Friday 31 October 2014

Changing the organising principle of Whitehall

"Hello. I'm Mike Bracken. I'm from the Internet."
Public Servant of the Year ex-Guardian man Mike Bracken CBE CDO, executive director of the Government Digital Service (GDS), has made another one of his astonishing speeches.

En passant, please note that "CDO" doesn't mean that he's become a collateralised debt obligation. He's a chief digital officer.

The last speech of his that caught our eye was delivered a year ago on 16 October 2013 to the Code for America Summit 2013.

That's when he gave the impression that GDS had 45 million Brits using his digital identity assurance system (IDA). In fact, IDA didn't exist then and it still doesn't now.

He also claimed that the Efficiency and Reform Group, of which GDS is a part, had saved costs equivalent to 4% of the UK's GDP. The arithmetically correct figure is actually 0.6%.

Most of the savings have been achieved by making public servants redundant and by negotiating better prices with suppliers. GDS's contribution to the savings amounts to 0.0138% of GDP.

He twice suggested, in some of the more Walter Mittyish passages of his speech, that https://www.gov.uk (GOV.UK) is the only thing standing between the UK and riots in the streets. GOV.UK isn't there to enable government, he said, it is government, we (GDS) are the show.

Last year's speech was called Redesigning Government and was all about "routing round Whitehall", the opposite of team-playing.

On 20 October 2014, he returned to the fray, delivering a speech entitled From policy to delivery – changing the organising principle of the Civil Service to the Institute for Government.

"Let me start by defining terms", he says. Good idea but unfortunately he fails to define either "policy" or "delivery".

Which means that when he says "I believe delivery to users, not policy, should be the organising principle of a reformed civil service" and when he refers to "the needless separation of policy and delivery" and to "this false binary of policy and delivery" the effect can only be confusing.

After all, delivery to users is a policy. If you don't have a policy, how do you know what to deliver? If there's no need to separate policy and delivery, if the binary is false, how can one be the organising principle of the civil service and not the other?

"Traditional policy-making is largely broken", he says. He rejects the premise that "policy is fundamental" and adds "I fully expect the Internet will reject that premise, too". Is that the sort of thing the internet can do? Reject a premise?

He disparages the "archaic legalese", which happens to be the law of the land, but he is happy to embrace any amount of impenetrable computer jargon, laced with all the most fashionable and mystical marketing and managementspeak for mooncalves: "the demand for digital transformation is not a policy option. It’s a delivery crisis. And, if you’ll pardon the meme, it’s because Internet".

His real objection isn't the primacy of policy – it can't be, not in the natural language meaning of the word – but the alleged failure of Whitehall to pay sufficient attention to its parishioners' needs.

Some of his routed round colleagues might complain that no, not guilty, they reject his premise, actually the satisfaction of their parishioners' needs is the sole object of their entire, long careers in Whitehall. They are not without their successes.

These operators of the largely broken (ex hypothesi) traditional policy-making machine might also point out that Mr Bracken is trying to implement digital-by-default, the effect of which on the 16 million Brits who can't or won't use the web will be to make them excluded by default. Trying, and failing, in that GDS has failed so far to deliver IDA, without which digital-by-default can't work.

If they're not guilty of ignoring user needs, his useless colleagues in Whitehall and local government and the US administration are at least guilty of ignorance of digital technology: "those impartial advisers don’t know enough". But they do, as Mr Bracken himself acknowledges, because they all use digital in their private lives.

They use it in their professional lives as well and have done not for the 25 years Mr Bracken suggests but more like 60 years – central government was among the early adopters of digital, along with the banks, the airlines and the military.

Mr Bracken is exercised by the lurid failures of big government IT projects over the decades. So are we all.

His messianic proposed solution is to "flood your organisation with digital people and let them lead". Preferably, "agile" digital people.

That's all very well, but you need some qualifications to lead. What do these digital people know about foreign affairs? Or energy sources? Can they run the UK economy? How much expertise do they have in regulating banks? Or teaching 12 year-olds?

We're back to policy, aren't we. You do need it. It's a "solemn obligation", like delivery, as noted by Mr Bracken, but of a higher order.

And you do need people to work together, not route round each other.

First he says: "Civil servants do brilliant work all over the country. In my opinion, too humbly and without enough recognition". And then: "to succeed we must be humble in the face of messy reality". Which is it?

A little more humility, perhaps, on GDS's part, would not go amiss.

And a little more realism. Digital, he says at one point, "means starting again ... Starting from the beginning to build the services we need will prove quicker, cheaper, and more responsive ...". God knows what the Institute for Government made of that – they know even more about government than Mr Bracken – but likely they'd agree that we're in this messy world and only children think we can have a new one.

----------

Updated 16.3.15

Big and meaningful

What would it look like if a brand new Whitehall properly led by a flood of digital people had its organising principle changed in the delivery-heavy/policy-light manner adumbrated by GDS as per the post above?

We should have known the answer on 4 March 2014. The now departed government Chief Operating Officer Stephen Kelly blogged about 400 days to transform government on 28 January 2013 and if you add 400 to the latter you get the former.

But no, it turned out that GDS meant 400 business days or January 2015, whichever came later, and so it was that on 10 February 2015, 743 days after Mr Kelly's post, the GDS blog published That was 400 days of delivery, explaining that eight of their 25 exemplar services have gone live, which means that 17 exemplars haven't been delivered.

That can't be what the users need. Everyone needs digital systems and 17 of them are missing. So something has gone wrong and the only possibility allowed for by the GDS dynamic is policy – there was too much policy.

That must hurt and Public Servant of the Year ex-Guardian man Mike Bracken CBE CDO, executive director of the Government Digital Service (GDS) and senior responsible owner of the non-existent identity assurance programme, gave a rueful interview to Computerworld UK ("The Voice of IT Management"), Mike Bracken: ‘we have a one-time chance to change government’. Talking about GDS:
“We are not a small bit of the state that just goes around fixing the slightly-less-fixed bits. That’s not what we’re here to do. We’re here to do something that’s big and meaningful,” he says.
"It’s almost four years since he joined government as its reforming digital director, yet many Whitehall agencies seem to be only just starting to enter the internet era", it says woundingly in the article. Something big and meaningful was needed and hasn't happened.

GDS's efforts have been met with "resistance from some quarters". Not just resistance. "Inertia" and "exceptionalism", too. "Some organisations", he thinks, "are stuck in a ‘state of learnt helplessness’ ...". Maybe. But that was the brief, transform the government, you have one chance, 400 days, 743 if you like, and it hasn't happened.

Why not? What's the problem? "I don’t even know what we’re doing next week", he says, "it’s just ridiculous".

But it's not just himself he blames. It's also Whitehall's unforgivable habit of procuring things: "The word procurement is the problem – ‘we buy once’. We’re in a different world. We commission, we rent, we chop and change services".

Etc ...

Back in this world the question remains what it would look like if GDS's dream came true. And the answer comes strangely from the report recently published by the House of Commons Science and Technology Committee, Current and future uses of biometric data and technologies.

The Government Office for Science has specifically declined to rule on biometrics (para.27). The old Biometrics Assurance Group no longer exists (para.32) and the Biometrics Experts Group has evolved into the Biometrics Working Group, which is an entirely informal body (ibid.). And the Forensics and Biometric Policy Group suffers from "a lack of transparency" (para.33) and never publishes any minutes.

Which means what?

It means no policy. Policy-light. Just what GDS ordered.

And that in turn means what?

It means delivery. Delivery-heavy. And just as GDS foresaw, that's exactly what's happened. The police take photographs of people held in custody. They have uploaded all these photographs, 12 million+ of them (para.96), onto the Police National Database (PND). That's delivery. That's what users need.

The High Court has ruled that this delivery is illegal and gave the police a few months to regularise matters. That was 2½ years ago and the photographs are still there on the PND (para.98). Perfect. Just what Martha-now-Lady Lane Fax ordered for digital-by-default (p.4): "We must give these SWAT teams [GDS] the necessary support to challenge any policy and legal barriers which stop services being designed around user needs".

The idea is to use biometrics technology to match suspects against these images on the PND. The police claim that they don't actually use the biometric matching facilities, not least because they don't work (para.95):
Chief Constable Chris Sims, ACPO [Association of Chief Police Officers], clarified that he was "not aware of forces using facial image software at the moment ... from my perspective the technology is not yet at the maturity where it could be deployed".
That doesn't detract from their success in uploading all their custody photographs. You can almost see the GOV.UK performance dashboard now, No. images uploaded 12,000,000+, indicating success.

And that, surely, is what GDS would have liked to bring about with their "one-time chance to change government". That is the Whitehall that beckons if its organising principle is changed to be unhindered by any policy.

Changing the organising principle of Whitehall

"Hello. I'm Mike Bracken. I'm from the Internet."
Public Servant of the Year ex-Guardian man Mike Bracken CBE CDO, executive director of the Government Digital Service (GDS), has made another one of his astonishing speeches.

En passant, please note that "CDO" doesn't mean that he's become a collateralised debt obligation. He's a chief digital officer.

The last speech of his that caught our eye was delivered a year ago on 16 October 2013 to the Code for America Summit 2013.

Friday 3 October 2014

HMRC digital team plights troth to wrong Liege

Monday 29 September 2014, the week was launched with these rousing words:
I’m Mark Dearnley, HMRC’s Chief Digital and Information Officer. Today we have published HMRC’s Digital Strategy.
 Be still my beating heart, the strategy is no less than to ..
... give all of our customers – individuals, business and agents – their own online tax account ...
Christmas has come early. Not only are we all to get our own on-line tax account but our most Estonian dreams have at last come true – HMRC (Her Majesty's Revenue and Customs) want Martha-now-Lady Lane Fox's digital-by-default to be realised here on earth. They want ...
... the vast majority to deal with us through modern digital services that we’ll offer.
-----  o  O  o  -----

Mr Dearnley's blog post was accompanied by an HMRC press release which explains that:
HMRC plays a crucial and unique role in the UK. We collect the money that pays for the UKs public services ...
You may have wondered. Now you know.

And as the light dawned and brought you round from your dreams did it perhaps occur to you, too, that hang on a minute, don't we already have our own on-line tax accounts?

Each business has its own on-line VAT account, for example (Value Added Tax/Sales Tax). And its own Corporation Tax account. And each business already submits its VAT returns on-line using the Government Gateway. We have done for years. There's nothing new about it. And nothing new about submitting our CT600 Corporation Tax returns on-line. Not to mention our PAYE returns (Pay As You Earn/Income Tax). And more.

It's not just businesses. Individuals, too, have been able for years to submit Self-Assessment tax returns to HMRC on-line.

Mr Dearnley reminds us:
HMRC published its first digital strategy back in 2012.
He doesn't mean that, of course. HMRC has had digital strategies for decades. 2012 may or may not be the first time a strategy was published.

And he doesn't provide a link to the 2012 strategy. There's a copy available in the National Archives which includes this at para.6.3 on p.17:
The Digital Solutions Programme, together with the Government Digital Service [GDS], is developing an Identity Assurance (IDA) capability ... The ID hub ... gives a route for government to utilise existing, trusted identity providers in the market. A pilot IDA service, using point in time verification (a necessary part of the PAYE online exemplar) to make things simple and easy for one-off transactions will be used in October 2013 with wider IDA capabilities becoming available from October 2014.
That October 2013 PAYE pilot didn't happen. It couldn't. Because GDS couldn't provide IDA, the identity assurance required. We shall see what "wider IDA capabilities [become] available" this month, a year later, if any.

Inexplicably, GDS told the Americans last year that IDA was working. It wasn't.

It still isn't. And yet, inexplicably, someone has told Sir Jeremy Heywood, the Cabinet Secretary and head of the home civil service, that it is.

-----  o  O  o  -----

But enough of that. What, you want to know, about the new strategy? HMRC's 2014 strategy?

At para.8.7, HMRC's digital progress is enumerated in 22 "Actions". And for each Action, there is a "Commitment".

Action 2, for example, is to make sure that each digital transaction service has someone in charge, a Service Manager. Good idea. And the Commitment:
We will continue working with GDS ...
Action 3 is strategic and sustainable and involves digital literacy and an agile web development team. The Commitment is:
We will continue working with GDS ...
Action 5:
We will continue to work closely with GDS ...
Ditto Actions 6 and 7.

For Actions 8 and 9:
HMRC is making good progress and has an agreed delivery plan with GDS ...
Whereas for Actions 13, 14 and 15:
We will continue to work with the cabinet office and GDS ...
This is the strategy of the HMRC digital team, headed by Mark Dearnley, Chief Digital and Information Officer. And the question arises, what with all this working closely with GDS – the Government Digital Service, part of the Cabinet Office – and agreeing delivery plans with them, is there any time left to work with HMRC?

What do GDS know about collecting the money that pays for the UK's public services?

There is no mention of any commitment to HMRC. Only to GDS. 10 times. Who is Mr Dearnley's team working for?
-----  o  O  o  -----

Anglo-Saxon villeins had to swear an oath of fealty to their local liege lord and master. Now they write a strategy document. The oath was quicker:
By the Lord before whom this sanctuary is holy, I will to [GDS] be true and faithful, and love all which [GDS] loves and shun all which [GDS] shuns, according to the laws of God and the order of the world. Nor will I ever with will or action, through word or deed, do anything which is unpleasing to [GDS], on condition that [GDS] will hold to me as I shall deserve it, and that [GDS] will perform everything as it was in our agreement when I submitted myself to [GDS] and chose [GDS's] will.
 -----  o  O  o  -----

How many misleading propositions can you smuggle into a single sentence?

HMRC manage two in the extract from their press release quoted above, "We collect the money that pays for the UKs public services ...":
  • Every employer in the country collects PAYE and National Insurance Contributions (Social Security) for HMRC. Every VAT-registered business in the country collects VAT for HMRC. Etc ...
  • The money doesn't pay for public services. That's the whole point. We're running an annual £100 billion or so budget deficit which continues to inflate the £50 billion or so annual interest we're spending on our £1,500 billion or so national debt.
HMRC's tax collection work depends on their £800 million p.a. ASPIRE contract with Capgemini and Fujitsu. The digital team don't mention ASPIRE in their strategy document. Does the team propose to supplant Capgemini and Fujitsu?

If not, what's the point of the team?

But if they do see themselves taking over, then how? With assistance from GDS? What assistance from GDS? HMRC and ASPIRE together have a long record of successfully operating digital transactions by the million. GDS don't.

Did the villein plight his troth to the wrong Liege? Lord GDS when he should really have chosen Lord HMRC?

----------

Updated 8.10.14

How digital is central government in the UK?

We don't know.

But there is some indication, or some sort of a stab at the answer, available on the award-winning GOV.UK's Transactions Explorer:


GDS's graphic above is derived from the following table of GDS's figures:








91.90%
£528m
77.30%
1,233,662,926
72.08%
57.40%
£268m
73.60%
130,337,698
7.62%
4.83%
£1.43bn
76.20%
126,270,677
7.38%
17.20%
£3.77bn
95.80%
107,781,180
6.30%
82.40%
£242m
54%
40,513,661
2.37%
40.80%
£308m
61.90%
33,647,220
1.97%
86.60%
£101m
76.20%
22,580,710
1.32%
21.40%
£5.02m
52.40%
8,508,685
0.50%
100%
£32.1k
100%
4,870,984
0.28%



1,331,834
0.08%



549,065
0.03%



515,756
0.03%



477,707
0.03%



245,144
0.01%



65,658
0.00%



33,589
0.00%



21,001
0.00%










1,711,413,495
100.00%

HMRC are party to 72% of all the UK central government transactions GDS have chosen for their universe. No other department reaches even 10% of this volume. The Cabinet Office, for example, home to GDS, accounts for only 0,28%.

HMRC have achieved 92% digital take-up. Weighted by volume of transactions, digital take-up in every other department is tiny.

Null hypothesis: "Digital services in UK central government" means HMRC services.

HMRC have achieved that position starting before GDS was created in 2011 and without GDS's assistance since then. If anything, it is HMRC who have lessons to teach GDS, and not the other way around.

We still don't know how digital central government is in the UK. But we do know who to ask how to achieve digital transformation.

Updated 9.10.14

"Digital services in UK central government" means HMRC services

As if to prove it, here's the lead story in today's Telegraph:
Five million UK workers face uncertainty after tax bills wrongly calculated twice in HMRC blunder

Uncertainty for millions as a leaked email shows the taxman made miscalculations in many 'final' bills for last year

More than five million British workers face uncertainty after leaked emails revealed that their tax bills for last year may have been wrongly calculated.

HM Revenue and Customs has privately admitted that those who underpaid or overpaid income tax last year may still have paid the wrong amount.

Most have already been sent new tax demands or sent repayments – but now face the prospect of having their bills recalculated once again. HMRC has stopped sending repayments until the crisis is resolved.

Accountants expressed disbelief ...

HMRC said tens of thousands would ultimately be affected but admitted it currently had no idea about the scale of problem.

HMRC digital team plights troth to wrong Liege

Monday 29 September 2014, the week was launched with these rousing words:
I’m Mark Dearnley, HMRC’s Chief Digital and Information Officer. Today we have published HMRC’s Digital Strategy.
 Be still my beating heart, the strategy is no less than to ..
... give all of our customers – individuals, business and agents – their own online tax account ...
Christmas has come early. Not only are we all to get our own on-line tax account but our most Estonian dreams have at last come true – HMRC (Her Majesty's Revenue and Customs) want Martha-now-Lady Lane Fox's digital-by-default to be realised here on earth. They want ...
... the vast majority to deal with us through modern digital services that we’ll offer.
-----  o  O  o  -----

Wednesday 17 September 2014

RIP IDA – notes to editors

... the unveiling
does not coincide
with the availability of the service ...

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------


1. All the rest of you editors have been scooped by Bryan Glick, the esteemed editor of Computer Weekly, who published GDS unveils 'Gov.UK Verify' public services identity assurance scheme yesterday:
The Verify brand will be unveiled tomorrow (Wednesday 17 September 2014) as the public-facing name for the Identity Assurance Programme (IDAP), which the Government Digital Service (GDS) has been working on for the past three years.
You didn't know it was happening today (17.9.14), did you. And you didn't know that IDA had become Verify.

What's more:
In an exclusive interview, Government Digital Service (GDS) executive director Mike Bracken told Computer Weekly that three departments – including HM Revenue & Customs and the DVLA – are close to launching services using Gov.UK Verify ...
While you're still trying to catch up on whether IDAP is IDA and IDA is Verify, Mr Glick is going to be getting the goods straight from the horse's mouth. Why Mr Glick? Why him, and not you? Why not the Guardian or the BBC?

2. Of course, the claim that HMRC and DVLA and a third mystery department will be using IDAP IDA Verify isn't exclusively exclusive.

Not if you've read GDS's 2014-15 Business Plan, where they told us on 4 July 2014 that (p.33):
  • DVLA would start using Verify IDA by the end of June 2014,
  • the Rural Payments Agency and the Ministry of Justice by the end of September 2014,
  • HM Passport Office and DWP by the end of December 2014, and
  • HMRC by the end of March 2015.
3. So take heart. And start asking questions.

Who's in charge of IDA? You know the answer to that because Computer Weekly told you back in February 2012:
Bracken is now the senior responsible owner for IDA. “It’s something that I put my hand up for because it’s so important. Unless we have better and wider used security protocols, it will be hard to identify users, allow transactions and link up services ...”
When was IDA meant to go live? You know the answer to that because Computer Weekly told you three years ago, back in September 2011:
A prototype for IDA will be completed by the end of the year [2011]. The first services will be developed and tested by February 2012, with IDA due to be rolled out for initial public services by autumn 2012.
That didn't happen, of course, but then you were told that IDA would be "fully operational" for DWP's 21 million claimants in March 2013.

That didn't happen, of course, but then you were told in HMRC's December 2012 digital strategy that ...
A pilot IDA service, using point in time verification (a necessary part of the PAYE online exemplar) to make things simple and easy for one-off transactions will be used in October 2013 ...
... and that didn't happen either.

Then GDS unloaded a digital system on us for applications to register to vote. Quite important in a democracy, the system lacks any identity assurance worthy of the name.

Next question, therefore, why should you believe GDS this time?

4. Mr Glick says that "the Verify brand will be unveiled tomorrow (Wednesday 17 September 2014)". He also says, in fluent Mandarin, that:
... the unveiling does not coincide with the availability of the service ...
There are at least seven veils in this dance and what you're seeing today is just a tease. The service isn't being unveiled at all. It still isn't available.

Why go through this exercise, you may care to ask? Is it to disguise the fact that IDA is once again behind schedule? Is it to make it look as though something is happening even if it isn't? Is it to try to retain the confidence of the new subscribers GDS are trying to sign up with the help of OIX (who?) and KPMG?

5. Precisely what is it that is not being unveiled today?

According to Mr Glick, channelling GDS:
GDS's Verify system will make it possible for citizens to prove who they are online to safely and securely access digital public services.
Safely? Securely?

The media are full of stories of hacking and fraud and theft on the web. No-one is immune.

As one cyber security expert put it, "When it comes to cyber security QinetiQ couldn’t grab their ass with both hands" – and QinetiQ is one of our top defence sector cyber security companies.

On 5 September 2012, the Foreign Office, the Department for Business Innovation and Skills and the Cabinet Office got the Director of GCHQ to address the massed ranks of FTSE 100 chairmen and chief executives, Business leaders urged to step up response to cyber threats. To summarise, what GCHQ said was, cyber security, you're no good at it.

If these people can't do safe and secure websites, who can? GDS? Who says?

6. Take another look at that last quotation of Mr Glick's:
GDS's Verify system will make it possible for citizens to prove who they are online to safely and securely access digital public services.
IDA will allow you to "prove who you are"? This is an ID scheme. As the name would suggest. Like the atrocious ID cards scheme that the Home Office couldn't get off the ground despite eight years (2002-10) of top-level political support, an unlimited budget and the best consultants money can buy.

Is GDS's parent, the Cabinet Office, heading for that same veil vale of tears as the Home Office?

No, you will be told, this is quite different:
Gov.UK Verify is designed to overcome concerns about government setting up a central database of citizens’ identities to enable access to online public services – similar criticism led to the demise of the hugely unpopular identity card scheme set up under the Labour government.
How?
Instead, users will register their details with one of several independent identity assurance providers – certified companies which will establish and verify a user’s identity outside government systems.
These companies are the IDPs – the "identity providers" – Digidentity (who?), Experian, Mydex (who?), the Post Office and Verizon.

How "independent" are they?

Go back to the GDS business plan (p.32):
Cabinet Office is the sole government authority for identity assurance services. Centralised contracts are developed and paid for by the programme.
Who is paying the IDPs? GDS. And no-one else. Who are they under contract to? GDS. And no-one else. In what sense are they independent?

And in what sense are they "certified"?

GDS have told you in the past that IDPs must be certified by tScheme (who?), Delivering Identity Assurance: You must be certified. And are they? Experian is. None of the others. You can check for yourself on the tScheme website.

7. What's more, Experian are waiting for the US courts to sentence Mr Hieu Minh Ngo, an ID fraudster who stole the data he needed from ... Experian. The court is due to sit some time this month and the US Senate is ready to pounce then on the whole "ID broker" sector. Senator Rockefeller in particular doesn't seem to trust ID brokers like Experian.

What's even more, Verizon have now been banned from any German government contracts, see Computer Weekly's German government terminates Verizon contract over NSA snooping fears. If they're not good enough for Germany, how can they be good enough for the UK?

When Mr Glick tells us that ...
Government digital chiefs hope Gov.UK Verify will become a well-recognised and trusted brand as public services increasingly move to the digital-by-default model ...
... you may care to ask, why? Why do government digital chiefs hope that IDA will be trusted?

8. There could be a major PR blitz today to launch the non-unveiling of IDA. Francis Maude may say a word or two. Interviews on Radio 4's World at One. Swooning coverage in the Guardian. Some of the more biddable think tanks. Log-rolling by US journalists, recommending that the White House should emulate GDS. You'll probably find that IDA/Verify has already won an award of some sort. That kind of thing.

One last question before you fall prey to the Folies Bergère razzmatazz.

These IDPs. They're meant to be able to confirm that you are you. How do they do that?

By checking with your bank.

Do you remember authorising your bank to confirm your details when asked by any old IDP, many of whom you've never heard of? No? How does that work?

9. The questions go on:
  • Ask GDS about the ID hub they've built. See what you get.
  • Why did the executive director of GDS give the Americans the impression last year that IDA is already up and running for 45 million users?
  • What happened in Warwickshire?
  • Are GDS interested in security or is convenience a greater priority?
  • Is the concept of a trust framework shot?
  • Is IDA agile?
  • Who is Sylvia?
  • ...
But you can take it from here.

----------

Updated 20.9.14

16 September 2014 – Computer Weekly tells us that the Government Digital Service (GDS) will "unveil" a new service called "GOV.UK Verify" the next day, and that that's got something to do with identity assurance and using public services.

Next day, 17 September 2014 – nothing is unveiled. OK, there's a guidance note published on GOV.UK, Introducing GOV.UK Verify. And a post appears on the IDA blog, GOV.UK Verify. But that's it. There's no demonstration of the system. None of the questions above are answered. This is not an unveiling in any normal sense of the word.

18 September 2014 – nothing is unveiled GOV.UK Verifywise.

19 September 2014 – the promised Computer Weekly interview is finally published, Government digital chief Mike Bracken on the next five years – there is one mention of GOV.UK Verify but otherwise all we learn is that everything would be different if only the world was different. No unveiling there.

And, hat tip Mrs DMossEsq, there's a two minute and 52 second item on BBC Radio 4's You and Yours programme (25'50"-28'42") about identity assurance. There is no mention of GOV.UK Verify by name.

But Peter White, the presenter, does manage in that time to make the link with the hated and abandoned ID cards scheme, he asks whether we should be worried about the banks and "identity providers" bandying our data around, he asks what happens to the 17% of people who can't or won't use the web and he elicits the tentative suggestion that it will be about a year before the system is available to the public.

Prospective investors in IDA or GOV.UK Verify or whatever it's called behind the veil of appearance will note the clumsiness of this non-unveiling and ask themselves what went wrong. Why bother to announce an unveiling and then not unveil?

No idea.

Experian and Verizon are on the hook. Prospective investors invited to become "identity providers" like Experian and Verizon might be wise to leave them dangling there and to see what happens, before signing any contracts and leaving their brands exposed, at the mercy of the GDS public relations unveiling team.

from Introducing GOV.UK Verify, © Crown copyright
What happened to the other three "identity providers"?
The Post Office and Digidentity and Mydex?
Where are they?

Updated 23.9.14

It may seem as though last week's unveiling of IDA/Verify was not an unveiling at all, in that no-one saw it.

Not quite true. One person did. IDA/Verify was unveiled to the estimable Rory Cellan-Jones, the BBC's Technology Correspondent, please see Cracking the problem of online identification – hat tip @CyberSecKent:
As the system is gradually rolled out across various public services, there are bound to be stories of angry users unable to make it work. There will also be plenty of questions of trust - do we really want a credit agency or a bank intervening in our relationship with the government?
Mr Cellan-Jones is not an "angry user unable to make [IDA/Verify] work". He is a resigned user who has seen it all before and who can't make it work. For him, IDA/Verify didn't work. Not with Verizon. And not with Experian. Neither of them. He has not been able to acquire an on-line ID. The problem remains uncracked.

If and when GDS/Experian/Verizon manage to make IDA/Verify work for Mr Cellan-Jones, then there remain the unanswered questions he raises about trust.

It's early days. Very early days. But IDA/Verify is off to a wretched start. Or as DMossesq readers will recognise, a long death. RIP.

Updated 26.9.14

Is there any hope for IDA/Verify?

Yes.

DVLA say so.

That's the Driver and Vehicle Licensing Agency and in today's blog post, View Driving Licence – access and services for third parties, they say:
GOV.UK Verify

Over the coming months, driving licence holders who use VDL to access their driver details will do so via the new GOV.UK Verify service. GOV.UK Verify is the new way for people to prove who they are when using digital services. The service will authenticate users based on a number of identity questions and allow them to set up a unique account so they can access other government services. In time GOV.UK Verify will become the only way to access VDL.
VDL is DVLA's View Driving Licence service (previously VDR/View Driving Record).

Are they right? Do they know what they're talking about?

We must assume that the answer in each case is Yes. DVLA's chief executive, Oliver Morley, attended an event called "SPRINT BETA" the other day and according to him transparency is the bedrock of change:


Updated 28.9.14

Who said:
The GOV.UK Verify platform provides people with a way to prove who they are online, so they can use Government services safely.
It's an assertoric statement in the present tense. It implies that GOV.UK Verify exists and is available today and allows anyone to prove who they are and allows them to use public services safely.

GOV.UK Verify does not exist today. It does not allow anyone to prove who they are. It does not allow anyone to use public services. And it is only safe in that sense – in the sense that it can't harm you because it doesn't exist.

Only Sir Jeremy Heywood, Cabinet Secretary and Head of the Civil Service, that's who, writing two days ago on Friday 26 September 2014, please see More than just websites.

Why did he write that? It's not true.

RIP IDA – notes to editors

... the unveiling
does not coincide
with the availability of the service ...

No need to say it, it goes without saying, it should be obvious to all but, just in case it isn't obvious to all, IDA is dead.

IDA is the Cabinet Office Identity Assurance programme. And it's dead.

----------


1. All the rest of you editors have been scooped by Bryan Glick, the esteemed editor of Computer Weekly, who published GDS unveils 'Gov.UK Verify' public services identity assurance scheme yesterday:
The Verify brand will be unveiled tomorrow (Wednesday 17 September 2014) as the public-facing name for the Identity Assurance Programme (IDAP), which the Government Digital Service (GDS) has been working on for the past three years.
You didn't know it was happening today (17.9.14), did you. And you didn't know that IDA had become Verify.