Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2021
|Identity Matters||Other Topics||Waltzing Matilda||What's New|
Roger Clarke **
Notes of 24 October 2005
Prepared for an eGovernment Consultation Workshop, as part of the 7th Framework Programme for Information Society Technologies, Brussels, 26-27 October 2005
© Xamax Consultancy Pty Ltd, 2005
Available under an AEShareNet licence or a Creative Commons licence.
This document is at http://www.rogerclarke.com/EC/eGovRes0510.html
The accompanying slide-set is at http://www.rogerclarke.com/EC/eGovRes0510.ppt
The audio (7 minutes, 3.2MB, MP3 format) is at http://www.rogerclarke.com/EC/eGovRes0510.mp3
I was invited to provide some brief comments on the key issues that I perceive to be currently relevant areas of research in the eGovernment arena.
At Slide 2, I suggest that we need some focus on communications between individual citizens and government agencies. Agencies, like corporations, use poorly-designed web-forms to create barriers; and many fail to implement adequate back-end systems. People want to be able to use email, and synchronous ('instant messaging') interfaces. And they expect agencies to respond, and to manage cases professionally.
So empirical research is needed into the perceptions that citizens have, and that agencies have, about electronic communications, enquiries, feedback and complaint channels. And we need experiments, demonstrators and open-source packages to establish good practice, to enable it to be adopted easily and quickly by agencies, and to cause embarrassment to agencies that fall short of expectations.
At Slide 3, I turn my attention to the means whereby citizens discover information and services that are available from governments. The term 'portal' continues to be used, even though that concept is inappropriate in the public sector context. A 'portal' is the automatic first-port-of-call for large numbers of captive net-users eager to part with their money. A portal's purpose is to enable private-sector operators to 'control eyeballs', and thereby command high advertising-rates and click-through fees, plus commissions on resulting sales.
What's needed in eGovernment is 'entry points', whereby the citizen/consumer can discover and access information and services, nomatter which agency provides them, and without having to first understand the current fashions in public sector organisational structures and naming conventions. We need case studies of effective entry points, and models, demonstrators and open-source packages.
At Slide 4, I extend this to the next logical step. The 'Freedom of Information' movement has been subverted by governments and by government agencies. It was initially reduced to a mere 'right of access to identified documents'. And its spirit has been widely ignored, with exemptions claimed and extended, and unrealistic fees imposed.
The digital era has greatly changed public expectations. Agencies must move to the concept of eFoI. Research is needed to assist agencies to break the culture of secrecy and develop in its place the norm that every document is written with the expectation of public access. Research is also needed into the extension of content management systems to provide automated publication of most government documents.
At Slide 5, I draw attention to the need for much more work on Privacy-Enhancing Technologies, popularly referred to as PETs. Anonymity exists, and will exist, and has its place. But, because anonymity works against accountability, I refer to technologies that enable it as 'savage PETs'.
At Slide 6, I suggest that we need technologies that represent 'gentle PETs', which provide effective pseudonymity, rather than anonymity.
But at Slide 7, I point out that 'gentle PETs' can only achieve the credibility that will guarantee their adoption if they include firstly technical features that protect the link between identities and the people behind them, but secondly legal protections, and thirdly organisational arrangements that create barriers to unauthorised glimpses behind the veil.
At Slide 8, I move on to some myths that the 'authentication' and 'identity management' industry have been getting away with for years, to the serious detriment of eBusiness generally.
There are many types of assertions that need to be authenticated. In most cases, identity is not the key issue. Instead, it is some assertion of fact that matters; or an assertion that value has been transferred, or that an identity has an attribute, such as age, or qualifications, or the legal capacity to represent some entity such as a company or a person.
In circumstances where authentication of identity is relevant, many organisations conflate 'identity' with 'entity', and fail to appreciate that most people have many identities, and that many identities are used by more than one person.
There is also a whole host of misinformation being perpetrated about biometrics. Most biometric technologies don't work in the real world, embody extraordinary threats to freedoms, and offer remarkably little benefit to security in general, and especially to counter-terrorism.
At Slide 9, I offer a diagram that shows the distinctions between identifiers (which relate to identities), and what I call 'entifiers' (which distinguish instances of entities, such as pallets, packages, companies and individual human beings). The diagram also enables the concepts of anonym and pseudonym to be properly understood. A great deal of technical research is needed to clear up the intellectual mess that the information technology industry has made of authentication, authorisation and identity management.
Finally, at Slide 10, I offer a couple of thoughts on technologies to support eDemocracy. There are benefits in real-time ePolling. But complex issues cannot be assimilated by the public as they stand at a bus-stop or flick through their email. Straw polls will be beneficial for simple questions, however, such as 'how credible is that political statement I just heard?'.
Complex issues demand considered opinions based on multipartite discussions. We can build on our experience with focus groups and formal submissions from interest groups in order to develop various forms of 'Deliberative ePolling' techniques. But this requires more than assertions by mere pundits. It demands technical research, and social research into the application of experimental designs.
I hope these brief comments have done two things. I want to convey a sense of public dissatisfaction with eGovernment, which conflicts with the cosy sense of progress that is prevalent in many government circles. But I have also sought to offer suggestions about some directions in which research funding could be valuably deployed.
Clarke R. (1999) 'Identified, Anonymous and Pseudonymous Transactions: The Spectrum of Choice' Proc. User Identification & Privacy Protection Conf., Stockholm, 14-15 June 1999, at http://www.rogerclarke.com/DV/UIPP99.html
Clarke R. (2003a) 'Biometrics in Airports: How To, and How Not To, Stop Mahommed Atta and Friends' Xamax Consultancy Pty Ltd, 23 February 2003, at http://www.rogerclarke.com/DV/BioAirports.html
Clarke R. (2003b) 'Identification and Authentication Fundamentals' For 'Authentication and Identification: New Paradigms', at the Conference on 'State Surveillance after September 11', U.N.S.W., 8 September 2003, at http://www.rogerclarke.com/DV/CLPC030908.html
Clarke R. (2003c) 'Why Biometrics Must Be Banned' Abstract for the Cyberspace Law & Policy Centre Conference on 'State Surveillance after September 11', U.N.S.W., Sydney, 8 September 2003, at http://www.rogerclarke.com/DV/Biom030908.html
Clarke R. (2004a) 'Identity Management: The Technologies, Their Business Value, Their Problems, Their Prospects' Xamax Consultancy Pty Ltd, March 2004, from http://www.xamax.com.au/EC/IdMngt.html
Clarke R. (2004b) 'The Internet and Democracy' Future Challenges for E-government, Discussion paper no. 3, Australian Government Information Management Office (AGIMO), at http://www.agimo.gov.au/publications/2004/05/egovt_challenges/community/democracy
Clarke R. (2004c) 'The Internet and Democracy: Has Hong Kong Left It Too Late??' Presentation to the China Information Technology and Law Centre, Departments of Law and CSIS, University of Hong Kong, 10 September 2004, at http://www.rogerclarke.com/II/HKeDemocracy.html
Clarke R. (2005) 'Business Cases for Privacy-Enhancing Technologies' Paper for the Executive Session of PETS 2005 - 5th Workshop on Privacy-Enhancing Technologies, 2 June 2005, Cavtat, Croatia, at http://www.rogerclarke.com/EC/PETsBusCase.html
Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in the E-Commerce Programme at the University of Hong Kong, Visiting Professor in the Baker & McKenzie Cyberspace Law & Policy Centre at the University of N.S.W., and Visiting Professor in the Department of Computer Science at the Australian National University.
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.
From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.
Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916
Created: 24 October 2005 - Last Amended: 24 October 2005 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/EC/eGovRes0510.html