Why haven't GDS announced their identity assurance strategy yet?
The suspicion is growing that they haven't got one.
In the absence of any news about the Government Digital Service's plans for identity assurance your gaze may fall upon ex-Guardian man Mike Bracken's blog post about the release last week of GOV.UK, the new single government domain, the partial implementation of Martha Lane Fox's "digital by default".
Why does GOV.UK matter?
Good question.
Local Authority Review – Citizen Online Identity Assurance
September 2012
[IdA = identity assurance
LA = local authority]
... Communication is seen as key and it was suggested that a national campaign run by trusted organizations (e.g. Citizen’s Advice Bureau and other voluntary organizations) would be helpful.
Communications to build citizen trust and highlight the benefits such as a reduction in bureaucracy for both citizens and the LA, are seen as key. Once a proven nationally recognised approach is in place with a recognised and trusted branding, it is suggested that the branding could then be integrated into LA websites. LAs would then feel more confident about communicating the concept at the local level. Through a variety of channels awareness raising could be undertaken. Suggested approaches include citizen training in libraries and other venues with high citizen footfall, contact through third sector and voluntary organizations, articles in free newspapers and council magazines, promotions through the housing advice bus visits and web promotion.
Another important step for LAs is to gain a sound understanding through customer research on how the idea of federated IdA might be received by different sectors of the population6. Usability and accessibility are also a key concern to ensure that processes are not over-complicated – it may be more appealing to undertake repeated simple registrations and sign-ons than one complicated procedure especially when the goal is to undertake a simple transaction ...
Whilst there is some mention of a national agenda, the most common drivers for online citizen IdA are cited as corporate strategy, service needs, cost reduction and efficiencies. Although there has been no explicit demand from citizens (other than around privacy concerns), improvement of the customer experience also appears to be a motivating factor.
In response to these drivers authorities have strategies either in place or in development to take forward service transformation, channel shift and/or improved customer service. Key principles of these strategies include digital by default (or at least by citizen preference), escalation of a self-service culture allowing greater focus on the more vulnerable, multiple channel access, and device independence.
IdA is not always discretely identified within these strategies although a number of authorities articulated its importance in terms of being an architectural building block and an enabler. Business cases do not tend to be written for IdA but rather it is included as an element within business cases for channel shift/service improvement programmes (e.g. Individual Electoral Registration Programme). So whilst it may not be explicitly referenced, there was general consensus that IdA is an important part of the infrastructure and is an integral part of channel shift which will allow a more coherent approach to the citizen.
The developing theme of single sign-on and a standardized approach to IdA is however juxtaposed with emerging imperatives. The advent of adult social care budgeting, and new government policies on troubled families is likely to drive LAs to seek further single service solutions to add to the mix.
”… because of the need to respond to welfare reform the view was that we can’t wait so we’ll do it and then fix it, federate it later.”
Lee Hemsworth, Chief Officer (Intelligence and Improvement), Leeds City Council ...
----------
6. Relevant studies include Group Identity Assurance – User tests results from the Happy Use Case, UCL Department of Computer Science Information Security Research and UC IDA claimant testing Findings, DWP Insight Team
And one which has obviously been occupying the executive director of GDS. In Why GOV.UK matters: A platform for a digital Government he writes:September 2012
[IdA = identity assurance
LA = local authority]
... Communication is seen as key and it was suggested that a national campaign run by trusted organizations (e.g. Citizen’s Advice Bureau and other voluntary organizations) would be helpful.
Communications to build citizen trust and highlight the benefits such as a reduction in bureaucracy for both citizens and the LA, are seen as key. Once a proven nationally recognised approach is in place with a recognised and trusted branding, it is suggested that the branding could then be integrated into LA websites. LAs would then feel more confident about communicating the concept at the local level. Through a variety of channels awareness raising could be undertaken. Suggested approaches include citizen training in libraries and other venues with high citizen footfall, contact through third sector and voluntary organizations, articles in free newspapers and council magazines, promotions through the housing advice bus visits and web promotion.
Another important step for LAs is to gain a sound understanding through customer research on how the idea of federated IdA might be received by different sectors of the population6. Usability and accessibility are also a key concern to ensure that processes are not over-complicated – it may be more appealing to undertake repeated simple registrations and sign-ons than one complicated procedure especially when the goal is to undertake a simple transaction ...
Whilst there is some mention of a national agenda, the most common drivers for online citizen IdA are cited as corporate strategy, service needs, cost reduction and efficiencies. Although there has been no explicit demand from citizens (other than around privacy concerns), improvement of the customer experience also appears to be a motivating factor.
In response to these drivers authorities have strategies either in place or in development to take forward service transformation, channel shift and/or improved customer service. Key principles of these strategies include digital by default (or at least by citizen preference), escalation of a self-service culture allowing greater focus on the more vulnerable, multiple channel access, and device independence.
IdA is not always discretely identified within these strategies although a number of authorities articulated its importance in terms of being an architectural building block and an enabler. Business cases do not tend to be written for IdA but rather it is included as an element within business cases for channel shift/service improvement programmes (e.g. Individual Electoral Registration Programme). So whilst it may not be explicitly referenced, there was general consensus that IdA is an important part of the infrastructure and is an integral part of channel shift which will allow a more coherent approach to the citizen.
The developing theme of single sign-on and a standardized approach to IdA is however juxtaposed with emerging imperatives. The advent of adult social care budgeting, and new government policies on troubled families is likely to drive LAs to seek further single service solutions to add to the mix.
”… because of the need to respond to welfare reform the view was that we can’t wait so we’ll do it and then fix it, federate it later.”
Lee Hemsworth, Chief Officer (Intelligence and Improvement), Leeds City Council ...
----------
6. Relevant studies include Group Identity Assurance – User tests results from the Happy Use Case, UCL Department of Computer Science Information Security Research and UC IDA claimant testing Findings, DWP Insight Team
"GOV.UK is not Government on the Internet, but of the Internet". Does anyone have any idea what that means?
GOV.UK has been designed with transparency, participation and simplicity at its core. It will always be based on open standards, and is unapologetically open source. This architecture ensures its integration into the growing ecosystem of the Internet. Inevitably, innovation will follow, driven from within and without. GOV.UK is not Government on the Internet, but of the Internet.
Would it help to try another preposition? "GOV.UK is not Government on the Internet, but under the Internet", perhaps?
It doesn't help, does it.
That's because whether we're talking about government deeply in debt to the internet or government carried out without even a passing interest in the internet, GOV.UK isn't government. It's a website.
When he uses the words "transparency", "participation", "simplicity", "open standards", "open source", "ecosystem" and "innovation", this is ex-Guardian man Mike Bracken presenting his credentials. It is a homage to what he describes as Tim O'Reilly's "seminal work Government as a Platform".
Mr O'Reilly's seminal work, if you care to read it, is many things:
- A gratuitous endorsement of President Obama's healthcare legislation.
- A cod history of commerce and civic action since the days of Benjamin Franklin.
- An attack on IBM and Microsoft for being monopolies (nearly).
- Praise for Amazon, Google, Facebook and Apple for being monopolies (nearly).
- An expression of Mr O'Reilly's fascination with technology.
- And of his belief that only crowds have wisdom.
- And that individuals know nothing.
- Apart, presumably, from Mr O'Reilly.
There has been some news about identity assurance.
Amanda Derrick OBE, a fairly recent addition to the GDS team, an escapee from the Gove Terror at the Department for Education, presented a report yesterday on Identity assurance for local government services.
Who wrote this report?
Someone too bashful to tell us. Someone lacking the assurance to identify themselves.
Whoever it was rang up 16 local government officers and had a chat with them. A long extract from the resulting report is quoted alongside. It doesn't make much difference if you read it forwards or backwards.
Digital by default is about delivering public services. Most public services in the UK are delivered by local government and yet GDS left it until July 2012 to commission this report.
What it tells them is that they don't know much about what is needed, by way of identity assurance, by the people who actually deliver public services and by their parishioners.
Why haven't GDS announced their identity assurance strategy yet? The suspicion is growing that they haven't got one.
