Articles

Apr 30, 2019 ∞

Government as a Platform, the hard problems: part 3 – shared components and APIs

“Unix philosophy”, Wikipedia, [en.m.wikipedia.org/wiki/Unix...](https://en.m.wikipedia.org/wiki/Unix_philosophy)

2. Peter H. Salus, “A Quarter-Century of Unix”, 1994

3. U.S. Department of Veterans Affairs, “VA API Platform”, https://developer.va.gov

5. India Stack, describes itself as “a set of APIs that allows governments, businesses, startups and developers to utilise an unique digital Infrastructure to solve India’s hard problems towards presence-less, paperless, and cashless service delivery.”, IndiaStack, “What is India Stack?”, https://indiastack.org/about/

6. U.S. General Services Administration, ‘’Products and Platforms”, https://handbook.18f.gov/products-and-platforms/

7. HM Government, “Design and build government services”, https://www.gov.uk/service-toolkit#gov-uk-services

8. Team Digitale, “Projects”, [teamdigitale.governo.it/en/projec...](https://teamdigitale.governo.it/en/projects.htm)

9. According to the 2019 Whitehall Monitor report, the UK’s messaging platform GOV.UK Notify was in use by 459 public-facing services across central and local government. GOV.UK Pay was in use by 51 services. Not all those would have replaced existing systems, but it illustrates the potential for removing duplication. Institute for Government, “Whitehall Monitor 2019", https://www.instituteforgovernment.org.uk/publication/whitehall-monitor-2019/digital

10. Jason Del Ray, “Amazon’s massive AWS outage was caused by human error”, 2nd March 2017, https://www.recode.net/2017/3/2/14792636/amazon-aws-internet-outage-cause-human-error-incorrect-command

11. Amazon, “Summary of the Amazon S3 Service Disruption in the Northern Virginia (US-EAST-1) Region”, https://aws.amazon.com/message/41926/

12. Google Cloud Platform, “Google Cloud Networking Incident #18012", https://status.cloud.google.com/incident/cloud-networking/18012

13. Government Digital Service, “Incident roundup – August 2018", Inside GOV.UK, 3rd April 2019, https://insidegovuk.blog.gov.uk/2019/04/03/incident-roundup-august-2018/

14. Cost recovery is not an ideal way to fund platform development because the cost per-transaction declines over time as more users use it. That means the cost is highest for early users. Cost recovery may also be too high a bar for low-frequency users. Because of central funding, the GOV.UK Notify messaging platform, for example, was able to serve more users, as they are able to offer the service free to the majority of users.

15. National Informatics Centre, “Frequently Asked Questions | National Cloud of NIC”, https://cloud.gov.in/faq.php

16. “GOV.UK Notify – Features”, https://www.notifications.service.gov.uk/features

17. Mike Bracken, “Argentina just made driving licences digital”, Public Digital blog, 12th February 2019, https://public.digital/2019/02/12/argentina-just-made-driving-licences-digital/

18. “VA’s Benefits Intake API”, YouTube, https://developer.va.gov/explore/facilities

19. Bryan Glick, “GDS is ‘sidelined’ and government as a platform ‘is dead’, says Francis Maude”, Computer Weekly, 14th September 2017, [https://www.computerweekly.com/news/450426316/GDS-is-being-sidelined-and-government-as-a-platform-is-dead-says-Francis-Maude]

20. Goods and Services Tax Network, “About Us”, https://www.gstn.org/about-us/

21. Please do not read this as an argument that government platforms need to be operated by non-profits. It is, however, an example of a novel institutional response.

22. There are examples of international cooperation, which we’ll return to later.

Apr 11, 2019 ∞

Project update — April 2019

A reminder

My name is Richard Pope and I’m a senior fellow at digitalHKS. digitalHKS is focused on understanding the relationship between digital technology, data, and rights as it relates to the public interest. It’s based at the Belfer Center for Science and International Affairs.

The focus of my work is ‘digital platforms in government’ aka Government as a Platform. The aims of the work are:

Give digital service units resources to help them build good platforms
Test ways of explaining the value and implications of digital platforms to politicians and policymakers
Identify the important parts of platform government and develop a common language for talking about it
Start a conversation about the institutional, societal and democratic implications of digital platforms in government and beyond

Interviews

I’ve interviewed about 35 people since September, including people from digital service groups (including Argentina, Canada , Estonia, Germany, India, Peru, Singapore, UK and the USA); people working on platforms in the private sector (Google Android, Amazon, Akamai and others); and people working at next-generation government suppliers.

The aim of those interviews was to gather material for the government platforms playbook, which will include examples from those interviews (I’ll be getting back in touch with interviewees soon for consent to use particular examples).

I’ve also published one interview transcript in full: a chat with Will Myddelton, who worked on the UK Government as a Platform programme as the lead user researcher.

To do: publish more transcripts; more interviews focused on data infrastructure; add examples to playbook.

Playbook

The Government Platforms Playbook will provide some guidance for people working in government to help them think about the development of platforms. So far, I’ve published drafts of two sections:

(Caveat: these early drafts!)

You can see the proposed table of contents here. (Although I think that is likely to change somewhat). I’ve been using the Electronic Book Works tool to publish, so eventually, it will be available as a website, PDF and various ebook formats.

To do: test draft chapters and the table of contents with users (suggestions welcome for organizations to test with); write the rest of the sections!

Government as a Platform, the hard problems

We know a bit about how to develop platforms from the private sector. But what, if anything, is unique about the government context? Which bits are hard for technical reasons, and which bits are just plain hard? I’ve started writing a series of seven articles to explore these questions.

To do: write the rest of the articles!; publish as an ebook?

Other long-form writing

In addition to the playbook, I’ve been writing longer form pieces on the subject of platforms:

Data-sharing in government: why it’s time for a new social contract
Street lighting in suburban London: a parable for digital government
Digital proofs
Platforms for government? Platforms for society?
Digital service standards and platforms
There will also be an article in the Kennedy School Review co-authored with David Eaves and Ben McGuire being published soon.

Next steps: 3 x more articles to come; look for external publications with appropriate audiences to write for.

Definitions and shared language

I’ve arrived at the following as the working definition of government as a platform:

Reorganizing the work of government around a network of shared components, open APIs, open-standards and canonical datasets, so that public servants, businesses and others can deliver radically better services to the public, more safely, efficiently and accountably.

The aim was to arrive at a definition that can help digital service units who are beginning to think about platforms to make better decisions. Does this project we are starting really fit as part of government as a platform?”, “Is that smart-city-blockchain-widget Consultancy X is trying to sell really going to help?” or “how should we measure the impact of this work?”. etc.

I had hoped to publish some more definitions and diagrams alongside this, but didn’t quite manage to get around to it before sending this. When they are ready, they will appear here.

This is an emerging area, so I started the Platform Land newsletter as a way to document what’s happening around the world. Every two weeks, it lists key developments, links to relevant projects and summarises related articles and academic papers.

So far it has just over 300 readers, and (based on the people who have been in touch) includes a good mix of senior policy people and digital government practitioners from both the public and the private sector. People have said nice things about it, including:

“Helping to fill that gap [in policy and technology choices around digital identity and infrastructure], as Platform Land is doing, is a serious global public service”
“Oh wow the PlatformLand newsletter is terrific and basically unique.”

You can see the archives here.

To do: keep going; grow readership; write-up workflow.

Mapping platforms

To understand a landscape it’s useful to have a map. In an effort to understand what different governments are doing, I’ve started curating lists of three types of things:

The datasets are available under a Creative Commons Licence for others to use and are published on GitHub so other people can contribute. So far there have been contributions from the UK’s Government Digital Service and Italy’s Team Per La Transformazione Digitale.

In the long-run, I think there’s value for government digital teams, and for academics, to compare approaches in different countries. e.g. I used the list of service standards to create a custom search engine, so you can see what different countries say about things like open source. And that was really useful in writing this article about digital service standards and platforms.

To do: add more data (hopefully this will become the focus of a research assistant); create country-based case studies.

Presentations and teaching

I’ve done 5 presentations, broadly on the subject of platforms, at Harvard to different audiences. These have included the Civic Analytics Network (a national peer network of urban Chief Data Officers) and the Social Innovation and Change Initiative (which was a great discussion with Chris Kuang).

In addition, I’ve taught a class as part of David Eaves’ Digital Service Units course.

Finally, I’ve published reading lists for key subject areas that relate to platforms. Students from India and Ukraine have been in touch to say they are useful.

To do: publish a write up of some of the talks; present at the UK government API conference; add more reading lists.

Apr 11, 2019 ∞

Government as a Platform, the hard problems: part 2 — The design of public-facing services

Tom Loosemoore, “Making government as a platform real”, Public Digital blog, 25th September 2018, http://public.digital/2018/09/25/making-government-as-a-platform-real/ This article includes screenshots of a prototype of a single service for starting a company in the UK
Angelica Quicksey, “Service Design for Public Policy”, Medium, 29th September 2018, https://medium.com/@angelquicksey/service-design-for-policy-b0a9408dced1
Bryan Glick, “GDS is ‘sidelined’ and government as a platform ‘is dead’, says Francis Maude”, Computer Weekly, 14th September 2017, https://www.computerweekly.com/news/450426316/GDS-is-being-sidelined-and-government-as-a-platform-is-dead-says-Francis-Maude Maude said attempts to build new central functions to coordinate across departments — such as GDS — were thwarted by “mandarins” and “heavily resisted by the HM Treasury”. “For much of the mandarinate this was an assault on their autonomy and empires, and what we know about empires is that they fight back — and boy, are they fighting back,” he said.
There are examples of services that are operated in partnership today, such as the UK public library system, where central and local government share accountability for the service, but the service delivery is still local.
Aneesh Chopra and Nick Sinai, “Wholesale Government: Open Data and APIs”, Medium, 9th April 2015, https://medium.com/@ShorensteinCtr/wholesale-government-open-data-and-apis-7d5502f9e2be
Lindsey Smith, “Booking campsites on Recreation.gov is a mess. Here’s the solution”, San Francisco Chronicle, 4th march 2019, https://www.sfchronicle.com/travel/article/Recreation-gov-is-a-mess-Here-s-the-solution-13655884.php A recent example is recreation.gov, which has a public facing website for finding and booking campsites and tours on federal land. It also has an API that is used by commercial websites to do the same thing. (I think this article is a bit unfair on the government run website)
Justin Elliot, “Congress Is About to Ban the Government From Offering Free Online Tax Filing. Thank TurboTax.”, ProPublica, 5th April 2019, https://www.propublica.org/article/congress-is-about-to-ban-the-government-from-offering-free-online-tax-filing-thank-turbotax
Christoph Raetzsch, Gabriel Pereira, Lasse S Vestergaard, Martin Brynskov, “Weaving seams with data: Conceptualizing City APIs as elements of infrastructures”, 10th February 2019, Big Data & Society, https://doi.org/10.1177/2053951719827619
“2018 State of DevOps Report”, https://puppet.com/resources/whitepaper/state-of-devops-report/thank-you The State of Devops 2018 report found that even relatively low performing organizations update their online services weekly or monthly, and the better performers deploy changes hour-by-hour
David Eaves and Ben McGuire, “Part 2: Proposing A Maturity Model for Digital Services”, Medium, 7th September 2018, https://medium.com/digitalhks/part-2-proposing-a-maturity-model-for-digital-services-9b1d429699e7
Interview
Anais Reding, Chris Pinder and Kaz Hufton, “How Government as a Platform is making things better for users” Government as a platform blog, 13 March 2018, https://governmentasaplatform.blog.gov.uk/2018/03/13/making-things-better-for-users/
Mike Bracken, “Argentina just made driving licences digital”, Public Digital blog, 12th February 2019, https://public.digital/2019/02/12/argentina-just-made-driving-licences-digital/

Mar 10, 2019 ∞

Government as a Platform, the hard problems: part 1 — Introduction

Dec 7, 2018 ∞

Definitions: government-as-a-platform (a proposal)

This is the second of several posts about definitions. The previous one looked at the range of ways people have been talking about government-as-a-platform to date. This blog post is an attempt to come up with a single working definition of government as a platform.

Firstly though, why bother?

A good definition, like a good strategy, should help answer questions and make better decisions. Things like: “Does this project we are starting really fit as part of government as a platform?”, “Is that smart-city-blockchain-widget Consultancy X is trying to sell really going to help?” or “how should we measure the impact of this work?”.

So the aim here is to have a definition that can help digital service units who are beginning to think about platforms to make better decisions. To that ends, below is my current best attempt at a definition of government-as-a-platform.

Reorganising the work of government around shared APIs, open-standards and canonical datasets, so that civil servants, businesses and others can deliver radically better services to the public, more safely, efficiently and accountably.

It is trying to achieve a few things:

Firstly, that the most critical thing about government as a platform is the opportunity to deliver better public services. Ultimately, that is what government should be about.

Secondly, that you can only realise that opportunity by reorganising the work and institutions of government.

Finally, if you don’t do that in a way that is:

ethical and secure
fails to build in accountability and recourse for users
does not make it quicker, cheaper and simpler to deliver services

Then there is probably something missing from your plans.

Thoughts?

Nov 27, 2018 ∞

Definitions: quotes and themes on ‘government-as-a-platform’

If you think we’ve missed a relevant quote, please get in touch

Nov 27, 2018 ∞

The politics of making it easier to design digital services

A couple of weeks ago I asked on Twitter if there was a term in service design for the explicit, political choice to make something harder to do through sub-optimal implementation.

I was not thinking of the intentional designing-in of inertia to help users reflect, to prevent a service from being overwhelmed, or to allow for additional checks. I was thinking of situations where there is a genuine political will for making a service less good than it could be, either indirectly by restricting its funding, or directly through the passing of laws.

It turns out there isn’t, but inspired replies included complification, egdun (nudge spelt backwards), socialUXclusion, policy dark pattern and just ‘politics’.

Whatever it’s called, it is a genuine phenomenon. Examples include:

Requiring registration (with payment by law) to access land registration data in the name of fraud prevention
The paper process through which guns are traced in the USA
The additional ‘waiting days’ that were added people’s Universal Credit claims in the UK, with a separate, additional application process for people who could not afford to wait that long for assistance.

I asked the question as a proxy for several other issues I’ve been thinking about in relation to platforms in government. In a future world where shared components and platforms, along with the general adoption of open source and agile in government, make it easier and cheaper to build services:

Does it remove an excuse for not fixing things in situations where the real motivation is political? Could the politics of delivering services become a tiny bit more honest? Is there any evidence this is already happening?
What are the situations where it is genuinely an advantage for things to be suboptimal for the individual in the interests of wider society? For example, could real-time searching of certain types of public records have the side effect of making it easier to doxx people? How do we get better at articulating the difference?
What information needs to be in the public domain about how services work to enable a better political conversation about alternatives? The code? The software tests? Audits? What would help journalists and campaigners to tell the difference between easy and hard?

Ultimately, these things are a question of ‘politics’, so what needs to be in place so that political debate is as good as it can be?

Nov 26, 2018 ∞

Digital service standards and platforms

You can find the list of service standards here and search them using this Google custom search.

Oct 30, 2018 ∞

Platforms for government? Platforms for society?

Footnotes:

1. GOV.UK Notify and GOV.UK Pay are now available to all local authorities — Government as a Platform. (2018) https://governmentasaplatform.blog.gov.uk/2018/07/05/notify-pay-local-authorities/

2. #VerifyLocal pilots moving from discovery to alpha – GOV.UK Verify. (n.d.). Retrieved October 30, 2018, from [identityassurance.blog.gov.uk/2017/03/0...](https://identityassurance.blog.gov.uk/2017/03/02/verifylocal-pilots-moving-from-discovery-to-alpha/)

3. Banks may use Aadhaar QR code for paperless KYC — Times of India. (n.d.). Retrieved October 30, 2018, from https://timesofindia.indiatimes.com/business/india-business/banks-may-use-aadhaar-qr-code-for-paperless-kyc/articleshow/66370303.cms

4. e-Residency Benefits | Digital Nomad, Freelancer, Startup Company. Retrieved October 30, 2018, from https://e-resident.gov.ee/become-an-e-resident/

Oct 30, 2018 ∞

Digital proofs

Footnotes:

1 . View or share your driving licence information https://www.gov.uk/view-driving-licence

2. Things For Which Cryptographic Signing Would Be Useful. (2018, May 27) [shkspr.mobi/blog/2018...](https://shkspr.mobi/blog/2018/05/things-for-which-cryptographic-signing-would-be-useful/)
Ankur Shah Delight. (2017, June 22). Zero Knowledge Proof of Age Using Hash Chains. Retrieved October 21, 2018, from http://blog.stratumn.com/zkp-hash-chains/

3. Zero Knowledge Proofs: An illustrated primer. (2014, November 27) https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/

4. Verifiable Claims Data Model and Representations. (2017, August 3) https://www.w3.org/TR/verifiable-claims-data-model/

Oct 20, 2018 ∞

Real-world government platforms

‘Government as a platform’ normally gets talked about in terms of shared digital capabilities – things like hosting, identity or payments.

The GOV.UK Notify platform applies the concept of shared capabilities to the physical world too. As well as sending emails and SMS messages, Notify can send physical letters, via a standard API for printing and postage.

This gives the public servants designing user-facing services, a standard, well-documented way of sending letters – one which is quicker and simpler than creating something bespoke. It also (presumably) gives the Notify team the ability to swap printers to get better prices.

Applying the approach of seeking out duplication, then creating a common capability, to the physical world raises some interesting opportunities for governments:

Viewing call centres as a standard capability, with a Twillio style API wrapper around them, could give governments a standard way of managing demand for larger services, and an economic way for smaller services to add a phone channel for users who need it.
An API with data about what health services are available, at what location, and when the next available booking is, could allow patients to be referred to the most convenient and timely provider *.
In-person document checking could be integtated into any service that needs it – for example verifying that a photograph for a passport or visa is a good likeness or checking an elegibility-to-work certificate. (The work done by the service design agency Snook and high street chain Timpsons starts to show what’s possible with this idea).

Now, those examples are all about placing a wrapper around fragmented, real-world capabilities to make them simpler and cheaper. But what if governments approached their own physical assets in a platform way?

Most governments operate some kind of public-facing offices – places like tax offices or labour exchanges. Like many digital services, these only tend to offer the services related to the part of government that owns them: you can’t get help filling out a passport application at a tax office.

What if local offices were seen as a shared capability for any government service that needs to talk to people face-to-face?

GOV.UK, Govt.nz, Gob.mx and other government websites have been designed so users don’t need a mental model of how government works to use them. Could the same become true of people’s face-to-face experiences of government?

* Thanks to Paul Fawkesley for the health service discovery example

Oct 4, 2018 ∞

Platform land – a new project looking at platforms and government

I’m starting a fellowship at the Harvard Kennedy School of Government. The Kennedy School is a graduate school for students specialising in public policy or administration — broadly people who want to go on to either set public policy and regulation, plan on going in to politics in some form, or aim to go on to implement and manage a public service at the highest level.

Specifically, I’m part of digitalHKS, which, along with a fellowship programme, offers courses to students in subjects like digital transformation and product management.

For the next 10 months, I’m going to be researching the idea of Government as a Platform and, more broadly, exploring how digital platforms will change government and society.

The aims of the work are to:

Give digital service units resources to help them build good platforms
Develop common language for talking about government platforms
Stimulate a conversation about the institutional, societal and democratic implications of digital platforms in government and the private sector
Test ways of explaining the value and implications of digital platforms to politicians and leaders

I’m going to be interviewing people who’ve built and run platforms in government and the private sector. If that sounds like you please get in touch at richard@memespring.co.uk. Thank you to those who have already given up you time.

You can find out more at platformland.org

Mar 28, 2018 ∞

A Right to the Digital City

Conclusion

Responding to emerging urban issues from gentrification to forced evictions & the privatisation of public space, the United Nations 2016 New Urban Agenda historically incorporated the concept of a “right to the city”: We share a vision of cities for all, referring to the equal use and enjoyment of cities and human settlements, seeking to promote inclusivity and ensure that all inhabitants, of present and future generations, without discrimination of any kind, are able to inhabit and produce just, safe, healthy, accessible, affordable, resilient and sustainable cities.

Richard Rogers presents a vision of technology and the city becoming inseparable: buildings, the city and its citizens will be one inseparable organism sheltered by a perfectly fitting, ever-changing framework … constantly adjusting through electronic … self-programing. The National Infrastructure Commision describes the more concrete concept of a digital twin for public infrastructure in their Data for Public Good report.

It is time to unify these concepts to define a “right to the digital city”: access to evolving digital services that both fit and meaningfully shape the city. Services that are open, transparent, accountable and inclusive.

About the authors

Andrew Eland is Director of Engineering for health at DeepMind, a London based artificial intelligence company. Richard Pope is COO at IF, a London based digital rights consultancy, and a fellow of the Harvard Kennedy School of Government. This response was written in our capacity as Londoners. We’d like to thank Sarah Drinkwater and Sarah Gold for their extensive input.

Feb 27, 2018 ∞

A Guide To The New Field Of Software Politics

2016 was the year it became impossible to ignore the power software exerts on society. Today, in 2018, we can start to identify the companies and organizations that are putting power back in the hands of consumers.

[Source Images: Federica Galli/Unsplash (photo), Vanzyst/iStock (pattern)]

Software is politics. I wrote that back in 2016, arguing that the digital services we all rely on should not just be designed for ease of use–they also need to be understandable, accountable, and trusted.

Viewing software as politics is about more than tech, and it’s about more than ethics. It’s about the idea that, if politics is about the distribution of power in society, then software is inherently political. How that power is managed and the choices about who it is put to work for are the political questions of our age.

If 2016 was the year it became impossible to ignore the power software exerts on society, then today, in 2018, we can start to identify some signals about what the levers of control might be. Are there reasons to be optimistic? Which companies are using trust as a competitive advantage? What organizations are showing how the power of tech can be held to account? Here are six themes that are emerging:

Trust, competitive advantage, and the power of markets

Research by Kelly Martin, Abhishek Borah, and Robert Palmatier published in Harvard Business Review has found that data breaches have a ripple effect–if one company in an industry suffers a data breach, then others in that industry will also feel its effects on their finances. The researchers also found that companies can mitigate that risk when they are transparent about how they use data and give users control of their data.

This prompts an important question: How would investors–those who hold the ultimate power over which businesses rise and which ones fall–understand if a company is a risk or not?

There may be some parallels here to the Carbon Disclosure Project (CDP). CDP collects and standardizes data about the environmental impact of companies. Investors use that data to make ethical investment decisions or manage risk; regulators use it to make better laws. Maybe investors will start to evaluate risk by consulting transparency initiatives like Ranking Digital Rights and Terms of Service Didn’t Read. Taken to its logical end, only transparent companies would receive funding, and opaque companies would falter, elevating the services available to consumers overall.

Auditing and transparency

Inspired by ProPublica’s investigations into biased algorithms, New York’s city government passed an algorithmic accountability bill into law and established a task force to bring transparency and accountability to automated decision-making by the city’s agencies.

What’s encouraging about this is that the initiative came, not from a campaign group, but from a serving politician, James Vacca, chair of the city’s Committee on Technology. Transparency is now a matter of mainstream importance.

Transparency is not just being adopted by the public sector though, as Canadian VPN provider TunnelBear showed when it published the results of an independent security audit.

The idea behind TunnelBear’s audit was to reveal to its users that the company could be trusted over competitors in a sector that has significant trust issues.

There are some intriguing technical approaches to transparent design, too. To pick just two:

Code Keeper is a new service for creating escrow agreements for code, specifying the legal circumstances where source code can be accessed. The main focus of the project is to allow access to source code when a company goes bust. But I wonder if it could also be used to enable access to source code for audits?

Google is working on a General Transparency database called Trillian. Based on the same ideas as the decentralized SSL certificate system Certificate Transparency, the idea is to make it easy to create a dataset–say the list of changes to a company’s terms of service. In turn, that dataset’s integrity can be independently verified.

Certification and standards

The Internet of Things has been under scrutiny recently, as botnets, data breaches, and poor safety make headlines. But two things came out of the Mozilla Foundation at the end of 2017 that show how the connected device market could shift to prioritize consumers’ safety.

The first was a privacy buying guide, a pre-Christmas review of the most popular connected devices that compared the relative safety and protections of each platform. Hopefully more mainstream consumer review sites like Wirecutter and marketplaces like Amazon will take the idea and run with it.

The second was a report Mozilla commissioned from Thingscon, exploring options for a trustmark for IoT. The report recommended building on the work the U.K.-based #iotmark project has done to develop an open certification mark for a minimum set of principles that connected devices should meet.

At the same time Doteveryone, which campaigns for a fairer internet, have been looking at the concept of a trustmark for digital services.

Separately, we’ve seen other standards-based initiatives begin to emerge around digital rights. Consumer Reports published the Digital Standard in 2017, signaling a new era for testing and advocacy organizations. Part testing-framework, part certification scheme, it’s a great resource for anyone developing digital products to ask: “Is what I’m doing right?”

Time will tell if kitemarks and certification are an effective way of ensuring the safety of connected devices, but it’s an encouraging development.

Decentralizing machine learning

Machine learning algorithms, rather than being explicitly programmed, are trained using data. Crudely speaking, the more data they have, the smarter they get. When it comes to data about people, this poses an obvious privacy challenge: the trade-off for better software is more sensitive, centralized datasets.

Google’s Clips camera is an always-on wireless camera that uses machine learning to decide what to take pictures of. Rather than uploading photos to a central server for classification, it all happens locally. The hypothesis, presumably, is that people are more likely to trust an always-on camera if it keeps what it is seeing to itself.

Both Google and Apple have recently introduced products that make use of “differential privacy,” a technique that allows services to learn from the behavior of groups of users without revealing anything about any individuals.

Apple has been using the technique to add new words iOS’s keyboard autocorrect function. Google has been using the technique in combination with federated machine learning to understand how to make better suggestions in its Gboard keyboard in Android. None of this represents a magic bullet. And there are questions about the exact implementations of differential privacy. There is also a risk that, although the learning is decentralized, the control and the learnings remain centralized–only Google and Apple can run experiments like this. Further, there is also an issue of who will verify the promises they are making?

These concerns aside, decentralized data and localized learning represent a very clear change in approach from the cloud services of today. It will be exciting to see what happens next.

Changing how products get made

How software gets made has an impact on what software gets made.

Recently, we’ve seen various initiatives that aim to make it easier for developers and designers to do the right thing when it comes to making products that respect users’ rights and safety.

GitHub has announced that it will start telling developers when their projects have insecure dependencies.

The Simply Secure project has been providing professional education for user experience designers, researchers, and developers working on privacy, security, transparency, and ethics.

At IF, where I’m chief operation officer, we’ve updated our open-source Data Permissions Catalogue, which we hope will make it a more useful resource for designers building services that need permission from users to access data.

There are also increasing calls for ethics modules to be added to computer science degrees, and Harvard and MIT have started offering a course to their students specifically on the ethics and regulation of artificial intelligence.

New data regulation

Those of you living outside Europe might not of heard of GDPR. GDPR stands for “General Data Protection Regulation,” and it is the EU’s new set of rights and regulations for how personal data gets handled. It enshrines a slew of digital rights and levels huge financial threats against companies that don’t comply. These new rights should make it easier for people to understand and control how data about them is used, see who’s using it, and do something if they’re not happy with what’s going on.

Companies, wherever they are based, face the choice of meeting the regulations or risk being locked out of the European market. As such, GDPR could become a de facto global standard for data protection.

Rather than a regulatory burden, this is a huge opportunity for companies to show how they can be trusted with users’ data. (For example, the Open Data Institute has written about what that might look like for the retail sector.)

In addition to GDPR, In January, after several years of lobbying and activism, the Open Banking Standard was introduced in the U.K. It is designed to facilitate a new range of banking services and applications. There are some potential risks, but with good design, it has the potential to empower customers by allowing them to reuse the data held by their banks for other purposes–for example sharing data with an accountant or proving income.

Beyond the opportunity to transform markets, GDPR and initiatives like the Open Banking Standard represent an opportunity to educate people about data–to provide totally new accountability and transparency mechanisms–and produce a healthier public debate about what data should never be collected in the first place.

What do we call this thing?

I’m optimistic about where we are heading. Companies are developing reputations–good and bad–for how they handle data. Regulators are starting to hold people to account for decisions that affect people’s lives. New technologies and new sources of open data are going to make it easier for companies to be transparent and accountable. There’s a growing interest from people in the tech sector about ethics and responsibility.

And once people get used to having new digital rights, we’re going to expect more. This is a huge opportunity for organizations, whose digital strategies and policies empower users.

One thing I’m left wondering, though, is this: The examples I’ve listed here include new regulations, technologies, design patterns, professional development, tools, ethical frameworks, standards, and market realities. The thing that ties them together is that they can all play a part in ensuring that more of the products and services we rely on respect more of the rights we have.

This prompts the question: What is the name of this emerging field of software politics? It feels like it should have one. Names are useful.

While it includes some elements of security, it definitely feels like a different field. “Responsible Tech” or “Digital Ethics” state the intent, but don’t really leave room for the business reality of “trust as a competitive advantage.”

“Descentralized” is fast becoming devalued as it is used unquestioningly in association with technologies like blockchain. Answers on a postcard. Or maybe it doesn’t need a new name. Maybe it’s just politics.

Jan 30, 2018 ∞

A model planning condition for digital infrastructure

Following from my previous post about the ability of the UK planning system to deal with digital infrastructure like the InLink, it seems there may be a mechanism to give communities a say over what sensors, data collection practices and targeted advertising they invite in.

It’s the same one we use to regulate things like the opening hours of shops: ‘[planning conditions’.

Planning conditions allow a local authority to list the things that must not change without prior agreement - things like opening hours or the number of carparking spaces in the car park.

Own a shop and want to open after 23:00? Then you’ll need to submit a new application to the council for public comment.

Want to add a couple more parking spaces to the carpark?

Time for another application.

So, could planning conditions be used to regulate important changes to digital infrastructure?

Could they be used to, for example, force the maintainer of a connected phone box to apply for permission to enable the use of facial recognition cameras?

Maybe.

There are not many examples of planning conditions being used to regulate connected infrastructure, so back in December Adrian Short, myself and others started writing a ‘model condition’ using a public Google Doc. Several people have helped by adding to it.

You can view and improve it here and hopefully. Given the increase in ‘phone box’ applications, hopefully some local authorities might find it useful.

Nov 11, 2017 ∞

InLinkUK - targeted advertising, planning permission and public space

Our local high street is going to have one of its phoneboxes replaced with an ‘InLink’.

InLink is a public wifi network provided by BT through on-pavement ‘structures’ and funded through advertising displayed on a big screen on the side of them.

They have some additional functions, like making a free phone call or looking up local information, but given smartphones are a thing most people now have, advertising and wifi are the main play here.

According to the FAQs advertising will be targeted based on data about how people use the InLinks:

We may use anonymized Technical Information to … Deliver relevant advertising on the Structures

That will presumably include some tracking of individual devices:

we collect your email address, your device unique identifier (MAC address), and your device type during the registration process. We collect this information to help us operate and provide services to you.

In the same way as other ISP’s anyone using the service will have the websites they visit logged:

In order to comply with laws and regulations, we must capture this information. We will only share this information in response to a lawful request or legal process, including from government and public authorities.

What is less clear is if this data will be used to tailor what adverts get displayed on specific InLinks.

There are also three cameras, which will be disabled at launch:

There are two security cameras above the ad displays as well as one built into the tablet. All three cameras are turned off at the moment and will not be activated without express notice to the public.

In New York, where there is a large deployment of InLinks, cameras are used for security and “to improve Services”.

Given attempts by similar services to use cameras to guess people’s age and gender and to use that to target adverts at people, it’s reasonable to question what those cameras could be used for in the future.

Now, better public wifi is much needed, and it’s great to see investment in it. But there are three questions that InLink raises for me:

As a society we have not yet dealt with the implications of targeted advertising online. Are our institutions ready to facilitate a healthy debate about what inviting targeted advertising into our public spaces will mean?
Is provision via a private company and funded by advertising the only model for doing this? Given there is a strong argument to be made that wifi is important infrastructure, shouldn’t we at least have the conversation about treating it in the same way as we do the London transport system - directed by and accountable to the city government?
Each InLink will require planning permission, but given the very essence of the thing can be changed remotely at a later date (the cameras can be enabled/disabled, how targeted the adverts are can change), is the UK planning system really set up to deal with digital-physical infrastructure like this?

Jul 11, 2017 ∞

Bye2k - government IT and Brexit

As Mat points out, one of the unwritten stories about if Brexit can be implemented is that of the changes required of ‘government IT’.

How many databases will need to be updated to store a distinction between U.K. and EU citizens? How many government services rely on access to EU systems and APIs? What EU systems do we rely on today that will need to be rebuilt from scratch in the next 18 months?

For all of the above: What are the timeframes? How much will it cost? Has the civil service leadership recognised the problem yet?

If Brexit is going to be anything approaching a success, we need answers to some of these questions asap.

Edit: renamed post to the much better ‘Bye2k’ suggested by Matthew Harris

Jul 2, 2017 ∞

GDS Retrospective #5: things that have changed

To finish of this seris of retrospective posts I thought I’d list 7 things that have changed for the better as a result of the things GDS and others across government have done over recent years:

Understanding the needs of users through research (and other methods) is part of how digital services get designed and built. So is testing real things early with real users.
It is now accepted that it is OK to use open-source in government, and that code and designs can be shared across government.
There are the beginnings of shared tools and communities across government that could, in time, start to change the shape of government.
Development cycle-times have been reduced through the widespread use of integration testing, open-source, and user research. (Side note: these are only going to get shorter and different and skills will be needed to take advantage of that).
There are the beginnings of shared platforms that could change how at what speed and at what cost services get built for the better.
It is possible to get a job in government as a developer, designer or researcher and for it to be an aspirational thing to do, and it is possible for government departments to develop services in-house where appropriate.
Accessibility is approached as a core design, development and research activity, rather than a question of meeting a particular standard. (Arguably, this most radical thing that GDS collectively did, and it still looks like it’s leading rather than following several years later).

Question is: what should this list look like in 5 years time?

Jul 1, 2017 ∞

GDS Retrospective #4: transformation and mental health

Transformation projects can be hugely rewarding, but something that needs talking about more is this: they can take a toll on the people doing them.

With transformation projects, you generally can’t talk publicly about the work you are doing. If it fails, it’s like you never did it. And if it works, it (rightly and justifiably) has to be other people’s success.

You can find people who feel threatened by a transformation project, if not quite shouting at you, or subtly trying to undermine your work, then at least being non-cooperative.

The balance between teaching, showing and getting things done is a hard one.

You have little direct control and have to accept you will never get to finish anything, success looks like getting something started, and if it does get started, then that it may head off in a totally different direction.

Being not quite ‘of’ the organisation you are trying to transform is also hard. And when you go back to your ‘home’ organisation, things have often moved on and it’s not clear where you fit in anymore, and there’s no career path.

I’m not ashamed to say that a combination of some of these things, and some emotionally demanding projects, made me quite ill for a while.

Something that has only occurred to me with a bit of distance is this: I think any significant transformation programme should consider putting mental health support in place.

It should also be a risk that people talk about more openly in digital. This stuff can be hugely rewarding, that’s why lots of us do it, but it’s also hard and we need to look after each other.

Jul 1, 2017 ∞

GDS Retrospective #3: professions and design

In reality, it’s something I think to be simultaneously true and not true.

It’s true because you only get good stuff from people with different skills working together, when every member of a team can contribute to the design of products and that it is important to use and understand the materials available.

I also think it’s also true because how we build digital products was changing - platforms like Twilio and Heroku, and mature CSS and web frameworks making just easier to build things. We are increasingly assembling things from components, the lines between development and design have blurred, and development cycles continue to shorten.

In some circumstances, the best designer for a given task might be a developer. Sometimes, an understanding of what you could build, if only you had good data, or could apply a particular bit of technology to solving a problem are the most important thing.

That stuff’s just harder the more distinct the identities of dev and design teams are.

Certainly, some of the civic-tech design thinking that had been in and around at the beginning of GDS seemed to evaporate as professions emerged, and some of the technically driven design ideas from the alpha and beta of GOV.UK, didn’t come near happening for a long time.

However, it is simultaneously not true because making design and development separate, distinct things meant that some amazing designers and developers were attracted to GDS and have gone on to do amazing work.

Creating professions can help scale an organisation. They also mean people have a home, a professional network and a clear understanding of what their role is on a team. That might not have happened without there being a design and development teams in place.

But prematurely optimising for professions does come at a cost.

Professions are an abstraction against a background of constantly shifting practices and technologies, and ideas and people will always fall between the gaps between them. That’s a balance other transformation projects need to think hard about.

Addendum:

This was hard to write and I didn’t get it 100% right (despite, or maybe because, it has been rattle around in my head for some years).

In the absence of any doubt - and the way I worded some of this created some - I think having world-class designers in government is an important thing. Getting designers and developers into government was why we started RewiredState back in 2008.

Giving those designers a home and a sense of mission was also critical and a huge achievement.

However, I do think that the way teams emerged in GDS had an effect on the type of products we designed, the way we designed, and who practised design, where perceived ownership lied and what our strategic priorities were.

Collectively this also, to some extent, limited our approach to things like shared platforms, data and use of recently emerged technology. However, that does not take away from the achievements.

To put it another way: the shape of organisations inevitably has an effect on the products they make.

Changes: 3rd July 2017 changed: “how we build digital products is changing” to “how we build digital products was changing” to clarify period I am talking about. 3rd July 2017 changed: “That stuff’s just harder when you have separate dev and design teams” to “That stuff’s just harder the more distinct the identities of dev and design teams are” as it is not a dichotomy 4th July added addendum