GDS Isn’t working – Part 3 (The Reboot)



What is GDS for?  It’s a question that should be asked at a fundamental level at least every year for an organisation that set out to be agile, iterative and user led.   It’s easy to be superficial when asking such a seemingly simple question.  People inside the organisation are afraid to ask it, doubtless they’re busy being busy at what they’re doing.  They’re afraid of the consequences.  They don’t want to touch the question in case it bites – the electric fence that prevents introspection and, perhaps more importantly, outrospection.


There are several reasons why this question should be asked, but one that I would take as important, right now, is because GDS don’t know themselves, as the NAO highlighted recently.

“GDS has found it difficult to redefine its role as it has grown … initially, GDS supported exemplars of digital transformation … major transformations have had only mixed success … GDS has not sustained it’s framework of standards and guidance … roles and responsibilities are evolving … it is not yet clear what role GDS will play [in relation to transformation]”

If there was ever a time to ask “What is GDS for?”, it’s now … to help understand these numbers:

The budget is £150m in 16/17 and 17/18 (though it falls over coming years, to £77m in 19/20) and GDS has around 850 staff today (again, falling to 780 by 19/20).

Let me ask again, what is GDS for?


When those 850 staff bounce into work every morning, what is it that they are looking forward to doing?  What user needs are they going to address?  How will they know that they have been successful?  How will the rest of us know?

Given a budget, Parkinson’s Law of Government, says the department will expand to absorb that budget.

GDS has demonstrated this law in action:

  • The exemplars have finished, with varying degrees of success.  There are no further exemplars planned.  The organisation has only grown.
  • Major digital projects have stumbled badly and, in some cases, failed entirely, for instance:
    • The RPA Common Agriculture Programme, specifically re-engineered by GDS early in its life and then directly overseen by senior staff, failed to deliver.  The lessons learned in the previous RPA project, 7 years earlier, were not learned and the result was the same – a system that was late, high disallowance costs and a poor experience for the real users, the farmers.
    • Digital Borders is progressing slowly at best, even allowing for the tuned and optimistic language in the IPA report.  Seven years after the last programme was terminated in difficult circumstances, the first, less aggressive than planned, rollout of new capability is starting now
  • Nearly 5 years after DWP were ready to complete their identity procurement and around three years since its replacement, Verify design to save millions, was about to enter public Beta, the Government Gateway is still there, 16 years old and looking not a day older than it did in 2006 when the UI was last refreshed.  Verify has garnered around 1.4m users,  a very small fraction of even Self Assessment users, let alone overall Gateway users.
    • The Government Gateway is slated for replacement soon, but Verify is clearly not going to replace it – it doesn’t handle transaction throughput and validation, it doesn’t handle nomination (e.g. please let my accountant handle my Self Assessment) and, most obviously, it doesn’t handle business identity.  Given the vision that we laid down for the Gateway and all of the work that was done to lay the foundations for a long term programme that would support all aspects of identity management, Verify is nothing short of a fiasco, as demonstrated by the increasingly vocal war about its future, with HMRC seemingly building its own identity platform.  Others far more able than me, including Jerry Fishenden and David Moss have exposed its flaws, muddled thinking and the triumph of hope over ability.
    • Even now, instead of bringing departmental transactions on board, addressing true user needs and massively improving completion rate from its current low of less than 50%, the Verify team are talking up their prospects of getting 20m users by lowering identity standards and getting the private sector on board.  They blame lack of take up to date on slow delivery of digital services by departments, according to the IPA report.
  • Gov.uk, whilst a triumphal demonstration of political will to drive consolidation and a far greater achievement in presenting a joined up view of government to the citizen than achieved before, is still a patchy consolidation with formats and styles changing as you move from level to level, departmental websites still having their own separate space (compromising, as soon as you arrive in a departmental domain, the sense of consolidation), PDFs abound, and, of course, it lacks major transactions (and those that are available often have a very disjointed journey – follow the route to filing a VAT return for instance).  The enormous early progress seems to have lapsed into iterative tinkering.
  • Alongside all of that we have the latest in a long series of transformation strategies. For many months the strapline on this blog read “transforming government is like trying to relocate a cemetery, you can’t expect the residents to help”.  Since then I’ve revised my view and now believe, firmly, that in any effort to achieve transformation, government will remain the catalyst, in the true chemical sense of the word.  This strategy says that by 2020 “we will”
    • design and deliver joined-up, end-to-end services
    • deliver the major transformation programmes
    • establish a whole-government approach to transformation, laying the ground for broader transformation across the public sector
  • We all want to believe those words.  We know that these have been the goals for years, decades even.  We know that little has really been achieved.  And yet here we are, after 7 years of GDS, being asked to believe that transformation can be achieved in the next 3.  There is a Jerry Maguire feeling to this, not so much “show me the money” as “show me the plan”
  • And, lastly, we have Government as a Platform.  No one was ever quite sure what it was.  It might include the Notifications and Payments service – oddly, two services that were available on the Gateway in 2002/3, but that were turned off for some reason.
So why not ask “What is GDS for?” and use the thinking generated by that question to restructure and reboot GDS.  Any reboot requires a shutdown, of course, and some elements of GDS’s current work will, as a result of the introspection, close down.

If I were asked to answer the question, I would suggest


GDS is for facilitating the re-engineering of the way government does business – changing from the traditional, departmentally-led silos and individual forms to joined-up, proactive, thought-through interactions that range widely across government.  It is not, in my view, about controlling, stopping, writing code or religious/philosophical debates about what’s right. It’s job is to remove the obstacles that stop government from championing the user cause.


Within that the main jobs are:
  • Standards and guidelines for IT across government.  This could get dangerously out of hand but, as the NAO note, GDS has, to date, not kept its standards up to date.  Some key areas:
    • Data formats – messaging standards to allow full interoperability between government services and out to third parties through APIs.  In 2000, we called this govtalk and it worked well
    • Architecture – eventually, government IT will want to converge on a common architecture.  We are likely decades away from that on the basis it’s hardly started and replacing some of the existing systems will take more money than is available, let alone increased capacity across the user and technology community at a time when they have plenty going on.  New projects, though, should be set on a path to convergence wherever possible – that doesn’t mean getting religious about open source, but it does mean being clear about what products work and what doesn’t, how interactions should be managed and how we streamline the IT estate, improve resilience and reliability and reduce overall cost.  This team will show what the art of the possible is with small proofs of concept that can be developed by departments
    • Common component planning – all the way back in 2003 I published a first take on what that could look like.  It’s not the answer, but it’s a start.  I’m a strong believer in the underlying principles of Government as a Platform – there are some components that government doesn’t need more than one of and some that it needs just a few of.  They need to be in place before anyone can intercept with them – promising to deliver and then having a queue of projects held up by their non-availability won’t work.  And they don’t have to be delivered centrally, but they do have to take into account wider requirements than just those of whoever built them
  • Gov.uk publishing team – joined up content will best come from the centre.  This team will control what to publish and how to publish and how to ensure consistency across Gov.uk.  They will rationalise the content is there, doing what Martha originally set out – kill or cure – to make sure that the user is getting what they need
  • Agile and user needs – perhaps the single largest achievement of GDS so far,  far beyond consolidating websites for me, is getting government to recognise that there are many ways to deliver IT and that taking a user-led approach is an essential part of any of them.  I’m not wedded to agile or any other methodology, but there’s a strong argument for a central team who can coach departments through this and checkpoint with them to see how they are doing, refresh knowledge and transfer skills so that everyone isn’t learning the same lessons over and over again
  • Spending controls – a team of elite people who know how to get inside the biggest projects, not waste time on the small ones, and understand what’s being built and why and who can help design the solution at a lower cost than proposed, who can help create the hooks for current and/or future common components and who can help negotiate better deals.  These folks should be the best that can be found – a SWAT team sent to work on mission critical projects.  Their job will be to help drive delivery, not slow it down through interminable bureaucracy and arguments about the philosophy of open source.
  • Transactions team – people who go beyond the pure publishing role into understanding how to hook users into a transaction and drive completion through smart design, innate user understanding and the ability partner with departments, not preach to them from some remote ivory tower.  These folks won’t make promises they can’t keep, they will work closely with departments to move transactions that are offline today to the online world, designing them to foster high take up rates and better service for users.  This team is the future of government – they will be a mix of people who can help rethink policy and legislation, service designers, UI folks who know how to put something slick together and technologists who can understand how to manage load and resilience and integrate with third parties inside and outside of government.
  • Project managers – a mixed team who know how to deliver small and large projects, who are comfortable managing all aspects of delivery, can work with users as well as departments and suppliers and who understand the tension that is always there between waiting and shipping.
Lastly, two areas that I think are contentious; there may be others:
  • Gov.uk development – Personally, I’m in favour of using companies to do build work.  They can maintain a bench and keep their teams up to date with evolving technologies.  They can locate wherever it makes sense and call on disparate teams, around the globe if necessary.  They can call on experience from other clients and use relationships with partners and the big vendors to do the heavy lifting.    The in-house project managers will keep the suppliers in check and will manage scope, cost and time to bring projects home.  This is contentious I know – there’s an increasing appetite for government to bring development in-house; some departments, such as HMRC, have had to locate far from the usual places to ensure that they can recruit and retain staff and I think, if you’re going to do it, that’s more sensible than trying to recruit in Holborn or Shoreditch. But, me, I would give it to an up and coming UK company that was passionate about growth, entirely aligned with the user led approach and looking to make a splash.  I’d then work closely with them to make an effective transition, assuming that the code stands up to such a transition.
  • Verify – It’s time to be brave and ignore sunk costs (investment to date and contractual exit costs if any) and let this one go.  It hasn’t achieved any of the plans that were set out for it and it isn’t magically going to get to 20m users in the next couple of years, least of all if HMRC are going their own way.  The real reason for letting it go, though, is that it doesn’t solve the real problem – identity is multi-faceted. I’m me, but I do my mother’s tax return, but appoint my accountant to do mins, but I work for a company and I do their payroll, and I counter-sign the VAT return that is prepared by someone else, and I act as the power of attorney for my blind father.  Taking a slice of that isn’t helping.  Having many systems that each do a piece of that is as far from handling user needs as you can get.  Driving take up by having a lower burden of proof isn’t useful either – ask the Tax Credits folks.  HMRC are, by far, the biggest user of the Gateway.  They need citizen and business (big business, sole trader, small company) capability.  Let them take the lead – they did on the Gateway and that worked out well – and put support around them to help ensure it meets the wider needs.
How many people does that make? I’m very interested in views, disagreements, counter-points and omissions.












    Government Gateway – Teenage Angst

    Tomorrow, January 25th, the Government Gateway will be 13.  I’m still, to be honest, slightly surprised (though pleased) that the Gateway continues to be around – after all, in Internet time, things come and go in far shorter periods than that.  In the time that we have had the Gateway, we rebuilt UKonline.gov.uk with three different suppliers, launched direct.gov.uk and replatformed it some years later, then closed that down and replaced it with gov.uk which has absorbed the vast bulk of central government’s websites and has probably had 1,000 or more iterations since launch.  And yet the Gateway endures.

    In 13 years, the Gateway has, astonishingly, had precisely two user interface designs.  In the first, I personally picked the images that we used on each screen (as well as the colour schemes, the text layout and goodness knows what else) and one of the team made ‘phone calls to the rights holders (most of whom, if I recall correctly, were ordinary people who had taken nice pictures) to obtain permission for us to use their images.  If you look at the picture above, you will see three departments that no longer exist (IR and C&E formed HMRC, MAFF became Defra) and five brands (including UKonline) that also don’t exist.

    Of course we carried out formal user testing for everything we did (with a specialist company, in a purpose built room with one-way glass, observers, cameras and all that kind of thing), often through multiple iterations.  The second UI change was carried out on my watch too.    I left that role – not that of Chief UI Designer – some 9 years ago.

    My own, probably biased (but based on regular usage of it as a small business owner), sense is that the Gateway largely stopped evolving in about 2006.  Up until that point it had gone through rapid, iterative change – the first build was completed in just 90 days, with full scrutiny from a Programme Board consisting of three Permanent Secretaries, two CIOs and several other senior figures in government.  Ian McCartney, the Minister of the Cabinet Office (the Francis Maude of his day) told me as he signed off the funding for it that failure would be a “resignation issue.” I confirmed that he could have my head if we didn’t pull it off.  He replied “Not yours, mine!” in that slightly impenetrable Scottish accent of his.  We had a team, led by architects and experts from Microsoft, of over 40 SMEs (radical, I know).  Many of us worked ridiculous hours to pull off the first release – which we had picked for Burns Night, the 25th of January 2001.

    On the night of the 24th, many of us pulled another all nighter to get it done and I came back to London from the data centre, having switched the Gateway on at around 5am – the core set of configuration data was hand carried from the pre-production machine to the production machine on a 3 1/2” floppy disc.  I don’t think we could do that now, even if we could find such a disc (and a drive that supported it).  

    The Programme Board met to review what we had done and, to my surprise, the security accreditation lead (what would be called a Pan-Government Accreditor now) said that he wanted to carry out some final tests before he okayed it being switched on.  I lifted my head from the table where I may have momentarily closed my eyes and said “Ummm, I turned it on at 5.”  Security, as it so often did (then and now), won – we took the Gateway off the ‘net, carried out the further tests and turned it back on a few hours later.

    Over the following months we added online services from existing departments, added new departments (and even some Local Authorities), added capability (payments, secure messaging) and kept going.  We published what we were doing every month in an effort to be as transparent as possible.  We worked with other suppliers to support their efforts to integrate to the Gateway, developing (with Sun and Software AG, at their own risk and expense) a competitive product that handled the messaging integration (and worked with another supplier on an open source solution which we didn’t pull off).

    We published our monthly reports online – though I think that they now lost folllowing perhaps multiple migrations of the Cabinet Office website.  Here is a page from February 2004 (the full deck is linked to here) that shows what we had got done and what our plans were:






    The Gateway has long since been seen as end of life – indeed, I’ve been told several times that it has now been “deprecated” (which apparently means that the service should be avoided as it has been or is about to be superseded).  Yet it’s still here.


    What is happening then?


    Two years ago, in November 2011, I wrote a post about the Cabinet Office’s new approach to Identity. Perhaps the key paragraph in that post was “With the Cabinet Office getting behind the [Identity Programme] – and, by the sounds of it, resourcing it for the first time in its current incarnation – there is great potential, provided things move fast.  One of the first deliverables, then, should be the timetable for the completion of the standards, the required design and, very importantly, the proposed commercial model.”


    There was talk then of HMRC putting up their business case for using the new services in April 2012.  The then development lead of Universal Credit waxed on about how he would definitely be using Identity Services when UC went live in April 2013.  Oh, the good old days.


    DWP went to market for their Identity Framework in March 2012 as I noted in a post nearly a year ago. Framework contracts were awarded in November 2012.  

    Nearly five Gateway development cycles later, we are yet to see the outcome of those – and there has been little in the way of update, as I said a year ago.


    Things may, though, be about to change


    GDS, in a blog post earlier this month, say “In the first few months of 2014 we’ll be starting the IDA service in private beta with our identity providers, to allow users to access new HMRC and DVLA services.”


    Nine gateway development cycles later, we might be about to see what the new service(s) will look like.   I am very intrigued.

    Some thoughts for GDS as they hopefully enter their first year with live services:

    Third Party Providers 


    With the first iteration of the Gateway, we provided the capability for a 3rd party to authenticate someone and then issue them a digital certificate.  That certificate could be presented to the Gateway and then linked with your identity within government.  Certificates, at the time, were priced at £50 (by the 3rd party, not by government) because of the level of manual checking of documents that was required (they were initially available for companies only).  As long ago as 2002, I laid out my thoughts on digital certificates.


    There were many technical challenges with certificates, as well as commercial ones around cost.  But one of the bigger challenges was that we still had to do the authentication work to tie the owner of the digital certificate to their government identity – it was a two step process.


    With the new approach from the Cabinet Office – a significantly extended version of the early work with multiple players (up to 8 though not initially, and there is doubtless room for more later) but the same hub concept (the Gateway is just as much a hub as an authentication engine) – the same two step process will be needed.  I will prove who I am to Experian, the Post Office, Paypal or whoever, and then government will take that information and match that identity to one inside government – and they might have to do that several times for each of my interactions with, say, HMRC, DWP, DVLA and others.  There is still, as far as I know, no ring of trust where because HMRC trusts that identity, DWP will too.  Dirty data across government with confusion over National Insurance numbers, latest addresses, initials and so on all make that hard, all this time later.

    As Dawn Primarolo, then a minister overseeing the Inland Revenue, said to me, very astutely I thought, when I first presented the Gateway to her in 2001“But people will realise that we don’t actually know very much about them.  We don’t have their current address and we may have their National Insurance number stored incorrectly“.  She was right of course.

    Managing Live Service


    The new approach does, though, increase the interactions and the necessary orchestration – the providers, the hub and the departments all need to come together.  That should work fine for initial volumes but as the stress on the system increases, it will get interesting.  Many are the sleepless nights our team had as we worked with the then Inland Revenue ahead of the peak period in January.

    End to end service management with multiple providers and consumers, inside and outside of government is very challenging.  Departments disaggregating their services as contracts expire are about to find that out, GDS will also find out.  There are many lessons to learn and, sadly, most of them are learned in the frantic action that follows a problem.


    The Transaction Engine – The Forgotten Gateway


    The Gateway doesn’t, though, just do the authentication of transactions. That is, you certainly use it when you sign in to fill in your tax return or your VAT return, but you also use it (probably unwittingly) when that return is sent to government.  All the more so if you are a company who uses 3rd party software to file your returns – as pretty much every company probably does now.  That bit of the Gateway is called the “Transaction Engine” and it handles millions of data submissions a year, probably tens of millions.


    To replace the Gateway, the existing Authentication Engine (which we called R&E) within it must be decoupled from the Transaction Engine so that there can be authentication of submitted data via the new Identity Providers too, and then the Transaction Engine needs to be replaced.  That, too, is a complicated process – dozens of 3rd party applications know how to talk to the Gateway and will need to know how to talk to whatever replaces it (which, of course, may look nothing like the Transaction Engine and might, indeed, be individual services for each department or who knows what – though I have some thoughts on that).

    Delegation of Rights


    Beyond that, the very tricky problem of delegation needs to be tackled.  The Gateway supports it in a relatively rudimentary way – a small business can nominate its accountant to handle PAYE and VAT, for instance.  A larger business can establish a hierarchy where Joe does PAYE and Helen does VAT and Joe and Helen can do Corporation Tax.   But to handle something like Lasting Power of Attorney, there need to be more complex links between, say, me, my Mother and two lawyers.  Without this delegation capability – which is needed for so many transactions – the Digital by Default agenda could easily stall, handling only the simplest capabilities.

    Fraud Detection and Prevention


    Tied in with the two step authentication process I mention above is the need to deal with the inevitable fraud risk. Whilst Tax Credits was, as I said, briefly the most popular online service, it was withdrawn when substantial fraud was detected (actually, the Tax Credits service went online without any requirement for authentication – something that we fervently disagreed with but that was only supposed to be a temporary step.  Perhaps in another post I will take on the topic of Joint and Several Liability, though I am hugely reluctant to go back there).  

    In the USA, there is massive and persistent Tax Return fraud – Business Week recently put the figure at $4 billion in 2011 and forecast that it would rise to $21 billion by 2017.  That looks to be the result of simple identity fraud, just as Tax Credits experienced.  Most tax returns in the USA are filed online, many using packages such as TurboTax.   Tax rebates are far more prevalent in the USA than they are in the UK, but once the identification process includes benefits, change of address and so on, it will become a natural target.  Paul Clarke raised this issue, and some others, in an excellent recent post.

    The two step process will need to guard against any repeat of the US experience in the UK – and posting liabilities to the authentication providers would doubtless quickly lead to them disengaging from the business (and may not even be possible given the government carries out the second step which ties the person presented to a government identity record, or to a set of them).  

    We included a postal loop from day one with the Gateway, aimed at providing some additional security (which could, of course, be compromised if someone intercepted the post); removing that (as a recent GDS blog post claims it will), as I imagine will be done in the new process (Digital by Default after all) requires some additional thinking.

    User Led

    Given that “User Led” is the GDS mantra, I have little fear that users won’t be at the heart of what they do next, but it is a tricky problem this time.  For the first time, users will be confronted with non-government providers of identity (our Gateway integration with 3rd parties still resulted in a second step directly with government).  How will they know who to choose?  What happens if they don’t like who they chose and want to move to someone else? How will they know that the service that they are using is legitimate – there will be many opportunities for phishing attacks and spoof websites? How will they know that the service they are using is secure – it is one thing to give government your data, another, perhaps, to give that data to a credit agency?   Will these services be able to accumulate data about your interactions with Government?  How will third party services be audited to ensure that they are keeping data secure?

    Moving On From Gateway

    There are more than 10 million accounts, I believe, on the Gateway today.  Transitioning to new providers will require a careful, user benefit led, approach so that everyone understands why the new service is better (for everyone) than the old one.   After all, for 13 years, people have been happily filing their tax returns and companies have been sending in PAYE and VAT without being aware of any problems.  It would help, I’m sure, if the existing customers didn’t even realise things had changed – until they came to add new services that are only available with the coming solutions and were required to provide more information before they could access them; I think most would see that as a fair exchange.

    Here’s To The Future then


    Our dream, way back on Burns Night in 2001, was that we would be able to break up the Gateway into pieces and created a federated identity architecture where there would be lots of players, all bringing different business models and capabilities.  We wanted to be free of some of the restrictions that we had to work with – complex usernames and even more complicated passwords, to work with an online model, to bring in third party identification services, to join up services so that a single interaction with a user would result in multiple interactions with government departments and, as our team strap line said back then, we wanted to “deliver the technology to transform government”.


    Thirteen years on there have been some hits and some misses with that dream – inevitably we set our sights as high as we could and fell short.  I fully expect the Gateway to be around for another four or five years as it will take time for anyone to trust the new capabilities, for 3rd parties to migrate their software and for key areas like delegation to be developed.  It’s a shame that we have gone through a period of some 8 years when little has been done to improve how citizens identify themselves to government; there was so much that could have been done.

    I’m looking forward to seeing what new capabilities are unveiled sometime in the next few months – perhaps I will be invited to be a user in the “private beta” so that I can see it a bit quicker.  Perhaps, though, I shouldn’t hold my breath.

    Identical Transparency

    A little over a year ago I praised the team at GDS for their openness (Re-Inventing Government IT, February 2012):

    All of these changes are underpinned by an openness and transparency that is incredibly refreshing.  Seeing new starters in GDS blog about what it’s like to work there and very senior people across government blog / tweet / respond to comments has opened up the workings of government – my guess is that the regular audience consists of a relatively small number of geeks but the occasional bursts into the mainstream press so no change in message.  We have done betas and pilots and test versions in UK government before, but never quite in this way.  

    As I said at the beginning, with reinvention comes risk. With risk comes the potential for failure. With failure comes interrogation and criticism.  The good news is, I think, that all of the interrogation and criticism will have been done on the inside and posted on blogs long before that point

    Since then the gov.uk team have been relentless in their communication – every detail of everything they do is blogged, tweeted or otherwise made public (GitHubbed and beyond).


    But there is little sign of that same transparency and relentless communication either in the rest of GDS or, indeed, in the rest of government.  Universal Credit, for instance, has ignored my plea (and that of others) to say more about how things were going (despite an, as yet, never-ending stream of negative press stories). 


    Where GDS and UC come together is, of course, in the field of digital identity.


    In March 2012, DWP went to market (for the second time), seeking providers who could join an identity framework, specifically to support UC (initially).


    Indeed, at the time Mike Bracken (in a blog on the Cabinet Office site), said:

    “[This] marks the start of the formal process to create a market of identity services for access to digital public services.” 

    Bracken said that using this approach has cut the cost of procuring IDA from £240m to £30m

    “Creating a trust infrastructure is an exciting challenge. It is a complicated subject and won’t be delivered overnight,” he wrote in the blog. 

    Great things were expected – after all, Government had suddenly saved £210 million (through some substantial sleight of hand and changing of scope it has been said) – and the digital identity market was soon to be real.  UC itself needed the service to be ready in March 2013.
    In November 2012, the DWP announced its first seven providers (The Post Office, Cassidian, Digidentity, Experian, Ingeus, Mydex, and Verizon) within the framework and in January 2013, added an eighth (Paypal).
    Last week, Computer Weekly let the world know that DWP was putting use of identity services for UC on ice.  DWP in response said:

    “The identity provider framework was designed to be available to other government departments, which, like DWP, are also working with the Government Digital Service to develop personalised online services for citizens. 

    “In line with government best practice for cross-government services, responsibility for the framework is now being moved to the Government Procurement Service – as we’ve always said it would.”

    The latter paragraph is certainly true.   And so is the former.  There was no comment on when,if or whether UC or the DWP would use services from its own framework.
    But surely DWP should be the first buyer of services from its own framework?  And looking around government, I am yet to see a queue of other buyers of identity services.  HMRC certainly put its head above the parapet (in June and July 2012) and took a look at a new schema for identity, organising a series of workshops and detailed reviews with dozens of possible helpers (including Rainmaker Solutions, a company in which I am a partner).  But since then?  Deafening silence.
    Of course, during the last year, the GDS blog has been alive with reports of the progress, issues, challenges and achievements of the digital identity team.  Hasn’t it?  Well, no, not really.  I mean with a year gone since the procurement started and five months since the award, we must be well past discovery, into Alpha and seeing some betas … ready for UC to be live in March 2013 (or whenever it is going to come along)?
    Oddly, it seems not.  The only post I can find recently, dated March 2013, refers to an Alpha with a company that, even more oddly, is not one of the eight on the framework.  Apparently the Alpha “started long before the procurement process for central govt IDA services began”.  Long before?  Can Alphas go on for more than a year?  Doesn’t sound as agile as I had in mind.  There have been 11 GDS blog posts on Identity Assurance in the last year.  Apart from the last one noted above, none mention Alphas or any other tangible progress.  Although there was a nice trip to Washington.
    Of course, one of the key tenets that GDS have regarding their agile methodology is that there need not be a roadmap, because that would constrain the process.  So in November when an important first milestone was passed – there was no mention of when the second or third milestones would be reached.

    Re-set Identity Assurance: £10 million of funding has allowed us to start the GDS programme to work collectively across Government to deliver identity assurance  solutions for digital transactions. 

    Next year we look forward to a faster pace for delivery. While our roadmap is not finalised, and indeed will never be given the agility to which we aspire, we can look forward to some major releases.

    So where does all this leave identity in government?
    I hear talk only of the Government Gateway’s support contract being simultaneously “deprecated” and re-procured to allow it to continue providing its current services until 2017 or 2018.  That would make it an agile service – designed, developed and delivered in 90 days – still running after 15+ years.  It is, though, time for it to be retired and replaced with more capable services – they are out there, though not in the configuration and complexity that GDS seem to desire.  Government can certainly be the stimulus behind delivery of a marketplace too.  
    I hope that we’ll see a transparency identical to that adopted by the gov.uk team from the Identity Assurance team.  You can’t only publish the good news stories, that’s what politicians do.  To be open, you have to be open. The good, the bad; the rough, the smooth; the issues, the challenges; the successes, the failures.  And this looks like a failure.
    If it is, let’s get it out there and figure out how to correct it and move ahead.  Proper digital identity will underpin much of what GDS aspire to do, so we need to get it addressed.  The framework providers will be wondering where they point their solutions next, if they even have solutions.  Those who weren’t ready to bid first time around will want to know what their next opportunity is and departments wondering how to get identity done for their transactions are looking for someone to lead the way.  


    The Facebook Identity Fallacy / Fiasco

    The Cabinet Office is getting a lot of press regarding new plans to allow social network sites to act as the identity brokers for government services.  The Guardian, for instance, says:

    Under the Cabinet Office scheme people wanting to apply for services ranging from benefits and tax credits to passports will be able to access them using their logins for websites such as Twitter and Facebook.

    Once
    they have logged on via computer or mobile phone, the social networking
    site will send an email confirming their identity to the relevant
    government agency, the Cabinet Office said.

    It’s all so bizarre I don’t even know where to start.  But here are a couple of points at least:

    • Facebook and Twitter have no idea who I am.  They may not even know my real name.  They certainly don’t know where I live.  And they have no idea of my connection with any government services.  At best, they know the name I’ve registered with and whatever email address I used.  I don’t think government wants to get to the place where it somehow allows a bunch of friends (none of whom it knows are who they say they are anyway) to vouch for me as a good chap and deserving of benefits
    • The DWP identity procurement, which notified successful suppliers this week, expected to spend £25m (external costs, not including any DWP costs) over 18 months to manage identities from somewhere between 4 and 12 suppliers.  It seems unlikely that they will be handing that money over to Facebook and Twitter.  And even less likely that HMG will accept an email from them that says “This is Alan Mather, he’s ok, give him the benefits he needs”.

    That said, I see nothing wrong with using Facebook and Twitter logins as the seed for an identity – it’s just that you need an awful lot more data from a wide range of sources to verify that you are who you say you are.   And that’s before we get into what happens if your Facebook or Twitter password is compromised – I’ve lost count of the number of spam DMs I’ve received from people in that situation.

    Identity is very complicated and whilst there are some simple steps to be taken, GDS needs to get a far, far better handle on what it is telling the media lest the wrong expectations are set.  Ooops, too late, they already have.

    Making An Identity Market

    Any day now, if the timetable holds, DWP should announce the winners in their identity procurement.  The plan was to create a market of competing identity providers so as to allow Universal Credit claims to proceed with some certainty regarding the person claiming (it’s not as simple as that, but that will do for now).

    The procurement was originally released as a £250m, 5 year contract (spread across multiple suppliers) before being pulled a day or so later after Cabinet Office intervention.  The revised procurement came out some weeks later for a £25m, 18 month contract (the headlines claimed massive cost reductions; it’s not clear that there are any).

    Whilst the aim is to create a market, DWP are not buying a commodity product that exists today.  If I want to assert your identity on the Internet I do whatever each site asks me to do – at the lowest level, that’s an email address; at the highest level it can include postal address, credit card number, date of birth and some other details.  But the identity I’ve created is relatively unportable (Facebook connect notwithstanding).  Being trusted by my bank does not make me trusted by the government (and vice versa).

    The government wants to change that.  DWP are, as Cabinet Office say, “the first cab off the rank” but they will be followed by others (HMRC are discussing their approach with the market and will perhaps issue a procurement later this year or early next year).

    I was reminded of the challenges of creating a market by this graph in a recent issue of Fortune magazine.

    It shows how in the 60s, the US military essentially funded the microchip business by buying up the vast bulk of their products.  As the market grew – and consumer products began to use chips – the portion of the market supported purely military purchases fell.  And so everyone carries a smartphone, a tablet and, if they want, their fridge can surf the web whilst figuring out what dinner might be.

    The trouble is, DWP aren’t creating a market that way – they’re promising some funds (and we don’t know how much yet) to several vendors (we don’t know how many yet) for a short period without saying how many customers there will be for Universal Credit (and, given the history of this kind of thing, you’d be forgiven, I think, for guessing that rollout will be slower and longer than expected).

    And yet suppliers entering this market are building, largely from scratch, the capability that government needs – because government, being government, inevitably has some onerous and entirely bespoke requirements that mean that whatever is already out there won’t work just as it works not and so will need customisation (and sadly not configuration).

    Now, if HMRC speedily come along and have the same requirements as DWP, the volume of customers will increase.  And if other departments – http://www.gov.uk for instance – say that they want to play too, then all might still be rosy.  And if the private sector picks up on this and wants to make use of the same, then things really will be impressively rosy.

    But it’s unclear how it’s all going to work.  If you bid, and win, DWP identity, will you even need to compete to provide identity to HMRC?  It’s hard to see why you would need to – if you have UK citizens with identities in your system that were triggered by DWP, they are just as likely to be needed by HMRC (or any of the other departments).   Will the private sector want to use the same identities – after all, government will not validate the identity in any way (that is, if I successfully transact with DWP, my identity doesn’t get an additional stamp saying “DWP trusts me”?)

    Government is certainly seeding this market which is a good thing.  It’s looking for the market to provide solutions, also a good thing.  The mechanisms for how this will all work are still being defined and there is plenty that could still go wrong.  Fingers crossed it doesn’t, this is important stuff.

    The Identity Problem

    I tried to sell something on eBay the other day. I’m not a prolific user of eBay, though I’ve had an account for perhaps a decade. I’ve bought a few things but never sold anything. Crafting the description took quite some time – I wanted to be sure of a sale of course – so I worked to  figure out the right price, get a good photo and that kind of thing.
    Twenty minutes after I listed it, someone had clicked “buy it now.”. Rats, I thought. Too cheap. 
    Five minutes later I got an email from the buyer asking for my PayPal id and some better photos – apparently mine were “blurred”.  So someone wants my PayPal ID sent direct to them and some better photos … suspicious.  The eBay ID had been set up not more than 15 minutes before the email arrived.  And the name of the account came with a big fat zero results when I searched for it.   A made up name.
    Plainly a scam.  Took me 90 seconds to realise that and verify my conclusion. And, contrary to eBay’s excited email, I hadn’t sold it, no one was happy “right now” and, oh, I hadn’t pocketed the cash.
    I ignored it and waited to see what happened.  Effectively, the thing I was selling was sold but I wasn’t sending it to the London address I was given.  I wanted to know, though, what eBay would do about it.  If I was wrong and it was legitimate, then I’d be in trouble for not sending it.  And if it was a fraud, eBay should get in touch with me.
    Five days later, eBay’s Advanced Automated Anti-Fraud tools kicked in and alerted me that I was the possible victim of fraud and urged me not to send the item, or get in touch with the buyer, or provide them any more information. Five days!
    It’s absurd, really, that in 2012 we have not yet put in place a system for proving identities on the web – where such a proof of identity makes sense (I’m not going down the “real names” rabbit hole).  In a financial transaction, everything relies on trust.  And a higher level of trust – and so a lower level of fraud – can be achieved through such identity proving.
    The Cabinet Office is pursuing this through the Identity Assurance programme, although initially for government transactions.  But, by establishing a market and seeding that market with funding (by committing that Universal Credits, in the first instance, will require such identity checking), that opens up the possibility of the private sector hooking onto that same service.  
    Imagine if eBay users had an attribute that said “Trusted Identity” (along with who had verified it) … It can’t be that far off surely?