May 2012 Archives

On June 14th the introductory offer of £95 for a years subscription to the e-Skills National Skills Academy for IT come to an end and the price rises to £359, although there will be discounts for multiple subscriptions.

This is great opportunity for London employers who are planning to use the extended summer break (caused by the Olympic lockdown) to ask their employees to undertake distance learning to upgrade their skills. It is similarly invaluable for those in the public sector who know, or fear, their jobs will end after the Olympic "work from home".
 
The package will remain incredible value for money, even after the price rise. At this point I should declare an interest in that I have just agreed to help the creation of the Security stream, including recruiting employers to help ensure the frameworks and contents keep pace with their evolving needs.

If any of you would like to help with inputs on the information security skills you want for own employees, now or in the future, please let me know. I am equally interested in material on when and how you want those skills delivered - albeit I do not know of anyone currentiy working on skills implants, let alone a combination of soma and sleep learning 

The best on offer is likely to be a network of Universities offering local on-line access to just-in-time modules. This will hopefully come out of the EURIM meeting that I chaired last week to bring universities, security vendors and employers together to discuss sutainable models for helping populate the evolving skills frameworks on which the e-Skills employer panels are likely to agree.  

   

Back in February thousands of civil servants were told to work from home for a couple of days as a test of teleworking plans for the Olympics. Those plans now appear to envisage a seven week period in which journeys into London will be cut by at least 40%  in order to cope with the Olympic traffic. This has triggered articles questioning the likelihood of a sudden surge in tele-working beyond those who have already discovered the benefits. Back in February O2 closed its Head Office for day and reaped serious benefits. But that was only for one day. It would be interesting to know what happened during the Civil three day test back in February or the more recent two day Canary Wharf stress test.

Meanwhile, for those who have not already made their plans, the Cabinet Office National Security website offers some useful checklists, including for checking the broadband services available to potential teleworkers. What this site cannot cover is the likely effect of the surge in traffic on existing fixed and mobile broadband connections as viewers seek to use smart phones and i-player. I blogged earlier this year  on the success of the BDUK  strategy, (whether deliberate or accidental) to help pull forward the investment by BT and others to handle that surge. But those whose exchanges have not been upgraded for fibre to the cabinet by the end of June may not benefit. Meanwhile I told that small firms who cannot afford the risk travel chaos or broadband meltdown have paid for fibre to the homes of senior executives to enable them to host their own teleconferencing.

 

Next week will see the 2012 National Digital Conference with over a thousand delegates exploring "the policy, leadership, innovation and collective action needed to support an inclusive and enterprising digital nation". The state of current debates over electronic identities and payment mechanisms, let alone of those over data protection, privacy and security, indicates that inclusion and innovation will be almost the last things in the minds of those seeking to herd the sheep on-line to be fleeced. Whether the fleecing is to be done by the purveyors of technology, regulatory or compliance snake oil or by local and global organised crime, no-one appears to be giving priority to quality of service to paying customers. 

One of those planning to attend the National Digital Conference sent me the following guest blog. I have changed the heading from his original "Please sign here - but not at the Post Office." and put his message into political context, but it is stark

The DWP has, whether by accident or design, created a situation whereby some of the most  vulnerable in society, with least access to reliable on-line services (if they could see or manage the dexterity to use them) are no longer able to use their local Post Office, where they can deal with staff they know and who know them, but must travel miles to a Paypoint  to use a less secure service. In rural areas, with few buses and expensive taxis, the increase in cost and the deterioration in quality of life flies unnecessarily in the face of declared government policy. Worse, it will be blamed, unjustly, on current ministers and their enthusiasm for using new technology to deliver better service at lower cost. 

I am told that the Cabinet Office ID team are going to Washington to look at the Open Identity Exchange . I assume this is linked to the Open Identity Foundation although I see some subtle, and some not so subtle, differences in the backers.

I welcome the change of heart.

However, if HMG is indeed planning to respond to market forces I do remind them that there is, as yet, little overlap between the openID operations and those used by the banks and transaction and payment clearing services, or by fixed and mobile telcos, ISPs and pay TV operators. The main reason is that they are technology solutions to what is a problem of trust in people processes.

Will DWP really use Open ID solutions?

Would anyone in financial services trust an ID issued by Government any more that they trust the passport and utility bill they are required by law to use for the worthless "know  your customer" rituals that get in the way of customer service. 

It is interesting to note that most of the headline industry names in the Open ID consortia commonly check the context against the footprint for that ID before authorising any  transaction that puts them at significant risk of fraud.

Where does that put them under the planned European Data Protection Regulation, if they base operations inside the EU?

The issues of inter-operability across the different families of ID systems, both within and across national boundaries, are among the reasons why so much on-line trade within the EU is routed via the United States. 
 
But is HMG context to rely on ID operations based outside the EU, let alone the UK?  

Meanwhile at least 20% of the population, including most of us for our last decade on this planet, are incapable of reliably using anything that requires us to remember a password or use a keypad.  Given that elderly voters may actually outnumber those of the facebook generation who have bothered to register that presents a political  problem. 

Sooner or later we will need an exercise to reconnect debate over ID policy with human
as well as electronic reality.  

Iam Watmore played a unique role in the attempt to create a UK equivalent of the Office of President: from the Anderson/Accenture support for the New Labour project through to a return to the centre of power after the transition to a coalition government. However, the idea that the delivery of public services should be outsourced under the supervision of Cabinet Office was always alien to the tribes of Whitehall. The CIO and CTO collegiate approach always fitted much better with the culture of Whitehall, if the objective was to transform the delivery of public services rather than "merely" centralise power into the hands of the triumvirate of Cabinet Office, Treasury and Number 10. 

Now that the money has been spent, the future mortgaged and a second, much deeper, round of cuts is about to begin, it will be interesting to see who is brought in to help terminate the inflexible PFI contracts that stand in the way of a return to fiscal health. The alternative may well include pain on the scale of that in Greece and Ireland, with a Geddes Axe style 10% cut in public sector wages and pensions.

I personally think  Francis Maude could do a lot worse than bring Richard Grainger back to complete the job he started - when he held the NHS contractors to their side of the nonsense contracts he inherited - and his former employer, Accenture, was the first to sue for peace and walk away.  However, in parallel with the cuts to "stop the bleeding" we do have to start rebuilding for the future.

If the bulk of the Civil Service is to be sent home for the summer, they should be enrolled, to short order, on distance learning courses on Finance and Business Administration using some of the excellent material available from the Open University or Strathclyde Business School as part of the long overdue implementation of the Fulton report . 

And after that summer break, will we have seen a seismic shift in power from Whitehall to Town Hall and "Nanny knows best" to "self help", turning the "Big Society" from rhetoric into reality? I fear, however, that I may see pigs practicising synchronised swimming in flood water before then.     

Conservative Home has another good piece today on the need to give priority to electoral reform, even though genuine voters won the London Mayoral election by a narrow margin. I will not bore you again with my views on the electoral roll [cleaning it up would do more to help tackle identity fraud than any amount of spend on government ID systems] and postal voting [incompatible with a fair, free and secret ballot] but since the Times has not published Mark King's letter on the proposal to make registration compulsory without reforming the processes, I reproduce it below with his permission:

What really annoys me about the current proposals for the Interception Modernisation Programme is how much it will cost, (including driving communications hubs and high value commercially confidential traffic off-shore) and how little it will achieve. I will not recap my previous arguments on why the proposals do not make sense , harking back, as they do, to an age that never was. Instead I will focus on my final point, the need to look at what has changed and why the way forward should be built around engaging GCHQ in the fight against on-line crime and malpractice, alongside those protecting the on-line world against the threats of today and tomorrow.     

HMG is spending hundreds of millions on cybersecurity. The private sector, led by the CIty of London, is spending billions. Neither is getting value for money. Resolving the conflicts between the two, instead of exacerbating them, should help both to better achieve their objectives at significantly lower cost - and should also help address one of the main barriers to UK economic recovery.

The nail-biting climax to the London Mayoral Election with ballot boxes of postal votes supposedly emerging from storage cupboards at the last moment indicates that something is very rotten with the state of electoral conduct in the UK. Democracy is a precious gift and it does not come cheap. Once lost it has to be bought back with blood, not just lucre.

As part of the audit of what happened we need a full analysis of how the postal voting system operated, included a comparison of how the registers used compare to other sources of information as to who actually lives where. The electoral register is one of the main start points, alongside Passports and Driving Licenses, for the creation of false identities, not just the impersonation of genuine ones. These cost the UK £billions in fraud. Therefore The investigation should not be carried out by the Electoral Commission but resourced as part of the ID Crime Action Plan that is supposedly part of Fighting Fraud Together and paid for from the £325 billion that has been allocated for fighting benefit fraud. The cost will almost certainly be recovered inside a year from the drop in benefit claims from those who no longer reside in the UK, if they ever did or even existed.

The results should, however, be used to not only cleanse the existing electoral registers but to end the postal voting farce that makes a mockery of one man one vote as well as prpviding a start point for fraud and corruption.

Instead we should look at some of the many means of enabling those unable to go to the right polling booth on the right days to cast a secret ballot at a different time or place: from "mobile polling stations" visiting nursing homes to polling stations in Army Bases or on Board Ship 

During the run-up to the referendum on the Alternative Vote I blogged on the need to address fraud in the electoral register as one of the start points for the manufactured (as opposed to stolen) identities used in sysmermic benfit fraud. A few days later I blogged again on the need to give cleansing the electoral register priority over chnaging the voting system.

The chair of the Electoral Commission may think she will reassure Ministers over the integrity of voting in Tower Hamlets tomorrow but if the elections are to be stolen that will already have been achieved with the postal votes. Meanwhile attention is focussed on Tower Hamlets. What about Lambeth which swam against the trend in 2010 on the back of a truly massive postal vote? What about the other inner London boroughs?

Some of the press cover  illustrates one of the key reasons electoral fraud is so easy: the attmept to maintain a register that changes by 20% per month as it seeks to keep pace with itinerant "students" and temporary workers. That is also why plans for a national ID register were systemically flawed - somewhere around 20% of the population can best be viewed as having no "fixed abode". Given that they also tend to drift in and out of employment, a Universal Credit based on an on-line, and supposedly accurate and up-to-date PAYE may well end up helping only that minority with predictable needs who are in permanent accommodation and dependancy, while condemning those on the move in search of work to a choice between an emergency tax code , cash in hand and benefit fraud.

There may be only one credible solution - to go back to paying benefit via a named post office, with the addition of a Post Office "card" (linked to an electronic identifier), issued after a face-to-face "encounter" between a named member of post office staff at that named office, to allow payment via another office or into a debit account linked to the card. Might that entail forgetting about privatisation and going back to a Victorian-style chain of responsibility - when the postman was a servant of the crown and the sub-postmaster signed a draconian contract with Royal Mail. Would that more or less expensive (counting the cost of fraud)?