HMRC Real Time Information pilot meets the "Real" World. Is Nominet about to do the same?

I have just been looking at press cover for the report of the HMRC Real Time Information pilot, on whose success current plans for the introduction of Universal Credit depends. The pilot was conducted with medium to large employers using mainstream payroll software. Micro-employers now have to use the system. Many have no full time staff (e.g. small charities, youth and community groups, sports clubs, Parish Councils) or employ occasional jobbing labourers (e.g decorators, plumbers, roofers and scaffolders). Such organisations previously had their books and tax affairs tidied up once a year by their accountant (whether paid or honorary). Some now appear to be expected to spend more on monthly payroll software and accounting services than they previously paid their helpers. I look forward to the National Audit Office report in Spring 2015.

MeanwhiIe I have a growing sympathy for whoever is now in charge of implementing the Universal Credit – as RTI follows the Cabinet Office Identity Policy “into the melting pot”.

Yesterday I was asked why Government needs an identity policy at all, given that UK law regarding electronic signatures has been clear for over a century. As I have pointed out before, the first  Supreme Court case regarding electronic signatures (alias “cable authentications”) goes back to 1867. “All” that appears to be needed is for HMG to agree which electronic identities is is willing to accept and for what. Again, as I have said before, there are a lot of identity systems to choose from. I listed some of those available for DWP to chose from in one of my previous blogs. The big question is “what does Government need that is different?” – and perhaps more importantly – “Why?” and “How much extra is it willing to pay in order to be different?”. Given that the answers differ according to the application in mind this raises the question of how far HMG could/should go in seeking to promote public sector standardisation on that which meets the needs of a subset of departments and the budgets they have available, as opposed to demanding inter-operability and mutual recognition between those which identity systems that it agrees to accept: perhaps piggybacking on the mutual recognition routines used by mainstream global financial services and international traders.  

This leads me on to the Nominet consultation on the future of .uk as a domain that is worthy of the trust placed in it by those who do not know better. I have once again been shocked, but not surprised, at the narrow vision of those seeking to preserve the current, “untrustworthy because unvalidated”, registration processes which make it almost impossible to work out whether a website is governed by UK law unless it actually abides by the e-Commerce and gives physical contact details on its website. It would appear, at least to me, to be obvious that Nominet should have a policy of routinely suspending ” .uk” domain names that are being used for trading purposes where neither the website nor the “whois” entry gives current physical contact details. It should also demand such information from all new registrations. The extensions with new names and hierarchies of names are, quite frankly, much less important.   

How Nominet implements that policy is another matter – but unless and until it does so we cannot expect .uk to be taken seriously as part of the process of making the UK a trustworthy location for on-line business. More-over the 2/3 rd of Small Firms who have websites but decline to transact on line because of fear of fraud are all too rational in their choice. Given that most of the Nominet community of registrars make most of their money from providing hosting and support services to small and medium sized businesses, not from handling registrations, let alone from farming domain names, this should be a no-brainer for their finance directors.

Given all the e-mails that small firm receive from “HMRC” (and look-alikes) offering them refunds or other assistance, there is a need to link the RTI pilots to a realistic, large scale exercise to address on-line fraud, including reporting and victim support, – not just another “awareness campaign” as currently appears planned. Any such exercise should include robust “co-operation” with Nominet to identify any in the .uk supply chain who are aiding and abetting such frauds and to take action accordingly. It should also include an equally “robust” contribution from HMG (who, Cabinet Office, BIS, DCMS ?) to the Nominet Consultation with regard to the current surreal debate on the forty or so “reserved names” for the quangos being kicked off

It is bizarre that the future of a critical part of the UK Internet infrastructure should be left to an introverted group of registrars with an understandable interest in resisting change, while others appear to have an equally narrow interest in opportunity to sell new names.