In the wake of PA Consulting's sacking from its Home Office contract (as discussed in my previous blog), it is worth looking at the Government's role in this. The consultancy has demonstrated that the loss of a data stick was down to one person's error, not some wholesale failure of policy.
Can the Government say the same? The machinery of government is woefully ill-prepared for the digital age, even as the policy-makers champion it and massively extend its use.
As data-loss scandals escalate (with the use of pocket-sized mass-storage, perhaps), there seem to have been few sackings in their wake – either at ministerial, civil service, or even basic admin levels.
Indeed – the sackings of Joan Ryan and Siobhain McDonagh for disloyalty aside – it's hard to remember anyone in government who has lost their job via incompetence or scandal. One person famously lost two jobs, but that hasn't prevented him holding sway over matters of European business.
And where is the real-world security policy for storage media now they govern our private and business relationships with Government – even our identities?
It's hard to see how more technology, more databases, and more private data stored on cards can be a solution to security problems. After all, most security problems seem to be caused by them.
In a world where call centre workers spout nonsense about the Data Protection Act when refusing to say why they're calling you, there is an emerging national crisis in data protection, because of a lack of understanding about what it is, and how and why you should do it.
Much of that blame lies with the Government – and with a handful of companies who realise that the public doesn't understand it either.
So why PA Consulting, and why now? Why not any of the dozens of larger outsourcing providers here and overseas, who have been involved with more serious scandals?
Why not any of the ministers or officials presiding over the loss of, say, 25 million child benefit records, or those lost and stolen MoD laptops and data files, or that DVLA data, or those national security reports left on Surrey-bound commuter trains?
Could it be that this particular contract – worth just £1.5 million – makes it an easy target?
The Government has let all the bigger fish off the hook – not to mention itself – because the digitisation of Government would grind to a halt if real action were ever taken. Perhaps it should grind to a halt: rethink it from the ground up.
Finding replacement contractors would be a challenge too, of course, given that even Government contracts are subject to constant tinkering and change. Ask ETS, Accenture, Fujitsu...
On the employer side, former NHS IT bigwig Richard Granger hated privacy campaigners – but lambasted suppliers as well. Not a recipe for the successful delivery of egovernment.
Nevertheless, this Home Secretary may have made a rod for her own back by sacking PA Consulting from this, even as Whitehall has with other contract collapses: the Tory press now wants to know why PA retains its larger deals – and will soon ask questions about the other big fish.
With scant understanding of digital data protection across all echelons of government, and with a policy vacuum at the top, then suppliers can only do their best. And when ministers make easy kills to avoid falling on their swords, then... well, I suppose it's just an average day in Whitehall, 2008.
ID cards, anyone?