From: Dan Jellinek [mailto:[log in to unmask]]
Sent: Monday, December 11, 2000 10:01 AM
To: egovbulletin
Subject: E-Government Bulletin - December 2000


Please forward this free service to colleagues
so they can subscribe by sending a blank
email to [log in to unmask]
 - full details at the end.

The service will always be free
and we never pass on email addresses!
For further information, an online archive
And our privacy policy see:
http://www.headstar.com/egb

[Issue starts]

E-GOVERNMENT BULLETIN
The Email Newsletter On Electronic Government,
UK And Worldwide.

ISSUE 94, DECEMBER 2000

IN THIS ISSUE:
Section One: News
- Minor glitches, major ambitions for UK citizen gateway; E-government: a
legal minefield?; 'Cybersquatting' a threat to password
security; Stoke library service is best on the web; Electronic health
library goes live; Teledemocracy centre launches new
e-petition; News round-up - Govern your school, Social services web,
Mailbase becomes JISCmail.

Section Two: Conference Report
- Local Government Solutions

Section Three: Analysis
- Information Overload

Section Four: US Case Study
- Digital Petitions

[End of contents]


SECTION ONE: NEWS


MINOR GLITCHES, MAJOR AMBITIONS FOR UK CITIZEN GATEWAY

The government has unveiled a 'beta' test version of its new online gateway
to information for citizens, the UK Online Citizen
Portal, amid technical glitches and problems with the site's accessibility
for visually impaired people.

When E-Government Bulletin tried to log on the morning after its launch, all
that could be obtained was a message saying: "We are
sorry but the UK online Citizen Portal is temporarily unavailable. Please
try again later".

Three hours later the site - managed by BT subsidiary Syntegra - was up and
running once more, and the Cabinet Office put down the
hiatus to "minor hardware problems - it's a large, complex new project, and
we were expecting some glitches".

Also embarrassing is the line running at the bottom of the portal, which
says: "The government-backed service UK online should not
be confused with the Internet Service Provider UK Online." This clash was of
course known about for some time, but in the absence of
an outright name purchase the disclaimer will now have to remain, and of
course the confusion will remain as well.

More serious is the apparent lack of accessibility of the beta site. The
government's own web site guidelines stipulate all public
sector sites should be readable by the special text-to-speech and
text-to-Braille readers used by blind and visually impaired
Internet users. This involves tagging images with text descriptions using
the 'Alt' attribute of HTML. However the test site simply
provides empty tags.

The general direction of the site has met with approval from most
commentators, however. Many services are grouped around 'life
episodes', of which the first four are 'Having a baby', 'Dealing with
crime', 'Moving house' and 'Going away'. Others will be added
as the portal is developed, including one in the pipeline for dealing with
the death of a friend or relative.

There is also an option to customise the portal by UK nation, with further
customisation planned allowing an individual user's
ongoing service requirements to be stored. The service will also eventually
be extended to a range of delivery mechanisms including
digital TV and mobile phones. See:
http://www.ukonline.gov.uk/


E-GOVERNMENT: A LEGAL MINEFIELD?

Local authorities face many legal pitfalls in drawing up e-government
strategies, a new report from the local government IT
association SOCITM finds.

Officers and members must fully understand the requirements placed on them
by a wide range of recent legislation, the report says.
Relevant legislation to ponder - some of which is still in a state of flux -
includes The Electronic Communications Act 2000; the
Regulation of Investigatory Powers Act 2000; the EU Distance Selling
Directive; the Draft EU e-Commerce Directive; the Human Rights
Act 1998; and the Freedom of Information Bill.

In some cases, there are potential conflicts between the various laws, the
report finds. For example, a council may find itself
liable for offences committed by its employees using email; but if it acts
to monitor all email use it could be infringing the Human
Rights Act.

Meanwhile SOCITM also published its annual review of IT trends in local
authorities, which found that some 63% of councils now
provide some form of technology support - typically a PC and printer - for
their councillors in their homes. More than 80% of
council staff have access to internal email but only 64% can use it to
communicate externally.

'E-Government, Best Value and the Law' and 'IT Trends 2000/1' can be
accessed (the latter at a price) via:
http://www.socitm.gov.uk/


'CYBERSQUATTING' A THREAT TO PASSWORD SECURITY

Public sector organisations may need to reassess their Internet security
strategies, as cybercrime based around the abuse of
Internet domain names is set to become increasingly widespread and
sophisticated, according to one leading expert.

Neil Barrett, a computer criminologist with Information Risk Management plc,
told E-Government Bulletin last week that the dangers
surrounding the practice known as 'cybersquatting' - the registration of a
domain name similar to that used by another organisation,
with the intent of holding it to ransom - is set to worsen, with
implications for data security and protection of passwords

Hackers have hit on the idea that people commonly mis-spell domains when
they type them in, he said. This means that if they
register a common misspelling or mistyping of an existing web site, some of
its traffic will be channelled through the hacker's
site. Indeed, it is estimated that an astonishing 15%-20% of web addresses
entered by hand are likely to be misspelled at any one
time.

Hackers could therefore set up a dummy site at a misspelled domain which
pretends to be the genuine site and asks people to key in
their passwords, which are then captured and used on the original site to
commit fraud.

For many public sector bodies, which operate in highly controlled '.gov'
domains, this may not be such a large problem. However,
public bodies often work in partnership with private firms that use
vulnerable .com domains, or may use .com, .net or .org domains
themselves for individual projects.

Unlike with mainstream 'cybersquatting', organisations have no right to take
legal action to recover domains which relate to
misspellings of their own name or brands, Barrett said. And another tactic
used by the hackers could be to list the misspelled
domains in web directories or portals, making it easy to mislead users of
the directory.

The dangers do not stop there - criminals could also try to contact one the
many organisations involved in the routing of domain
names and convince them that they are an authorised person to change that
routing to their own Internet address. If they manage to
do that - and sometimes, it can require little more than a letter on headed
notepaper - they can steal your web traffic lock stock
and barrel.

Barrett made the observations at the launch of a new report on
cybersquatting by the European domain name registry Speednames
(http://www.speednames.com).


STOKE LIBRARY SERVICE IS BEST ON THE WEB

Stoke-on-Trent City Council's library service
(http://www.stoke.gov.uk/council/libraries/) has won first prize in this
year's 'Best
on the web' awards for library web sites, hosted by EARL, the consortium for
public library networking.

The service was cited for making excellent use of local content; developing
lively and educational resources for children; and
introducing some innovative interactive services such as the ability for
library users to send in their own book reviews to be
posted online.

The runners-up were Nottinghamshire library service
(http://www.nottscc.gov.uk/libraries/), which has developed NEWLiNC, an
exemplary online gateway to local community sites; and the London Borough of
Hillingdon Libraries
(http://www.hillingdon.gov.uk/library/) which also features a readers' book
review area.

Judges for the awards included E-Government Bulletin editor Dan Jellinek.
For more information see:
http://www.earl.org.uk/bestonweb/


ELECTRONIC HEALTH LIBRARY GOES LIVE

The National Electronic Library for Health - billed as part of a developing
'digital nervous system' for the health service - went
live last week in pilot form. Targeted mainly at health professionals and
NHS librarians, the service is a huge gateway to resources
ranging from the National Institute of Clinical Excellence's database of
clinical guidelines to medical book reviews.

Within the library a 'virtual branch library' system collates information on
particular health issues or conditions, such as cancer
or primary care.

In the short term the service aims to provide clinicians with access to
information within 15 seconds, with a longer term goal of
just one second. The system will be reviewed over the next 12 months and
further features will be added according to user needs.

The main NELH site is at:
http://www.nhs.uk/nelh/

And there is an excellent 'FAQ' document containing answers to all your
questions about the electronic library at:
http://www.nhs.uk/nelh/faq.asp


TELEDEMOCRACY CENTRE LAUNCHES NEW E-PETITION

The International Teledemocracy Centre in Edinburgh has launched a new
'e-petition' calling on the Scottish Parliament and Scottish
Executive tackle the 'digital divide' and ensure everyone in Scotland has
access to the Internet.

The centre, based at Napier University, is continuing its pioneering work on
online petitions which has seen it run a number of
pilot projects with the Scottish Executive and Downing Street (see
E-Government Bulletin, July and August 2000). For more
information see:
http://www.e-petitioner.org/


NEWS ROUND-UP:

GOVERN YOUR SCHOOL - When Steve Smith became a governor of his childrens'
primary school he found there was quite a lot of useful
guidance for governors but no single resource drawing it all together. So he
created one, on the web - 'Govern your School'. The
site is also a forum for sharing best practice:
http://www.governyourschool.co.uk

SOCIAL SERVICES WEB - The Association of Directors of Social Services has an
Information Management group which advises the society
on all issues relating to information management and technology in council
social services departments. The group has a web site
that houses a projects database:
http://www.ssimg.freeserve.co.uk

MAILBASE BECOMES JISCMAIL - The fabulous, free National Academic Mailing
List Service formerly housed at the University of
Newcastle's Mailbase (http://www.mailbase.ac.uk) has been moved and renamed
JISCmail following an open tender process. After a few
teething problems the migration appears to have been quite smooth and
membership of existing email lists should not have been
affected. See: http://www.jiscmail.ac.uk/


 [Section One ends]


SECTION TWO: CONFERENCE REPORT
- LOCAL GOVERNMENT SOLUTIONS

MAKING IT UP AS WE GO ALONG

The weakness of the government's targets for wiring up public services; the
need for local councils to get their own technology in
order before seeking 'joined-up government' partnerships; and the danger
that modernisation money in the health service could be
hijacked were all among topics discussed by delegates at last month's
Electronic Government Forum
(http://www.electronic-government.com).

At a series of discussion workshops, delegates - whose identities have been
protected here for the purposes of a frank report -
disagreed on the value of the government's targets for all public sector
services becoming available online by 2005. "There is not
one word in those targets about business justification - it is just saying
'do it'", said one.

Another thought that the targets were nevertheless effective as a general
catalyst to spur the public sector into e-government
activity. "The new services will have to provide improvements", he said.
"Yes, but that's not the line central government have
taken" came back the response.

A few were cynical on the age-old subject of how meaningful the '100% online
service' targets actually area - the targets are for
services to be available online, not actually used; they include telephone
services; and they also now preclude services where to
digitise them would contravene data protection or other laws.

"Let's face it, we're all just going to make up figures next year when asked
to record how far we are towards the targets", one
said. "It's just a PR exercise".

Another delegate questioned the feasibility of measuring what services are
online, when it is hard enough to get a clear idea of the
extent of a council's measurable transactions with the public. "We're trying
at the moment to compile a record of what activities
actually take place between the council and the public, and are finding
there are scores of transactions in all corners of the
council, which no-one monitors centrally. And as soon as you start to
monitor transactions, you also begin to look at all the
processes that manage the transactions, and the information relating to the
transactions that moves around internally, and before
you know it you can have a piece of paper that is 20 foot square".

One contributor to the discussion said councils needed to focus strongly on
getting their own house in order before any visions of
partnerships for e-government, or 'joined-up government', could be realised.
"It is all very well to talk about joined-up government
and partnerships, but we need to first implement our own methods of seamless
working within the council, not just the front-end
services but with the back-end processes fully integrated using knowledge
management, document management and the right staff
culture.

"Some councils don't even have email yet, so what chance do they have at
implementing joined-up government? But if we get this right
we should be able to easily meet the requirements for public interfaces
across tiers of local government or between public bodies as
they come about".

Another barrier to partnership between organisations is that e-government
services may not be as high on a potential partner's
agenda as on yours, the delegate said. "The only way forward is to look at
the strategic objectives of your potential partner and
your own organisation, see where they meet and launch a project there".

Most participants agreed that an e-government strategy needed to be drawn up
as a corporate management document, not a new kind of
IT strategy. "An e-government strategy should be seen as part of our core
business delivery, a means of delivering better services.
It is a corporate objective", said one. "It needs someone very senior with
clout across the local authority to drive it forward".

Several delegates warned that e-government may not lead to a reduction in
costs. "The assumption is that money is going to be
saved - I can't see why", said one. "We may have to spend more now, to
develop and provide better services. The accountants don't
like this - they want to see savings, and that is the main problem with the
whole e-government agenda".

Another agreed: "Number-crunching accountants pull your e-government cost
saving projections to pieces because there is no basis to
them. So at least the central government target can be used as a weapon when
your back is to the wall - the target is there and we
have to meet it, even if it means spending more money".

The government realises the modernisation agenda is expensive and has
demonstrated as much by pumping funds into the health service
to wire it up, another delegate said. "But it is hard to convince chief
officers in NHS trusts of that - they are short of money in
other areas, such as coping with demographic trends and winter pressures,
things they haven't been able to do for several years, so
the money is constantly going to be hijacked".

Delegates agreed that it was good policy to consult citizens on what
Internet or e-government services they require or prefer to
receive, but not necessarily to conduct a separate consultation process.
"It's best to slip the questions into your existing Best
Value consultation process", said one. "A special e-government consultation
just turns people off, and encourages the PC addicts, so
we just ask in our other consultations 'would you like to do this on the
Internet?'".

Linking the e-government agenda to the Best Value agenda in this and other
ways might also help drive e-government up the agenda,
one delegate said. "Best Value has hit everyone now, everyone is terrified
by it. How do we make people notice e-government in the
same way? By linking the two".

[Section two ends]


SECTION THREE: ANALYSIS
- INFORMATION OVERLOAD

WELCOME TO A WORLD OF SPAM

Monty Python's 'spam' sketch will never be the same again, for although the
delightful processed meat product has largely
disappeared from our supermarket shelves, lobbyists are alive to the
possibilities of the digitised version.

We-re talking, of course, about email spam - unsolicited email - and the
related problem of email overload: the new challenge facing
public bodies in the digital age.

In the US Congress, Senators and Members of the House of Representatives
have already had to learn to be canny in their handling of
effectively unlimited, undifferentiated in-bound cyber sackfuls of mail.

The Representatives use intelligent software agents to sift out the repeat
transmissions and much of the junk, and automatic
responders warn that no email will be read unless it contains a 'zip code'
(postal code) from the politician's constituency. We can
expect such devices to proliferate and become ever more intelligent: but
what if one of the purposes of an institution is to examine
both solicited and, even more vitally, unsolicited material? And cynics
might consider that in an age of political cowardice,
politicians would be happy to 'lead from behind' after sampling public
opinion in any way they can.

Although tricky, it is possible to manage unsolicited input at the level of
an individual such as a politician. However, the problem
is much more extreme in the case of large institutions.

It may not be such a problem at the departmental level in government where,
except for consultation procedures, it is quite
difficult to locate the precise recipient for a message. Soon, however, the
persistent will not discriminate but will, rather, load
a list of names and merrily spam.

The most serious problems, however, will occur at the level of local
government, particularly where there is a unitary authority
with a variety of functions. Unless councils are much more disciplined about
their in-box allocation, lobbyists and spammers will be
tempted to go to the appropriate web site, download a list of names and
whoosh!

Public bodies - and private bodies, for that matter - are not prepared for
this deluge, mainly because they think of the Internet as
a propaganda (sorry, information) and marketing tool which allows the high
and mighty to impose their goods, services and importance
ever more weightily upon the masses.

Of course there are fine examples of interactive good practice on the
Internet, but such facilities have largely been established as
a source of reliable and free, if narrow, marketing information.

Worse is yet to come. There may currently be a few cranks trying to
infiltrate the book review chit-chat facility on Amazon.com, but
that's nothing to what Borsetshire County Council will have to deal with
when e-mail and web facilities are attached to digital
television.

Just picture the scene - a local digital TV station sets up a response
template to a scandal story with an automatic email link to
the council's in-box. The response could be overwhelming - but councils, of
course, can't simply empty the lot into the digital
dustbin. There is no reason why a response should be regarded as more
trivial just because it's digital rather than in Sandhurst
copperplate.

Imagine too the state of the Railtrack email server once all delayed
passengers have Internet-enabled mobile phones. There will, for
instance, need to be separate systems for receiving complaints and keeping
the operational network running. In an emergency any
institution will want absolutely maximum Internet efficiency at precisely
the same time as customers will want maximum complaint
impact; it will be the cyber equivalent of crash voyeurs blocking the
ambulances.

Add to this, for good measure, the need to differentiate in-bound
information and you have an information management agenda of great
magnitude. When stuff comes pouring in that you want to keep, where does
this fit in with your data protection policies and data
protection legislation? And what do councils do with information from
clients which is the privileged domain of social services or
education?

It is time to start thinking hard about email and information management.

* Article by Kevin Carey, Director of HumanITy. E-Government Bulletin would
love to hear from anyone with creative solutions to the
email management issue. Please email the editor Dan Jellinek on
[log in to unmask]

[Section three ends]


SECTION FOUR: US CASE STUDY
- DIGITAL PETITIONS

TOWARDS AN OPEN SOURCE DEMOCRACY

In our last issue, we looked at how US citizens can initiate legislative
measures in some states through the 'initiative process',
under which they are required to collect a certain number of signatures on
petitions. If they collect the requisite number of valid
signatures, the proposed measure goes onto the next public election ballot,
and voters can then pass or defeat the initiative at the
polls.

The nearest one can come at the moment to collecting signatures over the
Internet for these purposes is to create a 'PDF' graphical
file version of the initiative petition, post it on the web or email it to
those requesting it, and let them print it out, sign it,
and post it in.

This is an inelegant and often difficult way of proceeding, given the need
to print the forms out on two sides of the paper,
compress the text to fit in limited space and so on.

The obvious way to have people sign initiative petitions over the Internet
is to let them sign them using digital certificates. As
of 1 October 1 2000, the US federal E-Sign bill is in effect, authorising
the use of these online credentials to sign contracts
online. It's only logical to say that if digital certificates are now good
enough to sign multi-million dollar contracts, they ought
to be good enough to indicate your desire to see a particular legislative
proposal voted on in your state.

The 'Smart Initiatives Initiative' currently being circulated in California
was created to implement this idea in practice. Its
primary aim is to allow people to vote on a measure requiring the state to
provide all citizens with a digital identity certificate.
The project has until March 12, 2001 to collect 419,260 valid signatures of
California voters who want to see it on the primary
ballot in 2002.

With Smart Initiative petitions, as with any petition, verifying the
identity of the signer is key. Still, while the identity of the
signer must be knowable by the authorities that check the signatures, it
need not be made available to the general public. In fact,
under the provisions of the proposed Smart Initiatives Initiative, it is
protected by the same restrictions on disclosure as are
legacy pen-on-paper signatures.

Moving the initiative-signing process online benefits all parties involved.
For proponents, it reduces the cost of circulating their
petitions by several orders of magnitude. For citizen-signers, it makes it
much easier to study a proposed initiative and then, if
they want, to sign it from home, office, or other location.

For the election officials who currently need to spend months checking a
mere random fraction of the submitted signatures before
extrapolating according to arcane formulas to determine the 'official'
number of valid signatures, the power and convenience of a
digital system to rapidly and comprehensively tabulate the results would be
a much-welcomed improvement.

Because the first major provision of the Smart Initiatives Initiative is the
distribution by the state of a high-level digital
certificate to each citizen, citizens-as-consumers and
citizens-as-commercial entities will benefit as well. They will be able to
use these certificates not just to sign initiative petitions but to buy
insurance, order groceries, tele-commute, check their
children's homework assignments, and do anything possible now or in the
future that requires them to establish their identity
online.

At a minimum cost of ten dollars each, however, providing 20 million
Californians with a digital certificate will not come cheap.
Hence another proposal that could lower this cost and pay other dividends as
well, a proposal to develop Open Source Public Key
Infrastructure (PKI) software.

Open Source software is computer programming code that is not secret. The
instructions that make it run are available openly to
everyone. It makes sense to consider the creation of an Open Source PKI
Foundation to facilitate the creation of Open Source PKI
code, not only to save the State of California a lot of money, but also to
set the stage for using open source software to
eventually provide Internet voting services.

 In addition to the cost savings for the government, building a PKI and
using Internet voting software where the internal code is
open would mean that it could be properly understood by the people who use
it. It would provide a technological analogue of the
political openness and participation that is central to this entire vision
of what could be termed 'Open Source Democracy.'

Nor would it be inappropriate, eventually, to move many other existing and
future e-government applications to an Open Source model.
In such an environment, we could avail ourselves of a seamless web of
information, decision-making, and functionality. As the reach
and power of the web steadily evolve, these principles of openness and
self-determination would be a concrete realisation of the
long-sought ideal of 'government of the people, by the people, and for the
people.'

* Article by Marc Strassman, Author of the Smart Initiatives Initiative and
Founder and Executive Director of the Smart Initiatives
Project. See:
http://www.smartinitiatives.org


[Section Four ends]

HOW TO RECEIVE E-GOVERNMENT BULLETIN
To subscribe to this free monthly bulletin,
e-mail [log in to unmask]
Please encourage your colleagues to subscribe!

To unsubscribe at any time, email:
[log in to unmask]

For further information on subscription, including how to subscribe or
unsubscribe from an alternative email address and how to find
out if an particular address is subscribed, see:
http://www.headstar.com/egb/subs.html

Please send comments on coverage or leads to
Dan Jellinek at: [log in to unmask]

Copyright 2000 Headstar Ltd
The Bulletin may be reproduced in full as long as all parts including this
copyright notice are included. Sections of the report may
be quoted as long as they are clearly sourced and our web site address
(www.headstar.com/egb) is also cited.

A searchable archive of our back-issues can be found on our web site.

[Issue ends]

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************