What difference will the election make to Central and Local Government IT?

| 2 Comments | No TrackBacks
| More

Now that the ministerial appointments have been made we can make a reasonable forecast of what is likely to happen to central and local government IT over the 18 months. That is the period the new government has in order to deliver results that will enable to Prime Minister to go out on a high, having agreed devo-max for Scotland, won the EU referendum (on the back of an agreed  tax and regulation reform package) and been seen to have set the UK finances and economy on the path to permanent recovery.

Bryan Glick is likely to be disappointed in his recent forecast.  If ministers are successful, the surprise with regard to central government IT will be a lack of surprises. The current big contracts are unlikely to be replaced by new big contracts. Instead HMRC and DWP will quietly continue rebuilding their in-house expertise to enable the incremental rationalisation and consolidation of both tax and benefits systems, without complex inflexible outsource contracts getting in the way. One of the lessons that John Manzoni (to whom GDS et al report) learned from his time at BP was that risk cannot be outsourced.  Now that all Central Government 'Senior Responsible Owners' are expected to have passed through the Major Projects Leadership  Academy  there is likely to be an incremental trend towards 'rightsourcing', bringing control of strategic planning, procurement and 'architecture' back in house. The measure of success will be that used by Richard Holway: 'boring' - a steady lack of surprises while delivering value for money, quality of service, shareholder value etc. etc. . In other words the flow of project bidding and contract award, let alone 'bad news', stories for Computer Weekly to cover should begin to dry up.

The Matt Hancock's IT background may have been limited to a spell in the family software house (how times have changed that you can say that of a minister) but his work at BIS on upgrading the quality, not just quantity,  of apprenticeship programmes was impressive. We can expect a strong drive to improve the in-house skills of the civil service at all levels. We can also expect a quiet tapering away of the 'semi-automatic' extension and renewal  of current outsourcing contracts and framework. The GDS will, hopefully, morph into a competent 21st century equivalent of the CCTA in its heyday, policing procurements and contracts rather than trying to deliver them itself, providing support services only for those departments too small to merit professional in-house IT of their own, using these to also develop and maintain the technical skills that it needs to do planning and monitoring.  The sorry saga at Defra means, however, that attempts to take responsibility for serious, time-critical, operational systems, of any size, are likely to be avoided for the next year or so.

I hope that rumours of a watering down of the Osborne requirement that the responsible minister, not just 'a senior official' be able to use a system before it goes live with end users are untrue. The pressure for watering down is supposedly a result of having to involve a Defra minister in iterative hands-on testing earlier this year. There may well be a need to refine the approach, e.g. with senior officials involved in beta testing, engaging ministers only when they are asked to approve roll-out. It is, however, a long overdue discipline. If ministers lack the time, perhaps they might be allowed to invite members of the Select Committee monitoring their department to deputise for them, rather than risk signing off yet another system, or website, that is unfit for use by its target audience.          

When it comes to the impact of the election on local government IT we need to look at the appointments at DCLG. All but one  of the new ministerial team have been local government councilors and three (out of five) are former council leaders.  We can expect the devolution of authority and responsibility to local government to gather pace, not just to those areas which choose to elect mayors.  Given that, on average, Local Government spends less than half that spent by central government for equivalent IT products and services, we can expect them to give short shrift to proposals to enhance the role of Cabinet Office vis a vis their systems.  We can, however, also expect no let up on the pressure to use bottom up cross-boundary co-operation to deliver more and better for less. Here I would like to make a modest proposal, not in any previous policy papers: that central government  IT operations and their contractors (including any framework deals) be required to join the relevant SOCITM benchmarking operations and explain their performance to the National Audit Office.

The future of local government IT will depend in large part on the availability of broadband that is fit for purpose. That entails ubiquitous access to cloud-based services by those delivering front-line services: from carers and community nurses to property maintenance and environmental services. The appointment of the long-serving chairman of the DCMS Select Committee to Secretary of State was inspired. Not only can we soon expect the BBC to be subjected to the tender regulatory mercies of an Ofcom chaired by some-one who knows well both its strengths  and weaknesses  we can also expect a robust review of the performance of BDUK from the MP for Maldon , where none of the exchanges currently offers more than 'up to 8 mbps' and mobile cover is little better than that in West Dorset, whose MP  once complained to me that 'the whole of my constituency is a not spot'.  That review will be all the better because of the experience, sometimes very painful, that Ed Vaizey has acquired in observing how how ministerial wishes can be interpreted in such a way as to achieve almost the opposite of what was intended. The good new is ministers and officials now appear to be singing from the same hymn sheet and to have a clear way forward in mind.  

It was no coincidence that immediately after the election it was announced that Gigaclear (who already operate 23 rural networks and are building 31 more) was to receive a further 30 million in funding from the City. We can expect more such announcements to come now that the climate for Plan B is ripe.  

What difference will the election result make to the Digital World?

| No Comments | No TrackBacks
| More
The first and most obvious difference that the election has made is that sterling and the stock market have both risen: with telecoms (BT and Colt) and outsourcing companies (Capita, MITIE and Serco) rising above the trend. The general rise indicates that the pressure on public finances is unlikely to be worse than that predicted in the budget - i.e. the pre-election "strike" of overseas investors, caused by the prospect of the SNP holding the balance of power, is unlikely to continue. Government borrowing costs will not therefore rise in the short term.The  current 'austerity' is therefore unlikely to get worse, be compounded by stagflation or be further prolonged - as those voters who changed their minds after talking to the pollsters clearly feared.

A general rise in the value of outsourcing companies is, however, not rational. If  'Lord Maude of Horsham' returns to continue his unfinished business we can expect central government framework contracts which have failed to produce competition, improve quality of service or deliver value for money, such as Civil Service Learning,  to come under much sharper scrutiny than if there had been no majority government. Meanwhile the programmes of DWP and HMRC to rebuild their in-house skills in order to enable incremental change (as with the Universal Credit) appear to be gathering pace. We may well therefore be seeing the start of a general trend towards 'right sourcing' with a new generation of more broadly based framework procurement contracts, designed to make it practical for SMEs to actually win profitable business, not just break their hearts with futile bids.

The area where share price rises might well be justified is with regard to those who have structured their cloud-based offerings in such a way as to help local authorities make incremental savings on positive cash flow. I met several just before the election, at the SOCITM Spring conference, as well as some of those looking to use 4G mobiles (accessing cloud-based services) to strip out further layers of cost while delivering better front-line services. The success of those, like Capita, who are helping organise lower cost, shared services across local authorities, also makes them more attractive to investors.

The rise in the share price of BT after the election also appears odd. I would expect ministers to wish to collect their pound of flesh after the earfuls they have received during the election campaign over the performance of BDUK - with MPs standing for re-election also well aware that the service gap between rural Conservative constituencies and Labour urban seats has widened over the past year. We can therefore expect to see local authorities encouraged to enforce the small print of the BDUK contracts and perhaps even co-operate with the EU regarding the potential claw back of 'state aid' if BT does not "up its game".

We can also expect action to expedite the implementation of Digital Communications Infrastructure Strategy. The "map" of national networks, released at the same time,  should be seen as indicating those publicly funded networks which central government would like to put in play to help pull through investment in the inter-operable, next generation, IPV6/5G networks (local as well as regional and national) that need to be ubiquitous within the decade if the UK is to be a globally competitive player in the on-line world. Virgin has already benefited from HMG underwriting for its investment plans and we should expect a repeat of the invitation to others to apply, as part of the plans to use infrastructure investment to help pull through recovery while neither increasing public sector borrowing nor mortgaging the future with more PFIs. The reference to 5G standards in the Conservative Manifesto is also most apposite.

BT's share price rose after it reported rising profits on falling turnover before jumping again after the election result. A quick look at BT's accounts shows that over the past three years capital investment has been static with revenues falling faster than volumes are rising in all areas, except for its Broadband TV business. The profit rise is because of overall efficiency improvements but most particularly because operations and maintenance costs fall as fibre (even if only to the cabinet) replaces crap (copper, rust and associated pollutants).

But BT has barely begun the transition from its thirty year old 21CN (fibre to the cabinet) architecture and is stuck with a mortgaged exchange network. Unless it changes strategy, to actively collaborate with those planning next generation "community" networks (all sizes from hamlets, through business parks and commercial centres to whole cities), it is likely to come under serious competitive pressure, with revenues ebbing away as others leapfrog it, providing better cheaper services, using different investment models.

Hence plan Plan B, which I presented to the SOCITM Spring Conference a couple of weeks ago. I did, however, say afterwards that within 5 - 10 years I would expect most of the community networks to not only feed into BT but be operated by BT, just as Stokab is now run by the Swedish incumbent. For that happen the netowrks must, however, have been built to the latest "futureproof" international standards. That is not difficult because the necessary equipment and training are now globally available, unlike that to maintain some of the legacy networks still operated by BT.      

There are welcome signs that BT it gearing up for the scale of change necessary over the next few years. Not only are its attitudes towards working with local authorities beginning to change (with a variety of pilot offerings of support) but the scale and nature of its apprentice (including and post-graduate apprentice) intake is impressive. So too is the content of that training. For example, BT is now probably the largest UK trainer of information and network security technicians and professionals outside GCHQ and has overhauled the security training it provides to ALL staff.

That leads me into one of the most public changes that I expect as a result of the election result. David Cameron's "thank you' e-mail to supporters begins with a reference  '3 million apprenticeships", before mentioning childcare, cutting taxes, building homes and a referendum on our future in Europe. Giving our children the skills they need for the jobs of future emerged as a key theme during the campaign, perhaps second only to affordable housing. The idea that we should import skills and talent because we have not properly educated our own children and retrained our own workforce went down like a lead balloon on the doorstep. The universities who depend on overseas students, as well as those tech companies who operate global career paths, have to find ways of better leveling the playing field and preventing abuse. If not, they will be caught in the middle as government acts to fulfill the commitments that have been made with regard to getting immigration under control.

During the run up to the election we also saw some very public commitments regarding the need to level the tax playing field between the on-line world and the 'real' world. Well known technology players have been named alongside bankers and non-doms as tax avoiders. We can therefore expect concerted action, in co-operation with the rest of the G20, against those who route their UK sales through Luxembourg or Ireland in order to reduce tax, It is too soon to tell whether this will be linked to a rationalisation of regulation in time to preserve the UK Fintech industry. Hopefully the threat that HSBC might leave the UK, almost certainly to be followed by Standard Chartered and others,has helped concentrate minds on the choice between maximising net tax take and gesture politics.

That rationalisation needs to include making it easier for those based in the UK to take action against on-line impersonation and other on-line abuse. This could turn out to be a critical factor in persuading some major financial services players to remain based in London. As yet, has been neglected in debates over 'Internet Governance' that have been dominated by those whose objective is to make money by selling internet addresses at the highest price. The pressures for action to protect the vulnerable came out very clearly during the election. The patronising response to those who raise such issues is beginning to put on-line revenues at risk, as the CEOs of major advertisers start asking awkward questions.   

Finally there is the question of Europe, to be more precise for this audience, the question of the Digital Single Market. The consultations over the practical implementation of the Commission Strategy, published the day before the election, offer an opportunity to help bring about some of the reforms necessary to help ensure a 'Yes" vote in the referendum that has been promised. Many of areas where action is proposed by the Commission should have common support across the IT industry. But some are deeply divisive - such as action on geo-blocking and on copyright reform.

The call for action to reduce 'the VAT related burden' will, in practice, link tightly to the 'Action Plan on a renewed approach for corporate taxation in the Single Market" - aka the EU implementation of actions agreed at the G20 (which i mentioned above). Effective action in this area is likely to be electorally popular, particularly among the millions of SMEs and those working in traditional businesses, who feel they are carrying a disproportionate tax burden, while major on-line and outsourcing players are seen to pay little or no UK tax.
             
I took time out of electioneering to attend a Digital Policy Alliance DSM Group meeting, chaired by Malcolm Harbour on the morning that the final (as opposed to draft) Commission Communication was published. The report of that meeting will be published soon on the DPA website. The group agreed to focus on those areas where members could agree to work together, including a couple where there appear to be vacuums in the Commission thinking. One of the latter is skills. This is a "national competence' but the Commission could exercise practical thought leadership to help led our digital skills debates out of ground hog day  and gain a popularity with voters that is sadly lacking.         

This leads me back to the answer to the question in the heading.

The biggest difference the election result will make is that we will not have a short term government funding and sterling crisis. We therefore have time for innovative IT players to make viable businesses out of using inter-operable cloud-based services to help public sector organisations bring about incremental change, on positive cash flow.  Those who were still hoping for a return to the world of PFI based outsourcing and consultant planned, delayed big-bang projects, will have had their hopes dashed.

But cloud-based operations depend on ubiquitous broadband that is fit for purpose. Hence the importance of locally driven variations on Plan B ... read on for a the slide presentation on this to SOCITM, whose members will have a critical role in helping bring the change about - so that they can, in turn, use the results to achieve their own objectives as well as help pull through local prosperity and jobs.  


The Gulf between the people and the techies: IT Professionals ARE indeed different

| No Comments | No TrackBacks
| More
Thank you to Computer Weekly for enabling me to download the pcl report "Made to Measure: Intelligent Personality Assessment - inside the mind of IT Professionals". I remember when the British Computer Society wanted a soap opera to promote IT careers. We got "The IT Crowd". The diagram on page 18  of the pcl report, summarising the average personality and competence profiles of different professionals  shows how accurate it was. The IT professionals come top in studiousness and bottom in sociability, assertiveness, compliance and composure. They also perform poorly on perfectionism (which might come as a surprise to some, but not to others!) and on sensitivity (no great surprise).

Given that the industry has long used psychometric tests in its recruitment processes this raise the interesting question of whether the nerdish profile is the result of nature, nurture or is a side effect of the industry's selection processes. At any rate, it does not augur well for the production of more successful systems in the future.   

At any rate, it helps explain what I reported in my last blog entry - that there is a wide and growing gulf between the priorities of the IT industry and its lobbyists and the rest of the electorate.

If we really do want to change the profile of the industry and deliver more successful and reliable systems we have to begin by rewriting our careers material - to attract sociable, sensitive and imaginative perfectionists as opposed to studious, rebellious (i.e. low on compliance) introverts. 

Now back to the pavement, meeting 'real' people.  

When politics meets IT: the gulf between the people and the techies

| No Comments | No TrackBacks
| More
The technical press and industry lobbyists appear to be living on a different planet to most voters when it comes to assessing what the election will mean for on-line services and technology related jobs. The views of mainstream voters may come as nasty shock to those who have grown used to believing their own propaganda and expect end-users to be grateful for what they receive. The gulf of misunderstanding is likely to have significant implications, particularly if the next government is unstable and has to cope with a collapse of sterling and a sharp rise in public sector borrowing costs - leading to a choice between stagflation and yet more austerity - with cuts in public sector IT spend seen as preferable to cuts in those delivering front-line services.

There appear to be three main technology areas which voters wish to discuss. These appear taboo among technical circles - perhaps because credible responses involve taking on interest groups on whose goodwill the trade associations and professional bodies rely. The main IT and Communications suppliers will, however, have to find constructive ways of addressing them if they are not to be hit hard, where it hurts, in the wallet, with a mix of taxation and regulation. At the same time public sector spend on outside suppliers (except where the latter help local authorities get rapid payback from instant savings) is likely to shrink - leading to further cutbacks on the part of those most dependent on taxpayer funded business.   

No-one has referred to the EU Digital Single Market reform strategy (whether in the UK technical press or elsewhere during the campaign), despite the widespread leak of the main draft and supporting "evidence". This should be of serious concern to those who think that the "real" decisions are being taken in Brussels. The only group reviewing that strategy and organising inputs in time to have effect is the DPA Digital Single Market Group, chaired by Malcolm Harbour. My own review of the section on digital skills has just been circulated to the group for comment and may already have been "leaked" to the Commission in advance of the publication of their "final" draft - due next week.

But back to the technology concerns of UK voters:
 
1) The first area on which voters (particularly those employed in the public sector) often have strong views is the perceived poor quality of service from outsourced public sector operations. The public is no longer willing to accept that this is because of "cuts". They are beginning to blame (rightly or wrongly) "multi-national suppliers who take profits overseas" and cut their own costs by employing immigrant contractors or exporting jobs to maintain inflexible legacy contracts.

2) The second area which voters (from those affected by the abuse of family members to those running small businesses) often have strong views concerns the safety, security, privacy and reliability of on-line services run by those who do not pay their fair share of taxes. Almost all have had personal experience of abuse and or fraud (usually trivial amounts which have been refunded). The patronising attitudes of those they go to for help mean that global ISPs are now about as popular as Banks. The list of those voters want targeted for tax avoidance tends to begin with well-known technology companies and on-line retailers - alongside Greek Shipowners and Russian oligarchs.

3) The third is broadband, where small firms in urban areas are making common cause with rural activists and those who have slow or unreliable landline services at home or work or are plagued with notspots or roaming charges when they travel. 
There is no credible red blood, blue water or yellow bile between the parties on broadband policy but the views expressed by voters, and the comments candidates are having to make at local hustings. will almost certainly come back to haunt the new intake of MPs when they stand for election again with a year or so - after the widely expected hung parliament has led to a replay.

We can, therefore, begin to predict what will happen after the election - who-ever (if anyone) is in power. 

1) Anger with public service delivery - leading to devolution and "right sourcing"

Most voters take for granted those systems and services that work reliably and are easy to use. But they increasingly dislike those who provide them, from outsource suppliers to Internet Service Providers, usually because of the patronising and unhelpful responses they get when things go wrong. That is especially so when those pressing for change are told that the service is working well, in line with procurement or framework contracts, the details of which are "commercial in confidence".

I spent nearly half a hour on one doorstep (I "waste" time because I am actually interested in what people think) listening to a social worker complaining about the fragmented benefit and welfare services that condemned those she served to poverty and unemployment, because they could not afford to take the work available and thus begin the climb back into "society". She had chapter and verse on the traps and the nature of the work available locally (plenty of it but nearly all temporary and transitory), was IT literate (more up-to-date than me in contrasting the software used in the public and private sectors for end-user support systems) and was a great fan of Ian Duncan Smith's insistence that the Universal Benefit systems be tested with real people before being rolled out. She also thought that the government should be able to reduce welfare spend by far more than 12 billion from welfare by helping her clients (and their peers) into work - if only they stopped using expensive, contract driven, proprietary services from outsource suppliers who took their profits overseas and took the work back in house! She also named the suppliers and consultants she thought were to blame.

Such attitudes (and inside knowledge) are not unusual.

A couple of nights ago I was at a crowded hustings meeting (standing room only) where the rise in demand for foodbanks from those whose benefits had been delayed was directly blamed on an named outsource provider. There was applause from the floor when it was said that the contractor, originally appointed by the previous government, had been fired and service was now improving. The reality is more complex - but I am reporting what I heard - not what I believe to be correct.

Who-ever is in power after the election we can expect a more "robust" approach to negotiations with suppliers and an increasing willingness of ministers to devolve responsibility to local government - so that some-one else can be blamed. Those suppliers who help groups of local authorities to work together across boundaries to use cloud over broadband to deliver more and better for less look set to inherit the market - especially when they support incremental change on positive cash flow. I am pleased to say that I had a very positive response from some of the Cloud Suppliers at the SOCITM Spring Conference where I presented "Plan B". They are already working on the opportunity.

2) "Something must be done" about the Internet

The time has passed when the Internet was "special" and it was OK for suppliers to provide "free" services in return for harvesting our personal data (to use how they wished) while avoiding responsibility for helping take action when other users did "bad" things. Unfortunately current debate about that "something" that "must be done" is incoherent. But those who claim that "nothing" should be done, because of that incoherence, risk bringing about the worst of all worlds. Once again, realistic progress will be incremental: hence the importance of well-targeted initiatives like the DPA Age Verification Group, focused on harnessing existing technologies to improve customer confidence at the same time as making it very much easier to meet regulatory requirements around the world, not just in the UK.

That is, however, but one small shuffle in a long march. During the campaign I have heard a number of well-informed views from small businesses, including one who was incandescent about the way that the .co.uk name to which they thought they should be entitled had been sold to some-one with a fictional address on the other side of the world. It was being used for fraud which was being blamed on him. He had been deeply unimpressed by the process for halting the abuse. Having observed the actions of the lawyers working on behalf of their clients to prevent the reforms that would help greatly reduce the risk in this area, I said as little as possible. I look forward, however, to the build up of an unstoppable campaign for change.

I would, however, far prefer to see those who have good business reasons for working together to improve confidence in the Internet working through the IETF, ICANN and ISOC (as well as the regional and national registration supply chain) to produce rather better "solutions" than the politicians would.

3) We have to enable those who will benefit most to help pull through investment in Ubiquitous Broadband           

I do not believe the headline that claims broadband will influence one in five voters but it is easy to see why Conservatives representing rural constituencies are very much more concerned about the issues than Labour MPs representing urban constituencies . We need to see an end to policies based on protecting BT's past investment and subsidising extensions of its legacy networks while BT focuses its own efforts on a quad play business model..Earlier this this week I was privileged to go direct from an IIC Meeting on funding the transition from copper to fibre to a London Business School Alumni event at which Sir Michael Rake talked about the task of turning round BT after its business model and share price had been destroyed by Ofcom. I attended LBS in the early 1970s when Michael Beasley taught us regulatory economics, The way in which regulation then supported the ossification of the AT&T monopoly was one of his case studies. His thinking lay behind the creation of Oftel in such a way as to incentive the incumbent to invest and innovate. The way Ofcom subsequently removed those incentives and BT responded in order to survive, would make a great case study for future LBS students.

We have to make it more attractive for those who have a choice to invest in UK infrastructure than that of the North or South America. We also have to allow enable those who have no choice, (householders, landlords, small firms and local government), to pool their budgets and use municipal enterprise to make the difference - hence Plan B to pull through the F plan. The location of our current high tech hubs is no accident - they cluster where there is good broadband and gravitate to where there needs are taken seriously. It is similarly no accident that INCAs next Smart City event is in Bristol where the Council is looking to pool budgets to attract serious infrastructure players to help its growth plans.  . 

Meanwhile remember the motto for our postal voting system that would disgrace a banana republic - vote early, vote often. 

I forget a key component when I used the analogy of the construction of the railways and canals in my blog yesterday on the means of implementing the Digital Communications Infrastucture Strategy and making a reality of Martha Lane Fox's vision for "Dot Everyone".
 
The success of both canals and railways depended on standards.

Unless we take action soon we will face the Internet equivalent of the battle of the gauges within a few years.

The rest of the world is going IPV6.

The cost of transition is relatively trivial for those who plan in advance. It will not be so for those left behind. Internet innovators who cannot develop and test for an IPV6 world, because they lack on-line "native" access, are at an increasing disadvantage.

Verizon, the largest US network operator, transitioned its core network nearly a decade ago. It mandated IPV6 for its linked mobile operators as long ago as 2009. In 2010 the US Federal Government set deadlines of 2012 to convert all public facing Federal Applications to support IPV6 and 2014 for all internal applications. In consequneces almost all mainstream communications equipment installed over the past five years, anywhere in the world, including in the UK supports IPV6.

But the facilities have not yet been "switched on" by most UK national networks because of problems with their legacy equipment. In consequence, if you wish to develop products and services for the IPV6 world (e.g. for "Smart Buildings" or the "Internet of Things") you can be at a severe disadvantage unless you can get space in an innovation centre linked direct to JANET - the only UK network that has fully transitioned. Hence another of the reasons for the rental differential between those on opposite sides of the road in Shoreditch.   

Were HMG to copy the US Federal Government in mandating IPV6 compliance for PSN2 and all forward taxpayer funded projects that situation would change very rapidly - although it there would be opposition  - as there was when the Inland Revenue Service tried to ignore the US Presidential Order five years ago.

I have therfre edited the blog entry on Plan B to include reference to IPV6 - and apoligise to thsoe readers who forcefully pointed out the ommission.






Shortly after the budget I blogged a welcome for the DCMS-Treasury Digital Communications Infrastructure Strategy. Last week I welcomed Martha Lane Fox's vision for Dot Everyone, albeit expressing my fear that a national institution, let alone a "plan",  will constrain growth and innovation (in line with the business models of currently dominant players) instead of achieving the transformation needed. I concluded by promising that I would follow the F-PLan with Plan B - for a business-led transformation.

It is apposite that the Labour Party has referenced the problems Britain faced in 1799 in its attack on the tax status of non-doms . In 1799 Britain was still recovering from a disastrous slump after the loss of the American Colonies. It was, yet again, at war with the rest of Europe (albeit more rather bloodily that our current regulatory spats). The government was in desparate need of money, but dared not choke off economic recovery lest it too face a revolutionary bloodbath (like the rest of what is now the EU). It also feared the defection of its wealth generating colonies in the West Indies to the nascent zero taxation United States. The first volume of Gibbons "Decline and Fall of the Roman Empire", (destroyed from within by bureaucracy and over-taxation), had been read by many more politicians than Adam Smith's Wealth of Nations. The Britain had been turned round from the slump that followed to loss of the American Colonies by a deliberate bonfire of regulation and the scrapping of all taxes that cost more than they raised. The politicians of the day also had a strong prejudice prejudice against central planning, "If death came from Rome we would all be immortal". That prejudice lasted nearly a century. I do not intend to defend the current tax status of non-doms, in part because I too think it unfair and suspect that the difference between Ed Balls and George Osborne is small print that will serve only to make money for tax lawyers and accountants. I do, however, wish to draw parallels with regard to the creation of the infrastructures, from canals to through railways, water, gas and electricity to the telephone network, on which we still depend.  

The Georgian canals and Victorian railways were nearly all funded by consortia of landlords and  businessmen who expected to benefit from rising property prices and falling transport costs for their raw materials and produce. Today funding from those who expect to benefit most is missing from almost all plans to organise and finance the transition from 20th century voice and data networks to a 21st century, Internet age, mesh of high resilience, inter-operable, IPV6 based networks. Work is taking place on most of the other elements, from regulatory (where the US FCC has shown the way by classifying broadband as an essential utility) to standards (as for PSN, Smart Cities and Smart Grids). But those calling for a "national" policy have yet to address the issues of funding. They appear to expect a small group of incumbents operators to pay for bottleneck removal and network build that wll not make them more money, indeed it may even reduce their revenues. They expect government subsidy to make up the differnce. Meanwhile a growing number of communities are benefiting from alternative investment models at the local level. The most recent are  Liverpool and Woking.

80% of the cost of new network build is civil engineering, including wayleave and access arrangements. In rural areas the cost falls dramatically when farmers provide uncharged access and  help with trenching in return for service and shareholdings. In urban areas the cost reductions can be similarly dramatic. A recent meeting of inner city property owners (both commercial and residential, including social housing) and operators (both fixed and wireless) identified that the legal fees involved in agreeing wayleave and access arrangements (because current standard agreements are inappropriate for multi-tenanted buildings) averaged nearly as much as the equipment costs. Meanwhile the potential revenue from wayleave rentals and access charges is negligible compared to added value that comes from offering a choice of world class communications and smart building services to tenants.

New-build properties such as the Shard or Heron Tower incorporate shared communications spines to handle the network demands, including from smart building controls, anticipated over the next few decades.  Such spines has already been retrofitted during major rebuilds and upgrades, such as for Tower 42 and Centre Point in London.  Incremental change, to upgrade existing communication infrastructures, as tenants come and go in multi-tenanted properties, whether commercial or residential (as in common in inner cities), is more complex and needs to allow for the risk of one operator disrupting the services of another during maintenance, upgrade or when a new tenant wants a change of service.  A growing number of players are, however, offering services in this space and the rate of take-up for these has accelerated over the past 18 months.  Similarly a growing number of landlords and of those managing large portfolios of multi-tenanted properties can see the value of using semi-standard agreements for shared wayleaves and access which give changing populations of tenants a choice of service.

Conversely innovative operators wish to use the upgrade of legacy arrangements (which often assume exclusivity, rapid access for sub-contractors of unknown provenance and one-way break clauses) to organise profitable, rapid payback, offers to attractive groups of tenants.

The issues relating to Inner Cities, (tiers of ownership and control from freeholder, leaseholder, sub-leaseholder, tenant and sub-tenant, plus managing agents and building controllers) are different to those in a suburban or rural area where ownership and control have fewer tiers but may be more fragmented. The value to participants of the solutions on offer also differs. Some landlords and property owners welcome and may help fund incremental infrastructure investments that meet their own needs and those of their tenants. Others are less enthusiastic. The issues that need to be addressed are not, therefore, readily amenable to nationally standard solutions: hence the failure of the first attempt to update the Electronic Communications Code and narrowness of those being addressed by the current consultation   deadline 30th April.

The need is to bring together those who wish to address the future needs of themselves and their customers, their tenants and, in the case of local authorities, their voters and business rate-payers.A group of inner London landlords, local authorities and network operators is looking at wayleave and access arrangements and has its second meeting next week.

In January I attended a workshop organised by Regional Network Solutions and hosted by BT Redcare to learn from case studies of co-operation, pooling budgets for CCTV, traffic and street furniture management and using local authority wayleaves and the spirit behind the Social Value Act   (not just the small print) to massively upgrade shared infrastructures at the same time as enduring serious budget cuts and transitioning to PSN standards  - whatever they are. I will not embarrass the speaker who knifed to the heart of successful collaboration with the wonderful phrase "the ego has landed". The "real" obstacle to effective collaboration is rarely business case or even ring-fenced budgeting - there are usually ways round. The real obstacles are "status" and "politics". "Success is driven by those willing to undergo a "charisma bypass" and give credit to those whose support is needed - even if they have had to be bludgeoned into giving it.

The bad news is that I agreed to try to organise the production of a "Dummies Guide to Collaboration", without having identified who to get to do the work necessary, let alone who to get to pay them. I had assumed that the suppliers who would stand to benefit from new spend during a time of increasing austerity cutbacks would be enthusiastic. I now realise that the suppliers are divided into two main camps. There are those working flat out with all the business they handle, usually on incremental projects with payback within weeks or months - not years. And there are those sitting on their hands, spinning out legacy contracts and hoping that the next government will unleash a new round of PFIs,      

Meanwhile the world has changed. The purchase of O2 by Hutchison Whampoa (to merge with 3), on top of that of EE by BT, the £3 billion roll-out plans of Virgin Media (backed by HMG loan guarantees) and the rate of growth of traffic over networks like that of Sky (more than doubled in a single year) also mean that Vodafone has gone from market leader (with a massive war chest from Verizon to finally sort out its inheritance from Cable & Wireless) to laggard. Whether or not the "collective" business model of bundled "Quadplay" services will survive (let alone thrive), none of them is currently meeting the needs of business users and the backhaul networks they currently share (in shifting consortia) are creaking as traffic growth accelerates, now doubling in under a year.

Hence the growing investment in local projects to install fibre to the premises or femto (supporting a mobile or wifi cell), particularly business premises: from start-ups like B4RN (enlisting community labour to hold down costs), through players like Gigaclear , Hyperoptic (backed by George Soros   and City Fibre to inward investors like Hong Kong Telecom (their parent PCCW  owns UK Broadband  or EMCOR (helping Woking leapfrog even further ahead of its competitors as a business location Most commercial players are, however, only looking at locations where the local authority will help them cut costs (e.g. by providing shared access to its own wayleaves and infrastructure and accelerating planning permission) and reduce risk (by helping them identify customers who will pay, or at least commit, up front). That enables them to achieve the rapid payback necessary to fund the next project (or three) without the need to dilute their equity.

BT and the other incumbent players are still trying to work out whether this is a threat or an opportunity to pass the cost of improving local business connectivity to others, while they focus on improving backhaul - so as to harvest the new traffic for their national networks, while plotting to take over the new networks when those running them get tired or bored - as is now happening in Sweden with the municipal dark fibre networks being taken over by the incumbent. This was, of course, what happened in the 19th century when the National Telephone Company  hoovered up local operations before it was taken over by the General Post Office (so that Government could tap the phone lines!!!).

Meanwhile BT has joined Virgin and KCOM in resisting calls to open up its own backhaul and distribution networks, at least until they get access to those of others (e.g. to replace copper lines on electricity poles with fibre without paying ludicrous, to them, fees). And who is to say they are actually wrong, given the need to improve capacity and resilience with regard to some of the choke points where other players are most wanting access.

Given such a potentially competitive market, however, the cost of serving the socially and geographically excluded, whether in inner city social housing or rural areas, should fall. The only reason to fear that it will rise is if government support policy is focussed on enabling BT to extend its legacy networks and thus to cherry pick those who are easiest to serve - as opposed to creating integrated networks using alternative technologies that are better suited to remote, or otherwise difficult, locations and unusual topologies.       

In short, there is a lot happening. The time is also ripe to stop waiting for GODOT (Government obfuscation, delay or other time-wasting) and let local enterprise (local authorities in partnership with property owners, landlords, estate agents, property developers tenants, business and residents) do the job - while adhering to the international inter-operabiity standards (including IPV6) which mean that any who fail or get bored can be taken over  and integrated with the operations of those who stay the course.    

On 23rd April I therefore plan to use the opportunity of the SOCITM Annual Conference  to call for local authorities to work together to show central government how to do digital infrastructure better - with Manchester showing London how to leapfrog Hong Kong into the 21st Century and Leeds refighting the Wars of the Roses to show Manchester that Yorkshire can do IT even better.

I am now seeking to engage those suppliers who see making money by helping build the future as a better use of their resources than lobbying the next government (via the corridors of Westminster and Whitehall, trying to use Son of PSN"  or the current DECC consultation) to preserve and extend bloated legacy contacts until they go belly up, like stranded wales, rotting on the beach of history.

P.S. The DECC consultation (deadline 15th June)   looks particularly odd - like an attempt to herd the existing smart meter networks serving business onto the new domestic smart metering system before the latter collapses for lack of take-up. The business (as opposed to political) case for a separate network for smart meters was always suspect (it dates back to when Ed Milliband, as Secretary of State replaced the proposed industry-funded scalable pilots by a national programme). It now looks positively dated as the landlords of shared office blocks and business parks are looking to install shared infrastructures (ducts, masts, risers and equipment rooms if not necessarily shared cables and aerials) for wifi, mobile, smart buildings and all forms of business and industrial communication.      

Delivering the digital infrastructure for Dot Everyone - The F Plan

| No Comments | No TrackBacks
| More
I was not able to watch this year's Dimbleby Lecture when it happened but over the Easter week-end I made time to watch the challenge that Martha Lane-Fox made to the Dimbleby's (and the other media figures and journalists present) to help educate politicians and industry leaders on the actions needed to help the UK leapfrog the competition and lead the rest of the world into the Internet Age. I liked the concept of "Dot Everyone" but fear that any attempt to create an "institution" would achieve the oppostie of what she intended: for reasons to which she alluded.  I totally agree with her point on the need to engage more women in key roles. This government has just made a leap forward and Ofcom appears to have begun its overdue transformation even before its new female chairman and chief executive arrived. [I remember Patricia Hodgson from University - charming but highly disciplined and a rigorous intellect. I too would have begun to mend my ways if faced with the prospect of her as my chairman].

I also liked Martha's points on the need to use the Anniversary of Magna Carta to take a lead in addressing ethical and moral issues,  . I would add that we need practice  as well as theory. I have strong reservations regarding on the ability of any government support institution to be moral and ethical, hence the caution of my welcome, earlier this year, for the Labour Party plans to focus on social inclusion and ethical policy rather than cost savings . It should indeed be possible to achieve to achieve all three - but only if policy is driven incrementally by users (alias victims) - not by "experts". All too often the most unfeeling, heartless, bureaucratic and wasteful of policy implementations turn out to have been produced by "professionals", supposedly following the "best practice" of their "Institution".

I would, however, like to focus on Martha's first point: the need to spread understanding about how the Internet actually works and how we ensure social inclusion. I would extend her argument to cover am understanding of the actions necessary to deliver socially inclusive communications infrastructures that are fast, fit for purpose, flexible, future proof, fail safe and fraud resistant. I, like her, began life as a historian, before spending time (after Business School)  as a corporate planner, looking at how to cope with the future - based both on what we knew and what we did not know. I strongly believe, in consequence, that FIRST we have to be honest about the present and how we got here.

I have often been critical about the way BDUK has bolstered BT's monopoly position, beginning almost immediately after its creation but my blogs have rarely recognised why it did what it did, or its very real achievements. I would like to correct that. In 2010 the coalition government inherited a 20th century communications policy that had run out of steam. Neither DCMS, BIS or Ofcom had the skills and understanding to do any better and DCMS officials had to give priority to the Olympics . The inherited policy was based on accessing on-line services over infrastructures designed for the telephone age. More-over the New Labour decision to switch from "competition in the local loop" to "local loop unbundling" had destroyed the business case behind BT's plans to upgrade and extend its 21CN network to provide "full motion, broadcast quality, video to the home" (the original definition of broadband) by 2002. Meanwhile the Government decision not to re-invest the £20 billion receipts from spectrum auctions in communications infrastructure had starved both BT and the mobile operators of funding. New investment stopped. Preventive maintenance fell behind. The networks were beginning to crumble even before the financial crisis- although few recognised this at the time.

The BDUK procurement process bought time for BT and enabled it to delay new commitents until after it had delivered the infrastructure and support for the Olympics. Most voters now live within a kilometre of a fibre-connected cabinet capable of providing services that are fit for most of their current needs, fixed or mobile. But many business users, as well as those living more than a mile away, are left trying to run "motorway traffic" over "country lanes" (copper and aluminum telephone lines that may be fifty years old or more). More-over the national fixed and mobile infrastructures to which they connect are overloaded and creaking, with traffic volumes rising faster than capacity: more than doubling over the past year, for example - with growth accelerating.
 
Meanwhile consumers expect services to be digital by default and much of life, from watching sport to shopping (whether on-line or in a supermarket) would grind to a halt if we lost access to the Internet because of fire , flood or digititis.  The rest of the world has begun the transition to a new world of ultra-reliable, resilient, ubiquitous mesh networks. As Martha Lane Fox said in her Dimbleby Lecture, we must not only catch them up, but leapfrog them - if we wish our children to have the education and jobs of the future.

That means not just fibre to the front door or local mobile or wifi aerial, but networks that are inter-operable with the future as well as with each other, using global standards at prices we can afford.  That means giving investors confidence to fund the infrastructures needed - by providing a fair and stable tax and regulatory regime and by pooling public and private money to serve areas where the business case depends on saving costs in public service delivery. 

Helping heal the wounds of the past market requires the application of TCP

1 TRANSMISSION - better infrastructure to remove the jams between you and your home or business and the Internet: copper = country lane, fibre = motorway, radio needs sites/masts
2 CAPACITY - copper = rationing, radio = local, fibre = global, ration-free connectivity
3 PROTECTION - against fraud and abuse as well as network failure, that requires partnership policing for the on-line world and one-stop-shop reporting to those who will take action.

Hence my support for the Digital Infrastructure Strategy that was announced in parallel with the budget.  Later this week I plan to blog on how I believe that the way forward will be driven: not by an "institution" by local co-operation between those who wish to provide world-class access and those willing to pay for it. In the mean time I would like to address some of the understanding gaps - beginning with the current meaningless babble about "speed.

The first "F" in the F plan is for Fast. This does not mean meaningless nominal speeds. It means rapid and reliable response times. These depend on a variety of factors, from

•    issues with the end-user equipment (browsers, routers, wiring etc.), through
•    contention over local networks and bottlenecks in backhaul networks, to
•    delays while well-known sites load tracking and monitoring and other software ("to improve your experience") and your security software decides which are to be allowed.

[It is not "just" the "cookies" inserted by the shopping services you use. Ghostery identifies 14 items of spyware when you visit the Guardian Website, 17 for the Daily Mail and 27 for the Daily Telegraph - and so on].

It is positively misleading to report speeds based on "average" response for a network that is unused for much/most of the 24 hours of the day, but degrades sharply in the early evening (when farmers or small businessmen do their paperwork, children their homework and teenagers gossip or swap videos).  There is a need for Ofcom to use and publish performance measures that reflect user experience. It has made a start and has promised more in its Annual Plan (see the references in my Groundhog day blog) for the year ahead but its plan references dependencies on work with the Internet Engineering Taskforce and others i.e. global not just national action. We need the UK to be seen to be in the lead on this, not just waiting and accepting that which fits the priorities of those who think our digital footprints are their "oil" to be refined and sold to who-ever pays best.

The second "F" stands for Fit for Purpose. This entails reliability, resilience, response and security, not just "nominal" speed. It is the improved reliability, not just speed, of all-fibre networks that is transformative. "Digital by default" policies should be linked to the use by Ofcom of performance benchmarks that relate to those on-line services on which HMG expects target audiences to rely for communications relating to welfare and benefits as well as taxes. Thus, if farmers cannot do their Rural Payments Agency business on-line then the rural broadband service is not fit for purpose.  If those dependent on disability payments, or their choice of trusted carer, cannot use the service then the services to inner cities, social housing complexes or those dependent on "care in the community" are not fit for purpose.

In 2012, George Osborne mandated that no new system should go live after 2014 unless "the responsible minister can demonstrate that they can themselves use the system successfully"   . Thus "the Minister" (George Eustace MP) was personally involved with the three week "agile" cycle for the new Rural Payment Agency systems. Similarly the Universal Credit systems cannot go live unless ministers can use them, hence much of the controversy over costs and delays. The launch of the new Digital Accessibility Alliance  should be followed by a policy of mandating the testing of all digital by default" public service delivery systems with members of the target audience, over the access services not available to them before roll out is contracted.  

Next come Flexible and Future Proof: Any attempt to forecast demand or technology five years out, let alone ten is doomed. It was five years from the bankruptcy of Thomas Cooke (after getting his business model wrong for a  tour of the Highlands, in 1846) to the Great Exhibition of 1851, for which he organized transport and accommodation for over 150,000 (out of 6 million) visitors. The need to cope with uncertainty with regard to demand (including as prices fall, and performance, availability and reliability improve), entails product, service and technology inter-operability (as with the standard gauge railways of the 19th century). Inter-operability standards enable competition at every level, with customers able to mix and match according to need and investors to reap safer rewards from incremental innovation. Standards do not, however, come about by chance or "simple" market forces. Dominant incumbents will always seek to lock customers into "integrated" services. Today they are competing to sell entertainment content subscriptions linked to phone line and broadband. Tomorrow we cna expect to see them face mounting anti-trust pressures leading to a new round of "unbundling"

The tensions over standards require constant government attention, including as the largest customer in the market (mandating inter-operability standards for public sector network procurement) and as regulator. We also need to note how most standards come about, via hierarchies of what are essentially "vanity publishing houses". The standards bodies respond to the willingness of groups of industry players to come together to fund the agreement and publication of specifications which they then make money from selling. The more copies a standard sells, the more successful they think they are.      

However, communications standards are now global and we need to ensure that  the UK is in the vanguard of ensuring that our innovators and suppliers are meeting international business and consumer needs and we are not dependent on importing that which has been specified, developed and manufactured overseas.  In 2014 the IETF, ISOC and ICANN, the bodies which set the standards for the Internet, all had annual plenary conferences, with thousands of delegates, in London. We need to make it attractive for them (and the international telecommunications organizations) to not only visit the UK but base more of their routine meetings and support functions here so that our innovators benefit from direct access.

The National Physical Laboratory, still the UK's main measurement and testing operation, should be funded to provide UK business with access to all global standards, current and proposed, plus the certifications (who tested, what, to which standards) that indicate which products and services abide with which. This service should then be used to support a policy of mandating adherence to internationally accepted standards whenever public funds are involved.  Such a service would also be a very effective use of the UK's limited technology transfer funding to attract world class development, not "just" research, facilities back to the UK.  Subsidized access. Including support to enable UK innovators to take part in global standards activities, should be confined  to those based in the UK, including for the collection of royalties and payment of VAT or Corporation Tax in the UK.

We also need the digital infrastructure to be Fail Safe and Fraud Resistant. As society becomes increasingly dependent on on-line services, (e.g. telemedicine and care, on-line banking, food, fuel and energy distribution etc.) resilience and security become ever more critical. Both have many dimensions, from whole networks going down for hours, (sometimes even days) as a result of fire, flood, storm or theft, to individuals losing access for days (even weeks)  as a result of local faults or fraud. There is also the question of who is, or should be, responsible for taking action against abuse and criminal activity.

Network resilience entails multiple routings and systems that continue running despite disruption. Hence the drivers behind the move towards "local internet exchanges" to handle the rapidly growing volumes of machine to machine traffic and local social networking.  As yet the devolution from central operations, like the London Internet Exchange (LINX),  to regional  operations, like that in Manchester, is limited. But the benefits, including not only  the capacity to handle greatly expanded traffic volumes and complexity (as with the growth of the Manchester Media City) but also the growth of high-tech Internet based spin-offs (London's  Financial Services Computing is clustered round the locally devolved LINX hubs) , are obvious.

A growing number of Cities with ambitions to be not only "smart" but also "innovative", are looking to support local hubs in national and global incubator networks. They should be encouraged to do so. In this context is should be noted that  LINX is a "mutual", owned by over service providers. This, like many functions at the heart of the Internet,  is an area where "privatization", "market forces", "public ownership" and "state control" all have clear limits.       

Meanwhile The Financial Service Authority has mandated that critical parts of London's financial services industry must have standby routines which not only inter-operate but can run even if BT entire network goes down (as well as vice-versa). Such an approach to reliability and resilience needs to be adopted across the UK, including the use of wireless and satellite to provide back-up to location where it is not economic to build and run more than one landline network. We need to balance the obvious savings from infrastructure sharing against the need for resilience.      

We also need to be much better at addressing the suffering and loss caused by simple service problems, let alone actual abuse. Who do you contact, and how, after your Internet connection has gone down or your e-mail or social network account has been hi-jacked? And what can you expect them to do about it?  Most voters have an elderly relative who has been rung by a nice man telling them their computer has a fault and offering to help them fix it over the phone. Most mobile phones are regularly vished (voice phishing) by those who want to help us claim compensation for the payment protection insurance or car accident we have not had.  Meanwhile politicians appear obsessed with the use of the Internet by terrorists. And everyone else is playing pass the parcel. 

There is a similar dialogue of the deaf with regard to "Big data", between those who wish to keep their personal details  private for fear they will be copied and used to abuse or defraud them or their families and those wishing to hoover up our digital  footprints and personal data to refine into "the new oil" for sale to "Improve their services to us (alias sell  to advertisers) but not to provide to law enforcement. There is a need for a joined up approach to the resilience and security of on-line services before confidence collapses in the face of a rising tide of abuse and fraud, compounded by sporadic network and service collapses in the face of storm, fire, flood and digititis ("software problems during a "routine service upgrade".

Hence my strong support for the calls by Sir Tim Burners-Lee and Martha Lane-Fox to restore confidence that the UK takes the issues seriously by using the 800 hundredth anniversary of Magna Carta bringing the various debates and tensions over privacy, surveillance and information governance together with independent judicial oversight reporting to the Supreme Court.

In short there is much to be done. So who can we expect to do it. Those who believe that Government, alias politicians, is competant should listen again to Martha Lane Fox's Dimbleby Lecture and reflect on the current state of political debate. Our Victorian ancestors had no doubts. They knew only too well that Westminster was incapable of thinking ahead - unlike local government, landowners and businessmen coming together to build for their children and grandchildren. Hence Plan B (for Business Broadband) - on which I have been working recently and intend to cover in my next blog.

The case for On-line Age Verification has gone political with a Conservative pledge. We can expect other parties to follow.

| No Comments | No TrackBacks
| More
Sajid Javid (current Secretary of State at DCMS is reported in the Guardian as having pledged to enforce on-line Age Verification. The Digital Policy Alliance Age Verification working group announcement on which I blogged on Thursday had its genesis at a meeting (on Smart Cities and the role of standards) chaired by Helen Goodman when she was Labour Shadow at DCMS. I suspect we can, expect all-party consensus on the subject.

The task will then be to deliver not just the standard, but to ensure that the implementation helps win more (and more profitable) business for those who take the protection of their on-line users (and the families of their online users) more seriously than they they do the revenues from those to whom they sell user data (the new "oil").  That means engaging those who wish to use robust and non-intrusive age verification to improve customer confidence and increase market share.    
Some players see publicity and support for the NSPCC Childline campaign announced on Tuesday  as a potential threat to the "freedom" of the Internet. Others see it as an opportunity to rally support for activities to help provide children, families and silver surfers with freedom from fear and abuse over the Internet.

Both are correct.

Technology has moved on over recent years and ways to reconcile security and privacy are becoming increasingly practical. But they have yet to be effectively used. This is partly because of muddled and misinformed debate between players with very different agendas  (from surveillance and "security" to privacy and "civil liberties") and with different levels of understanding. The consequent potential for confusion can be seen with the range and variety of players concerned about child safety issues within the UK alone.

The overall effect is an erosion of trust in the Internet as a safe place to learn, play or make money: whether you are child, a parent, a silver-surfer, an employer - or anyone else without state-of-the-art information security expertise.

That is not good for business.   

I have recently been privileged to sit in on some of the discussions that led to the formation of a working group that is trying to make practical progress on one of the points of leverage: a standard for processes which enable robust, consent-based, confidential  age verification.  , i.e. without the need to ask intrusive and unnecessary questions.

Seven years ago such an approach was probably not practical. Today the problems are more to do with the all-too-common practice of collecting information that is not needed for the service or transaction in question, but might be "valuable", without considering the possible  consequences . There is, however, growing evidence that asking unnecessary and intrusive questions costs paying customers. Some years ago a British Retail Consortium survey indicated that the cost of lost business, because of intrusive security, accounted for more than half the cost of e-crime, including the amount spent on information security. Recent data indicates that the proportion of transactions abandoned as questions become more intrusive is rising.

Hence the desire of those running commercial on line transaction services operations to be able to use reliable third party verification services, in order to avoid the need to ask unnecessary questions.  An invaluable first step, for most, is the ability to verify age, (e.g. old enough to buy a drink or qualify for a bus pass or young enough to get a discount) independently of identity.    
 
The UK is on the cusp of defining processes to underpin the roll out of scalable, viable, cost effective, age verification solutions, built on the principles of 'verify once, use many times'. The next step is to turn these into internationally recognised interoperable standards, supported by certification programmes that define liability models.

The process is currently being driven by those required by their respective regulators to do age checks. However, wider support for the approach is such that the time has come for social networking platforms, data aggregators and advertisers to also re-visit their attitudes towards age verification. The aim should not just be to ensure compliance with current or future legislation designed to protect children on-line, but to facilitate the confident use of on-line services by all age groups.
 
The working group already brings together representatives of the on-line gambling, adult entertainment, tobacco, on-line dating and vaping (e-cigarettes) industries and aims to engage with the alcohol industry and educational network operators, as well as those concerned with child protection, silver surfers, social inclusion and, of course, with crime prevention. 

Details of the C-Plan for "consent -based, confidential, on-line age verification"   and a summary of those involved can be found on the Digital Policy Alliance Website.  The group is actively recruiting  so as to ensure that all relevant stakeholders are engaged.

 

A Budget to free up the Business Broadband market - the superhighway to economic recovery.

| 1 Comment | No TrackBacks
| More
The Digital Communications Infrastructure Structure Strategy announced in parallel with the Budget shows that DCMS and Treasury have responded to the inputs to the consultation last year and  raised their sights. The new targets are 100 mbs to all but the most remote households but, more importantly, fibre to the premises (a gigabit plus) for business. The strategy recognises that different markets have different priorities between speed, capacity, ubiquity, symmetry, latency, reliability and resilience:

 20150318Strategy diagram.png
 
 It is most unlikely that one architecture will fit all future needs, any more than it does at present. Even the current BT network remains a hotpotch of heterogeneous architectures and technologies - built on the legacy from when the Labour government's switch to local loop unbundling destroyed the business case behind Ben Verwaayen's dash for growth and left BT saddled with debt commitments after its exchanges had been mortgaged and its share price had collapsed.  

The recognition of the pace of change is most welcome. The strategy, quotes actual traffic increases of 40 - 50% p.a. annum over recent years with households connected by "real" fibre to the premises generating nearly 60% more traffic. I recently learned that the rate of traffic growth is accelerating and bandwidth improves. Traffic over Sky's broadband network has more than doubled over the past year - and that over the mobile networks may be growing even faster. In consequence BT's back haul networks are creaking at seams. Most weeks see several exchanges going down, sometimes for hours on end. In consequence financial services regulators, for example, now insist that critical services have standby facilities which do not depend on the BT network.

Hence the reason that Virgin, Sky, Vodafone and others, who had relied on BT for much of their backhaul, as well as for unbundled local loops, have been looking at major investment programmes of their own and partnerships with the local network suppliers (City Fibre, Gigaclear, UK Broadband, Hyperoptic, ITS etc.).    

The announcement on the means of encouraging investment and enabling change to a world of competing but inter-operable fixed and mobile networks is also important: using the £40 billion UK Government Guarantees Scheme to underpin investment, with the £3 billion Virgin plans "pre-qualified" to show that it is serious about opening markets to genuine competition.  See section 3.2 of the Strategy for details, although it does not say how others should apply, merely that they will be welcome to do so.

The strategy also contains the first public reference I have seen to the consultation on reform of the Electronic Communications Code  Note the deadline for inputs of 30th April. The importance of the Code as an obstacle can, however, be over-estimated. The new code will not address the need for a critical mass of landlords and network operators to agree a new generation of framework contracts for multi-tenanted properties (office blocks, business parks, social housing complexes etc.) where the value of being able to offer tenants a choice of world class communications access and smart building services is greater than any revenue from wayleave and access charges. More-over those wanting rapid access to fix faults also need to accept liability for any damage or disruption caused by their staff or subcontractors to services on which other tenants rely.

The good news is that a recent meeting hosted by Westminster City Council illustrated the practicality of doing so. I am therefore hopeful that the Digital Policy Alliance will succeed in providing a neutral umbrella to build on success by bringing together those who wish to make rapid progress without waiting for GODOT (the General Obfuscation, Delay or Time- wasting that occurs with attempts to get agreement on a mandatory policy using statutory powers).

The group will probably not be looking at the lowest common denominator agreements that tend to arise from national standard agreements but at "future proof guidelines" that can be used by those planning new developments or refurbishments designed to last for decades and also for incremental retrofitting to existing properties as tenants change.

The Treasury Review of business rates to redress the balance between the on-line world and the off-line world gives a long-overdue opportunity to reform the current valuation regime so that it no longer deters investment in new fibre networks and helps high street retailers come on-line [link]. The return of increases in business rates to local authorities (beginning with a pilot covering Greater Manchester) will give an added incentive to local authorities to use broadband improvements to help deliver more for less - including by pooling their communications budgets (including for CCTV and traffic management as well as fixed and mobile staff and business communications) with those of local landlord and businesses, perhaps in partnership with their local LEPs (as suggested in the Strategy Paper) and foster local economic growth.   

In parallel Ofcom is to do its first strategic review of the Telecoms market  since that which concluded in 2005 enshrining its then priorities. I have previously welcomed the  new focus of Ofcom on business broadband in its business plan for this year but some of the inputs for the DCMS-Treasury review show just how dated the focus of Ofcom had become. I do hope that those wanting to see Ofcom reinvigorated for the 21st century will use the opportunity.

Finally a quick comment on Spectrum wars. The Ofcom threat to claw back unused satellite
spectrum
should be seen in the light of the Budget comments on raising the Universal Obligation from 2 to 5 mbs and using satellite to reach the final 2 - 5% of the population. Those fighting for fixed wireless or fibre to the premises for remote areas have been complaining not just of latency but of lack of capacity and contention. I am looking forward to seeing inputs on the quality of service that is available over modern satellite services. I undertand that 3% of Avanti's global capacity is used for on-line gaming: i.e. 50% more than the capacity used to service UK customers. I also undestand that a numer of mobile radio networks trunk their trffic over satellite. I therefore suspect misinformation which may annoy satellite providers but not sufficiently for them to spend time countering when they can sell all the capacity they currently have available to other parts of the world.  

In short, I do urge you to read the strategy  and then think how to work together locally to help build the future without waiting for GODOT nationally.

P.S. I have been asked to try to put together a group to provide guidance for parliamentary and council candidates on how they could/should support local community groups (from Parish Councils to City Corporations) to use the new opportunities to work with local businesses, property owners and potential suppliers and leapfrog the competition (whether it be in the county or on the next continent). I look forward to hearing from those interested in helping.












Yesterday this blog was devoted to Jim Prideaux's take on the budget. Last night a reader pointed out the reason for the ambiguity,

The success of HMRC's record tax take this spring was critically dependent on taxpayers ignoring Verify . Moreover, one of the highlights of the budget speach was the abolition of the annual tax return. The programme to achieve this relies on rebuilding the in-house IT skills of HMRC for a post ASPIRE world. It is not based on passing roles to those in Cabinet Office who have been bogged down in the the five year struggle to bring transparency to the murky relationships between HMG and its outsourcing suppliers have resulted from two decades of "over enthusastic" outsourcing.

Should the Cabinet Office teams succeed in their efforts to deliver processes a that work reliably, efficiently and securely, they have a future. Should they not ....

Meanwhile the battle between backward-looking suppliers seeking to preserve a world of cosy, confidential, complex, lawyer-driven outsource contracts and those looking forward to a world of open-inter-operability goes on.

But taxes have to be collected and benefits paid,

That means rebuilding the in-house skills of the civil service (particualrly those of HMRC and DWP) at all levels. Hence some of Francis Maude's comments earlier this year. But should delivery skills be in Cabinet Office or should it focus on co-ordinating and quality controlling the outputs of those created elsewehere - while departments develop the ability to transition to a world of cross-cutting, co-operative incremental change. I suspect the latter, if we really do want Gov.UK to be more than "lipstick on the face of a herd of pigs".

Internet: in dog we trust? Jim Prideaux points out the ambiguity in the Budget statement on the future of Government Verify

| No Comments | No TrackBacks
| More
I was working on a posting on the way the budget and the parallel announcement of the Digital Communications Infrastructure strategy   should help transform the climate for investment when Jim Prideaux , one of whose concerns is the hollowing out of the security skills of Government, pointed out a splendid ambiguity in the budget statement announcement on plans to save money from rationalising IT spend: "Budget 2015 announces that, following a successful trial, the Government will implement "Gov.UK Verify" - a new way for people to prove their identity on-line when using government services - across central government". Does this mean that the trials to date have been successful? Or does it mean that Verify will only be implemented when the trials have been successful?

Jim has blogged for me before on the strange history of the Government Verify programme and I have no doubt he will do so again. Meanwhile one of his erstwhile colleagues is trying to calculate how much it would cost to fraudulently acquire the identity of some-one dependent on benefits using the routines proposed by the suppliers whose services are currently being tested. After wading through pages of gobbledeygook he came to the conclusion that it could cost as little as £250 to acquire (via existing publicly available services) and scan the paper documentation and/or generate the digital footprint that would satisfy some of the supposedly agreed providers. I await his detailed working but this may explain why mainstream "trust" services are reluctant to get engaged - other than to certify those who they already "know" via more robust routines, including physical presence.

Jim, however, points out that Verify hasn't got around to 'level 3', and the current (watered-down) level 2 (balance of probability - not properly defined) envisages doing everything online because the costs of manual paper-handling would exceed the budget: Level 1 - self asserted - doesn't need any third party, so no justification for paying for one. He also thinks it may be easier to take over an account after it has been created because that may need no more than a quick look around the device being used for access. He is more concerned about denial of service (from failed masquerades), followed by the imbuggerance (which I assume is a spook technical term equivalent to "compromise") of two factor authentication while a smart phone is being used for browsing and text, thus ensuring that it  adds no security.

Jim goes on as follows:

"The recent scare over another false security certificate at the heart of widely used products and services should remind us of the vulnerability of those who assume that all certification routines are equally valid. The complexity of the chain of trust in which the compromise occurred  means no-one should be surprised. After the £8M for damage caused by Companies House for a missing 's', we should spare a thought for those trying to understand the liabilities for online transactions, which jurisdictions apply, whose services they can trust for what and the recourse available to them if that trust turns out to be misplaced.

How confident can you be that the Gov.UK website you visit is secure?

The supposedly monolithic gov.uk relies on a variety of chains of trust. When you get past 'This web site does not supply ownership information' the www.gov.uk chain (see foot of this blog details) starts in Ireland, then goes through the US. Meanwhile the chain for *.blog.gov.uk starts in Sweden, and comes via Salford. MI5.gov.uk and SIS.gov.uk use US-based certificates.

If you go to a German government site the chain is shorter and simpler, based on German certificates. Other nations can have stranger chains of trust.  www.whitehouse.gov comes to you "securely" using a trust chain that says it starts in the Irish Republic, and ends us in the US via the Netherlands.

Is this 'security theatre', or does it matter? Will it help to have the .uk namespace under the control of Nominet? That is if there is a way to check that the control is more than nominal?

Should you be worrying about how you can verify that you are indeed using a secure link to a trustworthy website, following the padlock (or warning triangle) in the top left. Your browser probably has a few hundred roots of trust, possibly including those from countries you've not heard of. By looking at 'subject' in further information', you can see where the chain of trust starts in this case, and then how it follows down to where you are.

The policies under which these certificates are issued can be searched for . even if you find the right ones (and how can you be sure?) somewhere in the dense legalese, probably at paragraph 9.8, will be some modest limit for you and all other users combined, and para 9.14 will identify the relevant jurisdiction.

For commercial transactions for ordinary users, the credit card terms may be more relevant, not least because the customer only needs one. Someday it might even follow the model envisaged in the recent EU eIDAS Regulation, but what happens for the public sector/government sites that offer a secure link? Remembering that many, including the GCHQ website and transparency.number10.gov.uk do not."

P.S. The Gov.UK chains of trust refered to by Jim appear to be as follows:

CN = *.blog.gov.uk https://identityassurance.blog.gov.uk/
OU = EssentialSSL Wildcard
OU = Domain Control Validated
is provided by

CN = EssentialSSL CA
O = COMODO CA Limited
L = Salford
ST = Greater Manchester
C = GB

which comes from
CN = AddTrust External CA Root
OU = AddTrust External TTP Network
O = AddTrust AB
C = SE

www.gov.uk says "This web site does not supply ownership information" but the chain appears to be as follows:

CN = www.gov.uk
O = Government Digital Service
L = London
ST = England
C = GB
is issued by

CN = DigiCert High Assurance CA-3
OU = www.digicert.com
O = DigiCert Inc
C = US
in turn issued by

CN = Baltimore CyberTrust Root
OU = CyberTrust
O = Baltimore
C = IE

P.P.S. A reader has just pointed out the Register Article which explains the ambiguity

How anonymous should you be over the Internet? Nominet Consultation on .UK

| No Comments | No TrackBacks
| More
Given the pressures to tidy up the Internet and enable those responsible for victim support and redress to track and trace and "remove" trolls, the current Nominet consultation on the collection and publication of contact data for the WHOIS register for .UK is central to the rebuilding of trust in the on-line world.

Will .UK remain as untrustworthy as at present, offering neither reasonable confidence that you are dealing with an organisation or individual subject to UK law nor that your anonymity will be protected? Or will Nominet help lead the way in rebuilding trust in the on-line world? Those who believe the latter should join and take part in the policy discussions because subjects like this are far too important to be left to the introverted community of registrars and IPR lawyers who usually dominate discussion on such subjects.

But what is "reasonable confidence"? And how can it be better provided?  

The article by Eleanor Bradley COO of Nominet summarises the context of the consultation. But the growth of registrars offering "privacy services" parallels the rising concerns over those who conceal their identities in order to abuse and prey on others. Hence my recent blogs on the need for such services, and the routines allowing otehrs to acces their files, to come under proper judicial oversight.   

It is, however, worth remembering that those traditionally responsible for checking identity in the context of authenticating legal documents in the "real" world (Notaries and Scrivenors) come under divine oversight - the Faculty Office of the Archbishop of Canterbury . Hence also my long-standing interest in the tension between those who believe that the law are given by God and apply to the State and Rulers (as with Magna Carta)  and those who believe that the State is God 

Why the FCC Net Neutrality judgement may have been a pyhrric victory for the cartel that runs the Internet

| No Comments | No TrackBacks
| More
In the early days of this blog, back in 2008, when I repeated the arguments that the Internet shold be seen as a cartel masquerading as anarchy it was relatively easy to find on-line references to the 1912 case that broke apart the US railroad cartel - just as it was seeking to leverage its market dominance to also control the embryonic road haulage industry. [There had been a spate of articles on the judgement when Microsoft was being investgated]

A couple of years ago the judgement became much harder to find amidst adverts irrelevant adverts triggered by the terms I used to try to find it - after the links I used the last time I referenced it no longer worked. Earlier today, having grown tired of wading through the paid entries that now preface any useful results from a Google search, I decided to try DuckDuckGo . A useful result came up instantly at the head of the list. Interestingly, when I then tried again using Google and Yahoo, having got the precise reference, I did get the same result. What I did not get was uncharged articles that put it into modern context, such as the Wikipaedia entry on Essential Facilities .

Why is this sopotentially important - including for UK discussions over the Digital Infrastructure on which modern sociaty now depends?

A couple of days ago, at an excellent  Westminster eForum event on Priorities for Broadband I heard the Director of Group Inustry Policy for BT repeating the argument that Broadband was not a utility and should not be regulated as such. Is that sustainable now that US Federal Communications Commission has ruled, albeit subject to a probable appeal to the Supreme Court, that it is a utility and should be so regulated?

The landmark FCC judgement on Net Neutrality looks like a victory for the ISP community (Google et al) over the Infrastructure Community (Verizon et al) who want to charge premium rates for privileged access to that which consumes most bandwidth. However, the decision to regulate Internet Service Providers under the US regulations for telecoms providers has profound implications. Meanwhile Google has said it is not a monopoly because it has competitors like DuckDuck . Hmmmm ...

Until today I was among those who thought that Google was an "Essential Facility" - and therefore potentially liable to serious anti-trust action to stop it from spreading its tentancles as the US railroad industry was doing, when brought to heel in 1912. Now I know that I can do many, perhaps most, of my own searches faster without it. But the world, and the FCC, appears to have caught up with the arguments I heard nearly a decade ago at the Oxford Internet Institute.

I suspect that Google, as an integrated entity, has passed its zenith. But when I said, nearly a year ago, that Christmas was creeping up on the Young Turks of yesterday , I also said that I expected the Googlettes to soon be collectively worth more than Google, just as the break up of Standard Oil made the Rockefeller family even richer. Are Apple and Microsoft at risk of similar break up pressures - or does their apparent head to head competition preserve them?      
Meanwhile all three, any many others, are at risk as tax authorities around the world sharpen their knives and off-line businesses demand equality of tax treatment, on-line and off. 

Politics is about to meet IT, whether IT likes or not.

No End of Jobs - how do we break out of Ground Hog Day

| 1 Comment | No TrackBacks
| More
A couple of days ago I was very sharp about forecasts of gloom, doom and mass unemployment from new technology in recent reports. 

I had forgotten quite how sharp Sir Michael Marshall, Charles Christian and myself were thirty years ago when similar arguments were in vogue. Amazon has now delivered a replacement for my last copy of what we wrote (loaned and never returned). Below is a scan of the first page of the text of "No End of Jobs". Remember it was written in 1984, so for Japan you might read China. For West Germany you might read India.

Most of the forecasts have come true, or are well on the to coming true - save that we have imported immigrants to look after our elderly in overcrowded NHS hospitals, instead of making use of technology to enable them to live at home. One of the themes was the job creation effects of "prolonged active life": resulting from automating records and administration to enable clinicians to spend time with patients instead of on paperwork, from the manufacture and installation of "robotics for rheumatics" to enable independent living for longer, as well as from all the telecare and telemedicine technologies that we are still talking about but not deploying.  

The obstacles to do with the organisation of funding that we identified then have still not been addressed. Indeed they may now be worse. The overheads and waste resulting from the centralisation, bureaucratisation and outsourcing of our health and welfare systems, with funding fragmented for distribution down leaky silo'd drainpipes, means we are commonly spending more to achieve less, or at least to achieve far less than recent advances in knowledge and technology should have enabled us to achieve.

I plan to scan the rest of the paper.
No end of Jobs Intro.jpg
   






"One of the messages from President Obama's recent cybersecurity summit was summarised by an American Banker as "We have to protect the trust of the consumer or its game over". The latest PWC Global Economic Crime survey indicates that over half of all global CEOs are aware of the cyber problem - but more are concerned over bribery and corruption. They are right to be so concerned. Other studies show that over half of major incidents, whether fraud or "cyber" involve insiders - whether careless or malicious. And when it comes to malice the CPNI study of the Insider Theat shows that it is disproportionately men who are the risk.

Most CEOs are already only too well aware of the risks. They have no need for yet another patronising awareness campaign. But what should they actually do?

I have already blogged on part of the answer: select and retrain those you already trust rather than hire short stay compliance officers and security staff of unknown probity. Hence also my recurrent calls for inputs to my exercise with the Tech Partnership on the skills with which they need to be retrained. I am now coming to the end of that exercise and am due next week (inputs still welcome) to report on who should be trusted to help specify and deliver the training modules neeeded - particularly for those planning, developing, installing and running the organisations Identity and Access Management processes and technologies: the key point of vulnerability.  

However, another message has come through at many of the meetings I have been attending. And it does not appear to be at all popular when I point it out.

Men are usually at the heart of the problem. Women are usually at the heart of the answer.

Yes there are some female hackers and fraudsters but almost all malicious leaks and attacks involve men, as do most of the accidental leakages and system failures. More-over the proportions are not explained simply by the proportion of men and women in roles where they can undermine or bypass systems, make mistakes or take unnecessary risks. 

When it comes to non-malicious risk, the story of Bletchley Park is apposite. It was 80% female, including some of the top code breakers  but we only know what was done there because some of the men craved public recognition.

We now have the "Turing industry" (from films to institutes). I commend the wikipaedia entry for a summary of the real achievements of Alan Turing (as opposed to the pastiche in the Imitation Game). Meanwhile we still know almost nothing of the contribution of his fiance, Joan Clarke who became deputy head of Hut 8 when he left for the United States and went into GCHQ after the war. We know nothing of the work of Rosalind Hudson, the other named female cryptographer in Hut 8, who died in 2013 having never spoken of her work at Bletchley, save that she is named than in the list of code breakers, as opposed to the approximately 150 support staff.

That female ability to maintain security while also fighting and winning a cyberwar can also be seen with regard to the team which broke the Abwehr enigma codes, thus enabling the Double Cross operations without which the "relatively bloodless" D-Day landings might have been impossible.

Mavis Batey was only 19 when she helped save a British Supply convoy and kill 3,000 of the Italian sailors involved in the failed ambush three days (three days!!!) after she had broken the Italian Enigma code, thanks to the carelessness of a male operator who had simply pressed the letter "L" to encrypt a test  transmission. Meanwhile we know nothing of her colleague, Margaret Rock save for her letters to her brother and that she, like Joan Clarke, joined GCHQ after the war. We still know almost nothing about the other members of Dillys Fillies  the (almost) all female cryptography team which assisted Bletchey's top (better than Turing but died in 1943) codebreaker, Dilly Knox. We do know, however, why he recruited them: better lateral thinking, teamwork and temperament. 

There is a message here. I wonder who will decypher it."

How do we break out of Groundhog Day and provide Broadband and Digital Skills that are fit for purpose to ALL?

| 2 Comments | No TrackBacks
| More
Learning for change cartoon.jpg
The stick of dynamite is labelled "Publicity Japanese Style". The tube of sweets is labelled "First Rate Teachers". I had no say in the cartoon and did not see it till afterwards.

The House of Lords Report on Digital skills gave me a curious feeling of "deja view" (see the date at the foot of the cartoon above) with its statement that millions of jobs are at risk from automation and its subsequent calls for digital skills for everyone and the Internet as a utility. 
Back in In 1981 the late Donald Michie had been invited to organise the annual Sperry seminar for the UK Technical Press. His theme was "Intelligent systems: the unprecedented opportunity". The Micros in School Programe was in train and, in return for first class travel for myself and my wife to the South of France, plus a week of incredibly stimulating company, I was tasked to not only give the thinking behind it, but also think through the likely consequences. The abstract for my contribution to the resultant book read as follows:

"Most of the basic skills needed over the next hundred years can be predicted with reasonable certainty but many of the precise trades and professions cannot. "Age related careers" is an employment strategy which can handle such uncertainty. Fundamental changes to the education system are necessary. Information Technology makes these possible at affordable cost. Encouragement and favourable publicity are more effective weapons of persuasion than coercion."

The cartoon, with which I was presented, relates to my comments, (not all recorded for posterity in either the book or the separately published political version, available on-line courtesy of Blogzilla), on the need to give average teachers the confidence to become coaches, using the new technology to help their pupils acquire skills and understanding which they did not themselves have. In other words, on the need to give priority to the "leading out" roots of education, as opposed to passing on the skills and mores of previous generations - as per the wikipaedia definition (which accurately described, then as now, the mainstream).   

The report of the House of Lords Enquiry indicates very clearly how little progress we have made in meeting that challenge. On March 12th the Real Time Club (45 years young and still reinventing itself), hosted in Houe of Lords by a member of the enquiry team, will hear from those who appear to have found out how to make a profitable and fast growing business from doing so. I look forward to hearing whether I believe their solution. My own experience in the 1980s, with organising IT awareness courses for older generations (including taking apart Apple Computers to insert graphics boards to play silly games and do basic coding, prior to playing global corporate politics over a pastiche teleconferencing network), indicates that it should be possible do so today at much lower cost than we used to charge the main boards of the companies we were helping prepare for difficult discussions on IT policy.
 
Yesterday I took the opportunity to take another look at "Cashing in on the Chips" published in 1979 (containing the original call for a Micros in Schools programme), the New Scientist review of "No End of Jobs" (*) published in 1984 and my own submission to the House of Lords Enquiry.

So how do YOU, "dear reader" help us all to break out from Goundhog day and deliver the aspirations in the House of Lords report?

1) Respond to the Ofcom Draft Annual Plan for 2015/16 by 6pm on 26th February

As I said in my previous blog, the good news is that this is first time Ofcom has indicated that it is planning to take the needs of business users (particularly SMEs who cannot afford lesed lines) seriously [see page 26 of the Draft Plan for details).

Ofcom is also planning to take a good look at fixed and mobile Not Spots (see page 32).

The plans for work on Online Child Safety are interesting (see Page 35 ) but the critical path is Age Verification. Here the Digital Policy Alliance appears to have already made good progress in assembling a team that will lead the drive for practical and credible answers - because the participants need them for marketing and moral, as well as regulatory, reasons.

Page 43 refers obliquely to the need for more work on performance measures, not just quality of service but even more interesting is the reference in the section on "Protecting onsumers from harm" (starting page 44) on the need to work with groups like the Internet Engineering Task Force on removing the vulnerabilities that enable spoofing.   

I also recommend reading the rest of the "Protecting Consumers from harm" and thinking not only how Ofcom could and should and should address the issues it raises but the roles of others in doing so. 

2) Take a look at the House of Lords report, consider how the recommendations might be implemented, then consider how you think they should be and what youc can do to help. 

There is a lot of worthy comment and generic material in the report, but when it comes to action on skills the devil is in the detail, usually in the funding and incentive mechanisms, including the performance measures and league tables used reward and recognise those meeting centrally set objectives (with which the report is peppered).

I have said (above) why those of you who are interested in remotivating staff (or teachers) for the Digital Age should try to attend the next meeting of the Real Time Club and then consider just how much (or little) this should cost using the the technologies and techniques now available - although there may still be places available for those of you near Huddersfield to get a view from the grass roots this Wednesday at the presentation of the survey on the results of the first Digichampz exercise.
 
I personally think  that by far the most important recommendation in the House of Lords report is that the Tech Partnership be tasked to lead an employer-driven review of the offers of the Further Education sector with a view to improving the apprenticeship packages on offer (Parag 314 onwards). The weakness of this recommendation is that a growing number of apprenticeships are graduate and post graduate level, linked to the High Education sector. The review should therefore encompass the actions listed in the following paragraphs on High Educations and Careers Guidance, albeit not necessarily inside the first six months

There is a lot in the report on Women in Technology and on Cybersecurity (page 36 onwards). I have commented in the past, albeit mainly en passant, on why you should employ women rather than men if you are serious about information security. I plan to return to this theme in my next blog.
     
3) If you are actively in trying to get socially and geographically inclusive Broadband to those in your Parliamentary Constituency ask your MP if he can get you an invitation,on his or her say so, to the event on "Broadband for ALL" being planning by the All Party Space Group and Digital Policy Alliance, in the House of Commons on the afternoon of 10th March. The aim is to cover the current state of play with regard to the availablity of the full range of technologies - from fibre, wifi and mobile (for social housing and inner city commercial centres) to satellite (for hill farms, rural businesses and disaster recovery - e.g. fire or flood taking out terrestrial networks). Advance notices have been sent to DPA members but the details are not yet on the website because some of the industry speakers have yet to be confirmed. 

(*) Unfortunately "No End of Jobs" is not itself on-line (I have just paid ten times the original price for a copy to supply to anyone willing to scan or digitise it). Interestingly what looked to New Scientist to be the "silliest predictions" might already have come true - but for the failure to compete "the recabling of Britain" by 2002. That was, of course, Government policy until 1997 and the introduction of Local Loop unbundling to save US bondholders, who then owned NTL and Telewest, "from taking a haircut" with a distress sale to Sky

P.S.  Now received a copy of "No End of Jobs" via Amazon and made time to scan the first page. Remember it was written in 1984, so for Japan read China. For West Germany read India. What has changed since: apart from importing immigrants to look after our elderly in overcrowded NHS hospitals, instead of making use of technology to enable them to live at home. One of the theme was the job creation effects of "Prolonged active life": enabling clinicians to spend time with patients instead of on paperwork and deploying "robotics for rheumatics" as well as all the telecare and telemedicine technologies that we are still talking about but not deploying and enabling. 

No end of Jobs Intro.jpg
   




I recently signed up to the HMRC advisory service and this morning received the e-mail below. Being a trusting individual I did NOT click on anything. Instead I visited the HMRC site on how to check whether a communication from them is genuine. I was none the wiser. However, being both paranoid and interested, I tried to find another way of getting the details. Eventually I found my way in via the "Business is Great" website although the Broadband Voucher scheme is not among those promoted on the home page.

I still do not now whether the original e-mail from HMRC was genuine but, it if was, I deduce that HMRC is more concerned to help SMEs get good broadband access than Gov.UK is concerned to promote either good security practice or the voucher scheme.

Rant over. This is a great scheme. It needs to be extended so that every rural business stuck with crapband (not just those in Wales) can use it to pay for a satellite service. Meanwhile inner city businesses in the areas covered should use it to apply for for a fibre connection: there is a routine for vouchers to be collated by alternative suppliers if BT or Virgin will not offer you anything other than a prohibitively expensive leased line. Those in areas that are not yet covered, where businesses are stuck with a choice between crapband and expensive leased lines, should be contacting their constituency MP and parliamentary candidates to lobby either for access or to work to make it easier for alternative suppliers to compete to meet your needs.

But be warned, the budget is fixed and its first come first served. We also need to get action on opening up the supply of business broadband to all. I therfore take this opportunity to remind you that the deadline for the consultation on the Ofcom Draft Annual Plan is next Thursday. The good news is that Ofcom has finally guiven priority to looking at the business broadband. There is much to do and you have to get into the appendices, with references to the work of the IETF on inter-operability standards, to realise that Ofcom is now serious about looking at UK telecoms in global context.

Meanwhile, if you are among those stuck with crapband - do take a look at the voucher scheme. If you are not covered, take a look at how many others, locally, are in the same position. If there are enough of you, one of the new generation of the alternative network providers (see the list of those participating in the scheme) might be able to serve you at an attractive cost anyway.   

Spacer Graphic

HM Revenue and CustomsSpacer Graphic

Bookmark and Share

Hello Employer,

Connection Vouchers


We've got up to £3,000 for you to upgrade your business's broadband - it's up to you to apply for it.

Find out now if you are eligible for up to £3,000 to cover the installation costs of upgrading to a faster and more reliable connection for your business. You could get a fibre optic, cable or wireless broadband connection among other options.  Most businesses pay nothing but VAT and their standard monthly charges.

Thousands of businesses in the 22 Super Connected Cities Programme are already benefitting from the scheme.  By upgrading, you could:

  • Do things faster - increase your business's productivity,
  • Improve customer service,
  • Access new markets using video conferencing.

Please visit our website to find out if you are eligible and choose from a number of pre-defined options.

To check if you are eligible for a Growth Voucher with a grant of up to £2,000 towards the cost of expert advice, apply here. To see the full offer of government support for small businesses, click here.


Will Government Verify survive the impending cybersecurity skills crisis?

| No Comments | No TrackBacks
| More
Few outside the community of those obsessed with digital identity will keep up to date with postings and comments on  the Gov.UK Identity Assurance Blog  but a regular reader recently drew my attention to a recent posting, on "User research - asking better questions"   .  He asked why they were relying on feedback from current trials and had not looked at the market research conducted by others, such as Experian - although he did not say which research they should have looked at.
I
 found his question interesting.  My work with the Tech Partnership (formerly e-Skills) on the training modules needed to help organsiations survive the impending cybersecurity skills crisis is largely focussed on identity and access management: IAM.  

The skills involved in IAM range from "authenticating and authorising transactions over smart phones", through "bring your own device" to "multi-level access and authorisation in complex organisations with large numbers of customers, contractors and staff with different permissions in different locations" (e.g. airports or global banks).  A cross-cutting issue is the vetting and monitoring of those to be given which access permissions. The processes are complicated by regulatory issues (including data protection), with compliance officers themselves a significant point of weakness, because so many are in post for 18 months or less.

Most discussion of IAM is focussed on the digital components but workable systems are nearly always underpinned by rigorous people processes - except when the organisation is confident that it will not be put a significant risk from insider assisted fraud or unauthorised physical access to safety critical or secure facilities.  Where that risk is significant the systems always embed inputs from those who have done physical checks as to the identify of those to whom they have have given electronic credentials.

I am therefore unconvinced that any identity based purely on digital footprint (whether or not it includes on-line financial records) merits my trust, let alone that of those looking after my savings or of the critical national infrastructure. I am therefore not impressed by requests to provide feedback over the precise wording of a requirement to make personal financial information available in order to obtain a digital identity that is more acceptable to government that those it currently requires us to use to pay our taxes or claim benefits.

One of the problems with the original attempt to require farmers to use "Verify" for inter-actions with the Rural Payment  Agency  was the belated discovery that nearly 20% have no digital footprint - or at least no footprint discernible to the identity providers.  More-over those who have never had to borrow money and have always paid cash see no reason to provide their financial information so some-one with whom they have had no previous dealings for unknown transmission and storage. That is not to say they are digitally illiterate. They may well use mobile or satellite services to keep abreast of prices for livestock or crop or to access on-line auction sites  but because of not-spots and crapband*  have to do so from wherever they can get a signal or via their own choice of trusted  intermediaries. They are also often well aware of the risk of fraud and impersonation.

Now let us look at those most reliant on public services, including those stuck on sink estates or transient between bedsits or caravan sites, including those who share their identities which whichever member of their "extended family" they trust to  collect their benefits and do their shopping.  Hence my expectation of an all-party backlash against the "digital by default" agenda because there is a very big difference  between using technology support to provide better services at lower cost and "herding the sheep on-line to be fleeced" .   .

I am particularly concerned at the potential risk of those dependent on benefits having their identities registered on-line by fraudsters and their being unaware until left destitute.

More recently I was struck by the findings of the Digichampz Survey  conducted under an EU contract by the Digital Policy Alliance for presentation in Huddersfield  and a month later in London.

This survey is unusual in that it is based on a high response from on-line users in a poorly served (connectivity, let alone support) rural community. I do recommend looking at the actual report not just the headlines. Despite the editors comment  security and child protection were of low concern compared to getting a reliable connection at all, around half the respondents were concerned about security and a third about on-line child safety.

Now back to "Verify" - if I ever get round to applying for an identity, because I am forced to in order to (for example) do my VAT or tax returns, I will probably use the Experian service - but to call this a "digital by default" service would be a misnomer. Experian will be comparing what it is told on-line with what it has collected on me over several decades from those who would not serve me in a department store or mobile phone shop until I had signed a form permitting me to check with Experian as well as giving other proof of identity.

That is not, however, possible for a couple of my "legal" identities (as a trustee or director) because the organisations concerned have never had reason to borrow or purchase anything on credit.  I therefore expect those selling to them to require me to use a variety of rather more secure IAM systems, including those that are global and do not reply on local political agendas. I have no problem with this - provided their services are securely firewalled from each other, with my liabilities governed  by UK consumer credit  and unfair contracts legislation.

But this links back to the current cyber security skills crisis. Those selling to me have to manage and insure their risks, integrating the various IAM systems  already on the market in support of their people processes, from physical access to customer and transaction authorisation (both on-line and off-line).  I do not yet see the business case for them to regard "Verify" as anything more than an interesting experiment.   

P.S. The issues get even  more interesting when we consider controlling access to the systems controlling smart cities and those along supply chains.  There is still remarkably little attention to this area so I was delighted to learn of an event being organised at the Institute of Chartered Accountants on 25th March   


  *Crapband = "Copper, Rust And other Pollutants" between the fibre (cabinet or exchange) and the premises (home, workshop, office etc.) or the wireless aerial (for mobile or wifi connectivity).  

Is VATMOSS a serious VATmess or a storm in a teacup, whipped up by current and would-be tax avoiders.

| No Comments | No TrackBacks
| More
I have received a number of e-mails asking me to blog on the issues or "do something", but none from those actually engaged in running the businesses supposedly affected. More-over, all the lobbying appears to be behind closed doors. The guidance on Gov.Uk indicates  that those who are already registered for VAT and use a payment service need do very little. That from the FSB  reinforces this message.

Is it correct, however, that even micro-businesses which use the same "legal identity" for sales of on-line products and services in the UK as for overseas, will now have to register and charge VAT to their domestic customers, thus putting prices up by 20%?

If so, will this lead to halting off-shore sales, a flight off-shore or guidance from the suppliers of accounting and payment services on how to legally and cheaply split the business?
 
In other words, is this attempt to reduce VAT avoidance a serious obstacle to the UK future as a location for innovative on-line start-ups or will it simply lead to more work for tax advisors and a rash of competing "VAT apps" for teenagers (and sub-teenagers) aspiring to sell their own games instead of pirating those of others?

I have no idea - hence the question?


Find recent content on the main index or look in the archives to find all content.

Archives

Recent Comments

 

-- Advertisement --