The following open letter has been sent by email and by post to Phil Pavitt in his capacity as HMRC Director General Change, Security and Information with a copy to Lin Homer, Chief Executive, HMRC:
[Skyscape has subsequently changed its name to UKCloud: "London – August 1, 2016 – Skyscape Cloud Services Limited, the easy to adopt, easy to use and easy to leave assured cloud services company, has today renamed and relaunched as UKCloud Ltd (www.ukcloud.com), to reinforce the company’s exclusive focus on supporting the UK public sector in the digital transformation of services".]
[Skyscape has subsequently changed its name to UKCloud: "London – August 1, 2016 – Skyscape Cloud Services Limited, the easy to adopt, easy to use and easy to leave assured cloud services company, has today renamed and relaunched as UKCloud Ltd (www.ukcloud.com), to reinforce the company’s exclusive focus on supporting the UK public sector in the digital transformation of services".]
Updates:
HMRC and Skyscape Cloud Services Ltd
Thank you for your letter dated 22 October 2012 [2] in response to my letter to Lin Homer dated 11 October 2012 [3].The point is well taken, of course, that for security reasons HMRC can’t say what data is held where. We're in we-can-neither-confirm-nor-deny territory here. It’s difficult but, given the bizarre nature of the Skyscape contract, HMRC are going to have to find some way to reassure the public about the security with which our tax records, both personal and corporate, are being held.“The data will continue to be kept in accordance with existing legislation and HMRC security policies”, you say. I should hope so, too – the public want, need, deserve and pay for nothing less.But your statement begs the question.The public is bound to assume that the data to be stored at Skyscape’s cloud computing facilities is the tax records of every individual and legal person in the country. What other data does HMRC have?And the public is bound to assume that our data is intended to be stored at Hartham Park, Corsham, Wilts SN13 0RP because that’s the address of the registered office of Skyscape Cloud Services Ltd and it’s the address of the registered office of its “ally” ARK Continuity Ltd and it’s the address of ARK’s Spring Park data centre as noted for everyone to see on ARK’s website [4]. If that isn’t a breach of security, what is?Skyscape is a young start-up, it hasn’t yet submitted any accounts to Companies House, it has no track record, it has only one director and he owns all the shares in the company. If the Government Procurement Service (GPS) and HMRC believe that Skyscape is an appropriate company to trust with the care of our tax records, then there is something wrong with GPS’s and HMRC’s selection criteria.CloudStore make the point that the inclusion of a company and its services in its on-line store is not a warranty of appropriateness. It’s up to the customer – in this case HMRC – to determine appropriateness. Eleanor Stewart, the Assistant Director of G-Cloud, says [5]: “as with everything on the G-Cloud framework the customer can determine whether they are happy with any associated risk at the point of selection”.The references to GPS and to CloudStore in your letter can provide the public with no comfort.You mention the Skyscape Cloud Alliance [6] in your letter.Goodness knows what ARK Continuity is doing in the Alliance. HMRC doesn’t promote itself as being in an alliance with Mapeley. Why does Skyscape expect the public to find it commercially persuasive to include its landlord in the Alliance?QinetiQ, VMware, Cisco and EMC on the other hand are all industry leaders and if HMRC had entered into a contract with a joint venture company involving them then we wouldn’t be having this correspondence.But you haven’t.HMRC have entered into a contract with a one-man start-up. That was the case before you wrote your letter and it remains the case subsequently. The question therefore persists, how can HMRC make such an odd-looking decision? How can they risk the nation’s tax records on Skyscape?There’s no joint venture company there for a Tax Inspector to get his or her teeth into. Just an “alliance”. What is an alliance in this case?The contract is to provide cloud computing services. “Cloud computing” means losing control [7]. Whitehall promotes cloud computing on the basis that it turns IT into a utility [8]. That is not attractive, as this month’s news about gas and electricity prices will confirm.None of us has control over the price our suppliers charge for gas and electricity at home or control over their staff. If HMRC enter into a cloud computing contract with any supplier, big or small, they will have the same problem. How can HMRC risk the nation’s tax records on cloud computing?Salesmen sometimes unfortunately make over-enthusiastic claims about cloud computing being more resilient, secure and efficient than the alternatives. Lawyers don’t believe them. Lawyers don’t use cloud computing. Lawyers are paid to keep their clients’ data under control and confidential. So are public authorities like HMRC.As I write, I note that the latest cloud computing débâcle is unfolding. Amazon are the biggest cloud computing suppliers in the world and they’ve just had a 12-hour outage [9].Our tax records are currently stored on hundreds of servers at “multiple” HMRC offices, you say. Good. That looks secure. Much more secure than storing them all in one place with a one-man start-up in some sort of nugatory alliance. And, since you mention it, the allegedly dainty carbon footprint of cloud computing will be no consolation if our records go up in smoke.According to HMRC’s press release [10] the Skyscape contract will save £1 million a year on running costs. We need to be guided here by the National Audit Office (NAO) report on HMRC’s on-line filing [11].The NAO examined HMRC’s £8 billion 10-year ASPIRE contract with Capgemini and said:HMRC uses a range of indicators to measure the performance of its ICT services, which include online services, and it measures availability that relates specifically to online filing. HMRC has a high-level view of the overall costs of ICT provision through the ASPIRE contract. It has been taking steps to improve that information and achieve cost savings. It does not yet have a detailed breakdown of the costs of online filing services, so it cannot benchmark those costs to assess their value for money. HMRC is currently negotiating with the ASPIRE contractors to obtain a clearer breakdown of the costs of ICT services provided. (p.8)Also:[HMRC] should proceed with its plans to identify ICT costs specific to online filing services and ensure that current negotiations with the ASPIRE contractors provide sufficient breakdown of cost information for regular benchmarking of costs. (p.13)In the circumstances, with the suppliers not even prepared to tell HMRC what they are charging for, some scepticism is in order about claims to be able to identify £1 million of on-line filing costs in among the £8,000 million.CESG have rescued the nation before from other-worldly decisions taken by Whitehall. The Home Office wanted to use DWP’s National Insurance number database as the National Identity Register for the ID cards scheme. CESG pointed out that it was inappropriate and that was the end of that [12].Let’s hope that they repeat the trick in their review of Skyscape. I look forward to a small piece appearing in the technical press somewhere out of the way regretting that for security reasons which cannot be given the HMRC contract with Skyscape has had to be revoked.Yours sincerelyDavid Mosscc Lin Homer, Chief Executive, HMRCChartered Institute of TaxationInstitute of Chartered Accountants in England and Wales
[1] HMRC and Skyscape 2, http://www.dmossesq.com/2012/10/hmrc-and-skyscape-2.html[2]Things happen when Lin Homer's in the loop. Fast., http://www.dmossesq.com/2012/10/things-happen-when-lin-homers-in-loop.html[5].gov.uk hosting bought through G-Cloud, http://gcloud.civilservice.gov.uk/2012/09/18/first-iaas-purchase-completed/#comment-2029[7]Cloud computing and the Gadarene lemmings of Whitehall, http://www.dmossesq.com/2012/10/cloud-computing-and-fashion-conscious.html[8]Cloud computing turns IT into a utility, and that's a good thing?, http://www.dmossesq.com/2012/10/cloud-computing-turns-it-into-utility.html[9]Amazon outage started small, snowballed into 12-hour event, http://www.networkworld.com/news/2012/102312-amazon-outage-263617.html[10]HMRC first for new IT contract, http://press.hmrc.gov.uk/Press-Releases/HMRC-first-for-new-IT-contract-680b1.aspx[11]HM Revenue & Customs – The expansion of online filing of tax returns, http://www.nao.org.uk//idoc.ashx?docId=cd237708-5c6b-472a-af13-f432f80d80cc&version=-1[12]ID card scheme ditches DWP database, http://www.computerweekly.com/news/1280092192/ID-card-scheme-ditches-DWP-database
24.5.12 | Phil Pavitt says "we don't currently have ID authentication in UK government". |
24.10.12 | Letter emailed to Phil Pavitt and Lin Homer |
25.10.12 | Hard copy of letter posted to Phil Pavitt and Lin Homer, links sent to Eleanor Stewart, CIOT and ICAEW |
28.10.12 | Re last two paragraphs of letter, see Andy Smith affair. |
4.11.12 | US government argue that signing a cloud services agreement reduces your property rights in the data stored in the cloud, according to EFF. |
13.11.12 | Cloud computing, and GDS's fantasy strategy: "To which, all one can say is that there must be something wrong with the Cabinet Office, GPS and HMRC procurement criteria ...". |
23.11.12 | UK.gov to upgrade buying tool after mega cockup downs £1bn deal – Government Procurement Service computer system incapable of handling tenders for government procurement. |
26.11.12 | HMRC soon to be Pavittless – will Aviva store all our insurance details with Skyscape? |
