Posted on: Wednesday 5th of May 2010
The following article by William Heath appeared in the new Demos book The long view – new ideas for progressive policy.
The UK government has made good progress in how it handles public data such as facts about public finances and statistics. Unfortunately, the same cannot be said of its handling of personal data and identity management.
On public data, the Power of Information review made the powerful case that public data should, by default, be free. The economic benefit from using the data for potential new services far outweighs any benefit from selling such information — and of course taxpayers have paid for it already. The review was followed by a task force led by Richard Allan and with the ministerial backing of Tom Watson. Then we saw the launch of data.gov.uk in 2010 with Sir Tim Berners-Lee and the blessing of the prime minister.
That’s the scale of effort needed to change entrenched data practices. The process is barely started; there’s much further to go.
On personal data — that is, people’s personal circumstances, identifiers, and case histories of their experiences with public services including health, education or travel — our progress since 2000 has been lamentable. UK government policy applies the most arrogant and centralised of approaches to personal information and uses a model better suited to dealing with terrorism suspects than ordinary UK citizens. The fact that the state is not at war with its citizens should be reflected in the way in which it treats our information. The UK government should also start to conform to the European data protection and human rights laws by which it is bound.
Let us focus on the question of how government treats data about people’s identity, their circumstances and the services to which they are entitled. A new policy on personal data will achieve significant savings and create vast new value, just as freeing up public data is likely to.
Handling personal data: past vs future
The government’s handling of personal data is characterised by a long-term desire, typical of customer relationship management advocates and practitioners, to gather and ‘own’ as much customer data as possible. Alongside this we have seen a rush to remove statutory and technical barriers to data sharing between centralised databases. One side effect of this has been a series of catastrophic data losses,
most notably from HM Revenue & Customs in November 2007. The underlying reality, however, is less dramatic but equally damaging: duplication, omissions and inaccuracies in the data sets result in huge inefficiencies and episodes of error, as well as rank injustices for which government declines to assume any responsibility. The ‘customer’ — or resident, pupil, job-seeker, patient, traveller — has to spend inordinate amounts of time putting the services back together. The taxpayer picks up all the cost.
Online identifiers vs the national ID scheme
We need to solve the policy and practice of dealing with personal data. First, we need to grasp the nettle of online identifiers for public services. The Cabinet Office’s report on transformational government proposed identity management solutions that would ‘converge towards biometric identity cards and the National Identity Register’. Yet the national ID scheme was conceived by the law enforcement community for a ‘bricks-and-mortar’ world. It is neither designed nor intended to work usefully for the individual in the rapidly evolving world of online services.
The expensive lesson we are learning is that online services with privacy policies designed around the needs of the security services don’t make very good public services. That, in turn, does very little to make society any safer. It simply annoys people and wastes money. The real question to answer is how people can identify
themselves online to get convenient and trusted access to services, public as well as private. This needs to be done in a consistent and convenient manner under the user’s control and without making everything citizens do online routinely available to officials. It’s bad enough that ContactPoint or the NHS summary care record do this; let’s not compound the error exponentially by ‘joining up’ insecure services.
The necessary principles — routinely ignored by Whitehall, though accepted in Scotland and elsewhere — have been stated very clearly by Kim Cameron in his ‘seven laws of identity’. Like so much in government IT, the right aspirations exist already in government documents from a decade ago. But the world of identity has moved on rapidly with the interconnection of social networks, the rapid personal data and public services progress of services such as Google, Facebook and Yahoo, the realignment of credit reference agencies and the emergence of payment services such as PayPal as online identity providers.
We should adopt the US ‘trust framework’ model
In the short term, the UK should build on the Obama administration’s lead. This means announcing that, in future, all access to online government services will take place using a range of third-party — that is, non-government issued — identifiers. This removes government from the role of online identity provider. It allows the state to enjoy the benefits that an innovative, fast-evolving and competitive market can deliver.
Next, the UK needs to cultivate a ‘trust framework’ so that different identifiers are accredited at appropriate levels for different purposes. It’s perfectly acceptable, and often appropriate, that many or even most services continue to be available anonymously. It is only where there is some contractual need to know who someone is that stronger identifiers are necessary. These may be the electronic equivalent of the bank statement or gas bill — confirmation that an individual has a trading relationship with a known large entity — or the electronic equivalent of the ‘know your customer’ process, which depends on face-to-face
verification as well.
Personal data — it’s ours
Beyond this trust framework of third-party identity providers lies a simple but radical change in the principle of ownership and control of personal data and how it is used to drive public services. This means changing the basic assumption that it is solely for the organisation to hold, own and manage the authoritative version of people’s personal data. A small amount of infrastructure at the individual’s end would allow people to hold the authoritative version of their circumstances, transactions and case records. They can then share it with organisations and with other people at their discretion, seeking external verification if necessary. Such a technology infrastructure would reflect the reality that it is the individual who inevitably carries but is also best placed to manage the responsibility of integrating all the services — private as well as public — that they use.
This development is well described, well understood and imminent. There are numerous entrepreneurial initiatives personal data and public services ready to make this reality; in Europe, examples include Mydex CIC, The Mine, eDentity, Paoga and specific services such as Workdocx or patientsknowbest.
This new ‘person-centric’ model for personal data management will emerge rapidly, just as search or social technology did on the internet. It does not require government investment, but government does have a critical role to play as catalyst, as the US administration is showing. We urgently need to deploy live trials of services based on independently verified user-driven data. At the same time we must assess the future of user-driven data by different service lines, for example:
• Health services driven by personally held health records, just as control over the ‘red book’ of perinatal data rests with the mother. This allows integration by the patient of NHS data (records, appointments, prescriptions) with complementary care and with information on diet or exercise, which affects health but has nothing to do with the NHS.
• Personal, portable education records. Today we are building central records of every child’s educational achievement (as well as their disciplinary record and propensity to obesity). Post-election, the Dept for Children, Schools and Families should rapidly decide on the suitability of personal portable education records to support life-long learning. These would be controlled by the individual (or a third party on their behalf) and allow people to record and manage their own achievements in school and elsewhere.
• Other user-driven services. We need similar policy decisions from the Dept for Work and Pensions, HM Revenue & Customs and the Dept for Communities and Local Government about welfare entitlements and other services driven from personally held and externally verified records of financial status. We should ask the Office for National Statistics whether the £500m decennial census continues to be necessary and good value, or whether government statistics could soon be driven faster and more cheaply by volunteered personal information, This could give us a census every 10 minutes if people wanted.
By the end of 2010 we should ensure that there are at least two live prototypes across multiple organisations where service users volunteer personal information to inform and drive a variety of public and private services. Drawing on a growing range of online verification services, this approach will deliver far more utility, value and trust than the troubled national ID scheme. There may be a revived role for the national ID register as a voluntary service offering stronger online verification as part of a trust framework, for the most demanding cases. A first priority for the Identity and Passport Service therefore should be to produce a business case for this.
The cost of these prototypes would be so low as not to trouble the £100,000 the Official Journal of the European Union/World Trade Organization threshold. At the same time, we must evaluate the role for emerging online verification services, and the effect of user-driven volunteered personal information on fraud control, personalisation, political feedback and trust in online services. There is a huge amount to gain and a huge amount to learn on the way.