MPs blast government's "digital by default" plans

9 Jul 2013
parliament

Strategy to move government services online could put user privacy at risk, says committee

MPs have torn into government proposals to save money by making services "digital by default".

The strategy aims to cut spending by moving government services to the web, such as booking driving tests or paying tax. Cabinet Office Francis Maude has previously claimed the changes would save the taxpayer £1.2 billion by 2015.

However, the House of Commons' Science and Technology Committee picked holes in the plans, saying there was no proof the strategy would actually deliver the promised savings - and that it could put users' data at risk.

Committee chair Andrew Miller said the government hadn't provided any evidence showing that moving transactions online saved money. Maude gave evidence before the committee, but said he couldn't speculate on any savings made so far because government data is "not good".

If you want to apply online for disability living allowance, you have to use old, unpatched and non-updated software that is full of security vulnerabilities

"A key justification of the 'digital by default' strategy is savings to the taxpayer," Miller said. "Yet it is not evident that the government is even able to measure these savings."

Security concerns

Miller said that expert evidence suggested the government was using outdated software, potentially leaving personal data at risk.

"We are concerned that inadequacies in government software may lead to security vulnerabilities," said Miller. He added that MPs were "concerned that sensitive, personally identifiable data could be compromised".

Software engineer Dr Martyn Thomas noted that some government services - such as its e-service for some benefits applications - don't actually work with modern browsers. "In other words, if you want to apply online for disability living allowance, you have to use old, unpatched and non-updated software that is full of security vulnerabilities," he said.

Dr Thomas also noted that it was still possible to identify users even from anonymised data. "The government doesn't appear to understand how easy it is to de-anonymise supposedly anonymous data," he said.

"I do not believe the government has kept up with the advances in privacy-enhancing technologies and different ways of doing identification and the strengths and weaknesses," he added.

Miller called for stringent safeguards for personal information. "Public trust is absolutely essential," he said. "The government must ensure the integrity and security of data and give people sufficient control over their stored personal information otherwise, the 'digital by default' strategy will not succeed."

The committee has written to Maude, who will have until October to respond.

Read more

News