Sunday 29 December 2013

RIP IDA – individual electoral registration


The key to success with regard to IER lies in being boring.
The more boring the better.

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

If all goes well, the media will pay not the slightest attention to the changes promised for 2014 in the way the electoral register is compiled in Great Britain.

Beginning on 10 June 2014, England and Wales will switch from compiling the electoral register on a household basis to individual electoral registration (IER). In Scotland, the equivalent date is 19 September 2014 – the delay there is to cater for the referendum on Scottish independence.

IER will be a yawn and a bore. That's if all goes well. The new electoral register will be ready for the 2015 general election and it will be complete enough and accurate enough not to impugn the legitimacy of the election result.

The Electoral Commission published a readiness report back in October 2013. They've got the forms ready and they just need political approval before Electoral Registration Officers (EROs) send them out to individuals to register. That will be in July 2014 and there will be an accompanying public awareness campaign.

It is to be hoped that that public awareness campaign will be workmanlike, clear, simple and above all uncontroversial. Dull. Worthy. Yawn-inducing, as befits a highly respected, confident and mature democracy.

There are a few worryingly interesting bits of IER.

Confirmation
There is the "confirmation" element, for example:
The Government’s plan for the introduction of IER includes the intention to compare existing electors’ names and addresses on the electoral registers with records held by the Department for Work and Pensions (DWP) in order to verify the identity of people currently on the registers. This process is known as ‘confirmation’.
EROs will be provided with reports comparing their electoral register records with records on DWP's Customer Information System database (CIS). On the basis of trials already carried out, it is expected that about 75% of the electoral register can be "confirmed" in this way.

How good is CIS?

Back in April 2007 there were about nine million records on CIS that no-one could account for, please see Fraud fear as millions of NI numbers are lost. Surely, you may say, DWP could clean up their data? They already had. Before the clean-up, there were more like 20 million unaccountable records according to David Blunkett.

Back in the old days of the National Identity Scheme/Service (2002-10 RIP) when we were all going to have government-issued identity cards (RIP), the Identity & Passport Service (RIP) were going to build a brand new National Identity Register (RIP). Then they decided to use CIS instead ...

... and then the National Audit Office (para.4.13, p.23) pointed out that they could only use CIS if it met the security standards laid down by CESG, the information assurance arm of GCHQ. Which it didn't, please see the Public Administration Select Committee report Good Governance – effective use of IT, pp.295-304, particularly para.24ff. At which point the whole ID cards project collapsed into obvious chaos.

The Electoral Commission may say that CIS confirmation will "verify the identity of people currently on the registers" but they're just being polite. If there's a mismatch between CIS and the electoral roll, which database is right? Neither of them? Is it the EROs' job to clean up the CIS? No. It's all too interesting. No more chaos. Expect CIS confirmation quietly to disappear.

Verification
In one sense there's nothing new about "verification". It's always been the EROs' job to verify that people are who they say they are and that they are allowed to vote. EROs know how to do that and they will continue to verify the entitlement to vote, boringly it is to be hoped, without fuss and behind the scenes.

But there is supposed to be a new element in 2014, an IER digital system for verification, please see para.1.12 onwards in the readiness report:
1.12 ... [the] Commission has some remaining concerns around the timetable for developing the other significant element of the system - for verifying electors’ personal identifiers under IER ...

1.13 We are aware that some testing of the system has recently taken place ... We understand that there are further tests on the algorithm to be completed ...

1.15 ... the system for verification has not yet been fully tested, and according to the current plans will not have been fully tested until March 2014 ... We understand that the testing programme will be conducted on a rolling basis between now and next March, but the key risk is that it will not be fully clear until then whether the system is fully robust ...

1.17 We have not yet seen a detailed plan for the full testing process, although we understand from officials that this will be shared shortly ...

1.18 It will be important for this testing to demonstrate the ability of the system to cope with the volume of registrations ... We (and EROs) ... await reassurance on this point.

1.19 It is also important for effective and realistic contingency plans to be put in place in the event that problems with the verification system do arise ... We have not yet seen any detailed plans although we are aware that the [Electoral Registration Transformation] Programme team are working on them. We would welcome sight of them when they are available ...
It's not clear from the quotations above what digital identity verification is. The only thing that is clear is that the Commission's welcome for this new component of IER is heavily qualified. That is only to be expected after their experience of the dog's dinner served up by the data-mining pilots.

The suspicion is that what is intended here by "digital identity verification" is something to do with the Government Digital Service's identity assurance scheme, IDA.

IDA was meant to provide us with an "ecosystem" of competing private sector "identity providers". Philip Virgo tells us that there were initially "80 expressions of interest" in joining the IDA framework, please see Who won the battle between DWP and Cabinet Office over ID Policy?. 80 became eight a year or so later in January 2013. By September 2013, eight had become five. And now we're down to two, please see Beta launch for identity assurance this year:
... an official from the IDA programme ... explained that the first two identity providers will start supporting the scheme from the end of November ... These two providers come from a pool of five companies- Digidentity, Experian, Mydex, The Post Office and Verizon- who have signed contracts to deliver IDA services, out of a total of eight companies who were originally on the framework.

The official said that they are hoping for new providers to join in and start working on the programme next year ...
We do not know which two "identity providers" now occupy the shrinking "ecosystem".

And we do not know which brave "new providers" might join where 78 have already pulled out.

Perhaps the government could lean on the two banks which it controls, Lloyds and RBS? Let's hope not. We've been here before. There's no upside. It's all risk.

Perhaps the government could invite Facebook to help. Or Google:
Andrew Nash, Google’s Director of Identity, ran us [Francis Maude and ex-Guardian man Mike Bracken] through the current issues facing identity.He explained how Google aim to grow and be part of an ecosystem of identify providers, and encouraged the UK Government to play its part in a federated system. The UK ID Assurance team and Google agreed to work more closely to define our strategy – so look out for future announcements. Andrew also took the opportunity to walk the Minister through the Identity ecosystem.
All far too interesting for the Electoral Commission to let them become involved. Expect digital verification politely, quietly and firmly to be swept under the confirmation carpet.

On-line registration portal
Ditto the on-line registration portal, para.1.21 onwards in the readiness report:
1.21 ... we are concerned that the website which will enable online registration in Great Britain has also not yet been fully tested.

1.22 The current plan indicates that while the user-facing part of the application ... will be developed for the majority of users by the end of October 2013, testing the process that takes place ‘behind’ the screen ... will not be completed until later (likely to be March 2014). As with the verification development work more generally, this is a tight timetable given the intended IER start date in June 2014 and we have not seen a detailed timetable for this testing ...

1.23 We also understand that the technical development work required to allow use of the online application system by certain important groups of electors ... will not be completed until March 2014.

1.24 The [Electoral Registration Transformation Programme] team have assured us that this development work has been fully scoped and timetabled and that they are confident of delivering the work to time. However, ... this remains an important area of concern.
The Electoral Commission hardly need reminding that an on-line registration portal with no identity assurance and no "ID hub" is an invitation to electoral fraud. Unicorns. Too interesting. Drop it. Keep it boring.

Cloud computing
Always keen to follow the latest fad, the Government Digital Service want to store all our data "in the cloud", as they say. They have chosen to use Skyscape and Carrenza.

Storing data in the cloud is the most efficient way of losing control of it.

The Commission may care to look into the current practice of using the cloud for electoral rolls. One company, Halarose, which provides electoral registration services to 80 local authorities, runs its services on Amazon's cloud servers located in the Republic of Ireland.

Do the Commission agree that this raises interesting questions whether our data is properly under the control of the people who owe us voters a duty of care? If the questions are too interesting, perhaps the Commission would look into changing the current lenient procedures which countenance use of the cloud, not just by Halarose but throughout the electoral registration system.

The key to success with regard to IER lies in being boring. The more boring the better.

----------

Updated 8.1.14
Keep it boring. A simple enough suggestion. So what do the Electoral Commission do? They only go on the radio this morning and announce that we're all going to need photo-ID to vote. That's what.

Far too interesting.

What photo-ID? Passports and photo-ID driving licences. Or a special voting ID card for people who don't have a passport or a photo-ID driving licence. The special voting ID card will be free. "Free"?

If you need photo-ID to vote, why don't you need it to register?

The credit card companies rejected photographs on credit cards in the UK because, based on tests with supermarket staff, that would increase fraud and not reduce it. How would the people manning polling stations fare any better? What happens when you are refused your right to vote because one of these people says you don't look like yourself?

How long before someone points out that if you can register on-line you ought to be able to vote on-line? Perhaps proving your identity on-line using GDS's non-existent identity assurance system? Or, for old-timers, using biometrics.

How long before someone points out that if you need photo-ID to vote, then you must need it to get married? Or to get your children into state education? Or to be given non-emergency state healthcare?

It is strongly suggested that the Electoral Commission conduct trials to see if the benefits of photo-ID voting outweigh the costs. If not, the initiative is counter-productive and disproportionate and should be dropped. There is no loss of face in acknowledging the authority of a large-scale independent trial. The larger and the sooner, the better.

Then, let's hope, we can get back to boring. Please. Boring, boring, boring.

Updated 10.6.14

Today is the first day of individual electoral registration in England and Wales. There is not a single press release about it. Anywhere. Not even on the Electoral Commission's website.

Updated 28.6.14
UK should consider e-voting, elections watchdog urges

Rowena Mason, political correspondent
The Guardian, Wednesday 26 March 2014 18.31 GMT

... the head of the Electoral Commission, Jenny Watson, warned that the ... long-term trend of falling voter turnout was particularly marked among young people ...

... the election watchdog would examine a range of ways to make voting more accessible, including the "radical" option of internet voting and US-style same-day registration for those not on the electoral roll ...

... "we plan to look at a variety of options, assessing how they will help citizens engage more effectively" ... more could be done to make the system more reflective of wider society ... "an increasingly disenfranchised younger generation" ...

... "Unless our electoral system keeps pace with the way many voters live the rest of their lives – where the way they bank and the way they shop has been transformed – it risks being seen as increasingly alien and outdated, particularly to young voters as they use it for the first time" ...
The claims Jenny Watson makes for on-line voter registration and on-line voting are hypotheses. The potential benefits are great. It is worth testing these hypotheses. And they have been.

Estonia allow internet voting. And the University of Michigan discovered that the system is open to being hijacked – the result of the election may not be decided by the voters. The university had previously discovered the same fault in a proposed eVoting system in Washington DC. And now we hear that Norway have given up on eVoting after some careful testing:
E-voting experiments end in Norway amid security fears

BBC News – Technology
27 June 2014 Last updated at 12:12

... voters' fears about their votes becoming public could undermine democratic processes.

Political controversy and the fact that the trials did not boost turnout also led to the experiment ending ...

... criticism was levelled at the encryption scheme used to protect votes being sent across the net ...

... there was no evidence that the trial led to a rise in the overall number of people voting nor that it mobilised new groups, such as young people, to vote ...

... there was also some evidence that a small number of people, 0.75% of all voters, managed to vote twice in 2013 ...
The result of these on-line voting tests is to cast doubt on the hypothesis. It seems to be wrong. On-line voting doesn't boost participation and it introduces dangerous features which undermine the trustworthiness of the election. Conclusion: it is irresponsible to assume that on-line voting is a cure-all.

What about on-line registration to vote?

The Government Digital Service (GDS) introduced an on-line system on 10 June 2014 in pursuit of individual electoral registration in England and Wales. The system collects application details and forwards them to electoral registration officers (EROs) who have to decide whether to register the applicant to vote.

How do the EROs know whether the applicant is who they say are?

GDS have provided a check based on use of the applicant's National Insurance number. That is the same check they use in DVLA's view-driving-record application. And what do the Driver & Vehicle Licensing Agency have to say about it?
Access to the service is currently allowed by matching the user’s data to the driving licence number. We also use an existing link to the Department for Work and Pensions (DWP) to check if the National Insurance Number (NINO) provided matches details held by DWP and HM Revenue & Customs.

Whilst this authentication process is fairly quick and straightforward, there are some downsides ... it does not provide us with the level of confidence the user is who they say they are in order to offer them more information such as their photo image or allow them to link to a transactional service.
Again, a perfectly sensible hypothesis, but the test results suggest that it would be irresponsible to rely on on-line voter registration.

Updated 3.7.14

All this febrile raving about photo-id and electronic voting and same-day registration? Too exciting. We need boring.

The Electoral Commission have started their public awareness campaign for individual electoral registration, hat tip Halarose:



30 seconds of total inanity. The postman delivers a letter. Men turn into women half way downstairs to the accompaniment of irritating music and then read the IER information leaflet while they enjoy a cup of tea.

The shoutline? "Make sure you're in".

Congratulations to the Electoral Commission. Perfect. A collector's item. More like that, please.

RIP IDA – individual electoral registration


The key to success with regard to IER lies in being boring.
The more boring the better.

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

If all goes well, the media will pay not the slightest attention to the changes promised for 2014 in the way the electoral register is compiled in Great Britain.

Beginning on 10 June 2014, England and Wales will switch from compiling the electoral register on a household basis to individual electoral registration (IER). In Scotland, the equivalent date is 19 September 2014 – the delay there is to cater for the referendum on Scottish independence.

IER will be a yawn and a bore. That's if all goes well. The new electoral register will be ready for the 2015 general election and it will be complete enough and accurate enough not to impugn the legitimacy of the election result.

The Electoral Commission published a readiness report back in October 2013. They've got the forms ready and they just need political approval before Electoral Registration Officers (EROs) send them out to individuals to register. That will be in July 2014 and there will be an accompanying public awareness campaign.

It is to be hoped that that public awareness campaign will be workmanlike, clear, simple and above all uncontroversial. Dull. Worthy. Yawn-inducing, as befits a highly respected, confident and mature democracy.

There are a few worryingly interesting bits of IER.

Friday 27 December 2013

Whitehall misfeasance – something's up

Jill Sherman is the Whitehall Editor of the Times and she has a scoop in today's paper, please see Whitehall forced to call in the experts:
About one hundred high-powered troubleshooters are to be drafted into Whitehall from the private sector to save the Government’s riskiest projects, The Times has learnt.

The experts from management consultants and other industries will help to turn around difficult schemes such as Universal Credit, High Speed rail (HS2), and electronic tagging. They will also help to monitor new contracts and bulk purchasing across the public sector.

The move follows months of criticism over the lack of commercial skills within Whitehall after a series of IT disasters and other fiascos that have wasted hundreds of millions of pounds of taxpayers’ money ...
Someone has clearly finally had enough of Whitehall's unaccountable failure.

We're talking about power here. Specifically about power changing hands. That spells danger. Adroitly handled, it also spells hope.

Whitehall misfeasance – something's up

Jill Sherman is the Whitehall Editor of the Times and she has a scoop in today's paper, please see Whitehall forced to call in the experts:
About one hundred high-powered troubleshooters are to be drafted into Whitehall from the private sector to save the Government’s riskiest projects, The Times has learnt.

The experts from management consultants and other industries will help to turn around difficult schemes such as Universal Credit, High Speed rail (HS2), and electronic tagging. They will also help to monitor new contracts and bulk purchasing across the public sector.

The move follows months of criticism over the lack of commercial skills within Whitehall after a series of IT disasters and other fiascos that have wasted hundreds of millions of pounds of taxpayers’ money ...
Someone has clearly finally had enough of Whitehall's unaccountable failure.

We're talking about power here. Specifically about power changing hands. That spells danger. Adroitly handled, it also spells hope.

Sunday 22 December 2013

Whitehall press release – an apology

In a blog post published on 19 December 2013, The peculiar art of the Whitehall press release, DMossEsq accused a Cabinet Office Minister of describing a manifest failure as a success. DMossEsq was wrong and he apologises.

As part of the move to individual electoral registration (IER), the Electoral Commission have reported on an exercise known as "the data-mining pilot". That exercise was a failure. As the Commission say in their report: "The findings from this pilot do not justify the national roll out of data mining" (pp.8 & 60).

The Whitehall press release quotes Rt Hon Greg Clark MP talking about "the successful dry run of the data matching process over the summer". If he had been referring to the data-mining pilot as DMossEsq wrongly believed that would indeed have been "peculiar".

But the Minister wasn't referring to the data-mining pilot. He was referring to a separate exercise known as "the confirmation dry run".

The report on the confirmation dry run says: "The Electoral Commission evaluated this pilot and concluded that confirmation should be used during the transition to IER as a way of safeguarding against a decline in the completeness of the registers, while maintaining their accuracy" (p.2).

In light of which DMossEsq acknowledges without reservation that the Minister's choice of words is unobjectionable.

Whitehall press release – an apology

In a blog post published on 19 December 2013, The peculiar art of the Whitehall press release, DMossEsq accused a Cabinet Office Minister of describing a manifest failure as a success. DMossEsq was wrong and he apologises.

Thursday 19 December 2013

The peculiar art of the Whitehall press release

Date confirmed for Individual Electoral Registration (IER), says yesterday's Cabinet Office press release: "The government has today confirmed its intention to move to IER on 10 June 2014 in England and Wales and 19 September 2014 in Scotland".

We are moving in Great Britain from household registration to individual electoral registration. That is the will of Parliament as enshrined in the Electoral Registration and Administration Act 2013.

How will local Electoral Registration Officers (EROs) make sure that the electoral roll includes all those eligible to vote and only those eligible to vote? It's an old question. With old answers – we've been voting for several centuries now.

There was one new answer.

How about comparing the electoral rolls with other databases like the National Insurance number database? That way EROs could be given a list of people to follow up who should be on the electoral roll but aren't, and try to prevail on them to register.

Worth trying. The Electoral Commission drafted in the Government Digital Service (GDS) to do a "data mining" or "data matching" exercise.

Whatever you want to call it, the exercise was an unmitigated failure. "The findings from this pilot do not justify the national roll out of data mining", said the Commission in their July 2013 Data mining pilot – evaluation report, first recommendation, p.8, in bold.

The Commission gave several reasons for their conclusion, including the fact that GDS put forward not only foreign people ineligible to vote as candidates for EROs to follow up but also people who were already registered and didn't need any follow-up.

They had other reasons in addition. The delays caused by GDS. GDS's procedural changes mid-stream which meant results weren't comparable. The refusal by GDS to say how much their work had cost, with the result that the Commission don't know what the pilot cost and can't estimate the cost of live running.

And that's just the second pilot. In the first pilot, GDS made it look as though 82% of residents on the electoral roll in Ceredigion were impostors. EROs need reliable data. This is the election of governments we're talking about here, both local and national.

One way and another, the Commission's conclusion seems unimpeachable. The findings from this pilot do not justify the national roll out of data mining.

And how is this matter dealt with in yesterday's press release?

The Rt Hon Greg Clark MP, the Cabinet Office Minister responsible, is quoted as saying: "Following the successful dry run of the data matching process over the summer, and the Electoral Commission’s assessment that there is no reason to delay implementation, this confirms progress towards a more modern, secure system of electoral registration".

Somehow the unmitigated failure of the second pilot has become a "successful dry run". Please see comment below, 21 December 2013, 1:19 a.m. Please see also Whitehall press release – an apology.

The peculiar art of the Whitehall press release

Date confirmed for Individual Electoral Registration (IER), says yesterday's Cabinet Office press release: "The government has today confirmed its intention to move to IER on 10 June 2014 in England and Wales and 19 September 2014 in Scotland".

We are moving in Great Britain from household registration to individual electoral registration. That is the will of Parliament as enshrined in the Electoral Registration and Administration Act 2013.

How will local Electoral Registration Officers (EROs) make sure that the electoral roll includes all those eligible to vote and only those eligible to vote? It's an old question. With old answers – we've been voting for several centuries now.

There was one new answer.

Thursday 12 December 2013

Vaz v. Rapson – book now to avoid disappointment

In their bid to transform government, the Government Digital Service (GDS) have chosen 25 public service transactions to demonstrate their prowess.

Three of them (see alongside) are Home Office transactions. No.20 out of 25 is something to do with criminal record checks.

But things have moved on. No.20 is no more. As ex-Guardian man Mike Bracken, executive director of GDS, tells us in his quarterly report:
Following discovery on exemplar 20 (criminal records checks), GDS and Home Office (HO) have agreed that due to contractual constraints and competing policy and legislative priorities, there would be more opportunity to effect transformational change by March 2015 in another service. GDS and HO have agreed to investigate working with HM Passports Office as an alternative, and details of the new service will be confirmed publicly on the transformation dashboard when finalised.
He also tells us that:
We have published guidelines on increasing digital take-up alongside case studies of how public sector organisations have successfully achieved channel shift; we intend to expand on this with additional case studies.

We’re doing further research with users of 2 services (online passport applications and Carer’s Allowance) to learn more about:
  • how we can get offline users to use a digital service for the first time
  • why users revert to non-digital channels
We’ll publish the outcomes of the research along with the guidance we develop from it.
The "contractual constraints" on the criminal records work can't have just appeared recently. They must have been known about a long time ago.

It looks as though GDS have been taken off criminal record checks but given something else to do on passports as a consolation. Do GDS and the Home Office realise that there are "contractual constraints" on passport work as well, just as much as on criminal record checks?

The contract to provide the Home Office with work on passports is worth £385 million and is currently held by CSC, the software house who contributed so much to the NHS's National Programme for IT (£12 billion of taxpayers' money reduced to ahes) and to the Home Office's biometrics-based visa applications system. CSC is also the software house which has been fined $250 million by the US military and is being sued by its shareholders.

CSC took over the passport contract from Siemens, who were paid £365 million between 1999 and 2009. When DMossEsq renewed his passport on-line 10½ years ago, the Siemens system seemed to work perfectly well. When he renewed it six months ago, the CSC system seemed to work perfectly well.

On that basis, it seems unlikely that we need GDS to do any more work on passport applications. It's a waste of their time and our money and it may invalidate any warranties CSC have given.

The effect of these huge passport contracts to re-write working software is that we are being over-charged by £296 million a year (DMossEsq estimate), a fact which has been brought to the attention of Sarah Rapson, who was executive director chief executive of the Identity & Passport Service (IPS) at the time.

No longer.

IPS is now HMPO, Her Majesty's Passport Office.

And Sarah Rapson isn't the executive director chief executive there any more – she's now interim Director General of UK Visas and Immigration. When she made her first appearance before Keith Vaz's Home Affairs Committee they treated her with sympathetic tolerance and patience.

UK e-borders scheme failing to make immigration checks, the Guardian told us in October: "Border control system's alerts are not being routinely used to stop terror suspects or war criminals, watchdog reveals", the watchdog being the excellent John Vine.

Her next appearance may be more dramatic. Book early.

----------

Updated 22.7.14
Home Office's 'flagship' £350m immigration computer system ditched

The Home Office wasted nearly £350 million on a computer system for dealing with immigration and asylum applications that was abandoned, forcing staff to revert to using an old system that regularly freezes.

The “Immigration Case Work” system was commissioned in 2010 and was supposed to be a “flagship IT programme”, a report by the National Audit Office (NAO) said.

However, it suffered "delays and problems" that led to it being shut down last August. Ministers have now commissioned another new computer system that is due to cost a further £209 million by 2016-17 ...

Vaz v. Rapson – book now to avoid disappointment

In their bid to transform government, the Government Digital Service (GDS) have chosen 25 public service transactions to demonstrate their prowess.

Three of them (see alongside) are Home Office transactions. No.20 out of 25 is something to do with criminal record checks.

But things have moved on. No.20 is no more. As ex-Guardian man Mike Bracken, executive director of GDS, tells us in his quarterly report:
Following discovery on exemplar 20 (criminal records checks), GDS and Home Office (HO) have agreed that due to contractual constraints and competing policy and legislative priorities, there would be more opportunity to effect transformational change by March 2015 in another service. GDS and HO have agreed to investigate working with HM Passports Office as an alternative, and details of the new service will be confirmed publicly on the transformation dashboard when finalised.
He also tells us that: