General Data Protection Regulation (GDPR): what the public sector needs to consider

Graphic design image: three padlocks in front of a futuristic city.

By Steven McGinty

In March, the Information Commissioner’s Office (ICO) published the results of a survey into local government information governance as part of their preparations for the General Data Protection Regulation (GDPR), which comes into force on 25 May 2018.

Although the ICO notes that many local authorities have good data protection policies, there are still councils where work needs to be done. The survey findings include:

  • A third of councils do not undertake Privacy Impact Assessments (PIAs)
  • 26% of councils do not have a data protection officer
  • 50% do not require data protection training before accessing systems

Under the new GDPR the above findings could constitute a breach, and result in the ICO taking action against the offending council. Recently, the ICO fined Norfolk County Council £60,000 (under the Data Protection Act) for failing to dispose of social work case files appropriately.

What impact will Brexit have on the GDPR?

The UK Government has finally triggered article 50 of the Lisbon Treaty, starting the process for leaving the European Union (EU). However, this does not mean that the UK will escape the European Commission’s GDPR. Digital minister, Matt Hancock, has confirmed that it is in the UK’s best interests to ensure the ‘uninterrupted and unhindered flow of data’, stating that the GDPR would be fully implemented into UK law, even after we leave the EU.

Is the public sector exempt from the GDPR?

There have been reports that some public sector bodies believe that they are exempt from the GDPR. This assumption is based on the regulation’s special conditions and derogations, which allow member states to restrict the GDPR’s scope to safeguard the public interest (some countries, such as Denmark, already have exemptions for public sector bodies). Additionally, fining a public sector body has also been viewed as making little sense – taking from one public sector budget and placing it in another.

However, both of these assumptions are flawed. As the GDPR has been designed to enhance the rights of EU citizens, it would be against the spirit of the regulation to introduce blanket exemptions for the public sector. And it is certainly not unheard of for regulators to fine public bodies, such as the recent Norfolk County Council case, or the Hampshire County Council case in August 2016, where the council was fined £100,000 by the ICO for leaving social care case files in a disused building.

How does the GDPR differ from the Data Protection Act?

The GDPR has been described ‘as the most important change in data privacy regulation in 20 years’, providing greater rights to citizens and harmonising data privacy laws across Europe. However, to achieve this, new requirements have been placed on organisations. These include:

  • Personal dataArticle 4(1) of the GDPR includes a broader definition of ‘personal data’ than previous legislation. It states that any information relating to an individual which can be directly or indirectly used to identify them is personal data. Specifically, it refers to ‘online identifiers’, which suggests that IP addresses and cookies may be considered personal data if they can be easily linked back to the person.
  • Privacy by designThe concept of ‘privacy by design’ is not new, but Article 23 of the GDPR makes this a legal requirement. In essence, it means that public sector bodies will have to consider data protection at the initial design stage of product development. This could involve adopting technical measures such as pseudonymisation – the technique of processing personal data in such a way that it can no longer identify a particular person.
  • Data Protection Impact Assessments (DPIAs) – As the ICO’s research highlights, a third of councils do not undertake any form of privacy impact assessment. From May 2018, public sector organisations will have to carry out DPIA’s for certain activities such as introducing new technologies and when processing presents a high risk to the rights and freedoms of individuals. In the latter case, organisations will need to consult the ICO to confirm they comply with the GDPR.
  • Appointment of a Data Protection Officer (DPO)Article 35 of the GDPR states that public bodies must have a designated Data Protection Officer. This can be an existing employee, as long as there is no conflict of interest, or a single DPO can represent a group of public sector bodies. As the ICO research suggests (26% of councils do not have a DPO), this is one of the main areas where councils need to improve.
  • Data portability– Public sector organisations must ensure that personal data is stored in a ‘structured, commonly used and machine readable form’, so that individuals can transfer data easily to other organisations. For instance, suitable formats would include CSV files.
  • Strengthening subject access rights– Individuals can now request access to their data for no cost and must be responded to within 30 days (this is a change from the Data Protection Act which requires a £10 fee and there is 40 days to respond). For complex cases, this can be extended by two months. However, individuals must be notified within one month and be provided with an explanation. These requests could prove time consuming and costly for public sector bodies, and as such, supports the case for introducing digital services that allow individuals access to their data.
  • Right to be forgotten – The right to erasure (its official name) allows individuals to ask an organisation to delete all the information held on them – although this would not apply if there was a valid reason to hold that data. This principle was established in the high profile case involving technology giant Google.
  • Failing to comply and breaching the GDPR – When there is a breach, public sector bodies will have an obligation to inform their national regulator (the ICO in England) “without undue delay and, where feasible, not later than 72 hours after having become aware of it.” These requirements could present challenges for public sector bodies, who are often engaged in providing vital public services with limited resources. However, policies will have to be introduced to ensure breaches can be reported promptly, particularly as the new penalties for data breaches are significant, with public sector bodies liable for fines of up to €10,000,000. In addition, individuals also have the right of redress and may seek compensation if they feel their rights have been breached.

What should public sector bodies be focusing on?

Although May 2018 may seem a long time away, the ICO research suggests some local councils (and the wider public sector) need to make several changes to ensure compliance with the GDPR.

Most importantly, organisations need to start reviewing the new regulation and considering how it applies to them. Evidence of a clear strategy – including the appointment of a Data Protection Officer, the use of privacy impact assessments, and staff training – will go a long way towards demonstrating an organisation’s intent to comply with the GDPR.


Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you enjoyed this article, you may also be interested in: 

Digital transformation in government: moving towards 100% digital

Mike Bracken, former Executive Director Digital for the UK Government, on a stage with the word 'Onwards' in the background.

Mike Bracken, former Executive Director Digital for the UK Government, speaking about  ‘The digital transformation of the UK Government ”  Image by gdsteam via Creative Commons

By Steven McGinty

On the 1st March, Companies House, the agency responsible for the UK’s register of companies, announced their intention to become a 100% digital organisation by the end of 2018/19. Over 80% of companies already submit their documents digitally, but the agency is keen to move this figure as close to 100% as possible, highlighting the cost savings and improved levels of service.

However, Companies House is not alone in its digital ambitions. ‘Digital by default’, the idea that digital services should be the most convenient option for people, has been a key policy aim of the UK government.

Digital Transformation programme

In January 2013, the government introduced its first significant venture into digital transformation. The programme, which involved the Government Digital Service (GDS) – the agency responsible for digital transformation – and eight government departments, set out to transform 25 major services in 400 days, with the aim of developing services that were simpler, clearer and faster to use.

By the end of the programme, in March 2015, twenty exemplar projects had been completed, including services as varied as enabling people to register to vote, making a claim for the Carer’s Allowance, and booking a prison visit.

“Death of the self-assessment tax return”

In the March 2015 Budget, the Chancellor, George Osborne, announced a major IT project, which he described as “a revolutionary simplification of tax collection”. At the time, 12 million people were completing self-assessment tax forms every year. But by early 2016 the government expected that five million small businesses and the first ten million individuals would have personalised digital tax accounts, bringing together all their tax details. By 2020, it’s expected that over 50 million individuals and small business will benefit from personalised digital tax accounts.

Although the project has generally been praised, Jamie Morrison, private client partner at HW Fisher & Company, has warned that – apart from the most straightforward cases – automation won’t improve the self-assessment experience. Similarly, Mark Abbs, a tax partner at London-based chartered accountant Blick Rothenberg LLP, has suggested that the five-year time frame might be too ‘ambitious’.

Investment in digital transformation

As part of the 2015 November Spending Review, George Osborne provided £1.8 billion over four years to support digital transformation initiatives.  This included supporting the move towards digital tax accounts, mentioned above, and the introduction of a simple payment mechanism for all central government services.

In addition to this funding, UK Trade and Investment (UKTI) – which works with businesses to ensure their success in international markets – received £24 million to simplify their online services and ensure they can interact effectively with other government services.

More surprisingly, the GDS was given a budget of £450 million over four years – an increase on its previous £58 million a year. This news was particularly positive for those connected with the GDS, as there was concern that their budget (and influence) would be greatly reduced.

Challenges of digital transformation

The biggest challenge to the goal of ‘100% digital’ is that not everyone is able to access digital services (and to a lesser degree those who have access but need support). In 2015, the Office of National Statistics (ONS) found that 14% of households in Great Britain had no internet access, with 31% reporting that this was due to a lack of skills. Other factors for lack of access included the cost of technology (14%) and the cost of accessing the internet (12%).

Elizabeth Rust, in a 2014 Guardian article, highlighted that often those who are digitally excluded need to access government services the most. She offered the example of a jobseeker who lost his Jobseeker’s Allowance because he struggled to access the internet to apply for jobs, particularly as limited access was available at his local library.

This highlights the challenge of achieving ‘100% digital’, and is why although HM Revenue and Customs (HMRC) are now moving towards digital tax accounts, there will still be an option to complete self-assessment returns in the traditional way.

In the 2016 March Budget, George Osborne also provided £71 million of extra funding to support the digital tax roll-out. These additional resources will be used to extend the opening hours of customer service offices that deal with online enquiries and tax credits.  These improved services should be in place by 2017, enabling greater levels of support for users of digital tax records.

Conclusion

Digital transformation provides a major opportunity for improving government services and reducing costs. It’s not a case however of simply replicating existing customer journeys within an online environment. It requires organisations to put people at the heart of their delivery approach. And in turn, this requires significant internal challenge and change.

The ambition for digital transformation will only succeed if the government invests in digital skills, provides services that encourage people to use them, and supports individuals as they adapt to new digital services.


Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you found this article interesting, you may also like to read:

eGov Singapore: award winning leader in digital government

By Steven McGinty

“Singapore leads in all dimensions of digital readiness and scores high in economic competitiveness, citizen engagement as well as public sector productivity.”

These are the words of Ng Wee Wei, Managing Director (Health & Public Service) at Accenture, in Singapore. He made this statement on the day Singapore was ranked number one for digital government, in a comparative study carried out by Accenture.

However, this is just one of the many accolades won by Singapore. Other notable successes have included:

In my latest article on digital government around the world, we’ll take a look at how this island city state has become a global leader and what can be learned from their experience.

E-government policy development

In the 1970s the Singapore government realised that they were unable to compete with the larger labour-intensive economies. As a result, they identified ICT as a way of improving economic performance, particularly through increasing labour productivity, making processes leaner and more efficient, and delivering better services to customers.

In 1982, the government launched the Civil Service Computerization Program (CSCP). The programme’s main objective was to enhance public administration through the effective use of ICT. This involved developing new business processes, automating work functions and reducing paperwork for greater internal operational efficiencies. In essence, it provided the foundation for subsequent e-services.

Throughout the 1980s and the 1990s the government started to develop the programme. For instance, the National Information Technology Plan (NITP) was introduced to support cross agency collaboration. This led to the creation of “TradeNet”, an application that enabled exchange of documents between the private sector and various government agencies.

As Singapore entered the new millennium, the e-Government Action Plan (2000-2003) (eGAP 1) was launched. This was the first of what the government now calls the ‘eGov masterplans’.  It set out the aim that:

All government services that can be delivered electronically shall be delivered through electronic means”.

The second e-Government Action Plan (2003-2006) emphasised improving the customer experience, connecting citizens with each other and fostering collaboration between government agencies.

The third, iGov2010 Masterplan (2006-2010), had a strong focus on integrating government services, making sure that processes cut across agencies. In addition, increasing the e-engagement of citizens was also a key objective, particularly in fostering greater bonds within different communities, such as young people.

Most recently, the government introduced the eGov2015 Masterplan (2011-2015), which outlined the vision of collaboration between the government, the private sector and the people through digital technologies. There was also a recognition that the government should act as a platform provider to encourage greater co-creation of new e-services.

Key features of eGov Singapore

  • SingPass

Singpass (Singapore Personal Access) was introduced in March 2003 and enables citizens access to government e-services, from over 60 government agencies via a single platform. In total, there are 3.3 million registered users, with transactions increasing from 4.5 million in 2003 to 57 million in 2013. The system provides a high level of security for users, as well as removing the need for agencies to develop and administer their own.

In July 2015, an Enhanced SingPass was introduced. It included improvements such as the option to customise the SingPass ID, mobile-friendly features, and stronger security capabilities. However, the updates proved to be so popular that on their initial release the website was temporarily inaccessible due to high traffic.

  • data.gov.sg

data.gov.sg was launched in June 2011 and is Singapore’s first stop portal for publicly available government data, as well as applications developed using government data.  The portal has increased to over 8,700 datasets (covering a range of themes, from business and the economy to housing and urban planning), with contributions coming from over 60 government agencies.

The government has introduced schemes such as ideas4apps Challenge and Harnessing Data for Value Creation Call-for-Collaboration (CFC) to encourage the creative use of government data. One example from the portal’s showcase is FixMyStreet, an app which allows citizens to report, view or discuss issues with public facilities, such as litter and broken lifts.

  • eCitizen

eCitizen was introduced in 1999 and is the first-stop portal for government information and services. When the portal was first introduced it pioneered the concept of cross-agency, citizen-centric government services, where users transact with ‘one government’ (the ability to access several government services via the one website).

In 2013, the eCitizen portal was recognised for “Outstanding Achievement” in the Government category of the Interactive Media Awards. It beat 137 other nominees to the award, which evaluates entries based on: design; content; feature; functionality; usability; and standards compliance. Since the portal’s redesign in 2012, there has been a 65% increase in visitors, with significant improvement in the success rates of searches (up to three times).

 What key lessons can countries learn from Singapore?

In the book, National Strategies to Harness Information Technology: Seeking Transformation in Singapore, Finland, the Philippines, and South Africa, Jeannie Chua outlines the key lessons that other countries can take from the Singaporean experience. This includes:

  • Stable political leadership

Singapore has had the same political party in charge of its Cabinet since 1959. This high level of political stability is rare, unlikely to occur in most countries and not necessarily desirable for democracy. However, it does highlight the importance of some level of continuity for progressing a digital agenda, whether that’s within the same government or across different government administrations.

  • Industry collaboration – getting the private sector to do more

The use of government intervention to create opportunities for the private sector and providing effective working partnerships has been very successful in Singapore. This ‘catalyst’ role has encouraged innovation and supported the creation of a successful ICT industry.

  • The willingness to innovate and take risks

Singapore’s willingness to adopt technologies at an early stage has proved to be a success.  For instance, the National Library of Singapore adopted RFID (radio-frequency identification) technology, the use of radio waves to automatically identify people or objects, even though it was relatively untested at the time.

 Final thoughts

Singapore has been successful at creating a strong foundation for e-government and is deserving of all its accolades. The success has been built on a combination of factors including political willingness and economic policies. However, what has also been important is the country’s ability to learn from each stage in its development.

As the country moves forward, key issues such as cybercrime and privacy concerns will have to be addressed. In 2014, there was a security breach involving 1,560 Singpass accounts. A year later, the government introduced a new central government agency for cybersecurity operations. It’s hoped that this central agency will be able to bolster the country’s critical ICT infrastructure.

It’s these measures, and its ability to act swiftly, that will hold Singapore in good stead for the future. This is maybe the real lesson for those looking to emulate Singapore’s e-government success.


Enjoy this article? Read our other recent blogs relating to the digital economy:

IDOX Plc announced on 8 October 2015 that it had acquired the UK trading arm of Reading Room Ltd. Reading Room, founded in 1996, is a digital consultancy business with a focus on delivering websites and digital services that enable its customers to make critical shifts into digital business and client engagement. It has an international reputation for its award winning and innovative approaches to strategic consultancy, design, and technical delivery.

Digital Agenda Norway (DAN): international digital leader but still pushing forward

Split Norwegian flag flying in the wind

Image courtesy of Pixabay via Creative Commons.

By Steven McGinty

Continuing my series on digital government best practice, I will be looking at the success of Norway and what they hope to achieve through their Digital Agenda for Norway (DAN) strategy.

Norway is already a leader in “digital government”, ranking second only behind Singapore in a study carried out by Accenture on implementation progress and citizen satisfaction. The Norwegian State Secretary, Paul Chaffey, suggests that this success has been built on a foundation of a population of tech savvy Norwegians, with a history of being at the forefront of cutting edge technology.

For instance, in 1973 Norway became the first country to connect to the US’ ARPANET, which was the military predecessor to the Internet. And more recently, maritime and off-shore technology developments in Norway have become of global importance. In particular, the use of Big Data modelling plays a significant role in finding new oil fields.

Egovernment policy development

In 2000, the government presented the eNorway action plan, a set of ICT initiatives designed to support the development of the ‘knowledge society’ and improve the lives of the people of Norway. The plan consisted of descriptions of the individual ICT initiatives of ministries, as well as common frameworks to support joint initiatives.

This soon evolved into eNorway 2005, which had the main goal of developing a set of principles for ICT initiatives. From this, the government set out three primary targets for its ICT policy:

  • Creating value in industry;
  • Efficiency and quality in the public sector;
  • Involvement and identity.

Then, the government introduced eNorway2009, a strategy that would take Norway a ‘digital leap’ forward. It argued that the public sector had to be viewed as one unit, if digital progress was to be made. Therefore, the new strategy focused on the use of multi-disciplinary initiatives and projects. There was also a recognition of the need for cooperation between all sectors and levels of the public sector, as well as the private sector.

In 2012, the government also published a report on the digitisation of the public sector. It outlined the government’s key policy objectives for their digitisation programme – keeping Norway at the forefront internationally in terms of providing digital public services to its citizens
and businesses.

Major successes

  •  ID-Porten

A major development has been the implementation of the hub, ID-Porten, which verifies citizens via electronic IDs (eID).  It allows citizens to securely login to government digital services via a single login portal. There is also a common technical platform (ID Gateway), which allows citizens to login to services using four different eIDs: MiniID; BankID; Buypass; and Comfides.

BankID, Buypass, and Comfides all provide access to a high level of security (level 4). These IDs are required when accessing personal data and only issued to individuals who appear in person. However, MiniID provides only a medium-high security level (level 3) and pins codes can be sent via mail or through SMS. This is the most common eID (used by almost 2.7 million citizens) and provides access to digital services provided by the tax services and the Norwegian State Educational Loan Fund.

  • Altinn.no

In 2003, Altinn was launched to provide a single web portal for public reporting. This was driven by the amount of time Norwegian businesses were spending on statutory reporting. To resolve this problem, the three large public agencies in Norway – the Norwegian Tax Administration, Statistics Norway and the Bronnoysund Register Centre – started Altinn.

However, the project has now moved beyond that of public reporting. Now it’s responsible for providing an array of electronic forms (over 700) and digital services, as well as providing information for businesses.

The most used service by citizens is the completion of tax returns online. In 2009, more than 440,000 businesses chose to do their statutory reporting through Altinn.

  • Regjeringen.no

This is the main information portal for the Norwegian government. It has a user friendly design and in many ways is similar to the UK Government’s website GOV.UK.

Digital Agenda for Norway (DAN)

In 2013, the Norwegian government published the white paper on the Digital Agenda for Norway (DAN).  The strategy is linked to the Digital Agenda for Europe, and is also related to the Europe 2020 strategy.

The DAN explains that the government’s primary goal is that:

Norwegian society take full advantage of the value creation and innovation opportunities that ICT and the internet offer.”

This has been the philosophy from the early stages of Norway’s digital development.

The DAN highlights that greater digitisation is inevitable but notes that it will be important to identify areas with the greatest potential for development.

In terms of the public sector, the DAN identifies a number of areas for development:

  • Public sector information – increasing the accessibility and reuse of public sector information.
  • Digital services for citizens – improving digital registration for property rights and creating a paperless justice sector.
  • Commons technical solutions – the development of digital mailboxes for citizens and businesses, the use of digital document exchange, and the creation of common registers to support the public sector.
  • Organising and coordinating for more efficient use of resources.
  • Adapting laws and regulations to a digital public sector – requiring digital communication to be the standard method of communication for the public sector.

Looking to the future?

Norway has earned their reputation as a ‘digital leader’. Over the years, the government has set out a series of clear policies to support the transition to the digital age. Although not perfect, significant improvements have been made. For instance, 93% of Norwegian households now have access to the internet; this figure was only 55% in 2003.

The new DAN presents Norway with an opportunity to continue the success of recent policy initiatives. And on recent evidence, this is a clear possibility.

However, with other countries looking to improve their performance in digital government, it will be interesting to see if they will overtake Norway in international comparisons or if Norway’s sustained focus will pay off and enable them to be the world’s number one in terms of using digital services to increase citizen engagement and improve service delivery.


Enjoy this article? Read our other recent blogs on digital government:

Follow us on Twitter to see what developments in public and social policy are interesting our research team.

IDOX specialises in election services, with Idox Elections offering end-to-end solutions for electoral management systems. Idox was awarded a number of contracts to support the Norwegian municipal and county elections held in September 2015. This follows Idox’s success in delivering similar election services during the Norwegian General Election of 2013.

The Government Digital Service: successes, turmoil, and the focus for the future

By Steven McGinty

In April 2011, the Government Digital Service (GDS) was launched to lead the digital transformation of government. The focus was on making public services digital by default (a policy which envisions most public services being delivered online), and simpler, clearer and faster to use.

Their first major project was the development of GOV.UK. It was to act as the primary source for UK government data and would replace a number of existing websites, including DirectGov. Overall, GOV.UK has been viewed as a GDS success story.

In the latest GDS progress report, it was highlighted that:

  • Over 300 agency and arm’s length bodies’ (ALB) websites had been transitioned over to GOV.UK by the end of 2014;
  • The GOV.UK website averaged 12 million weekly unique visitors in the first quarter of 2015 (25th most used website in the UK);
  • The GOV.UK website saw 13.6 million unique visitors and 21.2 million visits in the last week of January 2015 (this was the likely the result of the 31st January Self-Assessment tax return deadline).

However, GOV.UK has not been without its critics. In February, the Register revealed documents that said that the GDS knew that GOV.UK was:

destroying useful online services and replacing them with trendy webpages bereft of useful information

One noted failure was the transition of the Home Office visa and immigration site to GOV.UK. According to their own analysis, the GDS did not have a good enough understanding of the users’ needs.

GDS in turmoil?

At the beginning of August 2015, Executive Director of the GDS Mike Bracken announced he was leaving. In an interview, Mike Bracken explained that he was leaving due to the “stresses and strains” of the role. The current GDS Chief Operating Officer Stephen Foreshew-Cain will move up and replace him.

There have also been a number of other senior GDS leaders departing. These include:

  • Deputy Director Tom Loosemore
  • Director of Strategy Russell Davies
  • Director of Design Ben Terrett
  • Head of User Research Leisa Reichelt
  • Transformation Programme Director of the Government Digital Service Michael Beaven.

These changes have led to speculation about the future of the GDS. Last financial year, the service had a budget of £58 million and approximately 700 members of staff. Computerworld have suggested that the GDS could undergo substantial cuts as part of the HM Treasury’s spending review.  If so, the impact could fundamentally change the GDS’ role.

The future

In August, Matt Hancock MP, Minister for the Cabinet Office, reiterated his support for the GDS. He said:

“the work that GDS is doing, and the vision of Government as a Platform, is changing the core infrastructure of shared digital systems, technology and processes.”

The Minister then went on to emphasise that the GDS has extremely talented people and has a lot more to contribute in the future.

In addition, Eddie Copeland, Head of Technology Policy at the Policy Exchange has outlined 5 points of focus for the ‘next phase’ of the GDS. These include:

  • Be guardian of the rules – the government should lead the way in defining the standards of how front-end government IT should work, although should not be concerned about who provides it, whether that’s public or private sector.
  • Focus on the user / citizen experience – the government should focus on providing a positive customer experience and creating online transactions that are needed.
  • Lead on open standards for data – the use of open standards would reduce the technical barriers to sharing information between different systems.
  • Be an informed customer – failed IT projects were often the fault of the government, therefore the government needs to become a smarter, more demanding customer.
  • Scale best practice – all departments should learn from the successes of the GDS, and try to implement innovative solutions where possible.

 Final thoughts

It’s likely that the GDS will play an important role in the continued digital transformation of government services. However, some – including Eddie Copeland – believe that the GDS will become a smaller organisation.  As a result, there may be opportunities for the private sector to get involved in supporting the digital transformation, particularly if they can provide a solid business case.


Follow us on Twitter to see what developments in public and social policy are interesting our research team.

Read our other recent articles on digital government:

e-Estonia: leading the way on digital government

By Steven McGinty

 “We should talk about a digital-embracing government, not e-government”

These are the words of Andres Kütt, system architect and adviser to the Estonian Information Security Authority. By this he means that the term ‘e-government’ implies a separation between digital and government. So, instead he advocates the term ‘digital-embracing government’ as it highlights that digital should be embedded within all aspects of governance.

Why does the Estonian view matter?

In Estonia, digital has become the norm, and most government services can now be completed online. They have managed to find a way of creating partnerships between the government, a very proactive ICT sector and the citizens of Estonia. As a result, the country of just 1.3 million people has become a leader in digital government.

The ‘core’ of the Estonian model 

  • Electronic ID cards

Key to the Estonian approach is the use of an electronic ID card. As of 2012, more than 1.1 million people have ID cards. The Estonian population have been described as ‘tech savvy’ and ‘pragmatic’. This could be the reason ID cards have been successful there, whereas in the UK concerns about threats to privacy have always led to their rejection.

The ID card acts as both an identity document and, within the European Union, a travel document. It provides a way to verify citizens using online services. The card is secure, and is used for activities such as internet banking, participating in e-elections, and buying public transportation tickets. Mobile phones can also act as an ID card, allowing citizens to confirm their identity online.

  • Population Database

The Estonian government has a national register (called the Population Database).  This provides a single unique identifier for all citizens and residents in Estonia. Similarly to the use of ID cards, these forms of large scale database are unlikely to be accepted by the British public. For instance, concerns were raised when it was suggested that a Scotland-wide ID database, which would have included records from 120 public bodies, could be introduced.

Estonian digital government services

  • e-Elections

Since 2005, Estonians have been able to participate in e-elections using their ID card or their mobile ID. Once a voter’s identity has been verified, the connecting digital signature is separated from the vote. This allows the vote to be anonymous.

In the 2011 Parliamentary elections, 140, 846 people voted online, representing 24% of the eligible voting population. Recent elections have also shown that online voting has had a positive effect on voter turnout.

However, security concerns have been raised over Estonia’s voting system. Researchers from security firm SafelyLocked have suggested that the software has insufficient security safeguards to protect it from hackers.

  • e-Health record

As of January 2010, Estonia’s citizens have been given access to their medical records via a medical information system. It contains information such as diagnoses and doctor’s visits and is accessed using the ID card.

What could the UK learn from Estonia?

In a recent presentation, Andres Kütt was the first person to admit that you can’t simply take the Estonian approach and implement it into another country. However, he does suggest that methodologies used by Estonia can be adopted by other countries to help them come to their own digital solution. There are also wider lessons that can be drawn from the Estonian experience.

In the UK, the Government Digital Service (GDS) have an ongoing arrangement with the Estonian government – a Memorandum of Understanding signed in 2013 committed the two countries to working together to advance digital public services. The GDS highlights that a lot of Estonia’s success comes from the fact that they started with no pre-existing infrastructure. This means that they were able to avoid legacy problems, such as the challenge of integrating older and newer systems.

However, Pete Herlihy of the GDS, reported that on a visit to Estonia he realised that:

  • The government needs to publish details of the data it holds for each of their systems
  • The government needs to publish an agreed set of open data and messaging standards and protocols, to allow easier communication between systems.

Final thoughts

The eventual solution for the UK will have to be different to that of Estonia. Yet it’s clear that when government, the private sector and citizens come together, it is possible to create a society that is digitally connected.

Here are just a few final facts about the success of Estonia.

  • 98% of banking transactions in Estonia are conducted through the internet
  • In 2013, over 95% of income tax declarations were processed through the e-Tax Board
  • Cabinet meetings have become paperless sessions using a web-based document system.

Further reading

IDOX is a market-leading developer and provider of a broad range of software solutions for UK and international public sector organisations – especially local government. These solutions are designed to help clients comply with regulatory requirements, as well as enable online delivery of public services.

The Carnegie Trust and the Wheatley Group: showing us how we can tackle digital exclusion

By Steven McGinty

As the government pushes towards ‘digital by default’, a policy which envisions most public services being delivered online, it’s worth remembering that 20% of the UK population still lack basic internet skills. Groups such as Citizens Advice Scotland (CAS) have raised concerns that ‘digital by default’ could significantly impact on vulnerable and marginalised communities, particularly those claiming welfare benefits. However, if every citizen had basic digital skills and could use online government services, it could save the public purse between £1.7 and £1.8 billion annually.

So, which groups are the most digitally excluded?

According to the UK Government’s digital inclusion strategy, digital exclusion occurs among the most disadvantaged and vulnerable groups in society. These include:

  • those living in social housing (approximately 37% of those digitally-excluded live in social housing);
  • those on low incomes (44% of people without basic digital skills are either on low wages or are unemployed);
  • those with disabilities (54% of people who have never been online have disabilities);
  • older people (69% of over 55’s are without basic digital skills);
  • young people (only 27% of young people who don’t have access to the internet are in full-time employment).

What are the main barriers to using online services?

In 2013, the Carnegie Trust carried out research into internet access in Glasgow. The findings suggest that there are three common reasons why people never go online:

  • the comfort of doing things offline (34% of people cited their preference for speaking to people on the telephone, or in person, as the reason they don’t go online);
  • a fear of digital technology and the internet ( 28% were worried about issues such as using technology and staying safe online);
  • the costs involved (20% of people highlighted pressures on incomes and the cost of internet connections).

What are the main drivers for people going online?

More recently, the Carnegie Trust carried out a new piece of research, replicating their Glasgow study in two new locations: Dumfries and Kirkcaldy. The study investigated the main reasons people choose to go online. The findings show that:

  • 56% of people went online to find information of interest to them;
  • 48% went online to keep in touch with friends and family;
  • 44% thought it would be an interesting thing to do;
  • 44% had to go online as part of their work.

 How can we encourage people to go online?

Both Carnegie Trust studies show that each individual’s journey to digital inclusion is different and that a ‘personal hook’ or motivation, such as the opportunity to communicate with family members abroad, is an important tool for encouraging digital participation.

Additionally, they also show that friends and family are an important source of help when people are taking their first steps online. For instance, the case studies in Dumfries and Kirkcaldy highlight that people would appreciate help from ‘trusted intermediaries’ or local groups.  Therefore, it’s important that digital participation initiatives make use of existing communities’ networks and tap into the support available from friends and families.

Wheatley Group

The Wheatley Group, which includes Scotland’s largest social landlord, the Glasgow Housing Association (GHA), has been heavily involved in addressing digital exclusion. They have developed a digital strategy to help social tenants access the internet and are committed to proving free or low cost internet access (maximum of £5 per month).

The Group has also been involved in two pilot projects: one which provides technology to 12 low-rise homes, and the Digital Demonstrator project, which tests the feasibility of low-cost broadband in multi-storey blocks. The pilot projects highlighted two important lessons:

  1. the role of the local Housing Officer was key for engaging with tenants
  2. it was important that communities and neighbours learned together.

In an ideal world, every citizen would be digitally literate, and be able to interact with government online. However, this is not the reality. The work carried out by the Carnegie Trust and the Wheatley Group provides a solid basis for developing digital initiatives and ensuring that citizens and communities are not left out.


Further reading:

Socitm deliberates: what’s the future for local government digital services?

By Steven McGinty

Today, the Society of Information Technology Management (SOCITM) are having their 28th annual Spring Conference. The event provides business and technology leaders from across the public sector with the opportunity to discuss the future of government digital services.

A key issue up for debate is the development of ‘local public services as a platform’. This is based on the idea of ‘government as a platform’, a UK government policy which aims to provide:

“a common core infrastructure of shared digital systems, technology and processes on which it’s easy to build brilliant, user-centric government services”

The most high profile example of government as a platform is the use of a single website to provide digital services, known as GOV.UK. This was introduced by Government Digital Service (GDS), the organisation responsible for the digital transformation of central government services. It’s believed that the use of GOV.UK has led to more than £60m in savings, simply from replacing the DirectGov and Business Link websites.

How could local public services as a platform work?

To date, there have been two main approaches put forward. The first, proposed by Richard Copley, head of information and communications technologies (ICT) at Rotherham Metropolitan Borough Council, involves the creation of a Local Government Digital Service (LDGS). This would oversee the development of a single website for local government services, removing the need for individual council websites. It’s argued that this would only cost each council £3,000 per year, allowing local councils to make substantial savings.

However, Socitm have rejected the idea of a single website for local services. They argue that a single website:

‘..ignores the independence of local authorities as organisations that have different democratic mandates and priorities… local government is exactly that. Local requirements, whether of geography, size, demographics or politics, must continue to drive council websites.’

Instead, Socitm suggests the use of a common platform for sharing local government tools and applications. This would mean that local government could promote and share examples of best practice. However, they do acknowledge that incentives would need to be introduced to encourage this.

Is there political support for extending government as a platform into local government?

There was certainly intent by the Conservative government to have this happen. Ed Vaisey, UK minister for culture and the digital economy, is an advocate of Richard Copley’s view of a ‘local government digital service’ (LGDS). He explains that having local government on one website is an ‘ambition’ and emphasises that it has the potential to save billions of pounds by providing a gateway, similar to GOV.UK, for local government services.

Similarly, George Osborne made the increased use of digital services a major theme of the last Budget. For example, the Chancellor has expanded the remit of the Government Digital Service (GDS), to include collaborating with local councils to develop ‘customer-focussed, digitally-enabled, efficient local services’.

Labour’s shadow Cabinet Office minister Chi Onwurah has also been involved in the debate. Last year, she was keen to see the GDS support the work of local councils, which indicates that there may be some agreement with the Conservative Party. Recently, she expanded on her view, explaining that if the GDS were to work with local councils, they should focus on major areas such as social care and benefits.

At the moment, the future of local government services is uncertain. However, it’s important that we continue to debate the issue in order to find solutions that will provide real value for taxpayers, as well as provide better public services.


Further reading

What is “the right approach” to public service website design?

socitim finger pointSocitm have recently reported on their 17th survey of local authority websites, Better Connected 2015, and the picture still isn’t great. Although rising expectations are said to be driving improvement, there are still significant gaps in performance. The key highlights from the report illustrate this:

  •    Slow and intermittent progress in improving their websites in the past year.
  •    Advances in accessibility – 43% providing satisfactory features for the disabled.
  •    Increases in number of responsive sites – increasing to nearly 50% (easy reading and navigation).
  •    8% now reach the 4 star ranking.
  •    Public satisfaction fell by 30%.
  •    The gap has narrowed by over 9%, between satisfied and dissatisfied.
  •    Slow progress in mobile performance experience – only 1/3 passing the assessment, especially customer journeys for top tasks.
  •    Only 37% of councils passed the top tasks standard, a slight improvement on last year.
  •    Nearly 50% of new sites launched didn’t improve the 1 or 2 star ranking.

Martin Greenwood (Socitm’s Insight Programme Manager) said shortcomings are due to councils having limited resources and not taking the right approach to designing websites. He highlights key barriers to improvements:

  •    Lack of resources and skills.
  •    The need to simplify.
  •    Focus on mobile, getting this right helps with the website as a whole.
  •    Addressing what makes the website poor, such as standards, digital governance, and management of content, before making the same mistakes.
  •    Not having strong editorial control, to ensure consistency.
  •    Not having a national structure for budgets, third party software and information sharing.

So what is the right approach? Information on how individual councils perform is available in the full report, but 34 councils achieve the maximum 4 star. In the past year, there has been a significant increase in the number of councils that have implemented a responsive site, up from 107 (26%) to 198 (49%). Many of the issues highlighted are the same for all websites, and ownership, clarity of purpose, clear user journeys are key to all websites. So how can all websites be improved?

  •    Have clear editorial processes and accountability.
  •    Really focus on the customer journey and remove any distraction.
  •    Make the information architecture clear and consistent, prioritise top tasks.
  •    Design for mobile devices first.
  •    Keep content relevant.
  •    Make sure all forms have context, such as the process or service which can be expected.

and specifically for local authorities Socitm highlights:

Should local authority websites be a priority in today’s efficiency saving climate? Ipsos Mori shows that 85% of the adult population now use the internet, while Ofcom found that half of internet users use government websites, including local authority ones, and this is growing rapidly. With 45.3m visits each month to council websites already, this will continue to grow, but will sites be resilient enough to cope? 30% of visits end in failure, even the best performing sites have 15% failures, and most failures lead to other modes of contact, such as calls to already busy call centres. DCLG found that 65% of local authorities said they had made savings as a result of implementing digital services, with an average saving of £1.4m, and also the added value of greater efficiency and transparency. The digital trends which are emerging across the public sector are driven by technological solutions to create efficiencies, as well as a better use experience, for a more digitally aware customer. Part of the solution to this efficiency is strategic use of content, simplified and used across the whole organisation. Technology will be used more and more in service delivery, better use of call centre information and feedback, and improved searching functions for information. The results of Better Connected, although promising, have some way to go. Although failure to meet, what are essentially customer service standards, may not be having a direct monetary impact currently, it will in the future if local authorities do not keep pace with the principles of user-centred design. Idox agrees with the report’s findings, especially that user-centred design is key to online services. As a company we are taking this forward within our business strategy. We have found that there is a an eagerness to develop and improve web experience, but with constraints on financial budgets, public sector clients are prioritising the improvements which are absolutely necessary. The Idox Information Service can give you access to a wealth of further information on digital service delivery, to find out more on how to become a member, contact us. An example of other resources we can offer to meet the challenge facing the public sector: Better Connected 2015 (Press Release) Local Digital Today Digital Trends in the public sector Digitally positive: an essay collection Technology Manifesto Internet Citizens 2013: use of citizen-related online content and services

Digital transformation: rethinking the plumbing of government

Last summer, the Daily Telegraph reported on the Home Office decision to abandon its flagship immigration computer system. One respected IT contractor told the newspaper:

“I just don’t think the UK government should be allowed to buy IT at all. Maybe give them abacuses, but they could still get those wrong.”

Which might seem comical. But ditching one £350m system and commissioning another at taxpayers’ expense is no laughing matter. As Margaret Hodge, chair of the Commons Public Accounts Committee observed:

“Given its poor track record, I have little confidence that the further £209 million it is spending on another IT system will be money well spent.”

Unfortunately, the Home Office is not alone in its difficulties managing IT initiatives. And while private companies such as banks can encounter technological problems, public sector technology projects seem especially prone to failure. From the BBC to the NHS to the Department for Work and Pensions, publicly-funded organisations have acquired an unenviable reputation for implementing and managing IT.

According to the authors of a new book, Digitizing Government, the underlying challenge facing the public sector is to view digital transformation as being less about technology and more about organisational change. In short, they contend, it’s about “rethinking the very plumbing of government.”

In reviewing three decades of visions, strategies and initiatives, the authors attempt to understand why government has struggled to achieve technology-based public service transformation. The answer, they conclude, lies in “outdated management culture, processes, capabilities, an idiosyncratic procurement model and a supply chain that discouraged innovation and impeded competition.”

The book contrasts the closed, top-down, bureaucratic and paper-based approach of governments with commercial digital services that have emerged to provide an increasingly digitally-savvy public with fast, customised and personalised interactions.

The book’s authors go on to propose a “new normal” to remake public services for the digital age. Once again, they stress the importance of taking a broad view of digital transformation that requires: “…redesign and re-engineering on every level – people, process, technology and governance.”

Some of the proposed ideas take a common sense approach:

  • Use ‘lean thinking’ to move away from meetings, paperwork, discussions, bureaucratic rivalries, and towards more efficient and effective ways of delivering high-quality, timely relevant services to citizens and businesses.
  • Break down the silos separating services, such as policing, courts, the probation service and housing, to enable clustering of similar components together.
  • Bring in and cultivate the right skills.

Smart digital thinking applies not only to central government departments, but to local councils, our closest and most common interaction with government. According to the book’s authors, by adopting common ways of doing things – along the lines of Google, Apple and Toyota – local authorities, their residents, partners and suppliers would all benefit.

The book provides an example of this approach already being practised by the London borough of Hounslow. Rather than embedding new technology into old processes, the emphasis is on standardising processes, an approach that offers opportunities for process improvements and for information sharing across councils. Culture change is also at the heart of the support that Idox offers to the local authorities which buy its software and managed services – in areas such as online planning, environmental health and licensing – as efficiencies are unlikely to be achieved if existing processes are just replicated for an online world.

The authors acknowledge that the journey to digital transformation will not be easy, especially for organisations that are complex, use security concerns as barriers to agility, and have low levels of understanding of digital ethos.

But they make a strong case for digitising government, arguing that it offers the prospect of citizens benefiting from a more seamless approach to government services, and less wasteful administration and duplication of resources.


Members of the Idox Information Service benefit from access to a range of research and intelligence support, including a library of books on public sector policy and practice.