Monday 2 December 2013

Curtains for midata

Tom Loosemore is "not 'appy. Not 'appy at all"

It was two years ago, 3 November 2011, that Ed Davey when he was still at the Department for Business Innovation and Skills (BIS) told the world about midata: "Today’s announcement marks the first time globally there has been such a Government-backed initiative to empower individuals with so much control over the use of their own data".

That data could form the basis for a new industry. Ctrl-Shift, the consultants advising BIS, told us that "access to such data represents a ‘holy grail’ data to companies because it explains why people do what they do and predicts what they are going to do next".

There was a perfunctory consultation and BIS issued a press release listing 10 ways that apps in a midata future could shape our choices, including this: "So where your favourite restaurant has deals or offers, you could be alerted in advance to take advantage and make a booking. Combined with other services, the programme could also indicate where you could save money or improve your health by eating elsewhere, drinking less or going out less".

The voluntary midata scheme became the statutory midata scheme when the Enterprise and Regulatory Reform Act 2013 was passed, including the Supply of Customer Data clauses 89-91: "The Secretary of State may by regulations require a regulated person to provide customer data (a) to a customer, at the customer’s request; (b) to a person who is authorised by a customer to receive the data, at the customer’s request or, if the regulations so provide, at the authorised person’s request" etc ...

Then the midata Innovation Lab (mIL) was set up with 22 Founding Partners including the likes of the BBC, Which?, Ofgem and nPower. "Hi I’m Dan, Director of the midata Innovation Lab, part of the midata voluntary programme", said Dan Bates, who was Working with business to fan the flames of innovation, "... we will help empower UK consumers in a really meaningful way ...".

That was May 2013, six months ago, and since then the mIL has been beavering away producing apps to demonstrate the incontrovertible value of midata and as we saw in midata kickstarts a collective inflection point in business they've produced five of them.

Five Prototype apps – MI Energy, MI Finance, MI Relative Calm, MI Health and MI Move.


Do you know how many apps there are in the world?

Let's narrow that down a bit.

Do you know how many Android apps there are in Google's Play store?

According to a 24 July 2013 article on, Android's Google Play beats App Store with over 1 million apps, now officially largest: "Android's Google Play store has just officially reached over 1 million apps and it is now finally outgrown the Apple App Store and its 900 000 applications".

Take a quick look at Apple's iTunes App Store and the apps on Google play and on Microsoft's Windows Phone store. Then go back and have another look at mIL's five apps.

They're just me-toos.

There's no innovation.

There's a thriving and dodgy apps industry out there already, mIL can't hold a candle to it and why should it even try? The whole exercise was predictably fatuous and now BIS have proved it.

(What's the difference between downloading an app and downloading a virus? Answers on a postcard, please.)

Professor Sir Nigel Shadbolt has recorded a short video saying that mIL's five prototype apps allow us to "get to the future more quickly". It may help to explain that he is the chairman of the midata programme. And chairman and co-founder of the Open Data Institute.

You may agree that he is just putting a brave face on failure.

But that doesn't matter.

Your opinion doesn't count.

BIS will do what it wants and the devil take the evidence. Craig Belsham, who "heads up" the midata programme at BIS, warns us on his blog that: "We have learnt a lot but there is still much to do to ensure midata reaches mass market appeal. Please do look at the apps and read the report and share any thoughts you may have ... And please come back here and follow us on twitter for updates on a possible next stage for the midata Innovation Lab".

But there is potentially an effective impediment to a next stage for mIL.

Cast your mind back to a post by Tom Loosemore, the deputy director of the Government Digital Service (GDS), 12 March 2013, We’re not ‘appy. Not ‘appy at all.:
The points we’ll be making to anyone in central government wanting permission to start work on a mobile apps are:
- government’s position is that native and hybrid apps are rarely justified
- make sure your service meets the Digital by Default Service Standard and it will work well on mobile devices (responsive HTML5)
- make your data and/or API available for re-use and you will stimulate the market if there is demand for native apps
The 5 questions civil servants should ask before contemplating asking for an exemption are:
1. Is our web service already designed to be responsive to different screen sizes? If not, why not?
2. What is the user need that only a native/hybrid app can meet?
3. Are there existing native/hybrid apps which already meet this user need?
4.. Is our service available to 3rd parties via an API or open data? If not, why not?
5. Does meeting this need justify the lifetime cost of a native or hybrid app?
We are not ‘banning’ apps outright. For example, the NHS-funded ‘Change 4 Life’ healthy lifestyle apps rely on a persistent 24/7 presence on users’ mobiles to try to persuade people to eat and drink more healthily.

But we are backing open standards, in this case the Web ...
GDS don't want apps. BIS will have displeased GDS by having mIL develop apps. And what happens when you displease GDS? They "route round" you. That's curtains for midata.


Updated 12:01

Among other apps, mIL have developed MI Move. You can't buy MI Move. It doesn't exist. It's not a product on the market. On the other hand, you can buy Moving Planner from the Google play store. For 63p:

Moving Planner is a "configurable moving planner with everything needed to plan your house moving. Save all the time typing the moving list as it comes pre-populated with more than 210 house moving related items. Easy and very intuitive thumb friendly check/uncheck options.

"For just $2 more, you can also get "Ultimate Checklist" that includes 52+ occasions and 12,000+ items including moving and lot more".

You might do better to make a list using pencil and paper.

Why do we need primary legislation and a midata unit at BIS and a knighted IT professor to nearly but not quite reproduce what the market has already provided? How will that make the economy grow?

Suppose that mIL or whoever manage one day to turn MI Move into a product:
  • What control would you have over your data if you give permission for MI Move to process it?
  • What reason would you have to trust the suppliers of MI Move with your data?
  • Once you've downloaded MI Move onto your phone or whatever, what other data of yours would the app be able to access and transmit back to who knows whom?

Update 18:14

Among other apps, mIL have developed MI Health, which allows you to monitor your weight and your blood pressure. And to share your supermarket bills with your GP.

"Is there any equivalent app available on Apple's app store?"

Funny you should ask but, for 69p, you can buy iBP Blood Pressure by Leading Edge Apps LLC:

It's not obvious that this app will give your GP access to your shopping habits.

But then it's not obvious that your GP has time to read the Sainsbury's till roll. Nor that he or she can tell by reading it which items you ate and which were consumed by the dinner party guests last Saturday.

What benefit do you acquire by using MI Health or iBP Blood Pressure?

The answer is, again, not obvious.

The suppliers of the apps, on the other hand, may earn more than 69p from the relationship.

According to the Financial Times (FT), "an investigation earlier this summer of 43 popular health and fitness apps conducted by advocacy group Privacy Rights Clearinghouse found “considerable privacy risks” not described in the app privacy policies ... “Consumers should not assume any of their data are private in the mobile app environment – even health data that they consider sensitive,” the report stated ... Exclusive research conducted for the Financial Times by Evidon, a web analytics and privacy group, found that the top 20 most visited apps transmit information to a web of nearly 70 companies".

There is no suggestion that iBP Blood Pressure is one of the apps included in the FT investigation, nor that Leading Edge Apps LLC is one of the suppliers, but some suppliers in the industry (we customers can't tell which) are selling their customers' data to organisations who use it for targeting advertisements or other purposes and that is not, in general, what we think we have contracted for.

The midata vision of consumer empowerment. That was the title of the BIS press release, back in the Ed Davey days, November 2011. But who is the consumer who is being empowered? The person with the weight/blood pressure problem paying 69p? Or the marketeer/insurer paying for their data?

Update 3.12.13:

Updated 4 February 2014:

You know that bit in the post above about "(What's the difference between downloading an app and downloading a virus? Answers on a postcard, please.)"? Well, no postcards received, but someone did trip over this article:
92% of Top 500 Android Apps Carry Security or Privacy Risk

27 January 2014

About 460 of the top 500 Android applications create a security or privacy risk when downloaded to Android devices, according to new research. And that’s largely because of a lack of user education, and the fact that mobile users don’t mind sharing personal information for free apps in return.

MetaIntell, a vendor that specializes in cloud-based mobile risk management (MRM), set about testing the top apps in a range of stores, including Amazon, CNET, GETJAR and the official Google Play store. It found that more than 92% of the applications it tested used non-secure communication protocols, while 60% communicate with domains that are blacklisted by a reputation service ...
That article follows another cheerful one a month earlier, 100% of Top Paid Android Apps Have Been Hacked. It's not just Android/Google, but iOS/Apple, too: "56% of the Top 100 paid Apple iOS apps have been hacked".

Are these articles reliable? No idea. But if they are, then the security, privacy and control on offer from midata are questionable.

The people who maintain your personal data store (PDS) might or might not be trusted. Or trustworthy. That's up to you to decide.

But you don't have a clue about the third parties who develop apps.

The "identity providers" like Mydex who maintain PDSs are due to be paid a pittance by the government. Less than £1 per PDS. That's not enough to live on. They need more money than that to survive.

They could try to charge us as well as the government. But then we'll start to lose interest. Or they could try to make a bit on the side by charging a commission to the third party app developers for access to our PDSs. That's the developers whose apps allegedly "carry security or privacy risk" and which have allegedly been "hacked". No thank you.


Updated 5 February 2014:

The midata Innovation Lab produced five modest prototype apps.

Input came from the troika of BIS, Mydex and Ctrl-Shift, with additional consultancy advice from Manning Gottlieb and Atlantic Customer Solutions, oversight from RWE npower and O2, and implementation/coding done by Natural Interaction and Allfiled UK.

MI Energy is by Allfiled UK ("All about trust"). The other four apps are by Natural Interaction, a company with £30 of share capital behind it.

Take a look at MI Relative Calm, the app designed to manage care for your elderly relative ("Ruby") and to promote a sense of calm in you.

"Your relative's bank can supply data to help you keep track of any unusual activity that could indicate they've been taken advantage of", the app tells us. That is achieved by having the app download bank statements. We are also told that the app can "connect to your relative's energy supplier to make sure that their home environment is at a healthy temperature".

To achieve that, the app must have the user IDs and passwords to log on to Ruby's bank and energy suppliers. How do you know that the app doesn't pass those logon details back to Natural Interaction or to another third party? You don't. And the midata Innovation Lab haven't told us.

Who will vet apps to make sure that logon details are not being sent to any unauthorised parties? The midata Innovation Lab haven't told us.

Does a connection with midata imply that an app is trustworthy? Suppose that Ruby is the victim of fraud and it turns out that the wherewithal for committing that fraud came from your midata app. Suppose further that the bank refuses to compensate Ruby because you have revealed her logon details to a third party. Can you sue BIS? Or anyone else? The midata Innovation Lab haven't told us.

Remember, midata is meant to "empower the consumer". Funny way to go about it.

Now how calm are you feeling?

Meanwhile, back at the Cabinet Office, their Identity Assurance programme (IDA) promotes the idea that we should all have an on-line identity that can be vouched for by one or more "identity providers", e.g. Mydex.

This is a government-backed scheme. It should be solemn, conservative, confidence-inspiring, dependable, trustworthy.

People will expect a respectable and dignified relationship with their "identity providers".

They will not expect to discover that, via BIS, their "identity providers" are hand in glove with unknown app developers, upon the commissions payable by whom the "identity providers" depend for their survival.


Updated 6 February 2014:

Among other apps, mIL have developed MI Relative Calm. The story in this app revolves around Ruby, an elderly lady who needs caring for.

Log into the app and you'll find that it claims to monitor Ruby's health. Clearly mIL have got poor old Ruby permanently wired up to a lot of gadgets not only taking her pulse, counting her footsteps and measuring her sleep but also pronouncing on what is and isn't normal.

This expert app also monitors her energy usage and declares that "Ruby's home is at a safe temperature and her energy usage is normal".

And it monitors her bank account. The app is "clever" enough to know that a£500 withdrawal from her account is abnormal. Although not clever enough to send anyone a text.

Here are two characters in the app, John and Anne, using the chat facility to discuss the suspicious account activity, in one of the worst pieces of dialogue ever scripted. They speak in a winsome style never before observed in human beings. The conversation starts at the bottom of the sidebar on 29 October 2013 and finishes at the top, eight days earlier, such is midata's attention to detail.

21/10/2013 14:30
Yes please. Could you ask them for advice on how to stop this kind of thing?
21/10/2013 11:45
Shall I call the police? I can meet them with your mum.
29/10/2013 11:40
Oh no, I was worried something like this might happen.
29/10/2013 11:30
Not good news, someone knocked on the door at told Ruby that her gutters were blocked and it would cause damage. After they cleaned them, they took her to the cashpoint and took out the money.
29/10/2013 08:20
No John, I'll pop round and find out
29/10/2013 02:00
Hi Anne, do you know why mum took out £500 yesterday?
It turns out that John is Ruby's son. When he spotted the unusual activity on his mother's bank account, he didn't ring her. He rang Anne, the carer. Three days later, according to the bank statement.

You might wonder why Ruby didn't ring him, but it soon becomes clear that her son is inhuman, so there would be no point.

Ruby has been strongarmed by some ghastly man into giving him £500. Is the despicable John going to visit his mother and comfort her? No, he asks Anne to arrange for the police to do it. Anne doesn't demonstrate any sympathy either. Let's hope the police are a bit nicer.

This is mIL's idea of how to care for the elderly. Useless.

And note that all the gadgets are useless, too.

Despite being marched to the bank by a threatening man demanding money, Ruby's pulse remains normal according to her monitor and the number of steps she has taken during the day remains average. She hasn't lost any sleep and the house is still warm so there really is nothing for John to worry about. His mother's inner turmoil doesn't show up on any of the dials.

midata is meant to empower the consumer and to make the economy grow. This app developed by mIL is utterly irrelevant to either purpose.

midata is also meant to help its users to make rational decisions. But not, apparently, human decisions.

Updated 12.4.14
Au Royaume-Uni, cinq applis pour une conso protégée

... Le Midata Innovation Lab, division opérationnelle du programme, a accouché de cinq applis ...

Ce sont des prototypes, mais certaines de ces applis pourraient être diffusées sur le marché.
Cinq applis complètement moches more like. Perfidious Albion fooling the poor old French again.

Updated 18.8.14

Here's a trick the midata Innovation Lab missed:
Swiss Cows Send Texts to Announce They’re in Heat

ZOLLIKOFEN, Switzerland — When Christian Oesch was a boy on his family’s hog farm, cellphones were a thing of the future. Now, Mr. Oesch tends a herd of dairy cattle and carries a smartphone wherever he goes. Occasionally he gets an SMS from one of his cows.

That is because Mr. Oesch, 60, who cares for a herd of 44 Red Holstein and Jersey dairy cows, is helping to test a device that implants sensors in cows to let farmers know when they are in heat. When that is the case, the device sends an SMS to the farmer’s phone. The Swiss do not settle for half measures: the SMS can be in any one of Switzerland’s three main languages — German, French and Italian — plus English or Spanish ...

Daniel Auf Der Mauer for The New York Times
Christian Oesch is testing a device that sends an SMS to his phone when a cow is sexually active.

No comments:

Post a Comment