Bringing content to people, not people to websites – Gov2Radio

As referenced in my last blog post, here is the podcast embedded below…I didn’t realise that I sounded so Devonian 🙂

A very open account and it comes from the heart as you’d expect..a good edit considering we spoke for just over an hour…for those who know me, getting me to shut up isn’t that easy…

Thank you to Allison for the opportunity to share some thinking and the conversation.

Enjoy….

http://gov20radio.com/2012/06/content-to-people/

The cookie monster…

Cookie Monster
Cookie Monster - By dnnya17 from Flickr

Following on from my previous post about Cookies and with less than a month to go, I’d thought I’d expand some of my thinking and the “pragmatic” approach I’d like to adopt here in Devon.

Firstly I referred to the guide developed by the Government Digital Services (GDS) “Implementer Guide to Privacy & Electronic Communications Regulations (PECRs) for public sector websites” [ pdf warning ] and I really suggest you download it and read it  – it is in my opinion a very helpful and pragmatic document and provides more practical help than the Information Commissioner’s website

The following quote for me represents the bigger challenge which I feel web managers also need to invest some time in…

The preferred method of compliance with the new regulations i.e. least disruptive to the user experience, would be one based on users’ “implied consent”. In this context “implied consent” can be taken to mean that a user is aware of the implications of taking a certain action and that by choosing to take such action are implicitly giving their consent to the related outcomes.

However, the ICO does not believe it is possible to take such an approach at present because “evidence demonstrates that general awareness of the functions and uses of cookies is simply not high enough for websites to look to rely entirely in the first instance on implied consent”.

This emphasises the need to raise the awareness levels amongst users of government websites about the uses and functions of cookies. Consistency in the presentation of cookies-related information will help towards achieving the aim of educating users, so this document sets out a recommended template for departments’ ‘Use of Cookies’ policy

So two points come out of this which are important to acknowledge, the first being implied consent, which sounds like the most logical approach and one which will impact the end-user the least and second Awareness – yes, awareness of what cookies are, what they do and why people need to understand this as they move about the internet.  So as it states the ICO state that you can’t really do implied consent if the levels of awareness of so poor that people are clueless as to what cookies are in use on a given site.

However  – It’s worth remembering I’m trying to provide a pragmatic solution here –  my personal preference is that we in fact do adopt an implied consent model but support with communication and awareness across our site which helps to mitigate any concerns.

I’ve started to experience the “click box” approach on a few websites, the ICO’s included and it really is a nuisance and doesn’t actually demonstrate people understand what they are clicking and what that means to them and disappears once you click on it once, so it fails to address the awareness issue as well in my opinion and is really a worse approach as on return to the sites I visited there isn’t really any clear and visible links to the cookie usage and privacy policy.

So one of the things we will be doing to help with a sustained level of awareness and communication is linking to content which explains what cookies are in a balanced way – Two good examples of this are AboutCookies.org and its Cookie FAQ section and CookieCentral’s FAQ section.

In support of this we will also be linking to content which helps explain how people manage cookies within their browsers and again AboutCookies.org provides some really good resources here.

We will also be communicating that our use of google analytics as a service improvement tool will be on the basis that we do not share any data as described in my previous post

I think as a web community we really should offer a consistent approach to communicating about cookies and in my view we shouldn’t be writing or creating this individually. This should be delivered either through a consistent approach to some common and reusable content which can be syndicated or a consistent approach to linking to the same resources. What ever we do the message and awareness should be the same.

Do you accept my cookie

privacy
Privacy by Alan Cleaver (flickr)

My family uses in the internet a lot, we use it to shop online, book holidays, search for stuff and we all conduct research in various forms, as I suspect most people do.

So when speaking to some of my family the other day, I asked them about the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 and to my shock horror they knew very little, in fact nothing about it whatsoever. It was understandable from my kids who are only 7 and 5, but my wife, who shops online more than I do, didn’t know anything about it.

I wasn’t actually shocked, whilst privacy is important (and it really is) most people don’t really know what the legislation is even trying to do or guard them against…I suspect most people will in fact get frustrated with simply clicking on a “accept or deny” cookie button on every website they visit.

I’m not going to get into a debate here about whether or not the legislation is actually the right thing to do, but i’ll just remind myself of one of the main intentions – this is a quote from the the Information Commissioner’s Office (ICO) website.

It should be remembered that the intention behind this Regulation is also to reflect concerns about the use of covert surveillance mechanisms online.  Here, we are not referring to the collection of data in the context of conducting legitimate business online but the fact that so-called spyware can enter a terminal without the knowledge of the subscriber or user to gain access to information, store information or trace the activities of the user and that such activities often have a criminal purpose behind them.”

So how does a web manager / website owner start to tackle this problem.

Well i’d certainly recommend following the steps suggested in the Government Digital Services (GDS) “Implementer Guide to Privacy & Electronic Communications Regulations (PECRs) for public sector websites” [ pdf warning ] – it suggests starting with an audit…which is the best starting point in my opinion. One other thing i’d suggest doing is revisiting your existing privacy statement on your website.

There is an interesting and pragmatic stance being taken by the GDS as outlined in this post by Dafydd Vaughan. You can read a variety of views on the comments of this post  which all contribute to a confused space…the one thing you can be sure on, is that we all have to do something pretty quickly.

But i’d thought i’d expand slightly otherwise this would be a pretty pointless post 🙂

One of the most obvious places to start is in fact the organisation’s website who have provided the guidance on this legislation in the UK – the Information Commissioner’s Office (ICO).

They have provided a method which asks you consent to the use of cookies and provides a link to their privacy notice page. [ I consented to cookies if anyone is interested 🙂 ]

I’m ok with this approach in general, although it sort of feels like an advert at the top of the page with one of those “click here to sign-up” options, but it sort of works. Other methods are being used which you can read about here. I’m not sure which is best to be honest, i think after a while a consistent approach will emerge, but it is too soon to really work that out.

When reading the ICO’s recent guidance it actually refers to the approach the ICO is taking itself and states:

Can I copy the Information Commissioner’s solution?

The Information Commissioner’s website www.ico.gov.uk uses a banner that informs users about cookies and gives them the chance to consent. Whilst we have no objection to organisations seeing if this option would work for them any solution has to be appropriate to an organisation’s own needs. We will review the use of the banner in future and may consider other options ourselves.

On the ICO’s privacy notice page – I was intrigued as to what level of in formation they provided in here – I was surprised to see that the google analytics cookie referred to – not because I don’t like google analytics, in fact i personally really like google analytics and use it myself, it’s free and provides good data on visits, visitors, devices, platforms, browsers and a range of other useful features – the reason I was surprised is that many people have been suggesting that google analytics is a target, so i was actually pleasantly surprised.

You can of course use non cookie based analytics, but some people suggest these are actually worse in some cases. I’m not going to get into detail about that here, you can read about that by searching the web.

When clicking through to the google privacy page, which the ICO websites directly links to. It is worth sharing this important piece of information, which in reading a variety of articles and blog posts on this topic i hadn’t noticed anyone picking up on.

This is a quote from the google privacy page

Google’s Use of Analytics Data

Website owners who use Google Analytics have control over what data they allow Google to use. They can decide if they want Google to use this data or not by using the Google Analytics Data Sharing Options. When these options permit it, the data is used to improve Google products and services. Website owners can change these options at any time.

So I checked in my admin settings for one of the sites I have analytics on you can specify in your analytics admin settings not to share the data with anyone, not even google – it was set by default to “do not share”.

Data Sharing Settings - google analytics

So it would be important to know whether if you consent to cookies, how that information is being used…so in the case of the ICO website, it actually fails to tell me –  the user – whether or not the information they are collecting is shared with google or simply kept private and used only for service improvement purposes – i’m assuming (not always the right thing to do) that they keep it private.

The one bit of irony in all of this is that whatever someone does, they need a cookie to save the fact that someone has either said no, or they constantly present the same message to the same user over and over again. Depending on your approach, it could be a bit like refusing site pop ups over and over again….

What we can be certain of is the next few months are going to be really interesting. i’d welcome hearing from people as to how you are planning and approaching the legislation.

Does local government need a local government digital service?

NB: This post has also been posted on the Government Digital Service blog here. I am simply posting here to keep a record of my thinking on my blog.

The easy answer to the title question would be No…but I don’t like easy answers and I believe that No is fundamentally the wrong answer.

I’ve followed with great interest, admiration and actually envy the progress of gov.uk from within local government. I thought for some time, I want to do some of that here in Devon, it can’t be that difficult surely, we are a much smaller organisation than the whole of central government and therefore how hard could it be!

The web is an important channel, everyone knows this…blah blah blah and if done right, we’ll save money as people prefer to interact online. But for so many years most of local government has been accused of lacking innovation, creativity and useful online services. My situation in Devon is no different, we’ve done a variety of things which are relatively innovative, but web managers have lacked the credibility and influence to really take the web in a new direction…That is where the realisation of what has happened at GDS comes home – it is actually more profound than you realise until you actually try to do the same.

Sarah Lay from Derbyshire County Council blogged last friday about the #reallyusefulday that the GDS team put on alongside a bunch of local government people.

She sums up one of the biggest issues facing all web managers/digital champions and the like perfectly:

Your culture is not our culture – yet

The question baking my noodle throughout the day was ‘how is the GDS culture and direction going to get embedded in local government?’. The simple fact is that the Government Digital Service has been specifically created to do this (massive) task for central government and empowered to make it happen. They can’t force that on local government but they’re going to need to persuade them to follow suit if this is really going to work.

But at the moment Agile is alien, UX is theory more than practice and digital by default has yet to reach the provinces. Of course this is a generalisation. There is massive innovation in local government, bags of passion (also pockets of apathy and resistance to change).

My current thinking on the local government web domain is that over the past 10 years we have spent money (lots of it), redesigned and redesigned our sites, argued and debated what a consistent navigation structure should be and then all adopted a poor compromise but still useful structure and were measured against some national definition of our local areas, we’ve been guided by external forces on doing the wrong thing really well…often acting in blind faith that if we follow all this advice we will achieve the holy grail of the “perfect council website”…. A myth that for the last 10 years has failed to be realised…

There is nobody is to blame for this and we shouldn’t lay blame anywhere, instead we should take a long hard look at ourselves and decide how we wish to move forward…The GDS approach is a good model, it makes sense (for now anyway), it has shown us how things could work and how things could look if we follow a set of principles and processes – but that takes time and a level of commitment that simply doesn’t yet exist?

But the question Sarah raises still comes back – how do we get the same kind of culture embedded across over 400 individual organisations – because that is what local authorities are, individual organisations, accountable to their local people, not central government.

We are also fighting an online battle with external organisations who provide online services as well as though who we now commission to provide services to work toward the same “standards”.

So I ask again “Does local government need a local government digital service?”

YES of course it “needs” one.

It is how something like that could happen which is the more interesting question – the how is slightly more complicated and riddled with challenges and barriers.

But there is hope – GDS no doubt had many many barriers and challenges and most likely still does in key areas but yet manages to work through them, so i’m optimistic that collectively local government could do the same  – if it wanted to – yes we would “want” this to happen first.

But what would a LocalGDS actually look like, offer and provide that doesn’t already exist in many places?

I’ll provide a starting point on what i feel is needed – some may argue that this might exist in places, but the lack of co-ordination is impacting on the overall value to the sector.

Leadership and Vision
There is no strong visible leadership for the local government web estate and the value it creates for users. Many local government web folk provide leadership and certainly inspire me for what they are doing…but its sporadic and doesn’t have the level of influence require to affect a change on a wider scale.
There is a balance to be had between external people and “experts” and practitioner understanding that should be explored..It would be wrong in my opinion to create a completely separate organisation to provide this with no links into local government or central government.

Skills development (UI/UX/simplicity/agile)
There is clearly a huge skills gap in the local government web community that needs to be addressed…some councils may simply choose to “commission” the web from an external provider and rely on private sector skills.

Sarah’s post highlights the need for additional skills around UI/US and agile and without some body to push this forward – how is this going to become embedded?

Connecting
This is an obvious one and there are a range of options already in place here for example the recent UKGovCamp event in January.

Govcamp 2012

[ Photo by Paul Clarke http://www.flickr.com/photos/paul_clarke/6738091789/ ]

But there is no continuation of the conversation through online networks other than twitter and on individual blogs. To have a bigger impact, something around co-ordinating this would need to be explored.
Whilst there are some groups facilitated by external organisations such as the Socitm Web Improvement community, which is in the Knowledge Hub, it simply doesn’t go far enough…a collective responsibility of course to contribute into these spaces…but it isn’t a local government space it is a socitm managed community.

Standards / toolkits / frameworks
I’ve recently read a blog post by Benjamin Welby about local government simply using the code base and technology that underpins the gov.uk platform…in theory this sounds like a very sensible thing to do and for some councils this might be a realistic option…but for me the real issue is not whether we share the same technology but what standards we set for technologies in order to facilitate a better web experience.

Forcing a technology approach and platform onto local government simply won’t work…it is the best practice standards that we need to share and any kind of local government digital services would have to have a sense of “ownership” by the sector. It is a shame that so many people have gone from Local Government Improvement and Development (LGID) as this would have made a logical co-ordination place.

Again a more community based approach to this would be beneficial, but i’m sure that there would be a number of heated debates in IT departments across the country as to which technology language should be adopted as the standard.

Central government needs to work with localgov directly on IT industry standards…most localgov have legacy systems which will simply never provide a fantastic user experience…we have our hands tied as single small orgs and we are not effectively represented when it comes to big IT players.

The transactional design processes and principles from gov.uk need to be shared and minimum standards need to be created based on achieving a fantastic user experience.

Extend the GDS global experience language into and across local government – this should provide a flexible framework to allow for “localised” branding whilst being clear about how content and services are presented and designed.

It really shouldn’t matter whether one council chooses wordpress to power their website and another chooses a large CMS platform, if the online experience and online services were consistent but also supported a localised feel.

Setting the bar high
I think GDS has already delivered on this, but hasn’t been explicit or forthcoming in broadening its influence into local government and maybe rightly so…
But we do need to maintain a high standard, why should we accept anything less than a really good online experience…the balance is in doing this in an affordable and sustainable way in small local authorities.

Greater engagement and collaboration between Local and Central.
Direct engagement with local government practitioners needs to go beyond the localdirectgov database and into skills, sharing and learning. Raising the profile within local government circles as to the value added and the efficiencies achieved of gov.uk – this might be an easy step to take and in some ways this already happens but is informal and sporadic at best…no fault of anyone here…just the way it is right now.

There is also a lot of learning and experience from us local government folk which can and should be shared back into GDS. After all, there are many levels of government and we all have a stake in making it a better place. Whilst GDS do have a strong mandate and have clearly attracted a huge amount of talent, there is in my humble opinion a huge amount of talent in local government which could do with some support , direction and engagement.

Things we should avoid doing.

  • measuring / monitoring from a central place
  • force it
  • focus on technology
  • create and acknowledge artificial barriers

I know there are more things we should stop doing but i’ll not focus too much on that now…

I hope this post sparks and triggers some interesting discussion about how local government and the GDS might have proactive conversations in moving forward.

I’ve disabled comments on this post only, as i’d like to keep all of the discussion in one place – If you wish to comment on this post please do so over at the Government Digital Service Blog