Monday, 15 June 2015

RIP IDA – “It’s not our IT system; it’s the Cabinet Office’s”

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

Her Majesty's Revenue and Customs (HMRC) offer their parishioners several digital public services, among others Tax credit renewals and Transferable tax allowance. People are having problems using these digital services because they can't get past GOV.UK Verify (RIP).

Public services are services which the public are entitled to. GOV.UK Verify (RIP) is denying the public their rights.

Sunday, 14 June 2015

RIP IDA – security through the looking-glass

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

It's been a torrid week for computer security. Worldwide:
  • Over there in the US "the Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and US government employee records ...", the Guardian newspaper told us, "Government officials familiar with the situation told the Associated Press the hack occurred at the Office of Personnel Management (OPM) and the Interior Department, and could potentially affect four million people at every federal agency".
  • "Although reports are conflicting about how the OPM discovered the breach, it took investigators four months to uncover it", Wired magazine tells us, "which means the EINSTEIN system failed" – EINSTEIN is the US government's anti-hacking/hack detection system. Or not.
  • Dossiers on US spies, military snatched in 'SECOND govt data leak', says ElReg and everyone else, "China said to have stolen detailed info on employees in sensitive federal positions".
  • Meantime in Germany, "two weeks on from the revelations of a serious cyber attack on the German Bundestag, insiders have told The Register that the tech department is 'clueless' about what is going on ... On Friday it emerged that data had almost certainly been stolen ... As yet techies inside the Bundestag don’t know who is behind the attack – or even when it started ... The Trojan malware which penetrated the entire Bundestag network, including MPs' computers, could have been sitting on computers for months or even years".
But then it always is. A torrid week. For computer security. Every week.

Saturday, 13 June 2015

RIP IDA – Whitehall and eternity

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

Here's a selection of Government Digital Service (GDS) posts and a film published in the week leading up to purdah:

24-03-2015
Janet Hughes
25-03-2015
Chris Mitchell
25-03-2015
Janet Hughes
25-03-2015
Janet Hughes
26-03-2015
Janet Hughes and Stephen Dunn
26-03-2015
Mike Bracken
27-03-2015
David Rennie
27-03-2015
Mike Bracken
27-03-2015
Mike Beavan
28-03-2015
Mike Bracken
28-03-2015
Mike Bracken
29-03-2015
Mike Bracken
29-03-2015
Liam Maxwell
30-03-2015
Martha Lane Fox

Let's take a look at David Rennie's 27 March 2015 offering, Working with the private sector to verify identity. It won't take long.

Friday, 12 June 2015

RIP IDA – Walter Mitty and the machinery of government

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

GOV.UK is the award-winning on-line face of government in the UK and, as Public Servant of the Year ex-Guardian man Mike Bracken CBE CDO CDO told us back in October 2012, "GOV.UK is not Government on the Internet, but of the Internet".

What does that mean?

It's all something to do with riots. That's what he told the Code for America Summit a year later in October 2013. GOV.UK is the only defence against a recurrence of riots in the streets of the UK.

And it's all something to do with what Tim O'Reilly has called "Government as a Platform" (GaaP).

Some academics disagree. Professor Mike Martin of Newcastle University Business School for example. He points out that GOV.UK is a website, and not a government. Mark Thompson on the other hand, a lecturer at the University of Cambridge's Judge Business School, reckons that if only we plot certainty against ubiquity, GaaP will come to power.

Whichever, Mr Bracken is in no doubt about the general election we have just enjoyed here in the UK: "It was great to see GOV.UK handle the change of government so smoothly".

RIP IDA – tax credits: another nail in the digital-by-default coffin

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

"If there's a tricky job facing the Government Digital Service (GDS), or indeed an impossible job", we were saying on 19 April 2015 and 20 April 2015, "what do they do? Call for Janet Hughes".

GDS have had to call for her again, please see Basic identity accounts trial.

Her Majesty's Revenue and Customs (HMRC) have been lured into using GOV.UK Verify (RIP) to make sure they know who they're dealing with on-line. The problem is that GOV.UK Verify (RIP) doesn't work.

Ms Hughes takes as her example HMRC's on-line Tax credit renewals service. Who is that on the other end of the line? HMRC need to know. They can't hand out money to just anyone. "... even when the service is live, there will be some people whose identity it’s not possible to verify entirely digitally", Ms Hughes tells us, "for example, it will always be difficult to verify the identity of someone who has no evidence (like a passport, driving licence, bank account) that it’s really them and not someone pretending to be them".

That's the problem.

And the proposed solution?

Friday, 5 June 2015

RIP IDA – GOV.UK Verify (RIP), a brief history of progress

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

Four times the Government Digital Service (GDS) have published a post with the same title, The next 6 months: services that plan to start using GOV.UK Verify (RIP), on 29 October 2014, 5 January 2015, 20 February 2015 and 14 May 2015.

The four progress reports have been consolidated in the big table below, also available more legibly in a Microsoft Excel workbook, and summarised here:

Department
No. services
Max no. 2015 service-users
Max no. 2015 service-users%
BIS / Insolvency Service
1
15,000
0.41%
Defra
1
100,000
2.73%
DfT / DVLA
1
125,000
3.42%
DWP
2
999
0.03%
HMRC
12
3,414,999
93.41%
17
3,655,998
100%

Why are there no 2015 plans to add GOV.UK Verify (RIP) identity assurance to GDS's electoral registration application? Why aren't GDS working with the Foreign Office? Or the Home Office? Or the Ministry of Defence? Or the Department of Health or the Department for Education?

Saturday, 30 May 2015

RIP IDA – nil by mouth

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
And it's dead.

Last heard, 26 March 2015, GOV.UK Verify (RIP) was in maudlin mood, brooding about the meaning of life and the objectives for its vanishing future.

Speaking through its faithful assistants Janet Hughes and Stephen Dunn from its deathbed in the Kingsway hospice destined to be its final resting place, GOV.UK Verify (RIP) expatiated ungrammatically on its Objectives for live and "what ‘live’ means" for it as the end approaches. Ominously, there hasn't been a word from GOV.UK Verify (RIP) in the five weeks since.

It's what they don't say that counts, please see RIP IDA – what they omitted from the obituary. GOV.UK Verify (RIP) has now hobbled from having only three "identity providers" to four, but they didn't tell us that. As their energy seeps away, the only reason we know is that Neil Merrett (read him early, read him often) kindly told us on 14 May 2015 in Verizon joins GOV.UK Verify accredited suppliers list.

Maybe they just didn't have the heart. Following the story two days earlier, Sprint and Verizon to pay $158 MILLION over bogus 'cramming' fees, how were GOV.UK Verify (RIP) supposed to convince the British public that the unsavoury Verizon is an ornament to the Constitution and a safe repository for our personal information?

Thursday, 21 May 2015

GaaP – 1½ million useless public servants out the door and 35 billion quid off the deficit. What's not to like?

Promising clusters

GaaP. Government as a platform. There's a lot of chatter about it at the moment, it's got something to do with the future of public services in the UK, but what is GaaP? And why is anyone interested?

Where to start ...

... Tim O'Reilly? No.

... Public Servant of the Year ex-Guardian man Mike Bracken CBE CDO CDO, executive director of the Government Digital Service (GDS) and senior responsible owner of GOV.UK Verify (RIP)? No.

... Simon Wardley.

You get your money's worth with Mr Wardley. He's a trouper. DMossEsq has a nascent, muscular relationship with him ...


Sunday, 17 May 2015

Hanzoni – Whitehall controversy

Civil Service World magazine: John Manzoni: New Cabinet Office minister wants "collaborative" relationship with Whitehall.

John Manzoni took over from Sir Bob Kerslake last year as chief executive of the UK civil service. Following the general election 10 days ago, Matt Hancock takes over from Francis "JFDI" Maude as Cabinet Office minister. Mr Manzoni wants everyone to know that Mr Hancock wants Whitehall departments to collaborate.

Hardly controversial. Mr Manzoni is unlikely to have reported that Mr Hancock wants to see all-out war between Whitehall departments and the Devil take the hindmost:
The new minister for the Cabinet Office wants to see a more "collaborative" relationship between departments and the centre of government, the chief executive of the civil service has said, as he signalled the end of the "Francis Maude era".
Computer Weekly magazine: What does the end of the "Francis Maude era" mean for GDS?:
This surely increases the likelihood of the Government Digital Service (GDS) being slimmed down and much of its delivery responsibilities handed back to departments. I'd suggest this was always the eventual plan - GDS looks after strategy, departments look after delivery, and outsourcers are brought in once a service or system is into the support and maintenance phase.
GDS should look after strategy? It's up to the departments to deliver? And outsourcers should be in charge of maintenance and support?

Again – hardly controversial. Most people will regard these suggestions as anodyne and barely worth reporting. How else, most people may ask themselves, could the world be arranged?

Thursday, 7 May 2015

The next phase of digital transformation could be Dutch

Here's a selection of Government Digital Service (GDS) posts and a film in the week leading up to purdah:

24-03-2015
Janet Hughes
25-03-2015
Chris Mitchell
25-03-2015
Janet Hughes
25-03-2015
Janet Hughes
26-03-2015
Janet Hughes and Stephen Dunn
26-03-2015
Mike Bracken
27-03-2015
David Rennie
27-03-2015
Mike Bracken
27-03-2015
Mike Beavan
28-03-2015
Mike Bracken
28-03-2015
Mike Bracken
29-03-2015
Mike Bracken
29-03-2015
Liam Maxwell
30-03-2015
Martha Lane Fox

Let's take a look at Public Servant of the Year ex-Guardian man Mike Bracken CBE CDO CDO's 29 March 2015 offering, Government as a Platform: the next phase of digital transformation.