Disastrous UK Government IT Projects
I recently penned the following for my local No2ID mailing list (the Camden & Islington branches)...
For what it's worth, I worked briefly on one of the failed Government IT projects mentioned in the Guardian article referenced on this list a couple of days back. I just wanted to share a brief perspective of that, in case it's useful or interesting for anyone contemplating the possible woes of the Government's national ID card and database projects...
The consultants on projects like this have tailored their behaviour to maximise profits in the environment they find themselves in. That is to be expected - so long as they operate within the law they can be neither blamed for that nor expected to change of their own accord.
The stratagems they use to maximise profits include a thorough sabotage of project technical deliverables, such that projects appear to make progress towards achievable goals, thus avoiding cancellation, but in actuality will require endless rounds of deep rework and extra funding in order to deliver a system actually does anything useful.
Every extra pound spent in this way is an extra pound billed to the client (the Government), and every pound billed earns markups and ongoing overheads. So for the contractors, the way to make the most money is to drag the project on for as long possible, spending as much money as they can along the way, without ever actually delivering anything that works. The results of incentivising contractors this way speak for themselves.
Of course, if such abuses were too explicit, that would give the client a means to sue and wriggle out of contracts, jeopardising future income. Fortunately for the contractors, the process of producing large (or even medium-sized) IT systems is difficult and murky enough for the desired disruption to be practically self-organising, given the correct environment for incubation. Badly-judged technical architecture, addiction to proprietary standards, wishy-washy technical leadership, and good old-fashioned hiding of incompetence using imaginative misrepresentation, these will pretty much do the job. Black-ops meetings in smoke-filled rooms are undoubtedly only used as a last resort, and did not, during the period of my employment, produce any requirement to directly solicit the services of my own pay grade as a saboteur.
Presumably this state of affairs persists because Government actors are not being held accountable for the success or otherwise of projects under their control. If that were to change, then the Government could possibly improve the situation by lowering the barriers to entry for competing IT consultants and contractors, and showing some negotiating guts to restructure the way contractors are rewarded, thus introducing some real competition amongst technology providers to deliver something that actually works.
That this hasn't already happened says to me that Government actors are ensnared in some sort of corruption - by which I don't necessarily mean an explicitly dishonest kind. The situation could charitably be interpreted to include what I term 'passive corruption' - the kind of poorly aligned incentives or incompetence which leads to similar outcomes as traditional corruption. (For more thoughts on how passive corruption of this kind affects society, see the excellent writings of Lawrence Lessig.)
While it's in all our interests for this situation to get fixed in order to improve our Government's effectiveness, I see no hope that this will happen soon. Fortunately for No2ID this sad state of affairs provides us with the ammunition that the ID card and database projects are unlikely to work well, and are likely to cost significantly more than current projections, which I agree should be exploited as has been outlined adroitly by others, on this list and elsewhere.