10 Years After 10 Years After

Strictly speaking, this is a little more than 10 years after the 10 year mark.  In late 2005,  Public Sector Forums asked me to do a review of the first 10 years of e-government; in May 2006, I published that same review on this blog.  It’s now time, I think, to look at what has happened in the 10 years (or more) since that piece, reviewing, particularly, digital government as opposed to e-government.

Here’s a quick recap of the original “10 years of e-government” piece, pulling out the key points from each of the posts that made up the full piece:

Part 1 – Let’s get it all online

At the Labour Party conference in 1997, the Prime Minister had announced his plans for ‘simple government’ with a short paragraph in his first conference speech since taking charge of the country: 
“We will publish a White Paper in the new year for what we call Simple Government, to cut the bureaucracy of Government and improve its service. We are setting a target that within five years, one quarter of dealings with Government can be done by a member of the public electronically through their television, telephone or computer.”
Some time later he went further:
“I am determined that Government should play its part, so I am bringing forward our target for getting all Government services online, from 2008 to 2005”

It’s easy to pick holes with a strategy (or perhaps the absence of one) that’s resulted in more than 4,000 individual websites, dozens of inconsistent and incompatible services and a level of take-up that, for the most popular services, is perhaps 25% at best.
After all, in a world where most people have 10-12 sites they visit regularly, it’s unlikely even one of those would be a government site – most interactions with government are, at best, annual and so there’s little incentive to store a list of government sites you might visit. As the count of government websites rose inexorably – from 1,600 in mid-2002 to 2,500 a year later and nearly 4,000 by mid-2005 – citizen interest in all but a few moved in the opposite direction.
Over 80% of the cost of any given website was spent on technology – content management tools, web server software, servers themselves – as technology buyers and their business unit partners became easy pickings for salesmen with 2 car families to support. Too often, design meant flashy graphics, complicated pages, too much information on a page and confusing navigation. 
Accessibility meant, simply, the site wasn’t.
In short, services were supply-led by the government, not demand-led by the consumer. But where was the demand? Was the demand even there? Should it be up to the citizen to scream for the services they want and, if they did, would they – as Henry Ford claimed before producing the Model T – just want ‘faster horses’, or more of the same they’d always had performed a little quicker? 
We have government for government, not government for the citizen. With so many services available, you’d perhaps think that usage should be higher. Early on, the argument was often made (I believe I made it too) that it wasn’t worth going online just to do one service – the overhead was too high – and that we needed to have a full range of services on offer – ones that could be used weekly and monthly as well as annually. That way, people would get used to dealing online with government and we’d have a shot at passing the ‘neighbour test’ (i.e. no service will get truly high usage until people are willing to tell their neighbour that they used, say, ‘that new tax credits service online’ and got their money in 4 days flat, encouraging their friends to do likewise).
A new plan
 • Rationalise massively the number of government websites. In a 2002 April Fool email sent widely around government, I announced the e-Envoy’s department had seized control of government’s domain name registry and routed all website URLs to UKonline.gov.uk and was in the process of moving all content to that same site. Many people reading the mail a few days later applauded the initiative. Something similar is needed. The only reason to have a website is if someone else isn’t already doing it. Even if someone isn’t, there’s rarely a need for a new site and a new brand for every new idea.
• Engage forcefully with the private sector. The banks, building societies, pension and insurance companies need to tie their services into those offered by government. Want a pension forecast? Why go to government – what you really want to know is how much will you need to live on when you’re 65 (67?) and how you’ll put that much money away in time. Government can’t and won’t tell you that. Similarly, authentication services need to be provided that can be used across both public and private sectors – speeding the registration process in either direction. With Tesco more trusted than government, why shouldn’t it work this way? The Government Gateway, with over 7 million registered users, has much to offer the private sector – and they, in turn, could accelerate the usage of hardware tokens for authentication (to rid us of the problems of phishing) and so on.
• Open up every service. The folks at my society, public whip and theyworkforyou.com have shown what can be done by a small, dedicated (in the sense of passionate) team. No-one should ever need to visit the absurdly difficult to use Hansard site when it’s much easier through the services these folks have created. Incentives for small third parties to offer services should be created.
• Build services based on what people need to do. We know every year there are some 38 million tax discs issued for cars and that nearly everyone shows up at a post office with a tax disc, insurance form and MOT. For years, people in government have been talking about insurance companies issuing discs – but it still hasn’t happened. Bring together disparate services that have the same basic data requirements – tax credits and child benefit, housing benefit and council tax benefit etc.
• Increase the use of intermediaries. For the 45% of people who aren’t using the Internet and aren’t likely to any time soon, web-enabled services are so much hocus pocus. There needs to be a drive to take services to where people use them. Andrew Pinder, the former e-Envoy, used to talk about kiosks in pubs. He may have been speaking half in jest, but he probably wasn’t wrong. If that’s where people in a small village in Shropshire are to be found (and with Post Offices diminishing, it’s probably the only place to get access to the locals), that’s where the services need to be available. Government needs to be in the wholesale market if it’s to be efficient – there are far smarter, more fleet of foot retail providers that can deliver the individual transactions.
• Clean up the data. One of the reasons why government is probably afraid to join up services is that they know the data held on any given citizen is wildly out of date or just plain wrong. Joining up services would expose this. When I first took the business plan for the Government Gateway to a minister outside the Cabinet Office, this problem was quickly identified and seen as a huge impediment to progress

More to come.

Performance Dashboard July 2003 – The Steep Hill of Adoption

With gov.uk’s Verify appearing on the Performance Dashboard for the first time, I was taken all the way back to the early 2000s when we published our own dashboards for the Government Gateway, Direct.gov.uk and our other services.  Here’s one from July 2003 – there must have been earlier ones but I don’t have them to hand:

This is the graph that particularly resonated:

With the equivalent from back then being:

After 4 years of effort on the Identity programme (now called Verify), the figures present pretty dismal reading – low usage, low ability to authenticate first time, low number of services using it – but, you know what, the data is right there to see for everyone and it’s plain that no one is going to give up on this so gradually the issues will be sorted, people will authenticate more easily and more services will be added.    It’s a very steep hill to climb though.

We started the Gateway with just the Inland Revenue, HM Customs and MAFF (all department names that have long since fallen away)- and adding more was a long and painful process.  So I feel for the Verify team – I wouldn’t have approached things the way they are but it’s for each iteration to pick its path.  There were, though, plenty of lessons to learn that would have made things easier.

There is, though, a big hill to climb for Verify.  Will be interesting to watch.

Identical Transparency

A little over a year ago I praised the team at GDS for their openness (Re-Inventing Government IT, February 2012):

All of these changes are underpinned by an openness and transparency that is incredibly refreshing.  Seeing new starters in GDS blog about what it’s like to work there and very senior people across government blog / tweet / respond to comments has opened up the workings of government – my guess is that the regular audience consists of a relatively small number of geeks but the occasional bursts into the mainstream press so no change in message.  We have done betas and pilots and test versions in UK government before, but never quite in this way.  

As I said at the beginning, with reinvention comes risk. With risk comes the potential for failure. With failure comes interrogation and criticism.  The good news is, I think, that all of the interrogation and criticism will have been done on the inside and posted on blogs long before that point

Since then the gov.uk team have been relentless in their communication – every detail of everything they do is blogged, tweeted or otherwise made public (GitHubbed and beyond).

But there is little sign of that same transparency and relentless communication either in the rest of GDS or, indeed, in the rest of government.  Universal Credit, for instance, has ignored my plea (and that of others) to say more about how things were going (despite an, as yet, never-ending stream of negative press stories). 

Where GDS and UC come together is, of course, in the field of digital identity.

In March 2012, DWP went to market (for the second time), seeking providers who could join an identity framework, specifically to support UC (initially).

Indeed, at the time Mike Bracken (in a blog on the Cabinet Office site), said:

“[This] marks the start of the formal process to create a market of identity services for access to digital public services.” 

Bracken said that using this approach has cut the cost of procuring IDA from £240m to £30m

“Creating a trust infrastructure is an exciting challenge. It is a complicated subject and won’t be delivered overnight,” he wrote in the blog. 

Great things were expected – after all, Government had suddenly saved £210 million (through some substantial sleight of hand and changing of scope it has been said) – and the digital identity market was soon to be real.  UC itself needed the service to be ready in March 2013.
In November 2012, the DWP announced its first seven providers (The Post Office, Cassidian, Digidentity, Experian, Ingeus, Mydex, and Verizon) within the framework and in January 2013, added an eighth (Paypal).
Last week, Computer Weekly let the world know that DWP was putting use of identity services for UC on ice.  DWP in response said:

“The identity provider framework was designed to be available to other government departments, which, like DWP, are also working with the Government Digital Service to develop personalised online services for citizens. 

“In line with government best practice for cross-government services, responsibility for the framework is now being moved to the Government Procurement Service – as we’ve always said it would.”

The latter paragraph is certainly true.   And so is the former.  There was no comment on when,if or whether UC or the DWP would use services from its own framework.
But surely DWP should be the first buyer of services from its own framework?  And looking around government, I am yet to see a queue of other buyers of identity services.  HMRC certainly put its head above the parapet (in June and July 2012) and took a look at a new schema for identity, organising a series of workshops and detailed reviews with dozens of possible helpers (including Rainmaker Solutions, a company in which I am a partner).  But since then?  Deafening silence.
Of course, during the last year, the GDS blog has been alive with reports of the progress, issues, challenges and achievements of the digital identity team.  Hasn’t it?  Well, no, not really.  I mean with a year gone since the procurement started and five months since the award, we must be well past discovery, into Alpha and seeing some betas … ready for UC to be live in March 2013 (or whenever it is going to come along)?
Oddly, it seems not.  The only post I can find recently, dated March 2013, refers to an Alpha with a company that, even more oddly, is not one of the eight on the framework.  Apparently the Alpha “started long before the procurement process for central govt IDA services began”.  Long before?  Can Alphas go on for more than a year?  Doesn’t sound as agile as I had in mind.  There have been 11 GDS blog posts on Identity Assurance in the last year.  Apart from the last one noted above, none mention Alphas or any other tangible progress.  Although there was a nice trip to Washington.
Of course, one of the key tenets that GDS have regarding their agile methodology is that there need not be a roadmap, because that would constrain the process.  So in November when an important first milestone was passed – there was no mention of when the second or third milestones would be reached.

Re-set Identity Assurance: £10 million of funding has allowed us to start the GDS programme to work collectively across Government to deliver identity assurance  solutions for digital transactions. 

Next year we look forward to a faster pace for delivery. While our roadmap is not finalised, and indeed will never be given the agility to which we aspire, we can look forward to some major releases.

So where does all this leave identity in government?
I hear talk only of the Government Gateway’s support contract being simultaneously “deprecated” and re-procured to allow it to continue providing its current services until 2017 or 2018.  That would make it an agile service – designed, developed and delivered in 90 days – still running after 15+ years.  It is, though, time for it to be retired and replaced with more capable services – they are out there, though not in the configuration and complexity that GDS seem to desire.  Government can certainly be the stimulus behind delivery of a marketplace too.  
I hope that we’ll see a transparency identical to that adopted by the gov.uk team from the Identity Assurance team.  You can’t only publish the good news stories, that’s what politicians do.  To be open, you have to be open. The good, the bad; the rough, the smooth; the issues, the challenges; the successes, the failures.  And this looks like a failure.
If it is, let’s get it out there and figure out how to correct it and move ahead.  Proper digital identity will underpin much of what GDS aspire to do, so we need to get it addressed.  The framework providers will be wondering where they point their solutions next, if they even have solutions.  Those who weren’t ready to bid first time around will want to know what their next opportunity is and departments wondering how to get identity done for their transactions are looking for someone to lead the way.  

Making An Identity Market

Any day now, if the timetable holds, DWP should announce the winners in their identity procurement.  The plan was to create a market of competing identity providers so as to allow Universal Credit claims to proceed with some certainty regarding the person claiming (it’s not as simple as that, but that will do for now).

The procurement was originally released as a £250m, 5 year contract (spread across multiple suppliers) before being pulled a day or so later after Cabinet Office intervention.  The revised procurement came out some weeks later for a £25m, 18 month contract (the headlines claimed massive cost reductions; it’s not clear that there are any).

Whilst the aim is to create a market, DWP are not buying a commodity product that exists today.  If I want to assert your identity on the Internet I do whatever each site asks me to do – at the lowest level, that’s an email address; at the highest level it can include postal address, credit card number, date of birth and some other details.  But the identity I’ve created is relatively unportable (Facebook connect notwithstanding).  Being trusted by my bank does not make me trusted by the government (and vice versa).

The government wants to change that.  DWP are, as Cabinet Office say, “the first cab off the rank” but they will be followed by others (HMRC are discussing their approach with the market and will perhaps issue a procurement later this year or early next year).

I was reminded of the challenges of creating a market by this graph in a recent issue of Fortune magazine.

It shows how in the 60s, the US military essentially funded the microchip business by buying up the vast bulk of their products.  As the market grew – and consumer products began to use chips – the portion of the market supported purely military purchases fell.  And so everyone carries a smartphone, a tablet and, if they want, their fridge can surf the web whilst figuring out what dinner might be.

The trouble is, DWP aren’t creating a market that way – they’re promising some funds (and we don’t know how much yet) to several vendors (we don’t know how many yet) for a short period without saying how many customers there will be for Universal Credit (and, given the history of this kind of thing, you’d be forgiven, I think, for guessing that rollout will be slower and longer than expected).

And yet suppliers entering this market are building, largely from scratch, the capability that government needs – because government, being government, inevitably has some onerous and entirely bespoke requirements that mean that whatever is already out there won’t work just as it works not and so will need customisation (and sadly not configuration).

Now, if HMRC speedily come along and have the same requirements as DWP, the volume of customers will increase.  And if other departments – http://www.gov.uk for instance – say that they want to play too, then all might still be rosy.  And if the private sector picks up on this and wants to make use of the same, then things really will be impressively rosy.

But it’s unclear how it’s all going to work.  If you bid, and win, DWP identity, will you even need to compete to provide identity to HMRC?  It’s hard to see why you would need to – if you have UK citizens with identities in your system that were triggered by DWP, they are just as likely to be needed by HMRC (or any of the other departments).   Will the private sector want to use the same identities – after all, government will not validate the identity in any way (that is, if I successfully transact with DWP, my identity doesn’t get an additional stamp saying “DWP trusts me”?)

Government is certainly seeding this market which is a good thing.  It’s looking for the market to provide solutions, also a good thing.  The mechanisms for how this will all work are still being defined and there is plenty that could still go wrong.  Fingers crossed it doesn’t, this is important stuff.

Delivery by Default

A dozen years ago in my first presentation to an audience of senior civil servants, drawn from across the whole of what was then the Inland Revenue, I put up this slide:

The quote at the bottom was drawn from a memo that had crossed my desk reporting on progress on a major programme that the department had underway.  I was struck, dumbstruck even, by the leack of certainty both in being “into its stride” and “the autumn”.  The slide – with its animation – became widely known in the department as the “falling leaves” slide.

So I certainly chuckled when I saw in the action summary for the Civil Service Reform initiative:

By autumn we will have a cross-Civil Service
capabilities plan that identifies what skills are missing and how gaps
will be filled.

By autumn the Cabinet Office will have completed a review with
departments to see what further examples of change in delivery models
can be implemented this Parliament

I then read @pubstrat’s thinking on bowler hats and was drawn to remember another slide deck from around the same time:

The road to reform is long, winding and very challenging.  Countless companies – with access to the very best talent – have failed at it (whether that be Nokia, Kodak, Comet or any other company that has gone to the wall or is about to).  Government’s very security is that it is around forever without competition.
The road from plan to execution – from talking to delivering – is also long, winding and challenging.  And execution allows you to measure what has been done; talking doesn’t.
I’ve uploaded both of the source decks to my profile page on slideshare. [Testing that link, it looks like slideshare has a problem right now.  They say it will be fixed shortly]

Disintermediating the Monopoly

… The Government Gateway is dead … long live the distributed hub, the attribute providers and the identity providers … 

Monday’s “Ensuring Trusted Services with the new Identity Assurance Programme” or #ETSIAP as it became on Twitter was a useful catch up on where things have got to.  Disappointingly, for me at least, it didn’t really say precisely where they were going – though there was a clear direction of travel – or, more importantly, when exactly.

HMRC’s Joan Wood said that the business case for a “new hub” to be procured and to replace the GG in HMRC would go forward in April 2012 (Joan, who I worked with at the Inland Revenue and who was a key customer of the Gateway in its early days, is only 3 weeks into a new job, yet still had plenty of insight into the challenges ahead); and DWP’s Steve Dover was firmly of the view that Universal Credits would be delivering in April 2013, complete with authentication provided by the IAP (or possibly by their own procurement that would operate in line with IAP). The Gateway’s support contract has just, I gather, been extended through 2014 – something that may provide a useful contingency plan given that the original concept and design around the Gateway was to provide exactly this distributed capability.

The direction of travel, then, is that Government will now buy its identity verification (and perhaps  its mapping of that identity to the various government services) from (potentially) many providers. Francis Maude, Cabinet Office Minister, announced that £10m had been earmarked to staff the IAP (and Mike Bracken went on to say later that this would cover 5 workstreams through to 2012/13 which I took to mean March 2013).

This is a change from current practice, though not actually new thinking. Professor Brian Collins, who chaired the event, said that he had worked on such thinking in 1992. I. in turn, ran the Government Gateway team from 2000 to 2004 when this thinking was at the centre of what we were trying to do.  We even got at least a little bit towards that with the digital certificates issued by 3rd parties, though that was an idea ahead of its time and its ability to be implemented.

The current practice is largely that government has a monopoly on both your identity and how you match your identity to a government service.  Whilst it’s a monopoly, it isn’t actually done through a single route – the Government Gateway certainly handles a lot of transactions but it doesn’t, for instance, handle tax disc renewals, much of what DWP offers online or the bulk of local authority transactions.  The change, then, is that private sector entities will be able to offer an identity service (and perhaps a hub that will match identity to service) and offer that to government.

Right now there isn’t a commercial model defined that would allow anyone to assess the value of that market.  That is, there isn’t a known pipeline of transactions that will require authentication (or a commitment that only this route will be used in the future) or an assessment of the price that government would be willing to pay for such identity mapping (which would, somewhere along the line, have to address the risk of a false identity being guaranteed).

Mike Bracken went on to talk about a network of trust – using a series of low value transactions to build up a trusted identity.  He used the example of the fishing licence – something that doubtless still raises the hackles of those who were around for the first iteration of online services.  This is another transaction that has its own identity engine – especially if you set up an account so that you can easily renew your licence each season.

When we first floated the network of trust concept, we called it the “Green Shield Stamps” theory of identity – you carry out progressively more significant transactions by working up a pyramid of trust; over time your online persona is highly trusted. We had two theories on this – one was that there was a pyramid of trust between relying parties, and two that there was a pyramid of transactions that themselves generated trust (so to use Mike’s example, if you have bought a fishing licence and sent your self assessment return in, then maybe you can claim some benefits, and if that works, you claim tax credits)  There was much resistance then, in 2003, but no reason why that resistance should still be there (there wasn’t really good reason for it to be there in the first place).

With the Cabinet Office getting behind the IAP – and, by the sounds of it, resourcing it for the first time in its current incarnation – there is great potential, provided things move fast.  One of the first deliverables, then, should be the timetable for the completion of the standards, the required design and, very importantly, the proposed commercial model.

The important thing about the timetable is that if HMRC and DWP are going ahead with implementation as soon as 2013, IAP needs to have provided all of the framework and information long before that date  – perhaps a year ahead of it – so that providers have time to put together the necessary capability/platform.  The alternative is that DWP or HMRC do what they need to do and the result is either a solution where the first one or two solutions are subsidised by the two largest departments or, worse, a solution that works for those departments but not for anyone else.

The thinking behind the Cabinet Office approach is that private sector companies – perhaps the banks, the credit agencies, maybe BSkyB, Tesco or the Post Office will provide these identity services not just for government transactions but for any and all transactions – whether that be Facebook login, checking your Tesco ClubCard points or seeing if your pay check has hit your account.  Francis Maude, to wry laughter, noted at the event that he had two dongles for accessing his two bank accounts within the same bank (HSBC if you’re interested).  I wasn’t sure if he was suggesting a future where we might have a single dongle for everything (he was certainly not suggesting that was the only route – the slides from Dave Rennie were clear that it would be an individual choice regarding how much joining up was allowed, with the ultimate sanction being to use multiple identity agents for multiple services).

Whilst plenty of hard work has doubtless been done, the real hard work is in the next few months.  There were many people in the room who were around when I was running the Gateway – the denizens of the Liberty Alliance, BT URU and so on were all there – and, whilst their thinking will be important, new thinking will also be needed to get this off the ground, get it widely used and get it delivered at a price point that makes sense for all of the players.  Again, the commercial model by which this will work is a critical early deliverable.

I am looking forward to seeing how this plays out and to playing a role, again, in the development of the route to secure identity within UK government and perhaps more widely.

Google Texts Two Factor

When we launched the Government Gateway in 2001 we spent a lot of time looking at login security models. Phishing, though not called that at the time, was just emerging and we could see that passwords were going to be unreliable. 
We looked at lots of options – USB tokens (failed because we wanted people to be able to access services from anywhere and internet cafes – research showed – didn’t expose their USB ports), RSA-style tokens (very complicated with a high cost of set up and a high incidence – at the time – of help desk calls, digital certificates (don’t get me started), a funny device that had 4 coloured buttons and you set your own code on that (it’s name began with Q, I can’t remember what it was). We spoke to the banks to see if they would be interested in issuing secure login devices that we could piggy back on (effectively trusting the bank to authenticate properly and then hand the user to us) but made no progress, We dead-ended on lots of things.
We also looked at sending a text to your mobile phone to confirm that it really was you. We even built the capability to do this. But testing showed that the time to deliver was very variable – and sometimes delivery didn’t ever happen. So we abandoned that as an idea.
We settled, then, on a long (and entirely un-recallable) password coupled with an equally unmemorable userid. These were imposed on us by the security rules at the time.
I was intrigued, then, when Dan forwarded me a recent announcement from Google saying:
2-step verification is now available for Google Apps (free) edition. When enabled by an administrator, it requires two means of identification to sign in to a Google Apps account. A mobile phone is the main requirement to use the second form of identification. It doesn’t require any special tokens or devices. After entering a password, a verification code is sent to the user’s mobile phone via SMS, voice calls, or generated on an application they can install on their Android, BlackBerry or iPhone device.
It isn’t the text bit that’s interesting – doubtless that will have the same issues as we had all that time ago or perhaps even worse given the huge volume of text now. But it is interesting that you can have an app on your phone that will prove you are who you say you are.
It wouldn’t surprise me if the banks made the same move – and so reduced the costs of sending out their own secure devices. And why not the Government Gateway too – we don’t need to know that you are the owner of the phone (with 70% pay as you go, that’s too big a hurdle), we just need to be able to tie that phone to you at the point of registration and create an app that supports the process. That doesn’t sound difficult.
The mobile phone, though, is becoming an increasingly concentrated device – NFC payments, all of your email, one touch access to Facebook/Twitter etc – and often without any PIN protection (or any way to lock it down quickly if it is stolen, Find My iPhone notwithstanding).