Policy is limpidly clear
19 February 2015: GDS says tower model "not in line with government policy"
20 February 2015: Tower approaches in line with GDS policy, departments argue
160 posts • joined 19 Jun 2009
19 February 2015: GDS says tower model "not in line with government policy"
20 February 2015: Tower approaches in line with GDS policy, departments argue
The standard answers include:
1. National security. You want to be safe? Give us your data. Ref. Communications Data Bill and Edward Snowden.
2. Money. You want to be rich? Give us your data? Ref. Stephan Shakespeare and Nigel Shadbolt, who appear to believe that open data causes innovation.
3. Health. You want to be well? Give us your data. Ref. Tim Kelsey and care.data.
4. Social responsibility. You want to pay your debt to society that provides you with public services? Give us your data. Tim Kelsey and care.data again.
5. Tax justice. You want everyone to pay the tax they owe? Give us your data. Ref. David Gauke and the G8 initiative on tax-dodging, see HSBC passim.
6. Paedophiles. You want to eradicate paedophilia? Give us your data. Ref. David Cameron and Anonymous.
After a while you get the idea that all good things come from open data.
There might be a lingering question whether the government could have access to all data and yet still somehow fail to maintain security, expand the economy, etc ... The Child Support Agency, for example, had unrestricted access to all data on its parishioners and yet still succeeded in multiplying their misery.
"... in the information technology age, a government website really matters" – so said Liz Fisher of the UK Constitutional Law Association on 9 May 2013 at the end of a blog post about GOV.UK, which she found to be flippant.
There was no response to her criticisms from GDS. The party line, laid down on 19 July 2012 was: "Not feeding trolls is the biggest sign of the strength of our culture".
That hasn't changed, 18 February 2015: "Colleagues, not feeding trolls continues to be sound advice".
So much for understanding just how much the government website really matters.
... that we read in the Observer:
Britain's police forces are still unable to use a pan-European database of criminals, prompting warnings that this could hinder their ability to track terror suspects entering Europe ahead of the Olympics.
The UK was given access to sensitive information on criminal and policing matters held on the Schengen Information System, an EU-wide directory, in 2000, but there have been repeated technical problems ...
Experts say the database could form a powerful weapon in the fight against crime and terrorism. In the past, Home Office officials have said that connecting British forces to the system had proved impossible due to technical difficulties and "acts of God", such as a fire that destroyed vital IT equipment.
How time flies.
Faster and faster.
The Guardian reported in July 2007 that:
Interpol said last night that the UK makes just 50 checks a month of the database; France by comparison makes 700,000 checks and Switzerland makes 300,000 ...
Mr Noble [the head of Interpol] said that Gordon Brown's promise last week to share a list of potential terrorists with other countries had yet to materialize. "British citizens might be surprised to find that this watch list announced by your prime minister last week has not been sent to Interpol," he said. "Why is it that some countries make sure passengers do not carry a bottle of spring water on to a plane, yet aren't careful to ensure convicted felons aren't entering their borders with stolen passports?"
And it was just over 10 years ago in December 2004 when the BBC told us that Interpol had complained that passport numbers aren't checked on entry to the UK – Interpol has a database of 5 million stolen passports, the EU has a database of 10 million lost and stolen passports and the UK doesn't check people on entry against either of them.
Border security has been away from the UK on a long eOdyssey. Will it really come home on 13.4.15?
MacGregor told the Beeb last night that there were "grounds for doubts" about the reliability of facial recognition tech.
There's lots of evidence that the technology doesn't work, – http://www.theregister.co.uk/2009/08/14/biometric_id_delusion/ – and no evidence that it does.
Not just an invasion of privacy but also a waste of money. The police may want to be seen to be "doing something" but this is a double whammy black eye and not a feather in the cap at all (Catch-22).
Of the five identity providers that have signed a contract with the GDS, only Experian and Dutch identity management firm Digidentity have so far won accreditation.
That's what GDS keep saying but it's not true.
Accreditation is awarded by tScheme.
tScheme's list of approved services for GOV.UK Verify lists Experian only. That's one "identity provider" that has so far won accreditation, and not two.
Digidentity still appear on tScheme's list of registered applicants, along with Mydex, the Post Office and Verizon. They're all in the same boat. The unaccredited boat, not yet certified trustworthy.
These five "identity providers" applied under the old framework for GOV.UK Verify. When the new framework comes in, they'll all have to start again – the new service will start with no certified "identity providers". Or two of them, as GDS will probably say.
ElReg says: "The Tories have steadfastly stuck to its plans to reboot its mothballed Communications Data Bill, colloquially dubbed a Snoopers' Charter, if it returns to government after the General Election in May".
The Daily Telegraph says: "The Prime Minister said that the Security Services would be given the powers to read all messages sent over the internet, if the Conservatives win May’s general election".
Funnily enough, the Communications Data Bill said: "Nothing in these proposals will authorise the interception of the content of a communication. Nor will it require the collection of all internet data, which would be neither feasible, necessary nor proportionate" (please see Introduction, p.2).
Not proportionate. Not necessary. And not even feasible.
What were previously known in the science fiction/fantasy world of GDS as "identity providers" are now known as "certified companies".
All certified companies are certified by tScheme.
That's the rule.
Without that, they're not certified.
tScheme maintains a list of approved services, http://www.tscheme.org/directory/appserv.html
Digidentity are not on the list.
tScheme also maintains a list of registered applicants, http://www.tscheme.org/directory/appserv.html
That's the list with Digidentity on it.
They've applied for tScheme's seal of trust but they haven't been granted it yet.
1. The UK Constitutional Law Association certainly weren't too impressed at the advent of GOV.UK.
2. There was some internal dissent on the GOV.UK development project, please see this blog post by the brilliant Jeni Tennison. (Brilliant? She produced this – a genuine example to follow.) How was that internal dissent handled? She became external. She left and is now at the Open Data Institute.
3. Who doesn't wish they'd been a fly on the wall at the offices of Her Majesty's Revenue and Customs when the crack team of experts from GOV.UK arrived with the future in their hands and told the taxmen they couldn't ask people to "submit" VAT returns any more (Value Added Tax/Sales Tax). "Submit" is too long and formal apparently and in future people will simply "send" their VAT returns.
4. And now there are hints that GOV.UK will be the model for all local government websites in the UK as well. Consolidate. Centralise. Standardise. States' rights? There's a model to follow.
Thank you very much for your fast response tweaking. Very impressive.
Yes, I thought her picture looked funny when I tweeted her just now. Then it occurred to me that maybe ...
She show the audience a table showing the cost and reach of the new GOV.UK website which replaced the old Direct.gov.uk (as well as numerous other services run by different government departments).
That seems like as good a place to start as any.
Miss McCarthy has been misled. So has Miss Pahlka. Certainly it says on https://www.gov.uk that "this website replaces Directgov and Business Link". But that's not true. It didn't replace these two websites two years ago when GOV.UK was launched and it still hasn't today.
It's safe to try this at home.
Start at GOV.UK, search for "jobseekers allowance", click on "claim Jobseeker’s Allowance (JSA) online" and you're taken straight to Directgov. Ditto if you try to log in to "universal jobmatch". Or try applying for a provisional driving licence.
Directgov is still there and so is Business Link. Search for "contracts finder" on GOV.UK, click on "start now" and you'll find yourself on https://online.contractsfinder.businesslink.gov.uk/.
GOV.UK "replaces Directgov and Business Link"? That is just one claim made by GDS, the UK's Government Digital Service, which is not to be trusted.
The same goes for GDS's claim that digital transformation has saved £10 billion or 4% of the UK gross domestic product. £10 billion is only 0.6% of UK GDP. Most money has been saved by laying off staff or negotiating better prices from suppliers. The saving attributed to GDS is only 0.0138% of UK GDP.
That 4% claim was made by GDS at Ms Pahlka's Code for America Summit 2013. She was misled. And now she has misled Ms McCarthy, no doubt inadvertently. And now Ms McCarthy is misleading her readers.
But before this falsehood is passed on into folklore as an unquestioned truth, let's nip it in the bud, shall we.
And let's try to correct the impression anyone at the CfA Summit might have got that GDS was already operating an identity assurance scheme (IDA) for 45 million Brits. It wasn't then and it still isn't.
IDA has already taken longer to develop than the much-maligned US Healthcare system and, despite all the fashionable agile development methodologies being used, it still doesn't exist.
Some time back, ElReg carried an important medical report, Wacky 'baccy making a hash of FBI infosec recruitment efforts. The science is hard to follow but you don't think, do you, that the same problem now affects our own dear Cabinet Office?
Who can forget that 5 September 2012 press release issued jointly by BIS and the Cabinet Office (prop. F. Maude) Business leaders urged to step up response to cyber threats? That's when they wheeled in Sir Iain Lobban, the Director of GCHQ at the time, to tell the assembled chairmen of the UK's top 100 companies that they were no good at cybersecurity.
Every day, all around the world, thousands of IT systems are compromised. Some are attacked purely for the kudos of doing so, others for political motives, but most commonly they are attacked to steal money or commercial secrets. My experience suggests that in practice, few companies have got this right.
You'd better forget it now because otherwise Mr Maude's comments don't make sense. Security – particularly in the cloud – is a unicorn. A lovely idea, but it doesn't exist.
If you can't forget it, then the question is what are those dreadful bullies at GDS going to make poor Mr Maude say next? Whitehall can't afford not to use consultants?
Central and local government departments need have no fear about the security of the cloud computing services they buy from CloudStore/the Digital Marketplace.
These are underpinned by HMG's stringent Cloud Security Principles.
And suppliers demonstrate their adherence to these security principles by saying that they do:
Suppliers will complete a number of pre-defined security statements asserting how their services meet the Cloud Security Principles.
It's called "self-certification" and it worked very well in the run-up to the credit crunch when borrowers self-certified their own mortgage applications.
Funny you should mention that.
Once upon a time, in a land far far away, the theory was that all the equipment on the mobile phone networks used public key encryption for authentication. As a result, spoof radio masts, whether operated by the police or anyone else, could not be inserted into the networks. If they can be, then someone's letting them in through the back door.
Apart from his 2 July 2014 post on IDA, RIP IDA – "we're building trust by being open" with its 16 subsequent updates DMossEsq has nothing to add to Ms Fiveash's excellent and comprehensive coverage.
We already know that Mike Bracken was guilty of a number of terminological inexactitudes when he spoke to the Code for America Summit a year ago.
It is evident to all that DEFRA have no control over what's happening to them, while GDS and Experian are keeping shtum, leaving farmers with a vague notion that they're never going to be paid any CAP money ever again thanks to the popular transformation of public services.
IDA is dead. We just have to drum our fingers while we wait for it to be buried. It has richly deserved its right to be forgotten.
We know all that.
No need to repeat it.
What do you think happens to a company trying to negotiate a cloud services contract when they know nothing about the subject? They pay top dollar. That's what. And when the cloud service goes down, they're last in the queue for attention.
As the percentage of in-house IT departments closed down tends towards 100, the cost of cloud computing will tend towards or go through the roof. Bang goes the cost advantage.
Long before that happens, it will be cheaper to replace the shop and hospital IT staff you say are so hopeless with competent personnel.
It will also avoid the disappointment of discovering that the cloud suppliers' staff are just the same.
Glad you enjoyed it.
I compare cloud now with timesharing in the 70s, Comshare and GEISCO, not holiday apartments in Spain. Timesharing died. So will cloud.
– Was it Larry Ellison himself who said: "The interesting thing about cloud computing is that we've redefined cloud computing to include everything that we already do, The computer industry is the only industry that is more fashion-driven than women's fashion. Maybe I'm an idiot, but I have no idea what anyone is talking about. What is it? It's complete gibberish. It's insane. When is this idiocy going to stop?"
– D'you know, I think it was.
They do seem to be in a bit of a pickle cloudwise in Australia.
They should take a lesson from the UK, where "Cloud First" is the rule for central and local government.
And where we have the CloudStore, an on-line supermarket for cloudy products and services.
Admittedly no-one knows what "Cloud First" means and very few people have heard of it. Also, the CloudStore was meant to close down on 30 September but it's still limping along because someone can't get the replacement Digital Marketplace to work.
"Someone" is the Government Digital Service (GDS) and their advice to central and local government is "Don't procure. Commission". No-one knows what that means either.
The Government cloud programme (G-Cloud) has its own Twitter account, @G_Cloud_UK, and that's where we Brits go to find out what's happening. The Australians could usefully pay a visit.
Cloud computing depends on trust frameworks. Everyone knows that. Then a few months ago Chris Chant started Tweeting on @G_Cloud_UK about how trust can never be achieved, what you really need is truth. "24hrs to go" he said on 30 July 2014, "until @RainmakerCXO totally disrupts UK Cloud security capability. Truth better than trust. truth.rainmaker.solutions @G_Cloud_UK".
It wouldn't matter what he says if it wasn't for the fact that he's the principal architect and advocate of G-Cloud. And what he's saying is that you're wasting your time holding out for trust. What you need is GuardTime, an Estonian product marketed by Rainmaker Solutions. Let the Australians take note.
Some of us Luddites are a bit anti-cloud.
It's something to do with the OECD saying "cloud computing creates security problems in the form of loss of confidentiality if authentication is not robust and loss of service if internet connectivity is unavailable or the supplier is in financial difficulties ...". And ENISA saying about cloud that "its adoption should be limited to non-sensitive or non-critical applications and in the context of a defined strategy for cloud adoption which should include a clear exit strategy ...". (ENISA is the EU's Network and Information Security Agency).
What with that and Kim Dotcom and Edward Snowden and Bruce Schneier, it's a relief to see that local goverment in the UK is generally forswearing the cloud.
The other day, a journalist tried to snap these fuddy-duddies out of the 18th century and wrote "Council IT teams overstating cloud security concerns". But he didn't really mean it and was last seen on @G_Cloud_UK asking "why is cloud any less secure than a server sitting under a desk?".
Then yesterday, when Bruce Schneier's #IPExpoEurope comments on the cloud were reported – "We’re losing control of our data because of the cloud" – the CEO of Omnis Systems leapt to the cloud's defence on @G_Cloud_UK: "Actually it's because of public #cloud hosted in other countries. Host them in UK/EU & you'll have no issues" before adding 17 minutes later "#Cloud is not safer or cheaper for many use cases but it sounds good so who cares, they say".
That shared understanding of the cloud that we have in the UK, the confidence in its security, that's what Australia needs. Just ask that lady whose pictures were leaked the other day. She'll tell you.
Renew-a-tax-disc always has worked really well, ever since the web facility was introduced in 2006, eight years ago, five years before GDS sprang into existence.
Are you trying to suggest that because the site worked for you yesterday it isn't really down today?
... that's what Oliver Morley said the other day. He's the Chief Executive of DVLA and he should know. What users are experiencing now is not an outage. It's a bedrock.
Further, as you know, the great virtue of using the cloud is that capacity expands instantly to meet demand. As demonstrated in this case.
Who runs taxdisc.service.gov.uk? NSLookup says the IP address is 18.104.22.168. And RIPE says that belongs to Energis UK in Watford.
There are at least two Labour Party digital manifestos.
The one Andrew Orlowski cites is by Jon Cruddas.
Then there's the one by Chi Onwurah which hasn't been published yet.
While we wait for Ms Onwurah's, let's remind ourselves of some of Mr Cruddas's obiter dicta. These are taken from a speech he gave at the Royal Society of Arts, Radical Hope, where he was channelling the thoughts of a consultant he approached, Plenty Coups, great chief of the Crow Indians (Native Americans). He says:
• Our welfare state is ill-equipped to deal with modern social evils like loneliness and the loss of community.
• Our health service is struggling to cope with the rise of chronic illnesses like depression, obesity and diabetes, and we literally lack a proper system of care for our growing elder population ...
• Our present model of education rewards conformity in pursuit of a narrow, logical and mathematical form of intelligence. It fails far too many children and it reproduces the power of the already privileged. It is wasteful of our most important economic resource which is human ingenuity ...
• The future represents a powerful challenge to my party. Historically, our instincts have too often been to centralize, conform and control. To shape the future of our country we in Labour know that we have to do things differently.
That's the problem.
And the solution Mr Cruddas proposes, him and the old Crow, is digital government.
Deploy digital government, and the buffalo will come back.
"I've always been ready to admit I'm on the romantic and conservative side of socialism" says Mr Cruddas, "one that values the local, the parochial and the magical as sources of political agency and power".
Ms Onwurah's manifesto, we may radically hope, will rely less on magic.
Armed with our free 1Gbps broadband I see that we are to have on-line voting in local and general elections, please see paragraphs 80 and 81.
This will ensure that the result of elections is not determined by the voters but by the body with the greatest hacking ability.
Not all that democratic but achingly fashionable.
Can't help you there, sorry, Spine 2 will have to remain the object of confusion.
What is certain is that GDS released their application-to-register-to-vote system with no identity assurance worthy of the name. They've been promising identity assurance for years. If democracy is your bent, then further assistance with authentication of the electoral roll is quite an attractive prospect. But no, it was too much for them. No identity assurance.
A. Several senior members of the industry have declared that IT trust can't be achieved. Acknowledge that fact, they say, take it on board, digest it and give up the hunt. You won't find a world-leading trusted domain and you can't become one. Because they don't exist.
Stop wasting your time bashing your head against the wall and try something else – truth.
B. "Truth, not trust". That's their motto. The truth is revealed, according to them, by using products/services from Rainmaker Solutions.
They could well be right about A. Which would leave the Czar with the same clothes as the emperor. As to B, you tell me.
No, a Sony Xperia. Restarting it involves taking the back cover off and jamming a 2" No.8 into the reset hole.
At a computer expo (COMDEX), Bill Gates reportedly compared the computer industry with the auto industry and stated: "If GM had kept up with the technology like the computer industry has, we would all be driving $25.00 cars that got 1,000 miles to the gallon."
In response to Bill's comments, General Motors issued a press release (by Mr. Welch himself) stating:
If GM had developed technology like Microsoft, we would all be driving cars with the following characteristics:
1. For no reason at all, your car would crash twice a day. [Rather like my Android smartphone]
2. Every time they repainted the lines on the road, you would have to buy a new car.
3. Occasionally, executing a manoeuver such as a left-turn would cause your car to shut down and refuse to restart, and you would have to reinstall the engine. [Rather like my Android smartphone]
4. When your car died on the freeway for no reason, you would just accept this, restart and drive on. [Rather like my Android smartphone]
5. Only one person at a time could use the car, unless you bought 'Car95' or 'CarNT', and then added more seats.
6. Apple would make a car powered by the sun, reliable, five times as fast, and twice as easy to drive, but would run on only five per cent of the roads.
7. Oil, water temperature and alternator warning lights would be replaced by a single 'general car default' warning light.
8. New seats would force every-one to have the same size butt.
9. The airbag would say 'Are you sure?' before going off.
10. Occasionally, for no reason, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key, and grabbed the radio antenna. [Rather like my Android smartphone]
11. GM would require all car buyers to also purchase a deluxe set of road maps from Rand-McNally (a subsidiary of GM), even though they neither need them nor want them. Trying to delete this option would immediately cause the car's performance to diminish by 50 per cent or more. Moreover, GM would become a target for investigation by the Justice Department.
12. Every time GM introduced a new model, car buyers would have to learn how to drive all over again because none of the controls would operate in the same manner as the old car.
13. You would press the 'start' button to shut off the engine.
"Truth, not trust" is a slogan that Chris Chant and Tim Hanley have been spraying around @G_Cloud_UK for the past two months or so.
What they mean is that it is impossible ever to achieve trust in the cloud.
Far better, they say, to go for truth, by which they mean some incontrovertible way of knowing that your data in the cloud has been changed or stolen.
How do you achieve that? By hiring Rainmaker, a consultancy promoted by Chant and Hanley.
And how will Rainmaker help? By deploying Guardtime, an Estonian product that uses some keyless authentication product.
Having these two point out that you can't trust the cloud doesn't seem to worry Tony Singleton, the head of G-Cloud. He's never bothered to deny their allegations.
But it may worry G-Cloud's prospective customers, whether they're buying from CloudStore or the Digital Marketplace.
Cloud computing goes up in smoke
See Brian Krebs:
(a) Experian Sold Consumer Data to ID Theft Service, http://krebsonsecurity.com/2013/10/experian-sold-consumer-data-to-id-theft-service/
(b) Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records, http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/
And it's not just the FTC taking an interest but the Congressional Committee on Commerce, Science, & Transportation, too, http://www.commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=a5c3a62c-68a6-4735-9d18-916bdbbadf01&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a
On 16 June 2014, 19 days time, Mr Hieu Minh Ngo will be sentenced in a court in New Hampshire, having already been found guilty of 15 charges related to identity fraud, http://krebsonsecurity.com/wp-content/uploads/2013/10/NgoIndictment.pdf
He conned personal data out of Experian for months and his scheme only came to an end when the US Secret Service told Experian it was happening. The new Hampshire judge may have a few choice words for Experian, as well as Mr Ngo.
Which has nothing to do with us over here in the UK, of course, we don't have "data brokers", we have "credit referencing agencies", that's quite different.
Experian is one of the Government Digital Service's five remaining "identity providers" on whom their invisible identity assurance scheme depends. Nothing to see here, http://www.dmossesq.com/2014/03/rip-ida-16-june-2014.html
Barriers to entry deprive society of the fruits of innovation.
What fruits of innovation?
Mr Shakespeare doesn't tell us in his report.
He appeared in front of the Public Administration Select Committee with Professor Sir Nigel Shadbolt on 22 October 2013. You can watch them performing here. But you still won't find out what it is we're missing.
Professor Sir Nigel is chairman and co-founder of the Open Data Institute, of course. The ODI think that open data will lead to all sorts of valuable innovative apps. Although they haven't said which apps those will be yet, nor how valuable.
He's also chairman of the midata programme. That's an initiative of the Department for Business Innovation and Skills. They want us all to have personal data stores (PDSs). PDSs will empower us, apparently, and they will help us stupid people to make rational lifestyle decisions and, what's more, they'll make the economy grow. How? By creating an enormously valuable industry of innovative apps, obvs.
What innovative apps?
Glad you asked.
Professor Sir Nigel set up the midata Innovation Lab (mIL). mIL were let loose, like innovation tigers, and they produced five prototype apps. The Prof was so pleased with these prototype apps that he said they would allow us to "get to the future more quickly".
"Prototype", here, by the way, means "not really apps, you can't buy them". Take a look at them. They're just like all the other apps you can already buy on Google Play and the iTunes App Store and the Windows Phone store. There's nothing innovative about them at all. They are not Professor Sir Nigel's HS2 to the future.
So what are we missing? What innovation is society being deprived of by barriers to entry? Answer, stuff you can already buy in the market for once-off prices like 69p.
Therefore there was nothing wrong with selling the PAF along with Royal Mail.
Sure Don, let's see.
If and when they start charging let's see if we can guess whether charges would have been imposed if the company had still been owned by the Secretary of State for Business Innovation and Skills. The way they are for accessing Companies House data, for example.
Now there's a country that understands barriers to entry.
Mr Shakespeare is a very generous man. He thinks the PDG data should be given away for free. Charging for it is a barrier to entry.
A lot of data is managed by Companies House, the Land Registry, the Met Office and Ordnance Survey. These four together are apparently known as the "Public Data Group" or "PDG" for short.
Admittedly, Mr Shakespeare's generosity would cost us a bit. Currently the Exchequer earns millions of pounds a year by charging for PDG data. That hole would have to be plugged somehow but, according to Mr Shakespeare: "As government would no longer need to purchase the [PDG data] itself, the direct loss to the Exchequer on an annual basis is in the order of £143 million ... It seems a straightforward decision to invest £143m to make Trading Fund data widely available is a relatively small price to pay to leverage wider economic benefits far exceeding this by orders of magnitude".
It seems ... straightforward ... relatively small price to pay ... leverage wider economic benefits ... orders of magnitude ...
It may seem that way but just how straightforward is this investment decision really? Is that a relatively small price or a relatively big one? How many orders of magnitude?
He must know the answer, mustn't he, otherwise he wouldn't have written that on p.30 of his report.
The strange thing is that he also writes on p.30 that: "Forecasting future benefits is also hard to predict. How businesses and individuals might use datasets in the future to generate new products and services and by implication impact economic growth, is equally unknown".
What we seem to have here is a straightforward guess leveraging several orders of magnitude of hope.
Those barriers to entry.
Set them higher.
Meanwhile, you can kind of see a certain hard-headed logic in selling Royal Mail with its PAF intacta.
One of the arguments against charging for large-scale access to PAF is that the cost represents a barrier to entry.
That's supposed to be a bad thing. What do we know about barriers to entry? We don't like them.
What's wrong with barriers to entry? They deprive society of the fruits of innovation.
That's the line taken by Stephan Shakespeare in his report, An Independent Review of Public Sector Information.
Mr Shakespeare is the founder and global CEO of YouGov, the polling organisation. As you might imagine, he thinks you can find out the truth by polling people. Looking at health care data, for example, he says: "70% ... of total respondents think that we should make public all that we can about our health care system ...".
Convinced? Are you happy that giving away health care data is the right thing to do because 70% of respondents to a YouGov poll said it is?
Before you make your mind up, consider this.
Mr Shakespeare conducted not one but two polls and 18% of respondents in one poll said they were "highly informed" on data issues and in the other poll that figure was 4%. A fuller conclusion might therefore be this: "Between 82% and 96% of people asked said they didn't know what they were talking about but nevertheless 70% of them think that we should make public all that we can about our health care system so we should".
Sometimes you can't help thinking the barriers to entry should be set a bit higher.
Those rapacious private sector companies, they really know how to exploit us poor innocent consumers. I just took a look at Royal Mail's find-a-postcode site and you know what they told me? "You can still do 50 more [free] searches today." Heartless.
We should remember the Behavioural Insights Team's magnificent contribution to the soaraway success of midata, the Department for Business Innovation and Skills initiative to empower the consumer and make the economy grow.
Back in 2012 BIT and BIS jointly published a review of midata and a consultation document. Based on the results of which Whitehall legislated to make compliance statutory.
It is that crucial insight that if you want people to behave in a certain way then passing a law is probably the best way to proceed that NESTA are buying, with money that would otherwise finance mere innovation.
I am often asked about the genealogy of behavioural psychology. There is no doubt that the discipline owes everything to King Canute and his understanding of the behaviour of the sea.
"... Also the humility to realise that incumbent civil servants might know something about how complex the requirements really are ... Sadly their default starting position in any conversation I've had with them has always been, "We know how to do this better than you. So, what is it that you do?"
Frankee Llonnygog @ Thursday 12th December 2013 09:26 GMT: GDS consistently alienate the people they're supposed to be working with. People who know how to build and maintain big systems that cannot be replaced with Rails. GDS walk in with the attitude of "we know how to do your job better than you" and "we know what your requirements are".
Anonymous Coward @ Thursday 12th December 2013 17:27 GMT: They are keen to tell their client what to do and pay scant regard to business requirements or needs.
See for example GDS's blog post Submitting to the language of users:
Plain English is mandatory for all of GOV.UK. This means we don’t use formal or long words when easy or short ones will do.
For example, we normally talk about sending something (whether online or in the post), rather than ‘submitting’ it. This is short, clear and unambiguous. It’s also listed in the Plain English Campaign’s A to Z of alternative words.
We’ve recently been working with HMRC on moving VAT content to the ‘mainstream‘ (services and information for citizens and small businesses) part of GOV.UK. In the first draft, we used the plain English ‘sending your VAT return’ across all of this content.
However, our HMRC colleagues felt very strongly that we should change this back to ‘submit’ to match the terminology used on the HMRC website, as this is ‘used frequently and known by VAT businesses’.
GDS were trying to tell HMRC that they shouldn't talk about "submitting a VAT return". In their informed opinion the correct locution is "sending a VAT return".
This must be the very exemplar of prattish inanity.
In what sense can GDS be said to be "helping" HMRC?
The word "submit" is too long and formal, is it? Then how come it occurs several hundred times on GOV.UK? (Enter "submit" in the Search box and start counting.)
... it ain't GDS's fault that they've got no data ... Their end of the work has met expectations and has been forced to sit there waiting for useful data to be fed into it ...
Your case would be stronger if you gave some examples.
Here is a counter-example.
GDS took part in a so-called "data-mining" exercise to identify eligible voters in GB elections who haven't registered. The exercise was reported on in the Electoral Commission's Data mining pilot – evaluation report July 2013.
GDS were given data by the Student Loans Company (SLC) among others to match against local electoral rolls. According to the Commission: "There seemed to be issues with the addresses on this data being incomplete. Only one pilot area reported usable results for this database and they found that nearly a third of the addresses were quite clearly incomplete. SLC informed us that the addresses they provided to GDS were complete, so it seems that these issues may have arisen in the matching process, although we are unable to say for certain" (p.7).
The Commission's report is a 134-page catalogue of problems like that with GDS being repeatedly criticised for their end of the work not meeting expectations and the exercise was declared a failure: "The findings from this pilot do not justify the national roll out of data mining".
J Arthur's bellhop couldn't find me on 12 December 2013.
Not surprising. I've been following a punishing schedule of Christmas celebrations.
Was that the day I went for a bicycle ride with Tom Loosemore, Tony Singleton and William Heath? Was it the day Nigel Shadbolt picked me up in his Maserati and, together with Stephan Shakespeare and Craig Belsham, we went for a spin round Cowes in his boat? Or was it the day ex-Guardian man Mike Bracken invited me and a couple of satisfied customers from DWP, HMRC and the Electoral Commission round to Aviation House for a glass of paraquat?
I can't remember.
I'm no tax expert, so don't ask me how that applies to subsidiaries of Amazon that don't have a presence in the UK
See CFCs, permanent establishment, tax residence, thin capitalisation, every combination of double tax treaty and, as you mention, transfer pricing.
The NAO must of course abide by the procurement rules.
Equally, as auditors, they have a duty of care. They must keep their clients' data confidential. Handing that data over to a third party and storing it beyond the jurisdiction of English law makes it hard to guarantee confidentiality.
Next time the NAO want to investigate DWP, or whoever, there might be an objection that the NAO can't guarantee to keep the data revealed to them confidential. DWP, or whoever, might refuse to co-operate with the investigation on that basis, and so contracting with AWS, however indirectly, might mean the NAO can't do its job.
Incidentally, it's not just the NAO of course. Consider, for example, Halarose Ltd, who have contracts with 80 local authorities in the UK to maintain their electoral rolls. Where is the data stored? With AWS, in Ireland. Under who's control?
Given that AWS have no – that's no – servers in the UK, how come they're allowed on G-Cloud's CloudStore, where all the customers owe a duty of care to keep our data safe, confidential and under their control?
It's an old saying, a bit of a cliché, but worth repeating – the the only time you're really safe is when CloudStore's down which, recently, has been quite a lot.
... you is more like an Amazonian astrosurfer, whereas Spartacus was Kirk Douglas (né Issur Danielovitch Demsky) from nowhere near the Amazon.
... from Stephen Fry, http://www.dmossesq.com/2013/10/cloud-computing-and-sizzling-stephen-fry.html
Only he can provide the historical perspective and the technical grasp of evocon (evolutionary economics) which Amazon so obviously possess and which has eluded IBM in the first 100 years of its existence.