
Stephen Metcalfe (Conservative, South Basildon and East Thurrock)
David Morris (Conservative, Morecambe and Lunesdale)
Stephen Mosley (Conservative, City of Chester)
Pamela Nash (Labour, Airdrie and Shotts)
Sarah Newton (Conservative, Truro and Falmouth)
Graham Stringer (Labour, Blackley and Broughton)
David Tredinnick (Conservative, Bosworth)
Hywel Williams (Plaid Cymru, Arfon)
Roger Williams (Liberal Democrat, Brecon and Radnorshire)

Specific Committee Information: / 020 7219 2793
Media Information: Nick Davies / 020 7219 3297
Committee Website:
Watch committees and parliamentary debates online:
Publications / Reports / Reference Material: Copies of all select committee reports are available from the Parliamentary Bookshop (12 Bridge St, Westminster, 020 7219 3890) or the Stationery Office (0845 7023474).  Committee reports, press releases, evidence transcripts, Bills; research papers, a directory of MPs, plus Hansard (from 8am daily) and much more, can be found on

UK Parliament Disclaimer:
This e-mail is confidential to the intended recipient. If you have received it in error, please notify the sender and delete it from your system. Any unauthorised use, disclosure, or copying is not permitted. This e-mail has been checked for viruses, but no liability is accepted for any damage caused by any virus transmitted by this e-mail.

Monday, 8 July 2013

midata and the BBC. The BBC?

from Craig Belsham's midata blog:
Hi I’m Dan, Director of the midata Innovation Lab, part of the midata voluntary programme ... we will help empower UK consumers in a really meaningful way ...
The BBC are not paid to talk twaddle with a lot of armchair economists.
They are wasting our money,
they shouldn't have joined in the first place
and they should resign from mIL now.

Following last week's exciting launch of the midata Innovation Lab (mIL), now that the party's over, let's take a look at the structure of the organisation. It's a partnership apparently, "a collaboration of the following 22 Founding Partners, respected organisations collaborating with real data to work out how the UK both empowers and protects consumers whilst innovating with data":

Sunday, 7 July 2013

Communications Data Bill? Unnecessary

"Où sont les Neigedens d'antan?" Yossarian said ...

We are all naïve, the Spectator said, if we imagine that the security services don't intercept all the communications they can. That's their job. What do we expect? It's for our own good. We'd be rightly furious if they didn't ...

There's something wrong with that argument.

Thursday, 4 July 2013

The on-line safety of the mooncalves

You are being asked to take risks for no known return

Dr Jekyll
You already know about the risks of on-line fraud. Everyone does. The media are full of stories about the dangers.

The UK government is alert to the problem:
  • There's a £650 million budget for cybersecurity.
  • Last September, the Department for Business Innovation and Skills (BIS) – together with the Foreign Office, the Home Office, the Cabinet Office and GCHQ – called in the chief execs and chairmen of the FTSE 100 companies to get them to spruce up their on-line act.
  • The Director of GCHQ is quoted as follows: "Every day, all around the world, thousands of IT systems are compromised. Some are attacked purely for the kudos of doing so, others for political motives, but most commonly they are attacked to steal money or commercial secrets. Are you confident that your cyber security governance regime minimises the risks of this happening to your business? My experience suggests that in practice, few companies have got this right".

Wednesday, 3 July 2013

Wanted: 1,000 mooncalves

You may have mercifully forgotten all about midata.
Well bad luck, because midata excitement is about to sweep the nation.

23 May 2013: "Hi I’m Dan, Director of the midata Innovation Lab, part of the midata voluntary programme. I wanted take this opportunity to share my vision for the lab, or mIL as we call it", said Dan Bates, who is gamely Working with business to fan the flames of innovation.