DMossEsq

Saturday 9 July 2016

RIP IDA – openness closes as Verizon bolts again and penetration becomes a mystery

No need to say it, it goes without saying, it should be obvious to all but,

just in case it isn't obvious to all,

IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",

is the Cabinet Office Identity Assurance programme.

And it's dead.

"If Verify is the answer, what was the question?"

The Government Digital Service (GDS) continue to promote GOV.UK Verify (RIP) to central government departments, local government and the private sector.

GOV.UK Verify (RIP) has its own dashboard on the GOV.UK performance platform. Yesterday, GDS published a blog post, Improving our reporting, announcing certain changes to the dashboard.

Openness
The GOV.UK Verify (RIP) dashboard has always listed the "identity providers" contracted to GDS. In the name of "improving our reporting", that list has been dropped. Its omission is not mentioned in the Things we’ve removed section of yesterday's blog post.

Why not?

Possibly because GDS have lost one of their "identity providers". Verizon have gone missing again. If you tried to create a GOV.UK Verify (RIP) account for yourself at 00:30 this morning you were advised by GDS that "3 companies can verify you now" – digidentity, Experian and the Post Office. You were also advised that "we’ve filtered out 4 companies, as they’re unlikely to be able to verify you" – Barclays, CitizenSafe, the Royal Mail and SecureIdentity.

What confidence can central and local government and the private sector have in GOV.UK Verify (RIP) when GDS themselves tell applicants that only three of their "identity providers" work? And when GDS fail to make an announcement that one of their "identity providers" has gone missing.

Penetration
GDS have always maintained that their objective is for GOV.UK Verify (RIP) to be capable of registering at least 90% of the population. That was one of their conditions for declaring GOV.UK Verify (RIP) to be "live".

The goalposts were moved in May 2016 when GOV.UK Verify (RIP) was declared "live" even though the account creation success rate still languished 20% adrift on about 70%.

The goalposts have now been entirely removed – "We’ve taken 3 measures off the service dashboard: ‘Authentication success rate’; ‘Account creation’; and ‘User sign in’ ... None of these measures tell us or the user much about how well GOV.UK Verify [RIP] is performing ...".

Central government, local government and the private sector may disagree. GDS were right the first time. The account creation success rate is an important indicator. It told everyone a lot about "how well GOV.UK Verify [RIP] is performing" and its omission from the dashboard now, far from improving GDS's reporting, is a serious warning.

RIP IDA – openness closes as Verizon bolts again and penetration becomes a mystery

No need to say it, it goes without saying, it should be obvious to all but,

just in case it isn't obvious to all,

IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",

is the Cabinet Office Identity Assurance programme.

And it's dead.

"If Verify is the answer, what was the question?"

more ►

Wednesday 6 July 2016

Old local authority briefing reviewed on the Antiques Roadshow*

"New Socitm, ADASS and LGA briefing sets out challenges in implementing ID assurance methods that can limit information loss and identify fraud", says the Government Computing website in an article published yesterday, 5 July 2016, Social care providers called on to set out online identity strategies.

Socitm is the pre-eminent society for IT practitioners in the UK public sector and they issued a press release on 4 July 2016, Social care leaders urged to consider options for managing identity and authentication online for service users and providers.

That press release refers to a briefing they have prepared on identity and authentication which includes several questionable claims. Among others (p.7):

"The UK Government has adopted GOV.UK Verify [RIP] for central government service providers such as HM Revenue & Customs (HMRC) and, of particular interest for local public services, the Department for Work and Pensions (DWP)." – neither HMRC nor DWP is relying on GOV.UK Verify (RIP), and neither are the NHS nor the nation's payments industry.
"GOV.UK Verify [RIP] ... uses a range of identity providers ... to check that users are who they say they are. Currently, four companies are connected: Digidentity, Experian, Post Office and Verizon. It is planned that they will be joined by five more (Barclays, Paypal, Morpho, Royal Mail and GB Group) before GOV.UK Verify goes live in April 2016." – Paypal have pulled out, GOV.UK Verify (RIP) was declared live in May 2016, the Post Office, Morpho and the Royal Mail have yet to be certified trustworthy by tScheme.
"The infrastructure of GOV.UK Verify [RIP] is built to meet the privacy principles developed by PCAG and will ensure a greater degree of privacy than is likely through a locally developed solution." – GOV.UK Verify (RIP) doesn't abide by a single one of PCAG's identity assurance principles and accountholders find their personal information sprayed all over the world beyond their control.
"At the current time, GOV.UK Verify [RIP] is in public beta for the following seven services ... A further 30 government services are planned to be implemented by April 2016." – in the event, GDS claim that there are just nine government services using GOV.UK Verify (RIP) today, not 37.
"And it’s fast: it takes about 15 minutes the first time you verify your identity, and less than a minute each time after that." – the first time you verify your identity is what we would normally call "registration", it's not a race, it's hard and unwise to evaluate the terms and conditions of business of eight "identity providers" before registering in 15 minutes flat.
...

The Socitm/ADASS/LGA briefing mentions the level of assurance that can be achieved on-line as to whether someone is who they say they are (p.4). The US National Institute of Standards and Technology say that GOV.UK Verify (RIP) only achieves Level 1, which is no good to a local authority trying to decide whether to pay for someone's social care.

The briefing also mentions attribute exchange (p.5) and calls yet again on the Warwickshire County Council attempt to automate applications for Blue Badges. Three years ago Ian Litton's prototype was just a prototype and three years later it's still just a prototype. There's a warning there for local authorities.

The briefing was published in December 2015, six months ago. It had faults then and it's got more now. Issuing a press release the day before yesterday suggesting that the briefing is up to date could cause confusion – local authorities, beware.

----------

* In case you don't know, the Antiques Roadshow is a BBC TV programme in which members of the public bring along an ancient artefact to a swanky venue and experts decide whether it's unexpectedly valuable or just yet another old mass produced identity and authentication briefing.

Old local authority briefing reviewed on the Antiques Roadshow*

more ►

Monday 4 July 2016

The copulation of propositions (iterating in public)

David Hume, A Treatise of Human Nature (1739):

In every system of morality, which I have hitherto met with, I have always remarked, that the author proceeds for some time in the ordinary ways of reasoning, and establishes the being of a God, or makes observations concerning human affairs; when all of a sudden I am surprised to find, that instead of the usual copulations of propositions, is, and is not, I meet with no proposition that is not connected with an ought, or an ought not. This change is imperceptible; but is however, of the last consequence. For as this ought, or ought not, expresses some new relation or affirmation, 'tis necessary that it should be observed and explained; and at the same time that a reason should be given, for what seems altogether inconceivable, how this new relation can be a deduction from others, which are entirely different from it ...

The Government Digital Service (GDS) have several times recently served up a gem of an example of Hume's is-ought problem, most recently in What GDS is for:

By 2030, policy making will be service design. Ideas and implementation will be so closely tied, you won’t be able to have one without the other. Thinking in code, iterating in public - these will be the norm.

Policy making will be minimally designed and built as a framework which allows flexibility and feedback, not as a conclusion.

The way that the law is made will have changed ...

GDS may believe that the way UK law is made ought to change. They are in no position to say that it will change. There is no discernible popular outcry demanding that the law should in future be made by GDS manipulating data. Where did GDS get the laughable idea that anyone would ask them about legislation or policy-making?

They made the same suggestion in What government might look like in 2030. But that's just not what GDS is for. They seem to have convinced the Cabinet Office Minister. That's a worry. They should all go out for a walk and get some fresh air.

According to What GDS is for:

Lots of the government services we have today evolved over a very long time. The service itself - the thing that the user experiences - cuts across organisational boundaries. Boundaries that users don’t care about, and shouldn’t be expected to understand.

For example: think about how benefits are divided between DWP and HMRC. Or how offenders and other people dealing with the criminal justice system have to be in touch with the police and the courts, prisons and probation staff. Or how complicated it is to start a business, because you have to get in touch with BIS, HMRC and Companies House, at least ...

Who says that users don't care or that it's expecting too much of them to understand? GDS.

What is the alternative for offenders to being in touch with several different services? GDS don't say.

What they do say is that you can't start a business without contacting BIS, the Department for Business Innovation and Skills. And there, they're just wrong. They've obviously never started a business, they're guessing and, bad luck, they've guessed wrong.

Communicating via walls – and tea towels – is no substitute for experience. Neither is calling in the consultants which is what GDS appear to have done. Because here they are again promoting Simon Wardley and Mark Thompson's natty pictures of value chains with their ubiquity and certainty:

"This diagram is my attempt to explain that a bit",
says Stephen Foreshew-Cain, once a consultant
and now the executive director of GDS

GDS have been trying to explain "where they're at and where they're going" for some months now. It's obviously difficult. We still don't know what GDS is for. And quite clearly neither do they. They ought to but they don't.

The copulation of propositions (iterating in public)

David Hume, A Treatise of Human Nature (1739):

In every system of morality, which I have hitherto met with, I have always remarked, that the author proceeds for some time in the ordinary ways of reasoning, and establishes the being of a God, or makes observations concerning human affairs; when all of a sudden I am surprised to find, that instead of the usual copulations of propositions, is, and is not, I meet with no proposition that is not connected with an ought, or an ought not. This change is imperceptible; but is however, of the last consequence. For as this ought, or ought not, expresses some new relation or affirmation, 'tis necessary that it should be observed and explained; and at the same time that a reason should be given, for what seems altogether inconceivable, how this new relation can be a deduction from others, which are entirely different from it ...

more ►

Wednesday 29 June 2016

Communicating via the walls

Good culture evolves from the bottom up, Stephen Foreshew-Cain told us the other day. So does bad culture. And culture can be influenced from the top, for good or ill.

Mr Foreshew-Cain is the executive director of the Government Digital Service (GDS), where "we don’t always get it right, but one thing we’ve found that does work is communicating via the walls", he says. "Communicating via the walls" means pinning posters up, reminding the staff to be bold, for example.

There always has been a thriving industry in motivational tea towels. But that's not GDS's raison d'être. They're meant to be there in Whitehall to accomplish the digital transformation of government.

That's not about computers, Mr Foreshew-Cain says. What is it about then?

In a nutshell, "digital means applying the culture, practices, processes and technologies of the internet era to respond to people’s raised expectations".

That definition of "digital" comes from Tom Loosemore, deputy director at GDS until his internet "jibba jabba" caused him to be ejected last September. The internet, or at least the web, has been used to distribute pornography in industrial quantities. Presumably that isn't the culture Messrs Foreshew-Cain and Loosemore want to emulate but nothing in their definition of "digital" prevents that interpretation – "the digital transformation of government" means making pornography easily available to everyone everywhere?

Mr Loosemore doesn't advocate pornography. He's far more interested in the government compiling a single source of truth, registers of everyone's personal information, a pre-internet delusion suffered most notably by the Stasi.

Disappointingly, Mr Foreshew-Cain just seems to advocate whatever Mr Loosemore advocates. Him and Mike Bracken and Martha-now-Lady Lane Fox.

Even more disappointingly, so does the editor of Computer Weekly magazine, please see After Brexit, we have a legacy government - so let's build a new one based on digital technology: "let’s approach the post-Brexit government IT world like a tech startup wherever possible. Eliminate silos from day one. Integrate systems and processes under a common digital architecture. Start from citizens’ needs, not the needs of the Whitehall machine. Build a common data platform and make that data open. Develop a government ecosystem built on open standards and APIs ...".

Most disappointing is the case of Richard Heaton, permanent secretary at the Ministry of Justice, who has just published 5 ways we are putting data in the driving seat: "Comparing individual data against population data will help managers predict and prevent patterns of infection in hospitals, or incidents of violence or self-harm in prisons. You will all be able to think of similar examples ... Could we go further, and replace human decisions about people’s lives with machine learning and predictive analysis?".

The funny thing is that GDS aren't actually all that good at digital. Their batch application system for voter registration fell over when too many people tried to use it. Ditto their petitions system. Their payments system for farmers had to be abandoned. And so it goes, on. Quite why Whitehall would listen to GDS's walls or read their tea towels is not clear. Nor is it clear what GDS have to offer local government.

Unlike the rest of Whitehall and unlike our local authorities in the UK, GDS aren't steeped in the business of government. Their chosen special subject is front ends. They're interested in the user interface between people and websites. That's all.

And that's a problem ...

... a problem laid bare in Digital Government: overcoming the systemic failure of transformation (hat tip: David Chassels), a paper written by two academics at Brunel, Paul Waller and Professor Vishanth Weerakkody (pp.7-8):

We argue that there are (at least) three delusions associated with this approach to deploying digital technology in government and public administration. These delusions are that:
it is about slashing administrative costs: in fact it raises needs for resources for development, maintenance, security, cyber-defence, dealing with scam imitations (UK HM Revenue and Customs acted to shut down 1,740 illegal sites in 2013), extension/redesign to meet new channels e.g. mobile platforms, and complete redevelopment every 5-10 years,
everything has to be user-focused: but not much of a government or public administrative function directly involves citizens so a focus on the interface misses the point about “transforming government processes”,
technology can “rationalise” government and public administration: but both are rooted in nations’ constitutions, in policy and in law, and are in constant flux.

Messrs Waller and Weerakkody are adamant. The nature of public services has been misunderstood by the internet jibba jabberers. Government departments are not commercial firms. Social and political science is "a strange land for many e-government academics". Government is different (p.22):

Always, the next technological fashion — be that big data analytics, algorithmic regulation, platform government, co-creation or whatever — must be critically assessed against the distinct context of politics and government.

It's quite hard work reading the Waller and Weerakkody paper. But useful.

Easier to read one of GDS's tea towels. But why bother?

----------

Updated 30.6.16

The DMossEsq blog uses Google's Blogger platform on which, when someone kindly submits a comment, a copy is emailed to DMossEsq and the comment is displayed on the blog ...

... unless it's too long, in which case it isn't displayed ...

... as happened this morning – David Chassels submitted the following comment at 11:27 a.m. today, 30 June 2016 [24.11.166: Google updated Blogger the other day. Longer comments are now supported and Mr Chassels's comment is now displayed below]:

The hard working folk at GDS have had very poor support from their leaders who have failed dismally as described to truly understand “digital”. Politicians like most business people are understandably confused and this ignorant of underlying complexity in building and delivering an end to end service; and wow the vendors take advantage of that! Hence the need to be the ”intelligent customer” as articulated by Bernard Jenkin chairman of PASC which reported in 2011 on Good Governance: effective use of IT and its follow up in 2013 “Public Procurement: capability and effectiveness” (link)

Reality is that driving a “digital service” is as indicated much more that a web form it is about the whole business operation to deliver effectively. Users internal and external should be the drivers and in fairness to the “IT” industry this was recognised over 15 years ago and tagged “BPM” as the required “discipline” see this forum (link).

However sadly the supporting software remained in component complexity. This was the very challenge which was recognised by many we took on in the 90s! Yes real R&D to deliver a working solution with early adopters taken over 20 years. But you know what it worked! In effect we opened that door and given the recognition of the importance of Government buyers understanding what they are actually buying, we thought now is our time! So we embarked up trying to attract attention from ”our” Government when ICT Futures was created by the then new Government and quickly followed by GDS.

Just to put into context the effectiveness of what we created we had a Government agency UK Sport as early adopters which handles the end to management of grants to support our elite athletes. Now over 15 years supporting constant change recognised as the most efficient grant body - see here in 2011 (link). Total cost including original build less than £2m yet doing the same maybe even more complex than the grant system to farmers under RPA which seems to be on second attempt with total costs over £400m and as noted GDS contributed to that failure! Just this year UKSport converts to web from client server over half of the 500 UIs converted total cost less that £50K! That is what is called “disruptive” and in UK that represents a huge challenge…..!

Now you would think all this would excite Government as proof of very significant savings and GDS with its CTO who was also responsible for ICT Futures seeking “..on how government can use innovative new technology to deliver better, cheaper solutions” . Well not so we were ignored so many times as were many invites to visit UK Sport to see just how. GDS leaders had their own agenda with a fixation on open source and doing it themselves (and sticking bits of paper on walls!) Well now we know the result as GDS failed. Time for accountability…….?

Communicating via the walls

Good culture evolves from the bottom up, Stephen Foreshew-Cain told us the other day. So does bad culture. And culture can be influenced from the top, for good or ill.

more ►

Tuesday 21 June 2016

RIP IDA – in search of a rôle

No need to say it, it goes without saying, it should be obvious to all but,

just in case it isn't obvious to all,

IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",

is the Cabinet Office Identity Assurance programme.

And it's dead.

"If Verify is the answer, what was the question?"

As noted on 26 May 2016, GOV.UK Verify (RIP) will not replace the Government Gateway. GOV.UK Verify (RIP) won't be any use to hundreds of millions of Her Majesty's Revenue and Customs's annual transactions, worth hundreds of billions of pounds. HMRC are developing their own successor to the Government Gateway.

Nor will GOV.UK Verify (RIP) help with age verification. All those transactions where we have to prove our age in order to be eligible? We'll have to find some other way to do it, even if we have one or more GOV.UK Verify (RIP) accounts.

The huge prize of inserting GOV.UK Verify (RIP) into the nation's payment systems has also eluded the Government Digital Service (GDS). If payments depended on GOV.UK Verify (RIP), the UK would be reduced to a barter economy in no time.

What does that leave for GOV.UK Verify (RIP)?

It's in a precarious position. We've never needed GOV.UK Verify (RIP). Once we've got a new Government Gateway and new age verification systems and new payments systems, we'll need it even less.

In the meantime, GDS are holding out for a rôle for GOV.UK Verify (RIP) in 10 vaguely specified systems:

Register a child’s birth in Northern Ireland – TBC (to be confirmed).
File for uncontested divorce – TBC.
Inheritance tax online – TBC.
View your medical benefit – TBC.
Voluntary dissolution of a company – TBC.
Amend your driver record – TBC.
Sign your mortgage deed – TBC.
Apply for the Personal Independence Payment – TBC.
Child maintenance – TBC.
Bereavement support – TBC ...

GDS's case is undermined by repeatedly claiming that all eight of their "identity providers" are certified trustworthy. They're not.

And by repeatedly claiming that GOV.UK Verify (RIP) abides by all nine identity assurance principles specified by the Privacy and Consumer Advisory group. It doesn't.

And by repeatedly asserting, without qualification, that GOV.UK Verify (RIP) is secure. It can't be. Nothing is.

GDS are undermining the case for Government as a Platform – instead of GOV.UK Verify (RIP) being the single pan-government identity assurance platform, it will be just one among many. Ditto GOV.UK Pay if that platform ever sees the light of day.

And they are undermining the case for data as a public service/evidence-based policy-making, please see Matt Hancock: 83 + 83 = 71.

Exploring the need for GOV.UK Verify [RIP] in local government - get involved was published on 1 June 2016. GDS sound like a supplicant. Will local government intercede on GDS's behalf, where HMRC and others have refused?

Most government in the UK is local government. Mostly, it is local authorities who have to deliver public services. It is local authorities, most of the time, who have to deal with people in person. It is local authorities and not the theoreticians in GDS who have the practical experience of government.

It is possible that local government will come to GDS's rescue. But a 19 June 2016 article on the Government Computing website makes it clear how unlikely that is.

Money is one problem. GDS can't tell the local authorities how much GOV.UK Verify (RIP) would cost them:

Another key consideration for any potential ID solution for local authorities making use of GOV.UK Verify [RIP] is expected to be around finalising a financial businesses case for who will pay private ID suppliers for the service. Delegates at a Socitm [the Society of Information Technology Management] conference held in Leicester last October raised concerns around a lack of a financial plan over how Verify may be adapted and run.

Three times we are told that local authorities need "highly assured" on-line identities but that's just what GOV.UK Verify (RIP) can't provide. The US National Institute of Standards and Technology say that GOV.UK Verify (RIP) doesn't prove people's identities, it just collects a lot of self-certifications.

What is the supposed attraction for local authorities? Why should they use GOV.UK Verify (RIP), according to GDS?

The Blue Badge project is trotted out again. Years of hard work on it, and still no sign of a transformed, digital-by-default service.

Apart from that, what are the "high priorities requiring a system to check individual user eligibility"? Answer apparently, "local authority taxi licensing and parking permit functions".

Opening a GOV.UK Verify (RIP) account requires you to hand over reams of personal information to companies in countries all over the world. GDS may believe that people are prepared to do that just to get a resident's parking permit. Local authorities may believe that that is questionable.

It's out of proportion. It's an unnecessary risk for residents. And who would be liable in the case of losses following a security breach? GDS? Or would it be the local authorities?

That is not the rôle of local government.

And GOV.UK Verify (RIP) will have to try elsewhere to discover its rôle.