Most of us in the IT industry know the arguments for cloud computing by now – consuming IT as hosted, scalable services should improve utilisation, cost transparency and organisational agility.

But few organisations, certainly none the size of the UK public sector, have taken this App-store like approach, that allows divisions and departments to pick cloud services from a shortlist of approved, competing suppliers.

Chris Chant, programme director for the G-Cloud, makes a strong case for the model.

"Using cloud solutions that have already been secured and accredited will almost always be cheaper," he said during a talk at the Institute of Government last year. "We'll know from the outset the cost of the product, and most importantly we'll know the cost of exit."

"And price and quality will be visible to all," he said. Having a review on each service from, for example, the CIO of the department that used it would "transform pricing and quality, far and away above what any service level agreement has ever given us".

Chris Chant on the G-Cloud at the Institute for Government - 20/10/2011 by digenghmg

The combination of G-Cloud and the CloudStore, the government predicts, will save £20 million in the next fiscal year, £40 million the following year, and £120 million in 2014-15.

But as I'm sure Chant is well aware, getting the website up and running is just the first step in a long process, in which many challenges will need to be addressed and many questions answered.

Firstly, how will cross-departmental cloud procurement be governed in order to guarantee cost reductions?

Speaking at the recent CloudCamp event in London, Joe Weinman, head of HP's media business and author of Cloudonomics, explained that the main reason why cloud computing can save you money is that you don't pay for it when you're not using it.

"Cloud computing isn't necessarily cheaper to use," he said. "But it's free not to use."

This suggests there is a risk that cloud computing can end up being more expensive than in-house or traditionally hosted alternatives, if it is used for systems that are in perpetual use. Are the governance mechanisms in place to make sure this doesn't happen?

A related matter is the argument put forward by Simon Wardley, of CSC's Leading Edge Forum. Referencing the 'Jevons Paradox', Wardley argues that if cloud computing were to make IT services cheaper, organisations would find more ways to use them and therefore both consumption and expenditure would increase.

This is not a problem, as long as you believe that in consuming more IT services the government will necessarily deliver more value to taxpayers. But surely there is a danger of 'cloud sprawl', the ease of provisioning new infrastructure leading to unnecessary expenditure.

The government's CloudStore is actually more of a market, allowing buyers to compare and contrast similar services from competing suppliers.

The ability of this market to function properly relies to some degree on commoditisation of certain IT services. It is entirely appropriate to compare suppliers offering the same software on the same hardware on the basis of price and customer satisfaction.

But the store is not limited to infrastructure-as-a-service. It also includes platform-as-a-service offerings such as Google App Engine and software-as-a-service applications such as SAP's BI OnDemand, offered via Atos.

Is it fair – or more importantly, useful – to compare these kinds of system, whose utility depends mostly on how you use them, on these terms? Is it helpful to imply that selecting a business intelligence tool is as simple as choosing a content delivery network? I suggest not.

And finally, how much of the government is in a position to provision its own cloud-based services via the CloudStore? Most departments are locked into a number of multi-year, multi-billion pound IT contracts with suppliers who own their own data centres, and are unlikely to let their government clients switch to a rival. Maybe this explains the savings targets which, in the context of UK government IT, are miniscule.

The reason why I raise these issues is not to give Chant and the G-Cloud programme a hard time. To the contrary – it is to their credit that they have launched a project that touches on such cutting edge IT management concerns in the context of the public sector.

But in doing so they have produced an experimental test-bed for an emerging IT procurement technique, which is why Information Age will be keeping a close eye on the fortunes of the CloudStore.

However, I do think that the IT industry's framing of the phenomenon reflects its viewpoint – sitting inside the IT department, looking out. I propose that the consumerisation of IT is just one facet of the current technological era, and that it would be equally valid to speak of 'the enterprisation of life'.

Managing information in the form of electronic data has been a huge part of what businesses do for decades. Every process, from recruiting new employees and customers to launching new products and acquiring rival companies, has a data management component.

The personal computer revolution introduced electronic data into home life. At first, we used PCs to manage our correspondence and domestic accounts. More recently, data management has permeated everything from managing one's music collection to organising one's social life.

For a tangible example of the enterprisation of life, look at the online financial management services that banks now offer their current accounts holders, and their resemblance to simple, accessible business intelligence systems.

The flipside of IT consumerisation, which means employees want to use their personal devices and software that resembles the consumer web, is that customer engagement is becoming increasingly data-rich. This is one of the reasons why the next few years will see marketing departments begin to match IT shops in terms of technology spending.

Furthermore, these data-rich engagements will not be with passive data subjects, but with savvy consumers who care whether the data you hold on them is accurate, who care where it is kept, and who care exactly how much your organisation knows about them. As the European Commission made clear in January 2012, these consumers have the winds of regulatory change on their side.

The consumerisation of IT has sometimes been cast as a threat to the IT department, as it places more control in the hands of the employee. But by the same token, 'the enterprisation of life' means that the skills and experience of IT professionals are not only useful in the context of business filing, but now apply to almost every facet of human society.

The inquiry heard evidence from Alexander Owens, a former police officer who had been hired by the ICO in 2003 to investigate the illegal trade in stolen personal data. Owens' investigation, Operation Motorman, discovered evidence that various newspaper journalists had bought data illegally obtained from government employees.

Owens said that he had compiled enough evidence to prosecute everyone in involved in the supply chain of stolen data, including journalists. But he alleged that the deputy ICO at the time had said: "We can’t take the press on; they are too big for us".

This was grist to the mill of the ICO's critics, who argue that the while it regularly fines local authorities, often after they have confessed to data breaches themselves, it shirks from going after bigger, more powerful targets. 

Richard Thomas, the Information Commissioner at the time of Operation Motorman, gave evidence in the inquiry a week later. "Thanks goodness we did not prosecute the journalists," he said. "The impact for the office would have been very, very demanding indeed."

The ICO is undoubtedly in a difficult position. So great is the potential for technology to abuse or misuse personal data that it is difficult to imagine the ICO ever having enough resources to address the problem fully. It always has to take a view on whether a case is worth pursuing given the resources it has available.

But there are nevertheless occasions when one might hope for a little more bite from the ICO.

For example, as the Leveson inquiry was going on, a story quietly broke of a woman whose credit rating was damaged by a glitch in Barclay's Bank's credit checking software. This lead to her mortgage application being turned down – an example of how data management blunders by large institutions can have potentially devastating effects on people's lives.

Having investigated the case, the ICO gave the following statement: "We decided that it is unlikely that [Barclays] has complied with the requirements of the DPA ... because it appears unlikely that Barclays has processed the complainant’s personal data fairly. However, the Information Commissioner has decided that further regulatory action is not appropriate at this time.”

There may be more to the story. But these do not sound like the words of a regulator that is likely to take on the country’s most powerful organisations, the very organisations whose abuses of data can be the most damaging.

But Estonia is a special case, in many ways. For one thing, the country is arguably the world’s most sophisticated adopter of e-government.

As Ilves explained to the London Conference on Cyberspace in October 2011, 90% of the country’s tax returns are filled in online, 25% of votes in this year’s elections were cast online and 76% of the population regularly uses the Internet. “Information technology and its use by the state is at the core of our modernisation strategy,” he said.

Cabinet Office minister Francis Maude, who was hosting the conference session that Ilves spoke at, paid tribute to Estonia’s example of what can be achieved by offering public services online.

What he didn’t mention was the fact that the UK coalition government’s approach to e-government differs in one very significant way to Estonia’s.

Central to the Baltic state’s e-government programme is one of the most widely adopted national identity registers in the world. More than 90% of the country’s 1.1 million inhabitants carry a state-issued ID card. It is used not only to access online public services, but also to authenticate banking transactions and purchase tickets for public transport.

For Ilves, the ID card scheme has been pivotal to the success of Estonia’s public sector modernisation. “If you want safe and secure e-government, you can’t do it without an ID card,” he said at the London conference.

However, that is exactly what Maude and his colleagues intend to do. With its Identity Assurance Programme, the government plans to devolve responsibility for identifying citizens to private sector organisations, such as banks or credit rating agencies. It is currently developing a federation hub that will allow these identity providers to integrate with government websites securely.

It makes sense that the UK needs to take a different approach to that of Estonia. Creating an ID register for 60 million-plus people is a very different challenge to building one for just over a million. And there is every sign that government is aware of the privacy and identity management issues associated with this approach, and is taking them seriously.

Nevertheless, we are moving from a situation where responsibility for authenticating citizens (so they can access the public services they are entitled to) is the duty of the state to one where it is up to profit-seeking organisations to decide who can be trusted.

This could have far-reaching consequences for citizens, especially those who have fallen out of the typical sources of identity confirmation – employment and residency – and who are therefore most reliant upon public services. And yet, there has so far been little discussion of this significant change to one of the core mechanisms of our society.

There are, he explains, the projects that pay for themselves because they address a specific and defined business challenge. These are the easiest to secure investment for, as they have the explicit backing of the business.

Then there are rationalisation and optimisation projects, van der Ouderaa explains, which may not address a specific business need but nevertheless fund themselves via operational cost reductions.
The
But then there is the third kind. These are IT infrastructure and integration projects that serve the long-term, strategic interests of the organisation, but whose business benefit is difficult to calculate, and which may not deliver any benefit for years to come. “These projects are like building a new motorway,” says van der Ouderaa. “Everybody will benefit, but nobody wants to pay for it.”

These projects are especially hard to fund when IT cost is viewed with extreme scrutiny, as it is today. Van der Ouderaa suggests that the chance of these projects receiving funding is a function of the CIO’s leadership abilities. It is almost a matter of convincing the business to invest “on good faith”, he suggests.

However, these large-scale integration projects often involve organisational integration too, and some question whether the typical CIO has the authority to make that happen. “I don’t know if the CIO can drive that through,” says James Hunt, senior financial services consultant at data warehousing provider Teradata. “If it involves business change, it must come out of the business.” In the case of integrating risk data with marketing and finance systems, Hunt says, “it will take a business leader who is sufficiently technologically savvy to recognise the value”.

That raises a question – do business leaders who understand the strategic value of information integration exist? And if not, do CIOs have the vocabulary with which to articulate that value? Meanwhile, a recent study by Gartner has found that chief financial officers are increasingly involved in IT investment decisions. As a result, the CIO’s responsibility is to ensure that the CFO “is educated on technology”.

It appears, then, that articulating the economic benefits of long-term information integration projects is a key skill for today’s CIO, lest they be ignored altogether.

Have you successfully developed terms of reference with which to discuss these benefits with the business? Or are you struggling to find them right now? If so, I’d be interested in hearing your experiences, as this is something that Information Ageplans to research on behalf of our readers.

Many people, including web creator Tim Berners-Lee and the government of Finland, have argued that access to the Internet should be an internationally protected right.

But is this like arguing that access to water pipes should be a right – commendable, but focused on the wrong issue? What matters is the water that comes out of the pipes. Is the same true of the Internet and information?

Well, in this case maybe Berners-Lee and the Finns have the right idea. It may not be exactly the point, but legislating for access to the Internet seems more practical than rules protecting access to information.

For one thing, what information do people need? There is a clear difference between the information people use to work and live by, and the information with which they entertain themselves. The argument for protecting Internet access focuses on the means, and lets people decide what is important.

Nevertheless, the thought experiment raises some issues that are by no means theoretical. UK chancellor George Osborne announced in May 2011 that the government’s ambition is to become the “world leader” in open data, and that it will release “some of the most valuable datasets still locked away in government servers” during the coming year.

What information does the government hold that could improve people’s lives? And whose interests should inform the choice of which information to release? I don’t know the answers to these questions, but suggest that we should figure them out before the machinery of open data is set in stone.

Meanwhile, there is another side to this coin. In certain circumstances, it is the ability to limit information that should be the human right, as in the cases of privacy and data protection.

No personally identifying information is published on open data websites such as data.gov.uk, so these two issues have not come into conflict. But Osborne is now talking about opening up healthcare data to scientific analysis – will it be so easy to protect anonymity when handling this highly sensitive kind of information?

The information revolution has been going for decades, if not centuries, but it continues to disrupt some of the longest-established institutions of society. I wonder whether we have a mature enough understanding of how information relates to human rights to make sure that they are protected through that disruption.

Both have recently launched software that allows workers to monitor the activity of their peers in a constant stream of status updates, supposedly allowing real-time collaboration and therefore improved business agility.

But at what cost will this constant stream of information come? Recent research at the University of California, San Francisco, suggests that younger workers would take it in their stride, but older employees may struggle to ignore what may often be useless information.

Professor Adam Gazzaley and his team at UCSF’s Neuroscience Imaging Centre found that younger men and women (aged around 25) were better able to ignore irrelevant information and concentrate on a given cognitive task than a group of older subjects (aged around 70).

They found that working memory, which people use to juggle information when performing mental tasks, is more likely to be disrupted by irrelevant distractions in older people, making it harder for them to maintain their train of thought.

“The impact of distractions and interruptions reveals the fragility of working memory,” remarked Professor Gazzaley. “This is an important fact to consider, given that we increasingly live in a more demanding, high-interference environment, with a dramatic increase in the accessibility and variety of electronic media.”

This raises the point that the benefits of a system that allows for more frequent, real-time updates must be balanced against the potential impairment on concentration. It also supports the theory that consumer web-based technologies could widen generational divides within the workforce.

Closer to home, a scientist at the University of Cambridge has been drawing comparisons between Twitter and the human brain itself. Speaking at the Cambridge Science Festival, Professor Ed Bullmore said new techniques for analysing the functions of the brain reveal them to bear more than a passing resemblance to communications networks such as the popular microblogging service.

“We are ‘taking the brain out of the skull’ to look at it directly in comparison to many superficially different information-processing systems,” he explained.

To illustrate the point, he asked attendees to write tweets containing a particular phrase, ‘#twitterbrain’. The network of Twitter connections between audience members could then be analysed, and compared with the network-like functions of the brain.

And how did they compare? “We found that the #twitterbrain network was somewhat like the brain network in being small-world and modular with highly connected hub nodes,” explained Professor Bullmore. “However, the brain network was more clustered and less efficient than the twitter network.”

The reason for this is that Egypt is one of the most bountiful offshore sources of workers with both IT and German-language skills. Almost half of the company’s business derives from its native Germany.

I asked Van Megen about how business was effected by the revolution that took place in the opening weeks of this month. It was “scary”, he admitted, and the company lost four days’ work because staff were placed under curfew.

But SQS had the necessary contingency plans in place, he said. German clients, which include Deutsche Bank and Deutsche Post, were serviced from the company’s ‘near-shore’ facility in Gorlitz, Eastern Germany. “We saw just how good it is to have many different locations.”

Now, he says, it is back to “business as usual”, with Cairo staff working overtime to get through the backlog.

None of SQS’ clients have said they want their work to be taken out of Cairo, he says, but the revolution has taught them some valuable lessons about offshore outsourcing. “It became very clear that if you want lower prices, there is a risk premium you have to pay.”

SQS has reassured Egypt’s telecommunications minister Dr. Tarek Mohamed Kamel that it remains committed to Cairo as an outsourcing destination. That said, Van Megen remarked that it has decided to look for more German-speaking workers in Pune, where its Indian facilities are based (not as hard as it may sound, thanks to a number of German automotive companies with engineering resources there).

The real damage, Van Megen believes, is to Egypt’s reputation. “What they built up in four or five years has gone in four weeks,” he said. “This will make it much more difficult for new companies to move to Egypt.”

I asked Van Megen whether any of SQS’ employees were involved in the revolution. “We recommended that they keep themselves out of the demonstrations, and what we heard is that they all did,” he told me. “They are among the 10% most privileged people [in Egypt] – they earn so much more than a policeman, for example. Maybe that was the reason why we haven’t seen any accidents happen with our people.”

The Lord Chief Justice, Lord Judge, claimed that users of sites such as micro-blogging platform Twitter could flood the Internet with messages in an attempt to influence jurors’ opinions. This could pave the way for a deluge of mistrials, he argues. “We cannot stop people ‘tweeting’, but if jurors look at such material, the risks to the fairness of the trial will be very serious, and ultimately the openness of the trial process on which we all rely would be damaged,” Lord Judge told an audience in Belfast.

This is not the first time that digital media have been identified as a challenge to the legal process. In early 2009, a juror in a US drugs case admitted that he had been using Google outside court to research the defendant. Upon further enquiry, the judge found to his dismay that eight more jurors had been digging about on the Internet for the same purpose. In the end, he felt he had no choice other than to call a mistrial.

In principle, however, the process should be immune from outside pollution. In both the UK and US, jurors may only form a verdict based on the information given in court hearings.

However, breaches of this requirement are common, research suggests. Analysis published by Reuters Legal in December 2010 concluded that more than 90 verdicts handed down in the US since 1999 had been challenged due to alleged use of electronic communications during court proceedings.

More than half of these incidents have occurred in the past two years, the analysis says, suggesting that advances in mobile technology and social networking are causing the problem to snowball.

Using Twitter in the courtroom is one way of incurring the wrath of a judge, but apparently the site’s users must also watch what they say outside court. Earlier this year, UK citizen Paul Chambers ‘tweeted’ a hoax bomb threat regarding Nottingham’s Robin Hood Airport. Chambers was arrested and eventually convicted for sending a “menacing electronic communication”.

After he lost an appeal to the High Court in November, thousands of Twitter users expressed their annoyance at the decision by re-posting Chambers’ original message. Authorities have said that they have no plans to take action against those who did so.