RIP IDA – if you've got nothing to say, say it

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

17:09, yesterday afternoon, Monday 10 February 2014, an email arrives saying that the Government Digital Service (GDS) have published a new blog post, Striking a balance between security and usability.

Read it, and one question keeps asking itself – why? Why did they publish this interview with James Stewart, the director of technical architecture at GDS? What was publication supposed to achieve? What is the message they're trying to convey?

A number of messages do come across. But unless GDS is trying to undermine itself these messages can't possibly have been intended. Mr Stewart's topic is the balance between security and usability. That's the question. And his answer is – you have to balance them.

Yes James, thank you, we know that, that's the title of the blog post, the question is how? How do you balance security and usability? And since he doesn't answer that question, the inference is that he can't answer it – GDS don't know how to balance security and usability. That's the message that comes across.

That ignorance doesn't seem to worry them. That's another message that comes across. GDS aren't interested in security. Only in usability.

This isn't the first time. We saw this lack of interest in security in Public Servant of the Year ex-Guardian man Mike Bracken CBE's speech last October to the Code for America Summit 2013 and we saw signs of it again two weeks ago in the blog post by GDS's Janet Hughes and Leisa Reichelt, Security and convenience: Meeting user needs.

GDS may not be interested in security. But other people are. They understand its importance.

When GDS's David Rennie spoke at the US Identity Ecosystem Steering Group conference in January, he said that the reason there are none of the big retail banks signed up to IDA, the identity assurance programme, is that they've been too busy sorting out the aftermath of 2008's credit crunch (31'22"-32:32").

That's silly. Identity assurance is what retail banks do all day every day – they can't be "too busy" to do it.

Is the real reason that the banks won't sign up that they don't want to be associated with IDA? And they don't want to be associated with it because, without a proper understanding of security, IDA will crash on take-off, destroying the reputation and the share price of everyone connected with it?

Is that perhaps the reason why Cassidian and PayPal, who were signed up to IDA, have subsequently pulled out?

Security isn't important. What does that imply for HMRC, who are being asked to give up the long-established Government Gateway and to rely instead on IDA?

And what does it imply for the remaining "identity providers"?

It would be a shame to see the Post Office's good name besmirched. The fates of Digidentity, Mydex and Verizon don't concern us much in the UK, they don't have a reputation here to lose. But Experian should worry us all.

They don't need GDS. Experian already do identity assurance in the UK and overseas. They're good at it. They have a global brand, a global good name, and DMossEsq, for one, would like to see them keep it, not least because his pension fund is quite heavily invested in Experian. Their association with GDS and IDA is a threat to DMossEsq's retirement, and the retirement of many others – we're talking about a FTSE-100 company here.

The message from James Stewart's blog post is – Experian, get out, like Cassidian and PayPal, before the shareholders revolt. Why did GDS want to publish that?

----------

Updated 23.5.14

Ebay urges users to reset passwords after cyberattack Auction site eBay has urged users to change their passwords after suffering what may have been the biggest-ever cyber-attack when hackers broke into a database holding its 233m customers’ personal data ... The attack is even bigger than that which affected the US retailer Target in December, when around 40m customer credit cards were stolen by hackers, who broke into the company’s systems. The fallout from that security breach led to the resignation of Target’s chief executive in May ...

The latest in a long line of security breaches. And a harbinger of things to come unless GDS starts to take security seriously.

Updated 9.6.14

GDS published a blog post today, Sensible Security. At first it looks as if they're starting to take security seriously ...

... for routine government business and the delivery of public services, government should think about security just as a large and well-run company would do – consider the organisations who look after your savings, manufacture medicines or produce the smartphone in your pocket ... The answer is to think about security as part of the user needs ...

... but the effort proves once again to be too great and we are left with them thinking about security as ...

... something that is integral to (and should be balanced against) every other facet of the service. If we can achieve this balance, and users and risk owners alike can understand it, then we’ll have been successful.

They're no further forward than 10 February 2014 and Striking a balance between security and usability. Luckily the banks and other organisations GDS claim to want to emulate are way ahead.


Updated 20.1.15

No stopping GDS. Now they're responsible for the Public Services Network (PSN).

The what?

"Simply put, the Public Services Network (PSN) is the government’s high-performance network". That's James A Duncan's take on the matter in Making the PSN better. And he's the new new Chief Technology Officer for the PSN so he should know.

According to Mr Duncan:

For suppliers previously, a Pan-Government Accreditor (PGA) would accredit services against the requirements for the Impact Levels. This created an unwieldy bottleneck that has actively added cost to supplier services, and slowed down the rate at which new services are made available on the network. We are changing the over-the-top Service assurance to be more in-line with G-Cloud and the Cloud Service Security Principles.

The Cloud Security Principles remove the "unwieldy bottleneck" which cost money and took time by making the users responsible for assessing security themselves on the basis of unaudited assertions made by the suppliers. You can see why Mr Duncan fits in well with GDS. He has the same relaxed view of security.

What is not clear is how this makes the PSN "better".

Does Mr Duncan have any security advice for his users? For all those central government departments and local authorities and "schools, doctors’ surgeries, pharmacies, emergency services, hospitals and charities large and small"? You bet:

… we’re creating an option for connectivity that allows customers to connect using suitable encryption, via the internet.

"Suitable"? What does that mean? Like "balanced" (please see James Stewart in the post above), it means nothing.

There goes the PSN.

----------

Updated 23.11.16

After what will be six years, I'm leaving @gdsteam at the end of January. Excited to see what's next. https://t.co/VwJDRk5zBw — James Stewart (@jystewart) 23 November 2016

Updated 23.1.17

Mystery: the departing James Stewart on DirectGov and BusinessLink.

RIP IDA – if you've got nothing to say, say it

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

17:09, yesterday afternoon, Monday 10 February 2014, an email arrives saying that the Government Digital Service (GDS) have published a new blog post, Striking a balance between security and usability.

Read it, and one question keeps asking itself – why? Why did they publish this interview with James Stewart, the director of technical architecture at GDS? What was publication supposed to achieve? What is the message they're trying to convey?

A number of messages do come across. But unless GDS is trying to undermine itself these messages can't possibly have been intended. Mr Stewart's topic is the balance between security and usability. That's the question. And his answer is – you have to balance them.

Yes James, thank you, we know that, that's the title of the blog post, the question is how? How do you balance security and usability? And since he doesn't answer that question, the inference is that he can't answer it – GDS don't know how to balance security and usability. That's the message that comes across.

RIP IDA – JFDI and the Black Pencil

... every transaction you ever undertake should depend on Mydex.

No Mydex, no transactions ...

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

If you're a creative, there's nothing like winning a D&AD award for your work. And as DMossEsq readers know, the Government Digital Service (GDS) won a prestigious Design and Art Direction Black Pencil last year in a specially-created category for UK-government-websites-called-GOV.UK.

Judging by this week's Looking back at Sprint 14, GDS are going for the double and trying to win another pencil.

Sprint 14 was the government computer nerds' celebration at which Francis Maude famously announced that "we’re the JFDI school of government". Rather than attempting to string a few sentences together to explain what's going on in the Cabinet Office computerwise, GDS have produced two videos with exciting upbeat music and a few flashcards making vague assertions about progress but nothing you could hold them to.

GDS aren't meant to be the government's ad agency. They're meant to be developing computer services which will, as they keep telling us, transform government – "400 days to transform government". In pursuit of which, they have a transformation page on GOV.UK. A transformation page which continues stubbornly to show that, of the 25 target services, only one has gone live:

(an old screenshot, the numbers are currently 3/5/16/1)

Faced with the oneness of their transformation to date, GDS suggest in their videos that it's thanks to them that individuals and companies can submit on-line returns to HMRC.

But some of us have been doing that for a decade already. And that's thanks to HMRC. Not GDS. HMRC have a good record. GDS didn't even exist when HMRC and DVLA and Companies House, among others, first made their services available on-line.

The question exercising this year's D&AD Awards Committee is no doubt the same question exercising us all – where is IDA?

None of these 25 on-line government services is worth a broken pencil without IDA, identity assurance. First promised for live public use by autumn 2012, IDA still doesn't exist.

Where is it?

We don't know.

All that we do know is that the UK's unwritten Constitution is going through one of its occasional adaptations. According to GDS, it will now have to accommodate an institution known as the "identity provider" or "IDP".

Every individual in the country, every company, charity, trust, ... will be provided with an on-line ID and will use that to communicate with the government when making tax returns or whatever. That's the idea of Martha-now-Lady Lane Fox's digital-by-default manifesto.

There are (probably) five IDPs. Four of them – Digidentity, Experian, the Post Office and Verizon – never say anything in public about IDA, so they don't help to answer our question. But one of them, Mydex, by contrast, is downright exhibitionist. And they too, like GDS, have recently released a video, New directions, commercial opportunities, and managing the risks, "watch the video of our CEO David Alexander speaking at the BCS and EEMA event".

Mr Alexander is a fast-talking jovial cove who gives himself 16 minutes and 46 seconds to explain why every transaction you ever undertake should depend on Mydex. No Mydex, no transactions.

That's the burden of his message towards the end of the video. You may or may not be convinced.

At the start, he is at some pains to tell you that Mydex is a CIC, which it is, a Community Interest Company, which can't sell itself to Google or any of the other latter-day Pied Pipers. That suggests, quite rightly, given that they're not giving their services away for free, that if Mydex were to succeed in their ambition to become the axis around which every single transaction in the UK economy revolves, it would be a very valuable company.

But first, it needs to inspire trust in every individual and every organisation in the country, as noted, most of whom have never heard of Mydex. How?

Mr Alexander suggests that we should trust Mydex because it is a "member" of tScheme. tScheme is a standards body which measures the trustworthiness of on-line services like Mydex. But why should we trust tScheme, of whom we have also never heard? Mr Alexander doesn't tell us.

We have come across tScheme before, when William Heath, the chairman of Mydex, told us that Mydex is "compliant" with tScheme. And as we noted then, tScheme's list of certified services stubbornly refuses to include Mydex. Or Digidentity or the Post Office or Verizon.

A member? Maybe. Compliant? Maybe. But certified? No. Mydex has not been certified by tScheme.

And what do we know about certification and IDA?

Answer, Steve Wreyford of GDS has told us that Delivering Identity Assurance: You must be certified: "We need to be sure that before any of the identity assurance framework suppliers begin providing services to departments, they are certified as being capable of delivering proof of identity as defined in the Government’s Good Practice Guides".

Which implies that, by GDS's own JFDI lights, there is a bit of a dent in the bodywork of GDS's fleet of IDPs. A problem with trust. An impediment to Mydex's ambitions. And Digidentity's and the Post Office's and Verizon's.

"What about Experian?", you ask. Good question. Let's leave that for another day.

For the moment, as far as D&AD are concerned, and the rest of us, the stubborn reality is that GDS's marketing is just hype. There is no IDA. No Black Pencil for GDS this year. RIP IDA.

----------

Updated 12:05

Some readers may remember that IDA was tested by Warwickshire County Council. The Council worked with three of GDS's IDPs – Mydex, PayPal and Verizon.

How did that test go?

With no exciting upbeat music and not a flashcard in sight, PayPal have subsequently pulled out of IDA. And the Open Identity Exchange report on the test "highlighted shortcomings in the user journey arising from the technical implementation of the IDA Scheme".

The report also said that "... considerably more thought needs to be applied in this area [stepping up from Level of Assurance 1 to Level of Assurance 2] if it is to become a viable proposition going forward".

And that: "... at the time of this project, the functionality required to deliver user data directly within the IDA Scheme [to create a new account] had yet to be developed ... The consequence is that the user is faced with a convoluted process when using the IDA Scheme for the first time".

And "... users often struggled as they sought to understand how this method of signing in to government services worked".

Before adding "users were not clear why private sector companies were being used to carry out identity assurance on behalf of government" and "Some aspects of the registration processes proved annoying to the users ...".

The D&AD Awards Committee may want to pencil some of these comments into their calculations.

Updated 15.8.14

It's six months since we noted that only one of the UK's "identity providers" is certified trustworthy by tScheme. Experian. The other four hadn't even bothered to apply at the time. The Post Office and Verizon, Digidentity and Mydex. They just hadn't got round to it.

Now they have – take a look at tScheme's list of registered applicants.

A bit late, you may say. It's one thing to apply. Quite another to obtain certification. That could take ages.

Ah, but you don't know the half of it.

It doesn't matter how long certification takes. It's a waste of time. Not worth the paper it's written on. Or the authentic digital certificate it's encrypted in. Because there's no such thing as a trust framework.

That's the opinion of Ctrl-Shift, Mydex's sister company, who say that there's no agreed definition of "trust framework", no known way to enforce the conditions of trust and no viable way to pay for enforcement anyway.

You may or may not agree with Ctrl-Shift but there is growing support for their view. The Estonian cybersecurity company Guardtime, for example, believe that the pursuit of trust in the digital world is a wild goose chase, a "doomed strategy", as they call it. You may or may not agree with Guardtime. But Chris Chant does.

Mr Chant was the primum mobile behind G-Cloud, the UK government cloud computing initiative. He has been promoting Guardtime on the G-Cloud Twitter account for the past two months or so. "Truth, not trust". That's his slogan.

And not once have G-Cloud disagreed with him or objected in any way.

If Ctrl-Shift and Chris Chant and the G-Cloud team and Guardtime are right, we ordinary members of the public would be ill-advised to rely on Mydex for every on-line transaction we undertake. And even if IDA existed we could have no trust in it, RIP.

RIP IDA – JFDI and the Black Pencil

... every transaction you ever undertake should depend on Mydex.

No Mydex, no transactions ...

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

If you're a creative, there's nothing like winning a D&AD award for your work. And as DMossEsq readers know, the Government Digital Service (GDS) won a prestigious Design and Art Direction Black Pencil last year in a specially-created category for UK-government-websites-called-GOV.UK.

RIP IDA – JFDI security

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

It's that speech again, the speech that won't stop speaking to us, the speech given by Public Servant of the Year ex-Guardian man Mike Bracken CBE to the CfA Summit 2013 on 16 October 2013. Just a 39-second clip this time, starting at 19'35", and the topic is security:

The state needs security, companies and other legal persons need security and so do natural persons, families, individuals, you and me. We're talking about secrecy here, confidentiality, privacy, resilience and control. You need to have control over your bank accounts, for example, it's against your wants, needs and interests for anyone else to have control over them, unless you've gone gaga, in which case let's hope that you've granted an enduring/lasting power of attorney to a relative or a friend with your best interests at heart.

Security is important. If you lack the imagination to understand that in advance, you pretty soon find out the hard way after the event, after security has been breached, as Janet Hughes and Leisa Reichelt were reminding us only the other day, please see Security and convenience: Meeting user needs:

When they’re asked how they feel about security online, people tell us they prioritise security as a need. When we meet people in the lab who’ve had their digital security compromised, they talk about  it as a devastating experience.

Security is important. And yet what's that Public Servant of the Year ex-Guardian man Mike Bracken CBE was telling the CfA Summit? You can overdo security. Usability/convenience is much more important. Security ought to be relaxed. Especially for people with a one-month old daughter.

The logic is less than impeccable.

Which is worrying when you remember that Public Servant of the Year ex-Guardian man Mike Bracken CBE is the senior official, the top civil servant on IDA, he is the senior responsible owner of the pan-Government identity assurance programme (RIP).

Janet Hughes and Leisa Reichelt also say that:

People expect registering for government services to be the same as signing up for a social media or shopping account.

Only silly people. Only people who need protecting from themselves. Responsible public servants must realise that and should say it. Remember that word "devastating".

No responsible adult would make the mistake of believing that the experience of signing into your Twitter account is comparable to authorising a payment from your current account on-line. If IDA is heading in that JFDI direction, then the Government Digital Service are being irresponsible.

RIP IDA – JFDI security

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------

It's that speech again, the speech that won't stop speaking to us, the speech given by Public Servant of the Year ex-Guardian man Mike Bracken CBE to the CfA Summit 2013 on 16 October 2013. Just a 39-second clip this time, starting at 19'35", and the topic is security:

JFDI, Agile People

The Government Digital Service (GDS) has everything. Bunting and mascots. Cake and stickers (27'00"-27'20").

Everything except a corporate song.

Until now, when – thanks to the inspiration of Francis Maude's speech at Sprint 14 – that lacuna can at last be filled.

The lyrics below are now ready for beta release. An instance of song as a service (SaaS), it is based on a disco classic of 1978 which sold over 10 million copies when the world still had singles and, who knows, after a few more iterations, perhaps if GDS can sing it with enough gusto and enough pure mindless disco-style enjoyment, maybe they can add the equivalent iAccolade to their already groaning shelvesful of awards:

YMCA (© Victor Willis) Village People

JFDI Agile People

Young man, there's no need to feel down. I said, young man, pick yourself off the ground. I said, young man, 'cause you're in a new town There's no need to be unhappy. Young man, there's a place you can go. I said, young man, when you're short on your dough. You can stay there, and I'm sure you will find Many ways to have a good time. It's fun to stay at the y-m-c-a. It's fun to stay at the y-m-c-a. They have everything for you men to enjoy, You can hang out with all the boys ... It's fun to stay at the y-m-c-a. It's fun to stay at the y-m-c-a. You can get yourself cleaned, you can have a good meal, You can do whatever you feel ... Young man, are you listening to me? I said, young man, what do you want to be? I said, young man, you can make real your dreams. But you got to know this one thing! No man does it all by himself. I said, young man, put your pride on the shelf, And just go there, to the y.m.c.a. I'm sure they can help you today. It's fun to stay at the y-m-c-a. It's fun to stay at the y-m-c-a. They have everything for you men to enjoy, You can hang out with all the boys ... It's fun to stay at the y-m-c-a. It's fun to stay at the y-m-c-a. You can get yourself cleaned, you can have a good meal, You can do whatever you feel ... Young man, I was once in your shoes. I said, I was down and out with the blues. I felt no man cared if I were alive. I felt the whole world was so tight ... That's when someone came up to me, And said, young man, take a walk up the street. There's a place there called the y.m.c.a. They can start you back on your way. It's fun to stay at the y-m-c-a. It's fun to stay at the y-m-c-a. They have everything for you men to enjoy, You can hang out with all the boys ... Y-m-c-a ... you'll find it at the y-m-c-a. Young man, young man, there's no need to feel down. Young man, young man, get yourself off the ground. Y-m-c-a ... you'll find it at the y-m-c-a. Young man, young man, there's no need to feel down. Young man, young man, get yourself off the ground. Y-m-c-a ... just go to the y-m-c-a. Young man, young man, are you listening to me? Young man, young man, what do you wanna be?

Stand up, there's no need to sit down. We say, stand up, get ourselves to the wall. We say, stand up, 'cause we're in a new world There's no need to have a meeting. Users, they all have their own needs. We say, users, time for discovery. We can alpha, even beta test too And then go live within budget. It's fun to iterate j-f-d-i. It's fun to iterate j-f-d-i. We have everything, twenty-five exemplars, We can cut code, we’re the world’s best ... It's fun to iterate j-f-d-i. It's fun to iterate j-f-d-i. We can transform the world, make it transition now, Without fail deliver the goods ... Pivot, revolution is here We say, pivot, paradigm shift has come We say, pivot, Whitehall stand on your head. All because of Martha Lane Fox All code has to be open source We use github, post-it notes and short sprints And then dashboards, from our wow factory There’s just nothing that can stop us It's fun to iterate j-f-d-i. It's fun to iterate j-f-d-i. We have everything, twenty-five exemplars, We can cut code, we’re the world’s best ... It's fun to iterate j-f-d-i. It's fun to iterate j-f-d-i. We can transform the world, make it transition now, Without fail deliver the goods ...  G-Cloud, data under control. IDAP surely, no-one doubts that it works. We can route round any problems we find Security convenience ... We have bunting, and cake on Fridays, We have mascots, stickers we had designed, We use Apple so we always have fun We’re all digital by default. It's fun to iterate j-f-d-i. It's fun to iterate j-f-d-i. We have everything, twenty-five exemplars, We can cut code, we’re the world’s best ... J-F-D-I ... just iterate it j-f-d-i. Shout out, shout out, there's no need to write apps. Stand up, stand up, with your mobile device. J-f-d-i ... just iterate it j-f-d-i. Shout out, shout out, there's no need to write apps. Stand up, stand up, with your mobile device. J-f-d-i ... just iterate j-f-d-i. Recast, recast, for the coming new world Whitehall, Whitehall, what do you wanna be?

JFDI, Agile People

The Government Digital Service (GDS) has everything. Bunting and mascots. Cake and stickers (27'00"-27'20").

Everything except a corporate song.

Until now, when – thanks to the inspiration of Francis Maude's speech at Sprint 14 – that lacuna can at last be filled.

The lyrics below are now ready for beta release. An instance of song as a service (SaaS), it is based on a disco classic of 1978 which sold over 10 million copies when the world still had singles and, who knows, after a few more iterations, perhaps if GDS can sing it with enough gusto and enough pure mindless disco-style enjoyment, maybe they can add the equivalent iAccolade to their already groaning shelvesful of awards:

Francis Maude: "We’re the JFDI school of government"

Last week saw a major congregation of central government computer persons at the London Film Museum.

Computing isn't that exciting. There's not a lot of news. You'd expect this event – Sprint 14 – to have been covered by all the computer media.

It wasn't.

You can read Government showcases digital exemplars at Sprint 14 or Government showcases digital services at Sprint 14 or Government unveils online voter registration system or Government websites on rise again despite cull, and that's about it.

Odd.

You wouldn't expect the generalist media to cover the event, of course, but that's odd, too – because Sprint 14 was more political than you might expect.

Rt Hon Francis Maude MP, Cabinet Office minister, was there and gave a speech.

Sir Jeremy Heywood, the Cabinet Secretary, was there. He didn't speak but Treasury minister David Gauke did, as did Greg Clark, minister for Cities and the Constitution, Mike Parsons, chief operating officer at the Home Office, Oliver Morley, chief executive of the Driver and Vehicle Licensing Agency and Jeremy Wright, minister for prisons and rehabilitation.

And Martha-now-Lady Lane Fox was there, which usually guarantees several column inches, but no – nothing in the Times, the Telegraph or the Guardian.

Mr Maude assured the audience that "SMEs are engines of growth in our economy" and promised that government would spend more and more money with small and medium-sized enterprises, rather than giving it to the oligopoly of big IT suppliers. The oligopoly, that is, who keep wasting billions of pounds of public money – your money and mine – on failed IT projects. "This is a massive vote of confidence in the role [the SMEs] are playing to help Britain compete and win in the global race", he said.

That was after he'd already said that "digital is one of the major contributions to reducing the deficit and encouraging growth in the British economy ... As the Chancellor highlighted recently, every part of the public sector will continue to need to face up to the challenge of reduced budgets for some time to come ... And we know much more money can be saved – staggering savings potentially – while actually improving quality online".

Which, in turn, came after this hostage to fortune: "We’re changing things by doing them, not by talking about them. We’re the JFDI school of government".

It was 29 October 2013 when Public Servant of the Year ex-Guardian man Mike Bracken CBE published GDS goes to Cabinet. He is the executive director of the Government Digital Service (GDS), part of the Cabinet Office, championed by Mr Maude, and he was allowed to make a presentation to the full Cabinet.

That doesn't normally happen and DMossEsq raised the question at the time whether the government are considering making the alleged successes of GDS a plank of their election strategy. Now, with Sprint 14, the question arises again.

Let's hope for their sake that they don't try it. By the time of the next general election, May 2015, there will be five years of National Audit Office reports providing ammunition for the opposition to shoot down the claim that this government succeeds with IT where others fail.

We have recently had the example of the Ministry of Defence recruitment system and Capita's failure to get it right. There will be the on-going tragedy of the Department for Work and Pensions Universal Credit system. And by May 2015, who knows what else.

The government are unlikely to be able to make themselves heard, against the gales of laughter and scorn, if they try to make the point that those failures are failures of the oligopoly whereas the government successes are successes of GDS. But if they do manage to present their case, the laughter and the scorn will just start all over again – what are the successes of GDS?

So far, none.

Lots of big promises. Nothing big delivered.

Mr Maude and the government are making a politically fatal mistake if they believe GDS's over-enthusiastic salesmanship.

GDS are in no position to take on the oligopoly. They have no experience of analysing, designing, implementing, deploying and supporting large-scale government IT systems. The cocky profanity* of "we’re the JFDI school of government" is ridiculous.

If the government picks a serious fight with the oligopoly without having an alternative to replace them, the machinery of Whitehall will stop.

That's a tremendous platform if you're standing for election in the anarchists interest. But Mr Maude, presumably, isn't.

You can just about see how the computer press might fail to report that point. But RTFM** – the generalist media should have spotted it.

----------

* JFDI = just fucking do it
** read the fucking manual

Francis Maude: "We’re the JFDI school of government"

Last week saw a major congregation of central government computer persons at the London Film Museum.

Computing isn't that exciting. There's not a lot of news. You'd expect this event – Sprint 14 – to have been covered by all the computer media.

It wasn't.

You can read Government showcases digital exemplars at Sprint 14 or Government showcases digital services at Sprint 14 or Government unveils online voter registration system or Government websites on rise again despite cull, and that's about it.

Odd.