People & Science

A publication of the British Science Association

21/12/2014

Show me content for... +

Show me content for...
Events
Resources
Volunteers
Teachers
Professional development
Families & teenagers (aged 12+)
Families (children aged 12 & under)

Donate

register

Register with us and you can....

  • Sign up to our free e-communications
  • Become a member of the Association
  • Create your own web account, & post comments
  • Be part of British Science Festival
  • Save your favourite items

Register

Keep up to date with the latest news from the British Science Assocation. Sign up to our RSS feeds and take us with you when you are on the move.

You are here

Digital by Default

In November 2012, the government published its digital strategy, setting out how it would become digital by default. That's its aim for public services, whether we’re applying for an apprenticeship or a student loan, finding out more about a property, transferring the ownership of a car, or managing our tax affairs - and a whole lot more.  Here, Martyn Thomas, William Heath and Kevin Seller lay out their hopes and fears for the strategy.

Trouble ahead

Martyn Thomas foresees problems.

To make Digital by Default work, government services need to build in strong security.  There are some worrying signs of trouble ahead.

Website quality

The quality of current government websites is variable. DVLA, for example, seems to work well with a wide variety of software, whereas someone trying to claim Disability Living Allowance for a child, online, is confronted by a page that explains:

Martyn Thomas foresees problems.

To make Digital by Default work, government services need to build in strong security.  There are some worrying signs of trouble ahead.

Website quality

The quality of current government websites is variable. DVLA, for example, seems to work well with a wide variety of software, whereas someone trying to claim Disability Living Allowance for a child, online, is confronted by a page that explains:

The service was designed to work with the following operating systems and browsers. Many of these are no longer available…

You are likely to have problems if you use Internet Explorer 7, 8, 9 and 10, Windows Vista or a smartphone..

If you use browsers not listed below, including Chrome, Safari or Firefox, the service [may] not display all the questions you need to answer. You may wish to claim in another way.

In other words, to apply for this benefit online you must have a computer that is several years old and that has not been updated to fix many known security problems, contrary to all sensible cybersecurity advice. The website is not fit for purpose.

Security

There must be a secure way for users of services to identify themselves online.  The Government Digital Service has published a Good Practice Guide on Identity Proofing and Verification (IPV) that lives up to its name but cannot get round the dilemma that usability and security pull in opposite directions. If you need to be very sure that an on-line user is the person they claim to be, then you need to carry out a range of checks that may make the service difficult to use.

Exposure or corruption of sensitive personal data may risk serious injury to one person and only be inconvenient to another. Should the service be designed to satisfy the highest risks, even if that means using IPV procedures that are expensive, highly inconvenient for most citizens and reduce the take-up of the digital service? Testing alone can never guarantee security. How can citizens be certain that their sensitive data is secure?

‘Anonymised’ data

Politicians and civil servants often suggest that it is safe to make personal data that departments have collected available to others once it has been anonymised. This is at best naïve and at worst fraudulent.

If the ‘anonymous’ data contains enough information about an individual for it to be useful commercially or for research, then it will often be possible to re-identify the individual by comparing the data with other available datasets.

So Digital by Default is a great aspiration but delivering it is far harder than it may appear, and the most likely outcome is a flawed implementation followed by very damaging security breaches.

Personal security is possible

William Heath explains how.

One route the government has chosen for future ID assurance is Mydex, a social enterprise community interest company based in the Young Foundation. Mydex provides personally encrypted online data stores free to individuals, and a technical and legal trust framework within which individuals can acquire and redeploy all sorts of personal data.

Crucially, this includes proofs to claims, such as having a driving licence, paying council tax at a specific address, having a passport or bank account.

William Heath explains how.

One route the government has chosen for future ID assurance is Mydex, a social enterprise community interest company based in the Young Foundation. Mydex provides personally encrypted online data stores free to individuals, and a technical and legal trust framework within which individuals can acquire and redeploy all sorts of personal data.

Crucially, this includes proofs to claims, such as having a driving licence, paying council tax at a specific address, having a passport or bank account.

This means that individuals can acquire evidence of relationships and trustworthiness as a normal part of engaging in online life. They can then sign on to services securely, receive structured data of all sorts at no cost, and personalise services without compromising privacy.

Midata and Mydex

ID assurance requires that individuals present themselves for online public services with an identity token or proof provided by a third party such as Mydex. The BIS Midata policy - backed by the new Enterprise Reform Act 2013 - requires that regulated industries such as banks, phone companies or utilities be ready to give individuals their customer data back in a common structured format.

Of course, a business can't be sure it's giving the data back to the right customer without some form of ID assurance or secure login. And as banks and utilities start to provide structured data back to customers it's a small step for them to sign it such that it in turn becomes the proof required for ID assurance.

Similarly government passport and licensing services are moving to provide electronic counterparts of their paper licences and certificates. This brings about the digital counterpart of what we used to do in providing paper bank statements and utility bills.

Trust framework

The missing link is the personal data store controlled by the individual, and to which only the individual has the key, operating in a trust framework so sharing is controlled by technology and contract law.

That's what Mydex CIC does. It gives the individual a unique, personally encrypted data store to which only the individual sets the combination lock.

Trusted, protected online relationships will save people time and the Exchequer vast sums. An organisation and an individual can share a two-way encrypted connection for a decade at the same cost to the organisation of sending a single letter.

There are plenty of valid priorities for public expenditure. The crippling costs of organisation-centric or even Victorian era information logistics are not among them.

The Post Office can deliver

It’s ideally placed, argues Kevin Seller.

We think that the Post Office should play a central role in helping the government deliver its Digital by Default agenda.

More than nine out of ten people in the UK population live within one mile of a Post Office, and almost 20 million customers visit a branch every week. Our network, at around 11,800 branches, is larger than the banks and building societies combined.

It’s ideally placed, argues Kevin Seller.

We think that the Post Office should play a central role in helping the government deliver its Digital by Default agenda.

More than nine out of ten people in the UK population live within one mile of a Post Office, and almost 20 million customers visit a branch every week. Our network, at around 11,800 branches, is larger than the banks and building societies combined.

The Post Office already plays a crucial role in providing the public with access to key services and supporting government to reduce the cost of delivering services. We handle, for example, 1.4 billion transactions that include managing nearly three million passport applications, 20 million motoring service transactions and three million Post Office Card Accounts.

Support for customers

One of the key challenges is to ensure that the 16 million who are not online, or lack the confidence or skills to transact online, are not left behind. Many of these people are some of the most vulnerable members of society, with complex needs and high levels of dependency on government support.

They are intensive users of public services. The extensive Post Office branch network and the trust people place in it offer the opportunity to support all these people to ensure universal access to services.

We can help these people access the service they require by providing in-branch assistance, for example through practical advice and assistance.  We can support those elements of a transaction that cannot be completed on-line, for example high-level identity verification and assurance.  We can also remove paper from the system by converting face-to-face transactions into digital form, and sharing directly with government back office.

Ongoing assessment

After the transaction is completed, the Post Office has the potential to assess the support these customers need to access the services independently the next time. The Post Office, for example, is already able to signpost customers to their nearest free or low-cost internet access and training.

The Post Office is a Founder Partner of Go ON UK, the UK’s Digital Skills Alliance, chaired by Baroness Lane-Fox. Its purpose is to inspire and support individuals and organisations that want to share their digital skills with others. And so the Post Office is ideally placed, working alongside our partners, to ensure our customers get the help they need to use government digital services independently.

Dr Martyn Thomas
Dr Martyn Thomas is a Vice-President of the Royal Academy of Engineering
William Heath
William Heath is an entrepreneur and chairman of Mydex CIC mydex.org
Kevin Seller
Kevin Seller is head of government services of Post Office Ltd.
Join the debate...
Log in or register to post comments