Couldn’t Give a XXXX For Public Sector IT Projects?

One of the main reasons why I’ve been such a staunch supporter of ID cards is that the government has such a fantastic track record on large-scale IT projects. Look at what EDS did for the Child Support Agency, for example. I have every confidence that, once they find a suitable large American corporation to outsource the project to, it will all be well managed, and your and my private and confidential data will be properly secured.

On a much smaller scale, I had my own experience of some first-rate public sector IT thinking this week. Our local pub has applied to extend its license, under the new laws that are tantalisingly close to coming into effect in November. Any Daily Mail readers out there need not fear–it’s nothing that will bring about the end of the world, just another hour in the evenings from Thursdays to Saturdays, and an extra half on Sundays. As local residents we received a pack of information about the licensing changes, which explained how we could head over to the Camden council’s licensing website at http://www.camden.gov.uk/elicensing/ and check out the application information for ourselves on the online public register by logging in with the generic username and password supplied in the form letter and helpfully also printed up on the home page of the website (username: public, password: public11).

Now you might think that if you’re going to display a username and password prominently on the site for anyone who happens to open the page to see, then there’s probably not much use in having a username and password to login with at all. But that’s not the best bit. If you login with these details, the site provides a handy link marked “Edit your account details”, where you can, ahem, change the password. Thus preventing anyone else from viewing the register. Nicely done, Camden council. This almost beats the 6 month email exchange I had with Islington last year attempting to register to pay my council tax online. It’s good to see you’re all putting that council tax to such good use by investing in IT technology that’s well suited to the purpose it’s being used for, and that you’ve really thought things through.

Being the good citizen that I am, I emailed the council to suggest that maybe, just maybe, this wasn’t all a terribly good idea. They replied to “thank me for [my] suggestion” and say that they “would like to point out that [they] do get notified if the password is changed and and would change it back straight away”. Well that’s ok then. That’s an awfully efficient use of resources (and I’m sure there’s someone in the office 24-7 on website password changing duty…)