I give it 4.5/5.

Platformland: An Anatomy of Next-Generation Public Services, by Richard Pope, is a delightfully comprehensive and surprisingly contemporary book. it presents patterns and strategies for building digital public services that are more understandable, accountable, and democratic. this has been on my reading list for quite some time, but I decided to bump it up given all the recent discussion regarding digital ID in the UK. it's also a particularly relevant read given I'm heading to 39C3 in Hamburg.

Platformland paints a future so vivid you can see yourself in it, and so desirable you want to be part of it. this is mostly due to Pope, who's part of the founding team of the UK's Government Digital Service, being an incredibly compelling writer. he succinctly identifies the high administrative burden of providing and interacting with public services as a barrier to a more effective state. the solution he presents in detail is digital identity, combined with API-based data access between services and a cultural shift towards digital in the civil service.

reading this has allowed me to clarify and crystallise some of my own thoughts on the UK's recent digital ID proposals. I've come to understand how we can build better public services, why people are uncomfortable with centralised digital ID, how the Government can genuinely address their concerns, and why we should reject this iteration of digital ID as the foundation of the next generation of public services.

building effective public services

in my view, we already have a lot of the groundwork to deliver good-quality public services that encourage social cohesion and civic engagement.our existing services simply need to be joined together better, and need to treat data as a common resource. the UK Government already knows where I live, where I work, how much I earn. we should redesign existing digital public services to provide users with a 'single pane of glass' where they can see their current interactions with every level of government, including local authorities and central government. it should proactively make recommendations, and make it clear what’s been done and what needs to be done next. we should build effective public services that actively reduce administrative burden.

Pope appears to share this view, and is an advocate of digital identity if it's used to make interactions with government easier, especially if it's used for tasks which can only be accomplished using digital identity. a good example would be a service that notifies multiple government departments that you've moved house all at once, using relevant information to update your driver's licence, switch your GP clinic and dentist, close your old council tax account and register with your new local authority. you can do that with paper-based systems, but it's quite the hassle. digital ID should support systems in being less hassle-y.

making better use of data

I reject the premise that we need a unified digital ID system to improve public services. for one, we need to shift how we think about data from a resource shared between departments and consumed by services to a fundamental infrastructure applications are all built on.

Estonia also operates a 'once-only principle', so that data entered in one service does not have to be entered again in a second service. In fact, services are forbidden from requesting data that is already held by government.
— Chapter 1, Burden Eliminated

federated access to data, which is held and maintained by separate government departments, addresses a lot of the concerns people have with centralised databases. our system is, in fact, almost set up to support this. however, instead of direct data access, government departments depend on data sharing.

In reality, [data sharing] is closer to copying and pasting. Data gets duplicated and is immediately out of sync and out of date. Actually, it's more like faxing. The copy is a lower-resolution version of the original. It is partial.
— Chapter 6, Data as Infrastructure

put simply, we need to become more serious about how we organise existing data. normalised databases have existed since the 1970s and REST APIs have existed since the 2000s. it shouldn’t be mind-boggling to use these existing technologies to make interacting with government less painful, instead of adding another identity layer on top of an already fragmented system.

To create modern public data infrastructure is to change how data is organised and how it is accessed. It must be organised to minimise duplication and maximise interoperability. And it must be accessible by services in a way that is predictable and involves minimal friction.
— Chapter 6, Data as Infrastructure

organising data by domain and linking it with standard identifiers in a federated way protects security, as it is decentralised. it ensures accuracy, as a single entity is responsible for the data. it assures privacy, as one entity must explicitly request data from another, and the nature of those requests can be made public and audited, similar to the way many government departments already publish information about their external data shares.

unique identifiers for federated data can also be domain specific. Platformland mentions India's Automated Permanent Academic Account Registry system for student records and the UK's own Unique Property Reference Number for property as examples.

funnily enough, we already have federated data sharing between HMPO, UKVI and police forces, where police can search facial photographs from passport and immigration applications. funnily enough, it's subject to concerning amounts of use. in Germany, such databases are routinely abused.

building using blocks

Pope also recognises governments have taken to the idea of composable components for building digital services.

Common components are slowly being seen for what they are: core elements of a modern state that can make the public sector and society more resilient. They represent a reorganisation of the work of government around new pieces of common digital infrastructure that can support many services.
— Chapter 5, Common Components

the discussion of common components opens the door for inner-sourcing in government, and packaging specialised solutions for one service into components that can be used by other parts of government.

building see-through services

civic engagement hinges on people giving feedback to help iteratively improve public services. that means they need to understand the reasons behind their interactions with the state, and appreciate why services are structured in the way they are. put simply, being a good citizen involves understanding how society works.

in the book, this is called co-production, and is achieved by surfacing information about the department a user is interacting with, the policy and legislation determining the decisions, who is accountable and opportunities to give feedback at the point of use. users should have decisions made explained to them clearly, regardless of whether they were reached by human or automation.

when applying for a blue badge, if a user is found to be ineligible, the system should clearly explain the data that was used to come to a decision and have a simple way to escalate their case for review. perhaps there's been an address mismatch, because the user is moving house. maybe the council’s automated questionnaire has encoded the Blue Badge rules incorrectly.

a massive benefit of digital systems lies in being able to provide instant feedback on how a decision has been reached, and to empower users to demand greater transparency from the systems which govern them. that doesn’t require digital ID, just good service design.

why the discomfort with digital ID?

almost 3m people have signed a petition opposing the introduction of digital ID. according to polling, net support for the digital ID has collapsed by 49 points, from 39% to -14%. people are uncomfortable because the plans, as proposed, will likely implement a centralised identity database, alongside a central record of every interaction which uses a digital ID credential.

what do you have to hide, huh?

the book discusses the idea of identity in relation to shame, which I think explains the public's visceral reaction to these proposals.

Lisa Austin, chair in law and technology at the University of Toronto, points to an alternative way of thinking about identity that is more helpful: shame. Shame is not how we appear to others, or whether something is shameful, or private, in principle. Shame is how we feel about how others see us. It is self-reflective, constructed through social interactions with other people.
— Chapter 4, Shards of Identity

when interacting with others, we have a natural inclination to omit unflattering information about ourselves. a central digital ID clinically strips away our ability to construct an image which is the least shameful, which portrays us in the most positive light. I don’t think people, understandably, trust any form of government with the most complete digital picture of themselves.

it’s also fascinating to think about how digital credentials can evolve over time, and become social objects of their own. digital ID lays bare, in an incredibly uncomfortable way, how the existing credentials we rely on to prove our identity are also used to determine our rights, duties and privileges.

What we don't know yet is how credentials might change the nature of the relationships the mediate once they are digital. Does the creation of more verifiable data about users mean that hyper-means-tested services like Universal Credit become more common because they become easier to create? Will more credentials mean people have their credentials checked more often, just because it is possible? Will the 'power to check' go to the heads of policymakers?
— Chapter 4, Shards of Identity

in the book, there’s an interesting sidebar on how social media enables people to coalesce around pieces of content, as opposed to other people. even on creator-centric social media platforms, like YouTube, Instagram or TikTok, the focus is on the content those creators produce. the creators themselves have become transparent. I think that distinction has allowed for the rise of hyper-targeted advertising, as product recommendations can be presented through feeds as just another piece of content.

so, what even is digital ID?

the Government's explainer, and even Labour Together's BritCard whitepaper, are incredibly light on implementation detail. the only concrete use-case presented so far is ensuring someone in the UK has the right to work. these current digital ID proposals threaten the civil liberties of law-abiding citizens, for the sake of the intangible benefit of probably, maybe reducing illegal migration.

the public don't know what form digital ID would take, and therefore assume the worst: a centralised scheme that could be abused by a tyrannical surveillance state. the naysayers do have some merit to their many arguments; for one, the UK Government are most likely not putting forward a European-style ID card with European-style privacy protections. Pope himself alludes to this.

In a way not readily apparent to people working in close proximity to the creation of software, most software is in a state of constant flux. Many of the concerns of digital rights campaigners can be understood through mutability. The fundamental worry is that, because of the 'latent capabilities' of software, the products and services we use today could be quite unfamiliar tomorrow.
— Chapter 9, Accountable Automation (emphasis mine)

these digital ID proposals should have been co-produced with the public. I feel the arguments in favour of digital ID have been painfully reductionist, and oversimplified. how, exactly, will it make my life as a citizen better? what problem does it solve that isn’t already solved by our current methods of identity verification? more importantly, how does it stop those who are marginalised from becoming even more of an afterthought? how does it protect privacy and prevent laying the foundations for a surveillance state? the existing proposals answer none of these questions.

right now, there’s been no discussion over who will build this system, manage it, or oversee it to prevent abuse. will it be the Cabinet Office, who are, at time of writing, spearheading the plans? will it be the Department for Science, Innovation and Technology? the Home Office? a completely separate non-profit organisation? a non-departmental public body? a corporation created by Royal charter? who will be held accountable for digital ID?

the question "who's going to run this?" seems trivial. however, without proper systems for ensuring accountability, we risk creating an opaque, unanswerable labyrinth of public services. this becomes even more salient when we consider how digital ID can be used in automated decision making. Government needs to be transparent in the design of its services, clearly communicating the changes it makes. that allows everyone to have an informed, robust debate over how digital ID interacts with civil liberties.

The inherent mutability of digital systems and the opportunity for 'mission creep' that that mutability affords means that legal and civil society activity should be considered as something that is necessary for any democracy creating digital infrastructure and services.
— Chapter 10, Immunity to Treachery

being honest about how digital ID of some form would change over time is the best way to get the public on side. being honest about the scope creep of digital ID, and clearly communicating how a society could benefit from a single ID and exactly what interactions with the state, beyond immigration enforcement, it could make quicker and easier. we should take time to think of the risks which could arise, figure out how we want to address them, and then plan around that. that is the only way any digital ID system will be successful.

a palatable proposal for identity

if we accept Pope's premise — that some form of digital identity is necessary for building the next generation of public services — we can start to design a system fit for purpose. (that is a big if, but we unfortunately do not have time to discuss the benefits and caveats of an digital identity. this article is long enough!) first off, a centralised digital card which is designed to solve an effective non-issue is not and should not be presented as a viable solution.

interestingly, the book touches on how people can have more than one digital identity, based on the task at hand. existing digital identities (think social sign-on in the form of Google or Apple accounts) adapt to this by allowing us to choose what we share. we should have the same flexibility with any form of Government-issued digital identity.

in the UK, we have decentralised ways of proving who we are. any proposed digital ID solution should seek to emulate that. a briefing from the Electronic Freedom Foundation against digital ID outlines this as a benefit of our current system, and changing it risks severely damaging the relationship between the population and the state.

Our identity practices are built on a multi-path, trust-based approach. Because verification happens through different providers, documents, and social contexts, the system is more robust against failures and supports personal autonomy.
— Electronic Freedom Foundation's Joint Briefing on the "Do not introduce Digital ID cards" Parliamentary Petition Debate

our current system of identity is flexible, yet not ideal. in the absence of anything better, we piggy back off paper credentials, such as decision letters from DWP, to communicate pieces of information about ourselves and help others understand the entitlements we have. in the process, we reveal inordinate amounts of often unnecessary detail.

iterating on the decentralised, privacy-preserving and autonomous way the public use our existing credentials is the answer to the problem of social identity. I feel having a user "collect" credentials, similar to badges used to prove competency stored in a service like Credly, is the answer. Richard Pope, in fact, envisions separate credentials which encode attributes, such as "disability status" or "care leaver status". presenting collections of these credentials could entitle us to access specific services.

it would be interesting if people could have the option to register them against a central government account if they so wished, or look through a public directory of services available to people with specific credentials or combinations thereof. a service like that would allow people to figure out which ones are available to apply for, and which could be useful to hold.

I'd like to expound on this by thinking about credentials which encode not only our personal entitlements, but also entitlements to our data. access to data could be enabled by domain-specific credentials, which then allow you to share very specific sets of information. for example,

• DBS checks, passports and university degrees could be issued as credentials. parts of these credentials could be consumed by an employer’s referencing system to make sure we've got the right to work in the UK and the qualifications we say we have.
• that same DBS check and passport credential, when combined with another credential that allows access to income records from HMRC, could be consumed by a council’s fostering application system which checks eligibility based on rules about age, income and safeguarding.
• a one-time credential could be composed from a check for one of several diagnoses from your NHS health record, as well as a disability assessment credential from DWP to get a blue badge credential immediately issued by your local council and posted to your address automatically. additional information about your health conditions could be exposed if you want more specialised support, but wouldn’t be absolutely necessary for the application.

we have the technology to allow people to carry credentials and present them. we should focus on perfecting that, instead of building the centralised identity database that is every authoritarian government’s and every hackers’ wet dream.

a world without digital ID

I don’t think we need a digital ID system to build services that encourage people to be an active part of our society. we certainly don't need a digital ID to design interactions with Government which get stuff done, use data effectively and treat people with dignity.

building good public services demands not only a fundamental shift in how the Government design, fund and build software, but also a fundamental shift in how we organise the Government. Pope proposes a model of service managers, platform directors and data custodians who report in to cross-government ministers, Parliament and other elected bodies, to ensure service design and data use are always accountable.

as a population, we need to rethink what we demand from our public services. they need to feel fair, respectful and dignifying. they need to be empathetic and considerate of the needs of their users. they need to treat people like people, and be designed to create a sense of empowerment and agency when interacting with Government. the bias towards utilitarianism in service design, as well as our desire to use technology to squeeze efficiency savings from the public sector, are at odds with building digital services that work for all of us.