This deck presents a range of models for thinking about digital government and its structure. The models stem from the fields of management, system dynamics and enterprise architecture and are applied in a governmental context
3. today
∙ Introduction
∙ Mental models for thinking about the government
∙ Five separate models for approaching the subject
∙ Not comprehensive, not validated but possibly useful
∙ The models are provided in Estonian context
∙ Gaps in knowledge will be revealed
2
4. introduction
∙ Today is not about telling you about how things are, it is about
encouraging thinking
∙ The term “Digital government“ is used instead of “e-government“
∙ Often, the first word is omitted
∙ This is important: in Estonia, e-government is not something distinct
from the overall government
∙ “e-“ is slightly overused, “Digital“ is more precise
We are discussing a very abstract and fragile topic, semantics are
very important!
3
5. foundations of digital government
E-government is a complex matter requiring multiple viewpoints
∙ The enablers model
∙ The feedback model
∙ The historic model
∙ The organisational model
∙ The mechanical model
4
8. trust and collaboration between stakeholders
An externally guaranteed trust framework between citizens,
businesses and the government as well as cooperation
∙ Information systems involved are too complex to comprehend,
thus the need for explicit trust
∙ There has to be an external (e.g. cryptographic) guarantee to the
trust keeping it from gradual deterioration
∙ Only wealthy countries can afford not to have that trust: IRS lost
$5.2 billion to identity theft in 2013. Translated via GDP this would
mean e6 million annual loss in Estonia.
∙ Ability to find common ground between engineers, politicians and
administrators but also, say, banks and the government
7
9. ubiquitous electronic identification
On the internet, nobody knows you are a dog
∙ The assurance level of services provided is dependent on the
assurance level of the electronic ID
∙ The British way can only go so far
∙ For simple cases e-mail is sufficient
∙ Digital signature requires a PKI-based solution
∙ Ubiquity stems from people using various e-services on a daily
basis and realising their benefit. It is needed so that
∙ electronic service can become dominant
∙ the users are acquainted with the risks involved
∙ the users actually find it convenient to use it
8
10. ”breathing room”
The players must have the ability and capability to change their
operating model with reasonable effort
∙ By definition: if everything is in place, any change would go
against the well-established rules
∙ Stability means things happening tomorrow the way they happen today
∙ Innovation means the exact opposite
∙ Many of the decisions underpinning our e-government would be
impossible to execute in a well-controlled environment
∙ Risk management processes alone would be a sufficient deterrent
∙ This is mental to a large extent: what do people have to loose?
∙ A certain level of chaos is needed for progress
9
11. critical levels of critical competences
Without the following competences, it is not feasible to build an
e-government as they are neigh to impossible to outsource
∙ Ability to procure development
∙ Basically, one must be able to act as a responsible customer
∙ Vendor management is big part of it
∙ Ability to provide input and validate the output
∙ Ability to procure operations
∙ Operating the service means controlling the data, this is important!
∙ Weak operations lead to low service levels and loss of trust
∙ Information/cyber security
∙ Who will work out your electronic identity scheme?
∙ Whose cryptography do you trust (and can you make your own)?
∙ How do you protect your service?
To sustain the e-government, the ability to absorb IP is needed
10
13. the feedback model
People Behaviour
Society
(e-)governance
Government as a dynamic non-linear behaviour of society
12
14. about the model
All organisations are shaped by the systems they build and the
systems they build are shaped by the organisations
∙ Skype the organisation was shaped by Skype the software
∙ Organisations produce software that mimics their internal
∙ communications structure
∙ organisational culture
∙ organisational structure
∙ How the model works
∙ People behaving in certain ways form a society
∙ The society yields certain means of governance
∙ The governance changes behaviour subduing undesirable and
rewarding desirable traits
13
15. feedback in estonia
∙ Estonian people are slightly strange
∙ Many of us are of distinct Soviet up-bringing: mend and make do while
minimizing contact with the government
∙ Our behaviours are shaped by the initial steep reforms undertaken, we
are used to change
∙ There is a high level of trust towards the state
∙ Presumably because of the way we re-gained independence
∙ We do not know!
∙ The feedback is very likely there
∙ Increasing popularity of electronic voting will force us to change it
∙ But we don’t know much about if and how the feedback works
elsewhere
14
17. the historic model
Foundations
Technical Legal Social
Public service
Technology Regulations Organisations
Customer value
E-government as being built on top of foundations rooted in the past
16
18. about the model
All countries come from their past and must build on foundations
they have
∙ Replacing foundations gets harder as the building gets larger
∙ Three kinds of foundations
∙ Technical: the technical infrastructure and capabilities of the society
∙ Legal: the legal framework of the society
∙ Social: social structure, behaviours and culture
∙ Public service
∙ Democracy seeks to distribute power and can thus lead to
fragmentation of services
∙ Services contain technical, regulatory and organisational components
∙ From the services, inexorably, customer value emerges
17
19. foundations of estonia
∙ The technical foundations are well-understood
∙ X-road
∙ Electronic identity
∙ Legal foundations not so much
∙ “X-road directive“
∙ Data set law
∙ Where do the personal identification code, Once Only, authorisation
provisions etc. come from?
∙ Social foundations even less
∙ There is no coherent research on the history of Estonian cyber culture
∙ We obviously rely on Soviet education but how and to what extent?
∙ Why do Estonians trust their country so much?
18
20. services and value in estonia
∙ There is an effort by MKM1
to increase service-orientation
∙ Some administrative research is there
∙ Not much robust academic knowledge
∙ Not clear, what constitutes a public service
∙ Theoretical model exist within EC, their applicability is unclear
∙ The value part is not clear at all
∙ The numbers quoted are pretty much made up
∙ There is anecdotal evidence of massive ROI but very little conclusive
∙ EMTA decreasing their workforce, prevention of identity theft, the case
for photo booths at Road Authority
∙ Difficult to scale up but possibly comparable to other countries
1Ministry of Economic Affairs and Communication
19
22. the organisational model
Business architecture
Organisational architecture
Functional architecture
Technical architecture
Physical architecture
Government as an organisation
21
23. architecture layers of organisations
Organisations can be seen as layers of different but interdependent
architectures
∙ Business architecture defines the strategy, business model and
partnership structure
∙ Organisational architecture is the organisational structure and
processes executing on the strategy
∙ Functional architecture consists of interrelated functional
“chunks“ supporting the organisation
∙ Technical architecture is what implements the functional pieces as
software components
∙ Physical architecture is the hardware running the software
22
24. layers of estonia
This is an approximation, of course.
∙ Constitution describes business architecture
∙ The setup of ministries, agencies and governing bodies is the
organisational architecture
∙ Functional architecture contains the arrangement of registries
∙ Technical architecture is the implementation of these registries as
databases and systems
∙ These systems are deployed on a physical infrastructure
23
26. the mechanical model
Agency Agency AgencyAgency
Financeandportfoliomanagement
Cybersecurity
Information System Registry
Electronic identity
Citizens/Officials/Enterprises
Delivery channels
Integration
Infrastructure
Government as a (static) combination of technical and process
components
25
27. electronic identity
∙ Implemented using PKI, CA service provided externally
∙ The certificates live on a chip (smart card or SIM)
∙ Digital signature legally equivalent to the physical one
∙ Depends on the personal id-code of the citizen
∙ Bank-driven federated identification scheme widely adopted by
stakeholders
26
28. channels
∙ Central service portal eesti.ee with 800+ services accessible
∙ Main challenge: maintaining service ownership
∙ No central UI/UX guidelines although a recommended web site
template exists
∙ Hundreds of individual contact points
∙ Mobile is very small
27
29. integration
∙ Distributed service bus called x-road
∙ All communication happens peer to peer
∙ x-road provides standardised
∙ channel crypto
∙ access control
∙ service discovery
∙ audit logging
∙ identity management
∙ protocol support
∙ Massive deployment, 1000+ usable services
∙ Constantly developed, version 6 getting ready to roll
∙ De facto enables once-only and privacy
28
30. infrastructure
∙ Being expanded rapidly, currently only network
∙ Government cloud is a combination of
∙ private cloud
∙ public cloud
∙ data embassies
∙ Security and service availability major drivers: we no longer can
run this country without e-services
∙ Scalability and cost are also becoming an issue
29
31. main open questions
∙ Does this model apply to other countries?
∙ Is it possible to quantify e-government architectures using this
model?
∙ What is the relationship between this model and the feedback
model?
30
33. theme
Get the source of this theme and the demo presentation from
http://github.com/matze/mtheme
The theme itself is licensed under a Creative Commons
Attribution-ShareAlike 4.0 International License.
cba
32
34. contents
The contents of the slides is lidecensed under a Creative Commons
Attribution-NonCommercial-ShareAlike 4.0 International
cbna
33