All Numbers Are Made Up

Anyone who has worked with me for even a short while will recall a time when I have prefixed or suffixed a number with “this is made up” and usually followed up with “all numbers are made up.”

This is usually in one of two contexts:

  1. “This project will cost £50m (made up number), what does that mean for us, where will the costs fall, what should we worry about in terms of over-runs, where are our risks?” – the aim is to stimulate debate about the project as a whole and give everyone a number to play around with to help get to a (much) better number later.
  2. “I’ve heard that the consequences of this going wrong could be (made up number) £100m.” In this context I have no idea what the right number is but I want to know what other people think, so I throw a number out and see what other people think on the basis that we need to start somewhere.

My general theory is that all numbers you hear quoted are made up – sometimes with a bit of science, but sometimes they’re purely Wild Assed Guesses. The problem is that few admit to the numbers being made up, and so there’s somehow a belief that the fact that someone has stated a nunber must mean it’s true.

Only a few days ago, there was speculation that the cost of repatriating the Thomas Cook passengers (and, at that, just the UK citizens – no one talks about those from other countries who have to find ways home) would be £600m. It was unsourced and plainly completely made up, but very few dared admit that it was nonsense.

Which brings me to today’s story on Government Notify saving £175m in the next five years (my italics).

We don’t, therefore, know how much it has saved in the last 4 years, though we do know that it has been used to send “more than 500 million messages.”

We do know that it’s supposed to save £35m a year for each of the next five years, so 5 * 35 gives us £175m.

There are essentially three ways to get to that number, and it could be a combination or sum of all of them:

  1. Assume that everyone would have to spend some money to build or buy the equivalent capability to Notify. There are commercial equivalents of course. There are costs to integrate to either solution which, one could argue, are the same and therefore they are left out; but there are also operating costs (the commercial services are often SaaS based so there would be no build costs). That might be (Wild Assed Guess) £25,000 per service and we know that there are 1,200 services using it, so that would be £30m for the services to date (who would, of course, not save further money from here because they are already inside the Notify world, unless there is a cost of operation that they need to pay; we don’t know either way)
  2. There’s an arbitrage cost between low scale users and high scale users where message costs are cheaper for the latter and so bundling together lots of government (to get to 500m messages over 4 years for instance) would result in a unit cost save per message, provided you hit the volumes you specify. That might save (made up number) 4p per text message and so we would get £20m savings for all of the messages sent to date.
  3. There’s a business cost save if, for instance, you implement text message reminders for, say, Doctor’s appointments and you track the before and after attendance rates and see that 25% more people attend at the right time when they’re reminded. That might save (made up number) £250/appointment … and multiply that by the 25% extra and you have a savings figure. In the world of truly Wild Assed Guesses, this could be tens or hundreds of millions, depending on how many GPs, Hospitals and others use the services. But the organisatons with the highest number of users are Cabinet Office, Ministry of Justice and Home Office, followed, oddly by MoD, DfE, DWP and HMCTS. No NHS. So we don’t know.

What’s perhaps odd about the £175m savings is that it is quoted as £35m/year for the next 5 years. That is, it doesn’t increase (or decrease). That suggests that there will be no more users, no more services and no more messages sent (which, at least, is better than reducing any of those). That would be a shame – it’s a well used service, filling a clear need and one would imagine that, given that many services are still not online, and of those that are, may don’t use Notify, that there is a market opportunity.

All told, it means we have no idea what to think about the savings and whether they are real, or entirely made up (note: all numbers are made up).

This is an interesting topic, because using my patented eDt Time Machine (TM), I can go back to 2002/3 and look at the case we put together for why we should build a notification engine (we called it “Notifications” – clever, hey?) and we looked at (1) and (2) for our own case and (3) to help the services who might adopt it figure out what the benefits for them would be. We worked with a partner to do the heavy lifting and integrated it with our existing capabilities – HMRC were amongst the first users (sending text messages to say that your tax return had been received for instance).

The outloud thinking about this led to articles, such as one by Charles Arthur in May 2002, that speculated about exam results being sent by text, and another by John Lettice, and the Guardian also picked it up (it may well have been a slow news week). For the record, it came true in 2009, as I noted right here on this blog. And now, it appears that it’s even more true, although we may never know what the real numbers are.

If it’s a made up number, just say what the assumptions were when you came up with it. Transparency and all that.

Government Gateway At Nearly 19

Work on the new new Government Gateway started this time nearly 19 years ago. Here’s a picture from July 2000 showing how we thought it might all work – at the time the Inland Revenue was looking to extend an existing EDIFACT solution (the EDS EbX solution on the right). From the beginning the plan was to join everything up and become the traffic director for all transactions to and from government.

One of the oft-told stories of the development of the Government Gateway is that it took the team only 90 days, from flash to bang, to put the first version live (our MVP if you will). Remember that this was in 2000/2001, when servers had to be bought, installed and cabled up. When code was deployed on actual spinning disks that you could look at. When architects laboured in data centres, working long hours to make everything work.

Here’s another slide, from the same time, showing how we thought the Gateway would handle Self Assessment. Note the “*” in the bottom right that, again, recognises that the “app” (as we would call it today) could be from anyone.

It’s roughly true. There had been an earlier, failed attempt at delivering a Government Gateway, with a contract let by Cabinet Office. There was then a period when a signed entitled “Under New Management” hung on the office door (actually, in the Inland Revenue’s Bush House office) and, with the IR providing funding for a replacement, we went looking for a supplier who could deliver what we wanted. We knocked on a lot of doors and were mostly laughed at: our ambition was too great, no products existed that could do what we wanted, we should stick to email and send forms back and forth and so on.

We landed on Microsoft at about this time of year in 2000. Lots of people had to get involved in governing whether it could go ahead – all the way to Bill Gates at their end and all the way to the Minister of the Cabinet Office at our end. We picked the live date, 25th January 2001, largely because the MCO was Ian McCartney and we thought Burns Night was appropriate. For a month or so the project was even called “Caledonia.” Before that it had been called “Shark” on the basis that, to meet the timeline, it would need to keep moving and never sleep.

The live date was not entirely arbitrary – we were working back from needing to have PAYE live on April 6th 2001, and we knew we needed to launch the first part (registration and enrolment) by the end of January so as to give us time for the next release, the transaction engine which would process the tax forms.

And then, sometime in October, we got the go-ahead, after an independent OGC Gateway review by Andrew Pinder (who, at the time, was not the e-Envoy and who was not even working in government more widely).

Here’s what the homepage looked like when it was launched, on time and on budget, in January 2001.

I’m not writing about this for nostalgic reasons though, I’m writing because I’ve just seen another project launch in UK government that plans to take data from third party software packages and websites and process/transform (in the technical sense) them so that they can be handled in new, yet to be built government systems.

That’s what the Gateway was built to do. And it still does it, nearly 20 years later, for every PAYE form that is sent to Government. Until a few weeks ago, it did it for every VAT form too, though HMRC appears to have gone back to CSV files, abandoning the great work on GovTalk done by others in the Office of the e-Envoy when the Gateway was still a sketch on a piece of paper.

We are in some kind of endless loop where we keep building what’s already been built and proven, “because we’re special” or because “it doesn’t quite meet our needs” or “because it’s not open source” or “because we don’t want to be beholden to a supplier” … and so we don’t make any substantive progress or break any new ground. It’s a stairway to nowhere.

HMRC … you were the future once

No-one should ever read your first draft. Neil Gaiman.

Nearly 20 years ago when I joined the Inland Revenue (years before it became HMRC), the Internet was new in government.  In the IR HQ, there was one PC that had access to the ‘net – via a dial up 28.8k modem if I recall correctly.  Maybe it was 56.6.  You don’t easily forget the noise that such a modem makes as it works its way to a connection.

Not long after, the IR’s email system was shut down for 3 days by a variant of the Melissa virus.  Sometime later, that led us to back some great work by Al Collier, at what became OGC, to deploy MessageLabs anti-virus capability across the whole of the GSI.  Email was never lost again, as far as I know, by anyone so protected.

The Revenue, as they called themselves, had a website.  But that was it.  Indeed, government had a website (, but that, too, was it.  In the weeks and months that followed, thanks to clear, forward thinking leadership and insightful direction from the Perm Sec (Sir Nick Montagu), the CIO (John Yard) and what would now be called the CDO (Barry Glassberg), Self Assessment went online (remember the £10 rebate to encourage you to file online? And the floppy disc with the “app” on it, replaced at the beginning of the next year with a web app built by Ezgov?), PAYE came next, then Corporation Tax and many other services.

We took hits – despite publishing the need for a maintenance window (to take Self Assessment down) for a few hours on a Friday evening, we made it to above the fold news the following day, when SA was down (when there were, maybe, at best, 10,000 users).  We took flak from the Welsh, Mac using vicar who couldn’t file his tax return (we didn’t do Welsh, didn’t support Macs, and vicars, it turns out, have special tax forms that were not in our initial release; this is not a fable, there really was a Welsh, Mac using vicar that wanted to file his tax return online in 2000).

We built and rebuilt and threw some things away that didn’t;t work.  We ran parallel projects in competition to see what would work and to try and ensure that at least one horse would cross the finish line in time,  Before there was agile, this was agile.

As we worked to put PAYE online, the foundation of it was really the GovTalk standard that the Office of the e-Envoy had already put together (I liked to describe GovTalk as the envelope that you put a letter in, along with the format for the address and the writing inside; the content was yours to figure out).  We worked with dozens of both major and minor software vendors – from Rutherford Webb to Sage through to Oracle – to agree the PAYE XML format that would flow through the Government Gateway (which was in-flight at the same time as PAYE) and into the IR’s systems.  It was detailed work, led mostly by the inimitable and irrepressible Phil Stradling, but it established two important baselines – (1) there would be a single front door into online government services, via the Gateway and (2) the format adopted for all messages through that route would be GovTalk compliant.  Phil was quietly responsible for many firsts in the world of e-government.  I suspect we’ve never thanked him sufficiently for the incredible work he did.

There’s no question that the Inland Revenue (and then HMRC), almost entirely because of John and Barry, led e-government from the front – and were,  I suspect, baffled when other departments got credit for doing a tiny fraction of what they were doing.  They took risks in a world where taking risks was frowned upon. They were the first to put real transactions online (SA, PAYE, CT etc – each of which won awards in its time). They provided the initial funding for the Government Gateway (the vision came from a mixture of IR and HMCE thinking with a very large extra dose from Mark Gladwyn at CITU).  They were the first to get meaningful take-up, from both citizens and businesses – with the Carter review, in 2007, HMRC (as they were by then) became the first department to focus on driving 100% take-up of online services (with the aim of achieving that by 2012; my guess is they hit that, or, at least, got closer than anyone else did by then)

Many years later, I find myself in front of my Mac, painfully rekeying VAT/expenses data from the carefully crafted Excel sheets that I put together a decade ago into the cloud accounting package that, to date, I have only used for sending and tracking invoices.

And, at the same time, I find myself wondering just how far we have progressed.  Or, indeed, if we have progressed at all.

As far as I can tell, the Gateway is still there (my login credentials remain the same, but there was talk that, by now, the Gateway would be replaced – indeed, the website that remained unchanged from 2004 when I left it behind until even a few months ago is now apparently hidden away replaced by a front end).

Is the Gateway a dead man walking?  or is it dead?  I hope they gave it a good send off, it served us all well.  Too many awesome people worked on Gateway to mention here; but they know what they achieved, up against the odds.

What used to be a single front end for transactions into government now looks fragmented across dozens of sites.

And what I’m sending to HMRC, from my cloud accounting package (one login), through some bridging software (another login), through the Gateway (yet another login) …

… is a CSV file with the 9 boxes required for the VAT form.

There doesn’t seem to be a GovTalk envelope.

There’s no additional data.

But there is new overhead and new cost.

And yet no obvious benefit … HMRC are getting what they got before … and countless businesses are sending what they sent before, but with more effort.

And, obviously, no Verify … yet if every single company in the UK is going to send their tax returns this way, and as many as 9 million individuals (roughly 50% used to use accountants, perhaps it’s more now) and then 30 million individuals who might want to check their PAYE status … or a few million students who will want to check their student loan (which inevitably ties to PAYE) … this way in is going to become the default, at least for all financial transactions with government (there may be a good case for why NHS has a different way in; I don’t have a particular view).

Clearly there is more underway here and a bigger picture … but it’s not obvious to me that we have advanced at all since achieving the 100% (or near to it) objective perhaps 7 years ago.

Citizen focused?  Joined up?

I’m not sure.  Doesn’t look like it.

GDS Isn’t Working – Part 4 (Verify)

The conclusion to Part 3 (The Reboot) was:

  • Verify – It’s time to be brave and ignore sunk costs (investment to date and contractual exit costs if any) and let this one go.  It hasn’t achieved any of the plans that were set out for it and it isn’t magically going to get to 20m users in the next couple of years, least of all if HMRC are going their own way.  The real reason for letting it go, though, is that it doesn’t solve the real problem – identity is multi-faceted. I’m me, but I do my mother’s tax return, but appoint my accountant to do mins, but I work for a company and I do their payroll, and I counter-sign the VAT return that is prepared by someone else, and I act as the power of attorney for my blind father.  Taking a slice of that isn’t helping.  Having many systems that each do a piece of that is as far from handling user needs as you can get.  Driving take up by having a lower burden of proof isn’t useful either – ask the Tax Credits folks.  HMRC are, by far, the biggest user of the Gateway.  They need citizen and business (big business, sole trader, small company) capability.  Let them take the lead – they did on the Gateway and that worked out well – and put support around them to help ensure it meets the wider needs.

Instead, GDS appear to be doubling down, based on this article in Computer Weekly:

  • GDS speakers at the event encouraged suppliers to use the GaaP tools in their own products, in the hope of widening their use. However, according to guests at the event that Computer Weekly talked to – who wished to remain anonymous due to their ongoing relationships with GDS – GDS was unable to give any guarantees around support or service levels.
  • GDS has now developed a new feature for Verify that allows “level of assurance 1” (LOA1) – a reduced level of verification that is effectively a straightforward user login and password system, which offers “minimal confidence in the asserted identity” of users for low-risk transactions. In effect, LOA1 means the government service trusts the user to verify their own identity.
  • The government has committed to having 25 million users of Verify by 2020, and offering LOA1 is seen as a key step in widening the adoption of the service to meet this target.
This is, though, to miss the point of “What is Verify for?”:

  • The goal isn’t to have 25 million users.  That’s a metric from 1999 when eyeballs were all that mattered.  25 million users that don’t access services, or that sign up for one and never use another service isn’t a measure of relevancy
  • A government authentication platform is instead for:
    • Giving its users a secure, trusted way of accessing information that government holds about them and allowing them to update it, provide new items and interact with government processes
    • Allowing users to act as themselves as well as representatives of others (corporate and personal) with the assurance that there is proper authorisation in place from all necessary parties
    • Putting sufficient protection in the way so as to ensure that my data and interactions cannot be accessed or carried out by people who aren’t me.  In other words, “I am who I say I am” and, by definition, no one else is
What then, if we took away the numbers and the arbitrary measures and said, instead, that the real purpose is to:
  • Create an environment where a first time user, someone who has had no meaningful interaction with government before, is able to transact online and need never use offline processes from that moment on
  • Sixteen year olds would begin their online interaction with government by getting their National Insurance numbers online
  • They would go on to apply for their student loan a couple of years later
  • With their first job they would receive their PAYE information and perhaps claim some benefits
  • Perhaps they would be handling PAYE, or VAT, or CT for their own employer
  • Health information and records would be available to the right people and would move them as they moved jobs and locations
  • Perhaps they would be looking at health information and records for others
  • They would see the impact of pension contributions and understand the impact of changes in taxation
  • Perhaps they would be helping other people figure out their pension contributions and entitlements
  • They might decide whether they can afford an ISA this year
  • In time some would pay their Self Assessment this way
  • Or maybe they would be completing Self Assessments for others
A 2002 Slide

Instead of spot creating some transactions that are nearby or easy, we would seek to change the entire experience that someone has who doesn’t know about government – they would never know that it had been broken for years, that paper forms were the norm for many, or that in 2010 people had to go from department to department to get what they needed.  They would take to this the way a baby learns that you swipe an an iPad screen – it would never occur to them that a magazine doesn’t work the same way.

Along the way, those who were at later stages of life would be encouraged to make the move online, joining at whatever stage of the journey made sense for them.

This wouldn’t be about transformation – the bulk of the users wouldn’t know what it was like before.  This would just be “the way government is”, the way it’s supposed to be.  Yes, in the background there would have been re-engineering (not, please, transformation), but all the user would see is the way it worked, fluidly, consistently and clearly, in their language, the language of the user.

Progress would no longer be about made up numbers, but about the richness of the interaction, the degree to which we were able to steer people away from paper and offline channels, and the success with which we met user needs.  The measure would be simply that they had no need, ever, to go offline.

Verify isn’t the way into this journey.  Verify started out trying to solve a different problem.  It isn’t seen, and wasn’t conceived, as part of a cohesive whole where the real aim is to shift interaction from offline to online.  In its current form, it’s on life support, being kept alive only because there’s a reluctance to deal with the sunk costs – the undoubtedly huge effort (money and time from good people) it’s taken to get here.  But it’s a “you can’t get there from here” problem. And when that’s the case … you have to be brave and stop digging.

If my original take on “What is GDS for” was:

GDS is for facilitating the re-engineering of the way government does business – changing from the traditional, departmentally-led silos and individual forms to joined-up, proactive, thought-through interactions that range widely across government.  It is not, in my view, about controlling, stopping, writing code or religious/philosophical debates about what’s right. It’s job is to remove the obstacles that stop government from championing the user cause.

Then what if GDS took the vanguard in moving government to cater for the user journey, from a user’s first interaction to its last.  A focused programme of making an online government available to everyone.  A way of assessing that “I am who I say I am” is an essential part of that – and starting with a 16 year old with minimal footprint is going to be challenging but is surely an essential part of making this work.  This would be a visionary challenge – something that could be laid out step by step, month to month, in partnership with the key departments.

It can be dull to look backwards, but sometimes we have to, so that we move forward sensibly.  The picture above shows the approach we planned at the Inland Revenue a long time ago.  We would take on three parallel streams of work – (1) move forms online, (2) join up with some other departments to create something new and (3) put together a full vertical slice that was entirely online and extend that – we were going to start with a company because our thinking was that they would move online first (this was in 2000): register the company, apply for VAT and tax status, send in returns, add employees, create pensions etc.

It feels like we’ve lost that vision and, instead, are creating ad hoc transactions based on departmental readiness, budget and willingness to play.  That’s about as far away from user needs as I can imagine being.

As a post-script, I was intrigued by this line in the Computer Weekly report:

GDS was unable to give any guarantees around support or service levels.

On the face of it, it’s true.  GDS is part of the Cabinet Office and so can’t issue contracts to third parties where it might incur penalties for non-delivery.  But if others are to invest and put their own customer relationships on the line, this is hardly a user needs led conversation.  Back in 2004 we spent some time looking at legal vehicles – trading funds, agencies, JVs, spin-offs – and there are lots of options, some that can be reached quite quickly.

My fundamental point, though, is that GDS should be facilitating the re-engineering of government, helping departments and holding them to account for their promises, not trying to replace the private sector, or step fully into the service delivery chain – least of all if the next step in the delivery promise is “you will have to take our word for it.”

Performance Dashboard July 2003 – The Steep Hill of Adoption

With’s Verify appearing on the Performance Dashboard for the first time, I was taken all the way back to the early 2000s when we published our own dashboards for the Government Gateway, and our other services.  Here’s one from July 2003 – there must have been earlier ones but I don’t have them to hand:

This is the graph that particularly resonated:

With the equivalent from back then being:

After 4 years of effort on the Identity programme (now called Verify), the figures present pretty dismal reading – low usage, low ability to authenticate first time, low number of services using it – but, you know what, the data is right there to see for everyone and it’s plain that no one is going to give up on this so gradually the issues will be sorted, people will authenticate more easily and more services will be added.    It’s a very steep hill to climb though.

We started the Gateway with just the Inland Revenue, HM Customs and MAFF (all department names that have long since fallen away)- and adding more was a long and painful process.  So I feel for the Verify team – I wouldn’t have approached things the way they are but it’s for each iteration to pick its path.  There were, though, plenty of lessons to learn that would have made things easier.

There is, though, a big hill to climb for Verify.  Will be interesting to watch.

Digital Government 2002 – Doing Something Magical

Now here’s a blast from the past!  Here’s a “talking head” video recorded, I think, in early 2002 all about e-government (I am, of course, the talking head).  Some months later, much to my surprise, the video popped up at a conference I was attending – I remember looking up to see my head on a dozen 6′ tall screens around the auditorium.

It’s easily dated by me talking about increasing use of PDAs (you’ll even see me using one) and the rollout of 3G, not to mention the logo flashing up in the opening frames and e-government, as opposed to Digital By Default.

But the underpinning points of making the move from government to online government, e-goverment or a Digital by Default approach are much the same now as then:

“The citizen gets the services they need, when they need them, where they need then, how they need them … without having to worry about … the barriers and burdens of dealing with government”

“You’ve changed government so fundamentally … people are spending less time interacting and are getting real benefit”

Lessons learned: get a haircut before being taped, learn your  lines, even when in America don’t wear a t-shirt under your shirt (my excuse is that it was winter).

Government Gateway – Teenage Angst

Tomorrow, January 25th, the Government Gateway will be 13.  I’m still, to be honest, slightly surprised (though pleased) that the Gateway continues to be around – after all, in Internet time, things come and go in far shorter periods than that.  In the time that we have had the Gateway, we rebuilt with three different suppliers, launched and replatformed it some years later, then closed that down and replaced it with which has absorbed the vast bulk of central government’s websites and has probably had 1,000 or more iterations since launch.  And yet the Gateway endures.

In 13 years, the Gateway has, astonishingly, had precisely two user interface designs.  In the first, I personally picked the images that we used on each screen (as well as the colour schemes, the text layout and goodness knows what else) and one of the team made ‘phone calls to the rights holders (most of whom, if I recall correctly, were ordinary people who had taken nice pictures) to obtain permission for us to use their images.  If you look at the picture above, you will see three departments that no longer exist (IR and C&E formed HMRC, MAFF became Defra) and five brands (including UKonline) that also don’t exist.

Of course we carried out formal user testing for everything we did (with a specialist company, in a purpose built room with one-way glass, observers, cameras and all that kind of thing), often through multiple iterations.  The second UI change was carried out on my watch too.    I left that role – not that of Chief UI Designer – some 9 years ago.

My own, probably biased (but based on regular usage of it as a small business owner), sense is that the Gateway largely stopped evolving in about 2006.  Up until that point it had gone through rapid, iterative change – the first build was completed in just 90 days, with full scrutiny from a Programme Board consisting of three Permanent Secretaries, two CIOs and several other senior figures in government.  Ian McCartney, the Minister of the Cabinet Office (the Francis Maude of his day) told me as he signed off the funding for it that failure would be a “resignation issue.” I confirmed that he could have my head if we didn’t pull it off.  He replied “Not yours, mine!” in that slightly impenetrable Scottish accent of his.  We had a team, led by architects and experts from Microsoft, of over 40 SMEs (radical, I know).  Many of us worked ridiculous hours to pull off the first release – which we had picked for Burns Night, the 25th of January 2001.

On the night of the 24th, many of us pulled another all nighter to get it done and I came back to London from the data centre, having switched the Gateway on at around 5am – the core set of configuration data was hand carried from the pre-production machine to the production machine on a 3 1/2” floppy disc.  I don’t think we could do that now, even if we could find such a disc (and a drive that supported it).  

The Programme Board met to review what we had done and, to my surprise, the security accreditation lead (what would be called a Pan-Government Accreditor now) said that he wanted to carry out some final tests before he okayed it being switched on.  I lifted my head from the table where I may have momentarily closed my eyes and said “Ummm, I turned it on at 5.”  Security, as it so often did (then and now), won – we took the Gateway off the ‘net, carried out the further tests and turned it back on a few hours later.

Over the following months we added online services from existing departments, added new departments (and even some Local Authorities), added capability (payments, secure messaging) and kept going.  We published what we were doing every month in an effort to be as transparent as possible.  We worked with other suppliers to support their efforts to integrate to the Gateway, developing (with Sun and Software AG, at their own risk and expense) a competitive product that handled the messaging integration (and worked with another supplier on an open source solution which we didn’t pull off).

We published our monthly reports online – though I think that they now lost folllowing perhaps multiple migrations of the Cabinet Office website.  Here is a page from February 2004 (the full deck is linked to here) that shows what we had got done and what our plans were:

The Gateway has long since been seen as end of life – indeed, I’ve been told several times that it has now been “deprecated” (which apparently means that the service should be avoided as it has been or is about to be superseded).  Yet it’s still here.

What is happening then?

Two years ago, in November 2011, I wrote a post about the Cabinet Office’s new approach to Identity. Perhaps the key paragraph in that post was “With the Cabinet Office getting behind the [Identity Programme] – and, by the sounds of it, resourcing it for the first time in its current incarnation – there is great potential, provided things move fast.  One of the first deliverables, then, should be the timetable for the completion of the standards, the required design and, very importantly, the proposed commercial model.”

There was talk then of HMRC putting up their business case for using the new services in April 2012.  The then development lead of Universal Credit waxed on about how he would definitely be using Identity Services when UC went live in April 2013.  Oh, the good old days.

DWP went to market for their Identity Framework in March 2012 as I noted in a post nearly a year ago. Framework contracts were awarded in November 2012.  

Nearly five Gateway development cycles later, we are yet to see the outcome of those – and there has been little in the way of update, as I said a year ago.

Things may, though, be about to change

GDS, in a blog post earlier this month, say “In the first few months of 2014 we’ll be starting the IDA service in private beta with our identity providers, to allow users to access new HMRC and DVLA services.”

Nine gateway development cycles later, we might be about to see what the new service(s) will look like.   I am very intrigued.

Some thoughts for GDS as they hopefully enter their first year with live services:

Third Party Providers 

With the first iteration of the Gateway, we provided the capability for a 3rd party to authenticate someone and then issue them a digital certificate.  That certificate could be presented to the Gateway and then linked with your identity within government.  Certificates, at the time, were priced at £50 (by the 3rd party, not by government) because of the level of manual checking of documents that was required (they were initially available for companies only).  As long ago as 2002, I laid out my thoughts on digital certificates.

There were many technical challenges with certificates, as well as commercial ones around cost.  But one of the bigger challenges was that we still had to do the authentication work to tie the owner of the digital certificate to their government identity – it was a two step process.

With the new approach from the Cabinet Office – a significantly extended version of the early work with multiple players (up to 8 though not initially, and there is doubtless room for more later) but the same hub concept (the Gateway is just as much a hub as an authentication engine) – the same two step process will be needed.  I will prove who I am to Experian, the Post Office, Paypal or whoever, and then government will take that information and match that identity to one inside government – and they might have to do that several times for each of my interactions with, say, HMRC, DWP, DVLA and others.  There is still, as far as I know, no ring of trust where because HMRC trusts that identity, DWP will too.  Dirty data across government with confusion over National Insurance numbers, latest addresses, initials and so on all make that hard, all this time later.

As Dawn Primarolo, then a minister overseeing the Inland Revenue, said to me, very astutely I thought, when I first presented the Gateway to her in 2001“But people will realise that we don’t actually know very much about them.  We don’t have their current address and we may have their National Insurance number stored incorrectly“.  She was right of course.

Managing Live Service

The new approach does, though, increase the interactions and the necessary orchestration – the providers, the hub and the departments all need to come together.  That should work fine for initial volumes but as the stress on the system increases, it will get interesting.  Many are the sleepless nights our team had as we worked with the then Inland Revenue ahead of the peak period in January.

End to end service management with multiple providers and consumers, inside and outside of government is very challenging.  Departments disaggregating their services as contracts expire are about to find that out, GDS will also find out.  There are many lessons to learn and, sadly, most of them are learned in the frantic action that follows a problem.

The Transaction Engine – The Forgotten Gateway

The Gateway doesn’t, though, just do the authentication of transactions. That is, you certainly use it when you sign in to fill in your tax return or your VAT return, but you also use it (probably unwittingly) when that return is sent to government.  All the more so if you are a company who uses 3rd party software to file your returns – as pretty much every company probably does now.  That bit of the Gateway is called the “Transaction Engine” and it handles millions of data submissions a year, probably tens of millions.

To replace the Gateway, the existing Authentication Engine (which we called R&E) within it must be decoupled from the Transaction Engine so that there can be authentication of submitted data via the new Identity Providers too, and then the Transaction Engine needs to be replaced.  That, too, is a complicated process – dozens of 3rd party applications know how to talk to the Gateway and will need to know how to talk to whatever replaces it (which, of course, may look nothing like the Transaction Engine and might, indeed, be individual services for each department or who knows what – though I have some thoughts on that).

Delegation of Rights

Beyond that, the very tricky problem of delegation needs to be tackled.  The Gateway supports it in a relatively rudimentary way – a small business can nominate its accountant to handle PAYE and VAT, for instance.  A larger business can establish a hierarchy where Joe does PAYE and Helen does VAT and Joe and Helen can do Corporation Tax.   But to handle something like Lasting Power of Attorney, there need to be more complex links between, say, me, my Mother and two lawyers.  Without this delegation capability – which is needed for so many transactions – the Digital by Default agenda could easily stall, handling only the simplest capabilities.

Fraud Detection and Prevention

Tied in with the two step authentication process I mention above is the need to deal with the inevitable fraud risk. Whilst Tax Credits was, as I said, briefly the most popular online service, it was withdrawn when substantial fraud was detected (actually, the Tax Credits service went online without any requirement for authentication – something that we fervently disagreed with but that was only supposed to be a temporary step.  Perhaps in another post I will take on the topic of Joint and Several Liability, though I am hugely reluctant to go back there).  

In the USA, there is massive and persistent Tax Return fraud – Business Week recently put the figure at $4 billion in 2011 and forecast that it would rise to $21 billion by 2017.  That looks to be the result of simple identity fraud, just as Tax Credits experienced.  Most tax returns in the USA are filed online, many using packages such as TurboTax.   Tax rebates are far more prevalent in the USA than they are in the UK, but once the identification process includes benefits, change of address and so on, it will become a natural target.  Paul Clarke raised this issue, and some others, in an excellent recent post.

The two step process will need to guard against any repeat of the US experience in the UK – and posting liabilities to the authentication providers would doubtless quickly lead to them disengaging from the business (and may not even be possible given the government carries out the second step which ties the person presented to a government identity record, or to a set of them).  

We included a postal loop from day one with the Gateway, aimed at providing some additional security (which could, of course, be compromised if someone intercepted the post); removing that (as a recent GDS blog post claims it will), as I imagine will be done in the new process (Digital by Default after all) requires some additional thinking.

User Led

Given that “User Led” is the GDS mantra, I have little fear that users won’t be at the heart of what they do next, but it is a tricky problem this time.  For the first time, users will be confronted with non-government providers of identity (our Gateway integration with 3rd parties still resulted in a second step directly with government).  How will they know who to choose?  What happens if they don’t like who they chose and want to move to someone else? How will they know that the service that they are using is legitimate – there will be many opportunities for phishing attacks and spoof websites? How will they know that the service they are using is secure – it is one thing to give government your data, another, perhaps, to give that data to a credit agency?   Will these services be able to accumulate data about your interactions with Government?  How will third party services be audited to ensure that they are keeping data secure?

Moving On From Gateway

There are more than 10 million accounts, I believe, on the Gateway today.  Transitioning to new providers will require a careful, user benefit led, approach so that everyone understands why the new service is better (for everyone) than the old one.   After all, for 13 years, people have been happily filing their tax returns and companies have been sending in PAYE and VAT without being aware of any problems.  It would help, I’m sure, if the existing customers didn’t even realise things had changed – until they came to add new services that are only available with the coming solutions and were required to provide more information before they could access them; I think most would see that as a fair exchange.

Here’s To The Future then

Our dream, way back on Burns Night in 2001, was that we would be able to break up the Gateway into pieces and created a federated identity architecture where there would be lots of players, all bringing different business models and capabilities.  We wanted to be free of some of the restrictions that we had to work with – complex usernames and even more complicated passwords, to work with an online model, to bring in third party identification services, to join up services so that a single interaction with a user would result in multiple interactions with government departments and, as our team strap line said back then, we wanted to “deliver the technology to transform government”.

Thirteen years on there have been some hits and some misses with that dream – inevitably we set our sights as high as we could and fell short.  I fully expect the Gateway to be around for another four or five years as it will take time for anyone to trust the new capabilities, for 3rd parties to migrate their software and for key areas like delegation to be developed.  It’s a shame that we have gone through a period of some 8 years when little has been done to improve how citizens identify themselves to government; there was so much that could have been done.

I’m looking forward to seeing what new capabilities are unveiled sometime in the next few months – perhaps I will be invited to be a user in the “private beta” so that I can see it a bit quicker.  Perhaps, though, I shouldn’t hold my breath.

Identical Transparency

A little over a year ago I praised the team at GDS for their openness (Re-Inventing Government IT, February 2012):

All of these changes are underpinned by an openness and transparency that is incredibly refreshing.  Seeing new starters in GDS blog about what it’s like to work there and very senior people across government blog / tweet / respond to comments has opened up the workings of government – my guess is that the regular audience consists of a relatively small number of geeks but the occasional bursts into the mainstream press so no change in message.  We have done betas and pilots and test versions in UK government before, but never quite in this way.  

As I said at the beginning, with reinvention comes risk. With risk comes the potential for failure. With failure comes interrogation and criticism.  The good news is, I think, that all of the interrogation and criticism will have been done on the inside and posted on blogs long before that point

Since then the team have been relentless in their communication – every detail of everything they do is blogged, tweeted or otherwise made public (GitHubbed and beyond).

But there is little sign of that same transparency and relentless communication either in the rest of GDS or, indeed, in the rest of government.  Universal Credit, for instance, has ignored my plea (and that of others) to say more about how things were going (despite an, as yet, never-ending stream of negative press stories). 

Where GDS and UC come together is, of course, in the field of digital identity.

In March 2012, DWP went to market (for the second time), seeking providers who could join an identity framework, specifically to support UC (initially).

Indeed, at the time Mike Bracken (in a blog on the Cabinet Office site), said:

“[This] marks the start of the formal process to create a market of identity services for access to digital public services.” 

Bracken said that using this approach has cut the cost of procuring IDA from £240m to £30m

“Creating a trust infrastructure is an exciting challenge. It is a complicated subject and won’t be delivered overnight,” he wrote in the blog. 

Great things were expected – after all, Government had suddenly saved £210 million (through some substantial sleight of hand and changing of scope it has been said) – and the digital identity market was soon to be real.  UC itself needed the service to be ready in March 2013.
In November 2012, the DWP announced its first seven providers (The Post Office, Cassidian, Digidentity, Experian, Ingeus, Mydex, and Verizon) within the framework and in January 2013, added an eighth (Paypal).
Last week, Computer Weekly let the world know that DWP was putting use of identity services for UC on ice.  DWP in response said:

“The identity provider framework was designed to be available to other government departments, which, like DWP, are also working with the Government Digital Service to develop personalised online services for citizens. 

“In line with government best practice for cross-government services, responsibility for the framework is now being moved to the Government Procurement Service – as we’ve always said it would.”

The latter paragraph is certainly true.   And so is the former.  There was no comment on when,if or whether UC or the DWP would use services from its own framework.
But surely DWP should be the first buyer of services from its own framework?  And looking around government, I am yet to see a queue of other buyers of identity services.  HMRC certainly put its head above the parapet (in June and July 2012) and took a look at a new schema for identity, organising a series of workshops and detailed reviews with dozens of possible helpers (including Rainmaker Solutions, a company in which I am a partner).  But since then?  Deafening silence.
Of course, during the last year, the GDS blog has been alive with reports of the progress, issues, challenges and achievements of the digital identity team.  Hasn’t it?  Well, no, not really.  I mean with a year gone since the procurement started and five months since the award, we must be well past discovery, into Alpha and seeing some betas … ready for UC to be live in March 2013 (or whenever it is going to come along)?
Oddly, it seems not.  The only post I can find recently, dated March 2013, refers to an Alpha with a company that, even more oddly, is not one of the eight on the framework.  Apparently the Alpha “started long before the procurement process for central govt IDA services began”.  Long before?  Can Alphas go on for more than a year?  Doesn’t sound as agile as I had in mind.  There have been 11 GDS blog posts on Identity Assurance in the last year.  Apart from the last one noted above, none mention Alphas or any other tangible progress.  Although there was a nice trip to Washington.
Of course, one of the key tenets that GDS have regarding their agile methodology is that there need not be a roadmap, because that would constrain the process.  So in November when an important first milestone was passed – there was no mention of when the second or third milestones would be reached.

Re-set Identity Assurance: £10 million of funding has allowed us to start the GDS programme to work collectively across Government to deliver identity assurance  solutions for digital transactions. 

Next year we look forward to a faster pace for delivery. While our roadmap is not finalised, and indeed will never be given the agility to which we aspire, we can look forward to some major releases.

So where does all this leave identity in government?
I hear talk only of the Government Gateway’s support contract being simultaneously “deprecated” and re-procured to allow it to continue providing its current services until 2017 or 2018.  That would make it an agile service – designed, developed and delivered in 90 days – still running after 15+ years.  It is, though, time for it to be retired and replaced with more capable services – they are out there, though not in the configuration and complexity that GDS seem to desire.  Government can certainly be the stimulus behind delivery of a marketplace too.  
I hope that we’ll see a transparency identical to that adopted by the team from the Identity Assurance team.  You can’t only publish the good news stories, that’s what politicians do.  To be open, you have to be open. The good, the bad; the rough, the smooth; the issues, the challenges; the successes, the failures.  And this looks like a failure.
If it is, let’s get it out there and figure out how to correct it and move ahead.  Proper digital identity will underpin much of what GDS aspire to do, so we need to get it addressed.  The framework providers will be wondering where they point their solutions next, if they even have solutions.  Those who weren’t ready to bid first time around will want to know what their next opportunity is and departments wondering how to get identity done for their transactions are looking for someone to lead the way.  

The Emperor’s New Clothes

They hung around in post offices and job centres videoing people interacting with government services, they carried out surveys on the street asking people about the different forms they needed to fill in, they watched people use both paper services and online ones so as to understand what did and didn’t work, there was much angst over why the tax credits forms said on the last page (and in very small print) “also available in large font”, they built tables of what services were used and by who and figured out which services were the most complicated and needed to be joined up, they counted transactions across the whole of central and local government looking for services to take online that would have the most impact…

… and they stitched together technology in an attempt to deliver on a promise that government should be online and joined up, they wrote an entire web site delivery platform from scratch integrating existing search engines and databases, they made sure the engine rendered on mobile devices and, yes, tablets as well as every possible browser the world had ever seen, their deliveries were rapid and iterative and user testing was prevalent throughout with videoed sessions with users (pulled from the street) working with the site (leading to yet more iterative deliveries), they released beta test versions for the public and watched what happened…
… they were a mixed team of civil servants (many borrowed from right across government), contractors and supplier staff, they walked the floor of government in casual gear using macs alongside a restricted network and with all types of the latest smartphones in use, they owned the government’s approach to online identity and worked with all of government to deliver authenticated transactions, and they supported the rest of government in their efforts to get services online as well as to recover things that hadn’t gone so well …
… and they relentlessly published facts and figures of what they were doing whilst secreting themselves in a building far away from the madding crowds of the rest of Whitehall … and created a single website for all of government that could be accessed from the URL
Who am I talking about? 
GDS 2012?  
No, e-Delivery team 2001-2005.
June 2001
We embarked on a similar journey then as the one GDS is on now, though we were under the watchful eye of the e-Envoy (and then the head of the e-Government Unit) rather than the Executive Director, Digital. We too inherited an existing site – – that didn’t quite do what the vision (outlined some years before in a paper called had proposed.  We set ourselves the grand aim of transforming the users’ experience of government – yes, a huge focus on the citizen – into something that truly represented 100% online and joined up.   A dozen years ago this was all going on before the words agile, digital by default, user experience and easier
done than said
were coined.   After all, we put men on the moon before any of those words were used so I can’t say that we were breaking even a little bit of new ground.
Watching GDS from afar, it is hard not to see the similarities, but much harder to see the differences. Perhaps that’s because I am at a distance.   We achieved a lot in a short space of time, whether measured in government cycles or geological ages (which are often much the same).  GDS too, appear to be achieving a lot, though separating smoke and mirrors from reality is difficult for an outsider.
We got a lot right – and much of what was done then is still running and is still referred to in government documents published during the Coalition’s term as the best examples of delivery – but we also got a lot wrong.  I’d like to think it balanced out to the positive, but others will be better judges of that than I am.  
I was never sure, back then, whether I was the Emperor and everyone else was really unable to see the wonder that lay before them or whether I really didn’t have any clothes on.
I am fascinated by what I see in GDS now – the diverse people, the agile approach, the focus on delivery, the excitement, the enthusiasm, the arrogance (well, the hubris really) and also the sense (wrapped up in that arrogance) that this is all new and that those who went before are not worth listening to.
Government is crying out for change.  Change needs new ideas, new people and new ways to execute. This kind of change is very hard to get rolling and many times harder than that to sustain.   I watch, then, with fascination wondering if this is change that will stick and, especially, if it is change that will pervade across government.  Or whether its half-life is actually quite short – that when the difficult stuff comes along (as well as the routine, mind-numbing stuff), things will stall.  Perhaps the departments will rebel, or the sponsors will move on, or delivery will be undermined by some cockups, or the team will tire of bureaucracy once they move into the transaction domain.
If GDS now is much like eDt then, and with the launch of the new website only hours away, I wanted to think through some of the issues that need to be addressed.
Are You Just Too Different?
Different is good in some ways. It creates a shared identity amongst those who are in the new team – they consciously step away from the constraints and limitations of the old ways of doing things. They cast aside contracts, process, bureaucracy, legacy IT, dress codes and whatever else they need to do to get things done. Meanwhile those who aren’t part of the new club look in, some jealously very much wanting to be part of it and some expectantly, waiting for the seemingly inevitable failure – the egg on the face, the fall from the ivory tower, the crash and the prolonged burn. I suspect
the camps are pretty evenly split right now, with everything to play for.
July 2000
The question is really how to turn what GDS do into the way everyone else does it.  In parallel with GDS’ agile implementations, departments are out procuring their next “generation” of IT services – and when you consider that most are still running desktop operating systems released in 2000 and that many are working with big suppliers wrapped up in old contracts supporting applications that often saw the light of day in the 80s or, at best, the 90s, “generation” takes on a new meaning.  To those people, agile, iterative, user experience focused services are things they see when they go home and check Facebook, use Twitter or Dropbox or have their files automagically backed up into the cloud.  Splitting procurements into towers, bringing in new kinds of integrators, promising not to reward “bad” suppliers and landing new frameworks by the dozen is also different of course, but not enough to bridge the gap between legacy and no legacy. 
I am on the record elsewhere as noting that, today, GDS is an aberration, not the new normal.  Becoming the new normal is a massive, sustained job – and one that needs a path laid out so that everyone gets it.  Some will take what I say below as an attack on GDS; that’s far from what it is, it’s an attempt to look ahead and see what is coming that will trip it up and so allow action to be taken to avoid the trouble.
The Absence of Roadmap
One of the strengths of the approach that GDS is adopting is that the roadmap is weeks or maybe months long.  That means that as new things come along they can be embraced and adopted – think what would have happened if a contract for a new site had been let three months before the iPhone came out? Or a month before the iPad came out? 
It is, though, also a significant weakness.  Departments plan their spending at least a year out and often further; they let contracts that run for longer than that.  If there is – as GDS are suggesting – to be a consolidation of central government websites by April 2013 and then all websites (including those belonging to Arm’s Length Bodies) by April 2014 then there needs to be a very clear plan for how that will be achieved so that everyone can line up the resource.  Likewise, if transactions are to be put online in new, re-engineered ways (from policy through to user interaction), that too will take extensive planning.
Having a roadmap that shows, even roughly, what is planned and when is one way to bring departments towards you rather than have them wait to be told.  The digital strategies that are due out around the end of the year look, so far, too vague to count as a roadmap.  They contain aspirations rather than commitments and look a lot like what we saw in 2001.
Beware The Hockey Stick
In 2001, we looked at departmental plans for achieving the Prime Minister’s stated aim of 100% of government services online by 2005.  What we saw, perhaps obviously in hindsight, was a very high proportion of services magically appearing online in the last quarter of 2005 – a hockey stick shaped graph.  It feels like we are heading that way again.  It’s not clear how things will be done in the new way (who will pay, what will need to be done, how will it be contracted, what’s the sequence etc) so departments are hedging and putting things out, quite conveniently I imagine, to around the time of the next election.
Can You Do It Yourself?
GDS have taken what is, in my view, a brave decision to do the bulk (if not all) of the work in-house – it is, in many ways, an approach that is entirely inconsistent with everything that the government preaches elsewhere, in IT and business.  As a result not only am I unclear what problem they are solving, but I’m also wondering whether they are solving the wrong problem the wrong way.
It is, though, an interesting bet. In five years, is it likely that the same model will be in place? 
In 2001 we formed a small team of folks skilled in business and technical architecture, project delivery and commercial/finance/procurement.  We wrote no code ourselves (not for production at least – we had a team that worked on proof of concept ideas that tested out what we might get others to do).  We believed that code writing was one of the many things that government outsourced.
We contracted with various suppliers to do the work – the supply chain for the government gateway (often described as built by Microsoft) involved, for instance, over 40 UK-owned  small businesses.  We consciously did this because government – and especially the Cabinet Office – had little desire to maintain a substantial delivery team in house after it had spent the last decade outsourcing it. We created an intelligent customer that represented the whole and not just the single parts of the government. 
We chose that model because we believed that building a team for the long term is very difficult, especially within the constraints of the civil service. We also believed that suppliers, over the long term, would outperform us because they would bring in new talent, train staff and keep them focused on the task. If one person, or one supplier, didn’t work out, there’d be another one behind that one, and another one and another one.  Quite different from the civil service model that makes hiring difficult (especially in this fiscal environment) and exiting staff near impossible.
Sustained Sponsorship
There is no doubt that Francis Maude is a key driver, perhaps even the key driver, of the change agenda across government, particularly in ICT.  I’m told, frequently, that when issues with departments arise, Mr Maude is briefed and he handles the issue in a bi-lateral with the relevant departmental minister and progress is then unlocked.   That is certainly a big help – though I suspect some departments are readying their rebellious faces whether or not Mr Maude moves to be Government Chief Whip.
Being closely associated with a political sponsor is, to my mind, quite new for those involved at the sharp end of technology delivery.  I expect Ministers to champion policies – where would Universal Credit be without the sustained sponsorship of Ian Duncan Smith (and, conversely, where will NHS reform go now that Andrew Lansley has moved on).  But to see such close involvement from Ministers (ok, from one Minister) in website reform and the technology choices that underpin that is fascinating and potentially dangerous for GDS.
During the time of the e-Envoy we had four Ministers and, if you add in eGU, nine.  I suspect that my experience of the Cabinet Office is more common than the current experience where there has been stability for the last 2 ½ years.  GDS will need a plan B if Mr Maude does move on to something new.  There will also need to be a 2015 plan B if power changes hands.  Of course, if your roadmap goes out only weeks or months, then no one is looking at 2015.  That’s a mistake.
What’s The Model, Really?
Any delivery model can be made to work and, of course, any delivery model can be done badly.  Picking a model is necessary but it’s not the only part of success.  How that model gets optimal impact needs to be understood along with how it will evolve.
eDt felt that they were in the wrong place notwithstanding outstanding support from our sponsors. We were in a policy department with no reputation or desire to own delivery.  Indeed, the Cabinet Office had acquired this very team by accident after bidding for, and winning, some money from HMT which was then supplemented by further funds from the Inland Revenue).  Over a couple of years, we explored all of the available options then – trading funds, agency status, spin off, joint ventures with the private sector – but, in the end, the team was folded into a big department, the DWP, and there ended government’s flirtation with a very different approach for delivering services across the whole of government.  Until, of course, somewhat unexpectedly, some of it returned to the Cabinet Office.  It truly is a funny world.
Cabinet Office has, then, acquired GDS by accident. History repeats.  Chris Chant landed in the somewhat foundering G-Cloud programme, arranged for a lot of Macs to replace some ageing and expensive PCs and, somewhere along the way, fired up a programme to replace and achieve massive cost savings and so was born  Not a lot of people know that I think.
It would be a shame for history to continue to repeat. If and everything that underpins it from a delivery approach is to survive 5 years, let alone 10 years there needs to be thinking about how this will work.  I’ve said on this blog before that I believe the right answer may be a spin-off of GDS or a mutual so that it can get access to capital, bid for work and fully reflect its costs.  There are other choices; what’s important is to look at them and lay the ground work for making a choice and achieving it.
Transparency Of Everything
The GDS approach looks similar to a startup backed by a venture capitalist prepared to lose everything if the bet doesn’t work out (and who was anyway backing multiple other horses running the same and similar races). The VC in this case is UK government.
GDS have succeeded in being wildly transparent about their technology choices and thinking.  They are not, though, transparent about their finances.  That should change.  The close association with politicians seems to mean that GDS must champion everything that they do as a cost save – witness recent stories on identity procurement costs, website costs comparing and and so on.
Comparative costs need to be properly comparative, not presented only in the best possible light. Use fully loaded costs (that is, costs including items such as accommodation, pensions, employer NI contributions and so on, all of which would be included were the numbers like for like with a supplier cost).  Let’s see the numbers.
Given the inhouse staffing model that GDS is operating, changes are really represented only by cost of opportunity.  That makes comparing options and, particularly, benefits difficult.  In a beta world, you make more changes than you do in a production world – once you’re in production, you’re likely to make incremental changes than major ones (because, as Marc Andreessen said long ago, interfaces freeze early – people get used to them and are confused by too big a change).
It is important to know what “done” is – and not to claim that done is never done because there are always new things to do. The budget for “done” needs to be known – so that variances to that status are clear, so that opportunities can be embraced are understood in the context of scope done and cost done.  
In this agile world, done is never done; there is always another iteration to deliver. In government IT as a whole, done is never done too – requirements change, new transactions appear new devices come into play and others fade away.  
The important thing is to be clear what is going to be delivered in return for X million pounds so that the consequences of that can be measured – a gambler (that is, the government when acting as a VC) only  backs a horse that keeps running races and that wins more than it loses.
It’s Transactions That Are Important
GDS’ most public delivery is “just another website” – those who know (and care) about these things think that it might be one of the sexiest and best websites ever developed, certainly in the government world.  But it isn’t Facebook, it isn’t iTunes, it isn’t Pirate Bay.  It’s a government website; perhaps “the” government website. Once you’ve packaged a lot of content, made wonderful navigation, transformed search, you end up with the place where government spends the real money – transactions (and I don’t just mean in IT terms).  
Back when I published graphs on how many websites government had, I guessed that there was an easy £250m spent on front ends each year.  The figure spent on transactions is many times that – probably ten or even a hundred times that, especially if you add in the cost of fraud, error, debt, call centres, support and so on.  That’s also where the legacy applications are – and all of the legacy processes that are tied up in complex outsourcing agreements that were written a few years ago and certainly
don’t mention agile, iterative or quick.  Worse, many of those very same contracts are being replaced this year and next year – and the signs so far are that the contracts will look much the same; though they will be shorter duration and smaller in value (because of the split into towers).  They’re not being replaced with the thought that transactions will be fundamentally different and that the user experience will be at the forefront.
September 2001
In building the Government Gateway, we came up against the back end legacy systems.  Once you are integrating to those, the complex dance between interlocking systems governs your speed of process – you can change this one here, but that one needs to change at the same time, or you can change this end, but not that end.  Change control, version control, security, data protection and all kinds of other constraints become the norm.  There’s a reason that 10 years on the Gateway is still in place, operating much as it did on day one – it’s because it has integrated very well into the engines that drive government transactions as well as the dozens of third party products who talk to it when they talk to government – and when they need to change, it needs to be for a good reason that benefits the customer as well as the supplier of the third party product; most are not in it for charity.
Soon GDS will tell departments that their top transactions need to be re-engineered from policy through to service provision with a clear focus on the user.  At that point we move away from the technologists who are attracted to shiny new things and we hit the policy makers who are operating in a different world – they worry about local and EU legislation, about balancing the needs of vastly differing communities of stakeholders and, of course, they like to write long and complicated documents to explain their position having evaluated the range of possible options.
Tackling transactions is both fundamentally necessary and incredibly hard, though most of that isn’t about the shiny front end – it’s about the policy, the process and the integration with existing back end systems (which absorb some 65% of the £12-16bn spent per year on IT in government).  There is a sense of “Abandon Hope All Ye Who Enter Here.”
It’s more than ten years since a single website for government was proposed (I know, I was the one who proposed it and wrote it up); it was an idea that was successively endorsed in various reports and strategies.  In a couple of years it may even be a reality.  There isn’t, though, a vision, let alone an action plan, for how transactions will be delivered – where will they be hosted, how will they integrate with identity providers (and how will the government gateway be retired), how will personal data be managed, how will pre-population take place, what will be done with the transactions that are already out there and working (some with take up of 80% or more). 
There is also no proposal for how local government will be integrated into this offering, though many of the transactions undertaken by the average citizen are at a local level (and still with “government” rather than “central government”).
Beyond that, there isn’t a vision for how the need for some transactions will be removed entirely – why should I apply for a tax disc for my car, why isn’t personal tax handled automatically and so on.  That would be truly transformational – until we do that, we are persisting two centuries or more (in only some cases admittedly) of process.
July 2002
All of that needs to be laid out – I’ll take bite-sized chunks for now but it needs to be thought through to avoid dead ends.
Reliability, Resilience, Testing, Process, Bureaucracy
When turns on – and turns off after 8 years of operation it will be different, better, faster, smoother, have nicer fonts, easier search and a thousand more things. 
When a site needs to cater for 30m visitors a month and not just a few thousand beta testers who are interested in the technology, the presentation and what’s new on the web, then a new kind of discipline appears.  Breaking such a site is a bad idea – it will make news, cause disruption and make life harder.
From tomorrow, a new kind of operational rigour is inevitable.  The live site can’t break.  It can’t be taken down for a few hours for an upgrade or a database refresh. As transactions are made available, that pressure only increases. Suddenly there are complex windows when services absolutely must be available; freeze dates take over from the previous free-wheeling approaches and lots of people need to be involved to ensure that the end to end process – from the shiny new front end all the way to the ugly, old, legacy back end – works.
It will be interesting how the worlds of agile and operational rigour collide.  Things can slow down quite dramatically as regression tests are run and re-run and fixes
are made and then tested again (and not just at the front end, but across the entire delivery chain from new to old).  It’s all part of the evolution process but I suspect it will come as a shock to some on the team.
The Vision and the Roadmap
In their seminal article, “the importance of being agile”, GDS quote Louis Gerstner (of IBM) who said “the last thing [we] need right now is a vision”.  I’m making that up but it feels like it could be true.  
The first thing the rest of government needs – and is looking for – is a sense of how does this all work in the future.  What does it look like and feel like when government has only one (or a few) website(s); how will transactions work when identity is provided from a market of potentially many suppliers; when will sites and services close down; how will service levels work across government; who will pay for what when transactions are put on; how will transition from one model to the next work and so on.  A million questions, some of which could do with being answered now so that plans can be made.
eDt tried very hard to paint a picture of how we thought it would play out.  We got it wrong on almost every count.  Progress was neither as rapid nor as far reaching as we expected.  Services that we thought would do very well – secure email to support exchange of personal information, payments to government, or SMS services for notifications – didn’t do anything like the volume that we expected.  
eDt was around in an environment where there were almost no fiscal constraints.  Bidding for money was certainly a lengthy process but if you put together a compelling case, you had a good chance of being allocated funding.  The Treasury soon got fed up with being hoodwinked by departments who promised huge savings yet didn’t deliver on them and tightened the controls.  Today, though, it’s a different world.  There
isn’t any money, there aren’t many people (and there are progressively fewer)
and so making a case for investing to save further money will see scrutiny
unlike any time before now.  Does the lack of money and the lack of capacity mean, though, that much of this won’t be, or can’t be done? And if it does, how will that be resolved?
Wrap Up
What is happening now has the air of a great science experiment – ironically, that’s what GDS call some of the work that they do internally as they test out concepts.  Such experiments can go bang of course.  Sometimes, or at least once if scientists are right, there is a big bang.  That’s largely inconsistent with a government approach where requirements are mapped out and delivered over a period of years, fulfilling policy objectives as they are ticked off.
Of course, the historic approach has not worked out so well – we only need look at NHS IT, ID cards, Fire Control and so on to see that a new model is needed.
The question is whether the GDS model is the one that achieves scale transformation right across government, or whether it is another iteration in a series of waves of change that, in the end, only create local change, rather than truly structural change.
It seems unlikely that GDS can scale to take on even a reasonable chunk of government service delivery.  It also seems unlikely that enough people in
departments can be trained in the new approaches to the point where they can
shoulder enough of the burden so as to allow GDS to only steer the ship. If we add in the commercial controls, the supply chain and the complexity of policy (and the lack of join up of those policies), the challenges look insurmountable.
None of that is an argument for not trying. is old and tired and needed a massive refresh; transactions are where the real potential can be unlocked and they need to be tackled in a new way.  Much of this has been tried before, painful lessons have been learned and it would be more than a shame if the latest effort didn’t achieve its aims too.  The trick, then, is to pick the battles to fight and create the change in the right areas with the aim of infecting others.  Taking on too much at once will likely lead to failure.
Perhaps GDS is the new emperor and I am the little boy, or perhaps it is the other way round.
Fingers crossed for tomorrow’s launch of then.  A successful launch will be a
massive boost.  Great feedback from consumers would help create a rolling wave of change that would be sustained by successive iterations of high quality transaction delivery.  That would be a very good place to be.  It would, though, only be the start.

The Facebook Identity Fallacy / Fiasco

The Cabinet Office is getting a lot of press regarding new plans to allow social network sites to act as the identity brokers for government services.  The Guardian, for instance, says:

Under the Cabinet Office scheme people wanting to apply for services ranging from benefits and tax credits to passports will be able to access them using their logins for websites such as Twitter and Facebook.

they have logged on via computer or mobile phone, the social networking
site will send an email confirming their identity to the relevant
government agency, the Cabinet Office said.

It’s all so bizarre I don’t even know where to start.  But here are a couple of points at least:

  • Facebook and Twitter have no idea who I am.  They may not even know my real name.  They certainly don’t know where I live.  And they have no idea of my connection with any government services.  At best, they know the name I’ve registered with and whatever email address I used.  I don’t think government wants to get to the place where it somehow allows a bunch of friends (none of whom it knows are who they say they are anyway) to vouch for me as a good chap and deserving of benefits
  • The DWP identity procurement, which notified successful suppliers this week, expected to spend £25m (external costs, not including any DWP costs) over 18 months to manage identities from somewhere between 4 and 12 suppliers.  It seems unlikely that they will be handing that money over to Facebook and Twitter.  And even less likely that HMG will accept an email from them that says “This is Alan Mather, he’s ok, give him the benefits he needs”.

That said, I see nothing wrong with using Facebook and Twitter logins as the seed for an identity – it’s just that you need an awful lot more data from a wide range of sources to verify that you are who you say you are.   And that’s before we get into what happens if your Facebook or Twitter password is compromised – I’ve lost count of the number of spam DMs I’ve received from people in that situation.

Identity is very complicated and whilst there are some simple steps to be taken, GDS needs to get a far, far better handle on what it is telling the media lest the wrong expectations are set.  Ooops, too late, they already have.