Volume 38:2
July 2015
C ontents Publisher The Institute of Public Administration New Zealand PO Box 5032, Wellington, New Zealand Phone: +64 4 463 6940 Fax: +64 4 463 6939 Email: admin@ipanz.org.nz Website: www.ipanz.org.nz ISSN 0110-5191 (Print) ISSN 1176-9831 (Online) The whole of the literary matter of Public Sector is copyright. Please contact the editor if you are interested in reproducing any Public Sector content. editor John O’Leary: johntoleary@paradise.net.nz contributors Luke Aki Carl Billington John Larkindale John O’Leary Rose O’Neill Kathy Ombler Margaret McLachlan Rose Northcott Maurice Williamson journal Advisory Group Annie De’ath John Larkindale Karl Lofgren Len Cook Margaret McLachlan Ross Tanner
President’s message by John Larkindale................................................................ 2 IPANZ news: Privacy – part of our DNA................................................................... 3 Guest editorial: Back to the drawing board............................................................. 4 by Maurice Williamson MP Cover story: A change in mindset – building the digital future........................ 5–9 Radical, new, collaborative: Iaas and Common Capabilities........................10–11 Q&A: A fundamental shift – a conversation with Government Chief Information Officer Colin MacDonald.............................12–13 A shared approach...........................................................................................14–15 Private, secure... and digital?..........................................................................16–21 Top tips for new professionals in the digital age........................................... 22–23 Point of view: by Dr Rose O’Neill, Principal Consultant, Maven Consulting Ltd.............................................................................................24
R a d i c a l , n e w, collaborative: Iaas and Common Capabilities 10 – 1 1
Scope IPANZ is committed to promoting informed debate on issues already significant in the way New Zealanders govern themselves, or which are emerging as issues calling for decisions on what sorts of laws and management New Zealanders are prepared to accept. Information for authors Public Sector considers contributions for each issue. Please contact the journal’s editor for more information. Subscriptions IPANZ welcomes both corporate and individual membership and journal subscriptions. Please email admin@ipanz.org.nz, phone +64 4 463 6940 or visit www.ipanz.org.nz to register online.
12–13
Advertising Phone: +64 4 463 6940 Fax: +64 4 463 6939 Email: comms@ipanz.org.nz
A fundamental shift – a conversation with Government Chief Information Of ficer Colin MacDonald
A shared approach 14 – 1 5
Disclaimer Opinions expressed in Public Sector are those of various authors and do not necessarily represent those of the editor, the journal advisory group or IPANZ. Every effort is made to provide accurate and factual content. The publishers and editorial staff, however, cannot accept responsibility for any inadvertent errors or omissions that may occur.
Front cover image: © Agsandrew | Dreamstime.com - Metropolitan Information Highway Public Sector is printed on environmentally responsible paper produced using ECF, third-party certified pulp from responsible sources and manufactured under the ISO14001 Environmental Management System.
July 2015 Public Sector 1
PRESIDENT’S MESSAGE
Run it up the pole – why the upcoming debate about the flag is so important By IPANZ President John Larkindale
O
ne of the few constants over the span of human existence, and particularly so over the past few decades, has been that of change. And the pace of that change and its impact on all of us has been increasing. The focus of this issue of Public Sector is on some of the areas where new technologies and possibilities will make our lives better, as well as some of the challenges that will have to be addressed. New Zealand’s society has already been shaped by the information age and will be even more so in the future. What is the relevance of this to the issue of possibly changing the New Zealand flag? A country’s flag is but a symbol of the nation; nobody, for example, ever went into battle for a flag, but rather fought under it for a variety of reasons including existential threat, basic patriotism, a commitment to preservation of certain values and a way of life, and even for adventure. The flag indirectly reflects some aspects of a nation’s most basic attributes. New Zealand today is a very different country from what it
2 Public Sector July 2015
was 20 years ago, or when I was at university in the 1960s, let alone when we first adopted our flag. There is an argument that we should have a flag that represents who we are now, one that all those that now call New Zealand home can relate to and that represents their view of the future of this country. And that is where a debate over the flag is so important – it provides the opportunity for a national dialogue about what kind of a country we all aspire to live in. If we look around the world, the developed countries in particular, we see, increasingly, in many countries an erosion of a broad-based consent environment in which the people delegate through a democratic political process the task of governing to an elected body of representatives. In many member states of the European Union, populist parties of both the far left and the far right are gaining support. In the United States, very little common ground exists between Republicans and Democrats in Congress, reflecting an increasing political polarisation of society. And, most
recently, we have seen in the United Kingdom over recent years a strong downturn in broad-based support for the two traditional majority parties, although the general election itself resulted in the Conservatives being able to form a government thanks to the first-past-the-post system. In large part this has come about because citizens have become increasingly doubtful about the extent to which governments have in fact been governing in the interests of most “ordinary” people. Whether or not this is in fact the case is largely immaterial; it is the perception that is important. Economic recovery following the 2008 financial crisis has been uneven, with benefits (and costs) flowing differentially to the various socio-economic strata in society. Advances in technology have been a contributing factor, but governments’ inability or unwillingness to address the consequences satisfactorily has had a destabilising effect. I have said previously in this column that I believe that in New Zealand there remains a broad societal consensus about the kind of country we aspire to be. The debate about the flag provides us with a unique opportunity to validate those views, to make it clear to all our political representatives, irrespective of where they stand on the political spectrum, just what are the considered views and aspirations of all New Zealanders about our joint future. Such a national dialogue would enable a broad framework to be developed to guide future policies across a broad range of areas in our society. What range and scale of services do we expect from our government, and are we prepared to accept a taxation
regime that aligns with those expectations? How important do we rate the protection of our unique environment against economic growth, and are we ready to accept the overall consequences of what we decide? How do we want to protect the more vulnerable in our society? How does New Zealand want to present itself to the world, and what are our core values, including in areas such as human rights and religious tolerance? These are but a few of the issues that need to be traversed. If we can succeed in such a national conversation – even partially – I believe that we will have accomplished something enormously important in securing our future as a nation. We will have taken a big stride towards reducing the growing democratic deficit perceived by so many citizens, the younger ones in particular. Different parties will still have different approaches but the debate will increasingly focus on means rather than ends. Our parliamentary representatives will have been given a template to move in a defined direction. They will be able to be confident that, provided they maintain that course, they will have an evidence-based foundation on which to implement their stewardship responsibilities of making New Zealand the best possible place for New Zealanders today and for those who will live here in the future. And the flag? Once we have confirmed who we are and what we want as a society, it should be relatively easy to agree on what symbol should represent our country at home and abroad. For information about the New Zealand Flag Consideration Project, including suggested new designs, visit www.flag.govt.nz.
ipanz news
Awards night Tuesday 21 July, Wellington
Winners announced 22 July @ www.ipanz.org.nz/excellenceawards
Privacy – part of our DNA
G
ood information management and privacy should be part of the DNA of the public servant, says Russell Burnard, Government Chief Privacy Officer. He was speaking at an IPANZ event on 30 April. “Privacy and its management is all about public value. The public expects information to be secure and private but Ministers and senior public servants want that information to be used for better, more efficient, customer-centred services, including appropriate sharing of data between departments,” Burnard says. The role of the GCPO, part of the Department of Internal Affairs, was established last July. It followed a series of lapses of privacy from government agencies and a need to deal with privacy and information better than before. “My office helps departments manage their privacy issues. Privacy is not a goal of itself; it’s an enabler not an impediment.” Burnard acknowledged other players in the privacy area, including the Government Chief Information Officer Colin MacDonald, the policy section of the Ministry of Justice,
the Privacy Commissioner John Edwards and the intelligence community.
aversion. We are seeing a new era for privacy officers – they have to work closely with the business, to be involved early and be adding value from the start of Privacy strategies any new projects.” The 42 government Burnard says the Privacy Act agencies under the GCPO should not be used as an excuse. jurisdiction (to be expanded “If you can define the information Russell Burnard, to include DHBs from 1 July) Government Chief and how it will be shared, you must take responsibility Privacy Officer can mitigate poor outcomes.” for establishing privacy The emphasis on digital strategies, inventories of delivery of government services their information and must has the potential to be valuable for citizens develop processes and policies to mitigate and the government, but central to this risk. is the privacy of individuals and their “I’m not telling CEs how to ‘get out of information. jail free’; I’m hot on encouraging agencies to do risk assessments, not compliance “I’m keen to give citizens more choice tick boxes. Every agency takes a different – we should be more overt about the approach,” Burnard says. purpose of the data collection and In the past nine months his office has its use. I’m not keen on one agency found that the larger agencies are able to collecting information only once for all resource privacy management well, while of government. The public sector are the the smaller agencies are still struggling. The custodians of the data, not the owners. GCPO is thinking of ways to assist them. We will get Better Public Services if we “Risk awareness has been raised, are thinking about the citizen from the which paradoxically may be leading to risk beginning.”
We have the Talent! For permanent and contract positions, we have the expertise, networks and know-how to match the right talent with the right job every single time! Visit: www.thejohnsongroup.co.nz or phone 04 473 6699
10 great years as the public sector’s recruitment partner.
July 2015 Public Sector 3
g u est editorial
Back to the drawing board By Maurice Williamson MP
T
here could be no better example of the transition from the Industrial Age to the Digital Age than the use of Smartgate and its use by NZ Customs at our borders. What used to be a very low tech, time-consuming and open-to-human-error process has now become a high tech, highaccuracy transaction which averages around 18 seconds per person. The speed of modern chipsets, along with the huge drop in unit prices, has meant it is technically possible to embed microchips, GPS units, modern location-based mapping applications and remote cameras into just about any operation. This has resulted in a huge number of the old manual processes having already been replaced with technology-based solutions, many of which are still very much in their infancy. Voice recognition systems and scanner technology have meant that all manual input technologies can be fast-tracked and integrated into solution technologies. It is expected that the microchip will catch the human brain for speed and memory capacity within the next decade. That means we will be able to embed into very simple everyday products the equivalence of human intelligence. Fibre optics, and more recent advancements with LED lighting in relation to its capacity for data transmission, have meant that we can move mountains of information over light bands within microseconds. 3D printing and driverless cars were considered bizarre concepts being advocated by nutters only just a few years ago. Now they are an everyday reality, with driverless cars already having been legalised in several
states in the USA. For the public sector, this technology revolution has far reaching implications. Instead of just trying to guess the best location for the building of a new hospital or fire station or school, it is now possible to use high tech information systems that allow for the optimum location of a service unit. These new GIS systems take into account population distributions, a wide range of demographic data, transport and communications networks, and overall demand distribution. It used to be hard to make geographically based decisions using just tables and raw data. But now the fact that we are able to look at the data superimposed on maps and geolocations makes the decision-making process come alive and allows for optimal decisions.
A change in attitude
Instead of information being stored in silos that only a handful of authorised people could access, modern thinking revolves around making as much information publicly accessible so it can be used and reused by just about anyone. The massive change in attitude can be best seen in Statistics New Zealand and all the datasets they collect and maintain. Yes, it is vital to ensure individuals’ information and privacy is protected, but it is equally important to unlock the rich seam of these datasets to any outside organisation which can take such data and add value to it. It used to be that government agencies were very protective of “their” data and felt a need to keep it from the outside world. Now there is a move to make sure as much
information can be made publicly available as possible. And if datasets are geocoded then they can be dropped onto any mapping application and used immediately. So with this wall of technological devices coming at us and the huge volume of datasets available online, it is important managers no longer keep thinking in the old Industrial Age paradigm. Every part of the business needs to be completely reviewed and decisions taken as to how to extract the best value that the internet, cloud storage of huge datasets and hand-held processing units (that have more computing power on board than the entire US Defence Department had 20 years ago) have to offer. Many managers will think that their part of the public service doesn’t lend itself to this digital transformation as much as other parts do. In most cases they would be wrong. Every section of the public service needs to be prepared to go back to a first principles evaluation that asks what are we here for, what it is we need to do to create the necessary outcomes and outputs, and more importantly how do we achieve that? Ultimately, the advancement of digital technology is a complete revolution in how public services can be delivered. It is a revolution that should be embraced and not ignored. My message to everyone in the public service is: go back to the drawing board. Think outside the old straitjacket of manually based systems and think about how your part of the service can be revolutionised. It may have budget implications in the short term, but inevitably, the efficiency and cost effectiveness of the outcome will be self evident.
Dominion Post (Newspaper). Fletcher, David 1952- :’It was great to have a few days off doing nothing but surfing!’. 18 January 2012. Fletcher, David, 1952- :[Digital cartoons published from 2001 onward]. Ref: DCDL-0019978. Alexander Turnbull Library, Wellington, New Zealand. http://natlib.govt.nz/records/30115566
4 Public Sector July 2015
– building the digital future The digital revolution has provided more tools than we’ve ever had to operate with in the public sector. However, the real challenge is not the change in technology as much as the change in mindset that needs to go along with it. Carl Billington explores the challenges and opportunities facing public administration in the digital age.
W
e discuss the digital landscape or the digital domain as if it were another channel for us to consider – another ‘environment’ we can choose to engage with when it suits us. Yet, rather than existing as a separate environment, the digital landscape has grown to encompass the world we operate within. It alters the terrain around us: in that sense, the digital age has come to us. In this issue of Public Sector we explore some of the challenges and opportunities the digital environment presents as we consider what it means for public administration in the digital age. This article introduces some of the thinking and activity that is helping chart the public sector’s course through the digital terrain. >
July 2015 Public Sector 5
© Hannu Viitanen | Dreamstime.com
A change in mindset
A change in mindset Public service in the 21st century
Richard Foy, Director Digital Strategy, DIA
“It’s not just using 21st century technology, it means operating from a 21st century mindset.”
Andy Prow, Chief Executive, Aura Information Security
“...if you build a strategy around stopping bad things happening, people tend to spend the minimum they can get away with to achieve that. It encourages compliance, but not investment.”
6 Public Sector July 2015
For Richard Foy, recently appointed Director Digital Strategy for the Department of Internal Affairs, public service in the digital age is about much more than simply “taking old world forms and vomiting them onto the web”. In his former role as General Manager Digital Transformation, Foy has led the Better Public Services Result 10 initiative, which supports the role of the Government’s Chief Information Officer by providing the strategy for digital public services. “A core part of that is about enabling New Zealanders to complete transactions with government digitally, but it’s also about supporting the GCIO’s broader task of drawing the public service into the 21st century. Some agencies are doing great work individually, but how do we embed that across the whole of government? “Although DIA sits at the centre of that task, we’ll only succeed collaboratively. It has to be more than a think-tank. It’s about connecting great digital thinkers with those involved in service delivery and design. “It’s not just using 21st century technology, it means operating from a 21st century mindset. There’s a difference between thinking digital and being digital. We need to get to the point where it just runs in our DNA,” Foy says. The digital environment is opening a door to some astounding possibilities for the future of public service, as well as a number of challenges and barriers. Chief among these would appear to be the issues of privacy and trust. “You have to get it right. We’re trying to enable New Zealanders to retain control of their personal information, but also enable agencies to deliver valuable and useful services. One of the most vexing challenges in this is how to manage identity and privacy and still support the free flow of information. That’s why RealMe and being able to verify someone’s identity is so important. We must respect our role as stewards of people’s personal information,” Foy adds. “When it comes to the digital environment, it can be harder for people to understand and that creates uncertainty. We’ve gone to a huge effort to gain that trust and develop a product in RealMe to maintain that. Privacy is critical and it can be both challenging and emotive. Ultimately, it’s about trust.” Andy Prow, Chief Executive of Aura Information Security, is someone who specialises in advising both the public and private sector on these very topics.
We spoke to him about managing privacy, trust and security risks in the digital environment.
Cyber security
“IT security is no longer an IT problem – in the same way that erosion of public trust is not simply a ‘technical’ risk. Security and privacy need to be a foundational part of everyone’s thought process,” Prow explains. “If you’re a large construction business, you don’t think about health and safety or earthquake strengthening as add-ons. These are constant issues that need to be built into every decision you make. Security is not a technical issue; it’s an enterprise issue,” Prow adds. “If someone hacks into my activity as an individual, they may gain information about my banking or finances, which is bad enough. However, the information the government holds about all of us is much deeper – our passports, medical histories, driving histories, legal histories and more. The security of that isn’t something we can afford to get wrong; there is no ‘un-do’ on the loss of private information. “And it’s more than just the information. Potential abuse, disruption or loss of a service can be more damaging than a breach of the information held. “The government needs to remain trusted. In the past people perhaps gave government agencies their trust intrinsically. However, we’ve seen our own government falling foul of things in the media in recent times. I think some of that’s rocked society’s trust a little bit. Trust is something that takes time and effort to build, but unfortunately it can be eroded and destroyed in seconds.” Prow is also quick to point out that cyber security is one area where our geographical isolation makes little difference. “The only defence we have is that we’re a smaller target – we have a smaller population and a smaller economy, which makes us a lower priority to serious hackers. It’s nothing to do with our geography. It’s something we must take seriously,” Prow explains. “New Zealand is getting behind the idea of interconnected digital services. However, compared with our international peers, we have a lot less cash to do it with and end up doing a lot more on a shoestring. “One of the effects of this is that we see great work in new developments, with increasing attention given to security issues and testing, but this isn’t applied
retrospectively to legacy systems which still provide a lot of the core services – which are the more likely targets for attack. We need to avoid falling foul of security breaches that would erode that trust base,” Prow adds. With those risks in mind, New Zealand launched its own Cyber Security Strategy in June 2011 (the strategy is expected to be updated soon). Although Prow finds it encouraging that we at least have a strategy, he argues that a more progressive, visionary stance could be adopted. “New Zealand enjoys a trusted brand globally. We always score near the top on transparency indices and our non-nuclear policy has drawn great respect. That’s something we could look to capitalise on in our approach to security and the digital environment. “The current cyber security strategy is very much about protecting New Zealanders from bad stuff. It’s focused on the absence of bad, as opposed to providing a visionary statement for where we want to be in the future,” Andy explains. “The relevance of that is that if you build a strategy around stopping bad things happening, people tend to spend the minimum they can get away with to achieve that. It encourages compliance, but not investment. “There are opportunities here we could make a lot more of as a country,” Prow adds. Making the most of these sorts of opportunities, especially at the local government level, is what the Association of Local Government Information Management exists to achieve. I spoke with Mike Manson, Chief Executive, about some of the opportunities he sees on the horizon and some of those that are already being implemented around the country.
Bringing the future into the present
“Data is the oil of the 21st century,” says Manson. “We’re working on a number of innovative projects that are possible because of linked data. It’s about pooling elements of data from multiple councils and bringing them together to enable shared services. “Once we join the data up the possibilities become nearly endless. From simple things such as tracking family histories from cemetery systems or a particular headstone, to a particular dog and its ownership – none of those trails of information would end simply because someone moves to another jurisdiction. “Right through to the future possibilities of being able to tell how many people sit on a particular park bench versus how many walk past it – perhaps we should shift it to a more useful location. Or intelligent street lighting that senses people coming and brightens up as they draw near, or flashes at a precise location when emergency services are called out so they know exactly where to stop. The possibility of ‘smart cities’ has become very real,” Manson adds. It soon becomes apparent when talking with Manson that the value of linked data goes beyond mere information. “Currently, if I find a roaming dog or stock on roads, I have to send people out to look for them and hopefully contain them. Whereas a robotic drone could find the location immediately and track things for us. “Traditionally monitoring water reservoirs requires us to send a couple of people out in a dinghy to the middle of a dam and back. South Taranaki have already trialled drones for a structural assessment of their water tower,” Manson explains. “It removes the human risk: drones are not affected by gases or toxins or smoke like we are. >
Mike Manson, Chief Executive, Association of Local Government Information Management
“It’s about pooling elements of data from multiple councils and bringing them together to enable shared services.”
© Rolffimages | Dreamstime.com - Digital Identity
RealMe – a verified online identity As many of the articles in this issue of Public Sector make clear, privacy and security are critical to any move towards increasing digital transactions with government. RealMe was launched in June 2013 as a mechanism for New Zealanders to prove their identity electronically to public and private providers – opening the door for integrated, digital services and removing the need for individuals to supply paper identity documents to prove who they are. To date, 61 services use the RealMe login and over 1.9 million logins have been created, while more than 40,000 individuals have verified RealMe accounts. Six initial services have been enabled as a result of RealMe, involving service
providers such as StudyLink, the Electoral Commission, Births, Deaths and Marriages, NZForex, BNZ and TSB. Additionally, as of 29 May 2015, you can create a verified identity for online passport renewals. Over a thousand individuals have already taken up this offer. A RealMe login lets you access multiple online services with the same username and password. The service is designed to protect your privacy and security, so you can use your RealMe login in many places, saving you from remembering lots of different logins. A verified RealMe identity enables you to access the full range of online services. More information is available at: http://www.realme.govt.nz
July 2015 Public Sector 7
A change in mindset
Kirstin Donaldson, General Manager, Boost
“It’s increasingly clear that the way forward needs to be marked by collaboration, lean design and close involvement with the end users. But this requires a much more flexible approach, allowing the best solution to progressively emerge through the process.”
8 Public Sector July 2015
We could adapt them to spray weeds, assist with emergency management and all sorts of other tasks. It’s just a matter of adapting the technology and connecting it with local data.” What Manson is beginning to describe here are not digital services per se, but civic services that are made possible by the digital environment and the connection to linked data. Similarly, he sees the city library taking on a different, and very central, role in connecting a population with these shifts. “In Palmerston North for example, more people than ever are visiting the library but less people than ever are taking books out. As we looked into this we saw our libraries taking on a different role – they are becoming digital enablement centres. “As we move more and more into the modern age, I think there’s an important role government needs to play in helping bridge the digital divide. Our libraries are a key mechanism for that. We don’t want to lose a segment of society by moving into a world in which they can’t afford to participate. We need to think about how we ensure no one gets left behind,” Manson says. “Palmerston North City Library has already acknowledged this shift in role, rebranding their service as the Living Room of the City.” One of the challenges Manson highlights is that, as public servants, we sometimes find ourselves trying to cater to segments of society that can be even more advanced in their thinking and digital literacy than we are. However, for Manson, it’s not a question of how we stay ahead of people, but rather how we stay in synch with them and their changing needs. It needs to be a partnership with less and less distance in the relationship. “It’s not a matter of how we stay ahead but how we stay in touch. People’s expectations are rising – not only for the services they receive but also in their expectations about being able to participate and help shape those services,” Manson adds. Manson cites the example of one Australian council that published data on the public toilets they maintained. This data was unexpectedly picked up by the disabled community and used to plot a map of the best public toilets to use if you are disabled. “That’s not something we’d ever think of. We need to open our data up and trust our communities to come up with useful applications for it. “This is about bringing local government closer to the community. To achieve that, we’re going to have to change ourselves – not expect our customers to adjust their expectations to suit us. The opportunities
are enormous, but it requires change on many levels,” Manson adds. Helping organisations rise to implement this sort of change is part of what keeps Kirstin Donaldson busy as General Manager for Boost. The next section takes a closer look at some of the trends and changes Kirstin is observing from her perspective as someone in the private sector working alongside those in the public service.
Acquiring the taste for change
Boost has been around for over 14 years, providing ‘design-led’ web and app development services. You don’t have to talk to Donaldson for very long to see she’s genuinely passionate about supporting agencies to do things well and provide better value to citizens. “We’re all New Zealanders; we’re all taxpayers. As much as we’re a company providing a service, we also want to help lift the standard in the services we receive too. There’s a greater goal, a greater motivation here, which is the same for a lot of New Zealand’s tech companies,” explains Donaldson. One of the key points Donaldson is keen to get across is that it’s not actually about the technology; it’s about providing the right service offering. Technology can certainly enable the service but we can run into trouble if we confuse the delivery platform with the service itself. “There’s still a tendency for people to go with ‘wow’ in their design, which can become a hindrance if people can’t get what they want easily. What we need to really concentrate on is understanding user needs, identifying the best solution based on feedback from end users,” Donaldson says. As with the others we spoke to, Donaldson sees an endless array of opportunities on the immediate horizon for the public sector. However, she also suspects that some of the key barriers we’ll face lie within the very processes and infrastructure we use to procure and implement digital services and support. “As a result of previous budget cuts and ongoing financial constraints, agencies are being forced to take a very lean approach, doing more with less. This creates a lot more interest in new ways of working, but it can also increase resistance to change because of the ongoing risk aversion. Change feels uncertain and uncertainty feels risky,” Donaldson explains. “I think the high-profile coverage of IT blow-outs and problematic services over recent years has cast a long shadow over software and IT purchases.” Donaldson argues that the traditional success criteria of a product being delivered on time and on budget are not always the best fit for digital services.
“Sticking to timeframes and budget constraints are critical disciplines, they should be a given. However, you can be on time and on budget and still deliver a poor product. We need to demand more than that,” argues Donaldson. “It’s increasingly clear that the way forward needs to be marked by collaboration, lean design and close involvement with the end users. But this requires a much more flexible approach, allowing the best solution to progressively emerge through the process. “This runs counter to the traditional requirement to spec everything upfront, so the entire development process is mapped out to a predetermined output. Although this approach looks good on paper, it is inevitably built on numerous assumptions which often turn out to be full of holes at the first engagement with your end users. “When that happens you end up with significant change requests after the scope and budget and resources have already been confirmed and committed. That is how budget blowouts occur. That isn’t doing more with less; it’s the opposite,” Donaldson contends. “Ultimately the best way to de-risk IT projects is to build in an iterative way and then get feedback. Build something, test the prototype with users, find out if it’s going to work, and then build the next piece. “We could reduce a lot of risk and wastage simply by adopting the core principle of building in iterations and getting feedback throughout the process. Imagine the difference that could have made in an example like Novopay,
“The digital environment gives us the opportunity to engage in the design of services, not just their delivery. That is the fundamental shift.” which continues to impact on many New Zealanders. If something is going to fail you don’t want to wait to the end to find out,” Donaldson says. “The traditional ‘waterfall’ approach works for big infrastructure projects where you have more certainty, but in the world of digital services the whole environment is in constant flux. You need a much more ‘agile’ approach to be able to respond to these changes and incorporate that future proofing within the process, rather than trying to retrofit changes after the launch date.” Donaldson highlights how these principles are becoming the norm in the United States and the United Kingdom, and points to a number of encouraging signs locally – including a shift towards describing the end outcomes in procurement briefs rather than prescribing fixed solutions, and a greater emphasis on partnership in the design process. “We have some great opportunities in front of us all. I hope we make the most of them.”
More encouraged than daunted The conversations with Prow, Manson and Donaldson have offered a tour of bewildering possibilities and opportunities, as well as a number of significant challenges. As Prow put it,
“There are some agencies and some heroic individuals that are leading the way, but there’s also a number at the other end of the scale.” The task of confronting this gap falls in no small part to the Department of Internal Affairs, which houses the GCIO and the Result 10 programme. Reflecting on this, Foy acknowledges the challenges but finds himself more encouraged than daunted. “I’ve been encouraged by the speed at which the public sector shifted away from describing progress as a numerical target in terms of processes and outputs, to understanding that it’s about improving the customer experience of those services. “We see many agencies talking about ‘the customer’ now. The next step is to realise we’re each talking about the same customer and we could do more to integrate our services for them. The all-ofgovernment information platform www. govt.nz is one recent example of that,” Foy adds. “It’s not about technical boxes and wires – it’s about gathering data and insight and enabling us to co-design. The digital environment gives us the opportunity to engage in the design of services, not just their delivery. That is the fundamental shift.”
July 2015 Public Sector 9
Radical, new, collaborative
IaaS and Common Capabilities Signalling a radical new, collaborative, cross-agency digital service model, Infrastructure as a Service (IaaS) won the 2014 IPANZ Microsoft Award for Excellence in Digital Government for the Department of Internal Affairs. Kathy Ombler reports.
T
he project was lauded for being highly innovative and collaborative in its aims to rationalise government infrastructure, improve service quality, generate cost efficiencies and reduce risk. And it’s forecasting more than $100 million in savings over the life of its contract, since its inception in 2011. The service does not stand alone, however. It represents the foundation for other current and developing ICT services – the platform for the government’s vision of a single, coherent Information and Communications Technology (ICT) ecosystem across all agencies, to enable citizen-centric service delivery. This is a fundamental change in how government operates, not only in New Zealand but in most jurisdictions, says Chris Webb, DIA General Manager, Commercial Strategy and Delivery (CSD), the team managing development and delivery of new ICT services for the Government Chief
10 Public Sector July 2015
Information Officer, Colin MacDonald. “From a pure technology point of view, we’re moving away from owning and building our own ICT to using services from service providers. IaaS was about how we collaborated as a community and changed the way we operate.” In summary, IaaS enables government departments and other agencies to buy their computing infrastructure from approved suppliers on demand, and pay on a per-use basis. This brings about cost savings and flexibility, negates the need for agencies to own and maintain their own infrastructure, and reduces risk through the provision of up-to-date and secure systems. Datacom, IBM and Revera are the suppliers contracted to provide the services, which include data storage and processing and infrastructure services, to agencies. Developed through collaboration between technology suppliers, agencies and the GCIO, IaaS has been recognised as transforming the way government departments buy, access and use ICT. Currently, 55 agencies have signed up to the service, realising direct savings of $100.6 million to government. Two terms, “as-a-service” and “common capability”, are key to understanding this
transformative ICT ecosystem. First, “as-a-service” refers to services delivered through the Internet, or other networks, rather than owned and built in-house. It’s a phrase that’s become a bit of a mantra around the world, says Webb. “It is recognising that the business of government is focused on the citizen and the business interaction, not necessarily on the nuts and bolts of how you put together and manage a technology solution.” A “common capability” is any service or ICT capability that can potentially be used by more than one agency, or across the whole of government. IaaS is a foundation common capability, and sits alongside others such as SEEMail (a secure government email used by 61 agencies) and ONE.govt (a telecommunications network and security service, used by 47 agencies with $22.6 million forecast savings over its contract life). Over the past 18 months Desktop as a Service, Enterprise Content Management as a Service, and Office Productivity as a Service have also been released.
Streamlining and standardising These services streamline and standardise computing solutions for government, and ultimately will make it much easier for agencies to work together, contributing significantly to better public service outcomes, says Webb. There are more, still in the pipeline. Webb, who has spent more than 20 years working for large ICT services companies, manages the CSD team who develops, delivers and maintains the common capabilities. They represent a key element of the Government ICT Strategy and Action Plan to 2017, developed to transform service delivery. He says the big picture is about what government is trying to achieve with Better Public Service. “The core of it is about making the government operating model about people – citizens and business. The area we focus on within the GCIO is the radical transformation of ICT – a key enabler, or conduit or even catalyst for change – which is acknowledging the digital environment we are now operating in.” The initial approach is a collaborative model, he says. “Government has gone to technology suppliers and said: we want to collaborate in more areas. Please come back with your view of how you can create a better
IPANZ Gen-i Public Sector Excellence Awards 2014 winner
environment which we can all The ecosystem is still being built, yet the Value in the volume join, share, bring value to and accolades are rolling in. Since the IPANZ There are several components start building the ecosystem of Award, the CSD team has been described by to the financial advantages technology for government. an MBIE Procurement Effectiveness Review of common capabilities, says “This challenges the market as the most effective agency for procureWebb. “The collaborative model to come up with a response. ment in the New Zealand government. means aggregating demand, It also challenges government On a personal level, Webb is enjoying the both in the areas required agencies to understand, and ride. “Technology is such a big topic. I look and in the volume. If I buy five Chris Webb, General Manager, engage with, a different way of at it as a means to an end. It’s about getting coffees I get one free. Because Commercial Strategy operating.” the result you want rather than the latest we’re now going to market for and Delivery, DIA For the IPANZ Award, IaaS gadget. the whole of government, the was described as the poster “My personal highlights are about the unit price point is also lower child for the concept of investment and collaborative model we’ve been able to at the outset. The largest we’ve seen so far capability being shared. The award entry implement. It isn’t easy to do that, getting is about a 40 percent price point difference.” states: “It reduces agencies’ investments in people to park their particular agency Probably the most significant financial capital assets by allowing them to access benefit is the most difficult to explain, agenda, which is really important, and look computer power on demand through he says. “Remember this is about the at it in a collaborative way. alternative commercial models. It provides transformation of government; driving a “The biggest satisfaction I get is when I’m secure data centre facilities, avoiding the completely different operating model and with an agency or supplier who absolutely need for bricks and mortar. Now, using the a collaborative one to achieve those better gets what we’re trying to achieve and gets IaaS agreement and building other common public service outcomes. We are going back fully behind it. capabilities such as Enterprise Content to people-centric business. These services “We’re not in a conflict state with Management Services, Desktop as-a-Service are enabling those things to happen. the supplier community at all; it’s a and Common Web Platform on the IaaS “The savings are significant. For the collaborative model and everyone’s focusing infrastructure, we are able to accelerate 107 agencies consuming, government has on the same results for all New Zealand. the uptake of common capabilities and avoided going to the market 107 times.” They are stakeholders in it – they are create the foundation for a cloud-based ICT New Zealand businesses essentially, or a Inspiration delivery model for government.” global business within New Zealand, so Inspiration for the collaborative, common they’re interested in the outcomes. Pay by the drink capability model came essentially from “Another personal highlight has been IaaS and the as-a-service model is not about government, largely in response to where the ability to stand up a team really quickly, agencies or government buying assets, it’s the technology supplier market was headin a couple of years, and get them into a about consuming ICT from an ever-maturing, says Webb. “We recognised we needed really effective model and change the way ing, developing environment, says Webb. an aggregated model. And the cloud was we engage with the (supplier) market. Our “We can buy it when we need it, or not buy beginning to be the way to do things in the whole approach is based on early market it when we don’t need it. So it’s the pay-bytechnology space. engagement. We engage early, we engage the-drink type of model. “We now have multiple common the market in strategic thinking; we want “It’s a far more efficient and effective capabilities,” he says. “The first was IaaS, them to contribute, challenge and help way to manage capacity as there isn’t any that’s your plumbing. There are others you us work out how to implement. To accept unused capacity sitting there, which governcan think of in a similar way, such as toolsets their candid feedback, and have them feel ment’s paying for.” and desktops and content management, they can give it to us, that to me is very A good example was the Census, the stuff you need to do your job. We’re not rewarding.” managed by Statistics New Zealand and saying one size fits all. IRD’s requirement Joining the common capabilities rescheduled after the Christchurch earthfor its technology to support a business leadership role was an easy decision for quake. “They needed the capability quite transformation can be quite different Webb. “I thought it was exactly the right quickly and they needed to have signififrom those of the Ministry of Justice, or thing government should be doing. This is cant capability for a short time. Typically, Wellington City Council, or perhaps those right in the middle of the road I believe we you’d go and buy that and then you’d have of a small agency with quite targeted need to head down.” it sitting in a box and use it again in, how requirements.” many years? So IaaS was a great response. They tapped in, dialled off what they needed, had an engagement, the service The 2015 IPANZ Deloitte Fujitsu Public Sector Excellence Awards event will take place met their needs, and when they finished on 21 July at the TSB Arena in Wellington. For further information, contact Sandra it was dialled down and it was back to a Julian via email at ipanzawards@auaha.co.nz or telephone 04 910 5473. normal pattern of use.”
July 2015 Public Sector 11
Q & A
A fundamental shift – a conversation with
Government Chief Information Officer Colin MacDonald
W
hen he was appointed the government’s ICT supremo two years ago, one newspaper said Government Chief Information Officer and Internal Affairs Chief Executive Colin MacDonald was arguably the public sector’s most powerful mandarin. In this conversation with Rose Northcott, MacDonald discusses the magnitude of the ICT challenge and how success will mean a fundamental shift in the way things are done in the public sector. Q: Please explain your dual responsibility as ICT Functional Leader and CE responsible for Result 10.
They are different but intrinsically linked. Result 10 is about how citizens will experience government services in a digital world. That has to be completely underpinned and supported by technology. There is always an interesting dynamic between technology as underpinning infrastructure and technology as an enabler. The outcome is what’s important. With Result 10 we want to significantly improve the online customer experience so that the citizen is truly at the centre of services the government provides. That is enabled by technology, but also made much easier if that technology itself works well together.
Q: What needs to change?
“With Result 10 we want to significantly improve the online customer experience so that the citizen is truly at the centre of services the government provides. That is enabled by technology, but also made much easier if that technology itself works well together.”
12 Public Sector July 2015
Agencies are currently supporting their own services with technology with a reasonable level of efficiency, in line with the 1980s reforms. But as Productivity Commission Chair Murray Sherwin said recently, the 1980s reforms have run their course – we’ve gone as far as we can with the agency-centric model. We don’t want to throw it away, but we want to augment it by working across the system. The ICT FL makes sure we are leveraging our ICT investment, investing wisely and not investing in 15 copies of the same thing. Ideally we’d do something once and do it well for everyone. ICT FL then links to Result 10. If all of that big infrastructure and systems are morphed and hang together better, it’s much easier to get them to work in a coherent way to serve citizens better. When we start designing services – starting from the citizen and looking back into government – those agency lines and silos have to break down. That isn’t how people work their lives, and it doesn’t make it easy for citizens to access joined-up government services.
Q: You want citizen-centric public services based on life events. What does this look like? The very first example that we are working on right now is the birth of a child life event. We are creating an integrated service, learning as we go and gaining an understanding of the challenges and the issues we are going to have to knock off to create this service. When you go through the marvellous experience of one of
your kids coming into the world, you’ve also got to do the administrative things the government expects of you. You’ve also got the opportunity to access support services to make the experience better. We are starting to design a service starting from the new parents and their child, and asking what will this service actually look like at that point in somebody’s life, and how can we arrange those services in the digital world in a way that makes them easy to access. That starts by providing basic services like the ability to go online and register the birth, the ability to get an IRD number so the child can get access to KiwiSaver and one or two other reasonably straightforward administrative activities. We will solve the problem of identity using RealMe and give parents the authority to act on behalf of their child in the online world. The next phase will build in additional services; for example, link through to Plunket and health care providers. Another example is the tertiary education life event. Today that’s quite a disjointed process. When we bring the citizen to the fore, you start thinking about those services in quite a different way. You prove who you are once, and then all the other activities around selecting courses, dealing with a student loan and proving eligibility for a course can quickly grow into a useful, integrated service.
Q: What happens next? A significant number of these life events happen to us as citizens. We are going to be encouraging agencies to start leading design work to integrate government services around those events.
Q: What will be on stream by 2017? This is a radically different approach to the way government services are designed. There is no doubt we will have the birth of a child event service up and running by 2017, but I don’t see us as having another 15–20 life events active. That will happen progressively over the next several years. Meanwhile, Result 10 continues to drive up the use of digital channels and make sure people get more and more active in using those channels.
“This is a long-term change in the way the government delivers services. We mustn’t think about it as a project or programme. It is a fundamental shift and we’ve got a very, very long way to go.” The 70 percent common services digital by 2017 target is currently unchanged, but we are going to talk to the minister about the creation of integrated services and what some quite different targets might look like.
Q: Why such a radical change to service delivery? It’s a challenging and ambitious task. But if we don’t do it, in my view we will over time begin to lose the confidence and trust of citizens. They expect government services to be tailored in the same way the private sector is now using some of our information to tailor services to our needs. It’s really important we also start to use the information and data that we hold, relating to government services and citizens, in an appropriate and privacyprotected way, unleashing the power of that information to tailor and deliver services in ways that have the biggest positive impact. This is a long-term change in the way the government delivers services. We mustn’t think about it as a project or programme. It is a fundamental shift and we’ve got a very, very long way to go.
Q: What are some of the key challenges? One question I have which is at the heart of this, and we still haven’t answered, is that as we create new integrated services, that let’s say involve five or six agencies, who has got accountability for the delivery of that service? It does start to challenge elements of the public management model, and it calls for a more sophisticated conversation around accountability. We will also need CEs and ministers to work hard to balance agency priorities versus system priorities and the trade-offs that requires. In the functional leadership area we’ve been talking a lot with CEs and teams about those trade-offs with the new approach to services.
Q: You are responsible for monitoring major government ICT projects. How will you prevent another Novopay? Events such as Novopay remind us that these endeavours are difficult. My role is, as best as possible, to give ministers a level of assurance that we, collectively across the public sector, are employing good practice and have good governance in place and oversight of the projects, and that the quality assurance is fit for purpose. However, there’s nothing surer than that there will continue to be difficulties with ICT projects – that is the nature of projects and the nature of change. This is a world-wide phenomenon that affects the private sector in the same way as the public sector, it’s just less visible.
Q: Why were you selected for these roles? After gaining a degree in computer science from Glasgow University I worked for many years in the private sector before coming to the public sector in 2002. My experience is split across technology leadership, and operational and support activities in big organisations. I’ve worked in customer servicing organisations for a long time and I have a deep professional interest in the things that make services really work for people. Result 10 is a nice fit for me and so far it’s working out well. We’ve very much acknowledged that it’s early days, and there’s a long way to go before it’s really embedded and we start to drive the transformation we’d like to see.
Q: Was your move into the public sector the right one? It was probably the best move I’ve made! The purpose of work in the public sector is just so important to the country. The intrinsic values the public sector has also sit very comfortably with me at a personal level. The work is challenging, difficult and can be frustrating, but it’s really rewarding.
July 2015 Public Sector 13
A shared approach In May 2014 two government chief information officers, David Habershon, Ministry of Social Development (above left), and Craig Soutar, NZ Transport Agency (above right), travelled to Europe on a Leadership Development Centre fellowship. They attended a CIO Academy course at Oxford University, met peers from their respective sectors in London and Wales, and concluded with visits to Belgium and Denmark. What did they learn from their trip and, one year on, what have they applied in New Zealand? Margaret McLachlan finds out.
S
technology is the enabler, information is the real source of value creation and we saw numerous examples of this in progress, to excite and enlighten.” Both men appreciated the history and culture of the places they visited: Christ’s College, Oxford (digitally enhanced to become the Great Hall of Hogwarts Castle in the Harry Potter movies) and in Europe
© Clickos | Dreamstime.com
haring the learning with their CIO counterparts from across Europe was truly valuable. “The learning environment at Oxford was intense,” says Habershon, “but the conversations we had and the discussions were best face-to-face.” Craig Soutar agrees and adds, “The other part of our trip was visiting our peers. Where
Christchurch College, Oxford, England. 14 Public Sector July 2015
highlights that included the architecture of Paris and Brussels. “We can’t, however, be hamstrung by the past. In terms of IT, we have tended to focus on how our legacy systems mean that we can’t behave like innovative companies like Xero, but in fact you can if you just think differently. If you think about people who need a service as customers, you’re giving them a far better experience,” Habershon says. As for work-related highlights, Habershon cites his time with the Department of Work and Pensions (DWP) in London. “DWP is well on the way to building a new future for itself that ties in with government strategy. The challenge is grappling with critical legacy systems as well as contributing to all-of-government IT efficiency initiatives.” Soutar enjoyed his visit with the Driver & Vehicle Licensing Agency (DVLA) in Swansea, Wales (one of three equivalent agencies to NZTA). The DVLA aims that by 2020 at least 80 percent of its business services will be digital. He says he picked up a lot of plans and strategies to use at NZTA. MSD, meanwhile, is implementing a system where the ‘front end’ (how the customer interacts with the department) is separated from the back end (payment, case management and records systems). This enables the customer to complete some of the services digitally, so that MSD staff can concentrate on, for example, finding the customer a job.
Leadership
Soutar says the big learning experience for him was around leadership in information technology. “We saw some organisations who do it successfully and some where there are lessons to be learnt.” The focus is on collaborating with others and using business expertise. “Digital is transforming the way we do business and serve citizens.” In the provision of government services, people now expect the level of service they’re getting from companies such as banks and airlines. Government services need to meet those expectations to maintain public trust and confidence. And Ministers are expecting the government to deliver more services digitally. Information technology is becoming integrated into the business. Traditionally, the approach to IT projects was like a relay race with the baton being passed from management to the IT department and back again. Soutar says, “Now it’s more like a peloton in a cycle race: a partnership between all
aspects of the organisation. It should be a shared approach with a cross-pollination of the teams.” Although Habershon and Soutar work in different areas (social development and transport) they have a lot of shared experience, similar environmental issues and challenges. They have shared their fellowship lessons with other government CIOs.
Soutar says the Leadership Development Centre fellowship was “the most educational, enlightening and enriching development experience I have ever had”. It was the first IT-related LDC fellowship and the first joint application. Since his return Soutar has focused on infusing and injecting ideas at NZTA, and is looking for opportunities to be more impactful and innovative.
Leadership Development Centre fellowships LDC Fellowships are one-year research or study awards worth up to $45,000 for senior leaders. They aim to help senior leaders build on their personal leadership development goals and those of their agency and the system, and make performance improvements to the public sector. The Fellowship may include formal and/or practical experience, and/or research and study on leadership or management development, in New Zealand or overseas. There are two Fellowship categories: Better Public Services, and Developing the Capability of Public Sector Leaders. Applications for the LDC 2016 Fellowships will be open from 1 September to 31 October 2015. Fellowships categories and application packs for 2016 will be available at www.ldc.govt.nz from 1 September 2015.
WE’LL SHOW YOU WHAT SUCCESS LOOKS LIKE. Experience everything the Wellington region has to offer at Show Me Wellington – a ‘one-stop-shop’ for conference and event organisers. Come along and meet new suppliers, see the latest trends and be inspired!
PWV.CO.NZ/SHOW-ME-WELLINGTON July 2015 Public Sector 15
16 Public Sector July 2015
© Solarseven | Dreamstime.com - Online Security Technology Photo
Private, secure... and digital?
What does identity mean in an increasingly digital world? And how can we protect our data privacy? These questions were addressed at a cutting-edge conference at Te Papa in May. Editor John O’Leary went along to hear what was being discussed.
Day One
I
t’s a cool early morning as conference attendees arrive in Te Papa’s spacious interior. Names are crossed off lists, bags containing programmes and complimentary pens are given out. The conversation is subdued but there’s a feeling of anticipation in the air. I sip coffee and survey the arriving delegates. They look an intelligent, clued-up lot – just what one would expect at an ICT conference. Before long a bell sounds and we troop off to the Soundings Theatre. After a mihi from tangata whenua, Professor Miriam Lips of Victoria University’s School of Government welcomes us and introduces the first keynote speaker. This is the
Hon Bill English, Deputy Prime Minister, who has taken time off from his pre-budget preparations to address us on the subject of the government’s use of data analytics. It’s a high-level view, one that focuses mainly on the social investment framework. There’s a need for better targeting of social services, says English, and digital identity is going to play its part in helping government to know citizens better and help them in more effective, individualised ways. Government needs to talk more with professional groups such as doctors and social workers, he observes, and these groups need to share information better. Inevitably, when it comes to sharing data about patients and clients,
privacy issues arise – the challenge, says English, is deciding what is ethical in terms of data privacy, especially in extreme situations where (for example) the safety of a child might be at stake. We already have the tools for digital innovation, concludes English; the hard part is sorting out the implications of applying these technological solutions. Around me, delegates listen intently and take notes; to the right a cameraman videos proceedings. Next up on the podium is John Edwards, the Privacy Commissioner. In an elegant, thoughtful speech that ranges from Palaeolithic hand-stencils to Colin McCahon’s great I AM paintings, he >
July 2015 Public Sector 17
Private, secure... and digital?
ponders the notion of identity. It is basic to our humanity, he says; but increasingly, it presents itself as an accretion of records, a “person-shaped block of digital data” which may never be erased, even if we wish it. How does this new digital identity relate to our real, actual identities, which by definition are fluid and changing? We need to be careful with our personal data, Edwards continues, noting that anonymisation can be reversed; individuals can even be recognised, now, by a digital analysis of their gait. Privacy needs to be built into our data systems, and we should resist “authentication inflation”. The bottom line, he says, answering a question from the audience, is that individuals won’t part with their data if they don’t have confidence in how it is going to be used. At morning tea, I talk to a man from Datacom, the company behind the development of the online verified identity RealMe (formerly i-govt). Datacom is proud of their product, he says; it’s a world leader and crucial to the large-scale uptake of online services which is the goal of Better Public Services Result 10. As I listen, sipping my tea and munching a muffin, I have a feeling I will hear more about RealMe at this conference.
The danger of a Digital God
frameworks when it comes to the use of data, he says; we need accountability. We need to apply existing laws, expanding their scope so they can deal with questions of data privacy and the like. We need to manage our digital identity in an active, intelligent manner; one way is to insist on data minimisation, ensuring that only relevant, verified information is handed over. We need, he says, to plan both for success and failure when it comes to data use, and to learn from our failures and do better. If we want to, he concludes, we can do identity and privacy in a digital world, and to illustrate this he points to digital identity systems such as RealMe in New Zealand and myGOV in Australia, which he sees as moving, at the very least, in the right direction. My right hand is aching by now from all the notes I am scribbling, but it gets no rest for the moment, as up onto the stage walks Doc Searls, an American writer and blogger on internet themes who is also a member of two high-powered research centres at the University of California Santa Barbara and at Harvard. Here is someone abreast of the very latest thinking on ICT matters, and immediately he launches into a thought-provoking disquisition on privacy.
Taking back control
We’re very good at physical, real-world privacy, Searls points out – after all, we’ve had tens of thousands of years to develop privacy technologies such as clothes and
© Lucidwaters | Dreamstime.com - New Zealand Map Photo
Another Privacy Commissioner (albeit a former one) addresses us after the break – Malcolm Crompton, who held the office in Australia between 1999 and 2004. We
live in an age, he says, of super-connexion, where every aspect of society is being transformed by the application of data. Data-driven technologies have immense potential to improve our lives; they can make everything easier and quicker, from calling a cab to managing large-scale traffic flows in a city. Data, Crompton says, is an asset, and a growing one; but it is also a liability. Personal data can be misused by an organisation, or it can be released by accident, or it can be hacked. And it’s not just government agencies we have to worry about on this score – the fact is, the private sector is collecting our personal data much faster, and in much greater quantities, than the public sector is. In future, Crompton hazards, your insurance company may know all kinds of things about you based on the devices you wear, the products you buy, the services you use, and may adjust its premiums accordingly. Or, to take another example, advertisers may increasingly be able to target their advertising at you personally, based on a detailed knowledge of your habits and preferences gained from scanning your digital footprint. The danger, Crompton says, is that we as citizens end up as a surveyed, manipulated mass; the subjects of an all-seeing, unaccountable Digital God. I am beginning to feel depressed at this dystopian vision of the future, so it’s comforting to hear Crompton suggest that we can, in fact, manage the transition to a digital world successfully. We need ethical
Visitors on interactive map of New Zealand, Te Papa Museum, Wellington, 2013. 18 Public Sector July 2015
curtains and doors and walls. The problem, he says, is that we’re much less good at protecting our digital privacy, in part because the digital world we inhabit is so new – only 20 years old in fact. Our digital data, explains Searls, is being “clear-cut” by corporates in their effort to get to know us so they can sell us more things. We’re so used to the bad manners of corporates in this area, he notes, that we scarcely notice them anymore. We need to take back control of our data, says Searls. We need to set new terms for how it is collected and used, and these terms need to be devised by us, the customers and citizens. Over lunch in Te Papa’s spacious, lightfilled Oceania Room I talk to some of the other delegates. From what they’ve heard so far, do they feel the conference is useful? They do. And what do they think of identity and privacy in a digital world – can they be managed successfully? Here opinion is more divided. One delegate expresses a note of cautious optimism: there have been some steps forward, she believes, but much remains to be done, and how successful the government’s initiatives in this area will prove is still to be seen. It’s the afternoon now, and we take a break from keynote speeches and separate into workstreams which will consider identity and privacy as these present themselves in the real, workaday world. I choose Service Transformation, ably chaired by Richard Foy, Director Digital Strategy at the Department of Internal Affairs. First to speak is Arron
Baker from Immigration New Zealand,
who describes the shift under way in the department from a paper-based to an online model. The goal, he says, is to offer visitors to the country a complete digital service featuring things like an e-visa while still having regard for privacy and security. Next to speak is Mandy Smith from NZ Post, who outlines a similar shift in her organisation away from an analogue to a digital model. We need to completely re-imagine the way we do business, she says; simply reproducing an analogue model online is not enough. Key to the new way of doing business is a trusted digital identity such as RealMe – set up by NZ Post in collaboration with the Department of Internal Affairs – which is designed to fulfil the three fundamental consumer/citizen needs of security, trust and privacy. Last up is James Mansell who works at Noos, an independent consulting service that provides thought leadership, change leadership and capability development. He notes that the private sector is full of innovation when it comes to the use of the new digital technology – look at Amazon and Uber, he says, which have revolutionised their respective industries of book selling and taxi services. But what about the public sector? Where are the examples of disruptive innovation there? If such innovation is to occur in the public sector, Mansell suggests, central government needs to let go of its control of data and hand it back to citizens. Peer-topeer engagement, he says, is much better at producing innovation than the current
approach: a state monopoly on data and ideas run from Wellington. It’s an intriguing idea, though I do wonder if any government, anywhere, would willingly relinquish control of information it has gathered.
A commitment to lawfulness
After tea it’s back into the Soundings Theatre for some final keynote speeches. Since Rebecca Kitteridge, Director of the New Zealand Security and Intelligence Service, is to speak the press are back, hoping for a headline or a contentious soundbite. In an eloquent, unapologetic address, Kitteridge outlines how the threats that face the country have changed since the end of the Cold War; now, enemies such as terrorists use the internet to attract converts and launch attacks. What hasn’t changed, she asserts, is the NZSIS’s commitment to lawfulness; there is no mass surveillance of citizens’ communications. What surveillance activity the service carries out, she says, is tightly constrained and targeted at a tiny minority intent on doing harm. Noting that oversight of the NZSIS’s activities is carried out by multiple agencies such as the Ombudsman’s Office, the Privacy Commission and the Office of the AuditorGeneral, Kitteridge says the service is in a healthy state now – indeed, she wishes the public, which sometimes views the work of the NZSIS negatively, could visit and see what a dedicated, law-abiding team they are. Applause fills the theatre as the first day of the conference comes to an end and delegates return to the Oceania Room for an evening drink.
Day Two
A
nother cool autumn morning sees me arrive at Te Papa for the second day of the conference. Delegates are more relaxed today; people gather in small groups and chat amiably, or glance over the programme as they sip their coffee. Soon the bell sounds and we move back to the Soundings Theatre. Another government minister is to speak: this time, it’s the Hon Peter Dunne, Leader of the United Future party and Minister of Internal Affairs. As the minister responsible for Result 10 he should have some relevant things to say about identity and privacy in a connected world. Protecting privacy used to be a relatively simple matter, Dunne begins; now however,
with the advent of digital technology, protecting privacy has become much more complicated. People expect joined-up, customer-centred government services, he adds; increasingly, they want to do their business with government online, at their own convenience. But are people aware of the risks involved in sharing information digitally? Protecting personal data is essential, and we need robust systems to defend against a prying, coercive state. In relation to this point, Dunne notes that only the week before, the United States House of Representatives had voted to stop the mass collection of Americans’ telephone data by the National Security Agency. He
suggests that New Zealanders would have a similar view about the collection of their telephone records, and that there will now be pressures on our intelligence agencies to stop any mass data collection programmes they have underway, especially if it is being made available on an indiscriminate basis to other countries. A journalist who is recording the speech looks up at this point, and I can see a news item on this theme appearing on news websites and TV programmes. Fortunately, says Dunne, New Zealand is a world-leader in terms of how the government is thinking about using personal data effectively but ethically. He mentions the appointment last year of a Government >
July 2015 Public Sector 19
Private, secure... and digital?
Chief Privacy Officer, whose role it is to provide leadership around privacy issues in the public sector. He talks about the Data Futures Forum, whose task is to identify opportunities to maximise the benefits of Big Data while warning of problems over data management. In particular, he notes RealMe, which operates according to strict privacy requirements, and whose uptake is key to Result 10’s goal of seeing 70 percent of transactions with government being completed in an online environment by 2017. He closes on a modestly optimistic note, while noting that there will continue to be debate and discussion around the question of convenience versus privacy.
The power of data The power of data to change the way government works – but also the risks it poses to privacy – is the subject of the next keynote speech, by Liz MacPherson, the Government Statistician. Data can help government deal with deep-seated problems such as child abuse, she says; it can also give huge gains in terms of productivity. But how are we to manage the risks that such data collection involves? Regulation alone is not sufficient, MacPherson observes; we need to develop principles about data use. Four of these, she notes, have been identified by the Data Futures Forum: they are value, trust, inclusion and control, and they must guide the use of personal data in New Zealand. As an example of the power of data, MacPherson points to Statistics New Zealand’s Integrated Data Infrastructure, a dataset which is transforming the landscape of evidencebased policies. Using it, government agencies such as the Treasury and Corrections can understand in much greater detail how people are living their lives, and shape their policies and plans accordingly. The key thing is that the data the IDI contains is anonymised and confidentialised; no individual can be identified from it. MacPherson closes with a plea that there be a meaningful conversation with the public about data use that will focus on more than just data breaches. Perhaps a Data Council could be set up to help lead the discussion? We ponder this suggestion as we learn that the next keynote speaker, Professor Alex ‘Sandy’ Pentland, Director of Massachusetts Institute of Technology’s Media Lab, isn’t physically present at the conference. Rather (and suitably enough 20 Public Sector July 2015
for an ICT conference) he will be talking to us from his Boston home via videolink. Sure enough, after a few seconds, the face of the bearded professor pops up on the screen above the stage. He appears to be talking from his sitting room; the low light coming through the windows reminds us that it is early evening in Massachusetts. We’re headed for a Big Data society, Pentland tells us, whether we like it or not. New applications will chart our health status minute by minute; others will map the way we move about our cities. For the first time, thanks to this “data revolution”, the individual will become visible. The benefits can be enormous, he observes, citing as examples better, cheaper, proactive healthcare and a refined understanding of the relation between crime and urban demographies. But the risks are also great. Data, after all, can be re-identified; anonymity can be infringed. The danger is that we create a world where, effectively, there is no privacy.
A “new deal” on data What we need, explains Pentland, echoing speakers such as Crompton and Searls, is a “new deal” on data. People need to know what is happening to their personal information, they need to be able to bestow and withdraw their permission for it to be used. Data use needs to be audited, just as dollars in a bank account can be. The law has a part to play, Pentland says, noting legislation in the European Union around data protection that will eventually apply to all industries and services, including social media sites like Facebook. Meanwhile we could develop things like personal data stores to help keep our data distributed and safe from a centralised, controlling elite, whether this be bureaucratic or corporate. Such a distributed system would not only guarantee privacy, it would enhance security – the two in fact are fundamentally the same, says Pentland. Over lunch I chat to the folk at the stall run by Veda, the credit rating company. They’ve employed an actor to sit in a chair and impersonate someone wanting a loan; attendees have to choose whether they’ll trust the actor and grant the loan or ask for the “truth” from Veda. When the truth emerges that the character played by the actor has a string of aliases, not to mention
a history of cheque fraud, I am given the option, Graham Norton-like, of pulling a lever that will catapult the actor backwards. I decide not to, as she seems likeable enough, but the point is well made: we should never take identity, or honesty, for granted. It’s near 2 p.m. now, and once again we separate into workstreams. This time I choose the Cybersecurity seminar, which is being held in the smaller Rangimarie 2 room on Te Papa’s south-west side. Cybersecurity is a crucial area in our increasingly digital world, and I will be interested to hear what’s happening on the practical side. First to speak is Paul Ash, the director of the government’s recently founded National Cyber Policy Office. The connected world is bringing New Zealand huge opportunities, he says; weightless exports are a reality and the tyranny of distance has been substantially diminished. At the same time, though, it brings risks: New Zealand companies face growing threats to the confidentiality, integrity and availability of their data in the form of theft, manipulation and damaging attacks. To help combat these threats, Ash explains, the government has developed a cyber strategy aimed at building cyber resilience and cyber capability. One programme he mentions is Connect Smart, a central hub providing cyber security information and resources to New Zealanders. Visit the website, he urges, and see how you can protect yourself online. It’s the simple things we can all do to make ourselves safer online which are the subject of the next talk, given by Laura Bell, the director of SafeStack, a specialist security firm. In lively, jargonfree English she explains that our online security isn’t working well, in part because companies and government agencies are not very good at helping their customers in this field. They ask us to choose a password – but shouldn’t they rather be asking us for passphrases, which are much more secure? They require us to answer standard questions (“what is your favourite colour?”) when everyone, including hackers, knows what the standard answer will be (“blue”). Organisations have to make cyber security easy for their customers, Laura says; in fact, they have to see themselves as part of their security system, not as separate from it. And at a personal level there are many simple things we can do, she adds: one is to delete
information. Sounds obvious, doesn’t it? Yet how many of us do it?
A “phygital” universe? The final speaker is Anu Nayar, head of the Cyber, Privacy and Resilience practice at Deloitte. He talks about the hyperconnected world we are now entering; about the mountains of digital data we are creating as we navigate our way through this new online reality. Most intriguingly, he proposes that we are increasingly being faced with a “phygital” universe: one in which the boundary between the physical and digital worlds is being increasingly blurred, for example in the area of biometrics. Our digital security, he concludes, will more and more condition our physical security – how best, therefore, are we going to protect it? It’s tea time again, and I move with other attendees to the Oceania Room, where we discuss the questions – more numerous, perhaps, than the answers – that have been voiced by the various workstreams. Then it’s back to the Soundings Theatre
for a last keynote address, this time by Alessandro Acquisti, Associate Professor of Information Technology and Public Policy at Carnegie Mellon University. His special subject is the economics of privacy, and in a fascinating talk he outlines a series of psychological experiments he has done to try to ascertain how much people care about privacy, and whether this concern changes according to context and other factors. Two preliminary conclusions stand out. Firstly, we have evolved to detect threats to our physical privacy but are much less adept at detecting threats to our cyber privacy, presumably because the realworld sensorial cues are lacking. Secondly, our behaviour in relation to cyber privacy changes according to context and over time: there’s some evidence, for example, that users of social media have become more cautious about revealing personal information (e.g. birthdates). On the other hand, Acquisti notes, there’s also evidence that online privacy concerns can erode over short periods. Clearly, our relation to and understanding of the digital world is still very much in the process of evolving.
A brief panel discussion of some of the themes raised follows, and after a long list of thank you’s from the conference Chair, Miriam Lips, we file out into Te Papa’s enormous atrium, our heads full of thoughts and ideas. I try to sort out some fundamental themes, as these apply to the public sector. Really, at bottom, there is just one: that in the hyper-connected, digitalised world we are now entering we have to start thinking differently, and much smarter, about the way we do business including – maybe especially – in areas such as identity and privacy. Concluding that this new world is an exciting but also slightly unnerving place to live in, I head out into the Wellington evening for home.
“...in the hyper-connected, digitalised world we are now entering we have to start thinking differently, and much smarter, about the way we do business including – maybe especially – in areas such as identity and privacy.”
Waikato Times (Newspaper). Hawkey, Allan Charles, 1941- :Lost. 19 March 2014. Hawkey, Allan Charles, 1941- :[Digital cartoons published from July 2002 onwards in the Waikato Times].. Ref: DCDL-0027653. Alexander Turnbull Library, Wellington, New Zealand. http://natlib.govt.nz/records/33718009
July 2015 Public Sector 21
for new professionals in the digital age
Top tips How can a young public servant remain up to date in the face of a fast-changing digital world? Here, IPANZ new professionals Luke Aki, Annie De’ath and Paul McGregor give us their seven top tips for new professionals in the digital age.
T
he public service is working in a digital environment more than ever before. An increasing percentage of New Zealanders’ most common transactions with government are being completed online. Public servants work mostly with electronic documents. Many publications are now online only. Meetings are held virtually, webinars are attended from across the world, and useful contacts made without people ever meeting each other in meat-space (or “IRL”, as they say in the vernacular). Telecommuting is more widely adopted and working better than it ever has before thanks to a combination of cultural acceptance, changes in workplace models, and the advances made in the speed, security and versatility of telecommunications technology. The public service is embracing the digital age.
22 Public Sector July 2015
by example. You don’t What does this mean for you have to be perfect, as a new professional? so don’t be afraid of As a new professional you making mistakes. If at are often expected to be at first you don’t succeed, the forefront of digital change. simply try again. How often do senior colleagues Making mistakes and assume younger colleagues are then fixing them is expert users of TwitFaceTube, Luke Aki, IPANZ new professional an important part of or digital marketing/social learning. Some schools media experts? How often of thought say it is the are you as a young new only genuine way to learn. Learn to professional approached to hand out live with your mistakes, and to fix pearls of wisdom on the use of social them. Take on tough new challenges media/how Twitter works/what this and be prepared to navigate change Snapchat thing is all about? Whether as it comes, ready for whatever the you expected it of yourself or not, future may bring. with great expectation comes great responsibility – and opportunities too. 2. Ride the stereotype – if people What are the roles, challenges think you’re a digital technology and opportunities you can take expert, you’ve got your foot in the responsibility for in your career, as you door to work on some exciting navigate your way through a public projects. Sign up, learn the ropes, service of the digital age, to become and your personal development a high-performing and relevant public will come along in leaps and servant? How can you, as a new bounds. But remember to manage professional in the public service, expectations about what you are be prepared to deal with constantly capable of if you do sign up. Find evolving technology and the changes your niche and get stuck in. this brings? Here are a few thoughts: Be passionate and play to your strengths, even while developing 1. Be a leader in the digital age – take new ones. on challenging new roles and lead
3. Never stop learning and remain current – challenge yourself to get stuck in and learn new things. In an increasingly digital environment, it is important to continuously develop your skills, capability and knowledge and remain up to date. It will stand you in good stead in the future. Lifelong learning should be a default approach to your career development.
Practical examples of what new professionals can do in the digital age
4. Challenge and expect more from your organisation – help identify what it would look like for your organisation if you and your colleagues were excelling in a digital age. Expect more from your colleagues and from your organisation. Set a benchmark for excellence and lead by example, fostering a culture of continuous improvement and building capability. Examine what works well in world-leading organisations and apply relevant best practice to your work in a digital environment. Challenge everyone you work with to do the same. Only adopt best practice that adds value to important things.
• Attend GovHack to see what the private sector wants from the public sector.
• Open your team’s and manager’s eyes to innovative ways of working, for example, using Google’s Government apps, using better engagement improvement tools such as Tiny Pulse, using electronic project management tools like Trello, Asana or Basecamp instead of hundreds of sticky notes. There is a whole world of electronic tools out there, and the public service needs to tap into that useful resource to work smarter and better deliver services to the public. • Join or create a community of practice for learning and sharing with each other, for example, at your own workplace, or join a tech or ‘career & business’ MeetUp group (http://www.meetup.com). • Take an online course on Coursera or Udemy on coding, using technology in business, etc. • Learn about business intelligence concepts, techniques and tools.
team. Join or create a community of practice, a club or interest group related to digital technology and innovation in order to learn from each other and share what you are working on. Having a group of experts whose knowledge you can easily access can be invaluable in quickly solving a seemingly complex problem you are struggling with – “it’s easy when you know how” is the usual phrase.
5. Explore new opportunities – do something new, even if it scares you and you feel out of your depth. No one starts out as an expert; you build yourself up to become one. Be an early adopter of digital innovations and new technology, or get involved in areas you haven’t worked in before. However, be realistic about what you can take on as you cannot do everything – try one or two things at a time that play to your strengths. It is not all about gaining technical skills but the ability to work effectively in a digital environment. Take calculated risks on new and emerging technology if necessary – risk and reward go hand in hand.
7. Be a public servant. Literally – Champion access for the public to information held by public service agencies. Maintain at least a basic understanding of how digital information is treated and used, including understanding the fundamentals of the Official Information Act. Retain a strong customer focus in all the work you do, and always review whether what you plan to do will add value for the final customer – the New Zealand public.
6. Surround yourself with experts – the best way to learn is to learn from the experts. Work with people who are better than you, watch and learn from them. Set expectations with everyone about sharing relevant knowledge and helping build capability within the
However, remember that most of what matters does not change as fast as technology, format or the medium. Legislation and frameworks change slowly and are typically technology-neutral, so staying current is not an onerous task. Capability, experience and some skills
remain relevant for longer than the technology you started building it with in the first place – so do not put off acquiring the knowledge and capability today on the assumption it will be obsolete tomorrow. No one can accurately predict what the future will look like in 10 years’ time, but the choice to be prepared for it is in your hands. Your value as a new professional is in being at the forefront of digital change with your finger on the pulse of modern developments and innovation. We are expected to live and breathe the digital age and all it entails – so grab the opportunities, take on the challenges, and be a part of building a public service that excels in the digital world.
IPANZ New Professionals aim to connect, develop and inspire 18–39 year olds who are in the early to mid-stages of their public sector career. They hold inspirational speaker series, professional development and networking events and a biennial conference. Join their free mailing list at www.ipanz.org.nz/ newprofessionals.
July 2015 Public Sector 23
P oint of v iew
Preparing for the world that will be By Dr Rose O’Neill, Principal Consultant, Maven Consulting Ltd
“Through ubiquitous technologies people are exposed on a daily basis to diverse views and perspectives forcing them to look beyond their own borders and create a different point of view for themselves.”
24 Public Sector July 2015
the case of the Irish, the result has been the crafting of a new social reality. The same type of quiet social revolution can be seen on different scales in other parts of the world. For example, in 2014, the teachers in the Sultanate of Oman went on a national strike, organised entirely via social media. In an Islamic autocracy by any measure, such united social action was revolutionary – carried out by a group of workers who were not only geographically dispersed, but who have no unions and certainly no democratic voice. The most important social revolutions of the 21st century are being both created and facilitated by modern technologies. Some of these are extremely positive (providing you are an Irish gay person and not an Irish priest) and some are more than a little scary (Isis recruitment techniques). On a global basis, examples are everywhere and the pace and rate of them can be overwhelming as we try to get to grips with what it all means for us here in New Zealand. An economist colleague of mine once told me that ICTs were only important in the public service for their ability to increase efficiencies at the margins. I will argue today, as I did then, that the importance of ICTs are in the ability they have to change the way that people think, and consequently the way they act.
Quiet revolutions
We need look no further than the actions of the ‘student army’ so soon after the Christchurch earthquake to see how technologies are being used to mobilise
© Alphaspirit | Dreamstime.com
T
he Republic of Ireland has taught the world a valuable lesson about the power of democracy recently. The people’s vote to change the law to allow gay people to marry was a victory for social justice and humanitarianism. It was also a demonstration of the power of people with the freedom to speak their minds and be heard, not through the voice of elected representatives, but by sharing their own views simply and clearly; and creating a fundamental change in the fabric of their own society by so doing. Democracy doesn’t get any better than that. The Irish are to the core a Catholic nation, and those of us who were brought up in the faith will understand that practice or not, the teachings of the Church are embedded from birth like a sharp pebble under the skin in the soles of your feet. It is no secret that regardless of the views of any individual worshippers, the Catholic Church itself does not favour more liberal rights for gay people. Nevertheless, a whole nation of people imbued with the teachings of Catholicism voted to permit gay marriage. By voting YES, the Irish demonstrated that regardless of views they have been subjected to from the pulpit to the pub, the influences on people’s thinking in the 21st century are diverse and informed from multiple sources. Through ubiquitous technologies people are exposed on a daily basis to diverse views and perspectives forcing them to look beyond their own borders and create a different point of view for themselves. In
people to action. The quiet revolutions taking place in this country may not be so much in the political sphere, but they are radical all the same. The question that all of this raises is whether the New Zealand public sector leaders are anticipating the way of the future and doing enough to prepare for the world that will be. How is the voice of the New Zealand people being represented in the design and implementation of the technical infrastructure that will determine future online interactions between government agencies and individuals? Investment in empirical research that clearly tell us the public view on critical policy issues relating to the online environment is essential for designing future online service offerings. For example, how does the public view such issues as online privacy and security; ownership and management of personal data; and what services do people wish to access online? The voice of the users of public services should be at the centre of the design of those services. Inviting an ICT savvy public to ‘our’ space, rather than designing services to fit their space is no longer good enough. The public are increasingly demanding real changes in government/citizen interactions, not only at the transactional level, but also in public governance itself. The New Zealand public sector needs to demonstrate a comprehensive understanding that communication technologies are the key to the next age of democratic practice. As a first step, social media should be harnessed to create empirical evidence on exactly what people want from government, and use it to redesign public services to maximise effectiveness at a reasonable cost. This will require a shift in mindset by public leaders from risk aversion to exercising democratic power through meaningful engagement with consumers of public services. Perhaps the time is right to learn a lesson from the Irish and open up some critical conversations about priorities for future ICT investment in New Zealand. Who knows what creative solutions might emerge?