The concept is simple: an art competition on the internet which is open to everyone and will be voted on by the general public; the works - which can be in any medium - then all being for sale through the website in aid of two small charities in
The paper raises profound issues regarding the quality of information used by Central and Local government for policy formation and resource allocation, let alone decisions affecting the lives, livelihoods, health, welfare and freedom of individuals.
The reasons why the base data is so bad include widespread and long-standing ignorance of the basic disciplines of information management not only across public and private sector but also among those selling "solutions" to them.
The disciplines appear to have been lost to sight sometime in the 1980s when Information Technology replaced Data Processing as the fashionable terminology and the study of sophisticated software replaced the study of people processes in the professional education of those entrants to the Information Systems industry who received any. Far too many of those who pass for "professionals" today have received only a hotch-potch of product or methodology focussed short courses and on-the-job training.
When I did my basic systems analysis training in the late 1960s we were taught to assume random errors rates of up to 10% on original data entry unless the material was entered and checked by those with a vested interest in its accuracy and with the knowledge and authority to ensure that errors were identified and corrected. We were also told to assume that it would subsequently degrade at about 10% per annum unless actively used and updated by those with the knowledge and ability to update the files.
Data collected for statistical returns or performance measurement was to be assumed to be random unless produced as a by product of an operational system. That assumption was confirmed for me when I saw how the "government returns" were actually made: usually same as last month with a random fudge factor, unless the person responsible had time on their hands and nothing better to do. I also saw the whole of one firm's exports for three years go through in one month when a colleague did indeed have time on his hands and got round to reading his job description. Despite the bluster over false returns, HMG could not resist the ability to have a headline in the papers about the balance of payments turning the corner.
When I looked at Local Authority rating systems and utility billing systems for the newly formed Regional Water Authorities in the mid 1970s I learned that the rate of change among those to be billed for the services delivered to properties ranged from under 2.5% in the leafy suburbs to over 400% (i.e. an average length of tenancy of under 3 months) in inner cities. Hence the reason for coin in the slot meters for gas and electricity for the landlord to collect. The churn today is no less - and may be even more. Hence the value and limitation of residents' registers and cards around the rst of the world. Hence also the widespread professional disbelief that any UK national identity system would be of any more value - "not even a lead standard" - and certainly not worth billions of new money.
Meanwhile there is a widespread view among Intenrt enthusiasts that if you mash-up garbage from a variety of sources and feed it through sophisticated software you get something other than digitised slurry.
Do read read the Audit Commission discussion paper carefully. Pick up on the snippets of detail. Follow up the references. Despite the problems, some health authorities, for example, have patient records that are remarkably accurate, because they are based on the data entered and validated by the clinicians who use it for patient care. Others record and report data that is actively fraudulent, manufactured to demonstrate progress against targets with little or no relation to underlying reality.
But, more commonly, staff under pressure to service a client will manufacture entries to get the system to do what is needed there and then. Thus some-one with poor english, no fixed address and no proof of indentity may be added several times over, under different names, even without any fraudulent intent.
The systems they use have been designed by people with little or no understanding of the needs of pressures at the point of service delivery, let alone the disciplines of information management. They are not fit for purpose. And there are far too many of them.
The Audit Commission have asked for comments on the discussion paper. Do respond.
The Information Society Alliance, EURIM plans to work with the Audit Commission to help take debate forward and identity consensus on how to address the problems raised.
The disciplines for Identity management date back to Ancient Sumeria (supposed roots of the notary and scrivener traditions). The transition to the electronic world began over 150 years ago (including the message authentication routines for East India Company telegraph system, without which the Indian Mutiny would have succeeded).
The tensions between the approaches of governments (to support taxation and military service and control dissent) and business (to support transactions between those who have never met) go back equally far.
There have been sporadic eruptions of extreme brutality on both sides. The botched looting of the correspondence banking systems of the Knights Templar by Philip 1V of France was the basis of the best-selling "Da Vinci Code". The revolt of the merchants and traders that annihilated the feudal hierarchy of the Duchy of Burgundy was even bloodier. Most exercises to seize banking records or destroy taxation or conscription records have been less violent.
Today we have a plethora of attempts to introduce comprehensive integrated, federated and/or inter-operable ID management systems, by a variety of players, with a variety of motivations. Few involve genuine choice or consent on the part of the "data subject": alias customer, citizen, victim, patient. "client" or "miscreant". .
Alongside the experiences of governments in trying to keep electronic track of their "subjects" (for reasons ranging from taxation and law enforcement to education, heath and welfare) there is over 25 years of private sector experience with running ID management systems in digital environments.
That experience covers many industries:
- financial services (from credit cards to correspondence banks)
- security printing (from bank-notes and bonds to embargoed reports)
- credit reference
- age cards and loyalty schemes
- payment clearing and correspondence banking
- notaries and scrivenors
- the mobile operators (from phones and messaging to payments)
- insurance (including life and healthcare)
- freight forwarding (land, sea and air: local, national and global)
and, of course,
- direct marketing: in all its forms: now including the Internet.
Central to the sustainability, not just acceptability but whether they deliver their objectives over time, of ID management systems appear to be five R's:
· Responsibility (including ownership and the duties of "agents" for the "owner"),
· Registration (including marrying biography and biometrics to electronic credentials)
· Repair (when the registration and or credentials have been compromised)
· Revocation (either full because of serious compromise or partial, e.g. moved from "good citizen" to "suspected fraudster" or "convicted criminal")
· Redress (who should bear the cost of repair and of compensating the victims in the event of compromise - whether deliberate or accidental).
Central to the Identity Governance debate that we have not yet had, despite a decade of wrangling over the value of government issued identity tokens and over philosophical questions, (such as "who owns my identity"), are five questions:
· how are the five Rs and the people processes that support them addressed (or not) by the various ID management routines already operational or proposed?
· what should be the roles of professional bodies, trade associations, politicians, regulators etc. in identifying and encouraging good practice?
· what should be the means of assessing whether the supporting technologies on offer are fit for purpose and used correctly?
· how could/should inter-operability be handled between different types of scheme (legal basis, management structure, application, ownership etc.), including internationally, across jurisdictions, not just between similar schemes using different technologies?
Structuring the Alliance Identity Governance group has not been easy because most of the willing volunteers turn out to be evangelists for specific solutions, unable to accept that they are entering a mature but evolving market. More-over many are evangelists for solutions that do not address the five R's any better than those already on the market.
But the UK has to be able to earn its way out of the current economic crisis as a globally competitive location for industries that could be located anywhere in the world. Creating governance regimes that better address business and personal needs and cause customers and consumers around the world to gravitate towards e-trading schemes policed from the UK is a key point of leverage.
Hence the priority being given to this area by the Information Society Alliance (EURIM) - despite the problems with finding those who not only understand the issues but wish to see the answers based in London rather than Zurich, Singapore, Hong Kong or Dubai.
1) An outsource supplier whose contact details to do not match the "Whois" entry for the website site or meet legal (E-Commerce and Distance Selling Directives) requirements for a physical address and phone number for contact
2) In case we need it for profiling you, or can sell it to some-one who will pay us for it.
3) Because my marketing and legal department says so
4) Only if some-one finds out and orders us to
5) You must be joking
We cannot seriously expect a rebuilding of user trust unless and until these questions are much better answered by any government department or marketing operation asking for our details.
Some suggested answers - in place of the current gobbledeygook privacy statements might be:
1) Ensure that legal requirements for physical contact details are met, with a clear routine for reporting problems - including attempts at impersonation
2) and 3) Give a reason and a benefit for any request: e.g we can contact Experian and fast track your benefit/credit/planning application because it is less likely to be fraudulent I liked the site that gave me a credit and told me they would not give my data to anyone else other than after a court order because they wanted to sell to me. It also gave me the opportunity to review my answers to individual questions when I saw where they were leading - and ended by asking what else would I be interested in buying that they did not currently offer. They got £50 of my time for their £25 voucher.
4) Yes but the laptop was encrypted to level X so the thieves cannot use it
5) A voucher for X% off (including off my tax/fees if it was HMRC or a Regulator who lost it).
]]>
This caused me to look up a paper I wrote five years ago on the politics of personal identity. That paper in turn harked back to work I did for IMIS, the UK-based but international professional body for Information Systems Mangers on a submission to Michael Howard's consultation on proposals to introduce a voluntary national ID card. They thought ID cards were no big deal provided no-one assumed they were anything more than a low credibility residents' card.
The world may have "changed" on 9/11 when the United States discovered global terrorism in the most horribly public way. But the politics of personal identity did not: only the arguments used by those who view us a subjects, not citizens. Now that balance is swinging back.
We still have growing pressures from those who want us to transact on-line for forms of identity that meet their needs. We are ourselves demanding more efficient joined-up services from the public sector. Meanwhile we see ever more evidence that centrally held files of personal information, whether public or private, will be systematically raided or abused unless well managed.
But the fundamental arguments go back millennia, not just years or decades.
The new means of recording identity may, or may not, work but they have to be operated by analogue mammals whose standards of behaviour have changed little since writing first evolved in the deltas of the Euphrates (Iraq) and Yangtse (China), over five millennia ago. The oldest known writing looks suspiciously like a tax tariff for dealings in a cattle and grain market. The holy books of the monotheistic religions (Judaism, Christianity and Islam) contain many references to censuses, taxes and the means of identifying those who are to be respected. The teachings of Buddha and Confucius build on the wisdom of even older civilisations that nothing was inevitable save death and taxes. Even the most primitive tribes have the wisdom to distrust strangers who take their picture or ask their name.
Today the first priority of our rulers is still to record their subjects and tax anything (or anyone) that moves or dies in their realm. Meanwhile the only identity tokens their subjects value and respect are those which give credit in the market place. That market place is, however, increasingly international and electronic with ordinary citizens, not just merchants and their agents, expecting to transact with strangers on the far side of the world.
In consequence we have a tension between rulers, seeking to create and control local, national and regional identity tokens and their subjects who want a variety of tokens according to whether they wish to obtain products and services locally or internationally without paying cash. We also have a tension between those who want high reliability (to prevent possible terrorists boarding an airliner) and those frightened of being mugged on the way to the library or post office and having their identity stolen. From Brixton (South London) to Bogota (Colombia) no ordinary citizen carries more cash or ID than they really need.
We have public debates in the United Kingdom (over ID cards), in Europe (over an EU-wide health card) and in the United States (over the identification of airline passengers and Federal access to nationally collated identity and transaction files). All assume that technologies will work and inter-operate. Meanwhile we have a long trail of failed systems, fraud and lack of operational inter-operability. And there is no sign that the current generation of systems developers, let alone the public servants and outsource contractors who are to operate and use the new systems, is any more (or less) competent and honest than those who went before.
I blogged on Liam Maxwell's paper, "It's Ours: why we not government must own our data" when it first came out. It is a great read but begs the question as to why we should trust Google or Microsoft any more than Central Government - other than that their motives are more honest: they "only" want to know about us so as to better target advertising spend money. They don't want to tax us or take our children to fight for them.
No wonder Central Government and its would-be suppliers, many of whom also wish to sell to Google, find it so difficult to engage in debate with those who see no need to be electronically tagged at all, let alone for those tags to be centrally indexed.
Our policy makers appear to have learned little and forgotten much. On Toesday I aim to revisit these issues in a more positive light - how do we find a win-win way forward
all need 8 - 10 megs symetric
In every senses they are on far side of the planet from the Ofcom "vision" of policing the cybercrud, as our teenagers down load material from around the world because they cannot themselves upload anything bigger than a Youtube clip, before they die of boredom waiting.
I think the chair of the session got the alternative "vision". My co-panelist from Google was certainly delighted that it was me, not him, who was challenging the audience to raise their sights.
As the only person in the room with a bus pass, I also enjoyed pointing out that I was using electronic messaging over forty years ago - albeit most radio hams, whose ranks I was encouraged to join for practice, still used morse.
I began my challenge to the Government 2010 audience with some "alternative" definitions of the Internet:
1) A marvel of engineering simplicity, with governance routines designed by Californian Hippies (class of '67, still stoned), overlaid with layers of lawyer-driven liability-avoidance contracts and land grabs for rights over innovation and content
2) A cartel masquerading as anarchy, with everything that makes money controlled by a handful of global corporations: Cisco on routers, Microsoft on Browsers, Google on search engines and so on
3) The current state of the world's largest machine: the world telecommunications network, evolving over time from telegraph, telephone and telex onwards - with thought leadership for the drive into IPV6 based, visual multi-media passed to China - while the UK and EU are stuck on the sidelines, arguing among ourselves over regulations that will be obsolete before they are agreed.
My message was that unless we escape from Fantasy Island, the Chinese and Indian players, from Huaewei to the myriad suppliers of language independent multi-media systems and search engines, will dominate the on-line world, including our domestic market, just as the Japanese car makers did until overtaken in turn by their neighbours.
On that note I remind you that the Department for Business Innovation and Skills consultation on implemting the proposed duties for Ofcom to report on UK's communication infrastructure http://www.berr.gov.uk/consultations/page52743.html. closes on 30th October.
I have just been contacted by one of the team offering the opportunity to raise any particular issues of concern covered. I will raise this offer when the Information Society Alliance (EURIM) communications group meets on Monday to review at its forward programme for 2010.
It is one thing to enjoy venting one's spleen as an individual - it is another to work as part of team to make a difference.
Do join the team, either via your employer (although EURIM does now have individual as well as Corpoate membership) or their trade association (e.g. Intellect) or via your professional body (e.g. BCS, IET, IMIS, ISACA, ISC2, ISSA etc) - especially if you disagree with what I have said above.
Part of my role is that of the small boy in the tale of the Emperor's new clothes. But the other part is bringing together those who will provide him with new clothes that are fit for purpose - including maintaining his credibility as a ruler.
In that context who do you trust to rule the Internet?
Global corporations whose objective is to make money, including to pay the pension funds who are their biggest investors?
Governments whose objective is ... (I leave you to complete this sentance as you wish)?
or
Organised Crime (currently exploiting the vacuum)?
Remember that if you want it be run by a partnership of the good guys, it is up to you to support the Internet Governance Forum, including via ICANN and Nominet. The next meeting of the EURIM E-Crime group will be a report back from Sharm El Sheik and a review of current plans to help the launch of the Tripartite E-Crime Reduction Partnership - as announced in the Digital Britain report.
]]>
The second is that around 20% of its "customers", including those in most need or most likely to attend MPs surgeries, live lives of unpredictable chaos, with multiple inter-linked problems, lurching from crisis to crisis.
Systems based on comprehensive rule-books, however complex, are doomed to "fail".
Perceived "success" depends on designing simple systems for the 80% whose needs are straightforward or predictable, with authority devolved to human beings to handle the rest.
This approach raises all the issues of accountability for public money that the current centralised silos were designed to handle. But the world has moved on since 1917, when Loyd George's war time government decided that the land fit for heroes would be built on nationally standardised schemes rather than local choice.
The time has come to adopt approaches that are fit for the 21st Century.
Perhaps a wholesale change of MPs, bringing in recent experience from business and from local government, will help those within the Civil Service who have long been only too well aware of the need for change.
I should perhaps add that the insights on which this entry is based were recenlty expressed forcefully and eloquently by a retired senior civil servant who was almost in despair (or should I have said incandescent with rage) at the mess made by those who succeeded him as they tried to implement the over-ambitious wet dreams of well-intentioned ministers and policy advisors, aided and abetted by less well-intentioned consultants and technology salesmen.
I very much hope that the way forward will include rebuilding the skills and professionalism of the Civil Service as well as devolving authority and accountability to those in the front line of service delivery who are best positioned to understand the needs of those with whom they dealing. The latter will indeed need much better information systems, but designed for decision support, not automaton control.
]]>
Commending the summary to MPs and to Parliamentary Candidates, Stephen Timms, Financial Secretary to the Treasury as well as Digital Britain Minster, said:
"I welcome EURIM's brave attempt to summarise thousands of pages of reports and guidance into a simple crib sheet for politicians. I hope it will cause those responsible for policy planning, procurement and implementation to follow up the references to the Audit Commission, BCS, Intellect, NAO and OGC material on which it is based. It is a useful aide memoire for us all, as well as a succinct summary of what the next generation needs to learn, to avoid repeating the mistakes of the past."
A key message is that the degree of clarity over objectives and candour over the risks to be managed usually determines success or failure before the start of the procurement process.
The full text is below:
===========================================
Good Practice in Procurement
"We know why projects fail, we know how to prevent their failure - so why do they still fail?" Martin Cobb, Treasury Board of
EURIM has distilled the reports and guidance on procurement produced by the Office of Government Commerce, the National Audit Office, the Audit Commission, Intellect (the Technology Trade Association), the British Computer Society into 4 pages, including links to the sources. www.eurim.org.uk/activities/pubproc/0909-Good_Practice_in_Procurement.pdf.
The key points are:
1. Agree clear business outcomes before you start
Procurement should not start until those at the top have set clear, achievable, objectives - including what "success" means and how it will be measured. It is lack of clarity and consistency with regard to objectives, not size or complexity, that makes public sector projects riskier than those in private sector
2. Be realistic and candid about risk, especially politically related risk, at all stages
The cost of public service contracts reflects the risk of changing political objectives and priorities in the face of external pressures. The transfer of unmanageable risk increases cost. Risk is best managed by those in a position to take timely and effective action.
3. Avoid inventing new wheels: reduce risk by recycling and adapting where possible
Most public sector projects can be delivered using technologies that have been tried and tested elsewhere. The bigger challenge is the need for changed ways of working on the part of those using the new systems. Management and staff need to be motivated to welcome change that enables them to deliver tangible benefits, rather than for its own sake.
4. Do not over-emphasise price: lowest cost is rarely best value or service
Pressing suppliers too far on price is counter-productive. They will ultimately have no choice but to cut quality by, for example, using cheaper, less experienced staff. Best value also requires looking at the solution proposed, relationship, delivery approach and behaviour.
5. Focus on rewarding achievements, not on penalising failure
Incentives need to be thought through: time to answer calls, for example, should not become more important than providing a satisfactory answer. Shared programmes to develop skills in relationship management and disputes avoidance can help cement co-operation.
6. Regularly monitor performance and continued relevance of outcomes
It is good practice to agree a Joint Statement of Intent between senior executives in the customer and supplier organisations, in parallel with awarding the contract. This should then be communicated to all involved as the basis for ongoing review of delivery, including whether the outcomes are still relevant and achievable.
7. Do not skimp on testing, including of security, resilience and people processes
Additional testing cannot make up for deficiencies in specifications but it is essential that projects under time or cost pressure do not economise on planned acceptance testing, particularly with regard to periods of use under working conditions by typical operations staff before going live.
Why does each generation of technology devotees feel compelled to repeat the mistakes of the last one - like teenagers discovering sex?
]]> The Internet is over forty years old. Its transition from laboratory to mass market took about the same time as the Motor Car or Radio. Its impact is no more and no less.Meanwhile its devotees commonly display all the maturity of Patsy Stone and Edina Monsoon in Absolutely Fabulous
Almost exactly nine years ago, in an article published after the burst of the Dotcom Bubble, I commented on the need to re-learn some of the business principles of the early part of the last century and quoted Henry Ford's four business principles.
My conclusion was "The New Economy is not new. A 1000 year old Gaelic Proverb loosely translates as: "Wealth is created when one man produces what another wants, whether it be a sword or a song", Recovery from the tech stock market crash ... depends on packaging technology to meet customer needs, not aksing customers to adapt to technology."
P.S. While hunting the link for that article I googled myself and Henry Ford and came across one of the sites carrying essays for students to copy and found that another of the articles I wrote for the IMIS journal was the basis for their model essay on E-Commerce. Be very afraid of what the next generation is reading.
]]>
Are they content to have the same law on-line as off-line - with their liability avoidance small print struck down by courts around the world and their business-to-business disputes settled by those who police global business in the off-line world (from the scrivenor-notaries, through organisations like Den Norsk Veritas and CEDR)?
Or are they confident that by moving everything off-shore they can outflank all the national regulators queuing up for a slice of the action and also agree liability avoidance contracts with the global multi-nationals, from Aerospace, through Freight Forwarding and Financial Services to Pharmaceuticals and Petro-chemicals?
In that context I was struck by a juxtaposition of the comments of a BPI spokesman quoted by the BBC in their story ISP in file-sharing wi-fi theft that "ultimately, householders will be held to account for what happens on their own networks" and an advert in yesterday's Times for "complete protection against on-line scams" for £23.99.
Meanwhile the scripts used by the staff of the call centres of India deny the existance of legal protections to UK customers under the Consumer Credit Act and Direct Debit guarantee and tell you to contact who-ever made the mistake (or committed the fraud). It would appear you now have to make a formal complaint and be ready to sue in order to exercise your rights.
This led me to ponder on the provisional conclusion at the end of my last blog. "Is Statutory Internet Regulation Inevitable?" It still think it is the adults, not the children, who are living on fantasy island. I would add that the fantasists include many of the IPR lawyers, domain name registrars, corporate counsel, sales and marketing staff and lobbyists of the Internet industry.
Unfortunately they are busy sabotaging the bridges and boats that would allow the rest of us to escape to the mainland.
The time has come for users of all ages to call on politicians to ensure that the same law really does apply on-line as off-line - and that the creeping erosion of consumers rights, not just responsibilities, is stopped - not just in court by those who can afford it.
I fear that only then will the industry' strategic thinkers and corporate planners fully appreciate that they are expediting a process of replacing the consumer and customer confidence they need, in order to make money, by hierarchies of tick-box compliance and legal fiction that will ultimately destroy their margins.
Meanwhile the transition of "traditional" ways of doing global business to new technologies is bypassing them on both flanks. My local high street has "branches" of at least six global "transaction services" running over a mix of mobile technologies and VOIP. I am pretty certain that their combined turnover is well in excess of that of the two surviving bank branches. In parallel the teenagers have started transitioning to Indian and Chinese-based web services to get better prices for what they are willing to pay for over the net.
]]>That appeared to me to be three about-turns from what Parliament agreed during the debates over the legislation to create Ofcom as a light touch, consumer protection regulator which would neither regulate the Internet nor try to predict the future and also inherited a clear work-in-progress agenda from the Radio Communications Agency.
Later in the conference, Derek Wyatt MP summarised the main conclusions from the apComms report "Can we keep our hands off the Net?" - also all to do with self-regulation rather than government interference. There was a good debate over what was meant by a Universal Service Obligation of 2 megs and Stephen Timms confirmed that it meant what it said. That was felt to be really good news by those whose "up to 8 megs" service fell to under a meg when the children came on line after school.
The day was, however, stolen by the delegates from the childrens IGF organised by Childnet. They went straight for the difficult issues that we were all avoiding: wanting open access with safety. They pointed out that our technology dependent, safety-first, "if in doubt block it", censored feeds to schools got in the way of their supervised project work - because they could not access main stream sources, let alone any of the blogged commentaries on them. But they also wanted effective facilities to help guard against 24 by 7 on-line bullying.
Less than 25% of the children and almost none of their teachers or parents were even aware of the safety and privacy features on the social networks they used, let alone how to use them. Nor were they aware of much of the educational material on offer to help them. Those designing the features clearly had not consulted their customers. Those producing the material were clearly not using the most effective channels to market.
Over the course of day it became apparent that it was the adults, not the children who were inhabiting fantasy island.
One of the adults who showed that she fully understood what she was doing and why, was Martha Lane Fox. She took the user-centric view that is all too often missing from debates over technology policy, dominated as they usually are by a mix of vested interests and technology enthusiasts.
IT experts busy designing systems to impress other experts have to remember that it is their fault, not the users', when the latter do not know how to use the wonderful features on offer or the support and safety facilities on offer,
Perhaps Ed Richards was right. Perhaps regulation is inevitable. But if so, the ICT will have brought the U-Turn on itself.
My provisional conclusion was that no-one over the age of 13 or under the age of 63 should be allowed to vote on any legislation to regulate the Internet. It should be left to children and their grandparents to decide.
I may, of course, temper that conclusion tomorrow morning - but certainly I heard nothing that convinced me that those between the ages of 20 and 60 know enough to make regulatory decisions that will not turn out to have been counter-productive before today's 13 year olds get to University.
]]>
Meanwhile in Iran and China the technologies used to target Internet Advertising are turned through 180 degrees and used to identify dissident bloggers and twitterers. What really stops that happening here - beginning with those who swop unlicensed music tracks? Is our main "protection" that the most popular English language servers are not based in the UK.
Had Google and Yahoo not moved their European headquarters out of the UK (and EU) earlier this year, the story might well have been very different. The writs would have been served and Guido's co-conspirators would not have been able to link to the documents.
How ironic that the legal pressures that are driving the heart of the Internet offshore are also helping preserve its value as a carrier of free speach. But, given the creeping "censorship" within the US as illustrated in the example I quoted in my blog yesterday , can we trust American lawyers to preserve that freedom? Would it not be better to restart the process of "making the UK the best place to do business on-line". .
Tomorrow the EURIM Knowledge Economy Group will review the update of its 2006 paper "A Flourishing Innovation Economy" The working title of the new paper is "Knitting with teaspoons". The basic theme is that technological change has outstripped policy evolution to such an extent that many of the policies we have in place to support business have become the wrong tools for the job.
One of Guido's co-conspirators claimed "The power of the Internet cannot be contained within the paltry constraints of a judge's chambers" . But it can be taken out completely, at least temporarily, by an Islamic government which objects to its use to carry criticism. It can readily be hi-jacked, again perhaps only temporarily, to bombard citizens with propaganda, (alias spam), or hijack their identities, (and votes). We face the rule of the nerds.
On the 22nd October I am due to participate in one of the panel session of the on-line conference Goverment 2010
Just as the ham radio free thinkers were crushed by the state radio reinforced state bureaucracies of Hitler, Stalin, Roosevelt and Churchill, all master of the new media, so the libertarians of the Internet age could yet be crushed by the masters of this new media.
We forget that in economic terms the Internet is a cartel masquerading as anarchy. We are critically dependent on the business models of that cartel being more aligned with free speach than with mind control, whether by their advertisers or the state.
]]>
The consequences will be "interesting" to say the least - if attempts at new on-line specific legislation fail and off-line law - from the Bills of Exchange and sale of Goods Act onwards - is applied.
It will be even more interesting if courts continue to narrow the "innocent carrier" and "software is a product not a service" defences for that which is sold as fit for family or small firm use.
We have many allegations as to what the law is - and out of court settlements for those who have the expertise or funds to challenge those interpretations.
On Friday the EURIM Security by Design group reviewed the first draft of a paper that attempts to address some of the consequences if (or perhaps when) innocent carrier and other liability avoidance defences crumble.
It was a surprisngly constructive meeting. Those who raised problems all agreed to draft short-order material to address the problems they raise. Whether they deliver is another matter, but the sense of urgency was encouraging - or should it have been worrying?
P.S. I now have provisional answers to the five questions I raised in my blog "How real is the threat of e-crime?" They are:
1) Probably not
2) Perhaps
3) No
4) Possibly
5) Maybe
I leave you to match the answers with the questions.
A sixth question has been suggested.
6) Is it sufficient for them to seek to mandate security by design/default in new systems and in the products and services the procure?
The answer is "probably" - but sign are that many suppliers will pay lip service while activley resisting "because it is too difficult" - until forced to succumb by the pain in their wallets as customers migrate.
]]>
One of those barriers was the lack of access to genuine broadband, that capable of carrying full motion, entertainment quality video to the home or workshop: the 2002 target of the last Conservative government, abandoned in 1997 when Labour came to power. Like the Labour and LibDem Dragons they homed in on the need for material to support those who will be using participation in local broadband access campaigns as part of their own election strategies. Like them, they also felt that "access" needed to include support for those in urban areas who cannot afford current service offerings. There were also strong views on the usability of those services by the majority of the electorate.
Philip Dunne MP, Conservative CLG Whip and one of the Directors of the Information Society Alliance, gave a short introduction and then handed over to Kemi as chairdragon.
Dr David Butler of Atkins was the first champion. He summarised the various reports on government IT projects and asked whether the criticism to which they have been subjected was justified. He said: "There is no such thing as an IT project: All such projects are a combination of people, process, technology and leadership. The key to stop IT project failures is to have the right information and ask the right questions at the appropriate time."
Lesley Cowley, Chief Executive of Nominet asked candidates to participate in the Internet Governance Forum: "With society and global business becoming critically dependent on services delivered over the Internet, more than ever Internet Governance is an issue that politicians need to understand and be involved in. By engaging in the Internet governance debate, MPs can make a positive difference to the lives of people through encouraging partnerships and coalitions that help deliver better access, child protection, prevention of fraud or other abuse."
I then said they would not be re-elected if most of their voters were unemployed, in low-paid dead-end jobs or pension-slashed poverty come the election of 2015. They had to help create, attract and retain the wealth creating jobs of the future, lest the UK becomes a post-industrial poor relation to the economic powerhouses of Asia. This caused one candidate to comment that I was threatening them with de-selection before they had even been elected!
The Conservative Dragons came from a variety of backgrounds, from the computer games industry to small business users and from pig farming to software evaluation. Those with a professional IT background were the least forgiving about the performance of the handful of contractors who are said to account for 80% of central government's IT spend. The industry needed to put much more effort into identifying and meeting user needs, not just hitting the targets their lawyers had agreed with the consultants employed by departments that had lost their in-house planning and procurement skills, let alone contact with those the systems were supposed to serve.
Commenting on the lively debate that followed the opening introductions, Ewan Lamont, Conservative Candidate for Nottingham East said:
"This was a great event today. The three issues that were raised are extremely important ones. More debate and discussion is needed to try and stop future IT budgets going over budget and make sure they are managed appropriately. We need to start thinking about engaging with governance on the Internet. At the moment politicians are too scared."
Mark Pawsey, Candidate for Rugby, felt the material needed to be tightened before it was used politically but left with an action:
"This was an interesting debate and I thoroughly enjoyed being a dragon. The cases that were made were a little looser than if they were to be made to voters. It brought important IT related matters to the fore and I left with a campaign to run in my constituency based on broadband availability across my constituency."
Stephen Mold, Candidate for Derby North, commented on the impact of technology on the political process itself:
"Technology provides some amazing opportunities over the next parliament both in the optimisation of government and delivery of services to people. In addition to that it also aids the interaction between voters and politicians which the expenses scandal demonstrates is not happening at the moment. Receiving feedback and communicating with voters in the most efficient way is an important goal."
Nick Pickles, City Seats candidate for Pontefract and Normanton, welcomed both the inputs on scale of change needed and also the open discussion on some of the more difficult issues:
"The Dragons' Den was an extremely useful event because we accept that government has to be generally transformational at the next election to solve the problems that are facing Britain and an exciting part of the dragons' den was hearing the discussion around the boundaries of policy discussion and issues of censorship and civil liberties."
A key issue was to keep our workforce up to date with the skills it needs to remain employable and Alan Cullens, Candidate for Chorley ,said:
"One of the most important issues today is around skills and ensuring that ICT is seamless from the start of school all the way through university, making sure we have the right people for the jobs of the future."
There was a lively debate between the Dragons on some of the governance issues and Peter Aldous, Candidate for Waveney said:
"I found it a very useful session. As far as governance is concerned I'm not sure the Internet is governable by an individual state, but it is quite capable of being self-governing. Consumers need to decide what they want from the Internet in advance and providers need to identify their clients' requirements."
Philip Milton (Candidate for North Devon) suggested that, at the moment, the protections are inadequate and more needs to be done to protect access generally, as well as ensure that a final responsibility needs to rest somewhere - e.g. the host/ISP. This would feature with both pornography, etc and also fraud. He was bemused at the comment that his raising the issue was the first and more audible so far and was concerned at the tendency to allow "optimism bias" to colour our basic judgement and at least assess all these things very carefully indeed.
One of the younger conference delegates pointed out, from the floor, that we already have Internet censorship - on the feeds to schools. He and his peers get round it quite easily. He then added that some of what they found really was rather nasty.
One of the other industry participants, Mike Fitzgerald of Hewlett Packard said:
"This was my first EURIM meeting which I found extremely informative, particularly the drive towards the better engagement of the public sector with IT to make things work together. We need to be far more collaborative and far more realistic in the outcomes we expect from IT projects."
That point on collaboration was echoed and the Dragons' vote at the end was also for the plans of EURIM, the Information Society Alliance, to bring suppliers and users together to produce collective briefing material that candidates could use.
]]>Speakers from Avanti and Alcatel-Lucent provided the technology meat, including pointing out the importance of some of the European funded R&D programmes, launched when Ian Taylor (also present) was the UK minister handling the negotiations. These had provided key technologies that helped nonspots to be addressed at a fraction of the costs being bandied about by those wishing to delay investment so that they can past investments.
Whatever industry, central government departments and regulator might want by a way of tidy national initiatives and centralised, standardised big buck procurements, local broadband initiatives are set to play a major role in several dozen local election campaigns where electors are impatient for world-class access.
Tomorrow, at the EURIM Dragon's Den, I expect to see further evidence of demand. I then hope to be able to ask some of the Conservative Dragons to join their peers in the other parties to assemble the questions they all want answered in briefing events and material involving those who wish to use the infrastructure to distribute content and employment opportunities as well as those wishing to supply the technology.
I then look forward to seeing how the candidates (and their parties) use the answers to score points over each other - and to seeing how succesful the winners are at turning the promises they make into reality.
That is when IT really does meet politics.
]]>