Can Government CIOs Avoid Politics?

The short answer, as known by everyone who has been a government Chief Information Officer, is a resounding “NO”.

This question is becoming more urgent as a new federal government administration in Washington charts its own, unique, path of policies and directives.   But it is a question which is lurking in the shadows of the march of technology, and will emerge as a more painful question for CIOs soon.

Technology companies and executives have tried to stay apart from politics.  Taking sides on political questions is usually the recipe for customer disaffection and even a boycott.  #deleteuber has gone viral in the past few days as customers perceived Uber lacked opposition to President Trump’s executive order on immigration.   In response to that same order, many have called for a boycott of Starbucks after its CEO planned to hire 10,000 immigrants, responding to that same presidential order.  Most companies involved in technology are now taking sides on this political issue.  Google, for example, wryly protested the order by putting an image of Fred Korematsu on its search site.  Korematsu protested the internment (by Executive Order) of Japanese-American’s in World War II.

Since the emergence of the role of chief information officer in the 1990s, federal, state and large city CIOs have always been involved in politics.  They work for elected officials who are members of political parties, and are expected to have allegiance to those individuals and those parties.

On the other hand, CIOs of smaller cities and counties – usually those with a professional city or county manager – often have long tenures if they are professionally competent.   Steve Monaghan of Nevada County, California, has served in that role since 1999.  Phil Bertolini of Oakland County, Michigan, has served as CIO and Deputy County Administrator since 2005 and was information technology director prior to that.

Competent and politically savvy CIOs of larger cities and counties have survived changes in their executives too – witness Joe Marcella’s 18 years in Las Vegas.  Others have successfully moved between jobs in major jurisdictions such as Cathy Maras who started as CIO in Cook County and is now in Bexar County (San Antonio) or Steve Reneker who has moved from the City of Riverside to the City of Los Angeles and is now in Riverside County.  Adel Abeid, Jon Walton and Beth Niblock are other examples of successful CIOs moving between multiple large jurisdictions.

In the future, however, government CIOs are going to face daunting political and ethical questions, for examples:

• Facial Recognition. Your City (county, state) operates video cameras in public spaces.  These might include traffic cameras, security cameras or surveillance cameras in public spaces.  Your executive wants you to implement facial recognition, and build a database of individuals who attend protest marches, to find those who commit violence and crimes in order to arrest and prosecute them.   While this is a noble mission, such a database also will capture the identities of many others who are legitimately exercising their right to free speech.
• Social Media. Your police chief or executive asks you to find and implement software to scan social media use by existing and prospective employees.   The immediate need is to make sure they are not criminals, racists, or committing other illegal acts.   But that same database could be used to determine their political affiliation and views.    It is clearly unethical to use such information when making employment (or continuation of employment) decisions about employees protected by civil service.  But is it ethical to consider such information for political (“at will”) employees or in jurisdictions without civil service?  Could such information be used to go on a “witch hunt” for employees who do not share the chief executive’s view?
• Protected classes. Your executive is concerned about terrorism and potential hacking or damage to the City’s image by disgruntled employees.  You know that disgruntled employees are a primary cause of cyber theft and other insider threats.  Your executive asks you to use a social media monitoring tool and other technology to build a dossier on employees who potentially pose such threats, especially if they have family/friend links to known terrorist nations.
• New technology. Your executive demands you improve the efficiency and effectiveness of the City’s call center for city services.   You can implement a variety of new technologies such as chatbots, natural language processing (think “Alexa” or “Siri”) and even artificial intelligence such as IBM’s Watson.   Such technologies will eliminate dozens or hundreds of living wage jobs for people of color and those who are single parents or the sole breadwinner for their families.  While a typical response might be to offer re-training programs, the displaced workers in many cases will not have the basic education or abilities to learn the replacement high-tech jobs which will become available.

The convergence of the new “America First” policy in Washington, D. C., and the availability of a number of new technologies ranging from the Internet of Things to natural language processing to video analytics (facial and object recognition) to massive databases with associated “big data” analytics (and the threat of significant misinterpretation) will present many dilemmas for the government Chief Information Officer.

Even more frightening, artificial intelligence will vastly transform the face of society and the economy of the United States over the next 20 years, as documented in a 2016 federal government report here.  Millions from jobs ranging from call centers to lawyers to accountants to everyone who drives a vehicle are at risk of elimination or significant change.  All of this technology change will be infused with politics as elected officials scramble to create jobs, save jobs or fix blame for loss of jobs.

Government CIOs work for these elected officials.  CIOs have this technology tiger by the tail.  They should pray it does not eat them alive.

Every Citizen needs a Data Dossier

Schrier’s Data Dossier

Governments collect a lot of data on citizens.  Private companies like Google, Amazon and even Safeway collect even more.   In fact, a whole new thriving business of data brokers has emerged.  These are companies like Datalogix which indexes, mashes, cross-correlates, buys and sells our personal information.

On  May 27 the Federal Trade Commission released its report “Data Brokers:  a Call for Transparency and Accountability”.   The report demonstrated the pervasiveness of the data brokering business.  The brokers use billions of data points to build profiles – dossiers – on every American.   The data comes from both online and offline sources.   Online sources include searches you make using Google or Bing, as well as things you buy from Amazon and other e-retailers.  Offline sources include purchases you might make with loyalty cards from companies like the grocery chains.

The “billions of data points” include a wide variety of information such as age, religion, interest in gambling and much more.   Here is a list of 200 such fields.  From this data the brokers make inferences and classify people into affiliations such as “bible lifestyle” or “rural everlasting” (older people with low net worth).

Americans are rightly concerned with the amount of data collected on us by our governments.   Government data collection is widely reported in the press.  But private companies collect similar vast amounts of information.   That fact is not widely reported.  Examples:

• License Plate Recognition.   Cities and other police forces collect large quantities of license plate scans which include location and time-of-day information.  For example, Seattle Police deployed 12 police units and collected about 7 million license-plate records in one year, identifying 426 stolen cars and 3,768 parking scofflaws.  But most of those records capture normal citizens parking their cars in front of their houses.  However private companies such as Digital Recognition Company collect 70 million scans a month and have a database of 1.5 billion such scans.   Such data is used to repossess vehicles when the owner defaults on a loan.  At least police departments report to elected officials who can oversee and manage how the information is used.  But who oversees the private scanners?
• Facial images.  The National Security Agency (NSA) collects millions of images each day, including about 55,000 of high enough quality for facial recognition.   But Facebook alone has 1.23 billion active monthly users who post 300 million photos a day (2012 statistic).  Facebook users willingly “tag” the photos, adding the names to the faces.  This has created one of the largest facial databases in the world.   Such data could be used to automatically recognize people when they enter a restaurant or bar, or to display advertisements tailored to them in public or when walking down the street.
• Drones.  There is great weeping and gnashing of teeth over the potential use of unpiloted aerial vehicles by government agencies.   The Seattle Police Department was so roundly criticized about potential drone use that the Mayor ordered the program ended.  Seattle’s drones were given (“gifted”) to the City of Los Angeles igniting a debate there.  Obviously people are concerned about the video and other data such drones might collect.   In the meantime however, commercial use and uses of such technology are exploding, ranging from real estate to news media to farming and private photography.
• Sensors.  The Internet of Things is upon us.   Sensors are being added to almost every conceivable device.   Sensors on cars will be used to tax drivers for the number of miles they drive, partially replacing gas taxes.   Sensors on cars also are already being used to track drivers who break laws or otherwise have poor driving habits, and their insurance costs may increase.  Fitness sensors track our activity.   Refrigerators, furnaces, homes, even coffeemakers (“your coffee machine is watching you”) are getting sensors.

Who is collecting all this information?  What are they using it for?   What are we to do?

Perhaps we need to follow the example of the Fair Credit Reporting Act, which requires the credit reporting companies to provide reports to individual citizens, but also allows those citizens to challenge information found in the reports.

Perhaps we need a “Citizen Data Dossier” law and portal – a secure online site or vault where everyone could find the information collected by each data broker and each government agency about them.    In addition, individuals could challenge the information, ask for it to be replaced or removed and allow citizens to “opt out” of how their information is collected and used by the broker.

Biker-Hells-Angel-Type

Governments, of course, represent a somewhat different issue.   Clearly convicted sex predators should not be allowed to “opt out” of government collection of their conviction data or have it removed from government records.   But certainly those who have false conviction data or other data (e.g. incorrect notice of suspended driver’s license) should be allowed to correct that information.

One thing is for certain:   once such data is available, we will discover how much of our information is available, and what private companies infer about us using it (“this guy is a Biker/Hell’s Angels type“).   And I suspect we will be scared and upset.

– Are Government CIOs Irrelevant?

The Government CIO as viewed by the Business

“The Department of No”. “The Geeks in the Basement”. “Expensive Projects, Always Late”.Increasingly, many IT departments – and their CIOs – are becoming irrelevant to the business of government.

Peter Hinssen is a visiting lecturer at London Business School and a senior industry fellow at the University of California Irvine’s School of Business. He recently wrote a provocative article on this subject, focused on CIOs and IT departments in the commercial sector.

But, as I thought about it, many of the same criticisms apply to government CIOs and my own experience as a City CIO.

We can really trace IT department irrelevance back to smart phones. I remember when I was approached by Seattle’s Police Chief and Human Services Department director in about 2004 regarding BlackBerrys. As those City business leaders attended conferences, they saw their counterparts doing email on their cell phones. “Bill, why can’t we do the same?”

Luckily I was smart enough to investigate RIM and lucky enough that RIM (now branded BlackBerry) had a robust enterprise solution which catered to my IT department. We quickly put up a BlackBerry Enterprise Server (BES) and at last count more than 1000 BlackBerrys powered by Sprint and Verizon were in use by City of Seattle employees.

I wasn’t unique, of course – most CIOs and IT departments embraced BlackBerrys.

The problem of course, is that danged fruit company, Apple. They launched the iPhone about six years ago and the iPad a couple years later. Apple didn’t give a dang about Enterprises. It’s “their way or the BlackBerry way”. No management software for IT departments. Most IT departments resisted the iPhone and iPad trend citing security, public records act, and lack of manageability. But City and County employees quickly embraced them. Suddenly, the IT department was irrelevant.

I’ve blogged about this before, especially when Seattle elected a new Mayor, Mike McGinn, in 2009, and he and his staff brought iPhones to work and said “hook us up”.

But we see this trend in many other things.

You want a constituent relationship management system? Salesforce can be up in a day for a few thousand bucks (depending on number of users. Installing a CRM in the traditional manner, especially with RFP and customization, takes 18 months and hundreds of thousands of dollars.

You want to share files? You can install and customize sharepoint, which works pretty well, or go with any one of a number of document management systems. Again, 6 to 18 months, hundreds of thousands or millions of dollars. But Dropbox or Box.com can be up and working in minutes.

You need to spin up a few dozen servers and a couple terrabytes of storage quickly to support an election application or another urgent need? You can spend hundreds of thousands of dollars and months buying and installing equipment, then configuring and patching it, or you can go contract platform-as-a-service from Microsoft Azure or Amazon Web services or others.

You need office software like word processing, spreadsheet and an email client? You can spend five million dollars and three years justifying budget, planning, installing and training users (like we did at the City of Seattle), or you can go contract for Microsoft Office 365 in the cloud or Google Apps and have it up in weeks.   (In fairness to Seattle, we did our email/Office project before cloud alternatives were readily available.)

I talked to a CIO last week who thankfully stopped the deployment of over 10,000 desk telephones in her organization. Desk telephones a tiny little window for displaying information and without video conferencing, presence or most other features found on even low-end cell phones these days.

Traditional IT folks will point to a variety of problems with my examples, of course – the cloud-based systems have security issues and they are not robust (supporting thousands of users). And they are not configurable to the unique requirements of a city, county or state government – although I’m convinced most of the “unique requirements” are actually just job security for those employees rather than true “requirements”. That’s the subject for a future blog post.

Ok, I’ve made my point about infrastructure. It’s a commodity. It’s easily purchased on the outside.

This is one problem.

Here’s the greater one: while CIOs and IT departments spend their time on software and services like those above, there are a ton of unmet needs. And, frankly, line-of-business departments are now tech saavy enough (thanks again to smartphones, tablet computers, and downloadable apps or software as a service), that they can go contract to meet these needs directly, by-passing the IT department. Here are a few examples:

• Mapping. Yes, a city or county or state can install very robust configured software to produce beautiful maps using GIS analysts. But, frankly, most (not all) of a department’s needs can be met with Google Maps or Bing Maps or even Mapquest. (I could make a snide comment here about Apple maps, but I won’t). There are even specialized commercial mapping systems for some functions like crime mapping.
• Big Data and Business Analytics. Government business departments are hungering for this software for uses as wide as traffic management to predictive policing to analysis of water complaints and electricity usage to simple dashboards of what happened overnight in the City (sometimes called “common operating picture”). This software is of huge use in managing a government. Is the CIO and IT department providing it?
• Mobile devices and apps. When I was CIO in Seattle, the Transportation Director said he had been chastised by his business advisory board (trucking companies, retailers and others who depend upon freight mobility) because all his crews used paper for inspections and scheduling and construction work. Why didn’t I, as the CIO, capitalize on that comment and immediately get tablet computers and mobile clients for his traffic and asset management systems into the hands of those field workers? (For one thing the software companies who made those systems didn’t have mobile apps, but that’s a lame excuse.)

Is there a way out of this hell and dead-end of irrelevance for the Government CIO? I think there may be, with the trend we’re seeing for Chief Innovation Officers and Chief Digital Officers. I’ll blog about that in the near future.

In the meantime, I’m going back to configuring my server.

– Will we give up our Privacy to keep our Guns?

Although Congress cannot agree on a method to avoid the so-called “Fiscal Cliff” (at least as of this writing), last week both Republicans and Democrats agreed to extend FISA – the “warrantless wiretapping” law.  FISA – really the “FISA Amendments Act” – essentially allows the federal government to eavesdrop on email and other communications without a warrant.  The Senate even rejected amendments which would require some transparency in the process, such as revealing how many Americans are monitored in this fashion.   This same law also gives telecommunications carriers blanket immunity when they turn over records or allow wiretapping of citizens.

On a slightly different issue, the National Rifle Association is reiterating its adamant opposition to the banning of assault weapons or other restrictions on the purchase and ownership of guns, despite the death of 20 young children to gunfire in Newtown.    The NRA supports, however, a national registry of the mentally ill.   And, of course, the Gun Control Act of 1968 prohibits gun sales to individuals who have been committed to a mental institution or “adjudicated as a mental defective.”   Because individual states have a wide variety of laws (or lack of them) which implement this provision, it has few teeth, hence the NRA’s call for the registry.

Recent advances in technology promise unprecedented ability to further monitor and pry into the private lives of citizens.  The law is still murky about the GPS information in your cell phone, but some courts have ruled a warrant is not required for law enforcement to obtain it.   Congress also approved a new law in 2012 which allows commercial pilotless aerial vehicles (“drones”) to populate our skies.  And technology is being developed to allow your TV to monitor your viewing habits, perhaps even via a camera which watches YOU and is embedded in the TV.  This information could be reported back to advertisers and others for further targeting you as a consumer.  Given the FISA extension (which protects telecommunications carriers who turn over information to the government), such data might also be available to government authorities.
(More detail on drones, phones and TV monitoring here.)

Let’s add these new technologies to many which already exist – a proliferation of video surveillance cameras in both private and public hands for example, as well as a massive library of video and still images collected on sites such as Flikr, Facebook, Pinterest and YouTube.   Most such sites encourage “tagging” of individuals by name in the images.  Many private companies are developing facial recognition technology to allow these “tags” to proliferate to images across the Internet.  Governments are also building facial recognition technologies and applying them at least to mug shot databases of criminals or suspects.   License plate recognition (LPR) is now widely used by transportation and law enforcement.  Indeed, between LPR and facial recognition, there might very well be a time when anonymity is essentially dead – whenever you leave your house your whereabouts will be known, tracked and entered into either a public or private database.

Add to all this the explosion of “big data” and “data analytics” such as the Domain Awareness System (DAS) developed by Microsoft for the New York City police department.  DAS and similar technologies promise an unprecedented ability to analyze a vast variety of information about criminals – and citizens – to build a profile of each and every individual in the nation.

Now let’s circle back to the NRA.

At first thought, the idea of a national database of the mentally ill – who would then be prevented from at least purchasing and, perhaps, owning, weapons – seems an attractive thought.  Clearly anyone who would brutally kill 20 first-graders – or murder a dozen theater-goers in Aurora – is mentally ill.  Yet neither Adam Lanza or James Holmes were diagnosed prior to their acts.  In retrospect, almost all perpetrators of large-scale massacres show signs of mental illness, but are rarely diagnosed before the crime.     Some would argue that most cold-blooded murderers (as opposed to those who commit murder in a fit of passion or rage, or under the influence of a drug), are mentally ill.

How do we determine who is mentally ill, and therefore goes into the national database, and is then prevented from buying or owning guns?  Ultra conservative groups like the NRA, who would never support government officials registering weapons, are, apparently, more than willing to allow deep violations of privacy to determine if a person is mentally ill. Do we need to build that nationwide profile of every single person living in United States (or perhaps the world), looking for those tell-tale signs of a killer?  Do we need to put those cameras on every TV in every house?  Do we need to wiretap and analyze every telephone or Skype conversation?  And do we then use our business intelligence and big data analytics to create those profiles?

What’s amazing is not the potential for building such a database, but how far we’ve already allowed it in law, with FISA and the FISA Amendments Act and the Patriot Act and the use of our present technology.  Even more amazing, is the ability of the far right and the far left, the liberals and conservatives, Obama and Boehner, Republicans and Democrats, all to sign on and support it.

We go willingly into this deep, dark night.