Examination of Witnesses (Questions 40-59)|
24 NOVEMBER 2005
Q40 Mr Liddell-Grainger: Did it ever
have control of e-Gov?
Mr Tyndall: My evidence is that
this is an emerging field and that we are all, if not infants,
then somewhere like adolescents in this world. You asked me a
question about websites. If you go back 10 or 15 years, nobody
had a website, not because they were dullards or risk-averse or
backwards, it was just because nobody had websites. The website
industry is only so old and it is maturing and evolving. You can
look back at any industry where the technology moves on apace.
If you look at some of the early motorcars, you say, "They
did what? They had steam-driven motorcars!" but somebody
thought it was a good idea at the time. There has to be some sort
of Darwinian effect in this area. I am absolutely certain that
there are a number of things that we do today that will not stand
up to the test of history. We will look back in a few years time
and we will be saying, "We did what?".
Q41 Mr Liddell-Grainger: Could we take
a specific. The Government set up a project called True North.
Have you ever heard of it?
Mr Tyndall: I have heard of it.
Q42 Mr Liddell-Grainger: Do you know
what it did?
Mr Tyndall: No, I have no idea.
Q43 Mr Liddell-Grainger: Does anybody
know what it did? The Cabinet Office gave the okay to £83
million to set up a project called True North, which was to paper
sleeve a deal with Government. It has gone somewhat wrong. The
only reason we came across it was because the company sued the
Government for £24 million, saying that they were plonkers
and they did not know what they were doingwhich comes as
no surprise to any of you three. Do you think it is farcical that
we have got to the stage where you cannot get papers, we cannot
get papers? The Government are covering up projects that have
gone wrong to the tune of £83 millionand that has
been a snip compared to some of the things they have messed up.
Are we just getting to the stage where this whole thing is becoming
Mr Tyndall: I would not characterise
it as a farce, no.
Q44 Mr Liddell-Grainger: It does not
seem to work. You have portals everywhere; you have websites;
you can go in one way, another way. How on earth we are going
to have an ID card system that is going to work, if the Government
itself at the highest level cannot even get a project right?
Professor Dunleavy: I think one
of the problems is that when you have new policy areas the way
that you used to do things before does not apply. Then you take
quite a lot of time and you have a lagged response to the new
thing. In e-Gov we have had a process of catch-up really, so there
was a lot of spend on encouraging websites and so on and it took
quite a long time for basic metrics for measuring success and
things like that to be built in as well. I think the new Office
of e-Government is trying very hard to make things more transparent.
We did a study in 2002 for the National Audit Office called "Government
on the Web II". If you look in the report you will see that
there are not any web statistics for the Treasury. The Treasury
had a website and did not have any statistics of how many people
were using it and so on. All of those sorts of problems should
be behind us and I am hopeful that there will be an evaluation
next year that will show that there has been considerable progress.
Local governments are publishing e-government implementation plans
which have a lot of information. I do not think it is all bad
and I do not think there is any particular reason why it could
not be improved and refined.
Q45 Mr Liddell-Grainger: Who should be
in charge of this? Do you know what the total assets of the
Cabinet Office's computer resources are? £122 million. That
is more than the asset value of all the buildings they have in
Whitehall, believe it or not. We cannot find out what they are.
Do you have any bright ideas? Why has the Cabinet Office got £122
million worth of computer assets? They wrote off £52 million
last year in depreciation. Either there is an awful lot going
on that you do not know about and I do not know about and we do
not know about, or one heck of a mess has happened and we are
not sure whether it has or has not. Can you shed any light? It
worries me that we are going to get these ID cards at £30,
£50, £100, whatever, and so far the evidence is not
very good that it is actually going to work.
Mr Collins: I keep coming back
to this information thing. I would rather not name the department,
but my editor and I were called in to a particularly large department
and asked not to write some of the things that we were writing
because of a public confidence issue. Some of these departments
are really struggling to cope, but the information that is given
out to the public and Parliament is that things are generally
okay. There was a very good NAO report published last week on
complexity in government and why these systems have grown up piecemeal
because they are particular responses to policy and legislation
and that is why they are so horrendously complex. In a private
company, you would say, "Okay, let's pull that aside, we
are going to build a new system. We are going to accept that we
have problems with that or we are going to run two systems in
parallel and we are going to replace this technology with something
new". No one really owns up to the state of government IT
and says, "These are the problems we have and this is how
we are going to tackle them". A CIO at HMRC gave a speech
at a public conference earlier this year in which he talked about
the problems that that department hasvery serious IT-related
problems. After we published the details from his speech, the
Revenue issues a denial statement. I think there is a real issue
with accountability and transparency.
Q46 Mr Liddell-Grainger: Does it then
come back to the situation where government departments do not
talk to each other? We know they do not. Some are better than
others, but they are not good at talking to each other. Is it,
do you think, that the Government has got so sick of this, that
the e-envoy has taken the whole thing on his shoulders within
the Cabinetwhich is where he is based, although he could
be based anywhereand this is why we have these massive
figures that have been spent within one area? Is it that they
just happen to do the whole thing themselves because nobody else
either will, wants to or can?
Mr Collins: I think there is quite
a pressure from suppliers. I have been to conferences at which
suppliers are talking with civil servants with a view to possible
projects. They talk about the benefits and they do sound quite
compelling. I think it is very easy for departments, ministers,
civil servants and suppliers to get caught up in the benefits
of a project and not necessarily see how difficult it will be
to implement them. We saw it with something called "Choose
and Book" in the NHS, a scheme for booking appointments electronically,
rather than having a letter from the hospital. You can choose
the location, time and date of your appointmentsa very
good idea. It was described initially like an airline reservation
systemthe private sector has it, why can the public sector
not have it? But in fact it has not delivered really any manifestly
useful results yet. They had hoped to book 10 million appointments
by the end of this year and the latest figures I had were 26,000.
In other words, it is very easy for suppliers to sell their solutions,
identifying problems in government and then selling those solutions,
and everyone seems to get caught up in the benefitswhich
no one can denywithout necessarily looking at the practical
Q47 Mr Liddell-Grainger: One last question.
Computer Centre, have you heard of that?
Mr Collins: Yes.
Q48 Mr Liddell-Grainger: It has been
paid just under £40 million in three years from the Cabinet
Office. I went through their accounts and got in touch with them
and they would not admit they had even worked for the Cabinet
Office. I presume Government has not just given them £40
million because they feel good about it. That is the worry, is
it not, that we do not know what is going on, where this money
is going in the first place and what it is being used for? When
private companies are not prepared to admit to work for the Cabinet
Mr Collins: I do think it is odd
and people I have spoken to think it is odd, coming back to this
NHS projectand I will mention it because the cost is between
£6 billion and £30 billion, so it is comparable in size.
The decision to go ahead with that was taken in February 2002
at a seminar attended by ministers and civil servantswe
know who was thereand representatives of the industry.
We put in an FOI Act request for details of that meeting at which
this decision was taken in principle to go ahead with this very
large project, and we were given absolutely nothing from it. It
is an oddity, given that Congress will discuss very large commitments
and investments in projects before they go ahead. It is odd that
with IT projects that does not happen.
Chairman: As you will see, Ian is poring
over the Cabinet Office accountsand if I were in the Cabinet
Office I would be worried about this. I do not know if it is something
you would like to pick up on, Kelvin, but the bit which has not
been much discussed is the extent to which there is supplier pressure.
Were you going to ask about that?
Kelvin Hopkins: Indeed, I was.
Chairman: You ask about it then.
Q49 Kelvin Hopkins: We have the example
of the railway industry which I sometimes touch on, where we have
moved from a publicly owned system, with directly employed engineers
doing a job, to a system of outside contracting services, and
the costs of laying railway track have risen by four times in
10 years. Given that all these services are now provided by external
contracting, by private sector companies, do they not have a vested
interest in not getting it quite right first time and then coming
back for a second bite and more government money?
Mr Collins: They do tend to get
paid come what may in the IT industry. This week we saw a settlement
between HMRC and EDS over the tax credit scheme, but it is very
rare for a supplier to be penalised when there are problems, particularly
with these mega projects. There is a very small number of IT suppliers
in the market and it is very difficult for government to fall
out with a very small number of suppliers because they have these
very large projects, until or unless you decide to do smaller
scale projects in which you can bring in small and medium-size
companies. If you are going to focus on very large projects, you
need very large suppliers. It is very difficult with these contracts,
when they go wrong, for government to be able to say it is all
the fault of the supplier, because the supplier will usually turn
round and say the change in the requirements of government, and
legislation and statutory amendments do mean that IT projects
do change quite a lot during their lifetime. It is very easy for
each to blame each other. The likelihood of taking legal action
against suppliers when things go wrong is pretty low.
Q50 Kelvin Hopkins: Do you have any ball-park
figures for examples where an initial cost has been announced
in Parliament for a public service to have an IT system, and then
later the eventual cost, if and when it finally works? I do not
mean just a cost overrun, but if the estimate is £1 billion
and it finally costs £7 billion? I am only guessing, but
has that sort of thing occurred and do you have any figures at
your fingertips of that kind of financial disaster?
Mr Collins: Again, it is hard
to get information. There is usually quite prolific documentation
in the early stages of the project about its benefits but they
do not publish result implementations. There are some examples.
The DWP is probably one of the biggest. They announced to Parliament
that their modernisation/computerisation of benefits would cost,
I think, £713 million and would save 20,000 jobs, but at
the last count it was £2.6 billion and the number of staff
involved had increased. There is a magistrates' court system called
Libra, which was announced as being a £140 million project.
At the last count that was £390 million. But it is hard to
get information on costs, because they revise contracts. The NHS
is doing this at the moment and saying, "Our timetable and
our costs are now out of date. We set them two years ago and we
now need to `re-profile' them"I think that is the
Q51 Kelvin Hopkins: I think you have
made my point for me. The next question I would like to put is
to Patrick. It is about his estimates, because the LSE has made
some estimates of the cost of the scheme. Even if it were to work
first time, we are talking of £20 billion, £30 billion,
whatever, but, given the history of disasters for these sort of
schemes, and this is even bigger, is it not likely that the end
result will be something that may or may not work but would cost
a significant proportion of GDP to get it going at all?
Professor Dunleavy: The LSE team
is currently looking at the cost estimates and there will be some
changes in the estimates. Mr Burnham from the Home Office has
been very energetically saying that we are going to revise these
costs down. We have not yet clarified whether that is the case
or not. We will be looking at the cost estimates.
Q52 Kelvin Hopkins: The Government talks
about the need to reduce illegal migration, illegal working. If
the same amount of money were spent, for example, in making sure
the passport system works properly; that the Immigration Office
is properly staffed and works properly; that our borders are properly
patrolled; and that we have proper inspectors checking that we
are not exploiting workers like the Chinese cocklepickers at Morecambe
Bay, for example, would the money not be better spent and would
there not be a much more successful outcome if the money were
spent in that way rather than having this gargantuan ID card system?
Professor Dunleavy: If I were
investing money and asking Parliament to invest money, I would
think it best to give people a range of options. One of those
options might be a very low-cost, core ID scheme. But that would
be very different from the proposal that is actually before Parliament.
It is not clear that there is any kind of opportunity and it is
not clear also that the thing will work. It is very, very important
how citizens view the ID card. If they view the ID card like they
view the Oyster card, it is going to be a great success, and thousands
of businesses will want to participate in that. People would voluntarily
want to load onto the ID card information that would be useful
in other public services and it could be very successful. But
if people are very suspicious of the card, or very worried by
the card or worried by the risks of having a card, then you could
invest an awful lot of money and get almost nothing back for it
that you would not have got much more cheaply with other mechanisms.
Q53 Kelvin Hopkins: My final question
is to reinforce the point you are making. The Oyster card is useful
to the individual, to the citizen.
Professor Dunleavy: Absolutely.
Q54 Kelvin Hopkins: The ID card is useful
to the state, not to the citizen.
Professor Dunleavy: Yes.
Kelvin Hopkins: I think there is a big
difference. I have made my point.
Q55 Jenny Willott: Could I go back to
something that Professor Dunleavy mentioned earlier about people
who have moved and the difficulty over time when the more old-fashioned
ways of ensuring somebody's identity stop being used. I was wondering
if any of you could tell me about the implications for accessing
public services for people who are particularly vulnerable, people
with mental health problems, alcohol or drug problems, people
who are homeless and do not have a valid address to use for an
ID card, asylum seekers and so on who might find it more difficult
to prove their genuine identity. They are all perfectly entitled
to access public service, and on the whole are probably more likely
to need to access public services than most people in the general
public. Has any work been done on as to how their right to access
can be safeguarded, given that they are less likely to be able
to use cards, in the same way other people are more likely to
find it difficult to access.
Professor Dunleavy: I think the
whole social implication of ID cards is a generally under-explored
area. It is not clear how it is going to work. In many services
and circumstances, if, for example, people show up and they do
not have an ID card, there are interesting questions about whether
they are then going to be turned away. If very large numbers of
people turn up without their ID cards, then, of course, after
a while the staff might even stop bothering to ask for them, because
people will not have them. Particular client groups (mentally
ill people, for example) may not have ID cards, and I cannot see
what would be the point of asking for them in that particular
context. I am not sure that any of the service entitlement now
know what the ID card will be used for or why. I should think
it could only have negative implications for the groups you have
Q56 Jenny Willott: Looking at the issue
of identity theft, one of the arguments that has been used for
identity cards is that they are going to make it harder for people
to carry out identity theft. However, if you have everything that
you can access through one little card, common sense, gut feelingwhich
may not be based on anything accuratewould say that actually
it might be much easier to steal somebody's identity. If you can
access the information through that card, then you have a whole
range of information that you can access about that individual.
What are your views on that element of it? For example, banks
are looking as if they are quite interested in using identity
cards for setting up bank accounts, accessing them and so on.
If you have an identity card that in theory could provide access
to financial information about that individual as well, you have
an entire range of information that in theory you could access
from just one source. Have you looked at any of the safeguards
that would need to be put in place so that that could not happen?
Professor Dunleavy: Professor
Angel, who is one of our IT professors, once described the ID
database as a "one-stop shop for fraudsters". That would
be the danger. The Home Office position is that they will check
the biometrics of people who are being issued with an ID card
at the beginning and then thereafter you will have an ID card
which matches against it, so that we know that that person and
that card belong together. If in lots of other contexts you also
check the biometrics, then you have quite a high security system.
If, on the other hand, you do not and people just submit numbers
or submit the ID card and a chip-and-pin, then there are opportunities
for fraudsters to use the cards very extensively and to have false
identities. Unless we did the biometrics, we would not know that
the person using the card was not the person who was supposed
to be using the card. The ID card will have a little photo on
it, but it will be very small, very blurry and probably it will
be possible to fake up the card with that. The Home Office says
there will be encryption methodology as well, but it is likely
that there will be an arms race between the fraudsters and the
card industry. There always has been in every other field. It
is unlikely that human history will suddenly stop.
Q57 Jenny Willott: Are there any IT implications
of how to counteract that type of fraud? What can be done to ensure
that information truly is in silo, so it is not possible to cross-access?
Professor Dunleavy: If you very
frequently and omnipresently check the biometrics, that would
cut down on the amount of fraud.
Q58 Jenny Willott: That is extremely
Professor Dunleavy: That would
be very expensive to do. If you have a quality of biometrics that
you use to establish the card, to get the check working it has
to be a similarly high quality check later on. So that would be
very expensive. When we looked at the previous Home Office information,
we assumed that there would be quite extensive use of biometrics,
but it seems, from the way the Home Office has been revealing
little bits of information, as if biometrics would be used really
just to validate the card at the beginning. And then it is not
clear how many other public services will use it and how often
they will ever refer to the biometricsin which case, it
is just like a chip-and-pin card but with an initial validity
Mr Tyndall: Certainly the experience
in local government of issuing these cards is that the advantage,
if a smart card is lost and you know you have lost it and you
have bothered to report it to us, is that a stop can be put on
that token being used anywhere else in the electronic system and
the memory of the system is clever enough to recreate your card
and reissue you with one. Most people are familiar with this in
the credit card world. When it works, that is fine, but there
are several caveats in that explanation. You have to know that
you have lost your card, you have to be bothered to report it,
and it then only prevents the fraudulent use in electronic mode.
If I lose my driving licence today, by this evening somebody could
be hiring a car in my nameas long as they look reasonably
like me and somebody bothered to check the photoand they
could be off and using it. So there are significant advantages,
but it is not foolproof, and, as has been said, there will be
some sort of arms race if the fraudsters believe that there is
significant benefit in spoofing the system. The technology is
moving on apace and some of the encryption routines are very sophisticated
and it will be a very expensive arms race eventually, assuming
that the Government has the energy to go investment for investment
with the fraudsters and keep raising the bar.
Q59 Jenny Willott: This has financial
implications in the long-run.
Mr Tyndall: It depends on what
is at stake. There is a very strong business case in some local
authority administered benefits for saying that there is enough
fraud in the system currently to make that investment eminently
worthwhile because there are so many false identities created
in some of the systems we use at the moment. So it is not all
bad news but inevitably the investment curve is upwards.